From fa3e77b84186d244d5556bdf42e5e98bde5d87b3 Mon Sep 17 00:00:00 2001
From: 王彬 <wangbin@taover.com>
Date: Fri, 25 Jun 2021 15:17:03 +0800
Subject: [PATCH] optimize monitor controller

---
 src/main/java/com/taover/bazhuayun/analysis/web/advice/GlobalExceptionHandler.java         |  26 ++++++++++++++++++++++++++
 src/main/java/com/taover/bazhuayun/analysis/web/controller/manage/HeartbeatController.java | 154 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 src/main/java/com/taover/bazhuayun/analysis/web/form/HeartbeatInstanceCreateForm.java      |   2 +-
 src/main/java/com/taover/bazhuayun/analysis/web/form/HeartbeatInstanceUpdateForm.java      |  25 +------------------------
 src/main/java/com/taover/bazhuayun/analysis/web/module/heartbeat/HeartbeatManager.java     |   8 +++++++-
 src/main/java/com/taover/bazhuayun/analysis/web/module/heartbeat/HeartbeatManagerImpl.java |  18 +++++++++++++++---
 src/main/java/com/taover/bazhuayun/analysis/web/permission/Audience.java                   |  38 ++++++++++++++++++++++++++++++++++++++
 src/main/java/com/taover/bazhuayun/analysis/web/permission/BzyClaims.java                  |  39 +++++++++++++++++++++++++++++++++++++++
 src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtFilter.java                  |  64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtFilterConfig.java            |  23 +++++++++++++++++++++++
 src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtUtil.java                    |  88 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 src/main/resources/application-local.properties                                            |   3 +++
 src/main/resources/application-production.properties                                       |   2 ++
 13 files changed, 461 insertions(+), 29 deletions(-)
 create mode 100644 src/main/java/com/taover/bazhuayun/analysis/web/advice/GlobalExceptionHandler.java
 create mode 100644 src/main/java/com/taover/bazhuayun/analysis/web/controller/manage/HeartbeatController.java
 create mode 100644 src/main/java/com/taover/bazhuayun/analysis/web/permission/Audience.java
 create mode 100644 src/main/java/com/taover/bazhuayun/analysis/web/permission/BzyClaims.java
 create mode 100644 src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtFilter.java
 create mode 100644 src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtFilterConfig.java
 create mode 100644 src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtUtil.java

diff --git a/src/main/java/com/taover/bazhuayun/analysis/web/advice/GlobalExceptionHandler.java b/src/main/java/com/taover/bazhuayun/analysis/web/advice/GlobalExceptionHandler.java
new file mode 100644
index 0000000..fec525a
--- /dev/null
+++ b/src/main/java/com/taover/bazhuayun/analysis/web/advice/GlobalExceptionHandler.java
@@ -0,0 +1,26 @@
+package com.taover.bazhuayun.analysis.web.advice;
+
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+import com.taover.util.UtilLog;
+import com.taover.util.bean.ResultInfo;
+import com.taover.util.bean.ResultInfoException;
+import com.taover.util.bean.UtilResultInfo;
+
+@ControllerAdvice("com.taover.bazhuayun.analysis.web.controller.manage")
+public class GlobalExceptionHandler {
+	@ExceptionHandler(value = Exception.class)
+	@ResponseBody
