Merge remote-tracking branch 'origin/dev' into 4.X

😘 发布 4.2.0
update 优化 nginx 限制外网访问内网 actuator 相关路径
2025-09-23 23:09:47 +08:00 · 2022-06-28 09:44:10 +08:00 · 2022-06-28 09:39:34 +08:00 · 2022-06-27 23:02:20 +08:00 · 2022-06-27 11:03:27 +08:00 · 2022-06-20 14:48:55 +08:00
515 changed files with 22812 additions and 14644 deletions
--- a/.gitee/ISSUE_TEMPLATE.zh-CN.md
+++ b/.gitee/ISSUE_TEMPLATE.zh-CN.md
@ -0,0 +1,13 @@
+### 使用版本(未按照模板填写直接删除)
+
+
+### 问题描述
+
+
+### 希望结果
+
+
+### 重现步骤
+
+
+### 报错信息(截图为主 请勿发混乱格式)
--- a/.gitee/PULL_REQUEST_TEMPLATE.zh-CN.md
+++ b/.gitee/PULL_REQUEST_TEMPLATE.zh-CN.md
@ -0,0 +1,7 @@
+### 更改目的 解决了什么问题(请提交到dev分支)
+
+
+### 描述 做了哪些改动
+
+
+### 测试 都做了哪些测试(未经过测试不采纳)
--- a/.gitignore
+++ b/.gitignore
@ -25,6 +25,9 @@ target/
 *.iml
 *.ipr

+### JRebel ###
+rebel.xml
+
 ### NetBeans ###
 nbproject/private/
 build/*
--- a/README.md
+++ b/README.md
@ -4,48 +4,53 @@
 [![License](https://img.shields.io/badge/License-MIT-blue.svg)](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/blob/master/LICENSE)
 [![使用IntelliJ IDEA开发维护](https://img.shields.io/badge/IntelliJ%20IDEA-提供支持-blue.svg)](https://www.jetbrains.com/?from=RuoYi-Vue-Plus)
 <br>
-[![RuoYi-Vue-Plus](https://img.shields.io/badge/RuoYi_Vue_Plus-3.4.0-success.svg)](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus)
-[![Spring Boot](https://img.shields.io/badge/Spring%20Boot-2.5-blue.svg)]()
+[![RuoYi-Vue-Plus](https://img.shields.io/badge/RuoYi_Vue_Plus-4.2.0_beta1-success.svg)](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus)
+[![Spring Boot](https://img.shields.io/badge/Spring%20Boot-2.6-blue.svg)]()
 [![JDK-8+](https://img.shields.io/badge/JDK-8-green.svg)]()
 [![JDK-11](https://img.shields.io/badge/JDK-11-green.svg)]()
-[![JDK-17](https://img.shields.io/badge/JDK-17-green.svg)]()

-> RuoYi-Vue-Plus 是基于 RuoYi-Vue 针对 `分布式集群` 场景升级(不兼容原框架)
+> RuoYi-Vue-Plus 是重写 RuoYi-Vue 针对 `分布式集群` 场景全方位升级(不兼容原框架)

 > 系统演示: [传送门](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/wikis/系统演示?sort_id=4836388)

-| 功能介绍 | 使用技术 | 文档地址 | 特性注意事项 |
-|---|---|---|---|
-| 当前框架 | RuoYi-Vue-Plus | [RuoYi-Vue-Plus文档](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/wikis/pages) | 重写RuoYi-Vue全方位升级(不兼容原框架) |
-| satoken分支 | RuoYi-Vue-Plus-satoken | [satoken分支地址](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/tree/satoken/) | 使用satoken重构权限鉴权(公测 可尝试上生产) |
-| 单体分支 | RuoYi-Vue-Plus-fast | [fast分支地址](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/tree/fast/) | 单体应用结构 |
-| 原框架 | RuoYi-Vue | [RuoYi-Vue官网](http://ruoyi.vip/) | 定期同步需要的功能 |
-| 前端开发框架 | Vue、Element UI | [Element UI官网](https://element.eleme.cn/#/zh-CN) | |
-| 后端开发框架 | SpringBoot | [SpringBoot官网](https://spring.io/projects/spring-boot/#learn) | |
-| 容器框架 | Undertow | [Undertow官网](https://undertow.io/) | 基于 Netty 的高性能容器 |
-| 权限认证框架 | Spring Security、Jwt | [SpringSecurity官网](https://spring.io/projects/spring-security#learn) | 支持多终端认证系统 |
-| 关系数据库 | MySQL | [MySQL官网](https://dev.mysql.com/) | 适配 8.X 最低 5.7 |
-| 缓存数据库 | Redis | [Redis官网](https://redis.io/) | 适配 6.X 最低 4.X |
-| 数据库框架 | Mybatis-Plus | [Mybatis-Plus文档](https://baomidou.com/guide/) | 快速 CRUD 增加开发效率 |
-| 数据库框架 | p6spy | [p6spy官网](https://p6spy.readthedocs.io/) | 更强劲的 SQL 分析 |
-| 多数据源框架 | dynamic-datasource | [dynamic-ds文档](https://www.kancloud.cn/tracy5546/dynamic-datasource/content) | 支持主从与多种类数据库异构 |
-| 序列化框架 | Jackson | [Jackson官网](https://github.com/FasterXML/jackson) | 统一使用 jackson 高效可靠 |
-| Redis客户端 | Redisson | [Redisson文档](https://github.com/redisson/redisson/wiki/%E7%9B%AE%E5%BD%95) | 支持单机、集群配置 |
-| 分布式限流 | Redisson | [Redisson文档](https://github.com/redisson/redisson/wiki/%E7%9B%AE%E5%BD%95) | 全局、请求IP、集群ID 多种限流 |
-| 分布式锁 | Lock4j | [Lock4j官网](https://gitee.com/baomidou/lock4j) | 注解锁、工具锁 多种多样 |
-| 分布式幂等 | Redisson | [Lock4j文档](https://gitee.com/baomidou/lock4j) | 拦截重复提交 |
-| 分布式日志 | TLog | [TLog文档](https://yomahub.com/tlog/docs) | 支持跟踪链路日志记录、性能分析、链路排查 |
-| 分布式任务调度 | Xxl-Job | [Xxl-Job官网](https://www.xuxueli.com/xxl-job/) | 高性能 高可靠 易扩展 |
-| 文件存储 | Minio | [Minio文档](https://docs.min.io/) | 本地存储 |
-| 文件存储 | 七牛、阿里、腾讯 | [OSS使用文档](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/wikis/pages?sort_id=4359146&doc_id=1469725) | 云存储 |
-| 监控框架 | SpringBoot-Admin | [SpringBoot-Admin文档](https://codecentric.github.io/spring-boot-admin/current/) | 全方位服务监控 |
-| 校验框架 | Validation | [Validation文档](https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/) | 增强接口安全性、严谨性 支持国际化 |
-| Excel框架 | Alibaba EasyExcel | [EasyExcel文档](https://www.yuque.com/easyexcel/doc/easyexcel) | 性能优异 扩展性强 |
-| 文档框架 | Knife4j | [Knife4j文档](https://doc.xiaominfo.com/knife4j/documentation/) | 美化接口文档 |
-| 工具类框架 | Hutool、Lombok | [Hutool文档](https://www.hutool.cn/docs/) | 减少代码冗余 增加安全性 |
-| 代码生成器 | 适配MP、Knife4j规范化代码 | [Hutool文档](https://www.hutool.cn/docs/) | 一键生成前后端代码 |
-| 部署方式 | Docker | [Docker文档](https://docs.docker.com/) | 容器编排 一键部署业务集群 |
-| 国际化 | SpringMessage | [SpringMVC文档](https://docs.spring.io/spring-framework/docs/current/reference/html/web.html#mvc) | Spring标准国际化方案 |
+| 功能介绍     | 使用技术                | 文档地址                                                                                              | 特性注意事项                     |
+|----------|---------------------|---------------------------------------------------------------------------------------------------|----------------------------|
+| 当前框架     | RuoYi-Vue-Plus      | [RuoYi-Vue-Plus文档](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/wikis/pages)                       | 重写RuoYi-Vue全方位升级(不兼容原框架)   |
+| 微服务分支    | RuoYi-Cloud-Plus    | [微服务分支地址](https://gitee.com/JavaLionLi/RuoYi-Cloud-Plus)                                          | 重写RuoYi-Cloud全方位升级(不兼容原框架) |
+| 单体分支     | RuoYi-Vue-Plus-fast | [fast分支地址](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/tree/fast/)                                | 单体应用结构                     |
+| Vue3分支   | RuoYi-Vue-Plus-UI   | [UI地址](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus-UI)                                            | 由于组件还未完善 仅供学习              |
+| 原框架      | RuoYi-Vue           | [RuoYi-Vue官网](http://ruoyi.vip/)                                                                  | 定期同步需要的功能                  |
+| 前端开发框架   | Vue、Element UI      | [Element UI官网](https://element.eleme.cn/#/zh-CN)                                                  |                            |
+| 后端开发框架   | SpringBoot          | [SpringBoot官网](https://spring.io/projects/spring-boot/#learn)                                     |                            |
+| 容器框架     | Undertow            | [Undertow官网](https://undertow.io/)                                                                | 基于 XNIO 的高性能容器             |
+| 权限认证框架   | Sa-Token、Jwt        | [Sa-Token官网](https://sa-token.dev33.cn/)                                                          | 强解耦、强扩展                    |
+| 关系数据库    | MySQL               | [MySQL官网](https://dev.mysql.com/)                                                                 | 适配 8.X 最低 5.7              |
+| 关系数据库    | Oracle              | [Oracle官网](https://www.oracle.com/cn/database/)                                                   | 适配 11g 12c                 |
+| 关系数据库    | PostgreSQL          | [PostgreSQL官网](https://www.postgresql.org/)                                                       | 适配 13 14                   |
+| 关系数据库    | SQLServer           | [SQLServer官网](https://docs.microsoft.com/zh-cn/sql/sql-server)                                    | 适配 2017 2019               |
+| 缓存数据库    | Redis               | [Redis官网](https://redis.io/)                                                                      | 适配 6.X 最低 4.X              |
+| 数据库框架    | Mybatis-Plus        | [Mybatis-Plus文档](https://baomidou.com/guide/)                                                     | 快速 CRUD 增加开发效率             |
+| 数据库框架    | p6spy               | [p6spy官网](https://p6spy.readthedocs.io/)                                                          | 更强劲的 SQL 分析                |
+| 多数据源框架   | dynamic-datasource  | [dynamic-ds文档](https://www.kancloud.cn/tracy5546/dynamic-datasource/content)                      | 支持主从与多种类数据库异构              |
+| 序列化框架    | Jackson             | [Jackson官网](https://github.com/FasterXML/jackson)                                                 | 统一使用 jackson 高效可靠          |
+| Redis客户端 | Redisson            | [Redisson文档](https://github.com/redisson/redisson/wiki/%E7%9B%AE%E5%BD%95)                        | 支持单机、集群配置                  |
+| 分布式限流    | Redisson            | [Redisson文档](https://github.com/redisson/redisson/wiki/%E7%9B%AE%E5%BD%95)                        | 全局、请求IP、集群ID 多种限流          |
+| 分布式队列    | Redisson            | [Redisson文档](https://github.com/redisson/redisson/wiki/%E7%9B%AE%E5%BD%95)                        | 普通队列、延迟队列、优先队列 等           |
+| 分布式锁     | Lock4j              | [Lock4j官网](https://gitee.com/baomidou/lock4j)                                                     | 注解锁、工具锁 多种多样               |
+| 分布式幂等    | Redisson            | [Lock4j文档](https://gitee.com/baomidou/lock4j)                                                     | 拦截重复提交                     |
+| 分布式日志    | TLog                | [TLog文档](https://yomahub.com/tlog/docs)                                                           | 支持跟踪链路日志记录、性能分析、链路排查       |
+| 分布式任务调度  | Xxl-Job             | [Xxl-Job官网](https://www.xuxueli.com/xxl-job/)                                                     | 高性能 高可靠 易扩展                |
+| 文件存储     | Minio               | [Minio文档](https://docs.min.io/)                                                                   | 本地存储                       |
+| 文件存储     | 七牛、阿里、腾讯            | [OSS使用文档](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/wikis/pages?sort_id=4359146&doc_id=1469725) | 云存储                        |
+| 短信模块     | 阿里、腾讯               | [短信使用文档](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/wikis/pages?sort_id=5578491&doc_id=1469725)  | 短信发送                       |
+| 监控框架     | SpringBoot-Admin    | [SpringBoot-Admin文档](https://codecentric.github.io/spring-boot-admin/current/)                    | 全方位服务监控                    |
+| 校验框架     | Validation          | [Validation文档](https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/)    | 增强接口安全性、严谨性 支持国际化          |
+| Excel框架  | Alibaba EasyExcel   | [EasyExcel文档](https://www.yuque.com/easyexcel/doc/easyexcel)                                      | 性能优异 扩展性强                  |
+| 文档框架     | Knife4j             | [Knife4j文档](https://doc.xiaominfo.com/knife4j/documentation/)                                     | 美化接口文档                     |
+| 工具类框架    | Hutool、Lombok       | [Hutool文档](https://www.hutool.cn/docs/)                                                           | 减少代码冗余 增加安全性               |
+| 代码生成器    | 适配MP、Knife4j规范化代码   | [Hutool文档](https://www.hutool.cn/docs/)                                                           | 一键生成前后端代码                  |
+| 部署方式     | Docker              | [Docker文档](https://docs.docker.com/)                                                              | 容器编排 一键部署业务集群              |
+| 国际化      | SpringMessage       | [SpringMVC文档](https://docs.spring.io/spring-framework/docs/current/reference/html/web.html#mvc)   | Spring标准国际化方案              |

 ## 参考文档

@ -73,8 +78,8 @@

 * 同步升级 RuoYi-Vue
 * GitHub 地址 [RuoYi-Vue-Plus-github](https://github.com/JavaLionLi/RuoYi-Vue-Plus)
-* 单模块 fast 分支 [RuoYi-Vue-Plus-fast](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/tree/fast/)
-* satoken 分支 [RuoYi-Vue-Plus-satoken](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/tree/satoken/)
+* 单模块 分支 [RuoYi-Vue-Plus-fast](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/tree/fast/)
+* 微服务 分支 [RuoYi-Cloud-Plus](https://gitee.com/JavaLionLi/RuoYi-Cloud-Plus)
 * 用户扩展项目 [扩展项目列表](https://gitee.com/JavaLionLi/RuoYi-Vue-Plus/wikis/pages?sort_id=4478302&doc_id=1469725)

 ## 加群与捐献
@ -83,7 +88,7 @@

 ## 捐献作者
 作者为兼职做开源,平时还需要工作,如果帮到了您可以请作者吃个盒饭  
-<img src="https://images.gitee.com/uploads/images/2021/0525/101654_451e4523_1766278.jpeg" width="300px" height="450px" />
+<img src="https://images.gitee.com/uploads/images/2022/0218/213734_b1b8197f_1766278.jpeg" width="300px" height="450px" />
 <img src="https://images.gitee.com/uploads/images/2021/0525/101713_3d18b119_1766278.jpeg" width="300px" height="450px" />

 ## 业务功能
@ -113,40 +118,40 @@
 ## 演示图例

 <table border="1" cellpadding="1" cellspacing="1" style="width:500px">
-	<tbody>
-		<tr>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-972235bcbe3518dedd351ff0e2ee7d1031c.png" width="1920" /></td>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-5e0097702fa91e2e36391de8127676a7fa1.png" width="1920" /></td>
-		</tr>
-		<tr>
-			<td>
-			<p><img src="https://oscimg.oschina.net/oscnet/up-e56e3828f48cd9886d88731766f06d5f3c1.png" width="1920" /></p>
-			</td>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-0715990ea1a9f254ec2138fcd063c1f556a.png" width="1920" /></td>
-		</tr>
-		<tr>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-eaf5417ccf921bb64abb959e3d8e290467f.png" width="1920" /></td>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-fc285cf33095ebf8318de6999af0f473861.png" width="1920" /></td>
-		</tr>
-		<tr>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-60c83fd8bd61c29df6dbf47c88355e9c272.png" width="1920" /></td>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-7f731948c8b73c7d90f67f9e1c7a534d5c3.png" width="1920" /></td>
-		</tr>
-		<tr>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-e4de89b5e2d20c52d3c3a47f9eb88eb8526.png" width="1920" /></td>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-8791d823a508eb90e67c604f36f57491a67.png" width="1920" /></td>
-		</tr>
-		<tr>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-4589afd99982ead331785299b894174feb6.png" width="1920" /></td>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-8ea177cdacaea20995daf2f596b15232561.png" width="1920" /></td>
-		</tr>
-		<tr>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-32d1d04c55c11f74c9129fbbc58399728c4.png" width="1920" /></td>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-04fa118f7631b7ae6fd72299ca0a1430a63.png" width="1920" /></td>
-		</tr>
-		<tr>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-fe7e85b65827802bfaadf3acd42568b58c7.png" width="1920" /></td>
-			<td><img src="https://oscimg.oschina.net/oscnet/up-eff2b02a54f8188022d8498cfe6af6fcc06.png" width="1920" /></td>
-		</tr>
-	</tbody>
+    <tbody>
+        <tr>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-972235bcbe3518dedd351ff0e2ee7d1031c.png" width="1920" /></td>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-5e0097702fa91e2e36391de8127676a7fa1.png" width="1920" /></td>
+        </tr>
+        <tr>
+            <td>
+            <p><img src="https://oscimg.oschina.net/oscnet/up-e56e3828f48cd9886d88731766f06d5f3c1.png" width="1920" /></p>
+            </td>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-0715990ea1a9f254ec2138fcd063c1f556a.png" width="1920" /></td>
+        </tr>
+        <tr>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-eaf5417ccf921bb64abb959e3d8e290467f.png" width="1920" /></td>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-fc285cf33095ebf8318de6999af0f473861.png" width="1920" /></td>
+        </tr>
+        <tr>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-60c83fd8bd61c29df6dbf47c88355e9c272.png" width="1920" /></td>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-7f731948c8b73c7d90f67f9e1c7a534d5c3.png" width="1920" /></td>
+        </tr>
+        <tr>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-e4de89b5e2d20c52d3c3a47f9eb88eb8526.png" width="1920" /></td>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-8791d823a508eb90e67c604f36f57491a67.png" width="1920" /></td>
+        </tr>
+        <tr>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-4589afd99982ead331785299b894174feb6.png" width="1920" /></td>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-8ea177cdacaea20995daf2f596b15232561.png" width="1920" /></td>
+        </tr>
+        <tr>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-32d1d04c55c11f74c9129fbbc58399728c4.png" width="1920" /></td>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-04fa118f7631b7ae6fd72299ca0a1430a63.png" width="1920" /></td>
+        </tr>
+        <tr>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-fe7e85b65827802bfaadf3acd42568b58c7.png" width="1920" /></td>
+            <td><img src="https://oscimg.oschina.net/oscnet/up-eff2b02a54f8188022d8498cfe6af6fcc06.png" width="1920" /></td>
+        </tr>
+    </tbody>
 </table>
--- a/pom.xml
+++ b/pom.xml
@ -2,49 +2,50 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-	<modelVersion>4.0.0</modelVersion>
+    <modelVersion>4.0.0</modelVersion>

    <groupId>com.ruoyi</groupId>
    <artifactId>ruoyi-vue-plus</artifactId>
-    <version>3.4.0</version>
+    <version>4.2.0</version>

    <name>RuoYi-Vue-Plus</name>
    <url>https://gitee.com/JavaLionLi/RuoYi-Vue-Plus</url>
    <description>RuoYi-Vue-Plus后台管理系统</description>

    <properties>
-        <ruoyi-vue-plus.version>3.4.0</ruoyi-vue-plus.version>
-        <spring-boot.version>2.5.7</spring-boot.version>
+        <ruoyi-vue-plus.version>4.2.0</ruoyi-vue-plus.version>
+        <spring-boot.version>2.6.9</spring-boot.version>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
        <java.version>1.8</java.version>
-        <maven-jar-plugin.version>3.2.0</maven-jar-plugin.version>
-        <druid.version>1.2.8</druid.version>
+        <maven-jar-plugin.version>3.2.2</maven-jar-plugin.version>
+        <spring-boot.mybatis>2.2.2</spring-boot.mybatis>
+        <druid.version>1.2.11</druid.version>
        <knife4j.version>3.0.3</knife4j.version>
        <swagger-annotations.version>1.5.22</swagger-annotations.version>
-        <poi.version>4.1.2</poi.version>
-        <easyexcel.version>2.2.11</easyexcel.version>
+        <poi.version>5.2.2</poi.version>
+        <easyexcel.version>3.1.1</easyexcel.version>
        <velocity.version>2.3</velocity.version>
-        <jwt.version>0.9.1</jwt.version>
-        <mybatis-plus.version>3.4.3.4</mybatis-plus.version>
+        <satoken.version>1.30.0</satoken.version>
+        <mybatis-plus.version>3.5.2</mybatis-plus.version>
        <p6spy.version>3.9.1</p6spy.version>
-        <hutool.version>5.7.16</hutool.version>
-        <okhttp.version>4.9.2</okhttp.version>
-        <spring-boot-admin.version>2.5.4</spring-boot-admin.version>
-        <redisson.version>3.16.4</redisson.version>
+        <hutool.version>5.8.3</hutool.version>
+        <okhttp.version>4.9.3</okhttp.version>
+        <spring-boot-admin.version>2.6.7</spring-boot-admin.version>
+        <redisson.version>3.17.4</redisson.version>
        <lock4j.version>2.2.1</lock4j.version>
-        <dynamic-ds.version>3.4.1</dynamic-ds.version>
-        <tlog.version>1.3.4</tlog.version>
-        <xxl-job.version>2.3.0</xxl-job.version>
+        <dynamic-ds.version>3.5.1</dynamic-ds.version>
+        <tlog.version>1.4.3</tlog.version>
+        <xxl-job.version>2.3.1</xxl-job.version>

-        <!-- jdk11 缺失依赖 jaxb-->
-        <jaxb.version>3.0.1</jaxb.version>
+        <!-- 统一 guava 版本 解决隐式漏洞问题 -->
+        <guava.version>30.0-jre</guava.version>

        <!-- OSS 配置 -->
-        <qiniu.version>7.8.0</qiniu.version>
-        <aliyun.oss.version>3.13.1</aliyun.oss.version>
-        <qcloud.cos.version>5.6.58</qcloud.cos.version>
-        <minio.version>8.3.3</minio.version>
+        <aws-java-sdk-s3.version>1.12.248</aws-java-sdk-s3.version>
+        <!-- SMS 配置 -->
+        <aliyun.sms.version>2.0.9</aliyun.sms.version>
+        <tencent.sms.version>3.1.537</tencent.sms.version>

        <!-- docker 配置 -->
        <docker.registry.url>localhost</docker.registry.url>
@ -67,6 +68,15 @@
                <scope>import</scope>
            </dependency>

+            <!-- hutool 的依赖配置-->
+            <dependency>
+                <groupId>cn.hutool</groupId>
+                <artifactId>hutool-bom</artifactId>
+                <version>${hutool.version}</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
+
            <!-- 阿里数据库连接池 -->
            <dependency>
                <groupId>com.alibaba</groupId>
@ -92,22 +102,21 @@
                <version>${swagger-annotations.version}</version>
            </dependency>

