首页 发现 帮助
注册 登录
usoft
/
saas-platform
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

运营服务

yingp 7 年之前
父节点
b6c15a56a9
当前提交
87cab4cf95
共有 20 个文件被更改,包括 802 次插入0 次删除
分列视图 显示文件统计
  1. 82 0
      applications/operation/operation-auth-server/pom.xml
  2. 6 0
      applications/operation/operation-auth-server/src/main/docker/Dockerfile
  3. 23 0
      applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/OperationAuthApplication.java
  4. 58 0
      applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/config/AuthConfig.java
  5. 103 0
      applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/controller/AuthController.java
  6. 17 0
      applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/mapper/AuthorizeLogMapper.java
  7. 117 0
      applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/po/AuthorizeLog.java
  8. 68 0
      applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/service/AuthorizeCountService.java
  9. 17 0
      applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/service/AuthorizeLogService.java
  10. 26 0
      applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/service/impl/AuthorizeLogServiceImpl.java
  11. 86 0
      applications/operation/operation-auth-server/src/main/resources/application.yml
  12. 二进制
      applications/operation/operation-auth-server/src/main/resources/auth/pri.key
  13. 12 0
      applications/operation/operation-auth-server/src/main/resources/config/application-docker-dev.yml
  14. 23 0
      applications/operation/operation-auth-server/src/main/resources/config/application-docker-prod.yml
  15. 106 0
      applications/operation/operation-auth-server/src/main/resources/logback-spring.xml
  16. 9 0
      applications/operation/operation-auth-server/src/main/resources/mapper/AuthorizeLogMapper.xml
  17. 15 0
      applications/operation/operation-server/pom.xml
  18. 20 0
      applications/operation/pom.xml
  19. 1 0
      applications/pom.xml
  20. 13 0
      base-servers/gateway-server/src/main/resources/application.yml

+ 82 - 0
applications/operation/operation-auth-server/pom.xml
查看文件 

@@ -0,0 +1,82 @@
 
+<?xml version="1.0" encoding="UTF-8"?>
 
+<project xmlns="http://maven.apache.org/POM/4.0.0"
 
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 
+    <parent>
 
+        <artifactId>operation</artifactId>
 
+        <groupId>com.usoftchina.saas</groupId>
 
+        <version>1.0.0-SNAPSHOT</version>
 
+    </parent>
 
+    <modelVersion>4.0.0</modelVersion>
 
+
 
+    <artifactId>operation-auth-server</artifactId>
 
+    <dependencies>
 
+        <dependency>
 
+            <groupId>com.usoftchina.saas</groupId>
 
+            <artifactId>auth-dto</artifactId>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>com.usoftchina.saas</groupId>
 
+            <artifactId>auth-common</artifactId>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>com.usoftchina.saas</groupId>
 
+            <artifactId>account-api</artifactId>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>com.usoftchina.saas</groupId>
 
+            <artifactId>server-starter</artifactId>
 
+        </dependency>
 
+        <!-- db -->
 
+        <dependency>
 
+            <groupId>mysql</groupId>
 
+            <artifactId>mysql-connector-java</artifactId>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>org.mybatis.spring.boot</groupId>
 
+            <artifactId>mybatis-spring-boot-starter</artifactId>
 
+        </dependency>
 
+        <!-- api doc -->
 
+        <dependency>
 
+            <groupId>io.springfox</groupId>
 
+            <artifactId>springfox-swagger-ui</artifactId>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>io.springfox</groupId>
 
+            <artifactId>springfox-swagger2</artifactId>
 
+        </dependency>
 
+
 
+        <!-- sleuth -->
 
+        <dependency>
 
+            <groupId>org.springframework.cloud</groupId>
 
+            <artifactId>spring-cloud-starter-zipkin</artifactId>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>org.springframework.amqp</groupId>
 
+            <artifactId>spring-rabbit</artifactId>
 
+        </dependency>
 
+        <dependency>
 
+            <groupId>net.logstash.logback</groupId>
 
+            <artifactId>logstash-logback-encoder</artifactId>
 
+        </dependency>
 
+        <!-- test -->
 
+        <dependency>
 
+            <groupId>com.usoftchina.saas</groupId>
 
+            <artifactId>test-starter</artifactId>
 
+        </dependency>
 
+    </dependencies>
 
+
 
+    <build>
 
+        <plugins>
 
+            <plugin>
 
+                <groupId>org.springframework.boot</groupId>
 
+                <artifactId>spring-boot-maven-plugin</artifactId>
 
+            </plugin>
 
+            <plugin>
 
+                <groupId>com.spotify</groupId>
 
+                <artifactId>docker-maven-plugin</artifactId>
 
+            </plugin>
 
+        </plugins>
 
+    </build>
 
+
 
+</project>

+ 6 - 0
applications/operation/operation-auth-server/src/main/docker/Dockerfile
查看文件 