+	public ResultInfo handlerException(Exception e) {
+		UtilLog.errorForException(e, this.getClass());
+		return UtilResultInfo.getFailure(e.getMessage());
+	}
+	
+	@ExceptionHandler(value = ResultInfoException.class)
+	@ResponseBody
+	public ResultInfo handlerResultInfoException(ResultInfoException e) {			
+		return e.toResultInfo();
+	}
+}
\ No newline at end of file
diff --git a/src/main/java/com/taover/bazhuayun/analysis/web/controller/manage/HeartbeatController.java b/src/main/java/com/taover/bazhuayun/analysis/web/controller/manage/HeartbeatController.java
new file mode 100644
index 0000000..69e1b28
--- /dev/null
+++ b/src/main/java/com/taover/bazhuayun/analysis/web/controller/manage/HeartbeatController.java
@@ -0,0 +1,154 @@
+package com.taover.bazhuayun.analysis.web.controller.manage;
+
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.lang.StringUtils;
+import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PutMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import com.taover.bazhuayun.analysis.web.form.HeartbeatInstanceCreateForm;
+import com.taover.bazhuayun.analysis.web.form.HeartbeatInstanceUpdateForm;
+import com.taover.bazhuayun.analysis.web.module.heartbeat.HeartbeatManager;
+import com.taover.bazhuayun.analysis.web.repository.AnalysisHeartbeatInstanceRepository;
+import com.taover.util.bean.ResultInfo;
+import com.taover.util.bean.UtilResultInfo;
+
+@RestController("manage.heartbeat")
+@RequestMapping("/manage/heartbeat")
+public class HeartbeatController {
+	@Resource
+	private AnalysisHeartbeatInstanceRepository analysisHeartbeatInstanceRepository;
+	@Resource
+	private HeartbeatManager heartbeatManager;
+	
+	/**
+	 * @apiDefine ResultInfo
+	 * @apiSuccess {string}
+	 * @apiSuccessExample {json} Success-Response:
+	 * 	{
+	 * 		code:ok,
+	 * 		error:null
+	 * 	}
+ 	 * @apiError ThrowException 出现异常
+	 * @apiErrorExample 
+	 * 	{
+	 * 		code:fail,
+	 * 		error:null exception
+	 * 	}
+	 */
+	
+	/**
+	 * @api {GET} /v1/wxorderauthoper 查询wxorderauthoper列表
+	 * @apiDescription 查询wxorderauthoper列表数据 
+	 * 返回分页结果
+	 * 
+	 * @apiGroup wxorderauthoper
+	 * @apiName wxorderauthoper列表
+	 * @apiVersion 1.0.0
+	 * @apiHeader Authorization
+	 * 
+	 * @apiUse ResultInfo
+	 */
+	@GetMapping
+	public ResultInfo get(HttpServletRequest request){
+		String pageStr = request.getParameter("page");
+		if(StringUtils.isEmpty(pageStr)){
+			pageStr = "1";
+		}
+		String sizeStr = request.getParameter("size");
+		if(StringUtils.isEmpty(sizeStr)){
+			sizeStr = "10";
+		}
+		return UtilResultInfo.getSuccess("", this.analysisHeartbeatInstanceRepository.findPageBySql("1=1", Integer.valueOf(pageStr), Integer.valueOf(sizeStr), null));
+	}
+
+	/**
+	 * @api {GET} /v1/wxorderauthoper/{ssid} 查询ssid对应的wxorderauthoper
+	 * @apiDescription 查询ssid对应wxorderauthoper数据 
+	 *  
+	 * @apiGroup wxorderauthoper
+	 * @apiName get实体数据
+	 * @apiVersion 1.0.0
+	 * @apiHeader Authorization
+	 * 
+	 * @apiUse ResultInfo
+	 */
+	@GetMapping("/{code}")
+	public ResultInfo get(@PathVariable String code){
+		try {
+			return UtilResultInfo.getSuccess("", this.analysisHeartbeatInstanceRepository.findEntityBySql("code='"+code+"'", null));
+		} catch (Exception e) {
+			return UtilResultInfo.getFailure("not found record");
+		}
+	}
+	
+	/**