-            <!-- excel工具 -->
+            <dependency>
+                <groupId>org.apache.poi</groupId>
+                <artifactId>poi</artifactId>
+                <version>${poi.version}</version>
+            </dependency>
            <dependency>
                <groupId>org.apache.poi</groupId>
                <artifactId>poi-ooxml</artifactId>
                <version>${poi.version}</version>
            </dependency>
-
            <dependency>
                <groupId>com.alibaba</groupId>
                <artifactId>easyexcel</artifactId>
                <version>${easyexcel.version}</version>
                <exclusions>
-                    <exclusion>
-                        <groupId>org.apache.poi</groupId>
-                        <artifactId>poi</artifactId>
-                    </exclusion>
                    <exclusion>
                        <groupId>org.apache.poi</groupId>
                        <artifactId>poi-ooxml-schemas</artifactId>
@ -122,18 +131,17 @@
                <version>${velocity.version}</version>
            </dependency>

-            <!-- Token生成与解析-->
+            <!-- Sa-Token 权限认证, 在线文档：http://sa-token.dev33.cn/ -->
            <dependency>
-                <groupId>io.jsonwebtoken</groupId>
-                <artifactId>jjwt</artifactId>
-                <version>${jwt.version}</version>
+                <groupId>cn.dev33</groupId>
+                <artifactId>sa-token-spring-boot-starter</artifactId>
+                <version>${satoken.version}</version>
            </dependency>
-
-            <!-- jdk11 缺失依赖 jaxb-->
+            <!-- Sa-Token 整合 jwt -->
            <dependency>
-                <groupId>com.sun.xml.bind</groupId>
-                <artifactId>jaxb-impl</artifactId>
-                <version>${jaxb.version}</version>
+                <groupId>cn.dev33</groupId>
+                <artifactId>sa-token-jwt</artifactId>
+                <version>${satoken.version}</version>
            </dependency>

            <!-- dynamic-datasource 多数据源-->
@ -160,18 +168,30 @@
                <version>${p6spy.version}</version>
            </dependency>

-            <dependency>
-                <groupId>cn.hutool</groupId>
-                <artifactId>hutool-all</artifactId>
-                <version>${hutool.version}</version>
-            </dependency>
-
            <dependency>
                <groupId>com.squareup.okhttp3</groupId>
                <artifactId>okhttp</artifactId>
                <version>${okhttp.version}</version>
            </dependency>

+            <dependency>
+                <groupId>com.amazonaws</groupId>
+                <artifactId>aws-java-sdk-s3</artifactId>
+                <version>${aws-java-sdk-s3.version}</version>
+            </dependency>
+
+            <dependency>
+                <groupId>com.aliyun</groupId>
+                <artifactId>dysmsapi20170525</artifactId>
+                <version>${aliyun.sms.version}</version>
+            </dependency>
+
+            <dependency>
+                <groupId>com.tencentcloudapi</groupId>
+                <artifactId>tencentcloud-sdk-java</artifactId>
+                <version>${tencent.sms.version}</version>
+            </dependency>
+
            <dependency>
                <groupId>de.codecentric</groupId>
                <artifactId>spring-boot-admin-starter-server</artifactId>
@ -204,32 +224,37 @@

            <dependency>
                <groupId>com.yomahub</groupId>
-                <artifactId>tlog-spring-boot-configuration</artifactId>
-                <version>${tlog.version}</version>
-            </dependency>
-
-            <dependency>
-                <groupId>com.yomahub</groupId>
-                <artifactId>tlog-webroot</artifactId>
+                <artifactId>tlog-web-spring-boot-starter</artifactId>
                <version>${tlog.version}</version>
                <exclusions>
                    <exclusion>
-                        <artifactId>javassist</artifactId>
-                        <groupId>org.javassist</groupId>
+                        <artifactId>log4j</artifactId>
+                        <groupId>log4j</groupId>
                    </exclusion>
                    <exclusion>
-                        <artifactId>guava</artifactId>
-                        <groupId>com.google.guava</groupId>
+                        <artifactId>dom4j</artifactId>
+                        <groupId>dom4j</groupId>
+                    </exclusion>
+                    <exclusion>
+                        <artifactId>commons-beanutils</artifactId>
+                        <groupId>commons-beanutils</groupId>
                    </exclusion>
                </exclusions>
            </dependency>

            <dependency>
                <groupId>com.yomahub</groupId>
-                <artifactId>tlog-xxl-job</artifactId>
+                <artifactId>tlog-xxljob-spring-boot-starter</artifactId>
                <version>${tlog.version}</version>
            </dependency>

+            <!-- 统一 guava 版本 解决隐式漏洞问题 -->
+            <dependency>
+                <groupId>com.google.guava</groupId>
+                <artifactId>guava</artifactId>
+                <version>${guava.version}</version>
+            </dependency>
+
            <!-- 定时任务 -->
            <dependency>
                <groupId>com.ruoyi</groupId>
@ -272,6 +297,13 @@
                <version>${ruoyi-vue-plus.version}</version>
            </dependency>

+            <!-- SMS短信模块 -->
+            <dependency>
+                <groupId>com.ruoyi</groupId>
+                <artifactId>ruoyi-sms</artifactId>
+                <version>${ruoyi-vue-plus.version}</version>
+            </dependency>
+
            <!-- demo模块 -->
            <dependency>
                <groupId>com.ruoyi</groupId>
@ -292,6 +324,7 @@
        <module>ruoyi-demo</module>
        <module>ruoyi-extend</module>
        <module>ruoyi-oss</module>
+        <module>ruoyi-sms</module>
    </modules>
    <packaging>pom</packaging>

@ -300,7 +333,7 @@
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.1</version>
+                <version>3.9.0</version>
                <configuration>
                    <source>${java.version}</source>
                    <target>${java.version}</target>
@ -310,8 +343,18 @@
        </plugins>
        <resources>
            <resource>
-                <!--打包该目录下的 application.yml -->
                <directory>src/main/resources</directory>
+                <!-- 关闭过滤 -->
+                <filtering>false</filtering>
+            </resource>
+            <resource>
+                <directory>src/main/resources</directory>
+                <!-- 引入所有 匹配文件进行过滤 -->
+                <includes>
+                    <include>application*</include>
+                    <include>bootstrap*</include>
+                    <include>banner*</include>
+                </includes>
                <!-- 启用过滤 即该资源中的变量将会被过滤器中的值替换 -->
                <filtering>true</filtering>
            </resource>
--- a/ruoyi-admin/pom.xml
+++ b/ruoyi-admin/pom.xml
@ -5,7 +5,7 @@
    <parent>
        <artifactId>ruoyi-vue-plus</artifactId>
        <groupId>com.ruoyi</groupId>
-        <version>3.4.0</version>
+        <version>4.2.0</version>
    </parent>
    <modelVersion>4.0.0</modelVersion>
    <packaging>jar</packaging>
@ -29,6 +29,21 @@
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
        </dependency>
+        <!-- Oracle -->
+        <dependency>
+            <groupId>com.oracle.database.jdbc</groupId>
+            <artifactId>ojdbc8</artifactId>
+        </dependency>
+        <!-- PostgreSql -->
+        <dependency>
+            <groupId>org.postgresql</groupId>
+            <artifactId>postgresql</artifactId>
+        </dependency>
+        <!-- SqlServer -->
+        <dependency>
+            <groupId>com.microsoft.sqlserver</groupId>
+            <artifactId>mssql-jdbc</artifactId>
+        </dependency>

        <!-- 核心模块-->
        <dependency>
@ -86,7 +101,7 @@
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-war-plugin</artifactId>
-                <version>3.2.0</version>
+                <version>3.2.2</version>
                <configuration>
                    <failOnMissingWebXml>false</failOnMissingWebXml>
                    <warName>${project.artifactId}</warName>
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CaptchaController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CaptchaController.java
@ -4,50 +4,89 @@ import cn.hutool.captcha.AbstractCaptcha;
 import cn.hutool.captcha.generator.CodeGenerator;
 import cn.hutool.core.convert.Convert;
 import cn.hutool.core.util.IdUtil;
+import cn.hutool.core.util.RandomUtil;
+import com.ruoyi.common.annotation.Anonymous;
 import com.ruoyi.common.constant.Constants;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.enums.CaptchaType;
-import com.ruoyi.common.utils.RedisUtils;
 import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.redis.RedisUtils;
 import com.ruoyi.common.utils.reflect.ReflectUtils;
 import com.ruoyi.common.utils.spring.SpringUtils;
 import com.ruoyi.framework.config.properties.CaptchaProperties;
+import com.ruoyi.sms.config.properties.SmsProperties;
+import com.ruoyi.sms.core.SmsTemplate;
+import com.ruoyi.sms.entity.SmsResult;
 import com.ruoyi.system.service.ISysConfigService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import io.swagger.annotations.ApiParam;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RestController;

+import javax.validation.constraints.NotBlank;
+import java.time.Duration;
 import java.util.HashMap;
 import java.util.Map;
-import java.util.concurrent.TimeUnit;

 /**
 * 验证码操作处理
 *
 * @author Lion Li
 */
+@Anonymous
+@Slf4j
+@Validated
@Api(value = "验证码操作处理", tags = {"验证码管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
 public class CaptchaController {

    private final CaptchaProperties captchaProperties;
+    private final SmsProperties smsProperties;
    private final ISysConfigService configService;

+    /**
+     * 短信验证码
+     */
+    @ApiOperation("短信验证码")
+    @GetMapping("/captchaSms")
+    public R<Void> smsCaptcha(@ApiParam("用户手机号")
+                              @NotBlank(message = "{user.phonenumber.not.blank}")
+                              String phonenumber) {
+        if (smsProperties.getEnabled()) {
+            R.fail("当前系统没有开启短信功能！");
+        }
+        String key = Constants.CAPTCHA_CODE_KEY + phonenumber;
+        String code = RandomUtil.randomNumbers(4);
+        RedisUtils.setCacheObject(key, code, Duration.ofMinutes(Constants.CAPTCHA_EXPIRATION));
+        // 验证码模板id 自行处理 (查数据库或写死均可)
+        String templateId = "";
+        Map<String, String> map = new HashMap<>(1);
+        map.put("code", code);
+        SmsTemplate smsTemplate = SpringUtils.getBean(SmsTemplate.class);
+        SmsResult result = smsTemplate.send(phonenumber, templateId, map);
+        if (!result.isSuccess()) {
+            log.error("验证码短信发送异常 => {}", result);
+            return R.fail(result.getMessage());
+        }
+        return R.ok();
+    }
+
    /**
     * 生成验证码
     */
    @ApiOperation("生成验证码")
    @GetMapping("/captchaImage")
-    public AjaxResult<Map<String, Object>> getCode() {
+    public R<Map<String, Object>> getCode() {
        Map<String, Object> ajax = new HashMap<>();
        boolean captchaOnOff = configService.selectCaptchaOnOff();
        ajax.put("captchaOnOff", captchaOnOff);
        if (!captchaOnOff) {
-            return AjaxResult.success(ajax);
+            return R.ok(ajax);
        }
        // 保存验证码信息
        String uuid = IdUtil.simpleUUID();
@ -61,10 +100,10 @@ public class CaptchaController {
        captcha.setGenerator(codeGenerator);
        captcha.createCode();
        String code = isMath ? getCodeResult(captcha.getCode()) : captcha.getCode();
-        RedisUtils.setCacheObject(verifyKey, code, Constants.CAPTCHA_EXPIRATION, TimeUnit.MINUTES);
+        RedisUtils.setCacheObject(verifyKey, code, Duration.ofMinutes(Constants.CAPTCHA_EXPIRATION));
        ajax.put("uuid", uuid);
        ajax.put("img", captcha.getImageBase64());
-        return AjaxResult.success(ajax);
+        return R.ok(ajax);
    }

    private String getCodeResult(String capStr) {
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/CacheController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/CacheController.java
@ -1,15 +1,14 @@
 package com.ruoyi.web.controller.monitor;

-import com.ruoyi.common.core.domain.AjaxResult;
+import cn.dev33.satoken.annotation.SaCheckPermission;
+import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.utils.StringUtils;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.connection.RedisServerCommands;
 import org.springframework.data.redis.core.RedisCallback;
 import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@ -22,7 +21,7 @@ import java.util.*;
 * @author Lion Li
 */
@Api(value = "缓存监控", tags = {"缓存监控管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/monitor/cache")
 public class CacheController {
@ -30,9 +29,9 @@ public class CacheController {
    private final RedisTemplate<String, String> redisTemplate;

    @ApiOperation("获取缓存监控详细信息")
-    @PreAuthorize("@ss.hasPermi('monitor:cache:list')")
+    @SaCheckPermission("monitor:cache:list")
    @GetMapping()
-    public AjaxResult<Map<String, Object>> getInfo() throws Exception {
+    public R<Map<String, Object>> getInfo() throws Exception {
        Properties info = (Properties) redisTemplate.execute((RedisCallback<Object>) RedisServerCommands::info);
        Properties commandStats = (Properties) redisTemplate.execute((RedisCallback<Object>) connection -> connection.info("commandstats"));
        Object dbSize = redisTemplate.execute((RedisCallback<Object>) RedisServerCommands::dbSize);
@ -52,6 +51,6 @@ public class CacheController {
            });
        }
        result.put("commandStats", pieList);
-        return AjaxResult.success(result);
+        return R.ok(result);
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysLogininforController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysLogininforController.java
@ -1,8 +1,10 @@
 package com.ruoyi.web.controller.monitor;

+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.domain.PageQuery;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.poi.ExcelUtil;
@ -11,8 +13,6 @@ import com.ruoyi.system.service.ISysLogininforService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

@ -26,7 +26,7 @@ import java.util.List;
 */
@Validated
@Api(value = "系统访问记录", tags = {"系统访问记录管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/monitor/logininfor")
 public class SysLogininforController extends BaseController {
@ -34,15 +34,15 @@ public class SysLogininforController extends BaseController {
    private final ISysLogininforService logininforService;

    @ApiOperation("查询系统访问记录列表")
-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:list')")
+    @SaCheckPermission("monitor:logininfor:list")
    @GetMapping("/list")
-    public TableDataInfo<SysLogininfor> list(SysLogininfor logininfor) {
-        return logininforService.selectPageLogininforList(logininfor);
+    public TableDataInfo<SysLogininfor> list(SysLogininfor logininfor, PageQuery pageQuery) {
+        return logininforService.selectPageLogininforList(logininfor, pageQuery);
    }

    @ApiOperation("导出系统访问记录列表")
    @Log(title = "登录日志", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:export')")
+    @SaCheckPermission("monitor:logininfor:export")
    @PostMapping("/export")
    public void export(SysLogininfor logininfor, HttpServletResponse response) {
        List<SysLogininfor> list = logininforService.selectLogininforList(logininfor);
@ -50,19 +50,19 @@ public class SysLogininforController extends BaseController {
    }

    @ApiOperation("删除系统访问记录")
-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:remove')")
+    @SaCheckPermission("monitor:logininfor:remove")
    @Log(title = "登录日志", businessType = BusinessType.DELETE)
    @DeleteMapping("/{infoIds}")
-    public AjaxResult<Void> remove(@PathVariable Long[] infoIds) {
+    public R<Void> remove(@PathVariable Long[] infoIds) {
        return toAjax(logininforService.deleteLogininforByIds(infoIds));
    }

    @ApiOperation("清空系统访问记录")
-    @PreAuthorize("@ss.hasPermi('monitor:logininfor:remove')")
+    @SaCheckPermission("monitor:logininfor:remove")
    @Log(title = "登录日志", businessType = BusinessType.CLEAN)
    @DeleteMapping("/clean")
-    public AjaxResult<Void> clean() {
+    public R<Void> clean() {
        logininforService.cleanLogininfor();
-        return AjaxResult.success();
+        return R.ok();
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysOperlogController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysOperlogController.java
@ -1,8 +1,10 @@
 package com.ruoyi.web.controller.monitor;

+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.domain.PageQuery;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.poi.ExcelUtil;
@ -11,8 +13,6 @@ import com.ruoyi.system.service.ISysOperLogService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

@ -26,7 +26,7 @@ import java.util.List;
 */
@Validated
@Api(value = "操作日志记录", tags = {"操作日志记录管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/monitor/operlog")
 public class SysOperlogController extends BaseController {
@ -34,15 +34,15 @@ public class SysOperlogController extends BaseController {
    private final ISysOperLogService operLogService;

    @ApiOperation("查询操作日志记录列表")
-    @PreAuthorize("@ss.hasPermi('monitor:operlog:list')")
+    @SaCheckPermission("monitor:operlog:list")
    @GetMapping("/list")
-    public TableDataInfo<SysOperLog> list(SysOperLog operLog) {
-        return operLogService.selectPageOperLogList(operLog);
+    public TableDataInfo<SysOperLog> list(SysOperLog operLog, PageQuery pageQuery) {
+        return operLogService.selectPageOperLogList(operLog, pageQuery);
    }

    @ApiOperation("导出操作日志记录列表")
    @Log(title = "操作日志", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('monitor:operlog:export')")
+    @SaCheckPermission("monitor:operlog:export")
    @PostMapping("/export")
    public void export(SysOperLog operLog, HttpServletResponse response) {
        List<SysOperLog> list = operLogService.selectOperLogList(operLog);
@ -51,18 +51,18 @@ public class SysOperlogController extends BaseController {

    @ApiOperation("删除操作日志记录")
    @Log(title = "操作日志", businessType = BusinessType.DELETE)
-    @PreAuthorize("@ss.hasPermi('monitor:operlog:remove')")
+    @SaCheckPermission("monitor:operlog:remove")
    @DeleteMapping("/{operIds}")
-    public AjaxResult<Void> remove(@PathVariable Long[] operIds) {
+    public R<Void> remove(@PathVariable Long[] operIds) {
        return toAjax(operLogService.deleteOperLogByIds(operIds));
    }

    @ApiOperation("清空操作日志记录")
    @Log(title = "操作日志", businessType = BusinessType.CLEAN)
-    @PreAuthorize("@ss.hasPermi('monitor:operlog:remove')")
+    @SaCheckPermission("monitor:operlog:remove")
    @DeleteMapping("/clean")
-    public AjaxResult<Void> clean() {
+    public R<Void> clean() {
        operLogService.cleanOperLog();
-        return AjaxResult.success();
+        return R.ok();
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysUserOnlineController.java
@ -1,28 +1,28 @@
 package com.ruoyi.web.controller.monitor;

+import cn.dev33.satoken.annotation.SaCheckPermission;
+import cn.dev33.satoken.exception.NotLoginException;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.bean.BeanUtil;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
-import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.domain.dto.UserOnlineDTO;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.PageUtils;
-import com.ruoyi.common.utils.RedisUtils;
 import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.redis.RedisUtils;
 import com.ruoyi.system.domain.SysUserOnline;
-import com.ruoyi.system.service.ISysUserOnlineService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;

 import java.util.ArrayList;
-import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
+import java.util.stream.Collectors;

 /**
 * 在线用户监控
@ -30,51 +30,58 @@ import java.util.List;
 * @author Lion Li
 */
@Api(value = "在线用户监控", tags = {"在线用户监控管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/monitor/online")
 public class SysUserOnlineController extends BaseController {

-    private final ISysUserOnlineService userOnlineService;
-
    @ApiOperation("在线用户列表")
-    @PreAuthorize("@ss.hasPermi('monitor:online:list')")
+    @SaCheckPermission("monitor:online:list")
    @GetMapping("/list")
    public TableDataInfo<SysUserOnline> list(String ipaddr, String userName) {
-        Collection<String> keys = RedisUtils.keys(Constants.LOGIN_TOKEN_KEY + "*");
-        List<SysUserOnline> userOnlineList = new ArrayList<SysUserOnline>();
+        // 获取所有未过期的 token
+        List<String> keys = StpUtil.searchTokenValue("", -1, 0);
+        List<UserOnlineDTO> userOnlineDTOList = new ArrayList<>();
        for (String key : keys) {
-            LoginUser user = RedisUtils.getCacheObject(key);
-            if (StringUtils.isNotEmpty(ipaddr) && StringUtils.isNotEmpty(userName)) {
-                if (StringUtils.equals(ipaddr, user.getIpaddr()) && StringUtils.equals(userName, user.getUsername())) {
-                    userOnlineList.add(userOnlineService.selectOnlineByInfo(ipaddr, userName, user));
-                }
-            } else if (StringUtils.isNotEmpty(ipaddr)) {
-                if (StringUtils.equals(ipaddr, user.getIpaddr())) {
-                    userOnlineList.add(userOnlineService.selectOnlineByIpaddr(ipaddr, user));
-                }
-            } else if (StringUtils.isNotEmpty(userName)) {
-                if (StringUtils.equals(userName, user.getUsername())) {
-                    userOnlineList.add(userOnlineService.selectOnlineByUserName(userName, user));
-                }
-            } else {
-                userOnlineList.add(userOnlineService.loginUserToUserOnline(user));
+            String token = key.replace(Constants.LOGIN_TOKEN_KEY, "");
+            // 如果已经过期则踢下线
+            if (StpUtil.stpLogic.getTokenActivityTimeoutByToken(token) < 0) {
+                continue;
            }
+            userOnlineDTOList.add(RedisUtils.getCacheObject(Constants.ONLINE_TOKEN_KEY + token));
        }
-        Collections.reverse(userOnlineList);
-        userOnlineList.removeAll(Collections.singleton(null));
-        return PageUtils.buildDataInfo(userOnlineList);
+        if (StringUtils.isNotEmpty(ipaddr) && StringUtils.isNotEmpty(userName)) {
+            userOnlineDTOList = userOnlineDTOList.stream().filter(userOnline ->
+                StringUtils.equals(ipaddr, userOnline.getIpaddr()) &&
+                    StringUtils.equals(userName, userOnline.getUserName())
+            ).collect(Collectors.toList());
+        } else if (StringUtils.isNotEmpty(ipaddr)) {
+            userOnlineDTOList = userOnlineDTOList.stream().filter(userOnline ->
+                    StringUtils.equals(ipaddr, userOnline.getIpaddr()))
+                .collect(Collectors.toList());
+        } else if (StringUtils.isNotEmpty(userName)) {
+            userOnlineDTOList = userOnlineDTOList.stream().filter(userOnline ->
+                StringUtils.equals(userName, userOnline.getUserName())
+            ).collect(Collectors.toList());
+        }
+        Collections.reverse(userOnlineDTOList);
+        userOnlineDTOList.removeAll(Collections.singleton(null));
+        List<SysUserOnline> userOnlineList = BeanUtil.copyToList(userOnlineDTOList, SysUserOnline.class);
+        return TableDataInfo.build(userOnlineList);
    }

    /**
     * 强退用户
     */
    @ApiOperation("强退用户")
-    @PreAuthorize("@ss.hasPermi('monitor:online:forceLogout')")
+    @SaCheckPermission("monitor:online:forceLogout")
    @Log(title = "在线用户", businessType = BusinessType.FORCE)
    @DeleteMapping("/{tokenId}")
-    public AjaxResult<Void> forceLogout(@PathVariable String tokenId) {
-        RedisUtils.deleteObject(Constants.LOGIN_TOKEN_KEY + tokenId);
-        return AjaxResult.success();
+    public R<Void> forceLogout(@PathVariable String tokenId) {
+        try {
+            StpUtil.kickoutByTokenValue(tokenId);
+        } catch (NotLoginException e) {
+        }
+        return R.ok();
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysConfigController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysConfigController.java
@ -1,9 +1,11 @@
 package com.ruoyi.web.controller.system;

+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.domain.PageQuery;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.poi.ExcelUtil;
@ -13,8 +15,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

@ -28,7 +28,7 @@ import java.util.List;
 */
@Validated
@Api(value = "参数配置控制器", tags = {"参数配置管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/config")
 public class SysConfigController extends BaseController {
@ -39,15 +39,15 @@ public class SysConfigController extends BaseController {
     * 获取参数配置列表
     */
    @ApiOperation("获取参数配置列表")
-    @PreAuthorize("@ss.hasPermi('system:config:list')")
+    @SaCheckPermission("system:config:list")
    @GetMapping("/list")
-    public TableDataInfo<SysConfig> list(SysConfig config) {
-        return configService.selectPageConfigList(config);
+    public TableDataInfo<SysConfig> list(SysConfig config, PageQuery pageQuery) {
+        return configService.selectPageConfigList(config, pageQuery);
    }

