优化

zlt-commons/zlt-ribbon-spring-boot-starter/src/main/java/com/central/common/ribbon/config/FeignInterceptorConfig.java

@@ -28,47 +28,49 @@ public class FeignInterceptorConfig {
         RequestInterceptor requestInterceptor = template -> {
             ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder
                     .getRequestAttributes();
-            HttpServletRequest request = attributes.getRequest();
+            if (attributes != null) {
+                HttpServletRequest request = attributes.getRequest();
 
-            //传递access_token，无网络隔离时需要传递
-            /*
-            String token = extractHeaderToken(request);
-            if (StrUtil.isEmpty(token)) {
-                token = request.getParameter(CommonConstant.ACCESS_TOKEN);
-            }
-            if (StrUtil.isNotEmpty(token)) {
-                template.header(CommonConstant.TOKEN_HEADER, CommonConstant.BEARER_TYPE + " " + token);
-            }
-            */
+                //传递access_token，无网络隔离时需要传递
+                /*
+                String token = extractHeaderToken(request);
+                if (StrUtil.isEmpty(token)) {
+                    token = request.getParameter(CommonConstant.ACCESS_TOKEN);
+                }
+                if (StrUtil.isNotEmpty(token)) {
+                    template.header(CommonConstant.TOKEN_HEADER, CommonConstant.BEARER_TYPE + " " + token);
+                }
+                */
 
-            //传递userid
-            String userid = request.getHeader(SecurityConstants.USER_ID_HEADER);
-            if (StrUtil.isNotEmpty(userid)) {
-                template.header(SecurityConstants.USER_ID_HEADER, userid);
-            }
+                //传递userid
+                String userid = request.getHeader(SecurityConstants.USER_ID_HEADER);
+                if (StrUtil.isNotEmpty(userid)) {
+                    template.header(SecurityConstants.USER_ID_HEADER, userid);
+                }
 
-            //传递username
-            String username = request.getHeader(SecurityConstants.USER_HEADER);
-            if (StrUtil.isNotEmpty(username)) {
-                template.header(SecurityConstants.USER_HEADER, username);
-            }
+                //传递username
+                String username = request.getHeader(SecurityConstants.USER_HEADER);
+                if (StrUtil.isNotEmpty(username)) {
+                    template.header(SecurityConstants.USER_HEADER, username);
+                }
 
-            //传递roles
-            String roles = request.getHeader(SecurityConstants.ROLE_HEADER);
-            if (StrUtil.isNotEmpty(roles)) {
-                template.header(SecurityConstants.ROLE_HEADER, roles);
-            }
+                //传递roles
+                String roles = request.getHeader(SecurityConstants.ROLE_HEADER);
+                if (StrUtil.isNotEmpty(roles)) {
+                    template.header(SecurityConstants.ROLE_HEADER, roles);
+                }
 
-            //传递client
-            String tenant = TenantContextHolder.getTenant();
-            if (StrUtil.isNotEmpty(tenant)) {
-                template.header(SecurityConstants.TENANT_HEADER, tenant);
-            }
+                //传递client
+                String tenant = TenantContextHolder.getTenant();
+                if (StrUtil.isNotEmpty(tenant)) {
+                    template.header(SecurityConstants.TENANT_HEADER, tenant);
+                }
 
-            //传递日志traceId
-            String traceId = MDC.get(CommonConstant.LOG_TRACE_ID);
-            if (StrUtil.isNotEmpty(traceId)) {
-                template.header(CommonConstant.TRACE_ID_HEADER, traceId);
+                //传递日志traceId
+                String traceId = MDC.get(CommonConstant.LOG_TRACE_ID);
+                if (StrUtil.isNotEmpty(traceId)) {
+                    template.header(CommonConstant.TRACE_ID_HEADER, traceId);
+                }
             }
         };
         return requestInterceptor;

zlt-config/src/main/resources/application-dev.properties

 ########################## 统一变量配置 ##########################
 ##### 数据库配置
-zlt.datasource.ip=192.168.28.131
+zlt.datasource.ip=192.168.28.130
 zlt.datasource.username=root
 zlt.datasource.password=1q2w3e4r
 

