Initial commit

ruoyi-framework/src/main/java/com/ruoyi/framework/Interceptor/PlusWebInvokeTimeInterceptor.java

@@ -0,0 +1,85 @@
+package com.ruoyi.framework.Interceptor;
+
+import cn.hutool.core.map.MapUtil;
+import com.alibaba.ttl.TransmittableThreadLocal;
+import com.ruoyi.common.utils.JsonUtils;
+import com.ruoyi.common.utils.StringUtils;
+import com.yomahub.tlog.context.TLogContext;
+import com.yomahub.tlog.web.interceptor.AbsTLogWebHandlerMethodInterceptor;
+import com.yomahub.tlog.web.wrapper.RequestWrapper;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.time.StopWatch;
+import org.springframework.http.MediaType;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Map;
+
+/**
+ * 重写Tlog web的调用时间统计拦截器
+ *
+ * @author Lion Li
+ * @since 3.3.0
+ */
+@Slf4j
+public class PlusWebInvokeTimeInterceptor extends AbsTLogWebHandlerMethodInterceptor {
+
+    private final TransmittableThreadLocal<StopWatch> invokeTimeTL = new TransmittableThreadLocal<>();
+
+    @Override
+    public boolean preHandleByHandlerMethod(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        if (TLogContext.enableInvokeTimePrint()) {
+            String url = request.getMethod() + " " + request.getRequestURI();
+
+            // 打印请求参数
+            if (isJsonRequest(request)) {
+                    String jsonParam = new RequestWrapper(request).getBodyString();
+                    log.info("[PLUS]开始请求 => URL[{}],参数类型[json],参数:[{}]", url, jsonParam);
+            } else {
+                Map<String, String[]> parameterMap = request.getParameterMap();
+                if (MapUtil.isNotEmpty(parameterMap)) {
+                    String parameters = JsonUtils.toJsonString(parameterMap);
+                    log.info("[PLUS]开始请求 => URL[{}],参数类型[param],参数:[{}]", url, parameters);
+                } else {
+                    log.info("[PLUS]开始请求 => URL[{}],无参数", url);
+                }
+            }
+
+            StopWatch stopWatch = new StopWatch();
+            invokeTimeTL.set(stopWatch);
+            stopWatch.start();
+        }
+        return true;
+    }
+
+    @Override
+    public void postHandleByHandlerMethod(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
+
+    }
+
+    @Override
+    public void afterCompletionByHandlerMethod(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
+        if (TLogContext.enableInvokeTimePrint()) {
+            StopWatch stopWatch = invokeTimeTL.get();
+            stopWatch.stop();
+            log.info("[PLUS]结束请求 => URL[{}],耗时:[{}]毫秒", request.getMethod() + " " + request.getRequestURI(), stopWatch.getTime());
+            invokeTimeTL.remove();
+        }
+    }
+
+    /**
+     * 判断本次请求的数据类型是否为json
+     *
+     * @param request request
+     * @return boolean
+     */
+    private boolean isJsonRequest(HttpServletRequest request) {
+        String contentType = request.getContentType();
+        if (contentType != null) {
+            return StringUtils.startsWithIgnoreCase(contentType, MediaType.APPLICATION_JSON_VALUE);
+        }
+        return false;
+    }
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java

@@ -0,0 +1,146 @@
+package com.ruoyi.framework.aspectj;
+
+import com.ruoyi.common.annotation.DataScope;
+import com.ruoyi.common.core.domain.BaseEntity;
+import com.ruoyi.common.core.domain.entity.SysRole;
+import com.ruoyi.common.core.domain.entity.SysUser;
+import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.core.service.UserService;
+import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.reflect.ReflectUtils;
+import com.ruoyi.common.utils.spring.SpringUtils;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.springframework.stereotype.Component;
+
+import java.util.Map;
+
+/**
+ * 数据过滤处理
+ *
+ * @author Lion Li
+ */
+@Aspect
+@Component
+public class DataScopeAspect {
+
+	/**
+	 * 全部数据权限
+	 */
+	public static final String DATA_SCOPE_ALL = "1";
+
+	/**
+	 * 自定数据权限
+	 */
+	public static final String DATA_SCOPE_CUSTOM = "2";
+
+	/**
+	 * 部门数据权限
+	 */
+	public static final String DATA_SCOPE_DEPT = "3";
+
+	/**
+	 * 部门及以下数据权限
+	 */
+	public static final String DATA_SCOPE_DEPT_AND_CHILD = "4";
+
+	/**
+	 * 仅本人数据权限
+	 */
+	public static final String DATA_SCOPE_SELF = "5";
+
+	/**
+	 * 数据权限过滤关键字
+	 */
+	public static final String DATA_SCOPE = "dataScope";
+
+	@Before("@annotation(controllerDataScope)")
+	public void doBefore(JoinPoint point, DataScope controllerDataScope) throws Throwable {
+		clearDataScope(point);
+		handleDataScope(point, controllerDataScope);
+	}
+
+	protected void handleDataScope(final JoinPoint joinPoint, DataScope controllerDataScope) {
+		// 获取当前的用户
+		LoginUser loginUser = SecurityUtils.getLoginUser();
+		if (StringUtils.isNotNull(loginUser)) {
+			SysUser currentUser = SpringUtils.getBean(UserService.class).selectUserById(loginUser.getUserId());
+            // 如果是超级管理员，则不过滤数据
+			if (StringUtils.isNotNull(currentUser) && !currentUser.isAdmin()) {
+				dataScopeFilter(joinPoint, currentUser, controllerDataScope.deptAlias(),
+					controllerDataScope.userAlias(), controllerDataScope.isUser());
+			}
+		}
+	}
+
+	/**
+	 * 数据范围过滤
+	 *
+	 * @param joinPoint 切点
+	 * @param user      用户
+	 * @param userAlias 别名
+	 */
+	public static void dataScopeFilter(JoinPoint joinPoint, SysUser user, String deptAlias, String userAlias, boolean isUser) {
+		StringBuilder sqlString = new StringBuilder();
+
+		// 将 "." 提取出,不写别名为单表查询,写别名为多表查询
+		deptAlias = StringUtils.isNotBlank(deptAlias) ? deptAlias + "." : "";
+		userAlias = StringUtils.isNotBlank(userAlias) ? userAlias + "." : "";
+
+		for (SysRole role : user.getRoles()) {
+			String dataScope = role.getDataScope();
+			if (DATA_SCOPE_ALL.equals(dataScope)) {
+				sqlString = new StringBuilder();
+				break;
+			} else if (DATA_SCOPE_CUSTOM.equals(dataScope)) {
+				sqlString.append(StringUtils.format(
+					" OR {}dept_id IN ( SELECT dept_id FROM sys_role_dept WHERE role_id = {} ) ",
+					deptAlias, role.getRoleId()));
+			} else if (DATA_SCOPE_DEPT.equals(dataScope)) {
+				sqlString.append(StringUtils.format(" OR {}dept_id = {} ",
+					deptAlias, user.getDeptId()));
+			} else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) {
+				sqlString.append(StringUtils.format(
+					" OR {}dept_id IN ( SELECT dept_id FROM sys_dept WHERE dept_id = {} or find_in_set( {} , ancestors ) )",
+					deptAlias, user.getDeptId(), user.getDeptId()));
+			} else if (DATA_SCOPE_SELF.equals(dataScope)) {
+				if (isUser) {
+					sqlString.append(StringUtils.format(" OR {}user_id = {} ",
+						userAlias, user.getUserId()));
+				} else {
+					// 数据权限为仅本人且没有userAlias别名不查询任何数据
+					sqlString.append(" OR 1=0 ");
+				}
+			}
+		}
+
+		if (StringUtils.isNotBlank(sqlString.toString())) {
+			putDataScope(joinPoint, sqlString.substring(4));
+		}
+	}
+
+	/**
+	 * 拼接权限sql前先清空params.dataScope参数防止注入
+	 */
+	private void clearDataScope(final JoinPoint joinPoint) {
+		Object params = joinPoint.getArgs()[0];
+		if (StringUtils.isNotNull(params)) {
+			putDataScope(joinPoint, "");
+		}
+	}
+
+	private static void putDataScope(JoinPoint joinPoint, String sql) {
+		Object params = joinPoint.getArgs()[0];
+		if (StringUtils.isNotNull(params)) {
+			if (params instanceof BaseEntity) {
+				BaseEntity baseEntity = (BaseEntity) params;
+				baseEntity.getParams().put(DATA_SCOPE, sql);
+			} else {
+				Map<String, Object> invoke = ReflectUtils.invokeGetter(params, "params");
+				invoke.put(DATA_SCOPE, sql);
+			}
+		}
+	}
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataSourceAspect.java

@@ -0,0 +1,63 @@
+package com.ruoyi.framework.aspectj;
+
+import com.baomidou.dynamic.datasource.toolkit.DynamicDataSourceContextHolder;
+import com.ruoyi.common.annotation.DataSource;
+import com.ruoyi.common.utils.StringUtils;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Pointcut;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.springframework.core.annotation.AnnotationUtils;
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Component;
+
+import java.util.Objects;
+
+/**
+ * 多数据源处理
+ *
+ * @author Lion Li
+ */
+@Aspect
+@Order(-500)
+@Component
+public class DataSourceAspect {
+
+	@Pointcut("@annotation(com.ruoyi.common.annotation.DataSource)"
+			+ "|| @within(com.ruoyi.common.annotation.DataSource)")
+	public void dsPointCut() {
+	}
+
+	@Around("dsPointCut()")
+	public Object around(ProceedingJoinPoint point) throws Throwable {
+		DataSource dataSource = getDataSource(point);
+
+		if (StringUtils.isNotNull(dataSource)) {
+			DynamicDataSourceContextHolder.poll();
+			String source = dataSource.value().getSource();
+			DynamicDataSourceContextHolder.push(source);
+		}
+
+		try {
+			return point.proceed();
+		} finally {
+			// 销毁数据源 在执行方法之后
+			DynamicDataSourceContextHolder.clear();
+		}
+	}
+
+	/**
+	 * 获取需要切换的数据源
+	 */
+	public DataSource getDataSource(ProceedingJoinPoint point) {
+		MethodSignature signature = (MethodSignature) point.getSignature();
+		DataSource dataSource = AnnotationUtils.findAnnotation(signature.getMethod(), DataSource.class);
+		if (Objects.nonNull(dataSource)) {
+			return dataSource;
+		}
+
+		return AnnotationUtils.findAnnotation(signature.getDeclaringType(), DataSource.class);
+	}
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/LogAspect.java