@@ -0,0 +1,6 @@
 
+FROM frolvlad/alpine-oraclejdk8:slim
 
+VOLUME /tmp
 
+ADD operation-auth-server-1.0.0-SNAPSHOT.jar app.jar
 
+RUN sh -c 'touch /app.jar'
 
+ENV JAVA_OPTS=""
 
+ENTRYPOINT [ "sh", "-c", "java $JAVA_OPTS -Djava.security.egd=file:/dev/./urandom -jar /app.jar" ]

+ 23 - 0
applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/OperationAuthApplication.java
查看文件 

@@ -0,0 +1,23 @@
 
+package com.usoftchina.saas.operation.auth;
 
+
 
+import org.mybatis.spring.annotation.MapperScan;
 
+import org.springframework.boot.SpringApplication;
 
+import org.springframework.boot.autoconfigure.SpringBootApplication;
 
+import org.springframework.cloud.netflix.eureka.EnableEurekaClient;
 
+import org.springframework.cloud.openfeign.EnableFeignClients;
 
+
 
+/**
 
+ * @author yingp
 
+ * @date 2019/1/3
 
+ */
 
+@SpringBootApplication
 
+@EnableEurekaClient
 
+@EnableFeignClients(basePackages = {
 
+        "com.usoftchina.saas.account.api"
 
+})
 
+@MapperScan(basePackages = "com.usoftchina.saas.operation.auth.mapper")
 
+public class OperationAuthApplication {
 
+    public static void main(String[] args) {
 
+        SpringApplication.run(OperationAuthApplication.class, args);
 
+    }
 
+}

+ 58 - 0
applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/config/AuthConfig.java
查看文件 

@@ -0,0 +1,58 @@
 
+package com.usoftchina.saas.operation.auth.config;
 
+
 
+import org.springframework.boot.context.properties.ConfigurationProperties;
 
+
 
+import java.util.List;
 
+
 
+/**
 
+ * @author yingp
 
+ * @date 2019/1/3
 
+ */
 
+@ConfigurationProperties("auth")
 
+public class AuthConfig {
 
+    private String privateKey;
 
+    private String authHeader = "Authorization";
 
+    private List<Long> companies;
 
+    private int expire = 18000;
 
+    private int maxErrors = 5;
 
+
 
+    public String getPrivateKey() {
 
+        return privateKey;
 
+    }
 
+
 
+    public void setPrivateKey(String privateKey) {
 
+        this.privateKey = privateKey;
 
+    }
 
+
 
+    public String getAuthHeader() {
 
+        return authHeader;
 
+    }
 
+
 
+    public void setAuthHeader(String authHeader) {
 
+        this.authHeader = authHeader;
 
+    }
 
+
 
+    public List<Long> getCompanies() {
 
+        return companies;
 
+    }
 
+
 
+    public void setCompanies(List<Long> companies) {
 
+        this.companies = companies;
 
+    }
 
+
 
+    public int getExpire() {
 
+        return expire;
 
+    }
 
+
 
+    public void setExpire(int expire) {
 
+        this.expire = expire;
 
+    }
 
+
 
+    public int getMaxErrors() {
 
+        return maxErrors;
 
+    }
 
+
 
+    public void setMaxErrors(int maxErrors) {
 
+        this.maxErrors = maxErrors;
 
+    }
 
+}

+ 103 - 0
applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/controller/AuthController.java
查看文件 

@@ -0,0 +1,103 @@
 
+package com.usoftchina.saas.operation.auth.controller;
 
+
 
+import com.usoftchina.saas.account.api.AccountApi;
 
+import com.usoftchina.saas.account.dto.AccountDTO;
 
+import com.usoftchina.saas.account.dto.CompanyBaseDTO;
 
+import com.usoftchina.saas.auth.common.jwt.JwtHelper;
 
+import com.usoftchina.saas.auth.common.jwt.JwtInfo;
 
+import com.usoftchina.saas.auth.common.jwt.JwtToken;
 
