Merge branch 'dev/one' into debug

# Conflicts:
#	common/src/main/java/com/diagbot/enums/SysTypeEnum.java

common/src/main/java/com/diagbot/enums/SysTypeEnum.java

@@ -18,8 +18,9 @@ public enum SysTypeEnum implements KeyedNamed {
     BI_SERVICE(5, "bi-service"),
     KNOWLEDGE_SERVICE(6, "knowledge-service"),
     FEEDBACK_SERVICE(7, "feedback-service"),
-    ICSS_WEB(8, "icss-web"),
-    TRIAGE_SERVICE(9, "triage-web");
+    ICSS_WEB(8, "icss-service"),
+    TRIAGE_SERVICE(9, "triage-service"),
+    APPKEY(10, "appkey");
 
     @Setter
     private int key;

config-server/src/main/resources/shared/gateway-service-dev.yml

@@ -20,6 +20,11 @@ spring:
     publisher-confirms: true
     virtual-host: /
   cloud:
+    stream:
+      bindings:
+        outputLog:
+          destination: myLog
+    #          contentType: text/plain      # 实体 json string 在传递的类型装换 查看 http://docs.spring
     gateway:
       default-filters:
       routes:

config-server/src/main/resources/shared/gateway-service-local.yml

@@ -20,6 +20,11 @@ spring:
     publisher-confirms: true
     virtual-host: /
   cloud:
+    stream:
+      bindings:
+        outputLog:
+          destination: myLog
+      #          contentType: text/plain      # 实体 json string 在传递的类型装换 查看 http://docs.spring
     gateway:
       default-filters:
       routes:

config-server/src/main/resources/shared/gateway-service-test.yml

@@ -20,6 +20,11 @@ spring:
     publisher-confirms: true
     virtual-host: /
   cloud:
+    stream:
+      bindings:
+        outputLog:
+          destination: myLog
+      #          contentType: text/plain      # 实体 json string 在传递的类型装换 查看 http://docs.spring
     gateway:
       default-filters:
       routes:

diagbotman-service/src/main/java/com/diagbot/client/UserServiceClient.java

@@ -3,6 +3,7 @@ package com.diagbot.client;
 import com.diagbot.client.hystrix.UserServiceHystrix;
 import com.diagbot.dto.RespDTO;
 import com.diagbot.dto.UserOrgDTO;
+import com.diagbot.entity.Token;
 import com.diagbot.entity.User;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -35,6 +36,9 @@ public interface UserServiceClient {
     @PostMapping(value = "/userAuthentication/getAuthInfoCount")
     RespDTO<List<Integer>> getAuthInfoCount(@RequestBody Long userId);
 
+    @PostMapping("/user/verifyToken")
+    RespDTO<Boolean> verifyToken(@RequestBody Token token);
+
 }
 
 

diagbotman-service/src/main/java/com/diagbot/client/hystrix/UserServiceHystrix.java

@@ -3,6 +3,7 @@ package com.diagbot.client.hystrix;
 import com.diagbot.client.UserServiceClient;
 import com.diagbot.dto.RespDTO;
 import com.diagbot.dto.UserOrgDTO;
+import com.diagbot.entity.Token;
 import com.diagbot.entity.User;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Component;
@@ -50,6 +51,11 @@ public class UserServiceHystrix implements UserServiceClient {
 		log.error("【hystrix】调用{}异常", "getAuthInfoCount");
 		return null;
 	}
-    
-    
+
+    @Override
+    public RespDTO<Boolean> verifyToken(Token token) {
+        log.error("【hystrix】调用{}异常", "verifyToken");
+        return null;
+    }
+
 }

diagbotman-service/src/main/java/com/diagbot/config/security/UrlAccessDecisionManager.java

@@ -1,8 +1,15 @@
 package com.diagbot.config.security;
 