+	 * @api {POST} /v1/wxorderauthoper 创建wxorderauthoper
+	 * @apiDescription 创建wxorderauthoper 
+	 *  
+	 * @apiGroup wxorderauthoper
+	 * @apiName get实体数据
+	 * @apiVersion 1.0.0
+	 * @apiHeader Authorization
+	 * 
+	 * @apiUse ResultInfo
+	 */
+	@PostMapping
+	public ResultInfo post(@RequestBody HeartbeatInstanceCreateForm form){
+		this.heartbeatManager.createInstance(form);
+		return UtilResultInfo.getSuccess("创建成功");
+	}
+	
+	/**
+	 * @api {DELETE} /v1/wxorderauthoper/{ssid} 删除ssid对应的wxorderauthoper
+	 * @apiDescription 删除ssid对应的wxorderauthoper数据 
+	 *  
+	 * @apiGroup wxorderauthoper
+	 * @apiName 删除实体数据
+	 * @apiVersion 1.0.0
+	 * @apiHeader Authorization
+	 * 
+	 * @apiUse ResultInfo
+	 */
+	@DeleteMapping("/{code}")
+	public ResultInfo delete(@PathVariable String code){
+		this.heartbeatManager.deleteInstance(code);
+		return UtilResultInfo.getSuccess("删除成功");
+	}
+	
+	/**
+	 * @api {PUT} /v1/wxorderauthoper/{ssid} 修改wxorderauthoper数据
+	 * @apiDescription 修改wxorderauthoper数据 
+	 *  
+	 * @apiGroup wxorderauthoper
+	 * @apiName 修改实体数据
+	 * @apiVersion 1.0.0
+	 * @apiHeader Authorization
+	 * 
+	 * @apiUse ResultInfo
+	 */
+	@PutMapping("/{code}")
+	public ResultInfo put(@PathVariable String code, @RequestBody HeartbeatInstanceUpdateForm form){
+		this.heartbeatManager.updateInstance(code, form);
+		return UtilResultInfo.getSuccess("更新成功");
+	}
+	
+	@PutMapping("/{code}/enable")
+	public ResultInfo putEnable(@PathVariable String code){
+		this.heartbeatManager.enableInstanceByCode(code);
+		return UtilResultInfo.getSuccess("监控启用成功");
+	}
+	
+	@PutMapping("/{code}/disable")
+	public ResultInfo putDisable(@PathVariable String code){
+		this.heartbeatManager.disableInstanceByCode(code);
+		return UtilResultInfo.getSuccess("监控停用成功");
+	}
+}
diff --git a/src/main/java/com/taover/bazhuayun/analysis/web/form/HeartbeatInstanceCreateForm.java b/src/main/java/com/taover/bazhuayun/analysis/web/form/HeartbeatInstanceCreateForm.java
index f004b28..20ff5e2 100644
--- a/src/main/java/com/taover/bazhuayun/analysis/web/form/HeartbeatInstanceCreateForm.java
+++ b/src/main/java/com/taover/bazhuayun/analysis/web/form/HeartbeatInstanceCreateForm.java
@@ -6,7 +6,7 @@ import javax.persistence.Id;
 public class HeartbeatInstanceCreateForm extends BaseCreateForm {
 	
 	/**
-	 * 实例类型：0-请求端，1-服务端
+	 * 实例类型：0-作为服务端，1-作为请求端
 	 */
 	private java.lang.Integer roleType;
 		
diff --git a/src/main/java/com/taover/bazhuayun/analysis/web/form/HeartbeatInstanceUpdateForm.java b/src/main/java/com/taover/bazhuayun/analysis/web/form/HeartbeatInstanceUpdateForm.java
index 7e82051..7644639 100644
--- a/src/main/java/com/taover/bazhuayun/analysis/web/form/HeartbeatInstanceUpdateForm.java
+++ b/src/main/java/com/taover/bazhuayun/analysis/web/form/HeartbeatInstanceUpdateForm.java
@@ -1,7 +1,6 @@
 package com.taover.bazhuayun.analysis.web.form;
 
 import javax.persistence.Column;
-import javax.persistence.Id;
 
 public class HeartbeatInstanceUpdateForm extends BaseUpdateForm {	
 	@Column(name="url")
@@ -13,16 +12,7 @@ public class HeartbeatInstanceUpdateForm extends BaseUpdateForm {
 	public void setUrl(java.lang.String url){
 		this.url = url;
 	}	
-	
-	private java.lang.String code;
 		
-	public java.lang.String getCode(){
-		return code;
-	}	