+import com.usoftchina.saas.auth.dto.AuthDTO;
 
+import com.usoftchina.saas.auth.dto.TokenDTO;
 
+import com.usoftchina.saas.base.Result;
 
+import com.usoftchina.saas.cache.CacheKeyHelper;
 
+import com.usoftchina.saas.exception.ExceptionCode;
 
+import com.usoftchina.saas.operation.auth.config.AuthConfig;
 
+import com.usoftchina.saas.operation.auth.po.AuthorizeLog;
 
+import com.usoftchina.saas.operation.auth.service.AuthorizeCountService;
 
+import com.usoftchina.saas.operation.auth.service.AuthorizeLogService;
 
+import com.usoftchina.saas.utils.BeanMapper;
 
+import com.usoftchina.saas.utils.CollectionUtils;
 
+import com.usoftchina.saas.utils.RedisUtil;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
 
+import org.springframework.web.bind.annotation.PostMapping;
 
+import org.springframework.web.bind.annotation.RequestMapping;
 
+import org.springframework.web.bind.annotation.RequestParam;
 
+import org.springframework.web.bind.annotation.RestController;
 
+
 
+import javax.servlet.http.HttpServletRequest;
 
+import java.util.Optional;
 
+
 
+/**
 
+ * @author yingp
 
+ * @date 2019/1/3
 
+ */
 
+@RestController
 
+@RequestMapping
 
+@EnableConfigurationProperties(AuthConfig.class)
 
+public class AuthController {
 
+
 
+    @Autowired
 
+    private AccountApi accountApi;
 
+
 
+    @Autowired
 
+    private AuthConfig authConfig;
 
+
 
+    @Autowired
 
+    private AuthorizeCountService authorizeCountService;
 
+
 
+    @Autowired
 
+    private AuthorizeLogService authorizeLogService;
 
+
 
+    /**
 
+     * 登录认证获取token
 
+     *
 
+     * @param username
 
+     * @param password
 
+     * @return
 
+     */
 
+    @PostMapping("/authorize")
 
+    public Result<AuthDTO> authorize(HttpServletRequest request, @RequestParam String username, @RequestParam String password) {
 
+        // 非法操作(登录失败次数过多...)导致被冻结
 
+        if (authorizeCountService.isFrozen(username)) {
 
+            return Result.error(ExceptionCode.AUTH_FROZEN);
 
+        }
 
+        Result<AccountDTO> result = accountApi.validByUsernameAndPwd(username, password);
 
+        if (result.isSuccess()) {
 
+            authorizeCountService.clear(username);
 
+
 
+            AccountDTO accountDTO = result.getData();
 
+            if (!CollectionUtils.isEmpty(accountDTO.getCompanies())) {
 
+                return Result.error(ExceptionCode.USER_NOT_ENABLE);
 
+            }
 
+            // 是否绑定到了允许登录运营系统的公司
 
+            Optional<CompanyBaseDTO> companyDTO = accountDTO.getCompanies().stream()
 
+                    .filter(c -> authConfig.getCompanies().stream().anyMatch(id -> id.equals(c.getId())))
 
+                    .findFirst();
 
+            if (!companyDTO.isPresent()) {
 
+                return Result.error(ExceptionCode.USER_NOT_ENABLE);
 
+            }
 
+            String appId = "operation";
 
+
 
+            JwtInfo info = new JwtInfo(appId, companyDTO.get().getId(), accountDTO.getId(), accountDTO.getUsername(), accountDTO.getRealname());
 
+            JwtToken jwtToken = JwtHelper.generateToken(info, authConfig.getPrivateKey(), authConfig.getExpire());
 
+            TokenDTO tokenDTO = BeanMapper.map(jwtToken, TokenDTO.class);
 
+            // 登录成功记入redis
 
+            String key = CacheKeyHelper.generatePublicKey(tokenDTO.getToken());
 
+            RedisUtil.set(key, info, authConfig.getExpire());
 
+            // 登录日志
 
+            authorizeLogService.save(AuthorizeLog.from(request)
 
+                    .setAccountId(accountDTO.getId())
 
+                    .setAppId(appId).build());
 
+            return Result.success(new AuthDTO(tokenDTO, accountDTO));
 
+        } else {
 
+            // 失败次数超过最大限制
 
+            if (authorizeCountService.increaseAndGet(username) > authConfig.getMaxErrors()) {
 
+                return Result.error(ExceptionCode.AUTH_MAX_ERRORS);
 