@@ -0,0 +1,186 @@
+package com.ruoyi.framework.aspectj;
+
+import com.ruoyi.common.annotation.Log;
+import com.ruoyi.common.core.domain.dto.OperLogDTO;
+import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.core.service.OperLogService;
+import com.ruoyi.common.enums.BusinessStatus;
+import com.ruoyi.common.enums.HttpMethod;
+import com.ruoyi.common.utils.JsonUtils;
+import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.spring.SpringUtils;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.AfterReturning;
+import org.aspectj.lang.annotation.AfterThrowing;
+import org.aspectj.lang.annotation.Aspect;
+import org.springframework.stereotype.Component;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.multipart.MultipartFile;
+import org.springframework.web.servlet.HandlerMapping;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Collection;
+import java.util.Map;
+
+/**
+ * 操作日志记录处理
+ *
+ * @author Lion Li
+ */
+@Slf4j
+@Aspect
+@Component
+public class LogAspect {
+
+    /**
+     * 处理完请求后执行
+     *
+     * @param joinPoint 切点
+     */
+    @AfterReturning(pointcut = "@annotation(controllerLog)", returning = "jsonResult")
+    public void doAfterReturning(JoinPoint joinPoint, Log controllerLog, Object jsonResult) {
+        handleLog(joinPoint, controllerLog, null, jsonResult);
+    }
+
+    /**
+     * 拦截异常操作
+     *
+     * @param joinPoint 切点
+     * @param e         异常
+     */
+    @AfterThrowing(value = "@annotation(controllerLog)", throwing = "e")
+    public void doAfterThrowing(JoinPoint joinPoint, Log controllerLog, Exception e) {
+        handleLog(joinPoint, controllerLog, e, null);
+    }
+
+    protected void handleLog(final JoinPoint joinPoint, Log controllerLog, final Exception e, Object jsonResult) {
+        try {
+
+            // 获取当前的用户
+            LoginUser loginUser = SecurityUtils.getLoginUser();
+
+            // *========数据库日志=========*//
+            OperLogDTO operLog = new OperLogDTO();
+            operLog.setStatus(BusinessStatus.SUCCESS.ordinal());
+            // 请求的地址
+            String ip = ServletUtils.getClientIP();
+            operLog.setOperIp(ip);
+            operLog.setOperUrl(ServletUtils.getRequest().getRequestURI());
+            if (loginUser != null) {
+                operLog.setOperName(loginUser.getUsername());
+            }
+
+            if (e != null) {
+                operLog.setStatus(BusinessStatus.FAIL.ordinal());
+                operLog.setErrorMsg(StringUtils.substring(e.getMessage(), 0, 2000));
+            }
+            // 设置方法名称
+            String className = joinPoint.getTarget().getClass().getName();
+            String methodName = joinPoint.getSignature().getName();
+            operLog.setMethod(className + "." + methodName + "()");
+            // 设置请求方式
+            operLog.setRequestMethod(ServletUtils.getRequest().getMethod());
+            // 处理设置注解上的参数
+            getControllerMethodDescription(joinPoint, controllerLog, operLog, jsonResult);
+            // 保存数据库
+            SpringUtils.getBean(OperLogService.class).recordOper(operLog);
+        } catch (Exception exp) {
+            // 记录本地异常日志
+            log.error("==前置通知异常==");
+            log.error("异常信息:{}", exp.getMessage());
+            exp.printStackTrace();
+        }
+    }
+
+    /**
+     * 获取注解中对方法的描述信息 用于Controller层注解
+     *
+     * @param log     日志
+     * @param operLog 操作日志
+     * @throws Exception
+     */
+    public void getControllerMethodDescription(JoinPoint joinPoint, Log log, OperLogDTO operLog, Object jsonResult) throws Exception {
+        // 设置action动作
+        operLog.setBusinessType(log.businessType().ordinal());
+        // 设置标题
+        operLog.setTitle(log.title());
+        // 设置操作人类别
+        operLog.setOperatorType(log.operatorType().ordinal());
+        // 是否需要保存request，参数和值
+        if (log.isSaveRequestData()) {
+            // 获取参数的信息，传入到数据库中。
+            setRequestValue(joinPoint, operLog);
+        }
+        // 是否需要保存response，参数和值
+        if (log.isSaveResponseData() && StringUtils.isNotNull(jsonResult)) {
+            operLog.setJsonResult(StringUtils.substring(JsonUtils.toJsonString(jsonResult), 0, 2000));
+        }
+    }
+
+    /**
+     * 获取请求的参数，放到log中
+     *
+     * @param operLog 操作日志
+     * @throws Exception 异常
+     */
+    private void setRequestValue(JoinPoint joinPoint, OperLogDTO operLog) throws Exception {
+        String requestMethod = operLog.getRequestMethod();
+        if (HttpMethod.PUT.name().equals(requestMethod) || HttpMethod.POST.name().equals(requestMethod)) {
+            String params = argsArrayToString(joinPoint.getArgs());
+            operLog.setOperParam(StringUtils.substring(params, 0, 2000));
+        } else {
+            Map<?, ?> paramsMap = (Map<?, ?>) ServletUtils.getRequest().getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE);
+            operLog.setOperParam(StringUtils.substring(paramsMap.toString(), 0, 2000));
+        }
+    }
+
+    /**
+     * 参数拼装
+     */
+    private String argsArrayToString(Object[] paramsArray) {
+        StringBuilder params = new StringBuilder();
+        if (paramsArray != null && paramsArray.length > 0) {
+            for (Object o : paramsArray) {
+                if (StringUtils.isNotNull(o) && !isFilterObject(o)) {
+                    try {
+                        params.append(JsonUtils.toJsonString(o)).append(" ");
+                    } catch (Exception e) {
+                        e.printStackTrace();
+                    }
+                }
+            }
+        }
+        return params.toString().trim();
+    }
+
+    /**
+     * 判断是否需要过滤的对象。
+     *
+     * @param o 对象信息。
+     * @return 如果是需要过滤的对象，则返回true；否则返回false。
+     */
+    @SuppressWarnings("rawtypes")
+    public boolean isFilterObject(final Object o) {
+        Class<?> clazz = o.getClass();
+        if (clazz.isArray()) {
+            return clazz.getComponentType().isAssignableFrom(MultipartFile.class);
+        } else if (Collection.class.isAssignableFrom(clazz)) {
+            Collection collection = (Collection) o;
+            for (Object value : collection) {
+                return value instanceof MultipartFile;
+            }
+        } else if (Map.class.isAssignableFrom(clazz)) {
+            Map map = (Map) o;
+            for (Object value : map.entrySet()) {
+                Map.Entry entry = (Map.Entry) value;
+                return entry.getValue() instanceof MultipartFile;
+            }
+        }
+        return o instanceof MultipartFile || o instanceof HttpServletRequest || o instanceof HttpServletResponse
+                || o instanceof BindingResult;
+    }
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/RateLimiterAspect.java

@@ -0,0 +1,65 @@
+package com.ruoyi.framework.aspectj;
+
+import com.ruoyi.common.annotation.RateLimiter;
+import com.ruoyi.common.enums.LimitType;
+import com.ruoyi.common.exception.ServiceException;
+import com.ruoyi.common.utils.RedisUtils;
+import com.ruoyi.common.utils.ServletUtils;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.aspectj.lang.reflect.MethodSignature;
+import org.redisson.api.RateType;
+import org.springframework.stereotype.Component;
+
+import java.lang.reflect.Method;
+
+/**
+ * 限流处理
+ *
+ * @author Lion Li
+ */
+@Slf4j
+@Aspect
+@Component
+public class RateLimiterAspect {
+
+    @Before("@annotation(rateLimiter)")
+    public void doBefore(JoinPoint point, RateLimiter rateLimiter) throws Throwable {
+        int time = rateLimiter.time();
+        int count = rateLimiter.count();
+        String combineKey = getCombineKey(rateLimiter, point);
+        try {
+            RateType rateType = RateType.OVERALL;
+            if (rateLimiter.limitType() == LimitType.CLUSTER) {
+                rateType = RateType.PER_CLIENT;
+            }
+            long number = RedisUtils.rateLimiter(combineKey, rateType, count, time);
+            if (number == -1) {
+                throw new ServiceException("访问过于频繁，请稍候再试");
+            }
+            log.info("限制令牌 => {}, 剩余令牌 => {}, 缓存key => '{}'", count, number, combineKey);
+        } catch (ServiceException e) {
+            throw e;
+        } catch (Exception e) {
+            throw new RuntimeException("服务器限流异常，请稍候再试");
+        }
+    }
+
+    public String getCombineKey(RateLimiter rateLimiter, JoinPoint point) {
+        StringBuilder stringBuffer = new StringBuilder(rateLimiter.key());
+        if (rateLimiter.limitType() == LimitType.IP) {
+            // 获取请求ip
+            stringBuffer.append(ServletUtils.getClientIP()).append("-");
+        } else if (rateLimiter.limitType() == LimitType.CLUSTER){
+            // 获取客户端实例id
+            stringBuffer.append(RedisUtils.getClientId()).append("-");
+        }
+        MethodSignature signature = (MethodSignature) point.getSignature();
+        Method method = signature.getMethod();
+        Class<?> targetClass = method.getDeclaringClass();
+        stringBuffer.append(targetClass.getName()).append("-").append(method.getName());
+        return stringBuffer.toString();
+    }
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/RepeatSubmitAspect.java

