登录重构

4 years ago · b918fad14f
parent de921aceec
commit b918fad14f
203 changed files with 2512 additions and 5766 deletions
--- a/db/yami_shop.sql
+++ b/db/yami_shop.sql
@ -233,28 +233,6 @@ CREATE TABLE `qrtz_triggers` (
 /*Data for the table `qrtz_triggers` */
 /*Table structure for table `tz_app_connect` */
 DROP TABLE IF EXISTS `tz_app_connect`;
 CREATE TABLE `tz_app_connect` (
  `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'id',
  `user_id` varchar(36) NOT NULL COMMENT '本系统userId',
  `app_id` tinyint(2) DEFAULT NULL COMMENT '第三方系统id 1：微信小程序',
  `nick_name` varchar(64) DEFAULT NULL COMMENT '第三方系统昵称',
  `image_url` varchar(500) DEFAULT NULL COMMENT '第三方系统头像',
  `biz_user_id` varchar(255) DEFAULT NULL COMMENT '第三方系统userid',
  `biz_unionid` varchar(255) DEFAULT NULL COMMENT '第三方系统unionid',
  PRIMARY KEY (`id`),
  KEY `user_app_id` (`user_id`,`app_id`) COMMENT '用户id和appid联合索引'
 ) ENGINE=InnoDB AUTO_INCREMENT=50 DEFAULT CHARSET=utf8;
 /*Data for the table `tz_app_connect` */
 insert  into `tz_app_connect`(`id`,`user_id`,`app_id`,`nick_name`,`image_url`,`biz_user_id`,`biz_unionid`) values
 (48,'51540df5255e4d22903b0f83921095ff',1,NULL,NULL,'o-lgc5CUDIn2nkk8512hKumBnjMI','o92Yz1cLnHuo70epfneTG8SaRY0c'),
 (49,'5f159317be5b4dc4bf3188f1a3da0369',1,NULL,NULL,'o-lgc5IHLX-RuR1aw5qwP9bpGDuQ','o92Yz1bmhLV8CKMwQkuPk5C8lFfg');
 /*Table structure for table `tz_area` */
 DROP TABLE IF EXISTS `tz_area`;
--- a/mall4v/src/components/mul-pic-upload/index.vue
+++ b/mall4v/src/components/mul-pic-upload/index.vue
@ -79,5 +79,3 @@
  }
 </script>
 <style lang="scss">
 </style>
--- a/pom.xml
+++ b/pom.xml
@ -16,7 +16,6 @@
        <module>yami-shop-service</module>
        <module>yami-shop-security</module>
        <module>yami-shop-quartz</module>
        <module>yami-shop-mp</module>
    </modules>
    <properties>
@ -24,25 +23,24 @@
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
        <maven.compiler.plugin.version>3.7.0</maven.compiler.plugin.version>
-        <spring-boot.version>2.3.6.RELEASE</spring-boot.version>
+        <spring-boot.version>2.3.12.RELEASE</spring-boot.version>
        <security.oauth.auto.version>2.3.4.RELEASE</security.oauth.auto.version>
        <java.version>1.8</java.version>
        <guava.version>28.2-jre</guava.version>
-        <hutool.version>4.5.0</hutool.version>
+        <hutool.version>5.7.15</hutool.version>
        <jsoup.version>1.11.3</jsoup.version>
        <poi.version>3.17</poi.version>
        <qiniu.version>7.2.18</qiniu.version>
        <weixin.version>3.5.0</weixin.version>
        <orika.version>1.5.4</orika.version>
        <swagger2.version>2.9.2</swagger2.version>
-        <swagger-bootstrap.version>1.9.3</swagger-bootstrap.version>
+        <swagger-bootstrap.version>1.9.6</swagger-bootstrap.version>
        <emoji.version>4.0.0</emoji.version>
        <aliyun-core.version>4.3.9</aliyun-core.version>
        <aliyun-dysmsapi.version>1.1.0</aliyun-dysmsapi.version>
        <mybatis-plus.version>3.1.0</mybatis-plus.version>
-        <redisson.version>3.10.6</redisson.version>
+        <redisson.version>3.12.5</redisson.version>
-        <fst.version>2.57</fst.version>
+        <kryo.version>4.0.2</kryo.version>
-
+        <transmittable-thread-local.version>2.12.1</transmittable-thread-local.version>
        <log4j.version>2.17.1</log4j.version>
    </properties>
@ -55,11 +53,6 @@
                <type>pom</type>
                <scope>import</scope>
            </dependency>
            <dependency>
                <groupId>org.springframework.security.oauth.boot</groupId>
                <artifactId>spring-security-oauth2-autoconfigure</artifactId>
                <version>${security.oauth.auto.version}</version>
            </dependency>
            <dependency>
                <groupId>com.github.binarywang</groupId>
                <artifactId>weixin-java-pay</artifactId>
@ -138,9 +131,9 @@
            </dependency>
            <!-- 用于序列化和反序列化-->
            <dependency>
-                <groupId>de.ruedigermoeller</groupId>
+                <groupId>com.esotericsoftware</groupId>
-                <artifactId>fst</artifactId>
+                <artifactId>kryo</artifactId>
-                <version>${fst.version}</version>
+                <version>${kryo.version}</version>
            </dependency>
            <dependency>
                <groupId>org.apache.logging.log4j</groupId>
@ -157,6 +150,11 @@
                <artifactId>log4j-api</artifactId>
                <version>${log4j.version}</version>
            </dependency>
            <dependency>
                <groupId>com.alibaba</groupId>
                <artifactId>transmittable-thread-local</artifactId>
                <version>${transmittable-thread-local.version}</version>
            </dependency>
        </dependencies>
    </dependencyManagement>
--- a/yami-shop-admin/pom.xml
+++ b/yami-shop-admin/pom.xml
@ -7,7 +7,6 @@
        <groupId>com.yami.shop</groupId>
        <artifactId>yami-shop</artifactId>
        <version>0.0.1-SNAPSHOT</version>
        <relativePath>../pom.xml</relativePath>
    </parent>
@ -29,7 +28,7 @@
       </dependency>
        <dependency>
            <groupId>com.yami.shop</groupId>
-            <artifactId>yami-shop-security</artifactId>
+            <artifactId>yami-shop-security-admin</artifactId>
            <version>${yami.shop.version}</version>
        </dependency>
        <dependency>
@ -37,11 +36,6 @@
            <artifactId>yami-shop-quartz</artifactId>
            <version>${yami.shop.version}</version>
        </dependency>
        <dependency>
            <groupId>com.yami.shop</groupId>
            <artifactId>yami-shop-mp</artifactId>
            <version>${yami.shop.version}</version>
        </dependency>
    </dependencies>
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/AdminLoginController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/AdminLoginController.java
@ -0,0 +1,129 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.admin.controller;
 import cn.hutool.core.util.StrUtil;
 import com.anji.captcha.model.common.ResponseModel;
 import com.anji.captcha.model.vo.CaptchaVO;
 import com.anji.captcha.service.CaptchaService;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.security.admin.dto.CaptchaAuthenticationDTO;
 import com.yami.shop.security.common.bo.UserInfoInTokenBO;
 import com.yami.shop.security.common.enums.SysTypeEnum;
 import com.yami.shop.security.common.manager.PasswordCheckManager;
 import com.yami.shop.security.common.manager.PasswordManager;
 import com.yami.shop.security.common.manager.TokenStore;
 import com.yami.shop.security.common.vo.TokenInfoVO;
 import com.yami.shop.sys.constant.Constant;
 import com.yami.shop.sys.model.SysMenu;
 import com.yami.shop.sys.model.SysUser;
 import com.yami.shop.sys.service.SysMenuService;
 import com.yami.shop.sys.service.SysUserService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 import javax.validation.Valid;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Objects;
 import java.util.Set;
 import java.util.stream.Collectors;
 /**
 * @author FrozenWatermelon
 * @date 2020/6/30
 */
@RestController
@Api(tags = "登录")
 public class AdminLoginController {
    @Autowired
    private TokenStore tokenStore;
    @Autowired
    private SysUserService sysUserService;
    @Autowired
    private SysMenuService sysMenuService;
    @Autowired
    private PasswordCheckManager passwordCheckManager;
    @Autowired
    private CaptchaService captchaService;
    @Autowired
    private PasswordManager passwordManager;
    @PostMapping("/adminLogin")
    @ApiOperation(value = "账号密码 + 验证码登录(用于后台登录)", notes = "通过账号/手机号/用户名密码登录")
    public ResponseEntity<?> login(
            @Valid @RequestBody CaptchaAuthenticationDTO captchaAuthenticationDTO) {
        // 登陆后台登录需要再校验一遍验证码
        CaptchaVO captchaVO = new CaptchaVO();
        captchaVO.setCaptchaVerification(captchaAuthenticationDTO.getCaptchaVerification());
        ResponseModel response = captchaService.verification(captchaVO);
        if (!response.isSuccess()) {
            return ResponseEntity.badRequest().body("验证码有误或已过期");
        }
        SysUser sysUser = sysUserService.getByUserName(captchaAuthenticationDTO.getUserName());
        if (sysUser == null) {
            throw new YamiShopBindException("账号或密码不正确");
        }
        // 半小时内密码输入错误十次，已限制登录30分钟
        String decryptPassword = passwordManager.decryptPassword(captchaAuthenticationDTO.getPassWord());
        passwordCheckManager.checkPassword(SysTypeEnum.ADMIN,captchaAuthenticationDTO.getUserName(), decryptPassword, sysUser.getPassword());
        // 不是店铺超级管理员，并且是禁用状态，无法登录
        if (Objects.equals(sysUser.getStatus(),0)) {
            // 未找到此用户信息
            throw new YamiShopBindException("未找到此用户信息");
        }
        UserInfoInTokenBO userInfoInToken = new UserInfoInTokenBO();
        userInfoInToken.setUserId(String.valueOf(sysUser.getUserId()));
        userInfoInToken.setSysType(SysTypeEnum.ADMIN.value());
        userInfoInToken.setEnabled(sysUser.getStatus() == 1);
        userInfoInToken.setPerms(getUserPermissions(sysUser.getUserId()));
        userInfoInToken.setNickName(sysUser.getUsername());
        userInfoInToken.setShopId(sysUser.getShopId());
        // 存储token返回vo
        TokenInfoVO tokenInfoVO = tokenStore.storeAndGetVo(userInfoInToken);
        return ResponseEntity.ok(tokenInfoVO);
    }
    private Set<String> getUserPermissions(Long userId) {
        List<String> permsList;
        //系统管理员，拥有最高权限
        if(userId == Constant.SUPER_ADMIN_ID){
            List<SysMenu> menuList = sysMenuService.list(Wrappers.emptyWrapper());
            permsList = menuList.stream().map(SysMenu::getPerms).collect(Collectors.toList());
        }else{
            permsList = sysUserService.queryAllPerms(userId);
        }
        return permsList.stream().flatMap((perms)->{
                    if (StrUtil.isBlank(perms)) {
                        return null;
                    }
                    return Arrays.stream(perms.trim().split(StrUtil.COMMA));
                }
        ).collect(Collectors.toSet());
    }
 }
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/AttributeController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/AttributeController.java
@ -10,31 +10,20 @@
 package com.yami.shop.admin.controller;
-import java.util.Objects;
+import com.baomidou.mybatisplus.core.metadata.IPage;
-
+import com.yami.shop.bean.enums.ProdPropRule;
-import javax.validation.Valid;
+import com.yami.shop.bean.model.ProdProp;
-
+import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.common.util.PageParam;
-import com.yami.shop.common.enums.YamiHttpStatus;
+import com.yami.shop.security.admin.util.SecurityUtils;
-
+import com.yami.shop.service.ProdPropService;
 import com.yami.shop.security.util.SecurityUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.*;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-import com.yami.shop.bean.enums.ProdPropRule;
+import javax.validation.Valid;
-import com.yami.shop.bean.model.ProdProp;
+import java.util.Objects;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.service.ProdPropService;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 /**
 * 参数管理
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/CategoryController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/CategoryController.java
@ -10,34 +10,20 @@
 package com.yami.shop.admin.controller;
 import java.util.Date;
 import java.util.List;
 import java.util.Objects;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.yami.shop.bean.model.Category;
 import com.yami.shop.common.annotation.SysLog;
 import com.yami.shop.common.exception.YamiShopBindException;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.security.admin.util.SecurityUtils;
 import com.yami.shop.service.CategoryService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.*;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-
+import java.util.Date;
-import com.yami.shop.bean.model.Category;
+import java.util.List;
-import com.yami.shop.common.annotation.SysLog;
+import java.util.Objects;
 import com.yami.shop.service.BrandService;
 import com.yami.shop.service.CategoryService;
 import com.yami.shop.service.ProdPropService;
 import cn.hutool.core.collection.CollectionUtil;
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/HotSearchController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/HotSearchController.java
@ -10,34 +10,21 @@
 package com.yami.shop.admin.controller;
 import javax.validation.Valid;
 import java.util.Date;
 import java.util.List;
 import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
-import com.yami.shop.security.util.SecurityUtils;
+import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.yami.shop.bean.model.HotSearch;
 import com.yami.shop.common.util.PageParam;
 import com.yami.shop.security.admin.util.SecurityUtils;
 import com.yami.shop.service.HotSearchService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.*;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 import com.yami.shop.common.util.PageParam;
 import com.baomidou.mybatisplus.core.metadata.IPage;
-import com.yami.shop.service.HotSearchService;
+import javax.validation.Valid;
-import com.yami.shop.bean.model.HotSearch;
+import java.util.Date;
 import java.util.List;
 /**
 *
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/IndexImgController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/IndexImgController.java
@ -15,7 +15,7 @@ import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.yami.shop.bean.model.IndexImg;
 import com.yami.shop.bean.model.Product;
 import com.yami.shop.common.util.PageParam;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.security.admin.util.SecurityUtils;
 import com.yami.shop.service.IndexImgService;
 import com.yami.shop.service.ProductService;
 import org.springframework.beans.factory.annotation.Autowired;
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/NoticeController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/NoticeController.java
@ -12,10 +12,10 @@ package com.yami.shop.admin.controller;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.yami.shop.common.util.PageParam;
 import com.yami.shop.bean.model.Notice;
 import com.yami.shop.common.annotation.SysLog;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.common.util.PageParam;
 import com.yami.shop.security.admin.util.SecurityUtils;
 import com.yami.shop.service.NoticeService;
 import lombok.AllArgsConstructor;
 import org.springframework.http.ResponseEntity;
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/OrderController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/OrderController.java
@ -10,49 +10,42 @@
 package com.yami.shop.admin.controller;
-import java.io.IOException;
+import cn.hutool.core.io.IORuntimeException;
-import java.util.Arrays;
+import cn.hutool.core.io.IoUtil;
-import java.util.Date;
+import cn.hutool.poi.excel.ExcelUtil;
-import java.util.List;
+import cn.hutool.poi.excel.ExcelWriter;
-
+import com.baomidou.mybatisplus.core.metadata.IPage;
-import javax.servlet.ServletOutputStream;
+import com.google.common.base.Objects;
-import javax.servlet.http.HttpServletResponse;
+import com.yami.shop.bean.enums.OrderStatus;
-
+import com.yami.shop.bean.model.Order;
 import com.yami.shop.bean.model.OrderItem;
 import com.yami.shop.bean.model.UserAddrOrder;
 import com.yami.shop.bean.param.DeliveryOrderParam;
 import com.yami.shop.bean.param.OrderParam;
 import com.yami.shop.common.exception.YamiShopBindException;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.common.util.PageParam;
 import com.yami.shop.security.admin.util.SecurityUtils;
 import com.yami.shop.service.*;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.poi.ss.usermodel.Sheet;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.format.annotation.DateTimeFormat;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.*;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
-
+import javax.servlet.ServletOutputStream;
-import com.yami.shop.common.util.PageParam;
+import javax.servlet.http.HttpServletResponse;
-import com.baomidou.mybatisplus.core.metadata.IPage;
+import java.io.IOException;
-import com.google.common.base.Objects;
+import java.util.Arrays;
-import com.yami.shop.bean.enums.OrderStatus;
+import java.util.Date;
-import com.yami.shop.bean.model.Order;
+import java.util.List;
 import com.yami.shop.bean.model.OrderItem;
 import com.yami.shop.bean.model.UserAddrOrder;
 import com.yami.shop.bean.param.DeliveryOrderParam;
 import cn.hutool.core.io.IORuntimeException;
 import cn.hutool.poi.excel.ExcelUtil;
 import cn.hutool.poi.excel.ExcelWriter;
 /**
 * @author lgh on 2018/09/15.