-	public void setCode(java.lang.String code){
-		this.code = code;
-	}	
-	
 	@Column(name="fix_rate_sec")
 	private java.lang.Integer fixRateSec;
 		
@@ -97,20 +87,7 @@ public class HeartbeatInstanceUpdateForm extends BaseUpdateForm {
 	public void setReformPhone(java.lang.String reformPhone){
 		this.reformPhone = reformPhone;
 	}	
-	
-	/**
-	 * 可用状态：0-注销，1-使用中
-	 */
-	@Column(name="status")
-	private java.lang.Integer status;
-		
-	public java.lang.Integer getStatus(){
-		return status;
-	}	
-	public void setStatus(java.lang.Integer status){
-		this.status = status;
-	}	
-		
+			
 	/**
 	 * 
 	 */
diff --git a/src/main/java/com/taover/bazhuayun/analysis/web/module/heartbeat/HeartbeatManager.java b/src/main/java/com/taover/bazhuayun/analysis/web/module/heartbeat/HeartbeatManager.java
index 9b0494c..a603950 100644
--- a/src/main/java/com/taover/bazhuayun/analysis/web/module/heartbeat/HeartbeatManager.java
+++ b/src/main/java/com/taover/bazhuayun/analysis/web/module/heartbeat/HeartbeatManager.java
@@ -26,7 +26,7 @@ public interface HeartbeatManager {
 	 * 修改监控实例
 	 * @param form
 	 */
-	void updateInstance(HeartbeatInstanceUpdateForm form);
+	void updateInstance(String code, HeartbeatInstanceUpdateForm form);
 	
 	/**
 	 * 停用监控实例
@@ -56,4 +56,10 @@ public interface HeartbeatManager {
 	 * 向服务器发送心跳
 	 */
 	void sendServerHeartbeat();
+
+	/**
+	 * 删除实例
+	 * @param id
+	 */
+	void deleteInstance(String code);
 }
diff --git a/src/main/java/com/taover/bazhuayun/analysis/web/module/heartbeat/HeartbeatManagerImpl.java b/src/main/java/com/taover/bazhuayun/analysis/web/module/heartbeat/HeartbeatManagerImpl.java
index 1df29c7..5a43a41 100644
--- a/src/main/java/com/taover/bazhuayun/analysis/web/module/heartbeat/HeartbeatManagerImpl.java
+++ b/src/main/java/com/taover/bazhuayun/analysis/web/module/heartbeat/HeartbeatManagerImpl.java
@@ -271,13 +271,13 @@ public class HeartbeatManagerImpl implements HeartbeatManager {
 	}
 
 	@Override
-	public void updateInstance(HeartbeatInstanceUpdateForm form) {
+	public void updateInstance(String code, HeartbeatInstanceUpdateForm form) {
 		form.trimByRegexS();
 		AnalysisHeartbeatInstanceEntity instance = null;
 		try {
-			instance = this.analysisHeartbeatInstanceRepository.findEntityBySql("code='"+form.getCode()+"'", null);
+			instance = this.analysisHeartbeatInstanceRepository.findEntityBySql("code='"+code+"'", null);
 		} catch (NotFoundException | MultiRowException e1) {
-			throw new RuntimeException("code="+form.getCode()+"对应的实例数据异常（未找到或存在多条重复记录），请技术人员核实");
+			throw new RuntimeException("code="+code+"对应的实例数据异常（未找到或存在多条重复记录），请技术人员核实");
 		}
 		this.analysisHeartbeatInstanceRepository.updateEntityById(form.getSQLUpdateList(), instance.getId(), null);
 		try {
@@ -326,4 +326,16 @@ public class HeartbeatManagerImpl implements HeartbeatManager {
 			UtilLog.error("注销监控实例出现异常，code["+instance.getCode()+"]", e, this.getClass());
 		}
 	}
+
+	@Override
+	public void deleteInstance(String code) {
+		AnalysisHeartbeatInstanceEntity instance = null;
+		try {
+			instance = this.analysisHeartbeatInstanceRepository.findEntityBySql("code='"+code+"'", null);
+		} catch (NotFoundException | MultiRowException e1) {
+			throw new RuntimeException("code="+code+"对应的实例数据异常（未找到或存在多条重复记录），请技术人员核实");
+		}