+import com.diagbot.client.UserServiceClient;
+import com.diagbot.dto.RespDTO;
+import com.diagbot.entity.Token;
+import com.diagbot.util.HttpUtils;
+import com.diagbot.util.StringUtil;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.AccessDecisionManager;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.access.ConfigAttribute;
+import org.springframework.security.authentication.AccountExpiredException;
 import org.springframework.security.authentication.InsufficientAuthenticationException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
@@ -21,6 +28,9 @@ import java.util.Collection;
  */
 @Service
 public class UrlAccessDecisionManager implements AccessDecisionManager {
+    @Autowired
+    private UserServiceClient userServiceClient;
+
     @Override
     public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
         HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
@@ -31,6 +41,20 @@ public class UrlAccessDecisionManager implements AccessDecisionManager {
         if ("anonymousUser".equals(authentication.getPrincipal())) {
             throw new AccessDeniedException("no right");
         } else {
+            //验证token有效性
+            String tokenStr = HttpUtils.getHeaders(request).get("Authorization");
+            if (StringUtil.isNotEmpty(tokenStr)) {
+                Token token = new Token();
+                tokenStr = tokenStr.replaceFirst("Bearer ", "");
+                token.setToken(tokenStr);
+                RespDTO<Boolean> res = userServiceClient.verifyToken(token);
+                if (res == null || !"0".equals(res.code)) {
+                    throw new AccountExpiredException("token expire");
+                }
+                if (!res.data) {
+                    throw new AccountExpiredException("token expire");
+                }
+            }
             for (GrantedAuthority ga : authentication.getAuthorities()) {
                 String[] authority = ga.getAuthority().split(";");
                 url = authority[0];
@@ -56,7 +80,7 @@ public class UrlAccessDecisionManager implements AccessDecisionManager {
         return true;
     }
 
-    private Boolean matchPermitAllUrl(HttpServletRequest request){
+    private Boolean matchPermitAllUrl(HttpServletRequest request) {
         if (matchers("/swagger/**", request)
                 || matchers("/v2/**", request)
                 || matchers("/swagger-ui.html/**", request)

diagbotman-service/src/main/java/com/diagbot/dto/HasPermissionDTO.java

@@ -0,0 +1,22 @@
+package com.diagbot.dto;
+
+import lombok.Getter;
+import lombok.Setter;
+
+import java.io.Serializable;
+
+/**
+ * @Description: 是否有权限返回类
+ * @Author: ztg
+ * @Date: 2018/9/20 10:32
+ */
+
+@Getter
+@Setter
+public class HasPermissionDTO implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    private Boolean hasPermission ;//标志
+    private String userId;         //用户ID
+}

diagbotman-service/src/main/java/com/diagbot/entity/Token.java

@@ -0,0 +1,21 @@
+package com.diagbot.entity;
+
+import lombok.Getter;
+import lombok.Setter;
+
+import java.io.Serializable;
+
+/**
+ * @Description: token
+ * @Author: ztg
+ * @Date: 2018/9/19 13:14
+ */
+@Getter
+@Setter
+public class Token implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    private String token;
+
+}

diagbotman-service/src/main/java/com/diagbot/facade/LantoneProductFacade.java

@@ -284,6 +284,17 @@ public class LantoneProductFacade extends LantoneProductServiceImpl {
                 rlist.data.add(-1L);
             }
             openedProductsIndex.setUserId(rlist.data);
+        }else{
+            RespDTO<List<User>> userInfiList = userServiceClient.getUserAllInfo();
+            if(userInfiList == null || !"0".equals(userInfiList.code) ) {
+                throw new CommonException(CommonErrorCode.SERVER_IS_ERROR,
+                        "获取用户和机构信息失败");
+            }
+            List<Long> userIds =new ArrayList<>();
+            for (User user:userInfiList.data) {
+                userIds.add(user.getId());
+            }
+            openedProductsIndex.setUserId(userIds);
         }
         List<OpendProductDTO> list = openedProductsFacade.getByProductId(page,openedProductsIndex).getRecords();
         List<Long> list1 = new ArrayList<>();