+            }
 
+        }
 
+        return Result.error(result.getCode(), result.getMessage());
 
+    }
 
+
 
+
 
+}

+ 17 - 0
applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/mapper/AuthorizeLogMapper.java
查看文件 

@@ -0,0 +1,17 @@
 
+package com.usoftchina.saas.operation.auth.mapper;
 
+
 
+import com.usoftchina.saas.operation.auth.po.AuthorizeLog;
 
+
 
+/**
 
+ * @author yingp
 
+ * @date 2018/11/6
 
+ */
 
+public interface AuthorizeLogMapper {
 
+    /**
 
+     * 保存
 
+     *
 
+     * @param authorizeLog
 
+     * @return
 
+     */
 
+    int insert(AuthorizeLog authorizeLog);
 
+}

+ 117 - 0
applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/po/AuthorizeLog.java
查看文件 

@@ -0,0 +1,117 @@
 
+package com.usoftchina.saas.operation.auth.po;
 
+
 
+import javax.servlet.http.HttpServletRequest;
 
+import java.io.Serializable;
 
+import java.util.Date;
 
+
 
+/**
 
+ * @author yingp
 
+ * @date 2018/11/6
 
+ */
 
+public class AuthorizeLog implements Serializable{
 
+    private Long id;
 
+    private Long accountId;
 
+    private String clientIp;
 
+    private String userAgent;
 
+    private Date loginTime;
 
+    private String appId;
 
+
 
+    public AuthorizeLog() {
 
+    }
 
+
 
+    public AuthorizeLog(Long accountId, String clientIp, String userAgent, String appId) {
 
+        this.accountId = accountId;
 
+        this.clientIp = clientIp;
 
+        this.userAgent = userAgent;
 
+        this.loginTime = new Date();
 
+        this.appId = appId;
 
+    }
 
+
 
+    public Long getId() {
 
+        return id;
 
+    }
 
+
 
+    public void setId(Long id) {
 
+        this.id = id;
 
+    }
 
+
 
+    public Long getAccountId() {
 
+        return accountId;
 
+    }
 
+
 
+    public void setAccountId(Long accountId) {
 
+        this.accountId = accountId;
 
+    }
 
+
 
+    public String getClientIp() {
 
+        return clientIp;
 
+    }
 
+
 
+    public void setClientIp(String clientIp) {
 
+        this.clientIp = clientIp;
 
+    }
 
+
 
+    public String getUserAgent() {
 
+        return userAgent;
 
+    }
 
+
 
+    public void setUserAgent(String userAgent) {
 
+        this.userAgent = userAgent;
 
+    }
 
+
 
+    public Date getLoginTime() {
 
+        return loginTime;
 
+    }
 
+
 
+    public void setLoginTime(Date loginTime) {
 
+        this.loginTime = loginTime;
 
+    }
 
+
 
+    public String getAppId() {
 
+        return appId;
 
+    }
 
+
 
+    public void setAppId(String appId) {
 
+        this.appId = appId;
 
+    }
 
+
 
+    public static Builder from(HttpServletRequest request) {
 
+        return new Builder(request);
 
+    }
 
+
 
+    public static class Builder {
 
+        private Long accountId;
 
+        private String clientIp;
 
+        private String userAgent;
 
+        private String appId;
 
+
 
+        public Builder(HttpServletRequest request) {
 
+            this.clientIp = request.getRemoteAddr();
 
+            this.userAgent = request.getHeader("User-Agent");
 
+        }
 
+
 
+        public Builder setAccountId(Long accountId) {
 
+            this.accountId = accountId;
 
+            return this;
 
+        }
 
+
 
+        public Builder setClientIp(String clientIp) {
 
+            this.clientIp = clientIp;
 
+            return this;
 
+        }
 
+
 
+        public Builder setUserAgent(String userAgent) {
 
+            this.userAgent = userAgent;
 
+            return this;
 
+        }
 
+
 
+        public Builder setAppId(String appId) {
 
+            this.appId = appId;
 
+            return this;
 
+        }
 
+
 
+        public AuthorizeLog build() {
 
+            return new AuthorizeLog(accountId, clientIp, userAgent, appId);
 
+        }
 
+    }
 
+}

+ 68 - 0
applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/service/AuthorizeCountService.java
查看文件 

@@ -0,0 +1,68 @@
 
+package com.usoftchina.saas.operation.auth.service;
 