+		this.disableInstanceByCode(instance.getCode());
+		this.analysisHeartbeatInstanceRepository.deleteEntityByID(instance.getId(), null);
+	}
 }
diff --git a/src/main/java/com/taover/bazhuayun/analysis/web/permission/Audience.java b/src/main/java/com/taover/bazhuayun/analysis/web/permission/Audience.java
new file mode 100644
index 0000000..3a8b97c
--- /dev/null
+++ b/src/main/java/com/taover/bazhuayun/analysis/web/permission/Audience.java
@@ -0,0 +1,38 @@
+package com.taover.bazhuayun.analysis.web.permission;
+
+/**
+ * jwt相关配置
+ * @author gaoming
+ *
+ */
+public class Audience {
+    private String clientId = "098f6bcd4621d373cade4e832627b4f6";
+    private String base64Secret = "MDk4ZjZiY2Q0NjIxZDM3M2NhZGU0ZTgzMjYyN2I0ZjY";
+    private String name = "admin";
+    private int expiresSecond = 604800;
+    
+    public String getClientId() {
+		return clientId;
+	}
+	public void setClientId(String clientId) {
+		this.clientId = clientId;
+	}
+	public String getBase64Secret() {
+		return base64Secret;
+	}
+	public void setBase64Secret(String base64Secret) {
+		this.base64Secret = base64Secret;
+	}
+	public String getName() {
+		return name;
+	}
+	public void setName(String name) {
+		this.name = name;
+	}
+	public int getExpiresSecond() {
+		return expiresSecond;
+	}
+	public void setExpiresSecond(int expiresSecond) {
+		this.expiresSecond = expiresSecond;
+	}
+}
diff --git a/src/main/java/com/taover/bazhuayun/analysis/web/permission/BzyClaims.java b/src/main/java/com/taover/bazhuayun/analysis/web/permission/BzyClaims.java
new file mode 100644
index 0000000..ee5f1d3
--- /dev/null
+++ b/src/main/java/com/taover/bazhuayun/analysis/web/permission/BzyClaims.java
@@ -0,0 +1,39 @@
+package com.taover.bazhuayun.analysis.web.permission;
+
+import io.jsonwebtoken.Claims;
+
+public class BzyClaims  {
+
+	private Long tenantId;
+	private Long userId;
+	private Claims claims;
+	
+	private BzyClaims(){}
+	
+	public BzyClaims(Claims claims,Long tennatId,Long userId){
+		this.claims = claims;
+		this.tenantId = tennatId;
+		this.userId = userId;
+	}
+	
+	public Long getTenantId() {
+		return tenantId;
+	}
+	public void setTenantId(Long tenantId) {
+		this.tenantId = tenantId;
+	}
+	public Long getUserId() {
+		return userId;
+	}
+	public void setUserId(Long userId) {
+		this.userId = userId;
+	}
+	public Claims getClaims() {
+		return claims;
+	}
+	public void setClaims(Claims claims) {
+		this.claims = claims;
+	}
+	
+	
+}
diff --git a/src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtFilter.java b/src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtFilter.java
new file mode 100644
index 0000000..842ce01
--- /dev/null
+++ b/src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtFilter.java
@@ -0,0 +1,64 @@
+package com.taover.bazhuayun.analysis.web.permission;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import com.alibaba.fastjson.JSONObject;
+import com.taover.util.UtilLog;
+import com.taover.util.bean.UtilResultInfo;
+
+public class JwtFilter implements Filter {
+	private int adminUserId;
+	
+	public JwtFilter(int userId) {
+		this.adminUserId = userId;
+	}
+	
+    @Override
+    public void doFilter(final ServletRequest req, final ServletResponse res, final FilterChain chain) throws IOException, ServletException {