 */
@Slf4j
@Controller
@RequestMapping("/order/order")
 public class OrderController {
@ -282,16 +275,9 @@ public class OrderController {
            writer.flush(servletOutputStream);
            servletOutputStream.flush();
        } catch (IORuntimeException | IOException e) {
-            e.printStackTrace();
+            log.error("写出Excel错误：", e);
        } finally {
-            writer.close();
+            IoUtil.close(writer);
            try {
                if (servletOutputStream != null) {
                    servletOutputStream.close();
                }
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
    }
 }
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/PickAddrController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/PickAddrController.java
@ -10,36 +10,23 @@
 package com.yami.shop.admin.controller;
-import java.util.Arrays;
+import cn.hutool.core.util.StrUtil;
 import java.util.List;
 import java.util.Objects;
 import javax.validation.Valid;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.yami.shop.bean.model.PickAddr;
 import com.yami.shop.common.enums.YamiHttpStatus;
 import com.yami.shop.common.exception.YamiShopBindException;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.common.util.PageParam;
 import com.yami.shop.security.admin.util.SecurityUtils;
 import com.yami.shop.service.PickAddrService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.*;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-
+import javax.validation.Valid;
-import com.yami.shop.common.util.PageParam;
+import java.util.Arrays;
-import com.baomidou.mybatisplus.core.metadata.IPage;
+import java.util.Objects;
 import com.yami.shop.bean.model.PickAddr;
 import com.yami.shop.service.PickAddrService;
 import cn.hutool.core.util.StrUtil;
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/ProdTagController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/ProdTagController.java
@ -14,11 +14,11 @@ package com.yami.shop.admin.controller;
 import cn.hutool.core.collection.CollectionUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.yami.shop.common.util.PageParam;
 import com.yami.shop.bean.model.ProdTag;
 import com.yami.shop.common.annotation.SysLog;
 import com.yami.shop.common.exception.YamiShopBindException;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.common.util.PageParam;
 import com.yami.shop.security.admin.util.SecurityUtils;
 import com.yami.shop.service.ProdTagService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/ProductController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/ProductController.java
@ -14,14 +14,13 @@ import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.yami.shop.common.util.PageParam;
 import com.yami.shop.bean.model.Product;
 import com.yami.shop.bean.model.Sku;
 import com.yami.shop.bean.param.ProductParam;
 import com.yami.shop.common.enums.YamiHttpStatus;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.common.util.Json;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.common.util.PageParam;
 import com.yami.shop.security.admin.util.SecurityUtils;
 import com.yami.shop.service.BasketService;
 import com.yami.shop.service.ProdTagReferenceService;
 import com.yami.shop.service.ProductService;
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/ShopDetailController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/ShopDetailController.java
@ -10,31 +10,25 @@
 package com.yami.shop.admin.controller;
-import java.util.Date;
+import cn.hutool.core.util.StrUtil;
 import java.util.List;
 import java.util.stream.Collectors;
 import javax.validation.Valid;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
-import com.yami.shop.security.util.SecurityUtils;
+import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.yami.shop.bean.model.ShopDetail;
 import com.yami.shop.bean.param.ShopDetailParam;
 import com.yami.shop.common.util.PageParam;
 import com.yami.shop.security.admin.util.SecurityUtils;
 import com.yami.shop.service.ShopDetailService;
 import ma.glasnost.orika.MapperFacade;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
-
+import javax.validation.Valid;
-import com.yami.shop.common.util.PageParam;
+import java.util.Date;
-import com.baomidou.mybatisplus.core.metadata.IPage;
+import java.util.List;
-
+import java.util.stream.Collectors;
 import com.yami.shop.bean.model.ShopDetail;
 import com.yami.shop.bean.param.ShopDetailParam;
 import com.yami.shop.service.ShopDetailService;
 import cn.hutool.core.util.StrUtil;
 import ma.glasnost.orika.MapperFacade;
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/SpecController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/SpecController.java
@ -10,36 +10,24 @@
 package com.yami.shop.admin.controller;
 import java.util.List;
 import java.util.Objects;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.yami.shop.common.enums.YamiHttpStatus;
 import com.yami.shop.security.util.SecurityUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.yami.shop.common.util.PageParam;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.yami.shop.bean.enums.ProdPropRule;
 import com.yami.shop.bean.model.ProdProp;
 import com.yami.shop.bean.model.ProdPropValue;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.common.util.PageParam;
 import com.yami.shop.security.admin.util.SecurityUtils;
 import com.yami.shop.service.ProdPropService;
 import com.yami.shop.service.ProdPropValueService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 import javax.validation.Valid;
 import java.util.List;
 import java.util.Objects;
 /**
 * 规格管理
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/TransportController.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/controller/TransportController.java
@ -10,31 +10,20 @@
 package com.yami.shop.admin.controller;
 import java.util.Date;
 import java.util.List;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
-import com.yami.shop.security.util.SecurityUtils;
+import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.yami.shop.bean.model.Transport;
 import com.yami.shop.common.util.PageParam;
 import com.yami.shop.security.admin.util.SecurityUtils;
 import com.yami.shop.service.TransportService;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.*;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-
+import java.util.Date;
-import com.yami.shop.common.util.PageParam;
+import java.util.List;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.yami.shop.bean.model.Transport;
 import com.yami.shop.service.TransportService;
 /**
 * @author lgh on 2018/11/16.
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/security/AdminAuthenticationToken.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/security/AdminAuthenticationToken.java
@ -1,36 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.admin.security;
 import com.yami.shop.security.token.MyAuthenticationToken;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
 import lombok.Setter;
 import org.springframework.security.core.userdetails.UserDetails;
 /**
 * 系统用户账号密码登陆
 */
@Getter
@Setter
@NoArgsConstructor
 public class AdminAuthenticationToken extends MyAuthenticationToken {
    private String sessionUUID;
    private String imageCode;
    public AdminAuthenticationToken(UserDetails principal, Object credentials) {
        super(principal, credentials, principal.getAuthorities());
    }
 }
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/security/AdminTokenEnhancer.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/security/AdminTokenEnhancer.java
@ -1,31 +0,0 @@
 package com.yami.shop.admin.security;
 import com.yami.shop.security.service.YamiSysUser;
 import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.token.TokenEnhancer;
 import org.springframework.stereotype.Component;
 import java.util.HashMap;
 import java.util.Map;
 /**
 * token增强
 * @author LGH
 */
@Component
 public class AdminTokenEnhancer implements TokenEnhancer {
    @Override
    public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
        final Map<String, Object> additionalInfo = new HashMap<>(8);
        YamiSysUser yamiSysUser = (YamiSysUser) authentication.getUserAuthentication().getPrincipal();
        additionalInfo.put("shopId", yamiSysUser.getShopId());
        additionalInfo.put("userId", yamiSysUser.getUserId());
        additionalInfo.put("authorities", yamiSysUser.getAuthorities());
        ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);
        return accessToken;
    }
 }
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/security/LoginAuthenticationFilter.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/security/LoginAuthenticationFilter.java
@ -1,154 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.admin.security;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.extra.servlet.ServletUtil;
 import com.yami.shop.common.util.Json;
 import com.yami.shop.common.util.RedisUtil;
 import com.yami.shop.security.constants.SecurityConstants;
 import com.yami.shop.security.exception.BadCredentialsExceptionBase;
 import com.yami.shop.security.exception.ImageCodeNotMatchExceptionBase;
 import com.yami.shop.security.exception.UsernameNotFoundExceptionBase;
 import com.yami.shop.security.provider.AuthenticationTokenParser;
 import com.yami.shop.security.service.YamiUserDetailsService;
 import lombok.AllArgsConstructor;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.stereotype.Component;
 import javax.servlet.ServletInputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 /**
 * 管理员登陆：
 *       post: http://127.0.0.1:8085/login
 *       {principal:username,credentials:password}
 */
@Component
 public class LoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    private YamiUserDetailsService yamiUserDetailsService;
    private PasswordEncoder passwordEncoder;
    @Autowired
    public LoginAuthenticationFilter(YamiUserDetailsService yamiUserDetailsService, PasswordEncoder passwordEncoder) {
        super("/login");
        this.yamiUserDetailsService = yamiUserDetailsService;
        this.passwordEncoder = passwordEncoder;
    }
    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
        if (!ServletUtil.METHOD_POST.equals(request.getMethod())) {
            throw new AuthenticationServiceException(
                    "Authentication method not supported: " + request.getMethod());
        }
        String requestBody = getStringFromStream(request);
        if (StrUtil.isBlank(requestBody)) {
            throw new AuthenticationServiceException("无法获取输入信息");
        }
        AdminAuthenticationToken adminAuthenticationToken  =  Json.parseObject(requestBody, AdminAuthenticationToken.class);
        String username = adminAuthenticationToken.getPrincipal() == null?"NONE_PROVIDED":adminAuthenticationToken.getName();
        String kaptchaKey = SecurityConstants.SPRING_SECURITY_RESTFUL_IMAGE_CODE + adminAuthenticationToken.getSessionUUID();
        String kaptcha = RedisUtil.get(kaptchaKey);
        RedisUtil.del(kaptchaKey);
        if(StrUtil.isBlank(adminAuthenticationToken.getImageCode()) || !adminAuthenticationToken.getImageCode().equalsIgnoreCase(kaptcha)){
            throw new ImageCodeNotMatchExceptionBase("验证码有误");
        }
        UserDetails user;
        try {
            user = yamiUserDetailsService.loadUserByUsername(username);
        } catch (UsernameNotFoundExceptionBase var6) {
            throw new UsernameNotFoundExceptionBase("账号或密码不正确");
        }
        String encodedPassword = user.getPassword();
        String rawPassword = adminAuthenticationToken.getCredentials().toString();
        // 密码不正确
        if (!passwordEncoder.matches(rawPassword,encodedPassword)){
            throw new BadCredentialsExceptionBase("账号或密码不正确");
        }
        if (!user.isEnabled()) {
            throw new UsernameNotFoundExceptionBase("账号已被锁定,请联系管理员");
        }
        AdminAuthenticationToken result = new AdminAuthenticationToken(user, adminAuthenticationToken.getCredentials());
        result.setDetails(adminAuthenticationToken.getDetails());
        return result;
    }
    private String getStringFromStream(HttpServletRequest req) {
        ServletInputStream is;
        try {
            is = req.getInputStream();
            int nRead = 1;
            int nTotalRead = 0;
            byte[] bytes = new byte[10240];
            while (nRead > 0) {
                nRead = is.read(bytes, nTotalRead, bytes.length - nTotalRead);
                if (nRead > 0) {
                    nTotalRead = nTotalRead + nRead;
                }
            }
            return new String(bytes, 0, nTotalRead, StandardCharsets.UTF_8);
        } catch (IOException e) {
            e.printStackTrace();
            return "";
        }
    }
    @Override
    @Autowired
    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        super.setAuthenticationManager(authenticationManager);
    }
    @Override
    @Autowired
    public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler successHandler) {
        super.setAuthenticationSuccessHandler(successHandler);
    }
    @Override
    @Autowired
    public void setAuthenticationFailureHandler(AuthenticationFailureHandler failureHandler) {
        super.setAuthenticationFailureHandler(failureHandler);
    }
 }
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/security/ResourceServerConfiguration.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/security/ResourceServerConfiguration.java
@ -1,57 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.admin.security;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.web.cors.CorsUtils;
@Configuration
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true)
 public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
    @Autowired
    private LoginAuthenticationFilter loginAuthenticationFilter;
    @Override
    public void configure(HttpSecurity http) throws Exception {
        // @formatter:off
        http
                .addFilterBefore(loginAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
                .csrf().disable().cors()
                .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
                .and().authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
                .and().requestMatchers().anyRequest()
                .and().anonymous()
                .and().authorizeRequests()
                .antMatchers(
                        "/webjars/**",
                        "/swagger/**",
                        "/v2/api-docs",
                        "/doc.html",
                        "/swagger-ui.html",
                        "/swagger-resources/**",
                        "/captcha.jpg").permitAll()
                .and()
                .authorizeRequests()
                .antMatchers("/**").authenticated();//配置所有访问控制，必须认证过后才可以访问
        // @formatter:on
    }
 }
--- a/yami-shop-admin/src/main/java/com/yami/shop/admin/security/YamiSysUserDetailsServiceImpl.java
+++ b/yami-shop-admin/src/main/java/com/yami/shop/admin/security/YamiSysUserDetailsServiceImpl.java
@ -1,136 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.admin.security;
 import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.yami.shop.bean.model.User;
 import com.yami.shop.common.util.CacheManagerUtil;
 import com.yami.shop.sys.constant.Constant;
 import com.yami.shop.security.enums.App;
