Java Code Examples for org.jeecg.common.system.util.JwtUtil#getUsername()

/**
 * 退出登录
 * @param request
 * @param response
 * @return
 */
@RequestMapping(value = "/logout")
public Result<Object> logout(HttpServletRequest request,HttpServletResponse response) {
	//用户退出逻辑
    String token = request.getHeader(DefContants.X_ACCESS_TOKEN);
    if(oConvertUtils.isEmpty(token)) {
    	return Result.error("退出登录失败！");
    }
    String username = JwtUtil.getUsername(token);
	LoginUser sysUser = sysBaseAPI.getUserByName(username);
    if(sysUser!=null) {
    	sysBaseAPI.addLog("用户名: "+sysUser.getRealname()+",退出成功！", CommonConstant.LOG_TYPE_1, null);
    	log.info(" 用户名:  "+sysUser.getRealname()+",退出成功！ ");
    	//清空用户登录Token缓存
    	redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + token);
    	//清空用户登录Shiro权限缓存
		redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
		//清空用户的缓存信息（包括部门信息），例如sys:cache:user::<username>
		redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
		//调用shiro的logout
		SecurityUtils.getSubject().logout();
    	return Result.ok("退出登录成功！");
    }else {
    	return Result.error("Token无效!");
    }
}
 

/**
 * 校验token的有效性
 *
 * @param token
 */
public LoginUser checkUserTokenIsEffect(String token) throws AuthenticationException {
	// 解密获得username，用于和数据库进行对比
	String username = JwtUtil.getUsername(token);
	if (username == null) {
		throw new AuthenticationException("token非法无效!");
	}

	// 查询用户信息
	log.debug("———校验token是否有效————checkUserTokenIsEffect——————— "+ token);
       LoginUser loginUser = sysBaseAPI.getUserByName(username);
	if (loginUser == null) {
		throw new AuthenticationException("用户不存在!");
	}
       // 判断用户状态
       if (loginUser.getStatus() != 1) {
           throw new AuthenticationException("账号已被锁定,请联系管理员!");
       }
	// 校验token是否超时失效 & 或者账号密码是否错误
	if (!jwtTokenRefresh(token, username, loginUser.getPassword())) {
		throw new AuthenticationException("Token失效，请重新登录!");
	}

	return loginUser;
}
 

@SuppressWarnings("unchecked")
@RequestMapping(value = "/getLoginUser/{token}", method = RequestMethod.GET)
@ResponseBody
public Result<JSONObject> getLoginUser(@PathVariable("token") String token) throws Exception {
	Result<JSONObject> result = new Result<JSONObject>();
	String username = JwtUtil.getUsername(token);
	
	//1. 校验用户是否有效
	SysUser sysUser = sysUserService.getUserByName(username);
	result = sysUserService.checkUserIsEffective(sysUser);
	if(!result.isSuccess()) {
		return result;
	}
	JSONObject obj = new JSONObject();
	//用户登录信息
	obj.put("userInfo", sysUser);
	//token 信息
	obj.put("token", token);
	result.setResult(obj);
	result.setSuccess(true);
	result.setCode(200);
	sysBaseAPI.addLog("用户名: " + username + ",登录成功[第三方用户]！", CommonConstant.LOG_TYPE_1, null);
	return result;
}
 

/**
 * 验证Token
 */
public static boolean verifyToken(HttpServletRequest request, ISysBaseAPI sysBaseAPI, RedisUtil redisUtil) {
    String token = request.getParameter("token");

    // 解密获得username，用于和数据库进行对比
    String username = JwtUtil.getUsername(token);
    if (username == null) {
        throw new AuthenticationException("token非法无效!");
    }

    // 查询用户信息
    LoginUser user = sysBaseAPI.getUserByName(username);
    if (user == null) {
        throw new AuthenticationException("用户不存在!");
    }
    // 判断用户状态
    if (user.getStatus() != 1) {
        throw new AuthenticationException("账号已被锁定,请联系管理员!");
    }
    // 校验token是否超时失效 & 或者账号密码是否错误
    if (!jwtTokenRefresh(token, username, user.getPassword(), redisUtil)) {
        throw new AuthenticationException("Token失效，请重新登录!");
    }
    return true;
}
 