zlt-doc/sql/user-center.sql

@@ -202,7 +202,6 @@ INSERT INTO `sys_role_menu` VALUES (3, 2);
 INSERT INTO `sys_role_menu` VALUES (3, 3);
 INSERT INTO `sys_role_menu` VALUES (3, 4);
 INSERT INTO `sys_role_menu` VALUES (3, 12);
-INSERT INTO `sys_role_menu` VALUES (3, 12);
 INSERT INTO `sys_role_menu` VALUES (4, 80);
 INSERT INTO `sys_role_menu` VALUES (4, 81);
 INSERT INTO `sys_role_menu` VALUES (4, 82);

zlt-gateway/zuul-gateway/src/main/resources/application.yml

@@ -26,6 +26,10 @@ spring:
             groupId: DEFAULT_GROUP
             rule-type: gw-api-group
 
+  security:
+    sessions: ALWAYS
+
+
 zlt:
   oauth2:
     token:
@@ -35,6 +39,7 @@ zlt:
     ignore:
       # 忽略认证的地址
       httpUrls: >
+        /api-user/test,
         /api-uaa/oauth/**,
         /api-uaa/validata/**,
         /api-uaa/css/**,
@@ -61,6 +66,10 @@ zlt:
         #白名单
         includeClientIds:
           - webApp
+  gateway:
+    #网关动态路由
+    dynamicRoute:
+      enabled: true
 
 
 zuul:
@@ -73,8 +82,6 @@ zuul:
       threadPoolKeyPrefix: api-gateway
   #关闭重试
   retryable: false
-  #/oauth/token需要请求头处理
-  sensitive-headers:
   ignored-headers: Access-Control-Allow-Credentials,Access-Control-Allow-Origin,Access-Control-Allow-Methods
   add-host-header: true
   routes:
@@ -82,53 +89,67 @@ zuul:
       path: /api-uaa/**
       service-id: uaa-server
       strip-prefix: true
+      sensitive-headers: '*'
       custom-sensitive-headers: true
     auth-login-page:
       path: /login.html
       service-id: uaa-server
       strip-prefix: true
+      sensitive-headers: '*'
       custom-sensitive-headers: true
     auth-login-process:
       path: /user/login
       service-id: uaa-server
       strip-prefix: true
+      sensitive-headers: '*'
       custom-sensitive-headers: true
     auth-login-token:
       path: /oauth/token
       service-id: uaa-server
       strip-prefix: true
+      sensitive-headers: '*'
       custom-sensitive-headers: true
     auth-login-authorize:
       path: /oauth/authorize
       service-id: uaa-server
       strip-prefix: true
+      sensitive-headers: '*'
       custom-sensitive-headers: true
     auth-check-process:
       path: /oauth/check_token
       service-id: uaa-server
       strip-prefix: true
+      sensitive-headers: '*'
       custom-sensitive-headers: true
     user:
       path: /api-user/**
       service-id: user-center
       strip-prefix: true
+      sensitive-headers: '*'
       custom-sensitive-headers: true
     file:
       path: /api-file/**
       service-id: file-center
       strip-prefix: true
+      sensitive-headers: '*'
+      custom-sensitive-headers: true
     log:
       path: /api-log/**
       service-id: log-center
       strip-prefix: true
+      sensitive-headers: '*'
+      custom-sensitive-headers: true
     generator:
       path: /api-generator/**
       service-id: code-generator
       strip-prefix: true
+      sensitive-headers: '*'
+      custom-sensitive-headers: true
     search:
       path: /api-search/**
       service-id: search-center
       strip-prefix: true
+      sensitive-headers: '*'
       custom-sensitive-headers: true
   ssl-hostname-validation-enabled: false
 

zlt-web/back-web/src/main/resources/static/login.html

@@ -84,6 +84,9 @@
             layer.load(2);
             $.ajax({
                 url: config.base_server + 'api-uaa/oauth/user/token',
+                xhrFields: {
+                    withCredentials: true
+                },
                 data: obj.field,
                 type: 'POST',
                 beforeSend: function (xhr) {