+
 
+import com.usoftchina.saas.cache.CacheKeyHelper;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.beans.factory.annotation.Value;
 
+import org.springframework.data.redis.core.StringRedisTemplate;
 
+import org.springframework.stereotype.Service;
 
+
 
+import java.util.concurrent.TimeUnit;
 
+
 
+/**
 
+ * 登录失败记录
 
+ *
 
+ * @author yingp
 
+ * @date 2018/11/6
 
+ */
 
+@Service
 
+public class AuthorizeCountService {
 
+
 
+    @Autowired
 
+    private StringRedisTemplate redisTemplate;
 
+
 
+    @Value("${auth.max-errors:5}")
 
+    private int maxErrors;
 
+
 
+    /**
 
+     * 账户锁定时间
 
+     */
 
+    @Value("${auth.error-lock-time:30}")
 
+    private int lockTime;
 
+
 
+    /**
 
+     * 记录一次
 
+     *
 
+     * @param username
 
+     * @return
 
+     */
 
+    public Long increaseAndGet(String username) {
 
+        String key = generateKey(username);
 
+        Long value = redisTemplate.opsForValue().increment(key, 1);
 
+        redisTemplate.expire(key, lockTime, TimeUnit.MINUTES);
 
+        return value;
 
+    }
 
+
 
+    private String generateKey(String username) {
 
+        return CacheKeyHelper.generatePrivateKey("auth", "authorize", username);
 
+    }
 
+
 
+    /**
 
+     * 清零
 
+     *
 
+     * @param username
 
+     */
 
+    public void clear(String username) {
 
+        redisTemplate.delete(generateKey(username));
 
+    }
 
+
 
+    /**
 
+     * 账户是否冻结
 
+     *
 
+     * @param username
 
+     * @return
 
+     */
 
+    public boolean isFrozen(String username) {
 
+        Object value = redisTemplate.opsForValue().get(generateKey(username));
 
+        return null != value && Integer.parseInt(value.toString()) > maxErrors;
 
+    }
 
+}

+ 17 - 0
applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/service/AuthorizeLogService.java
查看文件 

@@ -0,0 +1,17 @@
 
+package com.usoftchina.saas.operation.auth.service;
 
+
 
+import com.usoftchina.saas.operation.auth.po.AuthorizeLog;
 
+
 
+/**
 
+ * @author yingp
 
+ * @date 2018/11/6
 
+ */
 
+public interface AuthorizeLogService {
 
+    /**
 
+     * 保存
 
+     *
 
+     * @param authorizeLog
 
+     * @return
 
+     */
 
+    boolean save(AuthorizeLog authorizeLog);
 
+}

+ 26 - 0
applications/operation/operation-auth-server/src/main/java/com/usoftchina/saas/operation/auth/service/impl/AuthorizeLogServiceImpl.java
查看文件 

@@ -0,0 +1,26 @@
 
+package com.usoftchina.saas.operation.auth.service.impl;
 
+
 
+import com.usoftchina.saas.operation.auth.mapper.AuthorizeLogMapper;
 
+import com.usoftchina.saas.operation.auth.po.AuthorizeLog;
 
+import com.usoftchina.saas.operation.auth.service.AuthorizeLogService;
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.scheduling.annotation.Async;
 
+import org.springframework.stereotype.Service;
 
+
 
+/**
 
+ * @author yingp
 
+ * @date 2018/11/6
 
+ */
 
+@Service
 
+public class AuthorizeLogServiceImpl implements AuthorizeLogService {
 
+
 
+    @Autowired
 
+    private AuthorizeLogMapper authorizeLogMapper;
 
+
 
+    @Override
 
+    @Async
 
+    public boolean save(AuthorizeLog authorizeLog) {
 
+        return authorizeLogMapper.insert(authorizeLog) > 0;
 
+    }
 
+
 
+}

+ 86 - 0
applications/operation/operation-auth-server/src/main/resources/application.yml
查看文件 

@@ -0,0 +1,86 @@
 
+spring:
 
+  profiles:
 
+    active: dev
 
+  application:
 
+    name: operation-auth-server
 
+  security:
 
+    user:
 
+      name: admin
 
+      password: select111***
 
+  rabbitmq:
 
+    host: 10.1.81.75
 
+    port: 5672
 
+    virtual-host: dev
 
+    username: saas
 
+    password: select123***
 
+  zipkin:
 
+    sender:
 
+      type: rabbit
 
+    locator:
 
+      discovery:
 