 import com.yami.shop.security.exception.UsernameNotFoundExceptionBase;
 import com.yami.shop.security.model.AppConnect;
 import com.yami.shop.security.service.YamiSysUser;
 import com.yami.shop.security.service.YamiUser;
 import com.yami.shop.security.service.YamiUserDetailsService;
 import com.yami.shop.sys.dao.SysMenuMapper;
 import com.yami.shop.sys.dao.SysUserMapper;
 import com.yami.shop.sys.model.SysMenu;
 import com.yami.shop.sys.model.SysUser;
 import lombok.AllArgsConstructor;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.stereotype.Service;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.List;
 import java.util.Set;
 import java.util.stream.Collectors;
 /**
 * 用户详细信息
 *
 * @author
 */
@Slf4j
@Service
@AllArgsConstructor
 public class YamiSysUserDetailsServiceImpl implements YamiUserDetailsService {
 	private final SysMenuMapper sysMenuMapper;
 	private final SysUserMapper sysUserMapper;
 	private final CacheManagerUtil cacheManagerUtil;
 	/**
 	 * 用户密码登录
 	 *
 	 * @param username 用户名
 	 * @return
 	 * @throws UsernameNotFoundExceptionBase
 	 */
 	@Override
 	@SneakyThrows
 	public YamiSysUser loadUserByUsername(String username) {
 		return getUserDetails(username);
 	}
 	/**
 	 * 构建userdetails
 	 *
 	 * @param username 用户名称
 	 * @return
 	 */
 	private YamiSysUser getUserDetails(String username) {
 		SysUser sysUser = sysUserMapper.selectByUsername(username);
 		if (sysUser == null) {
 			throw new UsernameNotFoundExceptionBase("用户不存在");
 		}
 		Collection<? extends GrantedAuthority> authorities
 				= AuthorityUtils.createAuthorityList(getUserPermissions(sysUser.getUserId()).toArray(new String[0]));
 		// 构造security用户
 		return new YamiSysUser(sysUser.getUserId(), sysUser.getShopId(), sysUser.getUsername(), sysUser.getPassword(), sysUser.getStatus() == 1,
 				true, true, true , authorities);
 	}
 	private Set<String> getUserPermissions(Long userId) {
 		List<String> permsList;
 		//系统管理员，拥有最高权限
 		if(userId == Constant.SUPER_ADMIN_ID){
 			List<SysMenu> menuList = sysMenuMapper.selectList(Wrappers.emptyWrapper());
 			permsList = menuList.stream().map(SysMenu::getPerms).collect(Collectors.toList());
 		}else{
 			permsList = sysUserMapper.queryAllPerms(userId);
 		}
 		Set<String> permsSet = permsList.stream().flatMap((perms)->{
 					if (StrUtil.isBlank(perms)) {
 						return null;
 					}
 					return Arrays.stream(perms.trim().split(","));
 				}
 		).collect(Collectors.toSet());
 		return permsSet;
 	}
 	@Override
 	public YamiUser loadUserByAppIdAndBizUserId(App app, String bizUserId) {
 		return null;
 	}
 	@Override
 	public void insertUserIfNecessary(AppConnect appConnect) {
 	}
 	@Override
 	public YamiUser loadUserByUserMail(String userMail, String loginPassword) {
 		return null;
 	}
 	@Override
 	public User loadUserByMobileOrUserName(String mobileOrUserName, Integer loginType) {
 		return null;
 	}
    @Override
    public YamiUser getYamiUser(Integer appId, User user, String bizUserId) {
        return null;
    }
 }
--- a/yami-shop-admin/src/main/resources/application-dev.yml
+++ b/yami-shop-admin/src/main/resources/application-dev.yml
@ -19,6 +19,6 @@ spring:
      cache-null-values: true
  redis:
    redisson:
-      config: classpath:redisson.yml
+      config: classpath:redisson/redisson.yml
 logging:
-  config: classpath:logback-dev.xml
+  config: classpath:logback/logback-dev.xml
--- a/yami-shop-admin/src/main/resources/application-docker.yml
+++ b/yami-shop-admin/src/main/resources/application-docker.yml
@ -15,6 +15,6 @@ spring:
      connection-test-query: SELECT 1
  redis:
    redisson:
-      config: classpath:redisson-docker.yml
+      config: classpath:redisson/redisson-docker.yml
 logging:
-  config: classpath:logback-prod.xml
+  config: classpath:logback/logback-prod.xml
--- a/yami-shop-admin/src/main/resources/application-prod.yml
+++ b/yami-shop-admin/src/main/resources/application-prod.yml
@ -15,6 +15,6 @@ spring:
      connection-test-query: SELECT 1
  redis:
    redisson:
-      config: classpath:redisson.yml
+      config: classpath:redisson/redisson.yml
 logging:
-  config: classpath:logback-prod.xml
+  config: classpath:logback/logback-prod.xml
--- a/yami-shop-admin/src/main/resources/logback/logback-dev.xml
+++ b/yami-shop-admin/src/main/resources/logback/logback-dev.xml
--- a/yami-shop-admin/src/main/resources/logback/logback-prod.xml
+++ b/yami-shop-admin/src/main/resources/logback/logback-prod.xml
--- a/yami-shop-admin/src/main/resources/redisson/redisson-docker.yml
+++ b/yami-shop-admin/src/main/resources/redisson/redisson-docker.yml
@ -4,28 +4,25 @@ singleServerConfig:
  database: ${REDIS_DATABASE}
  password: ${REDIS_PASSWORD}
  idleConnectionTimeout: 10000
  pingTimeout: 1000
  connectTimeout: 10000
  timeout: 3000
  retryAttempts: 3
  retryInterval: 1500
  reconnectionTimeout: 3000
  failedAttempts: 3
  clientName: null
  # 发布和订阅连接的最小空闲连接数 默认1
  subscriptionConnectionMinimumIdleSize: 1
  # 发布和订阅连接池大小 默认50
-  subscriptionConnectionPoolSize: 10
+  subscriptionConnectionPoolSize: 1
  # 单个连接最大订阅数量 默认5
-  subscriptionsPerConnection: 5
+  subscriptionsPerConnection: 1
  # 最小空闲连接数 默认32，现在暂时不需要那么多的线程
-  connectionMinimumIdleSize: 4
+  connectionMinimumIdleSize: 2
  # connectionPoolSize 默认64，现在暂时不需要那么多的线程
-  connectionPoolSize: 20
+  connectionPoolSize: 4
 # 这个线程池数量被所有RTopic对象监听器，RRemoteService调用者和RExecutorService任务共同共享。
 threads: 0
 # 这个线程池数量是在一个Redisson实例内，被其创建的所有分布式数据类型和服务，以及底层客户端所一同共享的线程池里保存的线程数量。
 nettyThreads: 0
 codec:
-  class: com.yami.shop.common.serializer.redisson.FstCodec
+  class: org.redisson.codec.KryoCodec
-transportMode: NIO
+transportMode: NIO
--- a/yami-shop-admin/src/main/resources/redisson/redisson.yml
+++ b/yami-shop-admin/src/main/resources/redisson/redisson.yml
@ -4,28 +4,25 @@ singleServerConfig:
  database: 0
  password: null
  idleConnectionTimeout: 10000
  pingTimeout: 1000
  connectTimeout: 10000
  timeout: 3000
  retryAttempts: 3
  retryInterval: 1500
  reconnectionTimeout: 3000
  failedAttempts: 3
  clientName: null
  # 发布和订阅连接的最小空闲连接数 默认1
  subscriptionConnectionMinimumIdleSize: 1
  # 发布和订阅连接池大小 默认50
-  subscriptionConnectionPoolSize: 10
+  subscriptionConnectionPoolSize: 1
  # 单个连接最大订阅数量 默认5
-  subscriptionsPerConnection: 5
+  subscriptionsPerConnection: 1
  # 最小空闲连接数 默认32，现在暂时不需要那么多的线程
-  connectionMinimumIdleSize: 4
+  connectionMinimumIdleSize: 2
  # connectionPoolSize 默认64，现在暂时不需要那么多的线程
-  connectionPoolSize: 20
+  connectionPoolSize: 4
 # 这个线程池数量被所有RTopic对象监听器，RRemoteService调用者和RExecutorService任务共同共享。
 threads: 0
 # 这个线程池数量是在一个Redisson实例内，被其创建的所有分布式数据类型和服务，以及底层客户端所一同共享的线程池里保存的线程数量。
 nettyThreads: 0
 codec:
-  class: com.yami.shop.common.serializer.redisson.FstCodec
+  class: org.redisson.codec.KryoCodec
-transportMode: NIO
+transportMode: NIO
--- a/yami-shop-api/pom.xml
+++ b/yami-shop-api/pom.xml
@ -20,12 +20,7 @@
 		</dependency>
 		<dependency>
 			<groupId>com.yami.shop</groupId>
-			<artifactId>yami-shop-security</artifactId>
+			<artifactId>yami-shop-security-api</artifactId>
 			<version>${yami.shop.version}</version>
 		</dependency>
 		<dependency>
 			<groupId>com.yami.shop</groupId>
 			<artifactId>yami-shop-mp</artifactId>
 			<version>${yami.shop.version}</version>
 		</dependency>
 	</dependencies>
--- a/yami-shop-api/src/main/java/com/yami/shop/api/controller/AddrController.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/controller/AddrController.java
@ -10,36 +10,25 @@
 package com.yami.shop.api.controller;
 import java.util.Date;
 import java.util.List;
 import javax.validation.Valid;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.security.util.SecurityUtils;
 import lombok.AllArgsConstructor;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.yami.shop.bean.app.dto.UserAddrDto;
 import com.yami.shop.bean.app.param.AddrParam;
 import com.yami.shop.bean.model.UserAddr;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.security.api.util.SecurityUtils;
 import com.yami.shop.service.UserAddrService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiOperation;
 import lombok.AllArgsConstructor;
 import ma.glasnost.orika.MapperFacade;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 import javax.validation.Valid;
 import java.util.Date;
 import java.util.List;
@RestController
--- a/yami-shop-api/src/main/java/com/yami/shop/api/controller/MyOrderController.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/controller/MyOrderController.java
@ -10,37 +10,30 @@
 package com.yami.shop.api.controller;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Map;
 import java.util.Objects;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.yami.shop.bean.enums.OrderStatus;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.common.util.PageParam;
 import com.yami.shop.bean.app.dto.*;
-import com.yami.shop.dao.OrderMapper;
+import com.yami.shop.bean.enums.OrderStatus;
 import com.yami.shop.security.util.SecurityUtils;
 import com.yami.shop.service.*;
 import lombok.AllArgsConstructor;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 import com.yami.shop.bean.model.Order;
 import com.yami.shop.bean.model.OrderItem;
 import com.yami.shop.bean.model.ShopDetail;
 import com.yami.shop.bean.model.UserAddrOrder;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.common.util.Arith;
-
+import com.yami.shop.common.util.PageParam;
 import com.yami.shop.security.api.util.SecurityUtils;
 import com.yami.shop.service.*;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 import lombok.AllArgsConstructor;
 import ma.glasnost.orika.MapperFacade;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Objects;
@RestController
@RequestMapping("/p/myOrder")
--- a/yami-shop-api/src/main/java/com/yami/shop/api/controller/OrderController.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/controller/OrderController.java
@ -10,15 +10,21 @@
 package com.yami.shop.api.controller;
-import java.util.*;
+import cn.hutool.core.collection.CollectionUtil;
 import javax.validation.Valid;
 import com.yami.shop.bean.app.dto.*;
 import com.yami.shop.bean.app.param.OrderParam;
 import com.yami.shop.bean.app.param.OrderShopParam;
 import com.yami.shop.bean.app.param.SubmitOrderParam;
 import com.yami.shop.bean.event.ConfirmOrderEvent;
 import com.yami.shop.bean.model.Order;
 import com.yami.shop.bean.model.UserAddr;
 import com.yami.shop.common.exception.YamiShopBindException;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.common.util.Arith;
 import com.yami.shop.security.api.util.SecurityUtils;
 import com.yami.shop.service.*;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import ma.glasnost.orika.MapperFacade;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationContext;
 import org.springframework.http.ResponseEntity;
@ -27,17 +33,10 @@ import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-import com.yami.shop.bean.app.param.OrderParam;
+import javax.validation.Valid;
-import com.yami.shop.bean.app.param.OrderShopParam;
+import java.util.ArrayList;
-import com.yami.shop.bean.app.param.SubmitOrderParam;
+import java.util.List;
-import com.yami.shop.bean.model.Order;
+import java.util.Objects;
 import com.yami.shop.bean.model.UserAddr;
 import com.yami.shop.common.util.Arith;
 import cn.hutool.core.collection.CollectionUtil;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import ma.glasnost.orika.MapperFacade;
@RestController
@RequestMapping("/p/order")
--- a/yami-shop-api/src/main/java/com/yami/shop/api/controller/PayController.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/controller/PayController.java
@ -10,18 +10,11 @@
 package com.yami.shop.api.controller;
 import com.github.binarywang.wxpay.bean.notify.WxPayOrderNotifyResult;
 import com.github.binarywang.wxpay.bean.order.WxPayMpOrderResult;
 import com.github.binarywang.wxpay.bean.request.WxPayUnifiedOrderRequest;
 import com.github.binarywang.wxpay.constant.WxPayConstants;
 import com.github.binarywang.wxpay.service.WxPayService;
 import com.yami.shop.api.config.ApiConfig;
 import com.yami.shop.bean.app.param.PayParam;
 import com.yami.shop.bean.pay.PayInfoDto;
-import com.yami.shop.common.util.Arith;
+import com.yami.shop.security.api.model.YamiUser;
-import com.yami.shop.common.util.IPHelper;
+import com.yami.shop.security.api.util.SecurityUtils;
 import com.yami.shop.security.service.YamiUser;
 import com.yami.shop.security.util.SecurityUtils;
 import com.yami.shop.service.PayService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
@ -33,8 +26,6 @@ import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import java.util.List;
@RestController
@RequestMapping("/p/order")
@Api(tags = "订单接口")
@ -43,10 +34,6 @@ public class PayController {
    private final PayService payService;
    private final ApiConfig apiConfig;
    private final WxPayService wxMiniPayService;
    /**
     * 支付接口
     */
@ -56,21 +43,11 @@ public class PayController {
    public ResponseEntity<WxPayMpOrderResult> pay(@RequestBody PayParam payParam) {
        YamiUser user = SecurityUtils.getUser();
        String userId = user.getUserId();
        String openId = user.getBizUserId();
        PayInfoDto payInfo = payService.pay(userId, payParam);
-
+        payService.paySuccess(payInfo.getPayNo(), "");
-        WxPayUnifiedOrderRequest orderRequest = new WxPayUnifiedOrderRequest();
+        return ResponseEntity.ok().build();
        orderRequest.setBody(payInfo.getBody());
        orderRequest.setOutTradeNo(payInfo.getPayNo());
        orderRequest.setTotalFee((int) Arith.mul(payInfo.getPayAmount(), 100));
        orderRequest.setSpbillCreateIp(IPHelper.getIpAddr());
        orderRequest.setNotifyUrl(apiConfig.getDomainName() + "/notice/pay/order");
        orderRequest.setTradeType(WxPayConstants.TradeType.JSAPI);
        orderRequest.setOpenid(openId);
        return ResponseEntity.ok(wxMiniPayService.createOrder(orderRequest));
    }
    /**
--- a/yami-shop-api/src/main/java/com/yami/shop/api/controller/PayNoticeController.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/controller/PayNoticeController.java
@ -10,13 +10,7 @@
 package com.yami.shop.api.controller;
 import com.github.binarywang.wxpay.bean.notify.WxPayOrderNotifyResult;
 import com.github.binarywang.wxpay.exception.WxPayException;
 import com.github.binarywang.wxpay.service.WxPayService;
 import com.yami.shop.service.PayService;
 import lombok.AllArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import springfox.documentation.annotations.ApiIgnore;
@ -26,26 +20,26 @@ import springfox.documentation.annotations.ApiIgnore;
@RequestMapping("/notice/pay")
@AllArgsConstructor
 public class PayNoticeController {
-
+//模拟支付不需要回调
-    /**
+//    /**
-     * 小程序支付
+//     * 小程序支付
-     */
+//     */
-    private final WxPayService wxMiniPayService;
+//    private final WxPayService wxMiniPayService;
-
+//
-    private final PayService payService;
+//    private final PayService payService;
-
+//
-
+//
-    @RequestMapping("/order")
+//    @RequestMapping("/order")
-    public ResponseEntity<Void> submit(@RequestBody String xmlData) throws WxPayException {
+//    public ResponseEntity<Void> submit(@RequestBody String xmlData) throws WxPayException {
-        WxPayOrderNotifyResult parseOrderNotifyResult = wxMiniPayService.parseOrderNotifyResult(xmlData);
+//        WxPayOrderNotifyResult parseOrderNotifyResult = wxMiniPayService.parseOrderNotifyResult(xmlData);
-
+//
-        String payNo = parseOrderNotifyResult.getOutTradeNo();