    @ApiOperation("导出参数配置列表")
    @Log(title = "参数管理", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:config:export')")
+    @SaCheckPermission("system:config:export")
    @PostMapping("/export")
    public void export(SysConfig config, HttpServletResponse response) {
        List<SysConfig> list = configService.selectConfigList(config);
@ -58,10 +58,10 @@ public class SysConfigController extends BaseController {
     * 根据参数编号获取详细信息
     */
    @ApiOperation("根据参数编号获取详细信息")
-    @PreAuthorize("@ss.hasPermi('system:config:query')")
+    @SaCheckPermission("system:config:query")
    @GetMapping(value = "/{configId}")
-    public AjaxResult<SysConfig> getInfo(@ApiParam("参数ID") @PathVariable Long configId) {
-        return AjaxResult.success(configService.selectConfigById(configId));
+    public R<SysConfig> getInfo(@ApiParam("参数ID") @PathVariable Long configId) {
+        return R.ok(configService.selectConfigById(configId));
    }

    /**
@ -69,20 +69,20 @@ public class SysConfigController extends BaseController {
     */
    @ApiOperation("根据参数键名查询参数值")
    @GetMapping(value = "/configKey/{configKey}")
-    public AjaxResult<Void> getConfigKey(@ApiParam("参数Key") @PathVariable String configKey) {
-        return AjaxResult.success(configService.selectConfigByKey(configKey));
+    public R<Void> getConfigKey(@ApiParam("参数Key") @PathVariable String configKey) {
+        return R.ok(configService.selectConfigByKey(configKey));
    }

    /**
     * 新增参数配置
     */
    @ApiOperation("新增参数配置")
-    @PreAuthorize("@ss.hasPermi('system:config:add')")
+    @SaCheckPermission("system:config:add")
    @Log(title = "参数管理", businessType = BusinessType.INSERT)
    @PostMapping
-    public AjaxResult<Void> add(@Validated @RequestBody SysConfig config) {
+    public R<Void> add(@Validated @RequestBody SysConfig config) {
        if (UserConstants.NOT_UNIQUE.equals(configService.checkConfigKeyUnique(config))) {
-            return AjaxResult.error("新增参数'" + config.getConfigName() + "'失败，参数键名已存在");
+            return R.fail("新增参数'" + config.getConfigName() + "'失败，参数键名已存在");
        }
        return toAjax(configService.insertConfig(config));
    }
@ -91,37 +91,48 @@ public class SysConfigController extends BaseController {
     * 修改参数配置
     */
    @ApiOperation("修改参数配置")
-    @PreAuthorize("@ss.hasPermi('system:config:edit')")
+    @SaCheckPermission("system:config:edit")
    @Log(title = "参数管理", businessType = BusinessType.UPDATE)
    @PutMapping
-    public AjaxResult<Void> edit(@Validated @RequestBody SysConfig config) {
+    public R<Void> edit(@Validated @RequestBody SysConfig config) {
        if (UserConstants.NOT_UNIQUE.equals(configService.checkConfigKeyUnique(config))) {
-            return AjaxResult.error("修改参数'" + config.getConfigName() + "'失败，参数键名已存在");
+            return R.fail("修改参数'" + config.getConfigName() + "'失败，参数键名已存在");
        }
        return toAjax(configService.updateConfig(config));
    }

+    /**
+     * 根据参数键名修改参数配置
+     */
+    @ApiOperation("根据参数键名修改参数配置")
+    @SaCheckPermission("system:config:edit")
+    @Log(title = "参数管理", businessType = BusinessType.UPDATE)
+    @PutMapping("/updateByKey")
+    public R<Void> updateByKey(@RequestBody SysConfig config) {
+        return toAjax(configService.updateConfig(config));
+    }
+
    /**
     * 删除参数配置
     */
    @ApiOperation("删除参数配置")
-    @PreAuthorize("@ss.hasPermi('system:config:remove')")
+    @SaCheckPermission("system:config:remove")
    @Log(title = "参数管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{configIds}")
-    public AjaxResult<Void> remove(@ApiParam("参数ID串") @PathVariable Long[] configIds) {
+    public R<Void> remove(@ApiParam("参数ID串") @PathVariable Long[] configIds) {
        configService.deleteConfigByIds(configIds);
-        return success();
+        return R.ok();
    }

    /**
     * 刷新参数缓存
     */
    @ApiOperation("刷新参数缓存")
-    @PreAuthorize("@ss.hasPermi('system:config:remove')")
+    @SaCheckPermission("system:config:remove")
    @Log(title = "参数管理", businessType = BusinessType.CLEAN)
    @DeleteMapping("/refreshCache")
-    public AjaxResult<Void> refreshCache() {
+    public R<Void> refreshCache() {
        configService.resetConfigCache();
-        return AjaxResult.success();
+        return R.ok();
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java
@ -1,11 +1,12 @@
 package com.ruoyi.web.controller.system;

+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.lang.tree.Tree;
 import cn.hutool.core.util.ArrayUtil;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.domain.entity.SysDept;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.StringUtils;
@ -14,8 +15,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

@ -30,7 +29,7 @@ import java.util.Map;
 */
@Validated
@Api(value = "部门控制器", tags = {"部门管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/dept")
 public class SysDeptController extends BaseController {
@ -41,35 +40,35 @@ public class SysDeptController extends BaseController {
     * 获取部门列表
     */
    @ApiOperation("获取部门列表")
-    @PreAuthorize("@ss.hasPermi('system:dept:list')")
+    @SaCheckPermission("system:dept:list")
    @GetMapping("/list")
-    public AjaxResult<List<SysDept>> list(SysDept dept) {
+    public R<List<SysDept>> list(SysDept dept) {
        List<SysDept> depts = deptService.selectDeptList(dept);
-        return AjaxResult.success(depts);
+        return R.ok(depts);
    }

    /**
     * 查询部门列表（排除节点）
     */
    @ApiOperation("查询部门列表（排除节点）")
-    @PreAuthorize("@ss.hasPermi('system:dept:list')")
+    @SaCheckPermission("system:dept:list")
    @GetMapping("/list/exclude/{deptId}")
-    public AjaxResult<List<SysDept>> excludeChild(@ApiParam("部门ID") @PathVariable(value = "deptId", required = false) Long deptId) {
+    public R<List<SysDept>> excludeChild(@ApiParam("部门ID") @PathVariable(value = "deptId", required = false) Long deptId) {
        List<SysDept> depts = deptService.selectDeptList(new SysDept());
        depts.removeIf(d -> d.getDeptId().equals(deptId)
-                || ArrayUtil.contains(StringUtils.split(d.getAncestors(), ","), deptId + ""));
-        return AjaxResult.success(depts);
+            || ArrayUtil.contains(StringUtils.split(d.getAncestors(), ","), deptId + ""));
+        return R.ok(depts);
    }

    /**
     * 根据部门编号获取详细信息
     */
    @ApiOperation("根据部门编号获取详细信息")
-    @PreAuthorize("@ss.hasPermi('system:dept:query')")
+    @SaCheckPermission("system:dept:query")
    @GetMapping(value = "/{deptId}")
-    public AjaxResult<SysDept> getInfo(@ApiParam("部门ID") @PathVariable Long deptId) {
+    public R<SysDept> getInfo(@ApiParam("部门ID") @PathVariable Long deptId) {
        deptService.checkDeptDataScope(deptId);
-        return AjaxResult.success(deptService.selectDeptById(deptId));
+        return R.ok(deptService.selectDeptById(deptId));
    }

    /**
@ -77,9 +76,9 @@ public class SysDeptController extends BaseController {
     */
    @ApiOperation("获取部门下拉树列表")
    @GetMapping("/treeselect")
-    public AjaxResult<List<Tree<Long>>> treeselect(SysDept dept) {
+    public R<List<Tree<Long>>> treeselect(SysDept dept) {
        List<SysDept> depts = deptService.selectDeptList(dept);
-        return AjaxResult.success(deptService.buildDeptTreeSelect(depts));
+        return R.ok(deptService.buildDeptTreeSelect(depts));
    }

    /**
@ -87,24 +86,24 @@ public class SysDeptController extends BaseController {
     */
    @ApiOperation("加载对应角色部门列表树")
    @GetMapping(value = "/roleDeptTreeselect/{roleId}")
-    public AjaxResult<Map<String, Object>> roleDeptTreeselect(@ApiParam("角色ID") @PathVariable("roleId") Long roleId) {
+    public R<Map<String, Object>> roleDeptTreeselect(@ApiParam("角色ID") @PathVariable("roleId") Long roleId) {
        List<SysDept> depts = deptService.selectDeptList(new SysDept());
        Map<String, Object> ajax = new HashMap<>();
        ajax.put("checkedKeys", deptService.selectDeptListByRoleId(roleId));
        ajax.put("depts", deptService.buildDeptTreeSelect(depts));
-        return AjaxResult.success(ajax);
+        return R.ok(ajax);
    }

    /**
     * 新增部门
     */
    @ApiOperation("新增部门")
-    @PreAuthorize("@ss.hasPermi('system:dept:add')")
+    @SaCheckPermission("system:dept:add")
    @Log(title = "部门管理", businessType = BusinessType.INSERT)
    @PostMapping
-    public AjaxResult<Void> add(@Validated @RequestBody SysDept dept) {
+    public R<Void> add(@Validated @RequestBody SysDept dept) {
        if (UserConstants.NOT_UNIQUE.equals(deptService.checkDeptNameUnique(dept))) {
-            return AjaxResult.error("新增部门'" + dept.getDeptName() + "'失败，部门名称已存在");
+            return R.fail("新增部门'" + dept.getDeptName() + "'失败，部门名称已存在");
        }
        return toAjax(deptService.insertDept(dept));
    }
@ -113,17 +112,19 @@ public class SysDeptController extends BaseController {
     * 修改部门
     */
    @ApiOperation("修改部门")
-    @PreAuthorize("@ss.hasPermi('system:dept:edit')")
+    @SaCheckPermission("system:dept:edit")
    @Log(title = "部门管理", businessType = BusinessType.UPDATE)
    @PutMapping
-    public AjaxResult<Void> edit(@Validated @RequestBody SysDept dept) {
+    public R<Void> edit(@Validated @RequestBody SysDept dept) {
+        Long deptId = dept.getDeptId();
+        deptService.checkDeptDataScope(deptId);
        if (UserConstants.NOT_UNIQUE.equals(deptService.checkDeptNameUnique(dept))) {
-            return AjaxResult.error("修改部门'" + dept.getDeptName() + "'失败，部门名称已存在");
-        } else if (dept.getParentId().equals(dept.getDeptId())) {
-            return AjaxResult.error("修改部门'" + dept.getDeptName() + "'失败，上级部门不能是自己");
+            return R.fail("修改部门'" + dept.getDeptName() + "'失败，部门名称已存在");
+        } else if (dept.getParentId().equals(deptId)) {
+            return R.fail("修改部门'" + dept.getDeptName() + "'失败，上级部门不能是自己");
        } else if (StringUtils.equals(UserConstants.DEPT_DISABLE, dept.getStatus())
-                && deptService.selectNormalChildrenDeptById(dept.getDeptId()) > 0) {
-            return AjaxResult.error("该部门包含未停用的子部门！");
+            && deptService.selectNormalChildrenDeptById(deptId) > 0) {
+            return R.fail("该部门包含未停用的子部门！");
        }
        return toAjax(deptService.updateDept(dept));
    }
@ -132,16 +133,17 @@ public class SysDeptController extends BaseController {
     * 删除部门
     */
    @ApiOperation("删除部门")
-    @PreAuthorize("@ss.hasPermi('system:dept:remove')")
+    @SaCheckPermission("system:dept:remove")
    @Log(title = "部门管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{deptId}")
-    public AjaxResult<Void> remove(@ApiParam("部门ID串") @PathVariable Long deptId) {
+    public R<Void> remove(@ApiParam("部门ID串") @PathVariable Long deptId) {
        if (deptService.hasChildByDeptId(deptId)) {
-            return AjaxResult.error("存在下级部门,不允许删除");
+            return R.fail("存在下级部门,不允许删除");
        }
        if (deptService.checkDeptExistUser(deptId)) {
-            return AjaxResult.error("部门存在用户,不允许删除");
+            return R.fail("部门存在用户,不允许删除");
        }
+        deptService.checkDeptDataScope(deptId);
        return toAjax(deptService.deleteDeptById(deptId));
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictDataController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictDataController.java
@ -1,12 +1,14 @@
 package com.ruoyi.web.controller.system;

+import cn.dev33.satoken.annotation.SaCheckPermission;
+import cn.hutool.core.util.ObjectUtil;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.domain.PageQuery;
 import com.ruoyi.common.core.domain.entity.SysDictData;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.service.ISysDictDataService;
 import com.ruoyi.system.service.ISysDictTypeService;
@ -14,8 +16,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

@ -30,7 +30,7 @@ import java.util.List;
 */
@Validated
@Api(value = "数据字典信息控制器", tags = {"数据字典信息管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/dict/data")
 public class SysDictDataController extends BaseController {
@ -39,15 +39,15 @@ public class SysDictDataController extends BaseController {
    private final ISysDictTypeService dictTypeService;

    @ApiOperation("查询字典数据列表")
-    @PreAuthorize("@ss.hasPermi('system:dict:list')")
+    @SaCheckPermission("system:dict:list")
    @GetMapping("/list")
-    public TableDataInfo<SysDictData> list(SysDictData dictData) {
-        return dictDataService.selectPageDictDataList(dictData);
+    public TableDataInfo<SysDictData> list(SysDictData dictData, PageQuery pageQuery) {
+        return dictDataService.selectPageDictDataList(dictData, pageQuery);
    }

    @ApiOperation("导出字典数据列表")
    @Log(title = "字典数据", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:dict:export')")
+    @SaCheckPermission("system:dict:export")
    @PostMapping("/export")
    public void export(SysDictData dictData, HttpServletResponse response) {
        List<SysDictData> list = dictDataService.selectDictDataList(dictData);
@ -58,10 +58,10 @@ public class SysDictDataController extends BaseController {
     * 查询字典数据详细
     */
    @ApiOperation("查询字典数据详细")
-    @PreAuthorize("@ss.hasPermi('system:dict:query')")
+    @SaCheckPermission("system:dict:query")
    @GetMapping(value = "/{dictCode}")
-    public AjaxResult<SysDictData> getInfo(@ApiParam("字典code") @PathVariable Long dictCode) {
-        return AjaxResult.success(dictDataService.selectDictDataById(dictCode));
+    public R<SysDictData> getInfo(@ApiParam("字典code") @PathVariable Long dictCode) {
+        return R.ok(dictDataService.selectDictDataById(dictCode));
    }

    /**
@ -69,22 +69,22 @@ public class SysDictDataController extends BaseController {
     */
    @ApiOperation("根据字典类型查询字典数据信息")
    @GetMapping(value = "/type/{dictType}")
-    public AjaxResult<List<SysDictData>> dictType(@ApiParam("字典类型") @PathVariable String dictType) {
+    public R<List<SysDictData>> dictType(@ApiParam("字典类型") @PathVariable String dictType) {
        List<SysDictData> data = dictTypeService.selectDictDataByType(dictType);
-        if (StringUtils.isNull(data)) {
+        if (ObjectUtil.isNull(data)) {
            data = new ArrayList<>();
        }
-        return AjaxResult.success(data);
+        return R.ok(data);
    }

    /**
     * 新增字典类型
     */
    @ApiOperation("新增字典类型")
-    @PreAuthorize("@ss.hasPermi('system:dict:add')")
+    @SaCheckPermission("system:dict:add")
    @Log(title = "字典数据", businessType = BusinessType.INSERT)
    @PostMapping
-    public AjaxResult<Void> add(@Validated @RequestBody SysDictData dict) {
+    public R<Void> add(@Validated @RequestBody SysDictData dict) {
        return toAjax(dictDataService.insertDictData(dict));
    }

@ -92,10 +92,10 @@ public class SysDictDataController extends BaseController {
     * 修改保存字典类型
     */
    @ApiOperation("修改保存字典类型")
-    @PreAuthorize("@ss.hasPermi('system:dict:edit')")
+    @SaCheckPermission("system:dict:edit")
    @Log(title = "字典数据", businessType = BusinessType.UPDATE)
    @PutMapping
-    public AjaxResult<Void> edit(@Validated @RequestBody SysDictData dict) {
+    public R<Void> edit(@Validated @RequestBody SysDictData dict) {
        return toAjax(dictDataService.updateDictData(dict));
    }

@ -103,11 +103,11 @@ public class SysDictDataController extends BaseController {
     * 删除字典类型
     */
    @ApiOperation("删除字典类型")
-    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
+    @SaCheckPermission("system:dict:remove")
    @Log(title = "字典类型", businessType = BusinessType.DELETE)
    @DeleteMapping("/{dictCodes}")
-    public AjaxResult<Void> remove(@ApiParam("字典code串") @PathVariable Long[] dictCodes) {
+    public R<Void> remove(@ApiParam("字典code串") @PathVariable Long[] dictCodes) {
        dictDataService.deleteDictDataByIds(dictCodes);
-        return success();
+        return R.ok();
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictTypeController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictTypeController.java
@ -1,9 +1,11 @@
 package com.ruoyi.web.controller.system;

+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.domain.PageQuery;
 import com.ruoyi.common.core.domain.entity.SysDictType;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
@ -13,8 +15,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

@ -28,7 +28,7 @@ import java.util.List;
 */
@Validated
@Api(value = "数据字典信息控制器", tags = {"数据字典信息管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/dict/type")
 public class SysDictTypeController extends BaseController {
@ -36,15 +36,15 @@ public class SysDictTypeController extends BaseController {
    private final ISysDictTypeService dictTypeService;

    @ApiOperation("查询字典类型列表")
-    @PreAuthorize("@ss.hasPermi('system:dict:list')")
+    @SaCheckPermission("system:dict:list")
    @GetMapping("/list")
-    public TableDataInfo<SysDictType> list(SysDictType dictType) {
-        return dictTypeService.selectPageDictTypeList(dictType);
+    public TableDataInfo<SysDictType> list(SysDictType dictType, PageQuery pageQuery) {
+        return dictTypeService.selectPageDictTypeList(dictType, pageQuery);
    }

    @ApiOperation("导出字典类型列表")
    @Log(title = "字典类型", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:dict:export')")
+    @SaCheckPermission("system:dict:export")
    @PostMapping("/export")
    public void export(SysDictType dictType, HttpServletResponse response) {
        List<SysDictType> list = dictTypeService.selectDictTypeList(dictType);
@ -55,22 +55,22 @@ public class SysDictTypeController extends BaseController {
     * 查询字典类型详细
     */
    @ApiOperation("查询字典类型详细")
-    @PreAuthorize("@ss.hasPermi('system:dict:query')")
+    @SaCheckPermission("system:dict:query")
    @GetMapping(value = "/{dictId}")
-    public AjaxResult<SysDictType> getInfo(@ApiParam("字典ID") @PathVariable Long dictId) {
-        return AjaxResult.success(dictTypeService.selectDictTypeById(dictId));
+    public R<SysDictType> getInfo(@ApiParam("字典ID") @PathVariable Long dictId) {
+        return R.ok(dictTypeService.selectDictTypeById(dictId));
    }

    /**
     * 新增字典类型
     */
    @ApiOperation("新增字典类型")
-    @PreAuthorize("@ss.hasPermi('system:dict:add')")
+    @SaCheckPermission("system:dict:add")
    @Log(title = "字典类型", businessType = BusinessType.INSERT)
    @PostMapping
-    public AjaxResult<Void> add(@Validated @RequestBody SysDictType dict) {
+    public R<Void> add(@Validated @RequestBody SysDictType dict) {
        if (UserConstants.NOT_UNIQUE.equals(dictTypeService.checkDictTypeUnique(dict))) {
-            return AjaxResult.error("新增字典'" + dict.getDictName() + "'失败，字典类型已存在");
+            return R.fail("新增字典'" + dict.getDictName() + "'失败，字典类型已存在");
        }
        return toAjax(dictTypeService.insertDictType(dict));
    }
@ -79,12 +79,12 @@ public class SysDictTypeController extends BaseController {
     * 修改字典类型
     */
    @ApiOperation("修改字典类型")
-    @PreAuthorize("@ss.hasPermi('system:dict:edit')")
+    @SaCheckPermission("system:dict:edit")
    @Log(title = "字典类型", businessType = BusinessType.UPDATE)
    @PutMapping
-    public AjaxResult<Void> edit(@Validated @RequestBody SysDictType dict) {
+    public R<Void> edit(@Validated @RequestBody SysDictType dict) {
        if (UserConstants.NOT_UNIQUE.equals(dictTypeService.checkDictTypeUnique(dict))) {
-            return AjaxResult.error("修改字典'" + dict.getDictName() + "'失败，字典类型已存在");
+            return R.fail("修改字典'" + dict.getDictName() + "'失败，字典类型已存在");
        }
        return toAjax(dictTypeService.updateDictType(dict));
    }
@ -93,24 +93,24 @@ public class SysDictTypeController extends BaseController {
     * 删除字典类型
     */
    @ApiOperation("删除字典类型")
-    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
+    @SaCheckPermission("system:dict:remove")
    @Log(title = "字典类型", businessType = BusinessType.DELETE)
    @DeleteMapping("/{dictIds}")
-    public AjaxResult<Void> remove(@ApiParam("字典ID串") @PathVariable Long[] dictIds) {
+    public R<Void> remove(@ApiParam("字典ID串") @PathVariable Long[] dictIds) {
        dictTypeService.deleteDictTypeByIds(dictIds);
-        return success();
+        return R.ok();
    }

    /**
     * 刷新字典缓存
     */
    @ApiOperation("刷新字典缓存")
-    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
+    @SaCheckPermission("system:dict:remove")
    @Log(title = "字典类型", businessType = BusinessType.CLEAN)
    @DeleteMapping("/refreshCache")
-    public AjaxResult<Void> refreshCache() {
+    public R<Void> refreshCache() {
        dictTypeService.resetDictCache();
-        return AjaxResult.success();
+        return R.ok();
    }

    /**
@ -118,8 +118,8 @@ public class SysDictTypeController extends BaseController {
     */
    @ApiOperation("获取字典选择框列表")
    @GetMapping("/optionselect")
-    public AjaxResult<List<SysDictType>> optionselect() {
+    public R<List<SysDictType>> optionselect() {
        List<SysDictType> dictTypes = dictTypeService.selectDictTypeAll();
-        return AjaxResult.success(dictTypes);
+        return R.ok(dictTypes);
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysIndexController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysIndexController.java
@ -5,7 +5,6 @@ import com.ruoyi.common.utils.StringUtils;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RestController;

@ -15,7 +14,7 @@ import org.springframework.web.bind.annotation.RestController;
 * @author Lion Li
 */
@Api(value = "首页控制器", tags = {"首页管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
 public class SysIndexController {

--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
@ -1,11 +1,15 @@
 package com.ruoyi.web.controller.system;

+import cn.dev33.satoken.exception.NotLoginException;
+import cn.dev33.satoken.stp.StpUtil;
+import com.ruoyi.common.annotation.Anonymous;
 import com.ruoyi.common.constant.Constants;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.domain.entity.SysMenu;
 import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.core.domain.model.LoginBody;
-import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.core.domain.model.SmsLoginBody;
+import com.ruoyi.common.helper.LoginHelper;
 import com.ruoyi.system.domain.vo.RouterVo;
 import com.ruoyi.system.service.ISysMenuService;
 import com.ruoyi.system.service.ISysUserService;
@ -14,13 +18,13 @@ import com.ruoyi.system.service.SysPermissionService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;