@@ -0,0 +1,121 @@
+package com.ruoyi.framework.aspectj;
+
+import cn.hutool.crypto.SecureUtil;
+import com.ruoyi.common.annotation.RepeatSubmit;
+import com.ruoyi.common.constant.Constants;
+import com.ruoyi.common.exception.ServiceException;
+import com.ruoyi.common.properties.TokenProperties;
+import com.ruoyi.common.utils.JsonUtils;
+import com.ruoyi.common.utils.RedisUtils;
+import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.framework.config.properties.RepeatSubmitProperties;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.multipart.MultipartFile;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Collection;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * 防止重复提交
+ *
+ * @author Lion Li
+ */
+@Slf4j
+@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@Aspect
+@Component
+public class RepeatSubmitAspect {
+
+    private final TokenProperties tokenProperties;
+    private final RepeatSubmitProperties repeatSubmitProperties;
+
+    @Before("@annotation(repeatSubmit)")
+    public void doBefore(JoinPoint point, RepeatSubmit repeatSubmit) throws Throwable {
+        // 如果注解不为0 则使用注解数值
+        long interval = repeatSubmitProperties.getInterval();
+        if (repeatSubmit.interval() > 0) {
+            interval = repeatSubmit.timeUnit().toMillis(repeatSubmit.interval());
+        }
+        if (interval < 1000) {
+            throw new ServiceException("重复提交间隔时间不能小于'1'秒");
+        }
+        HttpServletRequest request = ServletUtils.getRequest();
+        String nowParams = argsArrayToString(point.getArgs());
+
+        // 请求地址（作为存放cache的key值）
+        String url = request.getRequestURI();
+
+        // 唯一值（没有消息头则使用请求地址）
+        String submitKey = request.getHeader(tokenProperties.getHeader());
+        if (StringUtils.isEmpty(submitKey)) {
+            submitKey = url;
+        }
+        submitKey = SecureUtil.md5(submitKey + ":" + nowParams);
+        // 唯一标识（指定key + 消息头）
+        String cacheRepeatKey = Constants.REPEAT_SUBMIT_KEY + submitKey;
+        String key = RedisUtils.getCacheObject(cacheRepeatKey);
+        if (key == null) {
+            RedisUtils.setCacheObject(cacheRepeatKey, "", interval, TimeUnit.MILLISECONDS);
+        } else {
+            throw new ServiceException(repeatSubmit.message());
+        }
+    }
+
+    /**
+     * 参数拼装
+     */
+    private String argsArrayToString(Object[] paramsArray) {
+        StringBuilder params = new StringBuilder();
+        if (paramsArray != null && paramsArray.length > 0) {
+            for (Object o : paramsArray) {
+                if (StringUtils.isNotNull(o) && !isFilterObject(o)) {
+                    try {
+                        params.append(JsonUtils.toJsonString(o)).append(" ");
+                    } catch (Exception e) {
+                        e.printStackTrace();
+                    }
+                }
+            }
+        }
+        return params.toString().trim();
+    }
+
+    /**
+     * 判断是否需要过滤的对象。
+     *
+     * @param o 对象信息。
+     * @return 如果是需要过滤的对象，则返回true；否则返回false。
+     */
+    @SuppressWarnings("rawtypes")
+    public boolean isFilterObject(final Object o) {
+        Class<?> clazz = o.getClass();
+        if (clazz.isArray()) {
+            return clazz.getComponentType().isAssignableFrom(MultipartFile.class);
+        } else if (Collection.class.isAssignableFrom(clazz)) {
+            Collection collection = (Collection) o;
+            for (Object value : collection) {
+                return value instanceof MultipartFile;
+            }
+        } else if (Map.class.isAssignableFrom(clazz)) {
+            Map map = (Map) o;
+            for (Object value : map.entrySet()) {
+                Map.Entry entry = (Map.Entry) value;
+                return entry.getValue() instanceof MultipartFile;
+            }
+        }
+        return o instanceof MultipartFile || o instanceof HttpServletRequest || o instanceof HttpServletResponse
+            || o instanceof BindingResult;
+    }
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/ApplicationConfig.java

@@ -0,0 +1,16 @@
+package com.ruoyi.framework.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.EnableAspectJAutoProxy;
+
+/**
+ * 程序注解配置
+ *
+ * @author Lion Li
+ */
+@Configuration
+// 表示通过aop框架暴露该代理对象,AopContext能够访问
+@EnableAspectJAutoProxy(exposeProxy = true)
+public class ApplicationConfig {
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/AsyncConfig.java

@@ -0,0 +1,55 @@
+package com.ruoyi.framework.config;
+
+import cn.hutool.core.util.ArrayUtil;
+import com.ruoyi.common.exception.ServiceException;
+import org.springframework.aop.interceptor.AsyncUncaughtExceptionHandler;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.scheduling.annotation.AsyncConfigurerSupport;
+import org.springframework.scheduling.annotation.EnableAsync;
+import org.springframework.security.concurrent.DelegatingSecurityContextExecutorService;
+
+import java.util.Arrays;
+import java.util.concurrent.Executor;
+import java.util.concurrent.ScheduledExecutorService;
+
+/**
+ * 异步配置
+ *
+ * @author Lion Li
+ */
+@EnableAsync
+@Configuration
+public class AsyncConfig extends AsyncConfigurerSupport {
+
+	@Autowired
+	@Qualifier("scheduledExecutorService")
+	private ScheduledExecutorService scheduledExecutorService;
+
+    /**
+     * 异步执行需要使用权限框架自带的包装线程池  保证权限信息的传递
+     */
+    @Override
+    public Executor getAsyncExecutor() {
+        return new DelegatingSecurityContextExecutorService(scheduledExecutorService);
+    }
+
+    /**
+     * 异步执行异常处理
+     */
+    @Override
+    public AsyncUncaughtExceptionHandler getAsyncUncaughtExceptionHandler() {
+        return (throwable, method, objects) -> {
+            throwable.printStackTrace();
+            StringBuilder sb = new StringBuilder();
+            sb.append("Exception message - ").append(throwable.getMessage())
+                    .append(", Method name - ").append(method.getName());
+            if (ArrayUtil.isNotEmpty(objects)) {
+                sb.append(", Parameter value - ").append(Arrays.toString(objects));
+            }
+            throw new ServiceException(sb.toString());
+        };
+    }
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/CaptchaConfig.java

@@ -0,0 +1,62 @@
+package com.ruoyi.framework.config;
+
+import cn.hutool.captcha.CaptchaUtil;
+import cn.hutool.captcha.CircleCaptcha;
+import cn.hutool.captcha.LineCaptcha;
+import cn.hutool.captcha.ShearCaptcha;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Lazy;
+
+import java.awt.*;
+
+/**
+ * 验证码配置
+ *
+ * @author Lion Li
+ */
+@Configuration
+public class CaptchaConfig {
+
+    private final int width = 160;
+    private final int height = 60;
+    private final Color background = Color.PINK;
+    private final Font font = new Font("Arial", Font.BOLD, 48);
+
+    /**
+     * 圆圈干扰验证码
+     */
+    @Lazy
+    @Bean
+    public CircleCaptcha circleCaptcha() {
+        CircleCaptcha captcha = CaptchaUtil.createCircleCaptcha(width, height);
+        captcha.setBackground(background);
+        captcha.setFont(font);
+        return captcha;
+    }
+
+    /**
+     * 线段干扰的验证码
+     */
+    @Lazy
+    @Bean
+    public LineCaptcha lineCaptcha() {
+        LineCaptcha captcha = CaptchaUtil.createLineCaptcha(width, height);
+        captcha.setBackground(background);
+        captcha.setFont(font);
+        return captcha;
+    }
+
+    /**
+     * 扭曲干扰验证码
+     */
+    @Lazy
+    @Bean
+    public ShearCaptcha shearCaptcha() {
+        ShearCaptcha captcha = CaptchaUtil.createShearCaptcha(width, height);
+        captcha.setBackground(background);
+        captcha.setFont(font);
+        return captcha;
+    }
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/DruidConfig.java

@@ -0,0 +1,66 @@
+package com.ruoyi.framework.config;
+
+import com.alibaba.druid.spring.boot.autoconfigure.properties.DruidStatProperties;
+import com.alibaba.druid.util.Utils;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import javax.servlet.*;
+import java.io.IOException;
+
+/**
+ * druid 配置多数据源
+ *
+ * @author ruoyi
+ */
+@Configuration
+public class DruidConfig {
+
+    /**
+     * 去除监控页面底部的广告
+     */
+    @SuppressWarnings({ "rawtypes", "unchecked" })
+    @Bean
+    @ConditionalOnProperty(name = "spring.datasource.druid.statViewServlet.enabled", havingValue = "true")
+    public FilterRegistrationBean removeDruidFilterRegistrationBean(DruidStatProperties properties)
+    {
+        // 获取web监控页面的参数
+        DruidStatProperties.StatViewServlet config = properties.getStatViewServlet();
+        // 提取common.js的配置路径
+        String pattern = config.getUrlPattern() != null ? config.getUrlPattern() : "/druid/*";
+        String commonJsPattern = pattern.replaceAll("\\*", "js/common.js");
+        final String filePath = "support/http/resources/js/common.js";
+        // 创建filter进行过滤
+        Filter filter = new Filter()
+        {
+            @Override
+            public void init(javax.servlet.FilterConfig filterConfig) throws ServletException
+            {
+            }
+            @Override
+            public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+                    throws IOException, ServletException
+            {
+                chain.doFilter(request, response);
+                // 重置缓冲区，响应头不会被重置
+//                response.resetBuffer();
+                // 获取common.js
+                String text = Utils.readFromResource(filePath);
+                // 正则替换banner, 除去底部的广告信息
+                text = text.replaceAll("<a.*?banner\"></a><br/>", "");
+                text = text.replaceAll("powered.*?shrek.wang</a>", "");
+                response.getWriter().write(text);
+            }
+            @Override
+            public void destroy()
+            {
+            }
+        };
+        FilterRegistrationBean registrationBean = new FilterRegistrationBean();
+        registrationBean.setFilter(filter);
+        registrationBean.addUrlPatterns(commonJsPattern);
+        return registrationBean;
+    }
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/FilterConfig.java

@@ -0,0 +1,55 @@
+package com.ruoyi.framework.config;
+
+import com.ruoyi.common.filter.RepeatableFilter;
+import com.ruoyi.common.filter.XssFilter;
+import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.framework.config.properties.XssProperties;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import javax.servlet.DispatcherType;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Filter配置
+ *
+ * @author Lion Li
+ */
+@Configuration
+public class FilterConfig {
+
+    @Autowired
+    private XssProperties xssProperties;
+
+    @SuppressWarnings({"rawtypes", "unchecked"})
+    @Bean
+    @ConditionalOnProperty(value = "xss.enabled", havingValue = "true")
+    public FilterRegistrationBean xssFilterRegistration() {
+        FilterRegistrationBean registration = new FilterRegistrationBean();
+        registration.setDispatcherTypes(DispatcherType.REQUEST);
+        registration.setFilter(new XssFilter());
+        registration.addUrlPatterns(StringUtils.split(xssProperties.getUrlPatterns(), ","));
+        registration.setName("xssFilter");
+        registration.setOrder(FilterRegistrationBean.HIGHEST_PRECEDENCE);
+        Map<String, String> initParameters = new HashMap<String, String>();
+        initParameters.put("excludes", xssProperties.getExcludes());
+        registration.setInitParameters(initParameters);
+        return registration;
+    }
+
+    @SuppressWarnings({"rawtypes", "unchecked"})
+    @Bean
+    public FilterRegistrationBean someFilterRegistration() {
+        FilterRegistrationBean registration = new FilterRegistrationBean();
+        registration.setFilter(new RepeatableFilter());
+        registration.addUrlPatterns("/*");
+        registration.setName("repeatableFilter");
+        registration.setOrder(FilterRegistrationBean.LOWEST_PRECEDENCE);
+        return registration;
+    }
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/I18nConfig.java