+//        String payNo = parseOrderNotifyResult.getOutTradeNo();
-        String bizPayNo = parseOrderNotifyResult.getTransactionId();
+//        String bizPayNo = parseOrderNotifyResult.getTransactionId();
-
+//
-        // 根据内部订单号更新order settlement
+//        // 根据内部订单号更新order settlement
-        payService.paySuccess(payNo, bizPayNo);
+//        payService.paySuccess(payNo, bizPayNo);
-
+//
-
+//
-        return ResponseEntity.ok().build();
+//        return ResponseEntity.ok().build();
-    }
+//    }
 }
--- a/yami-shop-api/src/main/java/com/yami/shop/api/controller/ProdCommController.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/controller/ProdCommController.java
@ -12,14 +12,12 @@ package com.yami.shop.api.controller;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.yami.shop.common.util.PageParam;
 import com.yami.shop.bean.app.dto.ProdCommDataDto;
 import com.yami.shop.bean.app.dto.ProdCommDto;
 import com.yami.shop.bean.app.param.ProdCommParam;
 import com.yami.shop.bean.model.ProdComm;
 import com.yami.shop.common.util.Json;
 import com.yami.shop.common.util.PageParam;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.security.api.util.SecurityUtils;
 import com.yami.shop.service.ProdCommService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
--- a/yami-shop-api/src/main/java/com/yami/shop/api/controller/ShopCartController.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/controller/ShopCartController.java
@ -12,24 +12,31 @@ package com.yami.shop.api.controller;
 import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.map.MapUtil;
 import cn.hutool.core.util.ArrayUtil;
 import com.google.common.collect.Lists;
 import com.yami.shop.bean.app.dto.*;
 import com.yami.shop.bean.app.param.ChangeShopCartParam;
 import com.yami.shop.bean.app.param.ShopCartParam;
 import com.yami.shop.bean.event.ShopCartEvent;
-import com.yami.shop.bean.model.*;
+import com.yami.shop.bean.model.Basket;
 import com.yami.shop.bean.model.Product;
 import com.yami.shop.bean.model.Sku;
 import com.yami.shop.common.util.Arith;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.security.api.util.SecurityUtils;
-import com.yami.shop.service.*;
+import com.yami.shop.service.BasketService;
-import io.swagger.annotations.*;
+import com.yami.shop.service.ProductService;
 import com.yami.shop.service.SkuService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.AllArgsConstructor;
 import org.springframework.context.ApplicationContext;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 import javax.validation.Valid;
-import java.util.*;
+import java.util.Collections;
 import java.util.List;
 import java.util.Map;
 import java.util.Objects;
 import java.util.stream.Collectors;
@RestController
--- a/yami-shop-api/src/main/java/com/yami/shop/api/controller/SmsController.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/controller/SmsController.java
@ -10,21 +10,19 @@
 package com.yami.shop.api.controller;
 import com.yami.shop.security.util.SecurityUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.google.common.collect.Maps;
 import com.yami.shop.bean.app.param.SendSmsParam;
 import com.yami.shop.bean.enums.SmsType;
 import com.yami.shop.security.api.util.SecurityUtils;
 import com.yami.shop.service.SmsLogService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/p/sms")
--- a/yami-shop-api/src/main/java/com/yami/shop/api/controller/UserCollectionController.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/controller/UserCollectionController.java
@ -19,7 +19,7 @@ import com.yami.shop.bean.model.Product;
 import com.yami.shop.bean.model.UserCollection;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.common.util.PageParam;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.security.api.util.SecurityUtils;
 import com.yami.shop.service.ProductService;
 import com.yami.shop.service.UserCollectionService;
 import io.swagger.annotations.Api;
--- a/yami-shop-api/src/main/java/com/yami/shop/api/controller/UserController.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/controller/UserController.java
@ -10,32 +10,18 @@
 package com.yami.shop.api.controller;
-import cn.hutool.core.util.StrUtil;
+import cn.hutool.extra.emoji.EmojiUtil;
 import com.yami.shop.common.util.CacheManagerUtil;
 import com.yami.shop.security.enums.App;
 import com.yami.shop.security.service.YamiUser;
 import com.yami.shop.security.util.SecurityUtils;
 import lombok.AllArgsConstructor;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.yami.shop.bean.app.dto.UserDto;
 import com.yami.shop.bean.app.param.UserInfoParam;
 import com.yami.shop.bean.model.User;
 import com.yami.shop.security.api.util.SecurityUtils;
 import com.yami.shop.service.UserService;
 import cn.hutool.extra.emoji.EmojiUtil;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.AllArgsConstructor;
 import ma.glasnost.orika.MapperFacade;
-
+import org.springframework.http.ResponseEntity;
-import javax.servlet.http.HttpServletRequest;
+import org.springframework.web.bind.annotation.*;
@RestController
@RequestMapping("/p/user")
@ -46,10 +32,6 @@ public class UserController {
 	private final UserService userService;
 	private final MapperFacade mapperFacade;
 	private final CacheManagerUtil cacheManagerUtil;
 	private final ConsumerTokenServices consumerTokenServices;
 	/**
 	 * 查看用户接口
 	 */
@ -71,18 +53,6 @@ public class UserController {
 		user.setPic(userInfoParam.getAvatarUrl());
 		user.setNickName(EmojiUtil.toAlias(userInfoParam.getNickName()));
 		userService.updateById(user);
-		String cacheKey = App.MINI.value() + StrUtil.COLON + SecurityUtils.getUser().getBizUserId();
+		return ResponseEntity.ok().build();
 		cacheManagerUtil.evictCache("yami_user", cacheKey);
 		return ResponseEntity.ok(null);
 	}
 	/**
 	 * 退出登录,并清除redis中的token
 	 **/
 	@GetMapping("/logout")
 	public Boolean removeToken(HttpServletRequest httpRequest){
 		String authorization = httpRequest.getHeader("authorization");
 		String token = authorization.replace("bearer", "");
 		return consumerTokenServices.revokeToken(token);
 	}
 }
--- a/yami-shop-api/src/main/java/com/yami/shop/api/controller/UserRegisterController.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/controller/UserRegisterController.java
@ -1,40 +1,27 @@
 package com.yami.shop.api.controller;
-import cn.binarywang.wx.miniapp.bean.WxMaPhoneNumberInfo;
+import cn.hutool.core.util.IdUtil;
 import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.yami.shop.api.security.AuthenticationToken;
 import com.yami.shop.bean.enums.SmsType;
 import com.yami.shop.bean.model.User;
 import com.yami.shop.bean.param.UserRegisterParam;
 import com.yami.shop.common.exception.YamiShopBindException;
-import com.yami.shop.common.util.IPHelper;
+import com.yami.shop.security.common.bo.UserInfoInTokenBO;
-import com.yami.shop.common.util.PrincipalUtil;
+import com.yami.shop.security.common.enums.SysTypeEnum;
-import com.yami.shop.mp.config.WxMaConfiguration;
+import com.yami.shop.security.common.manager.PasswordManager;
-import com.yami.shop.security.enums.App;
+import com.yami.shop.security.common.manager.TokenStore;
-import com.yami.shop.security.handler.LoginAuthSuccessHandler;
+import com.yami.shop.security.common.vo.TokenInfoVO;
 import com.yami.shop.security.model.AppConnect;
 import com.yami.shop.security.service.AppConnectService;
 import com.yami.shop.security.service.YamiUser;
 import com.yami.shop.security.service.YamiUserDetailsService;
 import com.yami.shop.security.util.SecurityUtils;
 import com.yami.shop.service.SmsLogService;
 import com.yami.shop.service.UserService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.AllArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
 import org.springframework.web.bind.annotation.*;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.validation.Valid;
 import java.util.Date;
 import java.util.Objects;
 /**
 * 用户信息
@ -49,182 +36,66 @@ public class UserRegisterController {
    private final UserService userService;
    private final SmsLogService smsLogService;
    private final AppConnectService appConnectService;
    private final LoginAuthSuccessHandler loginAuthSuccessHandler;
    private final WxMaConfiguration wxConfig;
    private final YamiUserDetailsService yamiUserDetailsService;
    private final PasswordEncoder passwordEncoder;
-    public static final String CHECK_REGISTER_SMS_FLAG = "checkRegisterSmsFlag";
+    private final TokenStore tokenStore;
-    public static final String CHECK_UPDATE_PWD_SMS_FLAG = "updatePwdSmsFlag";
+    private final PasswordManager passwordManager;
    @PostMapping("/register")
    @ApiOperation(value = "注册", notes = "用户注册或绑定手机号接口")
-    public ResponseEntity<Boolean> register(@Valid @RequestBody UserRegisterParam userRegisterParam) {
+    public ResponseEntity<TokenInfoVO> register(@Valid @RequestBody UserRegisterParam userRegisterParam) {
-        userRegisterParam.setPassword(passwordEncoder.encode(userRegisterParam.getPassword()));
+        if (StrUtil.isBlank(userRegisterParam.getNickName())) {
-        return ResponseEntity.ok(userService.insertUser(userRegisterParam));
+            userRegisterParam.setNickName(userRegisterParam.getUserName());
        }
        // 正在进行申请注册
        if (userService.count(new LambdaQueryWrapper<User>().eq(User::getNickName, userRegisterParam.getNickName())) > 0) {
            // 该用户名已注册，无法重新注册
            throw new YamiShopBindException("该用户名已注册，无法重新注册");
        }
        Date now = new Date();
        User user = new User();
        user.setModifyTime(now);
        user.setUserRegtime(now);
        user.setStatus(1);
        user.setNickName(userRegisterParam.getNickName());
        user.setUserMail(userRegisterParam.getUserMail());
        String decryptPassword = passwordManager.decryptPassword(userRegisterParam.getPassWord());
        user.setLoginPassword(passwordEncoder.encode(decryptPassword));
        String userId = IdUtil.simpleUUID();
        user.setUserId(userId);
        userService.save(user);
        // 2. 登录
        UserInfoInTokenBO userInfoInTokenBO = new UserInfoInTokenBO();
        userInfoInTokenBO.setUserId(user.getUserId());
        userInfoInTokenBO.setSysType(SysTypeEnum.ORDINARY.value());
        userInfoInTokenBO.setIsAdmin(0);
        userInfoInTokenBO.setEnabled(true);
        return ResponseEntity.ok(tokenStore.storeAndGetVo(userInfoInTokenBO));
    }
    @PutMapping("/updatePwd")
    @ApiOperation(value = "修改密码", notes = "修改密码")
-    public ResponseEntity<Void> updatePwd(@Valid @RequestBody UserRegisterParam userRegisterParam) {
+    public ResponseEntity<Void> updatePwd(@Valid @RequestBody UserRegisterParam userPwdUpdateParam) {
-        User user = userService.getOne(new LambdaQueryWrapper<User>().eq(User::getUserMobile, userRegisterParam.getUserMail()));
+        User user = userService.getOne(new LambdaQueryWrapper<User>().eq(User::getNickName, userPwdUpdateParam.getNickName()));
        if (user == null) {
            // 无法获取用户信息
            throw new YamiShopBindException("无法获取用户信息");
        }
-        if (StrUtil.isBlank(userRegisterParam.getPassword())) {
+        String decryptPassword = passwordManager.decryptPassword(userPwdUpdateParam.getPassWord());
        if (StrUtil.isBlank(decryptPassword)) {
            // 新密码不能为空
            throw new YamiShopBindException("新密码不能为空");
        }
-        if (StrUtil.equals(passwordEncoder.encode(userRegisterParam.getPassword()), user.getLoginPassword())) {
+        String password = passwordEncoder.encode(decryptPassword);
        if (StrUtil.equals(password, user.getLoginPassword())) {
            // 新密码不能与原密码相同
            throw new YamiShopBindException("新密码不能与原密码相同");
        }
        user.setModifyTime(new Date());
-        user.setLoginPassword(passwordEncoder.encode(userRegisterParam.getPassword()));
+        user.setLoginPassword(password);
        userService.updateById(user);
        return ResponseEntity.ok().build();
    }
    @PutMapping("/registerOrBindUser")
    @ApiOperation(value="注册或绑定手机号", notes="用户注册或绑定手机号接口")
    public ResponseEntity<Void> register(HttpServletRequest request, HttpServletResponse response, @Valid @RequestBody UserRegisterParam userRegisterParam) {
        String mobile = userRegisterParam.getMobile();
        AppConnect appConnect = null;
        User user = null;
        String bizUserId = null;
        boolean isWxAppId = Objects.equals(userRegisterParam.getAppType(), App.MINI.value()) || Objects.equals(userRegisterParam.getAppType(), App.MP.value());
        if(isWxAppId) {
            bizUserId = SecurityUtils.getUser().getBizUserId();
        }
        // 正在进行注册，通过验证码校验
        if (Objects.equals(userRegisterParam.getRegisterOrBind(), 1)) {
            // 看看有没有校验验证码成功的标识
            userService.validate(userRegisterParam, CHECK_REGISTER_SMS_FLAG + userRegisterParam.getCheckRegisterSmsFlag());
            // 正在进行申请注册
            if (userService.count(new LambdaQueryWrapper<User>().eq(User::getUserMobile,userRegisterParam.getMobile())) > 0) {
                // 手机号已存在，无法注册
                throw new YamiShopBindException("yami.user.phone.exist");
            }
        }
        // 小程序注册/绑定手机号
        else {
            YamiUser yamiUser =  SecurityUtils.getUser();
            appConnect = appConnectService.getByBizUserId(yamiUser.getBizUserId(), App.instance(yamiUser.getAppType()));
            // 通过微信手机号校验
            if (Objects.equals(2, userRegisterParam.getValidateType())) {
                try {
                    WxMaPhoneNumberInfo wxMaPhoneNumberInfo = wxConfig.wxMaService().getUserService().getPhoneNoInfo(yamiUser.getSessionKey(), userRegisterParam.getEncryptedData(), userRegisterParam.getIvStr());
                    mobile = wxMaPhoneNumberInfo.getPhoneNumber();
                } catch (Exception e) {
                    // 授权失败，请重新授权
                    throw new YamiShopBindException(" 授权失败，请重新授权");
                }
                if (StrUtil.isBlank(mobile)) {
                    // 无法获取用户手机号信息
                    throw new YamiShopBindException("无法获取用户手机号信息");
                }
                user = yamiUserDetailsService.loadUserByMobileOrUserName(mobile, 0);
            }
            // 通过账号密码校验
            else if (Objects.equals(3, userRegisterParam.getValidateType())) {
                user = yamiUserDetailsService.loadUserByMobileOrUserName(mobile, 0);
                if (user == null) {
                    // 账号或密码不正确
                    throw new YamiShopBindException("yami.user.account.error");
                }
                String encodedPassword = user.getLoginPassword();
                String rawPassword = userRegisterParam.getPassword();
                // 密码不正确
                if (StrUtil.isBlank(encodedPassword) || !passwordEncoder.matches(rawPassword,encodedPassword)){
                    // 账号或密码不正确
                    throw new YamiShopBindException("yami.user.account.error");
                }
            }
            // 通过验证码校验
            else {
                if (!smsLogService.checkValidCode(userRegisterParam.getMobile(), userRegisterParam.getValidCode(), SmsType.VALID)){
                    // 验证码有误或已过期
                    throw new YamiShopBindException("yami.user.code.error");
                }
            }
        }
        Date now = new Date();
        // 尝试用手机号获取用户信息
        if (user == null && StrUtil.isNotBlank(mobile)) {