diagbotman-service/src/main/java/com/diagbot/facade/ServiceTokenFacade.java

@@ -2,6 +2,7 @@ package com.diagbot.facade;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
+import com.diagbot.dto.HasPermissionDTO;
 import com.diagbot.dto.RespDTO;
 import com.diagbot.entity.LantoneProduct;
 import com.diagbot.entity.OpenedProducts;
@@ -52,7 +53,8 @@ public class ServiceTokenFacade extends ServiceTokenServiceImpl {
      * @param serviceTokenVo 参数
      * @return 是否有权限
      */
-    public RespDTO<Boolean> hasPermission(ServiceTokenVo serviceTokenVo) {
+    public RespDTO<HasPermissionDTO> hasPermission(ServiceTokenVo serviceTokenVo) {
+        HasPermissionDTO hasPermissionDTO = new HasPermissionDTO();
         String appkey = serviceTokenVo.getAppkey();
         String secret = serviceTokenVo.getSecret();
         Map<String, Object> paramMap = new HashMap<>();
@@ -95,7 +97,9 @@ public class ServiceTokenFacade extends ServiceTokenServiceImpl {
                 throw new CommonException(CommonErrorCode.SERVER_IS_ERROR, "访问权限已过期");
             }
         }
-        return RespDTO.onSuc(true);
+        hasPermissionDTO.setHasPermission(true);
+        hasPermissionDTO.setUserId(UserUtils.getCurrentPrincipleID());
+        return RespDTO.onSuc(hasPermissionDTO);
     }
 
     /**

diagbotman-service/src/main/java/com/diagbot/web/ServiceTokenController.java

@@ -2,6 +2,7 @@ package com.diagbot.web;
 
 
 import com.diagbot.annotation.SysLogger;
+import com.diagbot.dto.HasPermissionDTO;
 import com.diagbot.dto.ProductServiceDTO;
 import com.diagbot.dto.RespDTO;
 import com.diagbot.entity.wrapper.ServiceTokenWrapper;
@@ -48,7 +49,7 @@ public class ServiceTokenController {
     @PostMapping("/hasPermission")
     @ApiOperation(value = "查询当前appkey和secret是否有权限[by:zhoutg]")
     @ApiIgnore
-    public RespDTO<Boolean> hasPermission(@RequestBody ServiceTokenVo serviceTokenVo) {
+    public RespDTO<HasPermissionDTO> hasPermission(@RequestBody ServiceTokenVo serviceTokenVo) {
         return serviceTokenFacade.hasPermission(serviceTokenVo);
     }
 

docs/003.20181024初始化脚本/init_diagbotcloud.sql

@@ -37,7 +37,7 @@ CREATE TABLE `diag_lantone_product` (
   `url` varchar(255) NOT NULL COMMENT '产品地址',
   `service_status` int(11) NOT NULL DEFAULT '1' COMMENT '停用状态',
   `trial_status` int(11) NOT NULL DEFAULT '0' COMMENT '是否试用(0.否1.是)',
-  `trial_url` varchar(255) NOT NULL DEFAULT '0' COMMENT '试用地址',
+  `trial_url` varchar(255) DEFAULT NULL COMMENT '试用地址',
   `access_type` varchar(50) NOT NULL DEFAULT '1,2,3' COMMENT '接入方式（1：online，2：接口方式，3：嵌入式）',
   PRIMARY KEY (`id`)
 ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COMMENT='朗通产品表';

gateway-service/pom.xml

@@ -79,6 +79,10 @@
             <groupId>org.springframework.cloud</groupId>
             <artifactId>spring-cloud-starter-netflix-hystrix</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-stream-rabbit</artifactId>
+        </dependency>
         <dependency>
             <groupId>com.diagbot</groupId>
             <artifactId>common</artifactId>