/**
 * 校验token的有效性
 *
 * @param token
 */
public LoginUser checkUserTokenIsEffect(String token) throws AuthenticationException {
	// 解密获得username，用于和数据库进行对比
	String username = JwtUtil.getUsername(token);
	if (username == null) {
		throw new AuthenticationException("token非法无效!");
	}

	// 查询用户信息
	log.info("———校验token是否有效————checkUserTokenIsEffect——————— "+ token);
       LoginUser loginUser = sysBaseAPI.getUserByName(username);
	if (loginUser == null) {
		throw new AuthenticationException("用户不存在!");
	}
       // 判断用户状态
       if (loginUser.getStatus() != 1) {
           throw new AuthenticationException("账号已被锁定,请联系管理员!");
       }
	// 校验token是否超时失效 & 或者账号密码是否错误
	if (!jwtTokenRefresh(token, username, loginUser.getPassword())) {
		throw new AuthenticationException("Token失效，请重新登录!");
	}

	return loginUser;
}
 

@SuppressWarnings("unchecked")
@RequestMapping(value = "/getLoginUser/{token}", method = RequestMethod.GET)
@ResponseBody
public Result<JSONObject> getLoginUser(@PathVariable("token") String token) throws Exception {
	Result<JSONObject> result = new Result<JSONObject>();
	String username = JwtUtil.getUsername(token);
	
	//1. 校验用户是否有效
	SysUser sysUser = sysUserService.getUserByName(username);
	result = sysUserService.checkUserIsEffective(sysUser);
	if(!result.isSuccess()) {
		return result;
	}
	JSONObject obj = new JSONObject();
	//用户登录信息
	obj.put("userInfo", sysUser);
	//token 信息
	obj.put("token", token);
	result.setResult(obj);
	result.setSuccess(true);
	result.setCode(200);
	sysBaseAPI.addLog("用户名: " + username + ",登录成功[第三方用户]！", CommonConstant.LOG_TYPE_1, null);
	return result;
}
 

/**
 * 退出登录
 * @param request
 * @param response
 * @return
 */
@RequestMapping(value = "/logout")
public Result<Object> logout(HttpServletRequest request,HttpServletResponse response) {
	//用户退出逻辑
    String token = request.getHeader(DefContants.X_ACCESS_TOKEN);
    if(oConvertUtils.isEmpty(token)) {
    	return Result.error("退出登录失败！");
    }
    String username = JwtUtil.getUsername(token);
	LoginUser sysUser = sysBaseAPI.getUserByName(username);
    if(sysUser!=null) {
    	sysBaseAPI.addLog("用户名: "+sysUser.getRealname()+",退出成功！", CommonConstant.LOG_TYPE_1, null);
    	log.info(" 用户名:  "+sysUser.getRealname()+",退出成功！ ");
    	//清空用户登录Token缓存
    	redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + token);
    	//清空用户登录Shiro权限缓存
    	redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
    	return Result.ok("退出登录成功！");
    }else {
    	return Result.error("Token无效!");
    }
}
 

/**
 * 校验token的有效性
 *
 * @param token
 */
public LoginUser checkUserTokenIsEffect(String token) throws AuthenticationException {
	// 解密获得username，用于和数据库进行对比
	String username = JwtUtil.getUsername(token);
	if (username == null) {
		throw new AuthenticationException("token非法无效!");
	}

	// 查询用户信息
	log.info("———校验token是否有效————checkUserTokenIsEffect——————— "+ token);
       LoginUser loginUser = sysBaseAPI.getUserByName(username);
	if (loginUser == null) {
		throw new AuthenticationException("用户不存在!");
	}
       // 判断用户状态
       if (loginUser.getStatus() != 1) {
           throw new AuthenticationException("账号已被锁定,请联系管理员!");
       }
	// 校验token是否超时失效 & 或者账号密码是否错误
	if (!jwtTokenRefresh(token, username, loginUser.getPassword())) {
		throw new AuthenticationException("Token失效，请重新登录!");
	}