            user = userService.getOne(new LambdaQueryWrapper<User>().eq(User::getUserMobile,mobile));
        }
        // 新建用户
        if (user == null) {
            user = new User();
            if (StrUtil.isBlank(userRegisterParam.getUserName())) {
                userRegisterParam.setUserName(mobile);
            }
            // 如果有用户名,就判断用户名格式是否正确
            if (!PrincipalUtil.isUserName(userRegisterParam.getUserName())) {
                throw new YamiShopBindException("用户名应由4-16位数字字母下划线组成");
            }
            user.setModifyTime(now);
            user.setUserRegtime(now);
            user.setUserRegip(IPHelper.getIpAddr());
            user.setStatus(1);
            user.setPic(userRegisterParam.getImg());
            user.setUserMobile(mobile);
            if (StrUtil.isNotBlank(userRegisterParam.getPassword())) {
                user.setLoginPassword(passwordEncoder.encode(userRegisterParam.getPassword()));
            }
            // 用户名就是默认的昵称
            user.setNickName(StrUtil.isBlank(userRegisterParam.getNickName())? userRegisterParam.getUserName(): userRegisterParam.getNickName());
 //		} else  {
 //			String userId = user.getUserId();
 //			// 绑定账号
 //			if (Objects.equals(userRegisterParam.getRegisterOrBind(),2)) {
 //				int count = appConnectService.count(new LambdaQueryWrapper<AppConnect>().eq(AppConnect::getUserId, userId).eq(AppConnect::getAppId, userRegisterParam.getAppType()));
 //				if (count > 0) {
 //					throw new YamiShopBindException("该账号已被绑定，请换个账号试试");
 //				}
 //			}
        }
        if(Objects.nonNull(bizUserId)){
            appConnect = new AppConnect();
            appConnect.setBizUserId(bizUserId);
        }
        appConnectService.registerOrBindUser(user, appConnect, userRegisterParam.getAppType());
        //进行授权登录
        UserDetails userDetails = yamiUserDetailsService.getYamiUser(userRegisterParam.getAppType(),user, bizUserId);
        AuthenticationToken authenticationToken = new AuthenticationToken();
        authenticationToken.setPrincipal(user.getUserMobile());
        authenticationToken.setCredentials(user.getLoginPassword());
        authenticationToken.setPrincipal(userDetails.getUsername());
        authenticationToken.setDetails(userDetails);
        authenticationToken.setAuthenticated(true);
        loginAuthSuccessHandler.onAuthenticationSuccess(request,response,authenticationToken);
        return ResponseEntity.ok().build();
    }
 }
--- a/yami-shop-api/src/main/java/com/yami/shop/api/listener/ConfirmOrderListener.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/listener/ConfirmOrderListener.java
@ -10,34 +10,26 @@
 package com.yami.shop.api.listener;
-import com.google.common.collect.Lists;
+import com.yami.shop.bean.app.dto.ShopCartItemDto;
-import com.yami.shop.bean.app.dto.*;
+import com.yami.shop.bean.app.dto.ShopCartOrderDto;
 import com.yami.shop.bean.app.param.OrderParam;
 import com.yami.shop.bean.event.ConfirmOrderEvent;
 import com.yami.shop.bean.event.ShopCartEvent;
 import com.yami.shop.bean.model.Product;
 import com.yami.shop.bean.model.Sku;
 import com.yami.shop.bean.model.UserAddr;
 import com.yami.shop.bean.order.ConfirmOrderOrder;
 import com.yami.shop.bean.order.ShopCartEventOrder;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.common.util.Arith;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.security.api.util.SecurityUtils;
 import com.yami.shop.service.ProductService;
 import com.yami.shop.service.SkuService;
 import com.yami.shop.service.TransportManagerService;
 import com.yami.shop.service.UserAddrService;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.AllArgsConstructor;
 import ma.glasnost.orika.MapperFacade;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.event.EventListener;
 import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Component;
 import java.util.ArrayList;
 import java.util.List;
 /**
 * 确认订单信息时的默认操作
 * @author LGH
--- a/yami-shop-api/src/main/java/com/yami/shop/api/listener/SubmitOrderListener.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/listener/SubmitOrderListener.java
@ -23,7 +23,7 @@ import com.yami.shop.bean.order.SubmitOrderOrder;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.common.util.Arith;
 import com.yami.shop.dao.*;
-import com.yami.shop.security.util.SecurityUtils;
+import com.yami.shop.security.api.util.SecurityUtils;
 import com.yami.shop.service.ProductService;
 import com.yami.shop.service.SkuService;
 import com.yami.shop.service.UserAddrOrderService;
--- a/yami-shop-api/src/main/java/com/yami/shop/api/security/ApiTokenEnhancer.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/security/ApiTokenEnhancer.java
@ -1,35 +0,0 @@
 package com.yami.shop.api.security;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.extra.emoji.EmojiUtil;
 import com.yami.shop.security.service.YamiUser;
 import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.token.TokenEnhancer;
 import org.springframework.stereotype.Component;
 import java.util.HashMap;
 import java.util.Map;
 /**
 * token增强
 * @author LGH
 */
@Component
 public class ApiTokenEnhancer implements TokenEnhancer {
    @Override
    public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
        Map<String, Object> additionalInfo = new HashMap<>(8);
        YamiUser yamiUser = (YamiUser) authentication.getUserAuthentication().getPrincipal();
        additionalInfo.put("userId", yamiUser.getUserId());
        additionalInfo.put("nickName", EmojiUtil.toUnicode(StrUtil.isBlank(yamiUser.getName())? "" : yamiUser.getName()));
        additionalInfo.put("pic",yamiUser.getPic());
        additionalInfo.put("enabled",yamiUser.isEnabled());
        ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);
        return accessToken;
    }
 }
--- a/yami-shop-api/src/main/java/com/yami/shop/api/security/AuthenticationToken.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/security/AuthenticationToken.java
@ -1,95 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.api.security;
 import lombok.Getter;
 import lombok.Setter;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.CredentialsContainer;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 import java.util.Collection;
 /**
 * 自定义AbstractAuthenticationToken，
 * @author SJL
 */
@Getter
@Setter
 public class AuthenticationToken implements Authentication,
        CredentialsContainer {
    private Collection<GrantedAuthority> authorities;
    private UserDetails details;
    /**
     * 用户名
     */
    protected String principal;
    /**
     * 密码
     */
    protected Object credentials;
    /**
     * uuid，现在用于验证码
     */
    private String sessionUUID;
    private boolean authenticated = false;
    public void setDetails(UserDetails details) {
        this.details = details;
    }
    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return details.getAuthorities();
    }
    @Override
    public Object getDetails() {
        return details;
    }
    @Override
    public boolean isAuthenticated() {
        return authenticated;
    }
    @Override
    public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
        this.authenticated = isAuthenticated;
    }
    @Override
    public String getName() {
        return details.getUsername();
    }
    @Override
    public void eraseCredentials() {
        eraseSecret(getCredentials());
        eraseSecret(getPrincipal());
        eraseSecret(details);
    }
    private void eraseSecret(Object secret) {
        if (secret instanceof CredentialsContainer) {
            ((CredentialsContainer) secret).eraseCredentials();
        }
    }
 }
--- a/yami-shop-api/src/main/java/com/yami/shop/api/security/LoginAuthenticationFilter.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/security/LoginAuthenticationFilter.java
@ -1,151 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.api.security;
 import cn.binarywang.wx.miniapp.api.WxMaService;
 import cn.binarywang.wx.miniapp.bean.WxMaJscode2SessionResult;
 import cn.hutool.core.util.BooleanUtil;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.extra.servlet.ServletUtil;
 import com.yami.shop.common.util.Json;
 import com.yami.shop.common.util.RedisUtil;
 import com.yami.shop.security.constants.SecurityConstants;
 import com.yami.shop.security.enums.App;
 import com.yami.shop.security.exception.BadCredentialsExceptionBase;
 import com.yami.shop.security.exception.ImageCodeNotMatchExceptionBase;
 import com.yami.shop.security.exception.UsernameNotFoundExceptionBase;
 import com.yami.shop.security.exception.WxErrorExceptionBase;
 import com.yami.shop.security.model.AppConnect;
 import com.yami.shop.security.service.YamiUser;
 import com.yami.shop.security.service.YamiUserDetailsService;
 import com.yami.shop.security.token.MyAuthenticationToken;
 import lombok.AllArgsConstructor;
 import me.chanjar.weixin.common.error.WxErrorException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.stereotype.Component;
 import javax.servlet.ServletInputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 /**
 * 小程序登陆：此时principal为code
 *       post:http://127.0.0.1:8086/login
 *       {principal:code}
 */
@Component
 public class LoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    private final YamiUserDetailsService yamiUserDetailsService;
    private final WxMaService wxMaService;
    @Autowired
    public LoginAuthenticationFilter(YamiUserDetailsService yamiUserDetailsService, WxMaService wxMaService) {
        super("/login");
        this.yamiUserDetailsService = yamiUserDetailsService;
        this.wxMaService = wxMaService;
    }
    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
        if (!ServletUtil.METHOD_POST.equals(request.getMethod())) {
            throw new AuthenticationServiceException(
                    "Authentication method not supported: " + request.getMethod());
        }
        String requestBody = getStringFromStream(request);
        if (StrUtil.isBlank(requestBody)) {
            throw new AuthenticationServiceException("无法获取输入信息");
        }
        MiniAppAuthenticationToken authentication  =  Json.parseObject(requestBody, MiniAppAuthenticationToken.class);
        String code = String.valueOf(authentication.getPrincipal());
        YamiUser loadedUser = null;
        WxMaJscode2SessionResult session = null;
        AppConnect appConnect = new AppConnect();
        appConnect.setAppId(App.MINI.value());
        try {
            session = wxMaService.getUserService().getSessionInfo(code);
            loadedUser = yamiUserDetailsService.loadUserByAppIdAndBizUserId(App.MINI,session.getOpenid());
        } catch (WxErrorException e) {
            throw new WxErrorExceptionBase(e.getMessage());
        } catch (UsernameNotFoundExceptionBase var6) {
            if (session == null) {
                throw new WxErrorExceptionBase("无法获取用户登陆信息");
            }
            appConnect.setBizUserId(session.getOpenid());
            appConnect.setBizUnionid(session.getUnionid());
            yamiUserDetailsService.insertUserIfNecessary(appConnect);
        }
        if (loadedUser == null) {
            loadedUser = yamiUserDetailsService.loadUserByAppIdAndBizUserId(App.MINI, appConnect.getBizUserId());
        }
        MiniAppAuthenticationToken result = new MiniAppAuthenticationToken(loadedUser, authentication.getCredentials());
        result.setDetails(authentication.getDetails());
        return result;
    }
    private String getStringFromStream(HttpServletRequest req) {
        ServletInputStream is;
        try {
            is = req.getInputStream();
            int nRead = 1;
            int nTotalRead = 0;
            byte[] bytes = new byte[10240];
            while (nRead > 0) {
                nRead = is.read(bytes, nTotalRead, bytes.length - nTotalRead);
                if (nRead > 0) {
                    nTotalRead = nTotalRead + nRead;
                }
            }
            return new String(bytes, 0, nTotalRead, StandardCharsets.UTF_8);
        } catch (IOException e) {
            e.printStackTrace();
            return "";
        }
    }
    @Override
    @Autowired
    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        super.setAuthenticationManager(authenticationManager);
    }
    @Override
    @Autowired
    public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler successHandler) {
        super.setAuthenticationSuccessHandler(successHandler);
    }
    @Override
    @Autowired
    public void setAuthenticationFailureHandler(AuthenticationFailureHandler failureHandler) {
        super.setAuthenticationFailureHandler(failureHandler);
    }
 }
--- a/yami-shop-api/src/main/java/com/yami/shop/api/security/MiniAppAuthenticationToken.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/security/MiniAppAuthenticationToken.java
@ -1,27 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.api.security;
 import com.yami.shop.security.token.MyAuthenticationToken;
 import lombok.NoArgsConstructor;
 import org.springframework.security.core.userdetails.UserDetails;
 /**
 * 二维码Token
 */
@NoArgsConstructor
 public class MiniAppAuthenticationToken extends MyAuthenticationToken {
    public MiniAppAuthenticationToken(UserDetails principal, Object credentials) {
        super(principal, credentials, principal.getAuthorities());
    }
 }
--- a/yami-shop-api/src/main/java/com/yami/shop/api/security/ResourceServerConfiguration.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/security/ResourceServerConfiguration.java
@ -1,44 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.api.security;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.web.cors.CorsUtils;
@Configuration
@EnableResourceServer
 public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
    @Autowired
    private LoginAuthenticationFilter loginAuthenticationFilter;
    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .addFilterBefore(loginAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
                .csrf().disable().cors()
                .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and().authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
                .and().requestMatchers().anyRequest()
                .and().anonymous()
                .and().authorizeRequests()
                //配置/p访问控制，必须认证过后才可以访问
                .antMatchers("/p/**").authenticated();
    }
 }
--- a/yami-shop-api/src/main/java/com/yami/shop/api/security/WebAuthenticationToken.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/security/WebAuthenticationToken.java
@ -1,27 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.api.security;
 import com.yami.shop.security.token.MyAuthenticationToken;
 import lombok.NoArgsConstructor;
 import org.springframework.security.core.userdetails.UserDetails;
 /**
 * H5端Token
 */
@NoArgsConstructor
 public class WebAuthenticationToken extends MyAuthenticationToken {
    public WebAuthenticationToken(UserDetails principal, Object credentials) {
        super(principal, credentials, principal.getAuthorities());
    }
 }
--- a/yami-shop-api/src/main/java/com/yami/shop/api/security/WebLoginAuthenticationFilter.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/security/WebLoginAuthenticationFilter.java
@ -1,153 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.api.security;
 import cn.binarywang.wx.miniapp.api.WxMaService;