gateway-service/src/main/java/com/diagbot/client/DiagbotmanServiceClient.java

@@ -2,6 +2,7 @@ package com.diagbot.client;
 
 import com.diagbot.client.hystrix.DiagbotmanServiceHystrix;
 import com.diagbot.dto.RespDTO;
+import com.diagbot.entity.HasPermissionDTO;
 import com.diagbot.entity.ServiceFilter;
 import com.diagbot.entity.ServiceToken;
 import org.springframework.cloud.openfeign.FeignClient;
@@ -23,7 +24,7 @@ public interface DiagbotmanServiceClient {
     RespDTO<List<ServiceFilter>> getAll();
 
     @PostMapping("/serviceToken/hasPermission")
-    RespDTO<Boolean> hasPermission(@RequestBody ServiceToken st);
+    RespDTO<HasPermissionDTO> hasPermission(@RequestBody ServiceToken st);
 
 }
 

gateway-service/src/main/java/com/diagbot/client/UserServiceClient.java

@@ -2,11 +2,9 @@ package com.diagbot.client;
 
 import com.diagbot.client.hystrix.UserServiceHystrix;
 import com.diagbot.dto.RespDTO;
-import com.diagbot.entity.Token;
 import com.diagbot.entity.User;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestParam;
 
 
@@ -21,8 +19,6 @@ public interface UserServiceClient {
     @PostMapping("/user/login")
     RespDTO<User> login(@RequestParam("username") String username, @RequestParam("password") String password);
 
-    @PostMapping("/user/verifyToken")
-    RespDTO<Boolean> verifyToken(@RequestBody Token token);
 }
 
 

gateway-service/src/main/java/com/diagbot/client/hystrix/DiagbotmanServiceHystrix.java

@@ -3,6 +3,7 @@ package com.diagbot.client.hystrix;
 
 import com.diagbot.client.DiagbotmanServiceClient;
 import com.diagbot.dto.RespDTO;
+import com.diagbot.entity.HasPermissionDTO;
 import com.diagbot.entity.ServiceToken;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Component;
@@ -24,7 +25,7 @@ public class DiagbotmanServiceHystrix implements DiagbotmanServiceClient {
     }
 
     @Override
-    public RespDTO<Boolean> hasPermission(@RequestBody ServiceToken st) {
+    public RespDTO<HasPermissionDTO> hasPermission(@RequestBody ServiceToken st) {
         log.error("【hystrix】调用{}异常", "hasPermisson");
         return null;
     }

gateway-service/src/main/java/com/diagbot/client/hystrix/UserServiceHystrix.java

@@ -3,7 +3,6 @@ package com.diagbot.client.hystrix;
 
 import com.diagbot.client.UserServiceClient;
 import com.diagbot.dto.RespDTO;
-import com.diagbot.entity.Token;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Component;
 
@@ -15,15 +14,11 @@ import org.springframework.stereotype.Component;
 @Component
 @Slf4j
 public class UserServiceHystrix implements UserServiceClient {
+
     @Override
     public RespDTO login(String username, String password) {
         log.error("【hystrix】调用{}异常", "login");
         return null;
     }
 
-    @Override
-    public RespDTO<Boolean> verifyToken(Token token) {
-        log.error("【hystrix】调用{}异常", "verifyToken");
-        return null;
-    }
 }

gateway-service/src/main/java/com/diagbot/entity/HasPermissionDTO.java

@@ -0,0 +1,22 @@
+package com.diagbot.entity;
+
+import lombok.Getter;
+import lombok.Setter;
+
+import java.io.Serializable;
+
+/**
+ * @Description: 是否有权限返回类
+ * @Author: ztg
+ * @Date: 2018/9/20 10:32
+ */
+
+@Getter
+@Setter
+public class HasPermissionDTO implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    private Boolean hasPermission ;//标志
+    private String userId;         //用户ID
+}