	return loginUser;
}
 

/**
 * 根据TOKEN获取用户的部分信息（返回的数据是可供表单设计器使用的数据）
 * 
 * @return
 */
@GetMapping("/getUserSectionInfoByToken")
public Result<?> getUserSectionInfoByToken(HttpServletRequest request, @RequestParam(name = "token", required = false) String token) {
	try {
		String username = null;
		// 如果没有传递token，就从header中获取token并获取用户信息
		if (oConvertUtils.isEmpty(token)) {
			 username = JwtUtil.getUserNameByToken(request);
		} else {
			 username = JwtUtil.getUsername(token);				
		}

		log.info(" ------ 通过令牌获取部分用户信息，当前用户： " + username);

		// 根据用户名查询用户信息
		SysUser sysUser = sysUserService.getUserByName(username);
		Map<String, Object> map = new HashMap<String, Object>();
		map.put("sysUserId", sysUser.getId());
		map.put("sysUserCode", sysUser.getUsername()); // 当前登录用户登录账号
		map.put("sysUserName", sysUser.getRealname()); // 当前登录用户真实名称
		map.put("sysOrgCode", sysUser.getOrgCode()); // 当前登录用户部门编号

		log.info(" ------ 通过令牌获取部分用户信息，已获取的用户信息： " + map);

		return Result.ok(map);
	} catch (Exception e) {
		log.error(e.getMessage(), e);
		return Result.error(500, "查询失败:" + e.getMessage());
	}
}
 

/**
 * 根据TOKEN获取用户的部分信息（返回的数据是可供表单设计器使用的数据）
 * 
 * @return
 */
@GetMapping("/getUserSectionInfoByToken")
public Result<?> getUserSectionInfoByToken(HttpServletRequest request, @RequestParam(name = "token", required = false) String token) {
	try {
		String username = null;
		// 如果没有传递token，就从header中获取token并获取用户信息
		if (oConvertUtils.isEmpty(token)) {
			 username = JwtUtil.getUserNameByToken(request);
		} else {
			 username = JwtUtil.getUsername(token);				
		}

		log.info(" ------ 通过令牌获取部分用户信息，当前用户： " + username);

		// 根据用户名查询用户信息
		SysUser sysUser = sysUserService.getUserByName(username);
		Map<String, Object> map = new HashMap<String, Object>();
		map.put("sysUserId", sysUser.getId());
		map.put("sysUserCode", sysUser.getUsername()); // 当前登录用户登录账号
		map.put("sysUserName", sysUser.getRealname()); // 当前登录用户真实名称
		map.put("sysOrgCode", sysUser.getOrgCode()); // 当前登录用户部门编号

		log.info(" ------ 通过令牌获取部分用户信息，已获取的用户信息： " + map);

		return Result.ok(map);
	} catch (Exception e) {
		log.error(e.getMessage(), e);
		return Result.error(500, "查询失败:" + e.getMessage());
	}
}
 

/**
 * 根据TOKEN获取用户的部分信息（返回的数据是可供表单设计器使用的数据）
 * 
 * @return
 */
@GetMapping("/getUserSectionInfoByToken")
public Result<?> getUserSectionInfoByToken(HttpServletRequest request, @RequestParam(name = "token", required = false) String token) {
	try {
		String username = null;
		// 如果没有传递token，就从header中获取token并获取用户信息
		if (oConvertUtils.isEmpty(token)) {
			 username = JwtUtil.getUserNameByToken(request);
		} else {
			 username = JwtUtil.getUsername(token);				
		}

		log.info(" ------ 通过令牌获取部分用户信息，当前用户： " + username);

		// 根据用户名查询用户信息
		SysUser sysUser = sysUserService.getUserByName(username);
		Map<String, Object> map = new HashMap<String, Object>();
		map.put("sysUserId", sysUser.getId());
		map.put("sysUserCode", sysUser.getUsername()); // 当前登录用户登录账号
		map.put("sysUserName", sysUser.getRealname()); // 当前登录用户真实名称
		map.put("sysOrgCode", sysUser.getOrgCode()); // 当前登录用户部门编号

		log.info(" ------ 通过令牌获取部分用户信息，已获取的用户信息： " + map);

		return Result.ok(map);
	} catch (Exception e) {
		log.error(e.getMessage(), e);
		return Result.error(500, "查询失败:" + e.getMessage());
	}
}
 