 import cn.binarywang.wx.miniapp.bean.WxMaJscode2SessionResult;
 import cn.hutool.core.util.BooleanUtil;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.extra.servlet.ServletUtil;
 import com.yami.shop.common.util.Json;
 import com.yami.shop.common.util.RedisUtil;
 import com.yami.shop.security.constants.SecurityConstants;
 import com.yami.shop.security.enums.App;
 import com.yami.shop.security.exception.BadCredentialsExceptionBase;
 import com.yami.shop.security.exception.ImageCodeNotMatchExceptionBase;
 import com.yami.shop.security.exception.UsernameNotFoundExceptionBase;
 import com.yami.shop.security.exception.WxErrorExceptionBase;
 import com.yami.shop.security.model.AppConnect;
 import com.yami.shop.security.service.YamiUser;
 import com.yami.shop.security.service.YamiUserDetailsService;
 import com.yami.shop.security.token.MyAuthenticationToken;
 import lombok.AllArgsConstructor;
 import me.chanjar.weixin.common.error.WxErrorException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.stereotype.Component;
 import javax.servlet.ServletInputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 /**
 * 账号密码登录
 */
@Component
 public class WebLoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    private final YamiUserDetailsService yamiUserDetailsService;
    private final WxMaService wxMaService;
    @Autowired
    public WebLoginAuthenticationFilter(YamiUserDetailsService yamiUserDetailsService, WxMaService wxMaService) {
        super("/webLogin");
        this.yamiUserDetailsService = yamiUserDetailsService;
        this.wxMaService = wxMaService;
    }
    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
        if (!ServletUtil.METHOD_POST.equals(request.getMethod())) {
            throw new AuthenticationServiceException(
                    "Authentication method not supported: " + request.getMethod());
        }
        String requestBody = getStringFromStream(request);
        if (StrUtil.isBlank(requestBody)) {
            throw new AuthenticationServiceException("无法获取输入信息");
        }
        WebAuthenticationToken authentication  =  Json.parseObject(requestBody, WebAuthenticationToken.class);
        String userMail = String.valueOf(authentication.getPrincipal());
        String loginPassword = String.valueOf(authentication.getCredentials());
        YamiUser loadedUser = null;
 //        WxMaJscode2SessionResult session = null;
        AppConnect appConnect = new AppConnect();
        appConnect.setAppId(App.H5.value());
        loadedUser = yamiUserDetailsService.loadUserByUserMail(userMail,loginPassword);
 //        try {
 //
 ////            session = wxMaService.getUserService().getSessionInfo(code);
 //
 //            loadedUser = yamiUserDetailsService.loadUserByAppIdAndBizUserId(App.MINI,session.getOpenid());
 //        } catch (WxErrorException e) {
 //            throw new WxErrorExceptionBase(e.getMessage());
 //        } catch (UsernameNotFoundExceptionBase var6) {
 //            if (session == null) {
 //                throw new WxErrorExceptionBase("无法获取用户登陆信息");
 //            }
 //            appConnect.setBizUserId(session.getOpenid());
 //            appConnect.setBizUnionid(session.getUnionid());
 //            yamiUserDetailsService.insertUserIfNecessary(appConnect);
 //        }
 //        if (loadedUser == null) {
 //            loadedUser = yamiUserDetailsService.loadUserByAppIdAndBizUserId(App.MINI, appConnect.getBizUserId());
 //        }
 //        MiniAppAuthenticationToken result = new MiniAppAuthenticationToken(loadedUser, authentication.getCredentials());
        WebAuthenticationToken result = new WebAuthenticationToken(loadedUser, authentication.getCredentials());
        result.setDetails(authentication.getDetails());
        return result;
    }
    private String getStringFromStream(HttpServletRequest req) {
        ServletInputStream is;
        try {
            is = req.getInputStream();
            int nRead = 1;
            int nTotalRead = 0;
            byte[] bytes = new byte[10240];
            while (nRead > 0) {
                nRead = is.read(bytes, nTotalRead, bytes.length - nTotalRead);
                if (nRead > 0) {
                    nTotalRead = nTotalRead + nRead;
                }
            }
            return new String(bytes, 0, nTotalRead, StandardCharsets.UTF_8);
        } catch (IOException e) {
            e.printStackTrace();
            return "";
        }
    }
    @Override
    @Autowired
    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        super.setAuthenticationManager(authenticationManager);
    }
    @Override
    @Autowired
    public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler successHandler) {
        super.setAuthenticationSuccessHandler(successHandler);
    }
    @Override
    @Autowired
    public void setAuthenticationFailureHandler(AuthenticationFailureHandler failureHandler) {
        super.setAuthenticationFailureHandler(failureHandler);
    }
 }
--- a/yami-shop-api/src/main/java/com/yami/shop/api/security/YamiAuthenticationProcessingFilter.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/security/YamiAuthenticationProcessingFilter.java
@ -1,154 +0,0 @@
 package com.yami.shop.api.security;
 import cn.hutool.extra.servlet.ServletUtil;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.common.util.Json;
 import com.yami.shop.common.xss.XssUtil;
 import com.yami.shop.security.exception.BadCredentialsException;
 import com.yami.shop.security.exception.UsernameNotFoundException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.web.HttpRequestMethodNotSupportedException;
 import javax.servlet.ServletException;
 import javax.servlet.ServletInputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 /**
 *
 * @author SJL
 */
 public class YamiAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter {
    private UserDetailsService userDetailsService;
    private PasswordEncoder passwordEncoder;
    /**
     * 请求字符串的最大长度 1m
     */
    public static final int MAX_STRING_SIZE = 1024 * 1024;
    protected YamiAuthenticationProcessingFilter(String defaultFilterProcessesUrl) {
        super(defaultFilterProcessesUrl);
    }
    @Autowired
    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }
    @Autowired
    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }
    @Override
    @Autowired
    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        super.setAuthenticationManager(authenticationManager);
    }
    @Override
    @Autowired
    public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler successHandler) {
        super.setAuthenticationSuccessHandler(successHandler);
    }
    @Override
    @Autowired
    public void setAuthenticationFailureHandler(AuthenticationFailureHandler failureHandler) {
        super.setAuthenticationFailureHandler(failureHandler);
    }
    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, ServletException{
        if (!ServletUtil.METHOD_POST.equals(request.getMethod())) {
            throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] { "POST" });
        }
        AuthenticationToken authenticationToken = Json.parseObject(getStringFromStream(request), AuthenticationToken.class);
        UserDetails userDetails = getUserDetails(authenticationToken);
        return handleAuthenticationToken(authenticationToken,userDetails);
    }
    /**
     * 获取用户信息
     * @param authenticationToken
     * @return
     */
    protected UserDetails getUserDetails(AuthenticationToken authenticationToken) {
        UserDetails user;
        try {
            user = userDetailsService.loadUserByUsername(authenticationToken.getPrincipal());
        } catch (UsernameNotFoundException var6) {
            // 账号或密码不正确
            throw new UsernameNotFoundException("账号或密码不正确");
        }
        if (!user.isEnabled()) {
            // 账号已被锁定,请联系管理员
            throw new UsernameNotFoundException("账号已被锁定,请联系管理员");
        }
        String encodedPassword = user.getPassword();
        String rawPassword = authenticationToken.getCredentials().toString();
        // 密码不正确
        if (!passwordEncoder.matches(rawPassword,encodedPassword)){
            // 账号或密码不正确
            throw new BadCredentialsException("账号或密码不正确");
        }
        return user;
    }
    /**
     * 保存用户信息
     */
    protected AuthenticationToken handleAuthenticationToken(AuthenticationToken authentication, UserDetails userDetails) {
        // 保存用户信息
        authentication.setPrincipal(userDetails.getUsername());
        authentication.setDetails(userDetails);
        authentication.setAuthenticated(true);
        return authentication;
    }
    public String getStringFromStream(HttpServletRequest req) {
        if (req.getContentLength() > MAX_STRING_SIZE) {
            // 请求数据过长
            throw new YamiShopBindException("yami.request.data.too.long");
        }
        ServletInputStream is;
        try {
            is = req.getInputStream();
            int nRead = 1;
            int nTotalRead = 0;
            byte[] bytes = new byte[1024];
            while (nRead > 0) {
                nRead = is.read(bytes, nTotalRead, bytes.length - nTotalRead);
                if (nRead > 0) {
                    nTotalRead = nTotalRead + nRead;
                }
            }
            if (nTotalRead > MAX_STRING_SIZE) {
                // 请求数据过长
                throw new YamiShopBindException("yami.request.data.too.long");
            }
            return XssUtil.clean(new String(bytes, 0, nTotalRead, StandardCharsets.UTF_8));
        } catch (IOException e) {
            e.printStackTrace();
            return "";
        }
    }
 }
--- a/yami-shop-api/src/main/java/com/yami/shop/api/security/YamiUserServiceImpl.java
+++ b/yami-shop-api/src/main/java/com/yami/shop/api/security/YamiUserServiceImpl.java
@ -1,176 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.api.security;
 import cn.hutool.core.util.IdUtil;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.extra.emoji.EmojiUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.yami.shop.bean.model.User;
 import com.yami.shop.common.annotation.RedisLock;
 import com.yami.shop.common.exception.YamiShopBindException;
 import com.yami.shop.common.util.CacheManagerUtil;
 import com.yami.shop.common.util.PrincipalUtil;
 import com.yami.shop.dao.UserMapper;
 import com.yami.shop.security.dao.AppConnectMapper;
 import com.yami.shop.security.enums.App;
 import com.yami.shop.security.exception.UsernameNotFoundException;
 import com.yami.shop.security.exception.UsernameNotFoundExceptionBase;
 import com.yami.shop.security.model.AppConnect;
 import com.yami.shop.security.service.YamiUser;
 import com.yami.shop.security.service.YamiUserDetailsService;
 import lombok.AllArgsConstructor;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.cache.annotation.Caching;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import java.util.*;
 /**
 * 用户详细信息
 *
 * @author
 */
@Slf4j
@Service
@AllArgsConstructor
 public class YamiUserServiceImpl implements YamiUserDetailsService {
 	private final UserMapper userMapper;
 	private final AppConnectMapper appConnectMapper;
 	private final PasswordEncoder passwordEncoder;
 	@Override
 	@SneakyThrows
 	public YamiUser loadUserByUsername(String username) {
 		if (StrUtil.isBlank(username) || !username.contains(StrUtil.COLON) ) {
 			throw new UsernameNotFoundExceptionBase("无法获取用户信息");
 		}
 		String[] splitInfo = username.split(StrUtil.COLON);
 		App app = App.instance(Integer.valueOf(splitInfo[0]));
 		String bizUserId = splitInfo[1];
 		return loadUserByAppIdAndBizUserId(app,bizUserId);
 	}
 	/**
 	 * 获取前端登陆的用户信息
 	 *
 	 * @param app
 	 * @param bizUserId openId
 	 * @return UserDetails
 	 * @throws UsernameNotFoundExceptionBase
 	 */
 	@Override
 	public YamiUser loadUserByAppIdAndBizUserId(App app, String bizUserId) {
 		String cacheKey = app.value() + StrUtil.COLON + bizUserId;
 		User user = userMapper.getUserByBizUserId(app.value(), bizUserId);
 		if (user == null) {
 			throw new UsernameNotFoundExceptionBase("无法获取用户信息");
 		}
 		String name = StrUtil.isBlank(user.getRealName()) ? user.getNickName() : user.getRealName();
 		YamiUser yamiUser = new YamiUser(user.getUserId(), bizUserId, app.value(), user.getStatus() == 1);
 		yamiUser.setName(name);
 		yamiUser.setPic(user.getPic());
 		return yamiUser;
 	}
 	@Override
 	@Transactional(rollbackFor = Exception.class)
 	@RedisLock(lockName = "insertUser", key = "#appConnect.appId + ':' + #appConnect.bizUserId")
 	@Caching(evict = {
 			@CacheEvict(cacheNames = "yami_user", key = "#appConnect.appId + ':' + #appConnect.bizUserId"),
 			@CacheEvict(cacheNames = "AppConnect", key = "#appConnect.appId + ':' + #appConnect.bizUserId")
 	})
 	public void insertUserIfNecessary(AppConnect appConnect) {
 		// 进入锁后再重新判断一遍用户是否创建
 		AppConnect dbAppConnect = appConnectMapper.getByBizUserId(appConnect.getBizUserId(), appConnect.getAppId());
 		if(dbAppConnect != null) {
 			return;
 		}
 		String bizUnionId = appConnect.getBizUnionid();
 		String userId = null;
 		User user;
 		if (StrUtil.isNotBlank(bizUnionId)) {
 			userId = appConnectMapper.getUserIdByUnionId(bizUnionId);
 		}
 		if (StrUtil.isBlank(userId)) {
 			userId = IdUtil.simpleUUID();
 			Date now = new Date();
 			user = new User();
 			user.setUserId(userId);
 			user.setModifyTime(now);
 			user.setUserRegtime(now);
 			user.setStatus(1);
 			user.setNickName(EmojiUtil.toAlias(StrUtil.isBlank(appConnect.getNickName()) ? "" : appConnect.getNickName()));
 			user.setPic(appConnect.getImageUrl());
 			userMapper.insert(user);
 		} else {
 			user = userMapper.selectById(userId);
 		}
 		appConnect.setUserId(user.getUserId());
 		appConnectMapper.insert(appConnect);
 	}
 	@Override
 	public YamiUser loadUserByUserMail(String userMail, String loginPassword) {
 		User user = userMapper.getUserByUserMail(userMail);
 		if (user == null) {
 			throw new UsernameNotFoundException("用户不存在");
 		}
 		if (!passwordEncoder.matches(loginPassword, user.getLoginPassword())) {
 			// 原密码不正确
 			throw new UsernameNotFoundException("密码不正确");
 		}
 		String name = StrUtil.isBlank(user.getRealName()) ? user.getNickName() : user.getRealName();
 		YamiUser yamiUser = new YamiUser(user.getUserId(), loginPassword, user.getStatus() == 1);
 		yamiUser.setName(name);
 		yamiUser.setPic(user.getPic());
 		return yamiUser;
 	}
 	@Override
 	public User loadUserByMobileOrUserName(String mobileOrUserName, Integer loginType) {
 		User user = null;
 		// 手机验证码登陆，或传过来的账号很像手机号
 		if (Objects.equals(loginType, 1) || PrincipalUtil.isMobile(mobileOrUserName)) {
 			user = userMapper.selectOne(new LambdaQueryWrapper<User>().eq(User::getUserMobile, mobileOrUserName));
 		}
 		return user;
 	}
 	@Override
 	public YamiUser getYamiUser(Integer appId, User user, String bizUserId) {
 		String name = StrUtil.isBlank(user.getRealName()) ? user.getNickName() : user.getRealName();
 		YamiUser yamiUser = new YamiUser();
 		yamiUser.setEnabled(user.getStatus() == 1);
 		yamiUser.setUserId(user.getUserId());
 		yamiUser.setBizUserId(bizUserId);
 		yamiUser.setAppType(appId);
 		yamiUser.setName(name);
 		yamiUser.setPic(user.getPic());
 		yamiUser.setPassword(user.getLoginPassword());
 		return yamiUser;
 	}
 }
--- a/yami-shop-api/src/main/resources/application-dev.yml
+++ b/yami-shop-api/src/main/resources/application-dev.yml