+import javax.validation.constraints.NotBlank;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@ -33,7 +37,7 @@ import java.util.Set;
 */
@Validated
@Api(value = "登录验证控制器", tags = {"登录验证管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
 public class SysLoginController {

@ -48,15 +52,63 @@ public class SysLoginController {
     * @param loginBody 登录信息
     * @return 结果
     */
+    @Anonymous
    @ApiOperation("登录方法")
    @PostMapping("/login")
-    public AjaxResult<Map<String, Object>> login(@RequestBody LoginBody loginBody) {
+    public R<Map<String, Object>> login(@Validated @RequestBody LoginBody loginBody) {
        Map<String, Object> ajax = new HashMap<>();
        // 生成令牌
        String token = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
-                loginBody.getUuid());
+            loginBody.getUuid());
        ajax.put(Constants.TOKEN, token);
-        return AjaxResult.success(ajax);
+        return R.ok(ajax);
+    }
+
+    /**
+     * 短信登录(示例)
+     *
+     * @param smsLoginBody 登录信息
+     * @return 结果
+     */
+    @Anonymous
+    @ApiOperation("短信登录(示例)")
+    @PostMapping("/smsLogin")
+    public R<Map<String, Object>> smsLogin(@Validated @RequestBody SmsLoginBody smsLoginBody) {
+        Map<String, Object> ajax = new HashMap<>();
+        // 生成令牌
+        String token = loginService.smsLogin(smsLoginBody.getPhonenumber(), smsLoginBody.getSmsCode());
+        ajax.put(Constants.TOKEN, token);
+        return R.ok(ajax);
+    }
+
+    /**
+     * 小程序登录(示例)
+     *
+     * @param xcxCode 小程序code
+     * @return 结果
+     */
+    @Anonymous
+    @ApiOperation("小程序登录(示例)")
+    @PostMapping("/xcxLogin")
+    public R<Map<String, Object>> xcxLogin(@NotBlank(message = "{xcx.code.not.blank}") String xcxCode) {
+        Map<String, Object> ajax = new HashMap<>();
+        // 生成令牌
+        String token = loginService.xcxLogin(xcxCode);
+        ajax.put(Constants.TOKEN, token);
+        return R.ok(ajax);
+    }
+
+    @Anonymous
+    @ApiOperation("登出方法")
+    @PostMapping("/logout")
+    public R<Void> logout() {
+        try {
+            String username = LoginHelper.getUsername();
+            StpUtil.logout();
+            loginService.logout(username);
+        } catch (NotLoginException e) {
+        }
+        return R.ok("退出成功");
    }

    /**
@ -66,8 +118,8 @@ public class SysLoginController {
     */
    @ApiOperation("获取用户信息")
    @GetMapping("getInfo")
-    public AjaxResult<Map<String, Object>> getInfo() {
-        SysUser user = userService.selectUserById(SecurityUtils.getUserId());
+    public R<Map<String, Object>> getInfo() {
+        SysUser user = userService.selectUserById(LoginHelper.getUserId());
        // 角色集合
        Set<String> roles = permissionService.getRolePermission(user);
        // 权限集合
@ -76,7 +128,7 @@ public class SysLoginController {
        ajax.put("user", user);
        ajax.put("roles", roles);
        ajax.put("permissions", permissions);
-        return AjaxResult.success(ajax);
+        return R.ok(ajax);
    }

    /**
@ -86,9 +138,9 @@ public class SysLoginController {
     */
    @ApiOperation("获取路由信息")
    @GetMapping("getRouters")
-    public AjaxResult<List<RouterVo>> getRouters() {
-        Long userId = SecurityUtils.getUserId();
+    public R<List<RouterVo>> getRouters() {
+        Long userId = LoginHelper.getUserId();
        List<SysMenu> menus = menuService.selectMenuTreeByUserId(userId);
-        return AjaxResult.success(menuService.buildMenus(menus));
+        return R.ok(menuService.buildMenus(menus));
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysMenuController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysMenuController.java
@ -1,10 +1,11 @@
 package com.ruoyi.web.controller.system;

+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.lang.tree.Tree;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.domain.entity.SysMenu;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.StringUtils;
@ -13,8 +14,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

@ -29,7 +28,7 @@ import java.util.Map;
 */
@Validated
@Api(value = "菜单信息控制器", tags = {"菜单信息管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/menu")
 public class SysMenuController extends BaseController {
@ -40,21 +39,21 @@ public class SysMenuController extends BaseController {
     * 获取菜单列表
     */
    @ApiOperation("获取菜单列表")
-    @PreAuthorize("@ss.hasPermi('system:menu:list')")
+    @SaCheckPermission("system:menu:list")
    @GetMapping("/list")
-    public AjaxResult<List<SysMenu>> list(SysMenu menu) {
+    public R<List<SysMenu>> list(SysMenu menu) {
        List<SysMenu> menus = menuService.selectMenuList(menu, getUserId());
-        return AjaxResult.success(menus);
+        return R.ok(menus);
    }

    /**
     * 根据菜单编号获取详细信息
     */
    @ApiOperation("根据菜单编号获取详细信息")
-    @PreAuthorize("@ss.hasPermi('system:menu:query')")
+    @SaCheckPermission("system:menu:query")
    @GetMapping(value = "/{menuId}")
-    public AjaxResult<SysMenu> getInfo(@ApiParam("菜单ID") @PathVariable Long menuId) {
-        return AjaxResult.success(menuService.selectMenuById(menuId));
+    public R<SysMenu> getInfo(@ApiParam("菜单ID") @PathVariable Long menuId) {
+        return R.ok(menuService.selectMenuById(menuId));
    }

    /**
@ -62,9 +61,9 @@ public class SysMenuController extends BaseController {
     */
    @ApiOperation("获取菜单下拉树列表")
    @GetMapping("/treeselect")
-    public AjaxResult<List<Tree<Long>>> treeselect(SysMenu menu) {
+    public R<List<Tree<Long>>> treeselect(SysMenu menu) {
        List<SysMenu> menus = menuService.selectMenuList(menu, getUserId());
-        return AjaxResult.success(menuService.buildMenuTreeSelect(menus));
+        return R.ok(menuService.buildMenuTreeSelect(menus));
    }

    /**
@ -72,26 +71,26 @@ public class SysMenuController extends BaseController {
     */
    @ApiOperation("加载对应角色菜单列表树")
    @GetMapping(value = "/roleMenuTreeselect/{roleId}")
-    public AjaxResult<Map<String, Object>> roleMenuTreeselect(@ApiParam("角色ID") @PathVariable("roleId") Long roleId) {
+    public R<Map<String, Object>> roleMenuTreeselect(@ApiParam("角色ID") @PathVariable("roleId") Long roleId) {
        List<SysMenu> menus = menuService.selectMenuList(getUserId());
        Map<String, Object> ajax = new HashMap<>();
        ajax.put("checkedKeys", menuService.selectMenuListByRoleId(roleId));
        ajax.put("menus", menuService.buildMenuTreeSelect(menus));
-        return AjaxResult.success(ajax);
+        return R.ok(ajax);
    }

    /**
     * 新增菜单
     */
    @ApiOperation("新增菜单")
-    @PreAuthorize("@ss.hasPermi('system:menu:add')")
+    @SaCheckPermission("system:menu:add")
    @Log(title = "菜单管理", businessType = BusinessType.INSERT)
    @PostMapping
-    public AjaxResult<Void> add(@Validated @RequestBody SysMenu menu) {
+    public R<Void> add(@Validated @RequestBody SysMenu menu) {
        if (UserConstants.NOT_UNIQUE.equals(menuService.checkMenuNameUnique(menu))) {
-            return AjaxResult.error("新增菜单'" + menu.getMenuName() + "'失败，菜单名称已存在");
+            return R.fail("新增菜单'" + menu.getMenuName() + "'失败，菜单名称已存在");
        } else if (UserConstants.YES_FRAME.equals(menu.getIsFrame()) && !StringUtils.ishttp(menu.getPath())) {
-            return AjaxResult.error("新增菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
+            return R.fail("新增菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
        }
        return toAjax(menuService.insertMenu(menu));
    }
@ -100,16 +99,16 @@ public class SysMenuController extends BaseController {
     * 修改菜单
     */
    @ApiOperation("修改菜单")
-    @PreAuthorize("@ss.hasPermi('system:menu:edit')")
+    @SaCheckPermission("system:menu:edit")
    @Log(title = "菜单管理", businessType = BusinessType.UPDATE)
    @PutMapping
-    public AjaxResult<Void> edit(@Validated @RequestBody SysMenu menu) {
+    public R<Void> edit(@Validated @RequestBody SysMenu menu) {
        if (UserConstants.NOT_UNIQUE.equals(menuService.checkMenuNameUnique(menu))) {
-            return AjaxResult.error("修改菜单'" + menu.getMenuName() + "'失败，菜单名称已存在");
+            return R.fail("修改菜单'" + menu.getMenuName() + "'失败，菜单名称已存在");
        } else if (UserConstants.YES_FRAME.equals(menu.getIsFrame()) && !StringUtils.ishttp(menu.getPath())) {
-            return AjaxResult.error("修改菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
+            return R.fail("修改菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
        } else if (menu.getMenuId().equals(menu.getParentId())) {
-            return AjaxResult.error("修改菜单'" + menu.getMenuName() + "'失败，上级菜单不能选择自己");
+            return R.fail("修改菜单'" + menu.getMenuName() + "'失败，上级菜单不能选择自己");
        }
        return toAjax(menuService.updateMenu(menu));
    }
@ -118,15 +117,15 @@ public class SysMenuController extends BaseController {
     * 删除菜单
     */
    @ApiOperation("删除菜单")
-    @PreAuthorize("@ss.hasPermi('system:menu:remove')")
+    @SaCheckPermission("system:menu:remove")
    @Log(title = "菜单管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{menuId}")
-    public AjaxResult<Void> remove(@ApiParam("菜单ID") @PathVariable("menuId") Long menuId) {
+    public R<Void> remove(@ApiParam("菜单ID") @PathVariable("menuId") Long menuId) {
        if (menuService.hasChildByMenuId(menuId)) {
-            return AjaxResult.error("存在子菜单,不允许删除");
+            return R.fail("存在子菜单,不允许删除");
        }
        if (menuService.checkMenuExistRole(menuId)) {
-            return AjaxResult.error("菜单已分配,不允许删除");
+            return R.fail("菜单已分配,不允许删除");
        }
        return toAjax(menuService.deleteMenuById(menuId));
    }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysNoticeController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysNoticeController.java
@ -1,8 +1,10 @@
 package com.ruoyi.web.controller.system;

+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.domain.PageQuery;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.system.domain.SysNotice;
@ -11,8 +13,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

@ -23,7 +23,7 @@ import org.springframework.web.bind.annotation.*;
 */
@Validated
@Api(value = "公告信息控制器", tags = {"公告信息管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/notice")
 public class SysNoticeController extends BaseController {
@ -34,30 +34,30 @@ public class SysNoticeController extends BaseController {
     * 获取通知公告列表
     */
    @ApiOperation("获取通知公告列表")
-    @PreAuthorize("@ss.hasPermi('system:notice:list')")
+    @SaCheckPermission("system:notice:list")
    @GetMapping("/list")
-    public TableDataInfo<SysNotice> list(SysNotice notice) {
-        return noticeService.selectPageNoticeList(notice);
+    public TableDataInfo<SysNotice> list(SysNotice notice, PageQuery pageQuery) {
+        return noticeService.selectPageNoticeList(notice, pageQuery);
    }

    /**
     * 根据通知公告编号获取详细信息
     */
    @ApiOperation("根据通知公告编号获取详细信息")
-    @PreAuthorize("@ss.hasPermi('system:notice:query')")
+    @SaCheckPermission("system:notice:query")
    @GetMapping(value = "/{noticeId}")
-    public AjaxResult<SysNotice> getInfo(@ApiParam("公告ID") @PathVariable Long noticeId) {
-        return AjaxResult.success(noticeService.selectNoticeById(noticeId));
+    public R<SysNotice> getInfo(@ApiParam("公告ID") @PathVariable Long noticeId) {
+        return R.ok(noticeService.selectNoticeById(noticeId));
    }

    /**
     * 新增通知公告
     */
    @ApiOperation("新增通知公告")
-    @PreAuthorize("@ss.hasPermi('system:notice:add')")
+    @SaCheckPermission("system:notice:add")
    @Log(title = "通知公告", businessType = BusinessType.INSERT)
    @PostMapping
-    public AjaxResult<Void> add(@Validated @RequestBody SysNotice notice) {
+    public R<Void> add(@Validated @RequestBody SysNotice notice) {
        return toAjax(noticeService.insertNotice(notice));
    }

@ -65,10 +65,10 @@ public class SysNoticeController extends BaseController {
     * 修改通知公告
     */
    @ApiOperation("修改通知公告")
-    @PreAuthorize("@ss.hasPermi('system:notice:edit')")
+    @SaCheckPermission("system:notice:edit")
    @Log(title = "通知公告", businessType = BusinessType.UPDATE)
    @PutMapping
-    public AjaxResult<Void> edit(@Validated @RequestBody SysNotice notice) {
+    public R<Void> edit(@Validated @RequestBody SysNotice notice) {
        return toAjax(noticeService.updateNotice(notice));
    }

@ -76,10 +76,10 @@ public class SysNoticeController extends BaseController {
     * 删除通知公告
     */
    @ApiOperation("删除通知公告")
-    @PreAuthorize("@ss.hasPermi('system:notice:remove')")
+    @SaCheckPermission("system:notice:remove")
    @Log(title = "通知公告", businessType = BusinessType.DELETE)
    @DeleteMapping("/{noticeIds}")
-    public AjaxResult<Void> remove(@ApiParam("公告ID串") @PathVariable Long[] noticeIds) {
+    public R<Void> remove(@ApiParam("公告ID串") @PathVariable Long[] noticeIds) {
        return toAjax(noticeService.deleteNoticeByIds(noticeIds));
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysOssConfigController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysOssConfigController.java
@ -1,9 +1,11 @@
 package com.ruoyi.web.controller.system;

+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.annotation.RepeatSubmit;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.domain.PageQuery;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.core.validate.AddGroup;
 import com.ruoyi.common.core.validate.EditGroup;
@ -16,8 +18,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

@ -34,7 +34,7 @@ import java.util.Arrays;
 */
@Validated
@Api(value = "对象存储配置控制器", tags = {"对象存储配置管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/oss/config")
 public class SysOssConfigController extends BaseController {
@ -45,33 +45,33 @@ public class SysOssConfigController extends BaseController {
     * 查询对象存储配置列表
     */
    @ApiOperation("查询对象存储配置列表")
-    @PreAuthorize("@ss.hasPermi('system:oss:list')")
+    @SaCheckPermission("system:oss:list")
    @GetMapping("/list")
-    public TableDataInfo<SysOssConfigVo> list(@Validated(QueryGroup.class) SysOssConfigBo bo) {
-        return iSysOssConfigService.queryPageList(bo);
+    public TableDataInfo<SysOssConfigVo> list(@Validated(QueryGroup.class) SysOssConfigBo bo, PageQuery pageQuery) {
+        return iSysOssConfigService.queryPageList(bo, pageQuery);
    }

    /**
     * 获取对象存储配置详细信息
     */
    @ApiOperation("获取对象存储配置详细信息")
-    @PreAuthorize("@ss.hasPermi('system:oss:query')")
+    @SaCheckPermission("system:oss:query")
    @GetMapping("/{ossConfigId}")
-    public AjaxResult<SysOssConfigVo> getInfo(@ApiParam("OSS配置ID")
+    public R<SysOssConfigVo> getInfo(@ApiParam("OSS配置ID")
                                              @NotNull(message = "主键不能为空")
-                                              @PathVariable("ossConfigId") Integer ossConfigId) {
-        return AjaxResult.success(iSysOssConfigService.queryById(ossConfigId));
+                                              @PathVariable("ossConfigId") Long ossConfigId) {
+        return R.ok(iSysOssConfigService.queryById(ossConfigId));
    }

    /**
     * 新增对象存储配置
     */
    @ApiOperation("新增对象存储配置")
-    @PreAuthorize("@ss.hasPermi('system:oss:add')")
+    @SaCheckPermission("system:oss:add")
    @Log(title = "对象存储配置", businessType = BusinessType.INSERT)
    @RepeatSubmit()
    @PostMapping()
-    public AjaxResult<Void> add(@Validated(AddGroup.class) @RequestBody SysOssConfigBo bo) {
+    public R<Void> add(@Validated(AddGroup.class) @RequestBody SysOssConfigBo bo) {
        return toAjax(iSysOssConfigService.insertByBo(bo) ? 1 : 0);
    }

@ -79,11 +79,11 @@ public class SysOssConfigController extends BaseController {
     * 修改对象存储配置
     */
    @ApiOperation("修改对象存储配置")
-    @PreAuthorize("@ss.hasPermi('system:oss:edit')")
+    @SaCheckPermission("system:oss:edit")
    @Log(title = "对象存储配置", businessType = BusinessType.UPDATE)
    @RepeatSubmit()
    @PutMapping()
-    public AjaxResult<Void> edit(@Validated(EditGroup.class) @RequestBody SysOssConfigBo bo) {
+    public R<Void> edit(@Validated(EditGroup.class) @RequestBody SysOssConfigBo bo) {
        return toAjax(iSysOssConfigService.updateByBo(bo) ? 1 : 0);
    }

@ -91,10 +91,10 @@ public class SysOssConfigController extends BaseController {
     * 删除对象存储配置
     */
    @ApiOperation("删除对象存储配置")
-    @PreAuthorize("@ss.hasPermi('system:oss:remove')")
+    @SaCheckPermission("system:oss:remove")
    @Log(title = "对象存储配置", businessType = BusinessType.DELETE)
    @DeleteMapping("/{ossConfigIds}")
-    public AjaxResult<Void> remove(@ApiParam("OSS配置ID串")
+    public R<Void> remove(@ApiParam("OSS配置ID串")
                                   @NotEmpty(message = "主键不能为空")
                                   @PathVariable Long[] ossConfigIds) {
        return toAjax(iSysOssConfigService.deleteWithValidByIds(Arrays.asList(ossConfigIds), true) ? 1 : 0);
@ -104,10 +104,10 @@ public class SysOssConfigController extends BaseController {
     * 状态修改
     */
    @ApiOperation("状态修改")
-    @PreAuthorize("@ss.hasPermi('system:oss:edit')")
+    @SaCheckPermission("system:oss:edit")
    @Log(title = "对象存储状态修改", businessType = BusinessType.UPDATE)
    @PutMapping("/changeStatus")
-    public AjaxResult<Void> changeStatus(@RequestBody SysOssConfigBo bo) {
+    public R<Void> changeStatus(@RequestBody SysOssConfigBo bo) {
        return toAjax(iSysOssConfigService.updateOssConfigStatus(bo));
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysOssController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysOssController.java
@ -1,33 +1,27 @@
 package com.ruoyi.web.controller.system;


+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.convert.Convert;
 import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.http.HttpException;
 import cn.hutool.http.HttpUtil;
-import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.ruoyi.common.annotation.Log;
-import com.ruoyi.common.annotation.RepeatSubmit;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.PageQuery;
+import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.core.validate.QueryGroup;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.exception.ServiceException;
-import com.ruoyi.common.utils.JsonUtils;
 import com.ruoyi.common.utils.file.FileUtils;
-import com.ruoyi.oss.constant.OssConstant;
-import com.ruoyi.system.domain.SysConfig;
 import com.ruoyi.system.domain.SysOss;
 import com.ruoyi.system.domain.bo.SysOssBo;
 import com.ruoyi.system.domain.vo.SysOssVo;
-import com.ruoyi.system.service.ISysConfigService;
 import com.ruoyi.system.service.ISysOssService;
 import io.swagger.annotations.*;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.MediaType;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
@ -38,6 +32,7 @@ import java.io.File;
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;

 /**
@ -46,23 +41,35 @@ import java.util.Map;
 * @author Lion Li
 */
@Validated
-@Api(value = "OSS对象存储控制器", tags = {"OSS对象存储管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@Api(value = "对象存储控制器", tags = {"对象存储管理"})
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/oss")
 public class SysOssController extends BaseController {

    private final ISysOssService iSysOssService;
-    private final ISysConfigService iSysConfigService;

    /**
     * 查询OSS对象存储列表
     */
    @ApiOperation("查询OSS对象存储列表")
-    @PreAuthorize("@ss.hasPermi('system:oss:list')")
+    @SaCheckPermission("system:oss:list")
    @GetMapping("/list")
-    public TableDataInfo<SysOssVo> list(@Validated(QueryGroup.class) SysOssBo bo) {
-        return iSysOssService.queryPageList(bo);
+    public TableDataInfo<SysOssVo> list(@Validated(QueryGroup.class) SysOssBo bo, PageQuery pageQuery) {
+        return iSysOssService.queryPageList(bo, pageQuery);
+    }
+
+    /**
+     * 查询OSS对象基于id串
+     */
+    @ApiOperation("查询OSS对象基于ID")
+    @SaCheckPermission("system:oss:list")
+    @GetMapping("/listByIds/{ossIds}")
+    public R<List<SysOssVo>> listByIds(@ApiParam("OSS对象ID串")
+                                     @NotEmpty(message = "主键不能为空")
+                                     @PathVariable Long[] ossIds) {
+        List<SysOssVo> list = iSysOssService.listByIds(Arrays.asList(ossIds));
+        return R.ok(list);
    }

    /**
@ -70,25 +77,25 @@ public class SysOssController extends BaseController {
     */
    @ApiOperation("上传OSS对象存储")
    @ApiImplicitParams({
-        @ApiImplicitParam(name = "file", value = "文件", dataTypeClass = File.class, required = true),
+        @ApiImplicitParam(name = "file", value = "文件", paramType = "query", dataTypeClass = File.class, required = true)
    })
-    @PreAuthorize("@ss.hasPermi('system:oss:upload')")
+    @SaCheckPermission("system:oss:upload")
    @Log(title = "OSS对象存储", businessType = BusinessType.INSERT)
-    @RepeatSubmit
    @PostMapping("/upload")
-    public AjaxResult<Map<String, String>> upload(@RequestPart("file") MultipartFile file) {
+    public R<Map<String, String>> upload(@RequestPart("file") MultipartFile file) {
        if (ObjectUtil.isNull(file)) {
            throw new ServiceException("上传文件不能为空");
        }
        SysOss oss = iSysOssService.upload(file);
        Map<String, String> map = new HashMap<>(2);
        map.put("url", oss.getUrl());
-        map.put("fileName", oss.getFileName());
-        return AjaxResult.success(map);
+        map.put("fileName", oss.getOriginalName());
+        map.put("ossId", oss.getOssId().toString());
+        return R.ok(map);
    }

    @ApiOperation("下载OSS对象存储")
-    @PreAuthorize("@ss.hasPermi('system:oss:download')")
+    @SaCheckPermission("system:oss:download")
    @GetMapping("/download/{ossId}")
    public void download(@ApiParam("OSS对象ID") @PathVariable Long ossId, HttpServletResponse response) throws IOException {
        SysOss sysOss = iSysOssService.getById(ossId);
@ -115,28 +122,13 @@ public class SysOssController extends BaseController {
     * 删除OSS对象存储
     */
    @ApiOperation("删除OSS对象存储")
-    @PreAuthorize("@ss.hasPermi('system:oss:remove')")
+    @SaCheckPermission("system:oss:remove")
    @Log(title = "OSS对象存储", businessType = BusinessType.DELETE)
    @DeleteMapping("/{ossIds}")
-    public AjaxResult<Void> remove(@ApiParam("OSS对象ID串")
+    public R<Void> remove(@ApiParam("OSS对象ID串")
                                   @NotEmpty(message = "主键不能为空")
                                   @PathVariable Long[] ossIds) {
        return toAjax(iSysOssService.deleteWithValidByIds(Arrays.asList(ossIds), true) ? 1 : 0);
    }