/**
 * 验证Token
 */
public static boolean verifyToken(HttpServletRequest request, ISysBaseAPI sysBaseAPI, RedisUtil redisUtil) {
    log.info(" -- url --" + request.getRequestURL());
    String token = getTokenByRequest(request);

    if (StringUtils.isBlank(token)) {
        throw new AuthenticationException("token不能为空!");
    }

    // 解密获得username，用于和数据库进行对比
    String username = JwtUtil.getUsername(token);
    if (username == null) {
        throw new AuthenticationException("token非法无效!");
    }

    // 查询用户信息
    LoginUser user = sysBaseAPI.getUserByName(username);
    if (user == null) {
        throw new AuthenticationException("用户不存在!");
    }
    // 判断用户状态
    if (user.getStatus() != 1) {
        throw new AuthenticationException("账号已被锁定,请联系管理员!");
    }
    // 校验token是否超时失效 & 或者账号密码是否错误
    if (!jwtTokenRefresh(token, username, user.getPassword(), redisUtil)) {
        throw new AuthenticationException("Token失效，请重新登录!");
    }
    return true;
}
 

/**
 * 校验token的有效性
 *
 * @param token
 */
public LoginUser checkUserTokenIsEffect(String token) throws AuthenticationException {
	// 解密获得username，用于和数据库进行对比
	String username = JwtUtil.getUsername(token);
	if (username == null) {
		throw new AuthenticationException("token非法无效!");
	}

	// 查询用户信息
	log.info("———校验token是否有效————checkUserTokenIsEffect——————— "+ token);
	//采用缓存方式获取登录用户信息，提高并发性能（gateway）
       //LoginUser loginUser = sysBaseRemoteApi.getUserByName(username).getResult();
	LoginUser loginUser = (LoginUser) redisUtil.get(CacheConstant.SYS_USERS_CACHE_JWT+":"+token);
	if (loginUser == null) {
		throw new AuthenticationException("用户不存在!");
	}
       // 判断用户状态
       if (loginUser.getStatus() != 1) {
           throw new AuthenticationException("账号已被锁定,请联系管理员!");
       }
	// 校验token是否超时失效 & 或者账号密码是否错误
	if (!jwtTokenRefresh(token, username, loginUser.getPassword())) {
		throw new AuthenticationException("Token失效，请重新登录!");
	}

	return loginUser;
}
 

/**
 * 查询用户拥有的菜单权限和按钮权限（根据TOKEN）
 * 
 * @return
 */
@RequestMapping(value = "/getUserPermissionByToken", method = RequestMethod.GET)
public Result<?> getUserPermissionByToken(@RequestParam(name = "token", required = true) String token) {
	Result<JSONObject> result = new Result<JSONObject>();
	try {
		if (oConvertUtils.isEmpty(token)) {
			return Result.error("TOKEN不允许为空！");
		}
		log.info(" ------ 通过令牌获取用户拥有的访问菜单 ---- TOKEN ------ " + token);
		String username = JwtUtil.getUsername(token);
		List<SysPermission> metaList = sysPermissionService.queryByUser(username);
		PermissionDataUtil.addIndexPage(metaList);
		JSONObject json = new JSONObject();
		JSONArray menujsonArray = new JSONArray();
		this.getPermissionJsonArray(menujsonArray, metaList, null);
		JSONArray authjsonArray = new JSONArray();
		this.getAuthJsonArray(authjsonArray, metaList);
		//查询所有的权限
		LambdaQueryWrapper<SysPermission> query = new LambdaQueryWrapper<SysPermission>();
		query.eq(SysPermission::getDelFlag, CommonConstant.DEL_FLAG_0);
		query.eq(SysPermission::getMenuType, CommonConstant.MENU_TYPE_2);
		//query.eq(SysPermission::getStatus, "1");
		List<SysPermission> allAuthList = sysPermissionService.list(query);
		JSONArray allauthjsonArray = new JSONArray();
		this.getAllAuthJsonArray(allauthjsonArray, allAuthList);
		json.put("menu", menujsonArray);
		json.put("auth", authjsonArray);
		json.put("allAuth", allauthjsonArray);
		result.setResult(json);
		result.success("查询成功");
	} catch (Exception e) {
		result.error500("查询失败:" + e.getMessage());  
		log.error(e.getMessage(), e);
	}
	return result;
}
 