@ -14,7 +14,7 @@ spring:
      connection-test-query: select 1
  redis:
    redisson:
-      config: classpath:redisson.yml
+      config: classpath:redisson/redisson.yml
 logging:
-  config: classpath:logback-dev.xml
+  config: classpath:logback/logback-dev.xml
--- a/yami-shop-api/src/main/resources/application-docker.yml
+++ b/yami-shop-api/src/main/resources/application-docker.yml
@ -14,6 +14,6 @@ spring:
      connection-test-query: select 1
  redis:
    redisson:
-      config: classpath:redisson-docker.yml
+      config: classpath:redisson/redisson-docker.yml
 logging:
-  config: classpath:logback-prod.xml
+  config: classpath:logback/logback-prod.xml
--- a/yami-shop-api/src/main/resources/application-prod.yml
+++ b/yami-shop-api/src/main/resources/application-prod.yml
@ -16,6 +16,6 @@ spring:
      connection-test-query: select 1
  redis:
    redisson:
-      config: classpath:redisson.yml
+      config: classpath:redisson/redisson.yml
 logging:
-  config: classpath:logback-prod.xml
+  config: classpath:logback/logback-prod.xml
--- a/yami-shop-api/src/main/resources/logback/logback-dev.xml
+++ b/yami-shop-api/src/main/resources/logback/logback-dev.xml
--- a/yami-shop-api/src/main/resources/logback/logback-prod.xml
+++ b/yami-shop-api/src/main/resources/logback/logback-prod.xml
--- a/yami-shop-api/src/main/resources/redisson/redisson-docker.yml
+++ b/yami-shop-api/src/main/resources/redisson/redisson-docker.yml
@ -4,28 +4,25 @@ singleServerConfig:
  database: ${REDIS_DATABASE}
  password: ${REDIS_PASSWORD}
  idleConnectionTimeout: 10000
  pingTimeout: 1000
  connectTimeout: 10000
  timeout: 3000
  retryAttempts: 3
  retryInterval: 1500
  reconnectionTimeout: 3000
  failedAttempts: 3
  clientName: null
  # 发布和订阅连接的最小空闲连接数 默认1
  subscriptionConnectionMinimumIdleSize: 1
  # 发布和订阅连接池大小 默认50
-  subscriptionConnectionPoolSize: 10
+  subscriptionConnectionPoolSize: 1
  # 单个连接最大订阅数量 默认5
-  subscriptionsPerConnection: 5
+  subscriptionsPerConnection: 1
  # 最小空闲连接数 默认32，现在暂时不需要那么多的线程
  connectionMinimumIdleSize: 4
  # connectionPoolSize 默认64，现在暂时不需要那么多的线程
-  connectionPoolSize: 20
+  connectionPoolSize: 4
 # 这个线程池数量被所有RTopic对象监听器，RRemoteService调用者和RExecutorService任务共同共享。
 threads: 0
 # 这个线程池数量是在一个Redisson实例内，被其创建的所有分布式数据类型和服务，以及底层客户端所一同共享的线程池里保存的线程数量。
 nettyThreads: 0
 codec:
-  class: com.yami.shop.common.serializer.redisson.FstCodec
+  class: org.redisson.codec.KryoCodec
-transportMode: NIO
+transportMode: NIO
--- a/yami-shop-api/src/main/resources/redisson/redisson.yml
+++ b/yami-shop-api/src/main/resources/redisson/redisson.yml
@ -4,28 +4,25 @@ singleServerConfig:
  database: 0
  password: null
  idleConnectionTimeout: 10000
  pingTimeout: 1000
  connectTimeout: 10000
  timeout: 3000
  retryAttempts: 3
  retryInterval: 1500
  reconnectionTimeout: 3000
  failedAttempts: 3
  clientName: null
  # 发布和订阅连接的最小空闲连接数 默认1
  subscriptionConnectionMinimumIdleSize: 1
  # 发布和订阅连接池大小 默认50
-  subscriptionConnectionPoolSize: 10
+  subscriptionConnectionPoolSize: 1
  # 单个连接最大订阅数量 默认5
-  subscriptionsPerConnection: 5
+  subscriptionsPerConnection: 1
  # 最小空闲连接数 默认32，现在暂时不需要那么多的线程
-  connectionMinimumIdleSize: 4
+  connectionMinimumIdleSize: 2
  # connectionPoolSize 默认64，现在暂时不需要那么多的线程
-  connectionPoolSize: 20
+  connectionPoolSize: 4
 # 这个线程池数量被所有RTopic对象监听器，RRemoteService调用者和RExecutorService任务共同共享。
 threads: 0
 # 这个线程池数量是在一个Redisson实例内，被其创建的所有分布式数据类型和服务，以及底层客户端所一同共享的线程池里保存的线程数量。
 nettyThreads: 0
 codec:
-  class: com.yami.shop.common.serializer.redisson.FstCodec
+  class: org.redisson.codec.KryoCodec
-transportMode: NIO
+transportMode: NIO
--- a/yami-shop-bean/src/main/java/com/yami/shop/bean/enums/SendType.java
+++ b/yami-shop-bean/src/main/java/com/yami/shop/bean/enums/SendType.java
@ -0,0 +1,66 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.bean.enums;
 /**
 * @author lh
 */
 public enum SendType {
    /**
     * 用户注册验证码
     */
    REGISTER(12, 1,"用户注册验证码"),
    /**
     * 发送登录验证码
     */
    LOGIN(13, 1,"发送登录验证码"),
    /**
     * 修改密码验证码
     */
    UPDATE_PASSWORD(14, 1,"修改密码验证码"),
    /**
     * 身份验证验证码
     */
    VALID(15, 1,"身份验证验证码")
    ;
    private Integer value;
    /**
     * 1为全部平台发送的消息，2为根据情况
     */
    private Integer type;
    private String desc;
    SendType(Integer value, Integer type, String desc) {
        this.value = value;
        this.type = type;
        this.desc = desc;
    }
    public Integer getValue() {
        return value;
    }
    public String getDesc() {
        return desc;
    }
    public static SendType instance(Integer value) {
        SendType[] enums = values();
        for (SendType statusEnum : enums) {
            if (statusEnum.getValue().equals(value)) {
                return statusEnum;
            }
        }
        return null;
    }
    public Integer getType() {
        return type;
    }
 }
--- a/yami-shop-bean/src/main/java/com/yami/shop/bean/param/UserRegisterParam.java
+++ b/yami-shop-bean/src/main/java/com/yami/shop/bean/param/UserRegisterParam.java
@ -14,12 +14,15 @@ import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 /**
 * @author lh
 */
@Data
@ApiModel(value= "设置用户信息")
 public class UserRegisterParam {
 	@ApiModelProperty(value = "密码")
-	private String password;
+	private String passWord;
 	@ApiModelProperty(value = "邮箱")
 	private String userMail;
@ -30,30 +33,18 @@ public class UserRegisterParam {
 	@ApiModelProperty(value = "用户名")
 	private String userName;
 	@ApiModelProperty(value = "应用类型 1小程序 2微信公众号 3 PC 4 h5")
 	private Integer appType;
 	@ApiModelProperty(value = "手机号")
 	private String mobile;
 	@ApiModelProperty(value = "验证码")
 	private String validCode;
 	@ApiModelProperty(value = "微信小程序的encryptedData")
 	private String encryptedData;
 	@ApiModelProperty(value = "微信小程序的ivStr")
 	private String ivStr;
 	@ApiModelProperty(value = "头像")
 	private String img;
 	@ApiModelProperty(value = "校验登陆注册验证码成功的标识")
 	private String checkRegisterSmsFlag;
-	@ApiModelProperty(value = "验证类型 1验证码验证 2 小程序encryptedData验证 3 密码验证 ")
+	@ApiModelProperty(value = "当账户未绑定时，临时的uid")
-	private Integer validateType;
+	private String tempUid;
-	@ApiModelProperty(value = "验证类型 1注册 2绑定 ")
+	@ApiModelProperty(value = "用户id")
-	private Integer registerOrBind;
+	private Long userId;
 }
--- a/yami-shop-common/pom.xml
+++ b/yami-shop-common/pom.xml
@ -82,8 +82,8 @@
            <artifactId>emoji-java</artifactId>
        </dependency>
        <dependency>
-            <groupId>de.ruedigermoeller</groupId>
+            <groupId>com.esotericsoftware</groupId>
-            <artifactId>fst</artifactId>
+            <artifactId>kryo</artifactId>
        </dependency>
        <dependency>
            <groupId>com.github.binarywang</groupId>
@ -97,5 +97,9 @@
            <groupId>com.github.binarywang</groupId>
            <artifactId>weixin-java-mp</artifactId>
        </dependency>
        <dependency>
            <groupId>com.alibaba</groupId>
            <artifactId>transmittable-thread-local</artifactId>
        </dependency>
    </dependencies>
 </project>
--- a/yami-shop-common/src/main/java/com/yami/shop/common/config/DefaultExceptionHandlerConfig.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/config/DefaultExceptionHandlerConfig.java
@ -11,6 +11,7 @@
 package com.yami.shop.common.config;
 import com.yami.shop.common.exception.YamiShopBindException;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Controller;
@ -23,6 +24,7 @@ import org.springframework.web.bind.annotation.RestControllerAdvice;
 * 自定义错误处理器
 * @author LGH
 */
@Slf4j
@Controller
@RestControllerAdvice
 public class DefaultExceptionHandlerConfig {
@ -30,20 +32,20 @@ public class DefaultExceptionHandlerConfig {
    @ExceptionHandler(BindException.class)
    public ResponseEntity<String> bindExceptionHandler(BindException e){
-        e.printStackTrace();
+        log.error("BindException:", e);
        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(e.getBindingResult().getFieldErrors().get(0).getDefaultMessage());
    }
    @ExceptionHandler(MethodArgumentNotValidException.class)
    public ResponseEntity<String> methodArgumentNotValidExceptionHandler(MethodArgumentNotValidException e){
-        e.printStackTrace();
+        log.error("MethodArgumentNotValidException:", e);
        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(e.getBindingResult().getFieldErrors().get(0).getDefaultMessage());
    }
    @ExceptionHandler(YamiShopBindException.class)
    public ResponseEntity<String> unauthorizedExceptionHandler(YamiShopBindException e){
-        e.printStackTrace();
+        log.error("YamiShopBindException Message :{}",e.getMessage());
        return ResponseEntity.status(e.getHttpStatusCode()).body(e.getMessage());
    }
 }
--- a/yami-shop-common/src/main/java/com/yami/shop/common/config/RedisCacheConfig.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/config/RedisCacheConfig.java
@ -10,11 +10,7 @@
 package com.yami.shop.common.config;
-import java.time.Duration;
+import com.yami.shop.common.serializer.redis.KryoRedisSerializer;
 import java.util.HashMap;
 import java.util.Map;
 import com.yami.shop.common.serializer.redis.FstRedisSerializer;
 import org.springframework.cache.CacheManager;
 import org.springframework.cache.annotation.EnableCaching;
 import org.springframework.context.annotation.Bean;
@ -24,7 +20,13 @@ import org.springframework.data.redis.cache.RedisCacheManager;
 import org.springframework.data.redis.cache.RedisCacheWriter;
 import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.data.redis.serializer.*;
+import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.data.redis.serializer.RedisSerializationContext;
 import org.springframework.data.redis.serializer.StringRedisSerializer;
 import java.time.Duration;
 import java.util.HashMap;
 import java.util.Map;
 /**
 * redis 缓存配置，仅当配置文件中spring.cache.type = redis时生效
@ -57,14 +59,11 @@ public class RedisCacheConfig  {
    }
    private RedisCacheConfiguration getRedisCacheConfigurationWithTtl(Integer seconds) {
        FstRedisSerializer kryoRedisSerializer = new FstRedisSerializer();
        RedisCacheConfiguration redisCacheConfiguration = RedisCacheConfiguration.defaultCacheConfig();
        redisCacheConfiguration = redisCacheConfiguration.serializeValuesWith(
                RedisSerializationContext
                        .SerializationPair
-                        .fromSerializer(kryoRedisSerializer)
+                        .fromSerializer(new KryoRedisSerializer<>())
        ).entryTtl(Duration.ofSeconds(seconds));
        return redisCacheConfiguration;
@ -72,14 +71,24 @@ public class RedisCacheConfig  {
    @Bean
    public RedisTemplate<String, Object> redisTemplate(RedisConnectionFactory redisConnectionFactory) {
        KryoRedisSerializer kryoRedisSerializer = new KryoRedisSerializer();
        RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();
        redisTemplate.setConnectionFactory(redisConnectionFactory);
        redisTemplate.setKeySerializer(new StringRedisSerializer());
        redisTemplate.setHashKeySerializer(new StringRedisSerializer());
-        redisTemplate.setValueSerializer(new FstRedisSerializer());
+        redisTemplate.setValueSerializer(kryoRedisSerializer);
-        redisTemplate.setHashValueSerializer(new FstRedisSerializer());
+        redisTemplate.setHashValueSerializer(kryoRedisSerializer);
        redisTemplate.setEnableTransactionSupport(false);
        redisTemplate.afterPropertiesSet();
        return redisTemplate;
    }
    @Bean
    public StringRedisTemplate stringRedisTemplate(RedisConnectionFactory redisConnectionFactory){
        StringRedisTemplate redisTemplate = new StringRedisTemplate(redisConnectionFactory);
        redisTemplate.setEnableTransactionSupport(false);
        return redisTemplate;
    }
 }
--- a/yami-shop-common/src/main/java/com/yami/shop/common/constants/OauthCacheNames.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/constants/OauthCacheNames.java
@ -0,0 +1,33 @@
 package com.yami.shop.common.constants;
 /**
 * @author 菠萝凤梨
 * @date 2022/3/28 14:32
 */
 public interface OauthCacheNames {
    /**
     * oauth 授权相关key
     */
    String OAUTH_PREFIX = "mall4j_oauth:";
    /**
     * token 授权相关key
     */
    String OAUTH_TOKEN_PREFIX = OAUTH_PREFIX + "token:";
    /**
     * 保存token 缓存使用key
     */
    String ACCESS = OAUTH_TOKEN_PREFIX + "access:";
    /**
     * 刷新token 缓存使用key
     */
    String REFRESH_TO_ACCESS = OAUTH_TOKEN_PREFIX + "refresh_to_access:";
    /**
     * 根据uid获取保存的token key缓存使用的key
     */
    String UID_TO_ACCESS = OAUTH_TOKEN_PREFIX + "uid_to_access:";
 }
--- a/yami-shop-common/src/main/java/com/yami/shop/common/enums/YamiHttpStatus.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/enums/YamiHttpStatus.java
@ -21,6 +21,9 @@ public enum YamiHttpStatus {
    UNAUTHORIZED(401, "未授权"),
    COUPONCANNOTUSETOGETHER(601, "优惠券不能共用"),
    SOCIAL_ACCOUNT_NOT_BIND(475, "social account not bind"),
    ACCOUNT_NOT_REGISTER(476, "account not register"),
    ;
--- a/yami-shop-common/src/main/java/com/yami/shop/common/exception/YamiShopBindException.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/exception/YamiShopBindException.java
@ -25,6 +25,8 @@ public class YamiShopBindException extends RuntimeException{
 	 */
 	private Integer httpStatusCode;
 	private Object object;
 	/**
 	 * @param httpStatus http状态码
@ -48,6 +50,11 @@ public class YamiShopBindException extends RuntimeException{
 		this.httpStatusCode = HttpStatus.BAD_REQUEST.value();
 	}
 	public YamiShopBindException(String msg, Object object) {
 		super(msg);
 		this.httpStatusCode = HttpStatus.BAD_REQUEST.value();
 		this.object = object;
 	}
 	public Integer getHttpStatusCode() {
 		return httpStatusCode;
--- a/yami-shop-common/src/main/java/com/yami/shop/common/filter/FilterConfig.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/filter/FilterConfig.java
@ -1,38 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.common.filter;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import javax.servlet.DispatcherType;
 /**
 * @author lgh
 */
@Configuration
 public class FilterConfig {
    @Bean
    public FilterRegistrationBean<XssFilter> filterRegistration() {
        FilterRegistrationBean<XssFilter> registration = new FilterRegistrationBean<>();
        //添加过滤器
        registration.setFilter(new XssFilter());
        //设置过滤路径，/*所有路径
        registration.addUrlPatterns("/*");
        registration.setName("xssFilter");
        //设置优先级
        registration.setOrder(Integer.MAX_VALUE);
        registration.setDispatcherTypes(DispatcherType.REQUEST);
        return registration;
    }
 }
--- a/yami-shop-common/src/main/java/com/yami/shop/common/filter/XssFilter.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/filter/XssFilter.java
@ -10,27 +10,22 @@
 package com.yami.shop.common.filter;
-import java.io.IOException;
+import com.yami.shop.common.xss.XssWrapper;
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Component;
-import com.yami.shop.common.xss.XssWrapper;
+import javax.servlet.*;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 /**
 * 一些简单的安全过滤：
 * xss
 * @author lgh
 */
@Component
 public class XssFilter implements Filter {
    Logger logger = LoggerFactory.getLogger(getClass().getName());
--- a/yami-shop-common/src/main/java/com/yami/shop/common/handler/HttpHandler.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/handler/HttpHandler.java