+        enabled: true
 
+  sleuth:
 
+    sampler:
 
+      probability: 1.0
 
+  datasource:
 
+    driver-class-name: com.mysql.cj.jdbc.Driver
 
+    url: jdbc:mysql://10.1.81.79:3306/saas_auth?characterEncoding=utf-8&useSSL=false
 
+    username: root
 
+    password: select111***
 
+    hikari:
 
+      minimum-idle: 5
 
+      maximum-pool-size: 50
 
+      idle-timeout: 30000
 
+      max-lifetime: 1800000
 
+      connection-timeout: 30000
 
+  redis:
 
+    host: 10.1.81.62
 
+    port: 6379
 
+  jackson:
 
+    date-format: yyyy-MM-dd HH:mm:ss
 
+    time-zone: GMT+8
 
+eureka:
 
+  instance:
 
+    leaseRenewalIntervalInSeconds: 10
 
+    health-check-url-path: /actuator/health
 
+    status-page-url-path: /actuator/info
 
+    prefer-ip-address: true
 
+    metadata-map:
 
+      user.name: ${spring.security.user.name}
 
+      user.password: ${spring.security.user.password}
 
+  client:
 
+    registryFetchIntervalSeconds: 5
 
+    serviceUrl:
 
+      defaultZone: http://${spring.security.user.name}:${spring.security.user.password}@10.1.81.61:8510/eureka/
 
+server:
 
+  port: 9020
 
+  tomcat:
 
+    uri-encoding: UTF-8
 
+management:
 
+  endpoints:
 
+    web:
 
+      exposure:
 
+        include: "*"
 
+  endpoint:
 
+    health:
 
+      show-details: always
 
+    shutdown:
 
+      enabled: true
 
+    restart:
 
+      enabled: true
 
+info:
 
+  name: '@project.artifactId@'
 
+  description: '@project.description@'
 
+  version: '@project.version@'
 
+  spring-boot-version: '@spring.boot.version@'
 
+  spring-cloud-version: '@spring.cloud.version@'
 
+mybatis:
 
+  type-aliases-package: com.usoftchina.saas.operation.auth.po
 
+  mapper-locations: classpath:mapper/*.xml
 
+auth:
 
+  private-key: auth/pri.key
 
+  companies:
 
+    - 71
 
+ribbon:
 
+  ReadTimeout: 5000
 
+  ConnectTimeout: 5000

二进制
applications/operation/operation-auth-server/src/main/resources/auth/pri.key
查看文件


+ 12 - 0
applications/operation/operation-auth-server/src/main/resources/config/application-docker-dev.yml
查看文件 

@@ -0,0 +1,12 @@
 
+eureka:
 
+  instance:
 
+    hostname: saas-operation-auth-server-dev
 
+    prefer-ip-address: false
 
+  client:
 
+    serviceUrl:
 
+      defaultZone: http://${spring.security.user.name}:${spring.security.user.password}@saas-eureka-server-dev:8510/eureka/
 
+spring:
 
+  rabbitmq:
 
+    virtual-host: dev
 
+server:
 
+  port: 9030

+ 23 - 0
applications/operation/operation-auth-server/src/main/resources/config/application-docker-prod.yml
查看文件 

@@ -0,0 +1,23 @@
 
+eureka:
 
+  instance:
 
+    hostname: saas-operaion-auth-server
 
+    prefer-ip-address: false
 
+  client:
 
+    serviceUrl:
 
+      defaultZone: http://${spring.security.user.name}:${spring.security.user.password}@saas-eureka-server:8500/eureka/
 
+spring:
 
+  rabbitmq:
 
+    host: 10.10.100.103
 
+    port: 5672
 
+    virtual-host: docker
 
+    username: saas
 
+    password: select123***
 
+  datasource:
 
+    url: jdbc:mysql://10.10.100.18:3306/saas_auth?characterEncoding=utf-8&useSSL=false
 
+    username: saas
 
+    password: select111***
 
+  redis:
 
+    host: 10.10.100.173
 
+    port: 6379
 
+logging:
 
+  destination: 10.10.100.160:5000

+ 106 - 0
applications/operation/operation-auth-server/src/main/resources/logback-spring.xml
查看文件 