/**
 * 验证Token
 */
public static boolean verifyToken(HttpServletRequest request, ISysBaseAPI sysBaseAPI, RedisUtil redisUtil) {
    log.info(" -- url --" + request.getRequestURL());
    String token = getTokenByRequest(request);

    if (StringUtils.isBlank(token)) {
        throw new AuthenticationException("token不能为空!");
    }

    // 解密获得username，用于和数据库进行对比
    String username = JwtUtil.getUsername(token);
    if (username == null) {
        throw new AuthenticationException("token非法无效!");
    }

    // 查询用户信息
    LoginUser user = sysBaseAPI.getUserByName(username);
    if (user == null) {
        throw new AuthenticationException("用户不存在!");
    }
    // 判断用户状态
    if (user.getStatus() != 1) {
        throw new AuthenticationException("账号已被锁定,请联系管理员!");
    }
    // 校验token是否超时失效 & 或者账号密码是否错误
    if (!jwtTokenRefresh(token, username, user.getPassword(), redisUtil)) {
        throw new AuthenticationException("Token失效，请重新登录!");
    }
    return true;
}
 

/**
 * 根据TOKEN获取用户的部分信息（返回的数据是可供表单设计器使用的数据）
 * 
 * @return
 */
@GetMapping("/getUserSectionInfoByToken")
public Result<?> getUserSectionInfoByToken(HttpServletRequest request, @RequestParam(name = "token", required = false) String token) {
	try {
		String username = null;
		// 如果没有传递token，就从header中获取token并获取用户信息
		if (oConvertUtils.isEmpty(token)) {
			 username = JwtUtil.getUserNameByToken(request);
		} else {
			 username = JwtUtil.getUsername(token);				
		}

		log.info(" ------ 通过令牌获取部分用户信息，当前用户： " + username);

		// 根据用户名查询用户信息
		SysUser sysUser = sysUserService.getUserByName(username);
		Map<String, Object> map = new HashMap<String, Object>();
		map.put("sysUserId", sysUser.getId());
		map.put("sysUserCode", sysUser.getUsername()); // 当前登录用户登录账号
		map.put("sysUserName", sysUser.getRealname()); // 当前登录用户真实名称
		map.put("sysOrgCode", sysUser.getOrgCode()); // 当前登录用户部门编号

		log.info(" ------ 通过令牌获取部分用户信息，已获取的用户信息： " + map);

		return Result.ok(map);
	} catch (Exception e) {
		log.error(e.getMessage(), e);
		return Result.error(500, "查询失败:" + e.getMessage());
	}
}
 

/**
 * 退出登录
 * @param request
 * @param response
 * @return
 */
@RequestMapping(value = "/logout")
public Result<Object> logout(HttpServletRequest request,HttpServletResponse response) {
	//用户退出逻辑
    String token = request.getHeader(DefContants.X_ACCESS_TOKEN);
    if(oConvertUtils.isEmpty(token)) {
    	return Result.error("退出登录失败！");
    }
    String username = JwtUtil.getUsername(token);
	LoginUser sysUser = sysBaseAPI.getUserByName(username);
    if(sysUser!=null) {
    	sysBaseAPI.addLog("用户名: "+sysUser.getRealname()+",退出成功！", CommonConstant.LOG_TYPE_1, null);
    	log.info(" 用户名:  "+sysUser.getRealname()+",退出成功！ ");
    	//清空用户登录Token缓存
    	redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + token);
    	//清空用户登录Shiro权限缓存
		redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
		//清空用户的缓存信息（包括部门信息），例如sys:cache:user::<username>
		redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
		redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE_JWT, sysUser.getUsername()));
		//调用shiro的logout
		SecurityUtils.getSubject().logout();
    	return Result.ok("退出登录成功！");
    }else {
    	return Result.error("Token无效!");
    }
}
 