@@ -0,0 +1,46 @@
+package com.ruoyi.framework.config;
+
+import cn.hutool.core.util.StrUtil;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.LocaleResolver;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Locale;
+
+/**
+ * 国际化配置
+ *
+ * @author Lion Li
+ */
+@Configuration
+public class I18nConfig {
+
+	@Bean
+	public LocaleResolver localeResolver() {
+		return new I18nLocaleResolver();
+	}
+
+	/**
+	 * 获取请求头国际化信息
+	 */
+	static class I18nLocaleResolver implements LocaleResolver {
+
+		@Override
+		public Locale resolveLocale(HttpServletRequest httpServletRequest) {
+			String language = httpServletRequest.getHeader("content-language");
+			Locale locale = Locale.getDefault();
+			if (StrUtil.isNotBlank(language)) {
+				String[] split = language.split("_");
+				locale = new Locale(split[0], split[1]);
+			}
+			return locale;
+		}
+
+		@Override
+		public void setLocale(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Locale locale) {
+
+		}
+	}
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/JacksonConfig.java

@@ -0,0 +1,50 @@
+package com.ruoyi.framework.config;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
+import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateTimeDeserializer;
+import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateTimeSerializer;
+import com.ruoyi.framework.jackson.BigNumberSerializer;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.boot.autoconfigure.jackson.JacksonProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder;
+
+import java.math.BigDecimal;
+import java.math.BigInteger;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
+import java.util.TimeZone;
+
+/**
+ * jackson 配置
+ *
+ * @author Lion Li
+ */
+@Slf4j
+@Configuration
+public class JacksonConfig {
+
+	@Primary
+	@Bean
+	public ObjectMapper getObjectMapper(Jackson2ObjectMapperBuilder builder, JacksonProperties jacksonProperties) {
+		ObjectMapper objectMapper = builder.createXmlMapper(false).build();
+		// 全局配置序列化返回 JSON 处理
+		SimpleModule simpleModule = new SimpleModule();
+		simpleModule.addSerializer(Long.class, BigNumberSerializer.INSTANCE);
+		simpleModule.addSerializer(Long.TYPE, BigNumberSerializer.INSTANCE);
+		simpleModule.addSerializer(BigInteger.class, BigNumberSerializer.INSTANCE);
+		simpleModule.addSerializer(BigDecimal.class, ToStringSerializer.instance);
+		DateTimeFormatter formatter = DateTimeFormatter.ofPattern(jacksonProperties.getDateFormat());
+		simpleModule.addSerializer(LocalDateTime.class, new LocalDateTimeSerializer(formatter));
+		simpleModule.addDeserializer(LocalDateTime.class, new LocalDateTimeDeserializer(formatter));
+		objectMapper.registerModule(simpleModule);
+		objectMapper.setTimeZone(TimeZone.getDefault());
+		log.info("初始化 jackson 配置");
+		return objectMapper;
+	}
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/MybatisPlusConfig.java

@@ -0,0 +1,102 @@
+package com.ruoyi.framework.config;
+
+import com.baomidou.mybatisplus.core.handlers.MetaObjectHandler;
+import com.baomidou.mybatisplus.core.injector.AbstractMethod;
+import com.baomidou.mybatisplus.core.injector.DefaultSqlInjector;
+import com.baomidou.mybatisplus.core.injector.ISqlInjector;
+import com.baomidou.mybatisplus.core.metadata.TableInfo;
+import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
+import com.baomidou.mybatisplus.extension.plugins.inner.OptimisticLockerInnerInterceptor;
+import com.baomidou.mybatisplus.extension.plugins.inner.PaginationInnerInterceptor;
+import com.ruoyi.common.core.mybatisplus.methods.InsertAll;
+import com.ruoyi.framework.handler.CreateAndUpdateMetaObjectHandler;
+import org.mybatis.spring.annotation.MapperScan;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.transaction.annotation.EnableTransactionManagement;
+
+import java.util.List;
+
+/**
+ * mybatis-plus配置类(下方注释有插件介绍)
+ *
+ * @author Lion Li
+ */
+@EnableTransactionManagement(proxyTargetClass = true)
+@Configuration
+@MapperScan("${mybatis-plus.mapperPackage}")
+public class MybatisPlusConfig {
+
+	@Bean
+	public MybatisPlusInterceptor mybatisPlusInterceptor() {
+		MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor();
+		// 分页插件
+		interceptor.addInnerInterceptor(paginationInnerInterceptor());
+		// 乐观锁插件
+		interceptor.addInnerInterceptor(optimisticLockerInnerInterceptor());
+		return interceptor;
+	}
+
+	/**
+	 * 分页插件，自动识别数据库类型
+	 */
+	public PaginationInnerInterceptor paginationInnerInterceptor() {
+		PaginationInnerInterceptor paginationInnerInterceptor = new PaginationInnerInterceptor();
+		// 设置最大单页限制数量，默认 500 条，-1 不受限制
+		paginationInnerInterceptor.setMaxLimit(-1L);
+		// 分页合理化
+		paginationInnerInterceptor.setOverflow(true);
+		return paginationInnerInterceptor;
+	}
+
+	/**
+	 * 乐观锁插件
+	 */
+	public OptimisticLockerInnerInterceptor optimisticLockerInnerInterceptor() {
+		return new OptimisticLockerInnerInterceptor();
+	}
+
+	/**
+	 * 元对象字段填充控制器
+	 */
+	@Bean
+	public MetaObjectHandler metaObjectHandler() {
+		return new CreateAndUpdateMetaObjectHandler();
+	}
+
+	/**
+	 * sql注入器配置
+	 */
+	@Bean
+	public ISqlInjector sqlInjector() {
+		return new DefaultSqlInjector() {
+			@Override
+			public List<AbstractMethod> getMethodList(Class<?> mapperClass, TableInfo tableInfo) {
+				List<AbstractMethod> methodList = super.getMethodList(mapperClass, tableInfo);
+				methodList.add(new InsertAll());
+				return methodList;
+			}
+		};
+	}
+
+	/**
+	 * PaginationInnerInterceptor 分页插件，自动识别数据库类型
+	 * https://baomidou.com/guide/interceptor-pagination.html
+	 * OptimisticLockerInnerInterceptor 乐观锁插件
+	 * https://baomidou.com/guide/interceptor-optimistic-locker.html
+	 * MetaObjectHandler 元对象字段填充控制器
+	 * https://baomidou.com/guide/auto-fill-metainfo.html
+	 * ISqlInjector sql注入器
+	 * https://baomidou.com/guide/sql-injector.html
+	 * BlockAttackInnerInterceptor 如果是对全表的删除或更新操作，就会终止该操作
+	 * https://baomidou.com/guide/interceptor-block-attack.html
+	 * IllegalSQLInnerInterceptor sql性能规范插件(垃圾SQL拦截)
+	 * IdentifierGenerator 自定义主键策略
+	 * https://baomidou.com/guide/id-generator.html
+	 * TenantLineInnerInterceptor 多租户插件
+	 * https://baomidou.com/guide/interceptor-tenant-line.html
+	 * DynamicTableNameInnerInterceptor 动态表名插件
+	 * https://baomidou.com/guide/interceptor-dynamic-table-name.html
+	 */
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/RedisConfig.java