-    /**
-     * 变更图片列表预览状态
-     */
-    @ApiOperation("变更图片列表预览状态")
-    @PreAuthorize("@ss.hasPermi('system:oss:edit')")
-    @Log(title = "OSS对象存储", businessType = BusinessType.UPDATE)
-    @PutMapping("/changePreviewListResource")
-    public AjaxResult<Void> changePreviewListResource(@RequestBody String body) {
-        Map<String, Boolean> map = JsonUtils.parseMap(body);
-        SysConfig config = iSysConfigService.getOne(new LambdaQueryWrapper<SysConfig>()
-            .eq(SysConfig::getConfigKey, OssConstant.PEREVIEW_LIST_RESOURCE_KEY));
-        config.setConfigValue(map.get("previewListResource").toString());
-        return toAjax(iSysConfigService.updateConfig(config));
-    }
-
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysPostController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysPostController.java
@ -1,9 +1,11 @@
 package com.ruoyi.web.controller.system;

+import cn.dev33.satoken.annotation.SaCheckPermission;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.domain.PageQuery;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.poi.ExcelUtil;
@ -13,8 +15,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

@ -28,7 +28,7 @@ import java.util.List;
 */
@Validated
@Api(value = "岗位信息控制器", tags = {"岗位信息管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/post")
 public class SysPostController extends BaseController {
@ -39,15 +39,15 @@ public class SysPostController extends BaseController {
     * 获取岗位列表
     */
    @ApiOperation("获取岗位列表")
-    @PreAuthorize("@ss.hasPermi('system:post:list')")
+    @SaCheckPermission("system:post:list")
    @GetMapping("/list")
-    public TableDataInfo<SysPost> list(SysPost post) {
-        return postService.selectPagePostList(post);
+    public TableDataInfo<SysPost> list(SysPost post, PageQuery pageQuery) {
+        return postService.selectPagePostList(post, pageQuery);
    }

    @ApiOperation("导出岗位列表")
    @Log(title = "岗位管理", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:post:export')")
+    @SaCheckPermission("system:post:export")
    @PostMapping("/export")
    public void export(SysPost post, HttpServletResponse response) {
        List<SysPost> list = postService.selectPostList(post);
@ -58,24 +58,24 @@ public class SysPostController extends BaseController {
     * 根据岗位编号获取详细信息
     */
    @ApiOperation("根据岗位编号获取详细信息")
-    @PreAuthorize("@ss.hasPermi('system:post:query')")
+    @SaCheckPermission("system:post:query")
    @GetMapping(value = "/{postId}")
-    public AjaxResult<SysPost> getInfo(@ApiParam("岗位ID") @PathVariable Long postId) {
-        return AjaxResult.success(postService.selectPostById(postId));
+    public R<SysPost> getInfo(@ApiParam("岗位ID") @PathVariable Long postId) {
+        return R.ok(postService.selectPostById(postId));
    }

    /**
     * 新增岗位
     */
    @ApiOperation("新增岗位")
-    @PreAuthorize("@ss.hasPermi('system:post:add')")
+    @SaCheckPermission("system:post:add")
    @Log(title = "岗位管理", businessType = BusinessType.INSERT)
    @PostMapping
-    public AjaxResult<Void> add(@Validated @RequestBody SysPost post) {
+    public R<Void> add(@Validated @RequestBody SysPost post) {
        if (UserConstants.NOT_UNIQUE.equals(postService.checkPostNameUnique(post))) {
-            return AjaxResult.error("新增岗位'" + post.getPostName() + "'失败，岗位名称已存在");
+            return R.fail("新增岗位'" + post.getPostName() + "'失败，岗位名称已存在");
        } else if (UserConstants.NOT_UNIQUE.equals(postService.checkPostCodeUnique(post))) {
-            return AjaxResult.error("新增岗位'" + post.getPostName() + "'失败，岗位编码已存在");
+            return R.fail("新增岗位'" + post.getPostName() + "'失败，岗位编码已存在");
        }
        return toAjax(postService.insertPost(post));
    }
@ -84,14 +84,14 @@ public class SysPostController extends BaseController {
     * 修改岗位
     */
    @ApiOperation("修改岗位")
-    @PreAuthorize("@ss.hasPermi('system:post:edit')")
+    @SaCheckPermission("system:post:edit")
    @Log(title = "岗位管理", businessType = BusinessType.UPDATE)
    @PutMapping
-    public AjaxResult<Void> edit(@Validated @RequestBody SysPost post) {
+    public R<Void> edit(@Validated @RequestBody SysPost post) {
        if (UserConstants.NOT_UNIQUE.equals(postService.checkPostNameUnique(post))) {
-            return AjaxResult.error("修改岗位'" + post.getPostName() + "'失败，岗位名称已存在");
+            return R.fail("修改岗位'" + post.getPostName() + "'失败，岗位名称已存在");
        } else if (UserConstants.NOT_UNIQUE.equals(postService.checkPostCodeUnique(post))) {
-            return AjaxResult.error("修改岗位'" + post.getPostName() + "'失败，岗位编码已存在");
+            return R.fail("修改岗位'" + post.getPostName() + "'失败，岗位编码已存在");
        }
        return toAjax(postService.updatePost(post));
    }
@ -100,10 +100,10 @@ public class SysPostController extends BaseController {
     * 删除岗位
     */
    @ApiOperation("删除岗位")
-    @PreAuthorize("@ss.hasPermi('system:post:remove')")
+    @SaCheckPermission("system:post:remove")
    @Log(title = "岗位管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{postIds}")
-    public AjaxResult<Void> remove(@ApiParam("岗位ID串") @PathVariable Long[] postIds) {
+    public R<Void> remove(@ApiParam("岗位ID串") @PathVariable Long[] postIds) {
        return toAjax(postService.deletePostByIds(postIds));
    }

@ -112,8 +112,8 @@ public class SysPostController extends BaseController {
     */
    @ApiOperation("获取岗位选择框列表")
    @GetMapping("/optionselect")
-    public AjaxResult<List<SysPost>> optionselect() {
+    public R<List<SysPost>> optionselect() {
        List<SysPost> posts = postService.selectPostAll();
-        return AjaxResult.success(posts);
+        return R.ok(posts);
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java
@ -1,26 +1,30 @@
 package com.ruoyi.web.controller.system;

+import cn.dev33.satoken.secure.BCrypt;
+import cn.hutool.core.io.FileUtil;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.domain.entity.SysUser;
-import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.core.service.TokenService;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.helper.LoginHelper;
 import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.file.MimeTypeUtils;
 import com.ruoyi.system.domain.SysOss;
 import com.ruoyi.system.service.ISysOssService;
 import com.ruoyi.system.service.ISysUserService;
-import io.swagger.annotations.*;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiImplicitParam;
+import io.swagger.annotations.ApiImplicitParams;
+import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;

 import java.io.File;
+import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;

@ -31,13 +35,12 @@ import java.util.Map;
 */
@Validated
@Api(value = "个人信息控制器", tags = {"个人信息管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/user/profile")
 public class SysProfileController extends BaseController {

    private final ISysUserService userService;
-    private final TokenService tokenService;
    private final ISysOssService iSysOssService;

    /**
@ -45,14 +48,13 @@ public class SysProfileController extends BaseController {
     */
    @ApiOperation("个人信息")
    @GetMapping
-    public AjaxResult<Map<String, Object>> profile() {
-        LoginUser loginUser = getLoginUser();
-        SysUser user = userService.selectUserById(loginUser.getUserId());
+    public R<Map<String, Object>> profile() {
+        SysUser user = userService.selectUserById(getUserId());
        Map<String, Object> ajax = new HashMap<>();
        ajax.put("user", user);
-        ajax.put("roleGroup", userService.selectUserRoleGroup(loginUser.getUsername()));
-        ajax.put("postGroup", userService.selectUserPostGroup(loginUser.getUsername()));
-        return AjaxResult.success(ajax);
+        ajax.put("roleGroup", userService.selectUserRoleGroup(user.getUserName()));
+        ajax.put("postGroup", userService.selectUserPostGroup(user.getUserName()));
+        return R.ok(ajax);
    }

    /**
@ -61,24 +63,22 @@ public class SysProfileController extends BaseController {
    @ApiOperation("修改用户")
    @Log(title = "个人信息", businessType = BusinessType.UPDATE)
    @PutMapping
-    public AjaxResult<Void> updateProfile(@RequestBody SysUser user) {
+    public R<Void> updateProfile(@RequestBody SysUser user) {
        if (StringUtils.isNotEmpty(user.getPhonenumber())
-                && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
-            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，手机号码已存在");
+            && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
+            return R.fail("修改用户'" + user.getUserName() + "'失败，手机号码已存在");
        }
        if (StringUtils.isNotEmpty(user.getEmail())
-                && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
-            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
+            && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
+            return R.fail("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
        }
-        LoginUser loginUser = getLoginUser();
-        SysUser sysUser = userService.selectUserById(loginUser.getUserId());
-        user.setUserId(sysUser.getUserId());
+        user.setUserId(getUserId());
        user.setUserName(null);
        user.setPassword(null);
        if (userService.updateUserProfile(user) > 0) {
-            return AjaxResult.success();
+            return R.ok();
        }
-        return AjaxResult.error("修改个人信息异常，请联系管理员");
+        return R.fail("修改个人信息异常，请联系管理员");
    }

    /**
@ -91,23 +91,21 @@ public class SysProfileController extends BaseController {
    })
    @Log(title = "个人信息", businessType = BusinessType.UPDATE)
    @PutMapping("/updatePwd")
-    public AjaxResult<Void> updatePwd(String oldPassword, String newPassword) {
-        LoginUser loginUser = getLoginUser();
-        String userName = loginUser.getUsername();
-        String password = loginUser.getPassword();
-        if (!SecurityUtils.matchesPassword(oldPassword, password)) {
-            return AjaxResult.error("修改密码失败，旧密码错误");
+    public R<Void> updatePwd(String oldPassword, String newPassword) {
+        SysUser user = userService.selectUserById(LoginHelper.getUserId());
+        String userName = user.getUserName();
+        String password = user.getPassword();
+        if (!BCrypt.checkpw(oldPassword, password)) {
+            return R.fail("修改密码失败，旧密码错误");
        }
-        if (SecurityUtils.matchesPassword(newPassword, password)) {
-            return AjaxResult.error("新密码不能与旧密码相同");
+        if (BCrypt.checkpw(newPassword, password)) {
+            return R.fail("新密码不能与旧密码相同");
        }
-        if (userService.resetUserPwd(userName, SecurityUtils.encryptPassword(newPassword)) > 0) {
-            // 更新缓存用户密码
-            loginUser.setPassword(SecurityUtils.encryptPassword(newPassword));
-            tokenService.setLoginUser(loginUser);
-            return AjaxResult.success();
+
+        if (userService.resetUserPwd(userName, BCrypt.hashpw(newPassword)) > 0) {
+            return R.ok();
        }
-        return AjaxResult.error("修改密码异常，请联系管理员");
+        return R.fail("修改密码异常，请联系管理员");
    }

    /**
@ -115,21 +113,24 @@ public class SysProfileController extends BaseController {
     */
    @ApiOperation("头像上传")
    @ApiImplicitParams({
-        @ApiImplicitParam(name = "avatarfile", value = "用户头像", dataTypeClass = File.class, required = true),
+        @ApiImplicitParam(name = "avatarfile", value = "用户头像", paramType = "query", dataTypeClass = File.class, required = true)
    })
    @Log(title = "用户头像", businessType = BusinessType.UPDATE)
    @PostMapping("/avatar")
-    public AjaxResult<Map<String, Object>> avatar(@RequestPart("avatarfile") MultipartFile file) {
+    public R<Map<String, Object>> avatar(@RequestPart("avatarfile") MultipartFile file) {
        Map<String, Object> ajax = new HashMap<>();
        if (!file.isEmpty()) {
-            LoginUser loginUser = getLoginUser();
+            String extension = FileUtil.extName(file.getOriginalFilename());
+            if (!StringUtils.equalsAnyIgnoreCase(extension, MimeTypeUtils.IMAGE_EXTENSION)) {
+                return R.fail("文件格式不正确，请上传" + Arrays.toString(MimeTypeUtils.IMAGE_EXTENSION) + "格式");
+            }
            SysOss oss = iSysOssService.upload(file);
            String avatar = oss.getUrl();
-            if (userService.updateUserAvatar(loginUser.getUsername(), avatar)) {
+            if (userService.updateUserAvatar(getUsername(), avatar)) {
                ajax.put("imgUrl", avatar);
-                return AjaxResult.success(ajax);
+                return R.ok(ajax);
            }
        }
-        return AjaxResult.error("上传图片异常，请联系管理员", ajax);
+        return R.fail("上传图片异常，请联系管理员");
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRegisterController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRegisterController.java
@ -1,15 +1,14 @@
 package com.ruoyi.web.controller.system;

+import com.ruoyi.common.annotation.Anonymous;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.domain.model.RegisterBody;
-import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.system.service.ISysConfigService;
 import com.ruoyi.system.service.SysRegisterService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
@ -22,20 +21,21 @@ import org.springframework.web.bind.annotation.RestController;
 */
@Validated
@Api(value = "注册验证控制器", tags = {"注册验证管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
 public class SysRegisterController extends BaseController {

    private final SysRegisterService registerService;
    private final ISysConfigService configService;

+    @Anonymous
    @ApiOperation("用户注册")
    @PostMapping("/register")
-    public AjaxResult<Void> register(@RequestBody RegisterBody user) {
+    public R<Void> register(@Validated @RequestBody RegisterBody user) {
        if (!("true".equals(configService.selectConfigByKey("sys.account.registerUser")))) {
-            return error("当前系统没有开启注册功能！");
+            return R.fail("当前系统没有开启注册功能！");
        }
-        String msg = registerService.register(user);
-        return StringUtils.isEmpty(msg) ? success() : error(msg);
+        registerService.register(user);
+        return R.ok();
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java
@ -1,16 +1,18 @@
 package com.ruoyi.web.controller.system;

+import cn.dev33.satoken.annotation.SaCheckPermission;
+import cn.hutool.core.util.ObjectUtil;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.domain.PageQuery;
 import com.ruoyi.common.core.domain.entity.SysRole;
 import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.core.page.TableDataInfo;
-import com.ruoyi.common.core.service.TokenService;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.helper.LoginHelper;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.domain.SysUserRole;
 import com.ruoyi.system.service.ISysRoleService;
@ -18,8 +20,6 @@ import com.ruoyi.system.service.ISysUserService;
 import com.ruoyi.system.service.SysPermissionService;
 import io.swagger.annotations.*;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

@ -33,26 +33,25 @@ import java.util.List;
 */
@Validated
@Api(value = "角色信息控制器", tags = {"角色信息管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/role")
 public class SysRoleController extends BaseController {

    private final ISysRoleService roleService;
-    private final TokenService tokenService;
    private final ISysUserService userService;
    private final SysPermissionService permissionService;

    @ApiOperation("查询角色信息列表")
-    @PreAuthorize("@ss.hasPermi('system:role:list')")
+    @SaCheckPermission("system:role:list")
    @GetMapping("/list")
-    public TableDataInfo<SysRole> list(SysRole role) {
-        return roleService.selectPageRoleList(role);
+    public TableDataInfo<SysRole> list(SysRole role, PageQuery pageQuery) {
+        return roleService.selectPageRoleList(role, pageQuery);
    }

    @ApiOperation("导出角色信息列表")
    @Log(title = "角色管理", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:role:export')")
+    @SaCheckPermission("system:role:export")
    @PostMapping("/export")
    public void export(SysRole role, HttpServletResponse response) {
        List<SysRole> list = roleService.selectRoleList(role);
@ -63,25 +62,25 @@ public class SysRoleController extends BaseController {
     * 根据角色编号获取详细信息
     */
    @ApiOperation("根据角色编号获取详细信息")
-    @PreAuthorize("@ss.hasPermi('system:role:query')")
+    @SaCheckPermission("system:role:query")
    @GetMapping(value = "/{roleId}")
-    public AjaxResult<SysRole> getInfo(@ApiParam("角色ID") @PathVariable Long roleId) {
+    public R<SysRole> getInfo(@ApiParam("角色ID") @PathVariable Long roleId) {
        roleService.checkRoleDataScope(roleId);
-        return AjaxResult.success(roleService.selectRoleById(roleId));
+        return R.ok(roleService.selectRoleById(roleId));
    }

    /**
     * 新增角色
     */
    @ApiOperation("新增角色")
-    @PreAuthorize("@ss.hasPermi('system:role:add')")
+    @SaCheckPermission("system:role:add")
    @Log(title = "角色管理", businessType = BusinessType.INSERT)
    @PostMapping
-    public AjaxResult<Void> add(@Validated @RequestBody SysRole role) {
+    public R<Void> add(@Validated @RequestBody SysRole role) {
        if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role))) {
-            return AjaxResult.error("新增角色'" + role.getRoleName() + "'失败，角色名称已存在");
+            return R.fail("新增角色'" + role.getRoleName() + "'失败，角色名称已存在");
        } else if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleKeyUnique(role))) {
-            return AjaxResult.error("新增角色'" + role.getRoleName() + "'失败，角色权限已存在");
+            return R.fail("新增角色'" + role.getRoleName() + "'失败，角色权限已存在");
        }
        return toAjax(roleService.insertRole(role));

@ -91,39 +90,41 @@ public class SysRoleController extends BaseController {
     * 修改保存角色
     */
    @ApiOperation("修改保存角色")
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @SaCheckPermission("system:role:edit")
    @Log(title = "角色管理", businessType = BusinessType.UPDATE)
    @PutMapping
-    public AjaxResult<Void> edit(@Validated @RequestBody SysRole role) {
+    public R<Void> edit(@Validated @RequestBody SysRole role) {
        roleService.checkRoleAllowed(role);
+        roleService.checkRoleDataScope(role.getRoleId());
        if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role))) {
-            return AjaxResult.error("修改角色'" + role.getRoleName() + "'失败，角色名称已存在");
+            return R.fail("修改角色'" + role.getRoleName() + "'失败，角色名称已存在");
        } else if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleKeyUnique(role))) {
-            return AjaxResult.error("修改角色'" + role.getRoleName() + "'失败，角色权限已存在");
+            return R.fail("修改角色'" + role.getRoleName() + "'失败，角色权限已存在");
        }

        if (roleService.updateRole(role) > 0) {
            // 更新缓存用户权限
            LoginUser loginUser = getLoginUser();
            SysUser sysUser = userService.selectUserById(loginUser.getUserId());
-            if (StringUtils.isNotNull(sysUser) && !sysUser.isAdmin()) {
-                loginUser.setPermissions(permissionService.getMenuPermission(sysUser));
-                tokenService.setLoginUser(loginUser);
+            if (ObjectUtil.isNotNull(sysUser) && !sysUser.isAdmin()) {
+                loginUser.setMenuPermission(permissionService.getMenuPermission(sysUser));
+                LoginHelper.setLoginUser(loginUser);
            }
-            return AjaxResult.success();
+            return R.ok();
        }
-        return AjaxResult.error("修改角色'" + role.getRoleName() + "'失败，请联系管理员");
+        return R.fail("修改角色'" + role.getRoleName() + "'失败，请联系管理员");
    }

    /**
     * 修改保存数据权限
     */
    @ApiOperation("修改保存数据权限")
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @SaCheckPermission("system:role:edit")
    @Log(title = "角色管理", businessType = BusinessType.UPDATE)
    @PutMapping("/dataScope")
-    public AjaxResult<Void> dataScope(@RequestBody SysRole role) {
+    public R<Void> dataScope(@RequestBody SysRole role) {
        roleService.checkRoleAllowed(role);
+        roleService.checkRoleDataScope(role.getRoleId());
        return toAjax(roleService.authDataScope(role));
    }

@ -131,11 +132,12 @@ public class SysRoleController extends BaseController {
     * 状态修改
     */
    @ApiOperation("状态修改")
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @SaCheckPermission("system:role:edit")
    @Log(title = "角色管理", businessType = BusinessType.UPDATE)
    @PutMapping("/changeStatus")
-    public AjaxResult<Void> changeStatus(@RequestBody SysRole role) {
+    public R<Void> changeStatus(@RequestBody SysRole role) {
        roleService.checkRoleAllowed(role);
+        roleService.checkRoleDataScope(role.getRoleId());
        return toAjax(roleService.updateRoleStatus(role));
    }

@ -143,10 +145,10 @@ public class SysRoleController extends BaseController {
     * 删除角色
     */
    @ApiOperation("删除角色")
-    @PreAuthorize("@ss.hasPermi('system:role:remove')")
+    @SaCheckPermission("system:role:remove")
    @Log(title = "角色管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{roleIds}")
-    public AjaxResult<Void> remove(@ApiParam("岗位ID串") @PathVariable Long[] roleIds) {
+    public R<Void> remove(@ApiParam("角色ID串") @PathVariable Long[] roleIds) {
        return toAjax(roleService.deleteRoleByIds(roleIds));
    }

@ -154,40 +156,40 @@ public class SysRoleController extends BaseController {
     * 获取角色选择框列表
     */
    @ApiOperation("获取角色选择框列表")
-    @PreAuthorize("@ss.hasPermi('system:role:query')")
+    @SaCheckPermission("system:role:query")
    @GetMapping("/optionselect")
-    public AjaxResult<List<SysRole>> optionselect() {
-        return AjaxResult.success(roleService.selectRoleAll());
+    public R<List<SysRole>> optionselect() {
+        return R.ok(roleService.selectRoleAll());
    }

    /**
     * 查询已分配用户角色列表
     */
    @ApiOperation("查询已分配用户角色列表")
-    @PreAuthorize("@ss.hasPermi('system:role:list')")
+    @SaCheckPermission("system:role:list")
    @GetMapping("/authUser/allocatedList")
-    public TableDataInfo<SysUser> allocatedList(SysUser user) {
-        return userService.selectAllocatedList(user);
+    public TableDataInfo<SysUser> allocatedList(SysUser user, PageQuery pageQuery) {
+        return userService.selectAllocatedList(user, pageQuery);
    }

    /**
     * 查询未分配用户角色列表
     */
    @ApiOperation("查询未分配用户角色列表")
-    @PreAuthorize("@ss.hasPermi('system:role:list')")
+    @SaCheckPermission("system:role:list")
    @GetMapping("/authUser/unallocatedList")
-    public TableDataInfo<SysUser> unallocatedList(SysUser user) {
-        return userService.selectUnallocatedList(user);
+    public TableDataInfo<SysUser> unallocatedList(SysUser user, PageQuery pageQuery) {
+        return userService.selectUnallocatedList(user, pageQuery);
    }

    /**
     * 取消授权用户
     */
    @ApiOperation("取消授权用户")
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @SaCheckPermission("system:role:edit")
    @Log(title = "角色管理", businessType = BusinessType.GRANT)
    @PutMapping("/authUser/cancel")
-    public AjaxResult<Void> cancelAuthUser(@RequestBody SysUserRole userRole) {
+    public R<Void> cancelAuthUser(@RequestBody SysUserRole userRole) {
        return toAjax(roleService.deleteAuthUser(userRole));
    }

@ -199,10 +201,10 @@ public class SysRoleController extends BaseController {
        @ApiImplicitParam(name = "roleId", value = "角色ID", paramType = "query", dataTypeClass = String.class),
        @ApiImplicitParam(name = "userIds", value = "用户ID串", paramType = "query", dataTypeClass = String.class)
    })
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @SaCheckPermission("system:role:edit")
    @Log(title = "角色管理", businessType = BusinessType.GRANT)
    @PutMapping("/authUser/cancelAll")
-    public AjaxResult<Void> cancelAuthUserAll(Long roleId, Long[] userIds) {
+    public R<Void> cancelAuthUserAll(Long roleId, Long[] userIds) {
        return toAjax(roleService.deleteAuthUsers(roleId, userIds));
    }