@@ -0,0 +1,106 @@
 
+<?xml version="1.0" encoding="UTF-8"?>
 
+<configuration>
 
+    <include resource="org/springframework/boot/logging/logback/base.xml" />
 
+    <jmxConfigurator/>
 
+
 
+    <!--
 
+    %m
 
+    输出代码中指定的消息
 
+    %p
 
+    输出优先级,即DEBUG,INFO,WARN,ERROR,FATAL
 
+    %r
 
+    输出自应用启动到输出该log信息耗费的毫秒数
 
+    %c
 
+    输出所属的类目,通常就是所在类的全名
 
+    %t
 
+    输出产生该日志事件的线程名
 
+    %n
 
+    输出一个回车换行符,Windows平台为“\r\n”,Unix平台为“\n”
 
+    %d
 
+    输出日志时间点的日期或时间,默认格式为ISO8601,也可以在其后指定格式,比如:%d{yyy MMM dd HH:mm:ss,SSS},
 
+    输出类似:2002年10月18日 22:10:28,921
 
+    %l
 
+    输出日志事件的发生位置,包括类目名、发生的线程,以及在代码中的行数。举例:Testlog4.main(TestLog4.java:10)
 
+    -->
 
+
 
+    <springProperty scope="context" name="log.path" source="logging.path" defaultValue="/var/log/saas/operation-auth-server"/>
 
+    <springProperty scope="context" name="spring.application.name" source="spring.application.name" defaultValue="operation-auth-server"/>
 
+    <springProperty scope="context" name="spring.profiles.active" source="spring.profiles.active" defaultValue="dev"/>
 
+    <springProperty scope="context" name="common-pattern" source="logging.common-pattern" defaultValue="%d{yyyy-MM-dd HH:mm:ss.SSS}:[%5p] [%t:%r] [%C{1}:%M:%L] --> %m%n"/>
 
+    <springProperty scope="context" name="log.level.console" source="logging.level.console" defaultValue="INFO"/>
 
+    <springProperty scope="context" name="log.destination" source="logging.destination" defaultValue="10.1.81.1:5000"/>
 
+
 
+    <contextName>${spring.application.name}-${spring.profiles.active}-logback</contextName>
 
+
 
+    <appender name="CONSOLE_APPENDER" class="ch.qos.logback.core.ConsoleAppender">
 
+        <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
 
+            <level>${log.level.console}</level>
 
+        </filter>
 
+        <encoder>
 
+            <pattern>${common-pattern}</pattern>
 
+        </encoder>
 
+    </appender>
 
+
 
+    <appender name="ROOT_APPENDER" class="ch.qos.logback.core.rolling.RollingFileAppender">
 
+        <file>${log.path}/root.log</file>
 
+        <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
 
+            <fileNamePattern>${log.path}/%d{yyyy-MM}/root-%d{yyyy-MM-dd}-%i.log.gz</fileNamePattern>
 
+            <maxFileSize>128MB</maxFileSize>
 
+            <maxHistory>7</maxHistory>
 
+            <totalSizeCap>20GB</totalSizeCap>
 
+        </rollingPolicy>
 
+        <encoder>
 
+            <pattern>${common-pattern}</pattern>
 
+        </encoder>
 
+    </appender>
 
+
 
+    <!-- Appender to log in a JSON format -->
 
+    <appender name="JSON_APPENDER" class="net.logstash.logback.appender.LogstashTcpSocketAppender">
 
+        <destination>${log.destination}</destination>
 
+        <encoder class="net.logstash.logback.encoder.LoggingEventCompositeJsonEncoder">
 
+            <providers>
 
+                <pattern>
 
+                    <pattern>
 
+                        {
 
+                        "severity": "%level",
 
+                        "service": "${spring.application.name:-}",
 
+                        "trace": "%X{X-B3-TraceId:-}",
 
+                        "span": "%X{X-B3-SpanId:-}",
 
+                        "parent": "%X{X-B3-ParentSpanId:-}",
 
+                        "exportable": "%X{X-Span-Export:-}",
 
+                        "pid": "${PID:-}",
 
+                        "thread": "%thread",
 
+                        "class": "%logger{40}",
 
+                        "rest": "%message"
 