@@ -0,0 +1,191 @@
+package com.ruoyi.framework.config;
+
+import cn.hutool.core.util.ObjectUtil;
+import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.framework.config.properties.RedissonProperties;
+import lombok.extern.slf4j.Slf4j;
+import org.redisson.Redisson;
+import org.redisson.api.RedissonClient;
+import org.redisson.codec.JsonJacksonCodec;
+import org.redisson.config.Config;
+import org.redisson.spring.cache.CacheConfig;
+import org.redisson.spring.cache.RedissonSpringCacheManager;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.autoconfigure.data.redis.RedisProperties;
+import org.springframework.cache.CacheManager;
+import org.springframework.cache.annotation.CachingConfigurerSupport;
+import org.springframework.cache.annotation.EnableCaching;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * redis配置
+ *
+ * @author Lion Li
+ */
+@Slf4j
+@Configuration
+@EnableCaching
+public class RedisConfig extends CachingConfigurerSupport {
+
+	private static final String REDIS_PROTOCOL_PREFIX = "redis://";
+	private static final String REDISS_PROTOCOL_PREFIX = "rediss://";
+
+	@Autowired
+	private RedisProperties redisProperties;
+
+	@Autowired
+	private RedissonProperties redissonProperties;
+
+	@Bean(destroyMethod = "shutdown")
+	@ConditionalOnMissingBean(RedissonClient.class)
+	public RedissonClient redisson() throws IOException {
+		String prefix = REDIS_PROTOCOL_PREFIX;
+		if (redisProperties.isSsl()) {
+			prefix = REDISS_PROTOCOL_PREFIX;
+		}
+		Config config = new Config();
+		config.setThreads(redissonProperties.getThreads())
+			.setNettyThreads(redissonProperties.getNettyThreads())
+			.setCodec(JsonJacksonCodec.INSTANCE)
+			.setTransportMode(redissonProperties.getTransportMode());
+
+		RedissonProperties.SingleServerConfig singleServerConfig = redissonProperties.getSingleServerConfig();
+		if (ObjectUtil.isNotNull(singleServerConfig)) {
+			// 使用单机模式
+			config.useSingleServer()
+					.setAddress(prefix + redisProperties.getHost() + ":" + redisProperties.getPort())
+					.setConnectTimeout(((Long) redisProperties.getTimeout().toMillis()).intValue())
+					.setDatabase(redisProperties.getDatabase())
+					.setPassword(StringUtils.isNotBlank(redisProperties.getPassword()) ? redisProperties.getPassword() : null)
+					.setTimeout(singleServerConfig.getTimeout())
+					.setRetryAttempts(singleServerConfig.getRetryAttempts())
+					.setRetryInterval(singleServerConfig.getRetryInterval())
+					.setSubscriptionsPerConnection(singleServerConfig.getSubscriptionsPerConnection())
+					.setClientName(singleServerConfig.getClientName())
+					.setIdleConnectionTimeout(singleServerConfig.getIdleConnectionTimeout())
+					.setSubscriptionConnectionMinimumIdleSize(singleServerConfig.getSubscriptionConnectionMinimumIdleSize())
+					.setSubscriptionConnectionPoolSize(singleServerConfig.getSubscriptionConnectionPoolSize())
+					.setConnectionMinimumIdleSize(singleServerConfig.getConnectionMinimumIdleSize())
+					.setConnectionPoolSize(singleServerConfig.getConnectionPoolSize())
+					.setDnsMonitoringInterval(singleServerConfig.getDnsMonitoringInterval());
+		}
+		// 集群配置方式 参考下方注释
+		RedissonProperties.ClusterServersConfig clusterServersConfig = redissonProperties.getClusterServersConfig();
+		if (ObjectUtil.isNotNull(clusterServersConfig)) {
+			// 使用集群模式
+			config.useClusterServers()
+					.setConnectTimeout(((Long) redisProperties.getTimeout().toMillis()).intValue())
+					.setPassword(StringUtils.isNotBlank(redisProperties.getPassword()) ? redisProperties.getPassword() : null)
+					.setTimeout(clusterServersConfig.getTimeout())
+					.setRetryAttempts(clusterServersConfig.getRetryAttempts())
+					.setRetryInterval(clusterServersConfig.getRetryInterval())
+					.setSubscriptionsPerConnection(clusterServersConfig.getSubscriptionsPerConnection())
+					.setClientName(clusterServersConfig.getClientName())
+					.setIdleConnectionTimeout(clusterServersConfig.getIdleConnectionTimeout())
+					.setPingConnectionInterval(clusterServersConfig.getPingConnectionInterval())
+					.setSubscriptionConnectionMinimumIdleSize(clusterServersConfig.getSubscriptionConnectionMinimumIdleSize())
+					.setSubscriptionConnectionPoolSize(clusterServersConfig.getSubscriptionConnectionPoolSize())
+					.setMasterConnectionMinimumIdleSize(clusterServersConfig.getMasterConnectionMinimumIdleSize())
+					.setMasterConnectionPoolSize(clusterServersConfig.getMasterConnectionPoolSize())
+					.setSlaveConnectionMinimumIdleSize(clusterServersConfig.getSlaveConnectionMinimumIdleSize())
+					.setSlaveConnectionPoolSize(clusterServersConfig.getSlaveConnectionPoolSize())
+					.setDnsMonitoringInterval(clusterServersConfig.getDnsMonitoringInterval())
+					.setFailedSlaveReconnectionInterval(clusterServersConfig.getFailedSlaveReconnectionInterval())
+					.setScanInterval(clusterServersConfig.getScanInterval())
+					.setReadMode(clusterServersConfig.getReadMode())
+					.setSubscriptionMode(clusterServersConfig.getSubscriptionMode())
+					.setNodeAddresses(redisProperties.getCluster().getNodes());
+		}
+		RedissonClient redissonClient = Redisson.create(config);
+		log.info("初始化 redis 配置");
+		return redissonClient;
+	}
+
+	/**
+	 * 整合spring-cache
+	 */
+	@Bean
+	public CacheManager cacheManager(RedissonClient redissonClient) {
+		List<RedissonProperties.CacheGroup> cacheGroup = redissonProperties.getCacheGroup();
+		Map<String, CacheConfig> config = new HashMap<>();
+		for (RedissonProperties.CacheGroup group : cacheGroup) {
+			CacheConfig cacheConfig = new CacheConfig(group.getTtl(), group.getMaxIdleTime());
+			cacheConfig.setMaxSize(group.getMaxSize());
+			config.put(group.getGroupId(), cacheConfig);
+		}
+		return new RedissonSpringCacheManager(redissonClient, config, JsonJacksonCodec.INSTANCE);
+	}
+
+	/**
+	 * redis集群配置 yml
+	 *
+	 * --- # redis 集群配置(单机与集群只能开启一个另一个需要注释掉)
+	 * spring:
+	 *   redis:
+	 *     cluster:
+	 *       nodes:
+	 *         - 192.168.0.100:6379
+	 *         - 192.168.0.101:6379
+	 *         - 192.168.0.102:6379
+	 *     # 密码
+	 *     password:
+	 *     # 连接超时时间
+	 *     timeout: 10s
+	 *     # 是否开启ssl
+	 *     ssl: false
+	 *
+	 * redisson:
+	 *   # 线程池数量
+	 *   threads: 16
+	 *   # Netty线程池数量
+	 *   nettyThreads: 32
+	 *   # 传输模式
+	 *   transportMode: "NIO"
+	 *   # 集群配置
+	 *   clusterServersConfig:
+	 *     # 客户端名称
+	 *     clientName: ${ruoyi.name}
+	 *     # master最小空闲连接数
+	 *     masterConnectionMinimumIdleSize: 32
+	 *     # master连接池大小
+	 *     masterConnectionPoolSize: 64
+	 *     # slave最小空闲连接数
+	 *     slaveConnectionMinimumIdleSize: 32
+	 *     # slave连接池大小
+	 *     slaveConnectionPoolSize: 64
+	 *     # 连接空闲超时，单位：毫秒
+	 *     idleConnectionTimeout: 10000
+	 *     # ping连接间隔
+	 *     pingConnectionInterval: 1000
+	 *     # 命令等待超时，单位：毫秒
+	 *     timeout: 3000
+	 *     # 如果尝试在此限制之内发送成功，则开始启用 timeout 计时。
+	 *     retryAttempts: 3
+	 *     # 命令重试发送时间间隔，单位：毫秒
+	 *     retryInterval: 1500
+	 *     # 从可用服务器的内部列表中排除 Redis Slave 重新连接尝试的间隔。
+	 *     failedSlaveReconnectionInterval: 3000
+	 *     # 发布和订阅连接池最小空闲连接数
+	 *     subscriptionConnectionMinimumIdleSize: 1
+	 *     # 发布和订阅连接池大小
+	 *     subscriptionConnectionPoolSize: 50
+	 *     # 单个连接最大订阅数量
+	 *     subscriptionsPerConnection: 5
+	 *     # 扫描间隔
+	 *     scanInterval: 1000
+	 *     # DNS监测时间间隔，单位：毫秒
+	 *     dnsMonitoringInterval: 5000
+	 *     # 读取模式
+	 *     readMode: "SLAVE"
+	 *     # 订阅模式
+	 *     subscriptionMode: "MASTER"
+	 */
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/ResourcesConfig.java

@@ -0,0 +1,55 @@
+package com.ruoyi.framework.config;
+
+import com.ruoyi.framework.Interceptor.PlusWebInvokeTimeInterceptor;
+import com.yomahub.tlog.web.interceptor.TLogWebInterceptor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.filter.CorsFilter;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * 通用配置
+ *
+ * @author Lion Li
+ */
+@Configuration
+public class ResourcesConfig implements WebMvcConfigurer {
+
+    @Override
+    public void addResourceHandlers(ResourceHandlerRegistry registry) {
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        // 全局链路跟踪拦截器
+        registry.addInterceptor(new TLogWebInterceptor());
+        // 全局访问性能拦截
+        registry.addInterceptor(new PlusWebInvokeTimeInterceptor());
+    }
+
+    /**
+     * 跨域配置
+     */
+    @Bean
+    public CorsFilter corsFilter() {
+        CorsConfiguration config = new CorsConfiguration();
+        config.setAllowCredentials(true);
+        // 设置访问源地址
+        config.addAllowedOriginPattern("*");
+        // 设置访问源请求头
+        config.addAllowedHeader("*");
+        // 设置访问源请求方法
+        config.addAllowedMethod("*");
+        // 有效期 1800秒
+        config.setMaxAge(1800L);
+        // 添加映射路径，拦截一切请求
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", config);
+        // 返回新的CorsFilter
+        return new CorsFilter(source);
+    }
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java

@@ -0,0 +1,137 @@
+package com.ruoyi.framework.config;
+
+import com.ruoyi.framework.config.properties.SecurityProperties;
+import com.ruoyi.framework.security.filter.JwtAuthenticationTokenFilter;
+import com.ruoyi.framework.security.handle.AuthenticationEntryPointImpl;
+import com.ruoyi.framework.security.handle.LogoutSuccessHandlerImpl;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.security.web.authentication.logout.LogoutFilter;
+import org.springframework.web.filter.CorsFilter;
+
+/**
+ * spring security配置
+ *
+ * @author ruoyi
+ */
+@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+    /**
+     * 自定义用户认证逻辑
+     */
+    @Autowired
+    private UserDetailsService userDetailsService;
+
+    /**
+     * 认证失败处理类
+     */
+    @Autowired
+    private AuthenticationEntryPointImpl unauthorizedHandler;
+
+    /**
+     * 退出处理类
+     */
+    @Autowired
+    private LogoutSuccessHandlerImpl logoutSuccessHandler;
+
+    /**
+     * token认证过滤器
+     */
+    @Autowired
+    private JwtAuthenticationTokenFilter authenticationTokenFilter;
+
+    /**
+     * 跨域过滤器
+     */
+    @Autowired
+    private CorsFilter corsFilter;
+
+    @Autowired
+    private SecurityProperties securityProperties;
+
+    /**
+     * 解决 无法直接注入 AuthenticationManager
+     *
+     * @return
+     * @throws Exception
+     */
+    @Bean
+    @Override
+    public AuthenticationManager authenticationManagerBean() throws Exception {
+        return super.authenticationManagerBean();
+    }
+
+    /**
+     * anyRequest          |   匹配所有请求路径
+     * access              |   SpringEl表达式结果为true时可以访问
+     * anonymous           |   匿名可以访问
+     * denyAll             |   用户不能访问
+     * fullyAuthenticated  |   用户完全认证可以访问（非remember-me下自动登录）
+     * hasAnyAuthority     |   如果有参数，参数表示权限，则其中任何一个权限可以访问
+     * hasAnyRole          |   如果有参数，参数表示角色，则其中任何一个角色可以访问
+     * hasAuthority        |   如果有参数，参数表示权限，则其权限可以访问
+     * hasIpAddress        |   如果有参数，参数表示IP地址，如果用户IP和参数匹配，则可以访问
+     * hasRole             |   如果有参数，参数表示角色，则其角色可以访问
+     * permitAll           |   用户可以任意访问
+     * rememberMe          |   允许通过remember-me登录的用户访问
+     * authenticated       |   用户登录后可访问
+     */
+    @Override
+    protected void configure(HttpSecurity httpSecurity) throws Exception {
+        httpSecurity
+            // CSRF禁用，因为不使用session
+            .csrf().disable()
+            // 认证失败处理类
+            .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
+            // 基于token，所以不需要session
+            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
+            // 过滤请求
+            .authorizeRequests()
+            .antMatchers(
+                HttpMethod.GET,
+                "/",
+                "/*.html",
+                "/**/*.html",
+                "/**/*.css",
+                "/**/*.js"
+            ).permitAll()
+            .antMatchers(securityProperties.getAnonymous()).anonymous()
+            .antMatchers(securityProperties.getPermitAll()).permitAll()
+            // 除上面外的所有请求全部需要鉴权认证
+            .anyRequest().authenticated()
+            .and()
+            .headers().frameOptions().disable();
+        httpSecurity.logout().logoutUrl(securityProperties.getLogoutUrl()).logoutSuccessHandler(logoutSuccessHandler);
+        // 添加JWT filter
+        httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
+        // 添加CORS filter
+        httpSecurity.addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class);
+        httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);
+    }
+
+    /**
+     * 强散列哈希加密实现
+     */
+    @Bean
+    public BCryptPasswordEncoder bCryptPasswordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    /**
+     * 身份认证接口
+     */
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
+    }
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/SwaggerConfig.java