@ -214,10 +216,11 @@ public class SysRoleController extends BaseController {
        @ApiImplicitParam(name = "roleId", value = "角色ID", paramType = "query", dataTypeClass = String.class),
        @ApiImplicitParam(name = "userIds", value = "用户ID串", paramType = "query", dataTypeClass = String.class)
    })
-    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @SaCheckPermission("system:role:edit")
    @Log(title = "角色管理", businessType = BusinessType.GRANT)
    @PutMapping("/authUser/selectAll")
-    public AjaxResult<Void> selectAuthUserAll(Long roleId, Long[] userIds) {
+    public R<Void> selectAuthUserAll(Long roleId, Long[] userIds) {
+        roleService.checkRoleDataScope(roleId);
        return toAjax(roleService.insertAuthUsers(roleId, userIds));
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
@ -1,19 +1,22 @@
 package com.ruoyi.web.controller.system;

+import cn.dev33.satoken.annotation.SaCheckPermission;
+import cn.dev33.satoken.secure.BCrypt;
 import cn.hutool.core.bean.BeanUtil;
 import cn.hutool.core.util.ArrayUtil;
 import cn.hutool.core.util.ObjectUtil;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.PageQuery;
+import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.domain.entity.SysDept;
 import com.ruoyi.common.core.domain.entity.SysRole;
 import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.excel.ExcelResult;
-import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.helper.LoginHelper;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.domain.vo.SysUserExportVo;
@ -24,8 +27,6 @@ import com.ruoyi.system.service.ISysRoleService;
 import com.ruoyi.system.service.ISysUserService;
 import io.swagger.annotations.*;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
@ -44,7 +45,7 @@ import java.util.stream.Collectors;
 */
@Validated
@Api(value = "用户信息控制器", tags = {"用户信息管理"})
-@RequiredArgsConstructor(onConstructor_ = @Autowired)
+@RequiredArgsConstructor
@RestController
@RequestMapping("/system/user")
 public class SysUserController extends BaseController {
@ -57,15 +58,15 @@ public class SysUserController extends BaseController {
     * 获取用户列表
     */
    @ApiOperation("获取用户列表")
-    @PreAuthorize("@ss.hasPermi('system:user:list')")
+    @SaCheckPermission("system:user:list")
    @GetMapping("/list")
-    public TableDataInfo<SysUser> list(SysUser user) {
-        return userService.selectPageUserList(user);
+    public TableDataInfo<SysUser> list(SysUser user, PageQuery pageQuery) {
+        return userService.selectPageUserList(user, pageQuery);
    }

    @ApiOperation("导出用户列表")
    @Log(title = "用户管理", businessType = BusinessType.EXPORT)
-    @PreAuthorize("@ss.hasPermi('system:user:export')")
+    @SaCheckPermission("system:user:export")
    @PostMapping("/export")
    public void export(SysUser user, HttpServletResponse response) {
        List<SysUser> list = userService.selectUserList(user);
@ -83,14 +84,14 @@ public class SysUserController extends BaseController {

    @ApiOperation("导入用户列表")
    @ApiImplicitParams({
-            @ApiImplicitParam(name = "file", value = "导入文件", dataType = "java.io.File", required = true),
+        @ApiImplicitParam(name = "file", value = "导入文件", dataType = "java.io.File", required = true),
    })
    @Log(title = "用户管理", businessType = BusinessType.IMPORT)
-    @PreAuthorize("@ss.hasPermi('system:user:import')")
+    @SaCheckPermission("system:user:import")
    @PostMapping("/importData")
-    public AjaxResult<Void> importData(@RequestPart("file") MultipartFile file, boolean updateSupport) throws Exception {
+    public R<Void> importData(@RequestPart("file") MultipartFile file, boolean updateSupport) throws Exception {
        ExcelResult<SysUserImportVo> result = ExcelUtil.importExcel(file.getInputStream(), SysUserImportVo.class, new SysUserImportListener(updateSupport));
-        return AjaxResult.success(result.getAnalysis());
+        return R.ok(result.getAnalysis());
    }

    @ApiOperation("下载导入模板")
@ -103,40 +104,41 @@ public class SysUserController extends BaseController {
     * 根据用户编号获取详细信息
     */
    @ApiOperation("根据用户编号获取详细信息")
-    @PreAuthorize("@ss.hasPermi('system:user:query')")
+    @SaCheckPermission("system:user:query")
    @GetMapping(value = {"/", "/{userId}"})
-    public AjaxResult<Map<String, Object>> getInfo(@ApiParam("用户ID") @PathVariable(value = "userId", required = false) Long userId) {
+    public R<Map<String, Object>> getInfo(@ApiParam("用户ID") @PathVariable(value = "userId", required = false) Long userId) {
        userService.checkUserDataScope(userId);
        Map<String, Object> ajax = new HashMap<>();
        List<SysRole> roles = roleService.selectRoleAll();
-        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
+        ajax.put("roles", LoginHelper.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
        ajax.put("posts", postService.selectPostAll());
-        if (StringUtils.isNotNull(userId)) {
-            ajax.put("user", userService.selectUserById(userId));
+        if (ObjectUtil.isNotNull(userId)) {
+            SysUser sysUser = userService.selectUserById(userId);
+            ajax.put("user", sysUser);
            ajax.put("postIds", postService.selectPostListByUserId(userId));
-            ajax.put("roleIds", roleService.selectRoleListByUserId(userId));
+            ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
        }
-        return AjaxResult.success(ajax);
+        return R.ok(ajax);
    }

    /**
     * 新增用户
     */
    @ApiOperation("新增用户")
-    @PreAuthorize("@ss.hasPermi('system:user:add')")
+    @SaCheckPermission("system:user:add")
    @Log(title = "用户管理", businessType = BusinessType.INSERT)
    @PostMapping
-    public AjaxResult<Void> add(@Validated @RequestBody SysUser user) {
+    public R<Void> add(@Validated @RequestBody SysUser user) {
        if (UserConstants.NOT_UNIQUE.equals(userService.checkUserNameUnique(user.getUserName()))) {
-            return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，登录账号已存在");
+            return R.fail("新增用户'" + user.getUserName() + "'失败，登录账号已存在");
        } else if (StringUtils.isNotEmpty(user.getPhonenumber())
-                && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
-            return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，手机号码已存在");
+            && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
+            return R.fail("新增用户'" + user.getUserName() + "'失败，手机号码已存在");
        } else if (StringUtils.isNotEmpty(user.getEmail())
-                && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
-            return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
+            && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
+            return R.fail("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
        }
-        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
+        user.setPassword(BCrypt.hashpw(user.getPassword()));
        return toAjax(userService.insertUser(user));
    }

@ -144,17 +146,18 @@ public class SysUserController extends BaseController {
     * 修改用户
     */
    @ApiOperation("修改用户")
-    @PreAuthorize("@ss.hasPermi('system:user:edit')")
+    @SaCheckPermission("system:user:edit")
    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
    @PutMapping
-    public AjaxResult<Void> edit(@Validated @RequestBody SysUser user) {
+    public R<Void> edit(@Validated @RequestBody SysUser user) {
        userService.checkUserAllowed(user);
+        userService.checkUserDataScope(user.getUserId());
        if (StringUtils.isNotEmpty(user.getPhonenumber())
-                && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
-            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，手机号码已存在");
+            && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user))) {
+            return R.fail("修改用户'" + user.getUserName() + "'失败，手机号码已存在");
        } else if (StringUtils.isNotEmpty(user.getEmail())
-                && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
-            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
+            && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user))) {
+            return R.fail("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
        }
        return toAjax(userService.updateUser(user));
    }
@ -163,12 +166,12 @@ public class SysUserController extends BaseController {
     * 删除用户
     */
    @ApiOperation("删除用户")
-    @PreAuthorize("@ss.hasPermi('system:user:remove')")
+    @SaCheckPermission("system:user:remove")
    @Log(title = "用户管理", businessType = BusinessType.DELETE)
    @DeleteMapping("/{userIds}")
-    public AjaxResult<Void> remove(@ApiParam("角色ID串") @PathVariable Long[] userIds) {
+    public R<Void> remove(@ApiParam("角色ID串") @PathVariable Long[] userIds) {
        if (ArrayUtil.contains(userIds, getUserId())) {
-            return error("当前用户不能删除");
+            return R.fail("当前用户不能删除");
        }
        return toAjax(userService.deleteUserByIds(userIds));
    }
@ -177,12 +180,13 @@ public class SysUserController extends BaseController {
     * 重置密码
     */
    @ApiOperation("重置密码")
-    @PreAuthorize("@ss.hasPermi('system:user:resetPwd')")
+    @SaCheckPermission("system:user:resetPwd")
    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
    @PutMapping("/resetPwd")
-    public AjaxResult<Void> resetPwd(@RequestBody SysUser user) {
+    public R<Void> resetPwd(@RequestBody SysUser user) {
        userService.checkUserAllowed(user);
-        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
+        userService.checkUserDataScope(user.getUserId());
+        user.setPassword(BCrypt.hashpw(user.getPassword()));
        return toAjax(userService.resetPwd(user));
    }

@ -190,11 +194,12 @@ public class SysUserController extends BaseController {
     * 状态修改
     */
    @ApiOperation("状态修改")
-    @PreAuthorize("@ss.hasPermi('system:user:edit')")
+    @SaCheckPermission("system:user:edit")
    @Log(title = "用户管理", businessType = BusinessType.UPDATE)
    @PutMapping("/changeStatus")
-    public AjaxResult<Void> changeStatus(@RequestBody SysUser user) {
+    public R<Void> changeStatus(@RequestBody SysUser user) {
        userService.checkUserAllowed(user);
+        userService.checkUserDataScope(user.getUserId());
        return toAjax(userService.updateUserStatus(user));
    }

@ -202,15 +207,15 @@ public class SysUserController extends BaseController {
     * 根据用户编号获取授权角色
     */
    @ApiOperation("根据用户编号获取授权角色")
-    @PreAuthorize("@ss.hasPermi('system:user:query')")
+    @SaCheckPermission("system:user:query")
    @GetMapping("/authRole/{userId}")
-    public AjaxResult<Map<String, Object>> authRole(@ApiParam("用户ID") @PathVariable("userId") Long userId) {
+    public R<Map<String, Object>> authRole(@ApiParam("用户ID") @PathVariable("userId") Long userId) {
        SysUser user = userService.selectUserById(userId);
        List<SysRole> roles = roleService.selectRolesByUserId(userId);
        Map<String, Object> ajax = new HashMap<>();
        ajax.put("user", user);
-        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
-        return AjaxResult.success(ajax);
+        ajax.put("roles", LoginHelper.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
+        return R.ok(ajax);
    }

    /**
@ -221,11 +226,12 @@ public class SysUserController extends BaseController {
        @ApiImplicitParam(name = "userId", value = "用户Id", paramType = "query", dataTypeClass = String.class),
        @ApiImplicitParam(name = "roleIds", value = "角色ID串", paramType = "query", dataTypeClass = String.class)
    })
-    @PreAuthorize("@ss.hasPermi('system:user:edit')")
+    @SaCheckPermission("system:user:edit")
    @Log(title = "用户管理", businessType = BusinessType.GRANT)
    @PutMapping("/authRole")
-    public AjaxResult<Void> insertAuthRole(Long userId, Long[] roleIds) {
+    public R<Void> insertAuthRole(Long userId, Long[] roleIds) {
+        userService.checkUserDataScope(userId);
        userService.insertUserAuth(userId, roleIds);
-        return success();
+        return R.ok();
    }
 }
--- a/ruoyi-admin/src/main/resources/application-dev.yml
+++ b/ruoyi-admin/src/main/resources/application-dev.yml
@ -1,41 +1,34 @@
--- # 监控配置
-spring:
-  boot:
-    admin:
-      # Spring Boot Admin Client 客户端的相关配置
-      client:
-        # 增加客户端开关
-        enabled: true
-        # 设置 Spring Boot Admin Server 地址
-        url: http://localhost:9090/admin
-        instance:
-          prefer-ip: true # 注册实例时，优先使用 IP
-        username: ruoyi
-        password: 123456
+--- # 监控中心配置
+spring.boot.admin.client:
+  # 增加客户端开关
+  enabled: true
+  url: http://localhost:9090/admin
+  instance:
+    service-host-type: IP
+  username: ruoyi
+  password: 123456

 --- # xxl-job 配置
-xxl:
-  job:
-    # 执行器开关
-    enabled: true
-    # 调度中心地址：如调度中心集群部署存在多个地址则用逗号分隔。
-    admin-addresses: http://localhost:9100/xxl-job-admin
-    # 执行器通讯TOKEN：非空时启用
-    access-token: xxl-job
-    # 执行器配置
-    executor:
-      # 执行器AppName：执行器心跳注册分组依据；为空则关闭自动注册
-      appname: xxl-job-executor
-      # 执行器端口号 执行器从9101开始往后写
-      port: 9101
-      # 执行器注册：默认IP:PORT
-      address:
-      # 执行器IP：默认自动获取IP
-      ip:
-      # 执行器运行日志文件存储磁盘路径
-      logpath: ./logs/xxl-job
-      # 执行器日志文件保存天数：大于3生效
-      logretentiondays: 30
+xxl.job:
+  # 执行器开关
+  enabled: true
+  # 调度中心地址：如调度中心集群部署存在多个地址则用逗号分隔。
+  admin-addresses: http://localhost:9100/xxl-job-admin
+  # 执行器通讯TOKEN：非空时启用
+  access-token: xxl-job
+  executor:
+    # 执行器AppName：执行器心跳注册分组依据；为空则关闭自动注册
+    appname: xxl-job-executor
+    # 执行器端口号 执行器从9101开始往后写
+    port: 9101
+    # 执行器注册：默认IP:PORT
+    address:
+    # 执行器IP：默认自动获取IP
+    ip:
+    # 执行器运行日志文件存储磁盘路径
+    logpath: ./logs/xxl-job
+    # 执行器日志文件保存天数：大于3生效
+    logretentiondays: 30

 --- # 数据源配置
 spring:
@ -47,11 +40,15 @@ spring:
      p6spy: true
      # 设置默认的数据源或者数据源组,默认值即为 master
      primary: master
+      # 严格模式 匹配不到数据源则报错
+      strict: true
      datasource:
        # 主库数据源
        master:
          driverClassName: com.mysql.cj.jdbc.Driver
-          url: jdbc:mysql://localhost:3306/ry-vue?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8&autoReconnect=true
+          # jdbc 所有参数配置参考 https://lionli.blog.csdn.net/article/details/122018562
+          # rewriteBatchedStatements=true 批处理优化 大幅提升批量插入更新删除性能(对数据库有性能损耗 使用批量操作应考虑性能问题)
+          url: jdbc:mysql://localhost:3306/ry-vue?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8&autoReconnect=true&rewriteBatchedStatements=true
          username: root
          password: root
        # 从库数据源
@ -61,6 +58,23 @@ spring:
          url:
          username:
          password:
+#        oracle:
+#          driverClassName: oracle.jdbc.OracleDriver
+#          url: jdbc:oracle:thin:@//localhost:1521/XE
+#          username: ROOT
+#          password: root
+#          druid:
+#            validationQuery: SELECT 1 FROM DUAL
+#        postgres:
+#          driverClassName: org.postgresql.Driver
+#          url: jdbc:postgresql://localhost:5432/postgres?useUnicode=true&characterEncoding=utf8&useSSL=true&autoReconnect=true&reWriteBatchedInserts=true
+#          username: root
+#          password: root
+#        sqlserver:
+#          driverClassName: com.microsoft.sqlserver.jdbc.SQLServerDriver
+#          url: jdbc:sqlserver://localhost:1433;DatabaseName=tempdb;SelectMethod=cursor;rewriteBatchedStatements=true
+#          username: SA
+#          password: root
      druid:
        # 初始连接数
        initialSize: 5
@ -77,7 +91,7 @@ spring:
        # 配置一个连接在池中最大生存的时间，单位是毫秒
        maxEvictableIdleTimeMillis: 900000
        # 配置检测连接是否有效
-        validationQuery: SELECT 1 FROM DUAL
+        validationQuery: SELECT 1
        testWhileIdle: true
        testOnBorrow: false
        testOnReturn: false
@ -85,29 +99,27 @@ spring:
        filters: stat

 --- # druid 配置
-spring:
-  datasource:
-    druid:
-      webStatFilter:
-        enabled: true
-      statViewServlet:
-        enabled: true
-        # 设置白名单，不填则允许所有访问
-        allow:
-        url-pattern: /druid/*
-        # 控制台管理用户名和密码
-        login-username: ruoyi
-        login-password: 123456
-      filter:
-        stat:
-          enabled: true
-          # 慢SQL记录
-          log-slow-sql: true
-          slow-sql-millis: 1000
-          merge-sql: true
-        wall:
-          config:
-            multi-statement-allow: true
+spring.datasource.druid:
+  webStatFilter:
+    enabled: true
+  statViewServlet:
+    enabled: true
+    # 设置白名单，不填则允许所有访问
+    allow:
+    url-pattern: /druid/*
+    # 控制台管理用户名和密码
+    login-username: ruoyi
+    login-password: 123456
+  filter:
+    stat:
+      enabled: true
+      # 慢SQL记录
+      log-slow-sql: true
+      slow-sql-millis: 1000
+      merge-sql: true
+    wall:
+      config:
+        multi-statement-allow: true

 --- # redis 单机配置(单机与集群只能开启一个另一个需要注释掉)
 spring:
@ -118,8 +130,8 @@ spring:
    port: 6379
    # 数据库索引
    database: 0
-    # 密码
-    password:
+    # 密码(如没有密码请注释掉)
+    # password:
    # 连接超时时间
    timeout: 10s
    # 是否开启ssl
@ -127,32 +139,54 @@ spring:

 redisson:
  # 线程池数量
-  threads: 16
+  threads: 4
  # Netty线程池数量
-  nettyThreads: 32
-  # 传输模式
-  transportMode: "NIO"
+  nettyThreads: 8
  # 单节点配置
  singleServerConfig:
    # 客户端名称
    clientName: ${ruoyi.name}
    # 最小空闲连接数
-    connectionMinimumIdleSize: 32
+    connectionMinimumIdleSize: 8
    # 连接池大小
-    connectionPoolSize: 64
+    connectionPoolSize: 32
    # 连接空闲超时，单位：毫秒
    idleConnectionTimeout: 10000
    # 命令等待超时，单位：毫秒
    timeout: 3000
-    # 如果尝试在此限制之内发送成功，则开始启用 timeout 计时。
-    retryAttempts: 3
-    # 命令重试发送时间间隔，单位：毫秒
-    retryInterval: 1500
-    # 发布和订阅连接的最小空闲连接数
-    subscriptionConnectionMinimumIdleSize: 1
    # 发布和订阅连接池大小
    subscriptionConnectionPoolSize: 50
-    # 单个连接最大订阅数量
-    subscriptionsPerConnection: 5
-    # DNS监测时间间隔，单位：毫秒
-    dnsMonitoringInterval: 5000
+
+--- # mail 邮件发送
+mail:
+  enabled: false
+  host: smtp.163.com
+  port: 465
+  # 是否需要用户名密码验证
+  auth: true
+  # 发送方，遵循RFC-822标准
+  from: xxx@163.com
+  # 用户名（注意：如果使用foxmail邮箱，此处user为qq号）
+  user: xxx@163.com
+  # 密码（注意，某些邮箱需要为SMTP服务单独设置密码，详情查看相关帮助）
+  pass: xxxxxxxxxx
+  # 使用 STARTTLS安全连接，STARTTLS是对纯文本通信协议的扩展。
+  starttlsEnable: true
+  # 使用SSL安全连接
+  sslEnable: true
+  # SMTP超时时长，单位毫秒，缺省值不超时
+  timeout: 0
+  # Socket连接超时值，单位毫秒，缺省值不超时
+  connectionTimeout: 0
+
+--- # sms 短信
+sms:
+  enabled: false
+  # 阿里云 dysmsapi.aliyuncs.com
+  # 腾讯云 sms.tencentcloudapi.com
+  endpoint: "dysmsapi.aliyuncs.com"
+  accessKeyId: xxxxxxx
+  accessKeySecret: xxxxxx
+  signName: 测试
+  # 腾讯专用
+  sdkAppId:
--- a/ruoyi-admin/src/main/resources/application-prod.yml
+++ b/ruoyi-admin/src/main/resources/application-prod.yml
@ -1,48 +1,37 @@
--- # 配置临时路径存储
-spring:
-  servlet:
-    multipart:
-      # 临时文件存储位置 避免临时文件被系统清理报错
-      location: /ruoyi/server/temp
+--- # 临时文件存储位置 避免临时文件被系统清理报错
+spring.servlet.multipart.location: /ruoyi/server/temp

--- # 监控配置
-spring:
-  boot:
-    admin:
-      # Spring Boot Admin Client 客户端的相关配置
-      client:
-        # 增加客户端开关
-        enabled: true
-        # 设置 Spring Boot Admin Server 地址
-        url: http://172.30.0.90:9090/admin
-        instance:
-          prefer-ip: true # 注册实例时，优先使用 IP
-        username: ruoyi
-        password: 123456
+--- # 监控中心配置
+spring.boot.admin.client:
+  # 增加客户端开关
+  enabled: true
+  url: http://172.30.0.90:9090/admin
+  instance:
+    service-host-type: IP
+  username: ruoyi
+  password: 123456

 --- # xxl-job 配置
-xxl:
-  job:
-    # 执行器开关
-    enabled: true
-    # 调度中心地址：如调度中心集群部署存在多个地址则用逗号分隔。
-    admin-addresses: http://172.30.0.92:9100/xxl-job-admin
-    # 执行器通讯TOKEN：非空时启用
-    access-token: xxl-job
-    # 执行器配置
-    executor:
-      # 执行器AppName：执行器心跳注册分组依据；为空则关闭自动注册
-      appname: xxl-job-executor
-      # 执行器端口号 执行器从9101开始往后写
-      port: 9101
-      # 执行器注册：默认IP:PORT
-      address:
-      # 执行器IP：默认自动获取IP
-      ip:
-      # 执行器运行日志文件存储磁盘路径
-      logpath: ./logs/xxl-job
-      # 执行器日志文件保存天数：大于3生效
-      logretentiondays: 30
+xxl.job:
+  # 执行器开关
+  enabled: true
+  # 调度中心地址：如调度中心集群部署存在多个地址则用逗号分隔。
+  admin-addresses: http://172.30.0.92:9100/xxl-job-admin
+  # 执行器通讯TOKEN：非空时启用
+  access-token: xxl-job
+  executor:
+    # 执行器AppName：执行器心跳注册分组依据；为空则关闭自动注册
+    appname: xxl-job-executor
+    # 执行器端口号 执行器从9101开始往后写
+    port: 9101
+    # 执行器注册：默认IP:PORT
+    address:
+    # 执行器IP：默认自动获取IP
+    ip:
+    # 执行器运行日志文件存储磁盘路径
+    logpath: ./logs/xxl-job
+    # 执行器日志文件保存天数：大于3生效
+    logretentiondays: 30