gateway-service/src/main/java/com/diagbot/entity/SysLog.java

@@ -0,0 +1,192 @@
+package com.diagbot.entity;
+
+import java.io.Serializable;
+import java.util.Date;
+
+/**
+ * <p>
+ * 系统操作日志表
+ * </p>
+ *
+ * @author gaodm
+ * @since 2018-09-14
+ */
+public class SysLog implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 日志ID
+     */
+    private Long id;
+
+    /**
+     * 是否删除,N:未删除，Y:删除
+     */
+    private String isDeleted;
+
+    /**
+     * 记录创建时间
+     */
+    private Date gmtCreate;
+
+    /**
+     * 记录修改时间,如果时间是1970年则表示纪录未修改
+     */
+    private Date gmtModified;
+
+    /**
+     * 创建人，0表示无创建人值
+     */
+    private String creator;
+
+    /**
+     * 修改人,如果为0则表示纪录未修改
+     */
+    private String modifier;
+
+    /**
+     * 访问者的IP
+     */
+    private String ip;
+
+    /**
+     * 访问的系统类型 1:user-service,2:diagbotman-service,3:uaa-service,4:log-service,5:bi-service,6:knowledge-service,7:feedback-service,8:icss-web
+     */
+    private Integer sysType;
+
+    /**
+     * 方法
+     */
+    private String method;
+
+    /**
+     * 操作名
+     */
+    private String operation;
+
+    /**
+     * 参数
+     */
+    private String params;
+
+    /**
+     * 用户名
+     */
+    private String username;
+
+
+    public Long getId() {
+        return id;
+    }
+
+    public void setId(Long id) {
+        this.id = id;
+    }
+
+    public String getIsDeleted() {
+        return isDeleted;
+    }
+
+    public void setIsDeleted(String isDeleted) {
+        this.isDeleted = isDeleted;
+    }
+
+    public Date getGmtCreate() {
+        return gmtCreate;
+    }
+
+    public void setGmtCreate(Date gmtCreate) {
+        this.gmtCreate = gmtCreate;
+    }
+
+    public Date getGmtModified() {
+        return gmtModified;
+    }
+
+    public void setGmtModified(Date gmtModified) {
+        this.gmtModified = gmtModified;
+    }
+
+    public String getCreator() {
+        return creator;
+    }
+
+    public void setCreator(String creator) {
+        this.creator = creator;
+    }
+
+    public String getModifier() {
+        return modifier;
+    }
+
+    public void setModifier(String modifier) {
+        this.modifier = modifier;
+    }
+
+    public String getIp() {
+        return ip;
+    }
+
+    public void setIp(String ip) {
+        this.ip = ip;
+    }
+
+    public Integer getSysType() {
+        return sysType;
+    }
+
+    public void setSysType(Integer sysType) {
+        this.sysType = sysType;
+    }
+
+    public String getMethod() {
+        return method;
+    }
+
+    public void setMethod(String method) {
+        this.method = method;
+    }
+
+    public String getOperation() {
+        return operation;
+    }
+
+    public void setOperation(String operation) {
+        this.operation = operation;
+    }
+
+    public String getParams() {
+        return params;
+    }
+
+    public void setParams(String params) {
+        this.params = params;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    @Override
+    public String toString() {
+        return "SysLog{" +
+                "id=" + id +
+                ", isDeleted=" + isDeleted +
+                ", gmtCreate=" + gmtCreate +
+                ", gmtModified=" + gmtModified +
+                ", creator=" + creator +
+                ", modifier=" + modifier +
+                ", ip=" + ip +
+                ", sysType=" + sysType +
+                ", method=" + method +
+                ", operation=" + operation +
+                ", params=" + params +
+                ", username=" + username +
+                "}";
+    }
+}

gateway-service/src/main/java/com/diagbot/filter/GlobalGatewayFilter.java

@@ -1,13 +1,13 @@
 package com.diagbot.filter;
 