@@ -0,0 +1,125 @@
+package com.ruoyi.framework.config;
+
+import com.github.xiaoymin.knife4j.spring.annotations.EnableKnife4j;
+import com.github.xiaoymin.knife4j.spring.extension.OpenApiExtensionResolver;
+import com.ruoyi.common.properties.TokenProperties;
+import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.spring.SpringUtils;
+import com.ruoyi.framework.config.properties.SwaggerProperties;
+import io.swagger.models.auth.In;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import springfox.documentation.builders.ApiInfoBuilder;
+import springfox.documentation.builders.PathSelectors;
+import springfox.documentation.builders.RequestHandlerSelectors;
+import springfox.documentation.service.*;
+import springfox.documentation.spi.DocumentationType;
+import springfox.documentation.spi.service.contexts.SecurityContext;
+import springfox.documentation.spring.web.plugins.Docket;
+
+import javax.annotation.PostConstruct;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Swagger 文档配置
+ *
+ * @author Lion Li
+ */
+@Configuration
+@EnableKnife4j
+public class SwaggerConfig {
+
+    @Autowired
+    private SwaggerProperties swaggerProperties;
+
+    @Autowired
+	private TokenProperties tokenProperties;
+
+    @Autowired
+    private OpenApiExtensionResolver openApiExtensionResolver;
+
+    /**
+     * 创建API
+     */
+    @PostConstruct
+    public void createRestApi() {
+		for (SwaggerProperties.Groups group : swaggerProperties.getGroups()) {
+			String basePackage = group.getBasePackage();
+			Docket docket = new Docket(DocumentationType.OAS_30)
+					.enable(swaggerProperties.getEnabled())
+					// 用来创建该API的基本信息，展示在文档的页面中（自定义展示的信息）
+					.apiInfo(apiInfo())
+					// 设置哪些接口暴露给Swagger展示
+					.select()
+					// 扫描所有有注解的api，用这种方式更灵活
+					//.apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class))
+					// 扫描指定包中的swagger注解
+					.apis(RequestHandlerSelectors.basePackage(basePackage))
+					// 扫描所有 .apis(RequestHandlerSelectors.any())
+					.paths(PathSelectors.any())
+					.build()
+					.groupName(group.getName())
+					// 设置安全模式，swagger可以设置访问token
+					.securitySchemes(securitySchemes())
+					.securityContexts(securityContexts())
+                    .extensions(openApiExtensionResolver.buildExtensions(group.getName()))
+					.pathMapping(swaggerProperties.getPathMapping());
+			String beanName = StringUtils.substringAfterLast(basePackage, ".") + "Docket";
+			SpringUtils.registerBean(beanName, docket);
+		}
+    }
+
+    /**
+     * 安全模式，这里指定token通过Authorization头请求头传递
+     */
+    private List<SecurityScheme> securitySchemes() {
+        List<SecurityScheme> apiKeyList = new ArrayList<SecurityScheme>();
+		String header = tokenProperties.getHeader();
+		apiKeyList.add(new ApiKey(header, header, In.HEADER.toValue()));
+        return apiKeyList;
+    }
+
+    /**
+     * 安全上下文
+     */
+    private List<SecurityContext> securityContexts() {
+        List<SecurityContext> securityContexts = new ArrayList<>();
+        securityContexts.add(
+                SecurityContext.builder()
+                        .securityReferences(defaultAuth())
+                        .operationSelector(o -> o.requestMappingPattern().matches("/.*"))
+                        .build());
+        return securityContexts;
+    }
+
+    /**
+     * 默认的安全上引用
+     */
+    private List<SecurityReference> defaultAuth() {
+        AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
+        AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
+        authorizationScopes[0] = authorizationScope;
+        List<SecurityReference> securityReferences = new ArrayList<>();
+        securityReferences.add(new SecurityReference(tokenProperties.getHeader(), authorizationScopes));
+        return securityReferences;
+    }
+
+    /**
+     * 添加摘要信息
+     */
+    private ApiInfo apiInfo() {
+        // 用ApiInfoBuilder进行定制
+        SwaggerProperties.Contact contact = swaggerProperties.getContact();
+        return new ApiInfoBuilder()
+                // 设置标题
+                .title(swaggerProperties.getTitle())
+                // 描述
+                .description(swaggerProperties.getDescription())
+                // 作者信息
+                .contact(new Contact(contact.getName(), contact.getUrl(), contact.getEmail()))
+                // 版本
+                .version(swaggerProperties.getVersion())
+                .build();
+    }
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/TLogConfig.java

@@ -0,0 +1,43 @@
+package com.ruoyi.framework.config;
+
+import com.yomahub.tlog.core.aop.AspectLogAop;
+import com.yomahub.tlog.spring.TLogPropertyInit;
+import com.yomahub.tlog.spring.TLogSpringAware;
+import com.yomahub.tlog.springboot.property.TLogProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.core.annotation.Order;
+
+/**
+ * 整合 TLog 框架配置
+ *
+ * @author Lion Li
+ * @since 3.3.0
+ */
+@Order(-999)
+@Configuration
+@Import(TLogProperty.class)
+public class TLogConfig {
+
+    @Bean
+    public TLogPropertyInit tLogPropertyInit(TLogProperty tLogProperty) {
+        TLogPropertyInit tLogPropertyInit = new TLogPropertyInit();
+        tLogPropertyInit.setPattern(tLogProperty.getPattern());
+        tLogPropertyInit.setEnableInvokeTimePrint(tLogProperty.enableInvokeTimePrint());
+        tLogPropertyInit.setIdGenerator(tLogProperty.getIdGenerator());
+        tLogPropertyInit.setMdcEnable(tLogProperty.getMdcEnable());
+        return tLogPropertyInit;
+    }
+
+    @Bean
+    public TLogSpringAware tLogSpringAware(){
+        return new TLogSpringAware();
+    }
+
+    @Bean
+    public AspectLogAop aspectLogAop() {
+        return new AspectLogAop();
+    }
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/ThreadPoolConfig.java

@@ -0,0 +1,55 @@
+package com.ruoyi.framework.config;
+
+import com.ruoyi.common.utils.Threads;
+import com.ruoyi.common.utils.reflect.ReflectUtils;
+import com.ruoyi.framework.config.properties.ThreadPoolProperties;
+import org.apache.commons.lang3.concurrent.BasicThreadFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
+
+import java.util.concurrent.RejectedExecutionHandler;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.ScheduledThreadPoolExecutor;
+
+/**
+ * 线程池配置
+ *
+ * @author Lion Li
+ **/
+@Configuration
+public class ThreadPoolConfig {
+
+    @Autowired
+    private ThreadPoolProperties threadPoolProperties;
+
+    @Bean(name = "threadPoolTaskExecutor")
+    @ConditionalOnProperty(prefix = "thread-pool", name = "enabled", havingValue = "true")
+    public ThreadPoolTaskExecutor threadPoolTaskExecutor() {
+        ThreadPoolTaskExecutor executor = new ThreadPoolTaskExecutor();
+        executor.setMaxPoolSize(threadPoolProperties.getMaxPoolSize());
+        executor.setCorePoolSize(threadPoolProperties.getCorePoolSize());
+        executor.setQueueCapacity(threadPoolProperties.getQueueCapacity());
+        executor.setKeepAliveSeconds(threadPoolProperties.getKeepAliveSeconds());
+        RejectedExecutionHandler handler = ReflectUtils.newInstance(threadPoolProperties.getRejectedExecutionHandler().getClazz());
+        executor.setRejectedExecutionHandler(handler);
+        return executor;
+    }
+
+    /**
+     * 执行周期性或定时任务
+     */
+    @Bean(name = "scheduledExecutorService")
+    protected ScheduledExecutorService scheduledExecutorService() {
+        return new ScheduledThreadPoolExecutor(threadPoolProperties.getCorePoolSize(),
+                new BasicThreadFactory.Builder().namingPattern("schedule-pool-%d").daemon(true).build()) {
+            @Override
+            protected void afterExecute(Runnable r, Throwable t) {
+                super.afterExecute(r, t);
+                Threads.printException(r, t);
+            }
+        };
+    }
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/ValidatorConfig.java

@@ -0,0 +1,43 @@
+package com.ruoyi.framework.config;
+
+import org.hibernate.validator.HibernateValidator;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.MessageSource;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.validation.beanvalidation.LocalValidatorFactoryBean;
+
+import javax.validation.Validator;
+import java.util.Properties;
+
+/**
+ * 校验框架配置类
+ *
+ * @author Lion Li
+ */
+@Configuration
+public class ValidatorConfig {
+
+    @Autowired
+    private MessageSource messageSource;
+
+    /**
+     * 配置校验框架 快速返回模式
+     */
+    @Bean
+    public Validator validator() {
+        LocalValidatorFactoryBean factoryBean = new LocalValidatorFactoryBean();
+        // 国际化
+        factoryBean.setValidationMessageSource(messageSource);
+        // 设置使用 HibernateValidator 校验器
+        factoryBean.setProviderClass(HibernateValidator.class);
+        Properties properties = new Properties();
+        // 设置 快速异常返回
+        properties.setProperty("hibernate.validator.fail_fast", "true");
+        factoryBean.setValidationProperties(properties);
+        // 加载配置
+        factoryBean.afterPropertiesSet();
+        return factoryBean.getValidator();
+    }
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/CaptchaProperties.java

@@ -0,0 +1,38 @@
+package com.ruoyi.framework.config.properties;
+
+import com.ruoyi.common.enums.CaptchaCategory;
+import com.ruoyi.common.enums.CaptchaType;
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+/**
+ * 验证码 配置属性
+ *
+ * @author Lion Li
+ */
+@Data
+@Component
+@ConfigurationProperties(prefix = "captcha")
+public class CaptchaProperties {
+
+	/**
+	 * 验证码类型
+ 	 */
+    private CaptchaType type;
+
+	/**
+	 * 验证码类别
+	 */
+    private CaptchaCategory category;
+
+	/**
+	 * 数字验证码位数
+	 */
+    private Integer numberLength;
+
+	/**
+	 * 字符验证码长度
+	 */
+    private Integer charLength;
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/RedissonProperties.java