+        final HttpServletRequest request = (HttpServletRequest) req;
+        final HttpServletResponse response = (HttpServletResponse) res;
+    	if ("OPTIONS".equals(request.getMethod())) {
+            response.setStatus(HttpServletResponse.SC_OK);
+        } else {
+            //切换为当前用户
+        	String authHeader = request.getHeader("authorization");
+        	if(authHeader == null || !authHeader.startsWith(JwtUtil.TOKEN_PREFFIX)) {
+        		response.getWriter().write(JSONObject.toJSONString(UtilResultInfo.getNotAuthorized("")));
+        		return;
+        	}else {
+        		try {
+            		//检查是否有权限访问
+            		BzyClaims claims = JwtUtil.parseJWT(authHeader.substring(JwtUtil.TOKEN_START_INDEX));
+            		if(claims.getUserId().intValue() != adminUserId) {
+            			response.getWriter().write(JSONObject.toJSONString(UtilResultInfo.getNotAuthorized("not admin,no permission")));
+                		return;		
+            		}
+        		}catch (Exception e) {
+        			response.addHeader("Content-Type", "application/json;charset=UTF-8");
+        			response.getWriter().write(JSONObject.toJSONString(UtilResultInfo.getNotAuthorized(e.getMessage())));
+        			return;
+				}
+        	}            
+        }
+        chain.doFilter(req, res);
+    }
+
+	@Override
+	public void init(FilterConfig filterConfig) throws ServletException {
+		UtilLog.infoForMessage("JwtFilter:init", this.getClass());
+	}
+
+	@Override
+	public void destroy() {
+		UtilLog.infoForMessage("JwtFilter:destroy", this.getClass());
+	}
+}
diff --git a/src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtFilterConfig.java b/src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtFilterConfig.java
new file mode 100644
index 0000000..4e16a5d
--- /dev/null
+++ b/src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtFilterConfig.java
@@ -0,0 +1,23 @@
+package com.taover.bazhuayun.analysis.web.permission;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class JwtFilterConfig {
+	@Value("${db.user.userid.admin}")
+	private int adminUserId;
+	
+	public static final int ORDER_JWT_FILTER = 1;
+	
+	@Bean
+    public FilterRegistrationBean<JwtFilter> jwtFilter() {
+        FilterRegistrationBean<JwtFilter> registrationBean = new FilterRegistrationBean<JwtFilter>();
+        registrationBean.setFilter(new JwtFilter(adminUserId));
+        registrationBean.addUrlPatterns("/manage/*");
+        registrationBean.setOrder(ORDER_JWT_FILTER);
+        return registrationBean;
+    }
+}
diff --git a/src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtUtil.java b/src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtUtil.java
new file mode 100644
index 0000000..5838070
--- /dev/null
+++ b/src/main/java/com/taover/bazhuayun/analysis/web/permission/JwtUtil.java
@@ -0,0 +1,88 @@
+package com.taover.bazhuayun.analysis.web.permission;
+
+import java.io.IOException;
+import java.security.Key;
+import java.util.Date;
+
+import javax.crypto.spec.SecretKeySpec;
+import javax.servlet.ServletException;
+import javax.xml.bind.DatatypeConverter;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.JwtBuilder;
+import io.jsonwebtoken.JwtParser;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+
+ 
+
+/**