+                        }
 
+                    </pattern>
 
+                </pattern>
 
+            </providers>
 
+        </encoder>
 
+    </appender>
 
+
 
+    <logger name="org.springframework" level="INFO"/>
 
+    <logger name="com.usoftchina.saas" level="INFO"/>
 
+
 
+    <springProfile name="dev">
 
+        <root level="INFO">
 
+            <appender-ref ref="CONSOLE_APPENDER"/>
 
+        </root>
 
+    </springProfile>
 
+
 
+    <springProfile name="docker-dev">
 
+        <root level="INFO">
 
+            <appender-ref ref="CONSOLE_APPENDER"/>
 
+        </root>
 
+    </springProfile>
 
+
 
+    <springProfile name="docker-prod">
 
+        <logger name="org.springframework" level="WARN"/>
 
+        <logger name="com.usoftchina.saas" level="WARN"/>
 
+        <root level="WARN">
 
+            <appender-ref ref="CONSOLE_APPENDER"/>
 
+            <appender-ref ref="JSON_APPENDER"/>
 
+        </root>
 
+    </springProfile>
 
+
 
+</configuration>

+ 9 - 0
applications/operation/operation-auth-server/src/main/resources/mapper/AuthorizeLogMapper.xml
查看文件 

@@ -0,0 +1,9 @@
 
+<?xml version="1.0" encoding="UTF-8" ?>
 
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
 
+<mapper namespace="com.usoftchina.saas.operation.auth.mapper.AuthorizeLogMapper">
 
+    <insert id="insert">
 
+        insert into au_authorize_log(app_id,account_id,client_ip,user_agent,login_time)
 
+        values (#{appId,jdbcType=VARCHAR}, #{accountId,jdbcType=BIGINT}, #{clientIp,jdbcType=VARCHAR},
 
+        #{userAgent,jdbcType=VARCHAR}, #{loginTime,jdbcType=TIMESTAMP})
 
+    </insert>
 
+</mapper>

+ 15 - 0
applications/operation/operation-server/pom.xml
查看文件 

@@ -0,0 +1,15 @@
 
+<?xml version="1.0" encoding="UTF-8"?>
 
+<project xmlns="http://maven.apache.org/POM/4.0.0"
 
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 
+    <parent>
 
+        <artifactId>operation</artifactId>
 
+        <groupId>com.usoftchina.saas</groupId>
 
+        <version>1.0.0-SNAPSHOT</version>
 
+    </parent>
 
+    <modelVersion>4.0.0</modelVersion>
 
+
 
+    <artifactId>operation-server</artifactId>
 
+
 
+
 
+</project>

+ 20 - 0
applications/operation/pom.xml
查看文件 

@@ -0,0 +1,20 @@
 
+<?xml version="1.0" encoding="UTF-8"?>
 
+<project xmlns="http://maven.apache.org/POM/4.0.0"
 
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 
+    <parent>
 
+        <artifactId>applications</artifactId>
 
+        <groupId>com.usoftchina.saas</groupId>
 
+        <version>1.0.0-SNAPSHOT</version>
 
+    </parent>
 
+    <modelVersion>4.0.0</modelVersion>
 
+
 
+    <artifactId>operation</artifactId>
 
+    <packaging>pom</packaging>
 
+    <description>operation system</description>
 
+    <modules>
 
+        <module>operation-auth-server</module>
 
+        <module>operation-server</module>
 
+    </modules>
 
+
 
+</project>

+ 1 - 0
applications/pom.xml
查看文件 

@@ -20,6 +20,7 @@
 
         <module>document</module>
 
         <module>commons</module>
 
         <module>transfers</module>
 
+        <module>operation</module>
 
     </modules>

+ 13 - 0
base-servers/gateway-server/src/main/resources/application.yml
查看文件 

@@ -108,6 +108,18 @@ spring:
 
         uri: lb:ws://SOCKET-SERVER
 
         predicates:
 
         - Path=/ws/**
 
+      - id: OPERATION-AUTH-SERVER
 
+        uri: lb://OPERATION-AUTH-SERVER
 
+        predicates:
 
+        - Path=/api/oper_auth/**
 
+        filters:
 
+        - RewritePath=/api/oper_auth/(?<segment>.*), /$\{segment}
 
+      - id: OPERATION-SERVER
 
+        uri: lb://OPERATION-SERVER
 
+        predicates:
 
+        - Path=/api/operation/**
 
+        filters:
 
+        - RewritePath=/api/operation/(?<segment>.*), /$\{segment}
 
   redis:
 
     host: 10.1.81.62
 
     port: 6379
 
@@ -193,6 +205,7 @@ auth:
 
     - /api/commons/share/submit
 
     - /api/account/role/list/**
 
     - /api/account/account/share/join
 
+    - /api/oper_auth/authorize
 
   cookie:
 
     name: uid
 
     secret-key: 0taQcW073Z7G628g5H