 import com.diagbot.client.DiagbotmanServiceClient;
-import com.diagbot.client.UserServiceClient;
 import com.diagbot.dto.RespDTO;
+import com.diagbot.entity.HasPermissionDTO;
 import com.diagbot.entity.ServiceToken;
-import com.diagbot.entity.Token;
-import com.diagbot.exception.CommonErrorCode;
+import com.diagbot.entity.SysLog;
+import com.diagbot.enums.SysTypeEnum;
+import com.diagbot.rabbit.MySender;
 import com.diagbot.util.GsonUtil;
-import com.diagbot.util.StringUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
@@ -25,6 +25,7 @@ import reactor.core.publisher.Mono;
 
 import java.net.URI;
 import java.nio.charset.StandardCharsets;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.Iterator;
 import java.util.LinkedHashSet;
@@ -47,10 +48,10 @@ public class GlobalGatewayFilter implements GlobalFilter {
     @Value("${lantone.product}")
     private String lantonePrduct;
 
-    @Autowired
-    UserServiceClient userServiceClient;
     @Autowired
     DiagbotmanServiceClient diagbotmanServiceClient;
+    @Autowired
+    private MySender mySender;
 
 
     @Override
@@ -73,23 +74,6 @@ public class GlobalGatewayFilter implements GlobalFilter {
         log.info("APIURL:{}", requestUri);
         log.info("SERVICENAME:{}", serviceName);
 
-        //验证token有效性
-        String tokenStr = request.getHeaders().getFirst("Authorization");
-        if(StringUtil.isNotEmpty(tokenStr)) {
-            Token token = new Token();
-            tokenStr = tokenStr.replaceFirst("Bearer ", "");
-            token.setToken(tokenStr);
-            RespDTO<Boolean> res = userServiceClient.verifyToken(token);
-            if (res == null || !RespDTO.TRUE_CODE.equals(res.code)) {
-                return getVoidMono(serverWebExchange, res);
-            }
-            if(!res.data) {
-                res.code = CommonErrorCode.TOKEN_PAST.getCode();
-                res.msg = CommonErrorCode.TOKEN_PAST.getMsg();
-                return getVoidMono(serverWebExchange, res);
-            }
-        }
-
         //        if(!IS_GENERATE) {
         //            RespDTO<List<ServiceFilter>> filter = diagbotmanServiceClient.getAll();
         //            if (filter != null){
@@ -103,6 +87,9 @@ public class GlobalGatewayFilter implements GlobalFilter {
         //            }
         //        }
 
+
+
+
         Map<String, Long> serviceFilters = this.dealServiceFilter();
         if (serviceFilters.get(serviceName) != null) {
             String appkey = request.getHeaders().getFirst("appkey");
@@ -113,10 +100,22 @@ public class GlobalGatewayFilter implements GlobalFilter {
             st.setAppkey(appkey);
             st.setSecret(secret);
             st.setProductId(productId);
-            RespDTO<Boolean> res = diagbotmanServiceClient.hasPermission(st);
+            RespDTO<HasPermissionDTO> res = diagbotmanServiceClient.hasPermission(st);
             if (res == null || !RespDTO.TRUE_CODE.equals(res.code)) {
                 return getVoidMono(serverWebExchange, res);
             }
+
+            //记录日志
+            SysLog sysLog = new SysLog();
+            sysLog.setGmtCreate(new Date());
+            sysLog.setIp(request.getRemoteAddress().toString());
+            sysLog.setMethod(requestUri);
+            sysLog.setOperation(serviceName);
+            sysLog.setParams(requestUri);
+            sysLog.setSysType(SysTypeEnum.APPKEY.getKey());
+            sysLog.setUsername(res.data.getUserId());
+            mySender.outputLogSend(sysLog);
+
         }
 