@ -0,0 +1,51 @@
 package com.yami.shop.common.handler;
 import cn.hutool.core.util.CharsetUtil;
 import com.yami.shop.common.exception.YamiShopBindException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.MediaType;
 import org.springframework.stereotype.Component;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.PrintWriter;
 /**
 * @author 菠萝凤梨
 * @date 2022/3/28 14:15
 */
@Component
 public class HttpHandler {
    private static final Logger logger = LoggerFactory.getLogger(HttpHandler.class);
    public <T> void printServerResponseToWeb(String str, int status) {
        ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder
                .getRequestAttributes();
        if (requestAttributes == null) {
            logger.error("requestAttributes is null, can not print to web");
            return;
        }
        HttpServletResponse response = requestAttributes.getResponse();
        if (response == null) {
            logger.error("httpServletResponse is null, can not print to web");
            return;
        }
        logger.error("response error: " + str);
        response.setCharacterEncoding(CharsetUtil.UTF_8);
        response.setContentType(MediaType.APPLICATION_JSON_VALUE);
        response.setStatus(status);
        PrintWriter printWriter = null;
        try {
            printWriter = response.getWriter();
            printWriter.write(str);
        }
        catch (IOException e) {
            throw new YamiShopBindException("io 异常", e);
        }
    }
 }
--- a/yami-shop-common/src/main/java/com/yami/shop/common/serializer/FSTSerializer.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/serializer/FSTSerializer.java
@ -1,107 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.common.serializer;
 import org.nustaq.serialization.FSTConfiguration;
 import org.nustaq.serialization.FSTDecoder;
 import org.nustaq.serialization.FSTEncoder;
 import org.nustaq.serialization.coders.FSTStreamDecoder;
 import org.nustaq.serialization.coders.FSTStreamEncoder;
 import java.io.IOException;
 import java.lang.reflect.Field;
 /**
 * 使用fts进行序列化
 * @author LGH
 */
 public class FSTSerializer {
    static class FSTDefaultStreamCoderFactory implements FSTConfiguration.StreamCoderFactory {
        Field chBufField;
        Field ascStringCacheField;
        {
            try {
                chBufField = FSTStreamDecoder.class.getDeclaredField("chBufS");
                ascStringCacheField = FSTStreamDecoder.class.getDeclaredField("ascStringCache");
            } catch (Exception e) {
                throw new IllegalStateException(e);
            }
            ascStringCacheField.setAccessible(true);
            chBufField.setAccessible(true);
        }
        private FSTConfiguration fstConfiguration;
        FSTDefaultStreamCoderFactory(FSTConfiguration fstConfiguration) {
            this.fstConfiguration = fstConfiguration;
        }
        @Override
        public FSTEncoder createStreamEncoder() {
            return new FSTStreamEncoder(fstConfiguration);
        }
        @Override
        public FSTDecoder createStreamDecoder() {
            return new FSTStreamDecoder(fstConfiguration) {
                @Override
                public String readStringUTF() throws IOException {
                    try {
                        String res = super.readStringUTF();
                        chBufField.set(this, null);
                        return res;
                    } catch (Exception e) {
                        throw new IOException(e);
                    }
                }
                @Override
                public String readStringAsc() throws IOException {
                    try {
                        String res = super.readStringAsc();
                        ascStringCacheField.set(this, null);
                        return res;
                    } catch (Exception e) {
                        throw new IOException(e);
                    }
                }
            };
        }
        static ThreadLocal input = new ThreadLocal();
        static ThreadLocal output = new ThreadLocal();
        @Override
        public ThreadLocal getInput() {
            return input;
        }
        @Override
        public ThreadLocal getOutput() {
            return output;
        }
    }
    private static class InstanceHolder {
        private static final FSTConfiguration INSTANCE = FSTConfiguration.createDefaultConfiguration();
        static {
            INSTANCE.setStreamCoderFactory(new FSTDefaultStreamCoderFactory(INSTANCE));
        }
    }
    public FSTConfiguration getConfig() {
        return InstanceHolder.INSTANCE;
    }
 }
--- a/yami-shop-common/src/main/java/com/yami/shop/common/serializer/redis/FstRedisSerializer.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/serializer/redis/FstRedisSerializer.java
@ -1,47 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.common.serializer.redis;
 import com.yami.shop.common.serializer.FSTSerializer;
 import lombok.SneakyThrows;
 import org.springframework.data.redis.serializer.RedisSerializer;
 import org.springframework.lang.Nullable;
 /**
 * 使用fst 进行reids的序列化
 * @author LGH
 */
 public class FstRedisSerializer implements RedisSerializer<Object> {
    private static final byte[] EMPTY_ARRAY = new byte[0];
    @Override
    @SneakyThrows
    public byte[] serialize(Object o) {
        if (o == null) {
            return EMPTY_ARRAY;
        }
        return new FSTSerializer().getConfig().asByteArray(o);
    }
    @Override
    @SneakyThrows
    public Object deserialize(byte[] bytes) {
        if (isEmpty(bytes)) {
            return null;
        }
        return new FSTSerializer().getConfig().asObject(bytes);
    }
    private static boolean isEmpty(@Nullable byte[] data) {
        return (data == null || data.length == 0);
    }
 }
--- a/yami-shop-common/src/main/java/com/yami/shop/common/serializer/redis/KryoRedisSerializer.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/serializer/redis/KryoRedisSerializer.java
@ -0,0 +1,74 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.common.serializer.redis;
 import com.esotericsoftware.kryo.Kryo;
 import com.esotericsoftware.kryo.io.Input;
 import com.esotericsoftware.kryo.io.Output;
 import lombok.extern.slf4j.Slf4j;
 import org.redisson.codec.KryoCodec;
 import org.springframework.data.redis.serializer.RedisSerializer;
 import org.springframework.data.redis.serializer.SerializationException;
 import java.io.ByteArrayOutputStream;
 import java.util.Collections;
 /**
 * 使用Kryo 进行reids的序列化
 * @author LGH
 */
@Slf4j
 public class KryoRedisSerializer<T> implements RedisSerializer<T> {
    private final KryoCodec kryoPool;
    public KryoRedisSerializer() {
        kryoPool = new KryoCodec(Collections.emptyList(), null);
    }
    private static final byte[] EMPTY_BYTE_ARRAY = new byte[0];
    @Override
    public byte[] serialize(T t) throws SerializationException {
        if (t == null) {
            return EMPTY_BYTE_ARRAY;
        }
        Kryo kryo = kryoPool.get();
        try (ByteArrayOutputStream baos = new ByteArrayOutputStream();
             Output output = new Output(baos)) {
            kryo.writeClassAndObject(output, t);
            output.flush();
            return baos.toByteArray();
        } catch (Exception e) {
            log.error(e.getMessage(), e);
        }
        return EMPTY_BYTE_ARRAY;
    }
    @Override
    @SuppressWarnings("unchecked")
    public T deserialize(byte[] bytes) throws SerializationException {
        if (bytes == null || bytes.length <= 0) {
            return null;
        }
        Kryo kryo = kryoPool.get();
        try (Input input = new Input(bytes)) {
            return (T) kryo.readClassAndObject(input);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
        }
        return null;
    }
 }
--- a/yami-shop-common/src/main/java/com/yami/shop/common/serializer/redisson/FstCodec.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/serializer/redisson/FstCodec.java
@ -1,104 +0,0 @@
 /*
 * Copyright (c) 2018-2999 广州市蓝海创新科技有限公司 All rights reserved.
 *
 * https://www.mall4j.com/
 *
 * 未经允许，不可做商业用途！
 *
 * 版权所有，侵权必究！
 */
 package com.yami.shop.common.serializer.redisson;
 import java.io.IOException;
 import com.yami.shop.common.serializer.FSTSerializer;
 import org.nustaq.serialization.FSTConfiguration;
 import org.nustaq.serialization.FSTObjectInput;
 import org.nustaq.serialization.FSTObjectOutput;
 import org.redisson.client.codec.BaseCodec;
 import org.redisson.client.handler.State;
 import org.redisson.client.protocol.Decoder;
 import org.redisson.client.protocol.Encoder;
 import io.netty.buffer.ByteBuf;
 import io.netty.buffer.ByteBufAllocator;
 import io.netty.buffer.ByteBufInputStream;
 import io.netty.buffer.ByteBufOutputStream;
 /**
 * 被redisson使用
 * Efficient and speedy serialization codec fully
 * compatible with JDK Serialization codec.
 *
 * https://github.com/RuedigerMoeller/fast-serialization
 *
 * @author Nikita Koksharov
 *
 */
 public class FstCodec extends BaseCodec {
    private final FSTConfiguration config;
    public FstCodec() {
        config = new FSTSerializer().getConfig();
    }
    private final Decoder<Object> decoder = new Decoder<Object>() {
        @Override
        public Object decode(ByteBuf buf, State state) throws IOException {
            ByteBufInputStream in = new ByteBufInputStream(buf);
            FSTObjectInput inputStream = config.getObjectInput(in);
            try {
                return inputStream.readObject();
            } catch (IOException e) {
                throw e;
            } catch (Exception e) {
                throw new IOException(e);
            }
        }
    };
    private final Encoder encoder = new Encoder() {
        @Override
        public ByteBuf encode(Object in) throws IOException {
            ByteBuf out = ByteBufAllocator.DEFAULT.buffer();
            ByteBufOutputStream os = new ByteBufOutputStream(out);
            FSTObjectOutput oos = config.getObjectOutput(os);
            try {
                oos.writeObject(in);
                oos.flush();
                return os.buffer();
            } catch (IOException e) {
                out.release();
                throw e;
            } catch (Exception e) {
                out.release();
                throw new IOException(e);
            }
        }
    };
    @Override
    public Decoder<Object> getValueDecoder() {
        return decoder;
    }
    @Override
    public Encoder getValueEncoder() {
        return encoder;
    }
    @Override
    public ClassLoader getClassLoader() {
        if (config.getClassLoader() != null) {
            return config.getClassLoader();
        }
        return super.getClassLoader();
    }
 }
--- a/yami-shop-common/src/main/java/com/yami/shop/common/util/Json.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/util/Json.java
@ -11,23 +11,20 @@
 package com.yami.shop.common.util;
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
 import com.fasterxml.jackson.annotation.JsonAutoDetect;
 import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.annotation.PropertyAccessor;
 import com.fasterxml.jackson.core.JsonGenerator;
 import com.fasterxml.jackson.core.JsonGenerator.Feature;
 import com.fasterxml.jackson.core.JsonParser;
 import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.*;
+import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.SerializationFeature;
 import lombok.extern.slf4j.Slf4j;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
@Slf4j
 public class Json {
    private static ObjectMapper objectMapper = new ObjectMapper();
@ -80,7 +77,7 @@ public class Json {
 		try {
 			return objectMapper.writeValueAsString(object);
 		} catch (JsonProcessingException e) {
-			e.printStackTrace();
+			log.error("对象转json错误：", e);
 		}
 		return null;
 	}
@ -96,7 +93,7 @@ public class Json {
 		try {
 			result = objectMapper.readValue(json, clazz);
 		} catch (Exception e) {
-			e.printStackTrace();
+			log.error("对象转json错误：", e);
 		}
 		return result;
 	}
@ -117,7 +114,7 @@ public class Json {
 		try {
 			result = objectMapper.readValue(json, clazz);
 		} catch (Exception e) {
-			e.printStackTrace();
+			log.error("Json转换错误：", e);
 		}
 		if (result == null) {
 			return Collections.emptyList();
@ -136,18 +133,8 @@ public class Json {
 		try {
 			jsonNode = objectMapper.readTree(jsonStr);
 		} catch (Exception e) {
-			e.printStackTrace();
+			log.error("Json转换错误：", e);
 		}
 		return jsonNode;
 	}
 //	public static void main(String[] args){
 //		String arr = "[1.01,1.03,1.23]";
 //
 //		List<Double> doubles = parseArray(arr, Double[].class);
 //		for (Double aDouble : doubles) {
 //			System.out.println(aDouble);
 //		}
 //
 //	}
 }
--- a/yami-shop-common/src/main/java/com/yami/shop/common/util/PageAdapter.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/util/PageAdapter.java
@ -14,6 +14,9 @@ import cn.hutool.core.util.PageUtil;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import lombok.Data;
 /**
 * @author lh
 */
@Data
 public class PageAdapter{
@ -22,7 +25,7 @@ public class PageAdapter{
    private int size;
    public PageAdapter(Page page) {
-        int[] startEnd = PageUtil.transToStartEnd((int) page.getCurrent(), (int) page.getSize());
+        int[] startEnd = PageUtil.transToStartEnd((int) page.getCurrent() - 1, (int) page.getSize());
        this.begin = startEnd[0];
        this.size = (int)page.getSize();
    }
--- a/yami-shop-common/src/main/java/com/yami/shop/common/util/PrincipalUtil.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/util/PrincipalUtil.java
@ -20,6 +20,11 @@ public class PrincipalUtil {
     */
    public static final String USER_NAME_REGEXP = "([a-zA-Z0-9_]{4,16})";
    /**
     * 由简单的字母数字拼接而成的字符串 不含有下划线，大写字母
     */
    public static final String SIMPLE_CHAR_REGEXP = "([a-z0-9]+)";
    public static boolean isMobile(String value) {
        if(StrUtil.isBlank(value)) {
            return false;
@ -33,4 +38,20 @@ public class PrincipalUtil {
        }
        return Pattern.matches(USER_NAME_REGEXP, value);
    }
    public static boolean isMatching(String regexp, String value) {
        if (StrUtil.isBlank(value)) {
            return false;
        }
        return Pattern.matches(regexp, value);
    }
    /**
     * 是否是由简单的字母数字拼接而成的字符串
     * @param value 输入值
     * @return 匹配结果
     */
    public static boolean isSimpleChar(String value) {
        return isMatching(SIMPLE_CHAR_REGEXP, value);
    }
 }
--- a/yami-shop-common/src/main/java/com/yami/shop/common/util/RedisUtil.java
+++ b/yami-shop-common/src/main/java/com/yami/shop/common/util/RedisUtil.java
@ -10,97 +10,107 @@
 package com.yami.shop.common.util;
-import java.util.List;
+import lombok.extern.slf4j.Slf4j;
 import java.util.Map;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.util.CollectionUtils;
 import java.util.concurrent.TimeUnit;
 /**
 * @author lh
 */
@Slf4j
 public class RedisUtil {
-    private static RedisTemplate<String,Object> redisTemplate = SpringContextUtils.getBean("redisTemplate",RedisTemplate.class);
+    private static RedisTemplate<String, Object> redisTemplate = SpringContextUtils.getBean("redisTemplate", RedisTemplate.class);
-    
+
    //=============================common============================
    /**
     * 指定缓存失效时间
-     * @param key 键
+     *
+