@@ -0,0 +1,236 @@
+package com.ruoyi.framework.config.properties;
+
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import org.redisson.config.ReadMode;
+import org.redisson.config.SubscriptionMode;
+import org.redisson.config.TransportMode;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+import java.util.List;
+
+/**
+ * Redisson 配置属性
+ *
+ * @author Lion Li
+ */
+@Data
+@Component
+@ConfigurationProperties(prefix = "redisson")
+public class RedissonProperties {
+
+	/**
+	 * 线程池数量,默认值 = 当前处理核数量 * 2
+	 */
+	private int threads;
+
+	/**
+	 * Netty线程池数量,默认值 = 当前处理核数量 * 2
+	 */
+	private int nettyThreads;
+
+	/**
+	 * 传输模式
+	 */
+	private TransportMode transportMode;
+
+	/**
+	 * 单机服务配置
+	 */
+	private SingleServerConfig singleServerConfig;
+
+	/**
+	 * 集群服务配置
+	 */
+	private ClusterServersConfig clusterServersConfig;
+
+	/**
+	 * 缓存组
+	 */
+	private List<CacheGroup> cacheGroup;
+
+	@Data
+	@NoArgsConstructor
+	public static class SingleServerConfig {
+
+		/**
+		 * 客户端名称
+		 */
+		private String clientName;
+
+		/**
+		 * 最小空闲连接数
+		 */
+		private int connectionMinimumIdleSize;
+
+		/**
+		 * 连接池大小
+		 */
+		private int connectionPoolSize;
+
+		/**
+		 * 连接空闲超时，单位：毫秒
+		 */
+		private int idleConnectionTimeout;
+
+		/**
+		 * 命令等待超时，单位：毫秒
+		 */
+		private int timeout;
+
+		/**
+		 * 如果尝试在此限制之内发送成功，则开始启用 timeout 计时。
+		 */
+		private int retryAttempts;
+
+		/**
+		 * 命令重试发送时间间隔，单位：毫秒
+		 */
+		private int retryInterval;
+
+		/**
+		 * 发布和订阅连接的最小空闲连接数
+		 */
+		private int subscriptionConnectionMinimumIdleSize;
+
+		/**
+		 * 发布和订阅连接池大小
+		 */
+		private int subscriptionConnectionPoolSize;
+
+		/**
+		 * 单个连接最大订阅数量
+		 */
+		private int subscriptionsPerConnection;
+
+		/**
+		 * DNS监测时间间隔，单位：毫秒
+		 */
+		private int dnsMonitoringInterval;
+
+	}
+
+	@Data
+	@NoArgsConstructor
+	public static class ClusterServersConfig {
+
+		/**
+		 * 客户端名称
+		 */
+		private String clientName;
+
+		/**
+		 * master最小空闲连接数
+		 */
+		private int masterConnectionMinimumIdleSize;
+
+		/**
+		 * master连接池大小
+		 */
+		private int masterConnectionPoolSize;
+
+		/**
+		 * slave最小空闲连接数
+		 */
+		private int slaveConnectionMinimumIdleSize;
+
+		/**
+		 * slave连接池大小
+		 */
+		private int slaveConnectionPoolSize;
+
+		/**
+		 * 连接空闲超时，单位：毫秒
+		 */
+		private int idleConnectionTimeout;
+
+		/**
+		 * ping超时
+		 */
+		private int pingConnectionInterval;
+
+		/**
+		 * 命令等待超时，单位：毫秒
+		 */
+		private int timeout;
+
+		/**
+		 * 如果尝试在此限制之内发送成功，则开始启用 timeout 计时。
+		 */
+		private int retryAttempts;
+
+		/**
+		 * 命令重试发送时间间隔，单位：毫秒
+		 */
+		private int retryInterval;
+
+		/**
+		 * 错误重试次数
+		 */
+		private int failedSlaveReconnectionInterval;
+
+		/**
+		 * 发布和订阅连接池最小空闲连接数
+		 */
+		private int subscriptionConnectionMinimumIdleSize;
+
+		/**
+		 * 发布和订阅连接池大小
+		 */
+		private int subscriptionConnectionPoolSize;
+
+		/**
+		 * 单个连接最大订阅数量
+		 */
+		private int subscriptionsPerConnection;
+
+		/**
+		 * 扫描间隔
+		 */
+		private int scanInterval;
+
+		/**
+		 * DNS监测时间间隔，单位：毫秒
+		 */
+		private int dnsMonitoringInterval;
+
+		/**
+		 * 读取模式
+		 */
+		private ReadMode readMode;
+
+		/**
+		 * 订阅模式
+		 */
+		private SubscriptionMode subscriptionMode;
+
+	}
+
+	@Data
+	@NoArgsConstructor
+	public static class CacheGroup {
+
+		/**
+		 * 组id
+		 */
+		private String groupId;
+
+		/**
+		 * 组过期时间
+		 */
+		private long ttl;
+
+		/**
+		 * 组最大空闲时间
+		 */
+		private long maxIdleTime;
+
+		/**
+		 * 组最大长度
+		 */
+		private int maxSize;
+
+	}
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/RepeatSubmitProperties.java

@@ -0,0 +1,22 @@
+package com.ruoyi.framework.config.properties;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+/**
+ * 重复提交 配置属性
+ *
+ * @author Lion Li
+ */
+@Data
+@Component
+@ConfigurationProperties(prefix = "repeat-submit")
+public class RepeatSubmitProperties {
+
+    /**
+     * 间隔时间(毫秒)
+     */
+    private int interval;
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SecurityProperties.java

@@ -0,0 +1,32 @@
+package com.ruoyi.framework.config.properties;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+/**
+ * Security 配置属性
+ *
+ * @author Lion Li
+ */
+@Data
+@Component
+@ConfigurationProperties(prefix = "security")
+public class SecurityProperties {
+
+    /**
+     * 退出登录url
+     */
+    private String logoutUrl;
+
+    /**
+     * 匿名放行路径
+     */
+    private String[] anonymous;
+
+    /**
+     * 用户任意访问放行路径
+     */
+    private String[] permitAll;
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/SwaggerProperties.java

@@ -0,0 +1,88 @@
+package com.ruoyi.framework.config.properties;
+
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+import java.util.List;
+
+/**
+ * swagger 配置属性
+ *
+ * @author Lion Li
+ */
+@Data
+@Component
+@ConfigurationProperties(prefix = "swagger")
+public class SwaggerProperties {
+
+    /**
+     * 验证码类型
+     */
+    private Boolean enabled;
+	/**
+	 * 设置请求的统一前缀
+	 */
+	private String pathMapping;
+    /**
+     * 验证码类别
+     */
+    private String title;
+    /**
+     * 数字验证码位数
+     */
+    private String description;
+    /**
+     * 字符验证码长度
+     */
+    private String version;
+
+	/**
+	 * 联系方式
+	 */
+    private Contact contact;
+
+	/**
+	 * 组配置
+	 */
+	private List<Groups> groups;
+
+    @Data
+	@NoArgsConstructor
+	public static class Contact {
+
+		/**
+		 * 联系人
+		 */
+		private String name;
+
+		/**
+		 * 联系人url
+		 */
+		private String url;
+
+		/**
+		 * 联系人email
+		 */
+		private String email;
+
+	}
+
+	@Data
+	@NoArgsConstructor
+	public static class Groups {
+
+		/**
+		 * 组名
+		 */
+		private String name;
+
+		/**
+		 * 基础包路径
+		 */
+		private String basePackage;
+
+	}
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/ThreadPoolProperties.java

@@ -0,0 +1,48 @@
+package com.ruoyi.framework.config.properties;
+
+import com.ruoyi.common.enums.ThreadPoolRejectedPolicy;
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+/**
+ * 线程池 配置属性
+ *
+ * @author Lion Li
+ */
+@Data
+@Component
+@ConfigurationProperties(prefix = "thread-pool")
+public class ThreadPoolProperties {
+
+    /**
+     * 是否开启线程池
+     */
+    private boolean enabled;
+
+    /**
+     * 核心线程池大小
+     */
+    private int corePoolSize;
+
+    /**
+     * 最大可创建的线程数
+     */
+    private int maxPoolSize;
+
+    /**
+     * 队列最大长度
+     */
+    private int queueCapacity;
+
+    /**
+     * 线程池维护线程所允许的空闲时间
+     */
+    private int keepAliveSeconds;
+
+    /**
+     * 线程池对拒绝任务(无线程可用)的处理策略
+     */
+    private ThreadPoolRejectedPolicy rejectedExecutionHandler;
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/config/properties/XssProperties.java

@@ -0,0 +1,32 @@
+package com.ruoyi.framework.config.properties;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+/**
+ * xss过滤 配置属性
+ *
+ * @author Lion Li
+ */
+@Data
+@Component
+@ConfigurationProperties(prefix = "xss")
+public class XssProperties {
+
+    /**
+     * 过滤开关
+     */
+    private String enabled;
+
+    /**
+     * 排除链接（多个用逗号分隔）
+     */
+    private String excludes;
+
+    /**
+     * 匹配链接
+     */
+    private String urlPatterns;
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/handler/CreateAndUpdateMetaObjectHandler.java

@@ -0,0 +1,89 @@
+package com.ruoyi.framework.handler;
+
+import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.http.HttpStatus;
+import com.baomidou.mybatisplus.core.handlers.MetaObjectHandler;
+import com.ruoyi.common.core.domain.BaseEntity;
+import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.exception.ServiceException;
+import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.utils.StringUtils;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.ibatis.reflection.MetaObject;
+
+import java.util.Date;
+
+/**
+ * MP注入处理器
+ *
+ * @author Lion Li
+ * @date 2021/4/25
+ */
+@Slf4j
+public class CreateAndUpdateMetaObjectHandler implements MetaObjectHandler {
+
+	@Override
+	public void insertFill(MetaObject metaObject) {
+		try {
+			if (ObjectUtil.isNotNull(metaObject) && metaObject.getOriginalObject() instanceof BaseEntity) {
+				BaseEntity baseEntity = (BaseEntity) metaObject.getOriginalObject();
+				Date current = new Date();
+				// 创建时间为空 则填充
+				if (ObjectUtil.isNull(baseEntity.getCreateTime())) {
+					baseEntity.setCreateTime(current);
+				}
+				// 更新时间为空 则填充
+				if (ObjectUtil.isNull(baseEntity.getUpdateTime())) {
+					baseEntity.setUpdateTime(current);
+				}
+				String username = getLoginUsername();
+				// 当前已登录 且 创建人为空 则填充
+				if (StringUtils.isNotBlank(username)
+						&& StringUtils.isBlank(baseEntity.getCreateBy())) {
+					baseEntity.setCreateBy(username);
+				}
+				// 当前已登录 且 更新人为空 则填充
+				if (StringUtils.isNotBlank(username)
+						&& StringUtils.isBlank(baseEntity.getUpdateBy())) {
+					baseEntity.setUpdateBy(username);
+				}
+			}
+		} catch (Exception e) {
+			throw new ServiceException("自动注入异常 => " + e.getMessage(), HttpStatus.HTTP_UNAUTHORIZED);
+		}
+	}
+
+	@Override
+	public void updateFill(MetaObject metaObject) {
+		try {
+			if (ObjectUtil.isNotNull(metaObject) && metaObject.getOriginalObject() instanceof BaseEntity) {
+				BaseEntity baseEntity = (BaseEntity) metaObject.getOriginalObject();
+				Date current = new Date();
+                // 更新时间填充(不管为不为空)
+                baseEntity.setUpdateTime(current);
+                String username = getLoginUsername();
+                // 当前已登录 更新人填充(不管为不为空)
+                if (StringUtils.isNotBlank(username)) {
+                    baseEntity.setUpdateBy(username);
+                }
+			}
+		} catch (Exception e) {
+			throw new ServiceException("自动注入异常 => " + e.getMessage(), HttpStatus.HTTP_UNAUTHORIZED);
+		}
+	}
+
+	/**
+	 * 获取登录用户名
+	 */
+	private String getLoginUsername() {
+		LoginUser loginUser;
+		try {
+			loginUser = SecurityUtils.getLoginUser();
+		} catch (Exception e) {
+			log.warn("自动注入警告 => 用户未登录");
+			return null;
+		}
+		return loginUser.getUsername();
+	}
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/jackson/BigNumberSerializer.java