         ServerHttpRequest.Builder builder = serverWebExchange.getRequest().mutate();

gateway-service/src/main/java/com/diagbot/rabbit/MyProcessor.java

@@ -0,0 +1,23 @@
+package com.diagbot.rabbit;
+
+import org.springframework.cloud.stream.annotation.Input;
+import org.springframework.cloud.stream.annotation.Output;
+import org.springframework.messaging.MessageChannel;
+import org.springframework.messaging.SubscribableChannel;
+
+/**
+ * @Description: 自定义Stream发布和消费对象
+ * @author: gaodm
+ * @time: 2018/8/29 13:39
+ */
+public interface MyProcessor {
+
+    String INPUT_LOG = "inputLog";
+    String OUTPUT_LOG = "outputLog";
+
+    @Input(INPUT_LOG)
+    SubscribableChannel inputLog();
+
+    @Output(OUTPUT_LOG)
+    MessageChannel outputLog();
+}

gateway-service/src/main/java/com/diagbot/rabbit/MySender.java

@@ -0,0 +1,27 @@
+package com.diagbot.rabbit;
+
+import com.diagbot.entity.SysLog;
+import com.diagbot.util.GsonUtil;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.cloud.stream.annotation.EnableBinding;
+import org.springframework.integration.support.MessageBuilder;
+import org.springframework.messaging.MessageChannel;
+import org.springframework.stereotype.Component;
+
+/**
+ * @Description: 发布者
+ * @author: gaodm
+ * @time: 2018/8/29 13:41
+ */
+@Component
+@EnableBinding({ MyProcessor.class })
+public class MySender {
+    @Autowired
+    @Qualifier("outputLog")
+    MessageChannel outputLog;
+
+    public void outputLogSend(SysLog sysLog) {
+        outputLog.send(MessageBuilder.withPayload(GsonUtil.toJson(sysLog)).build());
+    }
+}

user-service/src/main/java/com/diagbot/config/security/UrlAccessDecisionManager.java

@@ -1,8 +1,13 @@
 package com.diagbot.config.security;
 
+import com.diagbot.facade.TokenFacade;
+import com.diagbot.util.HttpUtils;
+import com.diagbot.util.StringUtil;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.AccessDecisionManager;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.access.ConfigAttribute;
+import org.springframework.security.authentication.AccountExpiredException;
 import org.springframework.security.authentication.InsufficientAuthenticationException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
@@ -21,6 +26,9 @@ import java.util.Collection;
  */
 @Service
 public class UrlAccessDecisionManager implements AccessDecisionManager {
+    @Autowired
+    private TokenFacade tokenFacade;
+
     @Override
     public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
         HttpServletRequest request = ((FilterInvocation) object).getHttpRequest();
@@ -31,6 +39,14 @@ public class UrlAccessDecisionManager implements AccessDecisionManager {
         if ("anonymousUser".equals(authentication.getPrincipal())) {
             throw new AccessDeniedException("no right");
         } else {
+            String tokenStr = HttpUtils.getHeaders(request).get("Authorization");
+            if (StringUtil.isNotEmpty(tokenStr)) {
+                tokenStr = tokenStr.replaceFirst("Bearer ", "");
+                Boolean res = tokenFacade.verifyToken(tokenStr, 1);
+                if (!res) {
+                    throw new AccountExpiredException("token expire");
+                }
+            }
             for (GrantedAuthority ga : authentication.getAuthorities()) {
                 String[] authority = ga.getAuthority().split(";");
                 url = authority[0];
@@ -56,7 +72,7 @@ public class UrlAccessDecisionManager implements AccessDecisionManager {
         return true;
     }
 
-    private Boolean matchPermitAllUrl(HttpServletRequest request){
+    private Boolean matchPermitAllUrl(HttpServletRequest request) {
         if (matchers("/swagger/**", request)
                 || matchers("/v2/**", request)
                 || matchers("/swagger-ui.html/**", request)