/**
 * 查询用户拥有的菜单权限和按钮权限（根据TOKEN）
 * 
 * @return
 */
@RequestMapping(value = "/getUserPermissionByToken", method = RequestMethod.GET)
public Result<?> getUserPermissionByToken(@RequestParam(name = "token", required = true) String token) {
	Result<JSONObject> result = new Result<JSONObject>();
	try {
		if (oConvertUtils.isEmpty(token)) {
			return Result.error("TOKEN不允许为空！");
		}
		log.info(" ------ 通过令牌获取用户拥有的访问菜单 ---- TOKEN ------ " + token);
		String username = JwtUtil.getUsername(token);
		List<SysPermission> metaList = sysPermissionService.queryByUser(username);
		//添加首页路由
		//update-begin-author:taoyan date:20200211 for: TASK #3368 【路由缓存】首页的缓存设置有问题，需要根据后台的路由配置来实现是否缓存
		if(!PermissionDataUtil.hasIndexPage(metaList)){
			SysPermission indexMenu = sysPermissionService.list(new LambdaQueryWrapper<SysPermission>().eq(SysPermission::getName,"首页")).get(0);
			metaList.add(0,indexMenu);
		}
		//update-end-author:taoyan date:20200211 for: TASK #3368 【路由缓存】首页的缓存设置有问题，需要根据后台的路由配置来实现是否缓存
		JSONObject json = new JSONObject();
		JSONArray menujsonArray = new JSONArray();
		this.getPermissionJsonArray(menujsonArray, metaList, null);
		JSONArray authjsonArray = new JSONArray();
		this.getAuthJsonArray(authjsonArray, metaList);
		//查询所有的权限
		LambdaQueryWrapper<SysPermission> query = new LambdaQueryWrapper<SysPermission>();
		query.eq(SysPermission::getDelFlag, CommonConstant.DEL_FLAG_0);
		query.eq(SysPermission::getMenuType, CommonConstant.MENU_TYPE_2);
		//query.eq(SysPermission::getStatus, "1");
		List<SysPermission> allAuthList = sysPermissionService.list(query);
		JSONArray allauthjsonArray = new JSONArray();
		this.getAllAuthJsonArray(allauthjsonArray, allAuthList);
		//路由菜单
		json.put("menu", menujsonArray);
		//按钮权限
		json.put("auth", authjsonArray);
		//全部权限配置（按钮权限，访问权限）
		json.put("allAuth", allauthjsonArray);
		result.setResult(json);
		result.success("查询成功");
	} catch (Exception e) {
		result.error500("查询失败:" + e.getMessage());  
		log.error(e.getMessage(), e);
	}
	return result;
}
 