+ *  Reserved claims（保留），它的含义就像是编程语言的保留字一样，属于JWT标准里面规定的一些claim。JWT标准里面定好的claim有：
+
+ iss(Issuser)：代表这个JWT的签发主体；
+ sub(Subject)：代表这个JWT的主体，即它的所有人；
+ aud(Audience)：代表这个JWT的接收对象；
+ exp(Expiration time)：是一个时间戳，代表这个JWT的过期时间；
+ nbf(Not Before)：是一个时间戳，代表这个JWT生效的开始时间，意味着在这个时间之前验证JWT是会失败的；
+ iat(Issued at)：是一个时间戳，代表这个JWT的签发时间；
+ jti(JWT ID)：是JWT的唯一标识。
+ * @param req
+ * @param res
+ * @param chain
+ * @throws IOException
+ * @throws ServletException
+ */
+public class JwtUtil {
+	public static String TOKEN_PREFFIX = "Bearer==";
+	public static int TOKEN_START_INDEX = TOKEN_PREFFIX.length();
+	
+	private static Audience audience = new Audience();
+	private static JwtParser jwtParser;
+	private static JwtBuilder jwtBuilder;
+		
+	static {
+		//生成签名密钥
+        byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(audience.getBase64Secret());
+        
+        //初始化jwtParser
+		jwtParser = Jwts.parser().setSigningKey(apiKeySecretBytes);
+		
+		//初始化jwtBuilder
+		Key signingKey = new SecretKeySpec(apiKeySecretBytes, SignatureAlgorithm.HS256.getJcaName());
+		jwtBuilder = Jwts.builder()
+				.setHeaderParam("typ", "JWT")
+				.setIssuer(audience.getName())
+                .setAudience(audience.getClientId())
+                .signWith(SignatureAlgorithm.HS256, signingKey);
+	}
+	
+    /**
+     * 解析jwt
+     */
+    public static BzyClaims parseJWT(String token) {
+        Claims claims = jwtParser.parseClaimsJws(token).getBody();
+        Long userid = Long.valueOf(claims.get("userid", Object.class).toString());
+        Long tenantId = Long.valueOf(claims.get("tenant", Object.class).toString());
+        return new BzyClaims(claims,tenantId,userid);
+    }
+
+    /**
+     * 构建jwt
+     */
+    public static String createJWT(String mobile, Long userId, Long tenantId) {
+        //添加构成JWT的参数
+    	jwtBuilder.claim("tenant", tenantId.toString())
+                .claim("username", mobile)
+                .claim("userid", userId.toString());
+        //添加Token过期时间
+        if (audience.getExpiresSecond() >= 0) {
+        	long nowMillis = System.currentTimeMillis();
+            Date now = new Date(nowMillis);
+            Date exp = new Date(nowMillis + audience.getExpiresSecond()*1000);
+            jwtBuilder.setExpiration(exp).setNotBefore(now);
+        }
+        //生成JWT
+        return jwtBuilder.compact();
+    }
+     
+}
\ No newline at end of file
diff --git a/src/main/resources/application-local.properties b/src/main/resources/application-local.properties
index ec5bed9..aa86cd1 100644
--- a/src/main/resources/application-local.properties
+++ b/src/main/resources/application-local.properties
@@ -37,3 +37,6 @@ spring.datasource.max-idle=10
 spring.datasource.max-wait=10000
 spring.datasource.min-idle=5
 spring.datasource.initial-size=5
+
+db.user.userid.admin=2
+
diff --git a/src/main/resources/application-production.properties b/src/main/resources/application-production.properties
index 24871cc..592dcfe 100644
--- a/src/main/resources/application-production.properties
+++ b/src/main/resources/application-production.properties
@@ -33,3 +33,5 @@ spring.datasource.druid.initial-size=5
 spring.datasource.druid.max-active=10
 spring.datasource.druid.min-idle=5
 spring.datasource.druid.max-wait=60000
+
+db.user.userid.admin=2
--
libgit2 0.21.2