 --- # 数据源配置
 spring:
@ -54,11 +43,15 @@ spring:
      p6spy: false
      # 设置默认的数据源或者数据源组,默认值即为 master
      primary: master
+      # 严格模式 匹配不到数据源则报错
+      strict: true
      datasource:
        # 主库数据源
        master:
          driverClassName: com.mysql.cj.jdbc.Driver
-          url: jdbc:mysql://172.30.0.36:3306/ry-vue?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8&autoReconnect=true
+          # jdbc 所有参数配置参考 https://lionli.blog.csdn.net/article/details/122018562
+          # rewriteBatchedStatements=true 批处理优化 大幅提升批量插入更新删除性能(对数据库有性能损耗 使用批量操作应考虑性能问题)
+          url: jdbc:mysql://172.30.0.36:3306/ry-vue?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8&autoReconnect=true&rewriteBatchedStatements=true
          username: root
          password: root
        # 从库数据源
@ -68,6 +61,23 @@ spring:
          url:
          username:
          password:
+#        oracle:
+#          driverClassName: oracle.jdbc.OracleDriver
+#          url: jdbc:oracle:thin:@//172.30.0.36:1521/XE
+#          username: ROOT
+#          password: root
+#          druid:
+#            validationQuery: SELECT 1 FROM DUAL
+#        postgres:
+#          driverClassName: org.postgresql.Driver
+#          url: jdbc:postgresql://172.30.0.36:5432/postgres?useUnicode=true&characterEncoding=utf8&useSSL=true&autoReconnect=true&reWriteBatchedInserts=true
+#          username: root
+#          password: root
+#        sqlserver:
+#          driverClassName: com.microsoft.sqlserver.jdbc.SQLServerDriver
+#          url: jdbc:sqlserver://172.30.0.36:1433;DatabaseName=tempdb;SelectMethod=cursor;rewriteBatchedStatements=true
+#          username: SA
+#          password: root
      druid:
        # 初始连接数
        initialSize: 5
@ -84,7 +94,7 @@ spring:
        # 配置一个连接在池中最大生存的时间，单位是毫秒
        maxEvictableIdleTimeMillis: 900000
        # 配置检测连接是否有效
-        validationQuery: SELECT 1 FROM DUAL
+        validationQuery: SELECT 1
        testWhileIdle: true
        testOnBorrow: false
        testOnReturn: false
@ -92,29 +102,27 @@ spring:
        filters: stat

 --- # druid 配置
-spring:
-  datasource:
-    druid:
-      webStatFilter:
-        enabled: true
-      statViewServlet:
-        enabled: true
-        # 设置白名单，不填则允许所有访问
-        allow:
-        url-pattern: /druid/*
-        # 控制台管理用户名和密码
-        login-username: ruoyi
-        login-password: 123456
-      filter:
-        stat:
-          enabled: true
-          # 慢SQL记录
-          log-slow-sql: true
-          slow-sql-millis: 1000
-          merge-sql: true
-        wall:
-          config:
-            multi-statement-allow: true
+spring.datasource.druid:
+  webStatFilter:
+    enabled: true
+  statViewServlet:
+    enabled: true
+    # 设置白名单，不填则允许所有访问
+    allow:
+    url-pattern: /druid/*
+    # 控制台管理用户名和密码
+    login-username: ruoyi
+    login-password: 123456
+  filter:
+    stat:
+      enabled: true
+      # 慢SQL记录
+      log-slow-sql: true
+      slow-sql-millis: 1000
+      merge-sql: true
+    wall:
+      config:
+        multi-statement-allow: true

 --- # redis 单机配置(单机与集群只能开启一个另一个需要注释掉)
 spring:
@ -125,8 +133,8 @@ spring:
    port: 6379
    # 数据库索引
    database: 0
-    # 密码
-    password:
+    # 密码(如没有密码请注释掉)
+    # password:
    # 连接超时时间
    timeout: 10s
    # 是否开启ssl
@ -137,8 +145,6 @@ redisson:
  threads: 16
  # Netty线程池数量
  nettyThreads: 32
-  # 传输模式
-  transportMode: "NIO"
  # 单节点配置
  singleServerConfig:
    # 客户端名称
@ -151,15 +157,39 @@ redisson:
    idleConnectionTimeout: 10000
    # 命令等待超时，单位：毫秒
    timeout: 3000
-    # 如果尝试在此限制之内发送成功，则开始启用 timeout 计时。
-    retryAttempts: 3
-    # 命令重试发送时间间隔，单位：毫秒
-    retryInterval: 1500
-    # 发布和订阅连接的最小空闲连接数
-    subscriptionConnectionMinimumIdleSize: 1
    # 发布和订阅连接池大小
    subscriptionConnectionPoolSize: 50
-    # 单个连接最大订阅数量
-    subscriptionsPerConnection: 5
-    # DNS监测时间间隔，单位：毫秒
-    dnsMonitoringInterval: 5000
+
+--- # mail 邮件发送
+mail:
+  enabled: false
+  host: smtp.163.com
+  port: 465
+  # 是否需要用户名密码验证
+  auth: true
+  # 发送方，遵循RFC-822标准
+  from: xxx@163.com
+  # 用户名（注意：如果使用foxmail邮箱，此处user为qq号）
+  user: xxx@163.com
+  # 密码（注意，某些邮箱需要为SMTP服务单独设置密码，详情查看相关帮助）
+  pass: xxxxxxxxxx
+  # 使用 STARTTLS安全连接，STARTTLS是对纯文本通信协议的扩展。
+  starttlsEnable: true
+  # 使用SSL安全连接
+  sslEnable: true
+  # SMTP超时时长，单位毫秒，缺省值不超时
+  timeout: 0
+  # Socket连接超时值，单位毫秒，缺省值不超时
+  connectionTimeout: 0
+
+--- # sms 短信
+sms:
+  enabled: false
+  # 阿里云 dysmsapi.aliyuncs.com
+  # 腾讯云 sms.tencentcloudapi.com
+  endpoint: "dysmsapi.aliyuncs.com"
+  accessKeyId: xxxxxxx
+  accessKeySecret: xxxxxx
+  signName: 测试
+  # 腾讯专用
+  sdkAppId:
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@ -5,13 +5,13 @@ ruoyi:
  # 版本
  version: ${ruoyi-vue-plus.version}
  # 版权年份
-  copyrightYear: 2021
+  copyrightYear: 2022
  # 实例演示开关
  demoEnabled: true
  # 获取ip地址开关
  addressEnabled: true
  # 缓存懒加载
-  cacheLazy: true
+  cacheLazy: false

 captcha:
  # 页面 <参数设置> 可开启关闭 验证码校验
@ -53,10 +53,6 @@ logging:
    org.springframework: warn
  config: classpath:logback.xml

-# tlog 全局访问性能拦截
-tlog:
-  enable-invoke-time-print: true
-
 # Spring配置
 spring:
  application:
@ -79,10 +75,10 @@ spring:
    restart:
      # 热部署开关
      enabled: true
-  # 与vue整合部署使用
-  thymeleaf:
-    # 将系统模板放置到最前面 否则会与 springboot-admin 页面冲突
-    template-resolver-order: 1
+  mvc:
+    pathmatch:
+      # 适配 boot 2.6 路由与 springfox 兼容
+      matching-strategy: ANT_PATH_MATCHER
  jackson:
    # 日期格式化
    date-format: yyyy-MM-dd HH:mm:ss
@ -95,25 +91,40 @@ spring:
      # 允许对象忽略json中不存在的属性
      fail_on_unknown_properties: false

-# token配置
-token:
-  # 令牌自定义标识
-  header: Authorization
-  # 令牌密钥
-  secret: abcdefghijklmnopqrstuvwxyz
-  # 令牌有效期（默认30分钟）
-  expireTime: 30
+# Sa-Token配置
+sa-token:
+  # token名称 (同时也是cookie名称)
+  token-name: Authorization
+  # token有效期 设为一天 (必定过期) 单位: 秒
+  timeout: 86400
+  # token临时有效期 (指定时间无操作就过期) 单位: 秒
+  activity-timeout: 1800
+  # 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
+  is-concurrent: true
+  # 在多人登录同一账号时，是否共用一个token (为true时所有登录共用一个token, 为false时每次登录新建一个token)
+  is-share: false
+  # 是否尝试从header里读取token
+  is-read-head: true
+  # 是否尝试从cookie里读取token
+  is-read-cookie: false
+  # token前缀
+  token-prefix: "Bearer"
+  # jwt秘钥
+  jwt-secret-key: abcdefghijklmnopqrstuvwxyz
+  # 是否输出操作日志
+  is-log: true

 # security配置
 security:
-  # 登出路径
-  logout-url: /logout
-  # 匿名路径
-  anonymous:
-    - /login
-    - /register
-    - /captchaImage
+  # 排除路径
+  excludes:
+    # 静态资源
+    - /*.html
+    - /**/*.html
+    - /**/*.css
+    - /**/*.js
    # swagger 文档配置
+    - /favicon.ico
    - /doc.html
    - /swagger-resources/**
    - /webjars/**
@ -123,13 +134,6 @@ security:
    # actuator 监控配置
    - /actuator
    - /actuator/**
-  # 用户放行
-  permit-all:
-
-# 重复提交
-repeat-submit:
-  # 全局间隔时间(毫秒)
-  interval: 5000

 # MyBatisPlus配置
 # https://baomidou.com/config/
@ -143,25 +147,15 @@ mybatis-plus:
  typeAliasesPackage: com.ruoyi.**.domain
  # 启动时是否检查 MyBatis XML 文件的存在，默认不检查
  checkConfigLocation: false
-  # 通过该属性可指定 MyBatis 的执行器，MyBatis 的执行器总共有三种：
-  # SIMPLE：每个语句创建新的预处理器 REUSE：会复用预处理器 BATCH：批量执行所有的更新
-  executorType: SIMPLE
  configuration:
    # 自动驼峰命名规则（camel case）映射
    mapUnderscoreToCamelCase: true
-    # 当设置为 true 的时候，懒加载的对象可能被任何懒属性全部加载，否则，每个属性都按需加载。需要和 lazyLoadingEnabled 一起使用。
-    aggressiveLazyLoading: true
    # MyBatis 自动映射策略
    # NONE：不启用 PARTIAL：只对非嵌套 resultMap 自动映射 FULL：对所有 resultMap 自动映射
    autoMappingBehavior: PARTIAL
    # MyBatis 自动映射时未知列或未知属性处理策
    # NONE：不做处理 WARNING：打印相关警告 FAILING：抛出异常和详细信息
    autoMappingUnknownColumnBehavior: NONE
-    # Mybatis一级缓存，默认为 SESSION
-    # SESSION session级别缓存 STATEMENT 关闭一级缓存
-    localCacheScope: SESSION
-    # 开启Mybatis二级缓存，默认为 true
-    cacheEnabled: false
    # 更详细的日志输出 会有性能损耗 org.apache.ibatis.logging.stdout.StdOutImpl
    # 关闭日志记录 (可单纯使用 p6spy 分析) org.apache.ibatis.logging.nologging.NoLoggingImpl
    # 默认日志输出 org.apache.ibatis.logging.slf4j.Slf4jImpl
@ -169,16 +163,10 @@ mybatis-plus:
  global-config:
    # 是否打印 Logo banner
    banner: true
-    # 是否初始化 SqlRunner
-    enableSqlRunner: false
    dbConfig:
      # 主键类型
      # AUTO 自增 NONE 空 INPUT 用户输入 ASSIGN_ID 雪花 ASSIGN_UUID 唯一 UUID
-      idType: AUTO
-      # 表名是否使用驼峰转下划线命名,只对表名生效
-      tableUnderline: true
-      # 大写命名,对表名和字段名均生效
-      capitalMode: false
+      idType: ASSIGN_ID
      # 逻辑已删除值
      logicDeleteValue: 2
      # 逻辑未删除值
@ -221,6 +209,10 @@ knife4j:
  enable: true
  # 是否开启生产环境保护策略
  production: @knife4j.production@
+  basic:
+    enable: true
+    username: ruoyi
+    password: 123456
  # 前端Ui的个性化配置属性
  setting:
    # 默认语言
@ -245,20 +237,10 @@ xss:
 thread-pool:
  # 是否开启线程池
  enabled: false
-  # 核心线程池大小
-  corePoolSize: 8
-  # 最大可创建的线程数
-  maxPoolSize: 16
  # 队列最大长度
  queueCapacity: 128
  # 线程池维护线程所允许的空闲时间
  keepAliveSeconds: 300
-  # 线程池对拒绝任务(无线程可用)的处理策略
-  # CALLER_RUNS_POLICY 调用方执行
-  # DISCARD_OLDEST_POLICY 放弃最旧的
-  # DISCARD_POLICY 丢弃
-  # ABORT_POLICY 中止
-  rejectedExecutionHandler: CALLER_RUNS_POLICY

 --- # redisson 缓存配置
 redisson:
@ -286,8 +268,6 @@ lock4j:
 management:
  endpoints:
    web:
-      # Actuator 提供的 API 接口的根目录。默认为 /actuator
-      base-path: /actuator
      exposure:
        # 需要开放的端点。默认值只打开 health 和 info 两个端点。通过设置 * ，可以开放所有端点。
        # 生产环境不建议放开所有 根据项目需求放开即可
--- a/ruoyi-admin/src/main/resources/i18n/messages.properties
+++ b/ruoyi-admin/src/main/resources/i18n/messages.properties
@ -2,21 +2,28 @@
 not.null=* 必须填写
 user.jcaptcha.error=验证码错误
 user.jcaptcha.expire=验证码已失效
-user.not.exists=用户不存在/密码错误
+user.not.exists=对不起, 您的账号：{0} 不存在.
 user.password.not.match=用户不存在/密码错误
 user.password.retry.limit.count=密码输入错误{0}次
-user.password.retry.limit.exceed=密码输入错误{0}次，帐户锁定10分钟
-user.password.delete=对不起，您的账号已被删除
-user.blocked=用户已封禁，请联系管理员
+user.password.retry.limit.exceed=密码错误次数过多，帐户锁定{0}分钟
+user.password.delete=对不起，您的账号：{0} 已被删除
+user.blocked=对不起，您的账号：{0} 已禁用，请联系管理员
 role.blocked=角色已封禁，请联系管理员
 user.logout.success=退出成功
 length.not.valid=长度必须在{min}到{max}个字符之间
+user.username.not.blank=用户名不能为空
 user.username.not.valid=* 2到20个汉字、字母、数字或下划线组成，且必须以非数字开头
+user.username.length.valid=账户长度必须在{min}到{max}个字符之间
+user.password.not.blank=用户密码不能为空
+user.password.length.valid=用户密码长度必须在{min}到{max}个字符之间
 user.password.not.valid=* 5-50个字符
 user.email.not.valid=邮箱格式错误
+user.phonenumber.not.blank=用户手机号不能为空
 user.mobile.phone.number.not.valid=手机号格式错误
 user.login.success=登录成功
 user.register.success=注册成功
+user.register.save.error=保存用户 {0} 失败，注册账号已存在
+user.register.error=注册失败，请联系系统管理人员
 user.notfound=请重新登录
 user.forcelogout=管理员强制退出，请重新登录
 user.unknown.error=未知错误，请重新登录
@ -30,3 +37,9 @@ no.update.permission=您没有修改数据的权限，请联系管理员添加
 no.delete.permission=您没有删除数据的权限，请联系管理员添加权限 [{0}]
 no.export.permission=您没有导出数据的权限，请联系管理员添加权限 [{0}]
 no.view.permission=您没有查看数据的权限，请联系管理员添加权限 [{0}]
+repeat.submit.message=不允许重复提交，请稍候再试
+rate.limiter.message=访问过于频繁，请稍候再试
+sms.code.not.blank=短信验证码不能为空
+sms.code.retry.limit.count=短信验证码输入错误{0}次
+sms.code.retry.limit.exceed=短信验证码错误次数过多，帐户锁定{0}分钟
+xcx.code.not.blank=小程序code不能为空
--- a/ruoyi-admin/src/main/resources/i18n/messages_en_US.properties
+++ b/ruoyi-admin/src/main/resources/i18n/messages_en_US.properties
@ -2,21 +2,28 @@
 not.null=* Required fill in
 user.jcaptcha.error=Captcha error
 user.jcaptcha.expire=Captcha invalid
-user.not.exists=User does not exist/Password error
+user.not.exists=Sorry, your account: {0} does not exist
 user.password.not.match=User does not exist/Password error
 user.password.retry.limit.count=Password input error {0} times
-user.password.retry.limit.exceed=Password input error {0} times, account locked for 10 minutes
-user.password.delete=Sorry, your account has been deleted
-user.blocked=User disabled，please contact administrators
+user.password.retry.limit.exceed=Too many password errors, account locked for {0} minutes
+user.password.delete=Sorry, your account：{0} has been deleted
+user.blocked=Sorry, your account: {0} has been disabled. Please contact the administrator
 role.blocked=Role disabled，please contact administrators
 user.logout.success=Exit successful
 length.not.valid=The length must be between {min} and {max} characters
+user.username.not.blank=Username cannot be blank
 user.username.not.valid=* 2 to 20 chinese characters, letters, numbers or underscores, and must start with a non number
+user.username.length.valid=Account length must be between {min} and {max} characters
+user.password.not.blank=Password cannot be empty
+user.password.length.valid=Password length must be between {min} and {max} characters
 user.password.not.valid=* 5-50 characters
 user.email.not.valid=Mailbox format error
+user.phonenumber.not.blank=Phone number cannot be blank
 user.mobile.phone.number.not.valid=Phone number format error
 user.login.success=Login successful
 user.register.success=Register successful
+user.register.save.error=Failed to save user {0}, The registered account already exists
+user.register.error=Register failed, please contact system administrator
 user.notfound=Please login again
 user.forcelogout=The administrator is forced to exit，please login again
 user.unknown.error=Unknown error, please login again
@ -30,3 +37,9 @@ no.update.permission=You do not have permission to modify data，please contact
 no.delete.permission=You do not have permission to delete data，please contact your administrator to add permissions [{0}]
 no.export.permission=You do not have permission to export data，please contact your administrator to add permissions [{0}]
 no.view.permission=You do not have permission to view data，please contact your administrator to add permissions [{0}]
+repeat.submit.message=Repeat submit is not allowed, please try again later
+rate.limiter.message=Visit too frequently, please try again later
+sms.code.not.blank=Sms code cannot be blank
+sms.code.retry.limit.count=Sms code input error {0} times
+sms.code.retry.limit.exceed=Too many sms code errors, account locked for {0} minutes
+xcx.code.not.blank=Mini program code cannot be blank
--- a/ruoyi-admin/src/main/resources/i18n/messages_zh_CN.properties
+++ b/ruoyi-admin/src/main/resources/i18n/messages_zh_CN.properties
@ -2,21 +2,28 @@
 not.null=* 必须填写
 user.jcaptcha.error=验证码错误
 user.jcaptcha.expire=验证码已失效
-user.not.exists=用户不存在/密码错误
+user.not.exists=对不起, 您的账号：{0} 不存在.
 user.password.not.match=用户不存在/密码错误
 user.password.retry.limit.count=密码输入错误{0}次
-user.password.retry.limit.exceed=密码输入错误{0}次，帐户锁定10分钟
-user.password.delete=对不起，您的账号已被删除
-user.blocked=用户已封禁，请联系管理员
+user.password.retry.limit.exceed=密码错误次数过多，帐户锁定{0}分钟
+user.password.delete=对不起，您的账号：{0} 已被删除
+user.blocked=对不起，您的账号：{0} 已禁用，请联系管理员
 role.blocked=角色已封禁，请联系管理员
 user.logout.success=退出成功
 length.not.valid=长度必须在{min}到{max}个字符之间
+user.username.not.blank=用户名不能为空
 user.username.not.valid=* 2到20个汉字、字母、数字或下划线组成，且必须以非数字开头
+user.username.length.valid=账户长度必须在{min}到{max}个字符之间
+user.password.not.blank=用户密码不能为空
+user.password.length.valid=用户密码长度必须在{min}到{max}个字符之间
 user.password.not.valid=* 5-50个字符
 user.email.not.valid=邮箱格式错误
+user.phonenumber.not.blank=用户手机号不能为空
 user.mobile.phone.number.not.valid=手机号格式错误
 user.login.success=登录成功
 user.register.success=注册成功
+user.register.save.error=保存用户 {0} 失败，注册账号已存在
+user.register.error=注册失败，请联系系统管理人员
 user.notfound=请重新登录
 user.forcelogout=管理员强制退出，请重新登录
 user.unknown.error=未知错误，请重新登录
@ -30,3 +37,9 @@ no.update.permission=您没有修改数据的权限，请联系管理员添加
 no.delete.permission=您没有删除数据的权限，请联系管理员添加权限 [{0}]
 no.export.permission=您没有导出数据的权限，请联系管理员添加权限 [{0}]
 no.view.permission=您没有查看数据的权限，请联系管理员添加权限 [{0}]
+repeat.submit.message=不允许重复提交，请稍候再试
+rate.limiter.message=访问过于频繁，请稍候再试
+sms.code.not.blank=短信验证码不能为空
+sms.code.retry.limit.count=短信验证码输入错误{0}次
+sms.code.retry.limit.exceed=短信验证码错误次数过多，帐户锁定{0}分钟
+xcx.code.not.blank=小程序code不能为空
--- a/ruoyi-admin/src/main/resources/logback.xml
+++ b/ruoyi-admin/src/main/resources/logback.xml
@ -5,13 +5,13 @@
              value="%red(%d{yyyy-MM-dd HH:mm:ss}) %green([%thread]) %highlight(%-5level) %boldMagenta(%logger{36}%n) - %msg%n"/>
    <property name="log.pattern" value="%d{yyyy-MM-dd HH:mm:ss} [%thread] %-5level %logger{36} - %msg%n"/>

-	<!-- 控制台输出 -->
-	<appender name="console" class="ch.qos.logback.core.ConsoleAppender">
+    <!-- 控制台输出 -->
+    <appender name="console" class="ch.qos.logback.core.ConsoleAppender">
        <encoder class="com.yomahub.tlog.core.enhance.logback.AspectLogbackEncoder">
-			<pattern>${console.log.pattern}</pattern>
+            <pattern>${console.log.pattern}</pattern>
            <charset>utf-8</charset>
-		</encoder>
-	</appender>
+        </encoder>
+    </appender>

    <!-- 控制台输出 -->
    <appender name="file_console" class="ch.qos.logback.core.rolling.RollingFileAppender">
@ -32,20 +32,20 @@
        </filter>
    </appender>

-	<!-- 系统日志输出 -->
-	<appender name="file_info" class="ch.qos.logback.core.rolling.RollingFileAppender">
-	    <file>${log.path}/sys-info.log</file>
+    <!-- 系统日志输出 -->
+    <appender name="file_info" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${log.path}/sys-info.log</file>
        <!-- 循环政策：基于时间创建日志文件 -->
-		<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+        <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
            <!-- 日志文件名格式 -->
-			<fileNamePattern>${log.path}/sys-info.%d{yyyy-MM-dd}.log</fileNamePattern>
-			<!-- 日志最大的历史 60天 -->
-			<maxHistory>60</maxHistory>
-		</rollingPolicy>
+            <fileNamePattern>${log.path}/sys-info.%d{yyyy-MM-dd}.log</fileNamePattern>
+            <!-- 日志最大的历史 60天 -->
+            <maxHistory>60</maxHistory>
+        </rollingPolicy>
        <encoder class="com.yomahub.tlog.core.enhance.logback.AspectLogbackEncoder">
-			<pattern>${log.pattern}</pattern>
-		</encoder>
-		<filter class="ch.qos.logback.classic.filter.LevelFilter">
+            <pattern>${log.pattern}</pattern>
+        </encoder>
+        <filter class="ch.qos.logback.classic.filter.LevelFilter">
            <!-- 过滤的级别 -->
            <level>INFO</level>
            <!-- 匹配时的操作：接收（记录） -->
@ -53,16 +53,16 @@
            <!-- 不匹配时的操作：拒绝（不记录） -->
            <onMismatch>DENY</onMismatch>
        </filter>
-	</appender>
+    </appender>