/**
 * 查询用户拥有的菜单权限和按钮权限（根据TOKEN）
 * 
 * @return
 */
@RequestMapping(value = "/getUserPermissionByToken", method = RequestMethod.GET)
public Result<?> getUserPermissionByToken(@RequestParam(name = "token", required = true) String token) {
	Result<JSONObject> result = new Result<JSONObject>();
	try {
		if (oConvertUtils.isEmpty(token)) {
			return Result.error("TOKEN不允许为空！");
		}
		log.info(" ------ 通过令牌获取用户拥有的访问菜单 ---- TOKEN ------ " + token);
		String username = JwtUtil.getUsername(token);
		List<SysPermission> metaList = sysPermissionService.queryByUser(username);
		//添加首页路由
		//update-begin-author:taoyan date:20200211 for: TASK #3368 【路由缓存】首页的缓存设置有问题，需要根据后台的路由配置来实现是否缓存
		if(!PermissionDataUtil.hasIndexPage(metaList)){
			SysPermission indexMenu = sysPermissionService.list(new LambdaQueryWrapper<SysPermission>().eq(SysPermission::getName,"首页")).get(0);
			metaList.add(0,indexMenu);
		}
		//update-end-author:taoyan date:20200211 for: TASK #3368 【路由缓存】首页的缓存设置有问题，需要根据后台的路由配置来实现是否缓存
		JSONObject json = new JSONObject();
		JSONArray menujsonArray = new JSONArray();
		this.getPermissionJsonArray(menujsonArray, metaList, null);
		JSONArray authjsonArray = new JSONArray();
		this.getAuthJsonArray(authjsonArray, metaList);
		//查询所有的权限
		LambdaQueryWrapper<SysPermission> query = new LambdaQueryWrapper<SysPermission>();
		query.eq(SysPermission::getDelFlag, CommonConstant.DEL_FLAG_0);
		query.eq(SysPermission::getMenuType, CommonConstant.MENU_TYPE_2);
		//query.eq(SysPermission::getStatus, "1");
		List<SysPermission> allAuthList = sysPermissionService.list(query);
		JSONArray allauthjsonArray = new JSONArray();
		this.getAllAuthJsonArray(allauthjsonArray, allAuthList);
		//路由菜单
		json.put("menu", menujsonArray);
		//按钮权限（用户拥有的权限集合）
		json.put("auth", authjsonArray);
		//全部权限配置集合（按钮权限，访问权限）
		json.put("allAuth", allauthjsonArray);
		result.setResult(json);
		result.success("查询成功");
	} catch (Exception e) {
		result.error500("查询失败:" + e.getMessage());  
		log.error(e.getMessage(), e);
	}
	return result;
}
 

/**
 * 查询用户拥有的菜单权限和按钮权限（根据TOKEN）
 * 
 * @return
 */
@RequestMapping(value = "/getUserPermissionByToken", method = RequestMethod.GET)
public Result<?> getUserPermissionByToken(@RequestParam(name = "token", required = true) String token) {
	Result<JSONObject> result = new Result<JSONObject>();
	try {
		if (oConvertUtils.isEmpty(token)) {
			return Result.error("TOKEN不允许为空！");
		}
		log.info(" ------ 通过令牌获取用户拥有的访问菜单 ---- TOKEN ------ " + token);
		String username = JwtUtil.getUsername(token);
		List<SysPermission> metaList = sysPermissionService.queryByUser(username);
		//添加首页路由
		//update-begin-author:taoyan date:20200211 for: TASK #3368 【路由缓存】首页的缓存设置有问题，需要根据后台的路由配置来实现是否缓存
		if(!PermissionDataUtil.hasIndexPage(metaList)){
			SysPermission indexMenu = sysPermissionService.list(new LambdaQueryWrapper<SysPermission>().eq(SysPermission::getName,"首页")).get(0);
			metaList.add(0,indexMenu);
		}
		//update-end-author:taoyan date:20200211 for: TASK #3368 【路由缓存】首页的缓存设置有问题，需要根据后台的路由配置来实现是否缓存
		JSONObject json = new JSONObject();
		JSONArray menujsonArray = new JSONArray();
		this.getPermissionJsonArray(menujsonArray, metaList, null);
		JSONArray authjsonArray = new JSONArray();
		this.getAuthJsonArray(authjsonArray, metaList);
		//查询所有的权限
		LambdaQueryWrapper<SysPermission> query = new LambdaQueryWrapper<SysPermission>();
		query.eq(SysPermission::getDelFlag, CommonConstant.DEL_FLAG_0);
		query.eq(SysPermission::getMenuType, CommonConstant.MENU_TYPE_2);
		//query.eq(SysPermission::getStatus, "1");
		List<SysPermission> allAuthList = sysPermissionService.list(query);
		JSONArray allauthjsonArray = new JSONArray();
		this.getAllAuthJsonArray(allauthjsonArray, allAuthList);
		//路由菜单
		json.put("menu", menujsonArray);
		//按钮权限（用户拥有的权限集合）
		json.put("auth", authjsonArray);
		//全部权限配置集合（按钮权限，访问权限）
		json.put("allAuth", allauthjsonArray);
		result.setResult(json);
		result.success("查询成功");
	} catch (Exception e) {
		result.error500("查询失败:" + e.getMessage());  
		log.error(e.getMessage(), e);
	}
	return result;
}