@@ -0,0 +1,42 @@
+package com.ruoyi.framework.jackson;
+
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.annotation.JacksonStdImpl;
+import com.fasterxml.jackson.databind.ser.std.NumberSerializer;
+
+import java.io.IOException;
+
+/**
+ * 超出 JS 最大最小值 处理
+ *
+ * @author Lion Li
+ */
+@JacksonStdImpl
+public class BigNumberSerializer extends NumberSerializer {
+
+	/**
+	 * 根据 JS Number.MAX_SAFE_INTEGER 与 Number.MIN_SAFE_INTEGER 得来
+	 */
+	private static final long MAX_SAFE_INTEGER = 9007199254740991L;
+	private static final long MIN_SAFE_INTEGER = -9007199254740991L;
+
+	/**
+	 * 提供实例
+	 */
+	public static final BigNumberSerializer INSTANCE = new BigNumberSerializer(Number.class);
+
+	public BigNumberSerializer(Class<? extends Number> rawType) {
+		super(rawType);
+	}
+
+	@Override
+	public void serialize(Number value, JsonGenerator gen, SerializerProvider provider) throws IOException {
+		// 超出范围 序列化位字符串
+		if (value.longValue() > MIN_SAFE_INTEGER && value.longValue() < MAX_SAFE_INTEGER) {
+			super.serialize(value, gen, provider);
+		} else {
+			gen.writeString(value.toString());
+		}
+	}
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/manager/ShutdownManager.java

@@ -0,0 +1,41 @@
+package com.ruoyi.framework.manager;
+
+import com.ruoyi.common.utils.Threads;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.PreDestroy;
+import java.util.concurrent.ScheduledExecutorService;
+
+/**
+ * 确保应用退出时能关闭后台线程
+ *
+ * @author Lion Li
+ */
+@Slf4j
+@Component
+public class ShutdownManager {
+
+	@Autowired
+	@Qualifier("scheduledExecutorService")
+	private ScheduledExecutorService scheduledExecutorService;
+
+	@PreDestroy
+	public void destroy() {
+		shutdownAsyncManager();
+	}
+
+	/**
+	 * 停止异步执行任务
+	 */
+	private void shutdownAsyncManager() {
+		try {
+			log.info("====关闭后台任务任务线程池====");
+			Threads.shutdownAndAwaitTermination(scheduledExecutorService);
+		} catch (Exception e) {
+			log.error(e.getMessage(), e);
+		}
+	}
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java

@@ -0,0 +1,43 @@
+package com.ruoyi.framework.security.filter;
+
+import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.core.service.TokenService;
+import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.utils.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * token过滤器 验证token有效性
+ *
+ * @author ruoyi
+ */
+@Component
+public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
+
+    @Autowired
+    private TokenService tokenService;
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
+            throws ServletException, IOException {
+        LoginUser loginUser = tokenService.getLoginUser(request);
+        if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) {
+            tokenService.verifyToken(loginUser);
+            UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
+            authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
+            SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+        }
+        chain.doFilter(request, response);
+    }
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/AuthenticationEntryPointImpl.java

@@ -0,0 +1,33 @@
+package com.ruoyi.framework.security.handle;
+
+import cn.hutool.http.HttpStatus;
+import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.utils.JsonUtils;
+import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.StringUtils;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.Serializable;
+
+/**
+ * 认证失败处理类 返回未授权
+ *
+ * @author ruoyi
+ */
+@Component
+public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint, Serializable {
+    private static final long serialVersionUID = -8970718410437077606L;
+
+    @Override
+    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e)
+            throws IOException {
+        int code = HttpStatus.HTTP_UNAUTHORIZED;
+        String msg = StringUtils.format("请求访问：{}，认证失败，无法访问系统资源", request.getRequestURI());
+        ServletUtils.renderString(response, JsonUtils.toJsonString(AjaxResult.error(code, msg)));
+    }
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java

@@ -0,0 +1,53 @@
+package com.ruoyi.framework.security.handle;
+
+import cn.hutool.http.HttpStatus;
+import com.ruoyi.common.constant.Constants;
+import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.core.service.LogininforService;
+import com.ruoyi.common.core.service.TokenService;
+import com.ruoyi.common.utils.JsonUtils;
+import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * 自定义退出处理类 返回成功
+ *
+ * @author ruoyi
+ */
+@Configuration
+public class LogoutSuccessHandlerImpl implements LogoutSuccessHandler {
+
+	@Autowired
+	private TokenService tokenService;
+
+	@Autowired
+	private LogininforService asyncService;
+
+	/**
+	 * 退出处理
+	 */
+	@Override
+	public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
+		throws IOException, ServletException {
+		LoginUser loginUser = tokenService.getLoginUser(request);
+		if (StringUtils.isNotNull(loginUser)) {
+			String userName = loginUser.getUsername();
+			// 删除用户缓存记录
+			tokenService.delLoginUser(loginUser.getToken());
+			// 记录用户退出日志
+			asyncService.recordLogininfor(userName, Constants.LOGOUT, "退出成功", request);
+		}
+		ServletUtils.renderString(response, JsonUtils.toJsonString(AjaxResult.error(HttpStatus.HTTP_OK, "退出成功")));
+	}
+
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/web/exception/GlobalExceptionHandler.java

@@ -0,0 +1,123 @@
+package com.ruoyi.framework.web.exception;
+
+import cn.hutool.http.HttpStatus;
+import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.exception.DemoModeException;
+import com.ruoyi.common.exception.ServiceException;
+import com.ruoyi.common.utils.StringUtils;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.context.support.DefaultMessageSourceResolvable;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.validation.BindException;
+import org.springframework.web.HttpRequestMethodNotSupportedException;
+import org.springframework.web.bind.MethodArgumentNotValidException;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.validation.ConstraintViolation;
+import javax.validation.ConstraintViolationException;
+import java.util.stream.Collectors;
+
+/**
+ * 全局异常处理器
+ *
+ * @author Lion Li
+ */
+@Slf4j
+@RestControllerAdvice
+public class GlobalExceptionHandler {
+
+    /**
+     * 权限校验异常
+     */
+    @ExceptionHandler(AccessDeniedException.class)
+    public AjaxResult<Void> handleAccessDeniedException(AccessDeniedException e, HttpServletRequest request) {
+        String requestURI = request.getRequestURI();
+        log.error("请求地址'{}',权限校验失败'{}'", requestURI, e.getMessage());
+        return AjaxResult.error(HttpStatus.HTTP_FORBIDDEN, "没有权限，请联系管理员授权");
+    }
+
+    /**
+     * 请求方式不支持
+     */
+    @ExceptionHandler(HttpRequestMethodNotSupportedException.class)
+    public AjaxResult<Void> handleHttpRequestMethodNotSupported(HttpRequestMethodNotSupportedException e,
+                                                          HttpServletRequest request) {
+        String requestURI = request.getRequestURI();
+        log.error("请求地址'{}',不支持'{}'请求", requestURI, e.getMethod());
+        return AjaxResult.error(e.getMessage());
+    }
+
+    /**
+     * 业务异常
+     */
+    @ExceptionHandler(ServiceException.class)
+    public AjaxResult<Void> handleServiceException(ServiceException e, HttpServletRequest request) {
+        log.error(e.getMessage(), e);
+        Integer code = e.getCode();
+        return StringUtils.isNotNull(code) ? AjaxResult.error(code, e.getMessage()) : AjaxResult.error(e.getMessage());
+    }
+
+    /**
+     * 拦截未知的运行时异常
+     */
+    @ExceptionHandler(RuntimeException.class)
+    public AjaxResult<Void> handleRuntimeException(RuntimeException e, HttpServletRequest request) {
+        String requestURI = request.getRequestURI();
+        log.error("请求地址'{}',发生未知异常.", requestURI, e);
+        return AjaxResult.error(e.getMessage());
+    }
+
+    /**
+     * 系统异常
+     */
+    @ExceptionHandler(Exception.class)
+    public AjaxResult<Void> handleException(Exception e, HttpServletRequest request) {
+        String requestURI = request.getRequestURI();
+        log.error("请求地址'{}',发生系统异常.", requestURI, e);
+        return AjaxResult.error(e.getMessage());
+    }
+
+    /**
+     * 自定义验证异常
+     */
+    @ExceptionHandler(BindException.class)
+    public AjaxResult<Void> handleBindException(BindException e) {
+        log.error(e.getMessage(), e);
+        String message = e.getAllErrors().stream()
+            .map(DefaultMessageSourceResolvable::getDefaultMessage)
+            .collect(Collectors.joining(", "));
+        return AjaxResult.error(message);
+    }
+
+    /**
+     * 自定义验证异常
+     */
+    @ExceptionHandler(ConstraintViolationException.class)
+    public AjaxResult<Void> constraintViolationException(ConstraintViolationException e) {
+        log.error(e.getMessage(), e);
+        String message = e.getConstraintViolations().stream()
+            .map(ConstraintViolation::getMessage)
+            .collect(Collectors.joining(", "));
+        return AjaxResult.error(message);
+    }
+
+    /**
+     * 自定义验证异常
+     */
+    @ExceptionHandler(MethodArgumentNotValidException.class)
+    public AjaxResult<Void> handleMethodArgumentNotValidException(MethodArgumentNotValidException e) {
+        log.error(e.getMessage(), e);
+        String message = e.getBindingResult().getFieldError().getDefaultMessage();
+        return AjaxResult.error(message);
+    }
+
+    /**
+     * 演示模式异常
+     */
+    @ExceptionHandler(DemoModeException.class)
+    public AjaxResult<Void> handleDemoModeException(DemoModeException e) {
+        return AjaxResult.error("演示模式，不允许操作");
+    }
+}