-	<appender name="file_error" class="ch.qos.logback.core.rolling.RollingFileAppender">
-	    <file>${log.path}/sys-error.log</file>
+    <appender name="file_error" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${log.path}/sys-error.log</file>
        <!-- 循环政策：基于时间创建日志文件 -->
        <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
            <!-- 日志文件名格式 -->
            <fileNamePattern>${log.path}/sys-error.%d{yyyy-MM-dd}.log</fileNamePattern>
-			<!-- 日志最大的历史 60天 -->
-			<maxHistory>60</maxHistory>
+            <!-- 日志最大的历史 60天 -->
+            <maxHistory>60</maxHistory>
        </rollingPolicy>
        <encoder class="com.yomahub.tlog.core.enhance.logback.AspectLogbackEncoder">
            <pattern>${log.pattern}</pattern>
@ -70,26 +70,38 @@
        <filter class="ch.qos.logback.classic.filter.LevelFilter">
            <!-- 过滤的级别 -->
            <level>ERROR</level>
-			<!-- 匹配时的操作：接收（记录） -->
+            <!-- 匹配时的操作：接收（记录） -->
            <onMatch>ACCEPT</onMatch>
-			<!-- 不匹配时的操作：拒绝（不记录） -->
+            <!-- 不匹配时的操作：拒绝（不记录） -->
            <onMismatch>DENY</onMismatch>
        </filter>
    </appender>

-	<!-- 系统模块日志级别控制  -->
-	<logger name="com.ruoyi" level="info" />
-	<!-- Spring日志级别控制  -->
-	<logger name="org.springframework" level="warn" />
+    <!-- info异步输出 -->
+    <appender name="async_info" class="com.yomahub.tlog.core.enhance.logback.async.AspectLogbackAsyncAppender">
+        <!-- 不丢失日志.默认的,如果队列的80%已满,则会丢弃TRACT、DEBUG、INFO级别的日志 -->
+        <discardingThreshold>0</discardingThreshold>
+        <!-- 更改默认的队列的深度,该值会影响性能.默认值为256 -->
+        <queueSize>512</queueSize>
+        <!-- 添加附加的appender,最多只能添加一个 -->
+        <appender-ref ref="file_info"/>
+    </appender>

-	<root level="info">
-		<appender-ref ref="console" />
-	</root>
+    <!-- error异步输出 -->
+    <appender name="async_error" class="com.yomahub.tlog.core.enhance.logback.async.AspectLogbackAsyncAppender">
+        <!-- 不丢失日志.默认的,如果队列的80%已满,则会丢弃TRACT、DEBUG、INFO级别的日志 -->
+        <discardingThreshold>0</discardingThreshold>
+        <!-- 更改默认的队列的深度,该值会影响性能.默认值为256 -->
+        <queueSize>512</queueSize>
+        <!-- 添加附加的appender,最多只能添加一个 -->
+        <appender-ref ref="file_error"/>
+    </appender>

-	<!--系统操作日志-->
+    <!--系统操作日志-->
    <root level="info">
-        <appender-ref ref="file_info" />
-        <appender-ref ref="file_error" />
+        <appender-ref ref="console" />
+        <appender-ref ref="async_info" />
+        <appender-ref ref="async_error" />
        <appender-ref ref="file_console" />
    </root>

--- a/ruoyi-common/pom.xml
+++ b/ruoyi-common/pom.xml
@ -5,7 +5,7 @@
    <parent>
        <artifactId>ruoyi-vue-plus</artifactId>
        <groupId>com.ruoyi</groupId>
-        <version>3.4.0</version>
+        <version>4.2.0</version>
    </parent>
    <modelVersion>4.0.0</modelVersion>

@ -29,10 +29,15 @@
            <artifactId>spring-web</artifactId>
        </dependency>

-        <!-- spring security 安全认证 -->
+        <!-- Sa-Token 权限认证, 在线文档：http://sa-token.dev33.cn/ -->
        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-security</artifactId>
+            <groupId>cn.dev33</groupId>
+            <artifactId>sa-token-spring-boot-starter</artifactId>
+        </dependency>
+        <!-- Sa-Token 整合 jwt -->
+        <dependency>
+            <groupId>cn.dev33</groupId>
+            <artifactId>sa-token-jwt</artifactId>
        </dependency>

        <!-- 自定义验证注解 -->
@ -53,12 +58,6 @@
            <artifactId>jackson-databind</artifactId>
        </dependency>

-        <!-- excel工具 -->
-        <dependency>
-            <groupId>org.apache.poi</groupId>
-            <artifactId>poi-ooxml</artifactId>
-        </dependency>
-
        <dependency>
            <groupId>com.alibaba</groupId>
            <artifactId>easyexcel</artifactId>
@ -70,18 +69,6 @@
            <artifactId>snakeyaml</artifactId>
        </dependency>

-        <!-- Token生成与解析-->
-        <dependency>
-            <groupId>io.jsonwebtoken</groupId>
-            <artifactId>jjwt</artifactId>
-        </dependency>
-
-        <!-- jdk11 缺失依赖 jaxb-->
-        <dependency>
-            <groupId>com.sun.xml.bind</groupId>
-            <artifactId>jaxb-impl</artifactId>
-        </dependency>
-
        <!-- servlet包 -->
        <dependency>
            <groupId>javax.servlet</groupId>
@ -96,18 +83,46 @@
            <groupId>com.baomidou</groupId>
            <artifactId>mybatis-plus-extension</artifactId>
        </dependency>
+
+        <!-- dynamic-datasource 多数据源-->
        <dependency>
-            <groupId>cn.hutool</groupId>
-            <artifactId>hutool-all</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.projectlombok</groupId>
-            <artifactId>lombok</artifactId>
+            <groupId>com.baomidou</groupId>
+            <artifactId>dynamic-datasource-spring-boot-starter</artifactId>
        </dependency>

        <dependency>
-            <groupId>de.codecentric</groupId>
-            <artifactId>spring-boot-admin-starter-client</artifactId>
+            <groupId>cn.hutool</groupId>
+            <artifactId>hutool-core</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>cn.hutool</groupId>
+            <artifactId>hutool-http</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>cn.hutool</groupId>
+            <artifactId>hutool-captcha</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>cn.hutool</groupId>
+            <artifactId>hutool-jwt</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>cn.hutool</groupId>
+            <artifactId>hutool-extra</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>com.sun.mail</groupId>
+            <artifactId>jakarta.mail</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok</artifactId>
        </dependency>

        <dependency>
@ -120,10 +135,6 @@
            <artifactId>swagger-annotations</artifactId>
        </dependency>

-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-actuator</artifactId>
-        </dependency>
        <!--  自动生成YML配置关联JSON文件  -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
@ -141,16 +152,6 @@
            <artifactId>lock4j-redisson-spring-boot-starter</artifactId>
        </dependency>

-        <dependency>
-            <groupId>com.yomahub</groupId>
-            <artifactId>tlog-spring-boot-configuration</artifactId>
-        </dependency>
-
-        <dependency>
-            <groupId>com.yomahub</groupId>
-            <artifactId>tlog-webroot</artifactId>
-        </dependency>
-
    </dependencies>

 </project>
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Anonymous.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Anonymous.java
@ -0,0 +1,18 @@
+package com.ruoyi.common.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 匿名访问不鉴权注解
+ *
+ * @author ruoyi
+ */
+@Target({ElementType.METHOD, ElementType.TYPE})
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface Anonymous {
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/CellMerge.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/CellMerge.java
@ -0,0 +1,24 @@
+package com.ruoyi.common.annotation;
+
+import com.ruoyi.common.excel.CellMergeStrategy;
+
+import java.lang.annotation.*;
+
+/**
+ * excel 列单元格合并(合并列相同项)
+ *
+ * 需搭配 {@link CellMergeStrategy} 策略使用
+ *
+ * @author Lion Li
+ */
+@Target(ElementType.FIELD)
+@Retention(RetentionPolicy.RUNTIME)
+@Inherited
+public @interface CellMerge {
+
+	/**
+	 * col index
+	 */
+	int index() default -1;
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataColumn.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataColumn.java
@ -0,0 +1,26 @@
+package com.ruoyi.common.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * 数据权限
+ *
+ * @author Lion Li
+ * @version 3.5.0
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface DataColumn {
+
+    /**
+     * 占位符关键字
+     */
+    String key() default "deptName";
+
+    /**
+     * 占位符替换值
+     */
+    String value() default "dept_id";
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataPermission.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataPermission.java
@ -0,0 +1,18 @@
+package com.ruoyi.common.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * 数据权限组
+ *
+ * @author Lion Li
+ * @version 3.5.0
+ */
+@Target({ElementType.METHOD, ElementType.TYPE})
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface DataPermission {
+
+    DataColumn[] value();
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataScope.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataScope.java
@ -1,28 +0,0 @@
-package com.ruoyi.common.annotation;
-
-import java.lang.annotation.*;
-
-/**
- * 数据权限过滤注解
- *
- * @author ruoyi
- */
-@Target(ElementType.METHOD)
-@Retention(RetentionPolicy.RUNTIME)
-@Documented
-public @interface DataScope {
-    /**
-     * 部门表的别名
-     */
-    String deptAlias() default "";
-
-    /**
-     * 用户表的别名
-     */
-    String userAlias() default "";
-
-    /**
-     * 是否过滤用户权限
-     */
-    boolean isUser() default false;
-}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataSource.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/DataSource.java
@ -1,23 +0,0 @@
-package com.ruoyi.common.annotation;
-
-import com.ruoyi.common.enums.DataSourceType;
-
-import java.lang.annotation.*;
-
-/**
- * 自定义多数据源切换注解
- * <p>
- * 优先级：先方法，后类，如果方法覆盖了类上的数据源类型，以方法的为准，否则以类上的为准
- *
- * @author ruoyi
- */
-@Target({ElementType.METHOD, ElementType.TYPE})
-@Retention(RetentionPolicy.RUNTIME)
-@Documented
-@Inherited
-public @interface DataSource {
-    /**
-     * 切换数据源名称
-     */
-    DataSourceType value() default DataSourceType.MASTER;
-}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/RepeatSubmit.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/RepeatSubmit.java
@ -22,8 +22,8 @@ public @interface RepeatSubmit {
    TimeUnit timeUnit() default TimeUnit.MILLISECONDS;

    /**
-     * 提示消息
+     * 提示消息 支持国际化 格式为 {code}
     */
-    String message() default "不允许重复提交，请稍候再试";
+    String message() default "{repeat.submit.message}";

 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Sensitive.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Sensitive.java
@ -0,0 +1,24 @@
+package com.ruoyi.common.annotation;
+
+import com.fasterxml.jackson.annotation.JacksonAnnotationsInside;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import com.ruoyi.common.enums.SensitiveStrategy;
+import com.ruoyi.common.jackson.SensitiveJsonSerializer;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 数据脱敏注解
+ *
+ * @author zhujie
+ */
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.FIELD)
+@JacksonAnnotationsInside
+@JsonSerialize(using = SensitiveJsonSerializer.class)
+public @interface Sensitive {
+    SensitiveStrategy strategy();
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/captcha/UnsignedMathGenerator.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/captcha/UnsignedMathGenerator.java
@ -13,73 +13,73 @@ import com.ruoyi.common.utils.StringUtils;
 */
 public class UnsignedMathGenerator implements CodeGenerator {

-	private static final long serialVersionUID = -5514819971774091076L;
+    private static final long serialVersionUID = -5514819971774091076L;

-	private static final String operators = "+-*";
+    private static final String OPERATORS = "+-*";

-	/**
-	 * 参与计算数字最大长度
-	 */
-	private final int numberLength;
+    /**
+     * 参与计算数字最大长度
+     */
+    private final int numberLength;

-	/**
-	 * 构造
-	 */
-	public UnsignedMathGenerator() {
-		this(2);
-	}
+    /**
+     * 构造
+     */
+    public UnsignedMathGenerator() {
+        this(2);
+    }

-	/**
-	 * 构造
-	 *
-	 * @param numberLength 参与计算最大数字位数
-	 */
-	public UnsignedMathGenerator(int numberLength) {
-		this.numberLength = numberLength;
-	}
+    /**
+     * 构造
+     *
+     * @param numberLength 参与计算最大数字位数
+     */
+    public UnsignedMathGenerator(int numberLength) {
+        this.numberLength = numberLength;
+    }

-	@Override
-	public String generate() {
-		final int limit = getLimit();
-		int min = RandomUtil.randomInt(limit);
-		int max = RandomUtil.randomInt(min, limit);
-		String number1 = Integer.toString(max);
-		String number2 = Integer.toString(min);
-		number1 = StringUtils.rightPad(number1, this.numberLength, CharUtil.SPACE);
-		number2 = StringUtils.rightPad(number2, this.numberLength, CharUtil.SPACE);
+    @Override
+    public String generate() {
+        final int limit = getLimit();
+        int a = RandomUtil.randomInt(limit);
+        int b = RandomUtil.randomInt(limit);
+        String max = Integer.toString(Math.max(a,b));
+        String min = Integer.toString(Math.min(a,b));
+        max = StringUtils.rightPad(max, this.numberLength, CharUtil.SPACE);
+        min = StringUtils.rightPad(min, this.numberLength, CharUtil.SPACE);

-		return number1 + RandomUtil.randomChar(operators) + number2 + '=';
-	}
+        return max + RandomUtil.randomChar(OPERATORS) + min + '=';
+    }

-	@Override
-	public boolean verify(String code, String userInputCode) {
-		int result;
-		try {
-			result = Integer.parseInt(userInputCode);
-		} catch (NumberFormatException e) {
-			// 用户输入非数字
-			return false;
-		}
+    @Override
+    public boolean verify(String code, String userInputCode) {
+        int result;
+        try {
+            result = Integer.parseInt(userInputCode);
+        } catch (NumberFormatException e) {
+            // 用户输入非数字
+            return false;
+        }

-		final int calculateResult = (int) Calculator.conversion(code);
-		return result == calculateResult;
-	}
+        final int calculateResult = (int) Calculator.conversion(code);
+        return result == calculateResult;
+    }

-	/**
-	 * 获取验证码长度
-	 *
-	 * @return 验证码长度
-	 */
-	public int getLength() {
-		return this.numberLength * 2 + 2;
-	}
+    /**
+     * 获取验证码长度
+     *
+     * @return 验证码长度
+     */
+    public int getLength() {
+        return this.numberLength * 2 + 2;
+    }

-	/**
-	 * 根据长度获取参与计算数字最大值
-	 *
-	 * @return 最大值
-	 */
-	private int getLimit() {
-		return Integer.parseInt("1" + StringUtils.repeat('0', this.numberLength));
-	}
+    /**
+     * 根据长度获取参与计算数字最大值
+     *
+     * @return 最大值
+     */
+    private int getLimit() {
+        return Integer.parseInt("1" + StringUtils.repeat('0', this.numberLength));
+    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/config/RuoYiConfig.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/config/RuoYiConfig.java
@ -2,7 +2,6 @@ package com.ruoyi.common.config;

 import lombok.Data;
 import lombok.Getter;
-import lombok.experimental.Accessors;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.stereotype.Component;

@ -13,7 +12,6 @@ import org.springframework.stereotype.Component;
 */

@Data
-@Accessors(chain = true)
@Component
@ConfigurationProperties(prefix = "ruoyi")
 public class RuoYiConfig {
--- a/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
@ -1,136 +1,126 @@
 package com.ruoyi.common.constant;

-import io.jsonwebtoken.Claims;
-
 /**
 * 通用常量信息
 *
 * @author ruoyi
 */
-public class Constants {
+public interface Constants {
+
    /**
     * UTF-8 字符集
     */
-    public static final String UTF8 = "UTF-8";
+    String UTF8 = "UTF-8";

    /**
     * GBK 字符集
     */
-    public static final String GBK = "GBK";
+    String GBK = "GBK";

    /**
     * http请求
     */
-    public static final String HTTP = "http://";
+    String HTTP = "http://";

    /**
     * https请求
     */
-    public static final String HTTPS = "https://";
+    String HTTPS = "https://";

    /**
     * 通用成功标识
     */
-    public static final String SUCCESS = "0";
+    String SUCCESS = "0";

    /**
     * 通用失败标识
     */
-    public static final String FAIL = "1";
+    String FAIL = "1";

    /**
     * 登录成功
     */
-    public static final String LOGIN_SUCCESS = "Success";
+    String LOGIN_SUCCESS = "Success";

    /**
     * 注销
     */
-    public static final String LOGOUT = "Logout";
+    String LOGOUT = "Logout";

    /**
     * 注册
     */
-    public static final String REGISTER = "Register";
+    String REGISTER = "Register";

    /**
     * 登录失败
     */
-    public static final String LOGIN_FAIL = "Error";
+    String LOGIN_FAIL = "Error";

    /**
     * 验证码 redis key
     */
-    public static final String CAPTCHA_CODE_KEY = "captcha_codes:";
+    String CAPTCHA_CODE_KEY = "captcha_codes:";

    /**
     * 登录用户 redis key
     */
-    public static final String LOGIN_TOKEN_KEY = "login_tokens:";
+    String LOGIN_TOKEN_KEY = "Authorization:login:token:";
+
+    /**
+     * 在线用户 redis key
+     */
+    String ONLINE_TOKEN_KEY = "online_tokens:";

    /**
     * 防重提交 redis key
     */
-    public static final String REPEAT_SUBMIT_KEY = "repeat_submit:";
+    String REPEAT_SUBMIT_KEY = "repeat_submit:";

    /**
     * 限流 redis key
     */
-    public static final String RATE_LIMIT_KEY = "rate_limit:";
+    String RATE_LIMIT_KEY = "rate_limit:";

    /**
     * 验证码有效期（分钟）
     */
-    public static final Integer CAPTCHA_EXPIRATION = 2;
+    Integer CAPTCHA_EXPIRATION = 2;
+
+    /**
+     * 登陆错误 redis key
+     */
+    String LOGIN_ERROR = "login_error:";
+
+    /**
+     * 登录错误次数
+     */
+    Integer LOGIN_ERROR_NUMBER = 5;
+
+    /**
+     * 登录错误限制时间(分钟)
+     */
+    Integer LOGIN_ERROR_LIMIT_TIME = 10;

    /**
     * 令牌
     */
-    public static final String TOKEN = "token";
+    String TOKEN = "token";

    /**
     * 令牌前缀
     */
-    public static final String TOKEN_PREFIX = "Bearer ";
-
-    /**
-     * 令牌前缀
-     */
-    public static final String LOGIN_USER_KEY = "login_user_key";
-
-    /**
-     * 用户ID
-     */
-    public static final String JWT_USERID = "userid";
-
-    /**
-     * 用户名称
-     */
-    public static final String JWT_USERNAME = Claims.SUBJECT;
-
-    /**
-     * 用户头像
-     */
-    public static final String JWT_AVATAR = "avatar";
-
-    /**
-     * 创建时间
-     */
-    public static final String JWT_CREATED = "created";
-
-    /**
-     * 用户权限
-     */
-    public static final String JWT_AUTHORITIES = "authorities";
+    String LOGIN_USER_KEY = "login_user_key";

    /**
     * 参数管理 cache key
     */
-    public static final String SYS_CONFIG_KEY = "sys_config:";
+    String SYS_CONFIG_KEY = "sys_config:";

    /**
     * 字典管理 cache key
     */
-    public static final String SYS_DICT_KEY = "sys_dict:";
+    String SYS_DICT_KEY = "sys_dict:";

 }
+
--- a/ruoyi-common/src/main/java/com/ruoyi/common/constant/GenConstants.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/constant/GenConstants.java
@ -5,184 +5,189 @@ package com.ruoyi.common.constant;
 *
 * @author ruoyi
 */
-public class GenConstants {
+public interface GenConstants {
    /**
     * 单表（增删改查）
     */
-    public static final String TPL_CRUD = "crud";
+    String TPL_CRUD = "crud";

    /**
     * 树表（增删改查）
     */
-    public static final String TPL_TREE = "tree";
+    String TPL_TREE = "tree";

    /**
     * 主子表（增删改查）
     */
-    public static final String TPL_SUB = "sub";
+    String TPL_SUB = "sub";

    /**
     * 树编码字段
     */
-    public static final String TREE_CODE = "treeCode";
+    String TREE_CODE = "treeCode";

    /**
     * 树父编码字段
     */
-    public static final String TREE_PARENT_CODE = "treeParentCode";
+    String TREE_PARENT_CODE = "treeParentCode";

    /**
     * 树名称字段
     */
-    public static final String TREE_NAME = "treeName";
+    String TREE_NAME = "treeName";

    /**
     * 上级菜单ID字段
     */
-    public static final String PARENT_MENU_ID = "parentMenuId";
+    String PARENT_MENU_ID = "parentMenuId";

    /**
     * 上级菜单名称字段
     */
-    public static final String PARENT_MENU_NAME = "parentMenuName";
+    String PARENT_MENU_NAME = "parentMenuName";

    /**
     * 数据库字符串类型
     */
-    public static final String[] COLUMNTYPE_STR = {"char", "varchar", "nvarchar", "varchar2"};
+    String[] COLUMNTYPE_STR = {"char", "varchar", "nvarchar", "varchar2"};

    /**
     * 数据库文本类型
     */
-    public static final String[] COLUMNTYPE_TEXT = {"tinytext", "text", "mediumtext", "longtext"};
+    String[] COLUMNTYPE_TEXT = {"tinytext", "text", "mediumtext", "longtext"};

    /**
     * 数据库时间类型
     */
-    public static final String[] COLUMNTYPE_TIME = {"datetime", "time", "date", "timestamp"};
+    String[] COLUMNTYPE_TIME = {"datetime", "time", "date", "timestamp"};

    /**
     * 数据库数字类型
     */
-    public static final String[] COLUMNTYPE_NUMBER = {"tinyint", "smallint", "mediumint", "int", "number", "integer",
-            "bit", "bigint", "float", "double", "decimal"};
+    String[] COLUMNTYPE_NUMBER = {"tinyint", "smallint", "mediumint", "int", "number", "integer",
+        "bit", "bigint", "float", "double", "decimal"};

    /**
     * BO对象 不需要添加字段
     */
-    public static final String[] COLUMNNAME_NOT_ADD = {"create_by", "create_time", "del_flag", "update_by",
-            "update_time", "version"};
+    String[] COLUMNNAME_NOT_ADD = {"create_by", "create_time", "del_flag", "update_by",
+        "update_time", "version"};

    /**
     * BO对象 不需要编辑字段
     */
-    public static final String[] COLUMNNAME_NOT_EDIT = {"create_by", "create_time", "del_flag", "update_by",
-            "update_time", "version"};
+    String[] COLUMNNAME_NOT_EDIT = {"create_by", "create_time", "del_flag", "update_by",
+        "update_time", "version"};

    /**
     * VO对象 不需要返回字段
     */
-    public static final String[] COLUMNNAME_NOT_LIST = {"create_by", "create_time", "del_flag", "update_by",
-            "update_time", "version"};
+    String[] COLUMNNAME_NOT_LIST = {"create_by", "create_time", "del_flag", "update_by",
+        "update_time", "version"};

    /**
     * BO对象 不需要查询字段
     */
-    public static final String[] COLUMNNAME_NOT_QUERY = {"id", "create_by", "create_time", "del_flag", "update_by",
-            "update_time", "remark", "version"};
+    String[] COLUMNNAME_NOT_QUERY = {"id", "create_by", "create_time", "del_flag", "update_by",
+        "update_time", "remark", "version"};

    /**
     * Entity基类字段
     */
-    public static final String[] BASE_ENTITY = {"createBy", "createTime", "updateBy", "updateTime"};
+    String[] BASE_ENTITY = {"createBy", "createTime", "updateBy", "updateTime"};

    /**
     * Tree基类字段
     */
-    public static final String[] TREE_ENTITY = {"parentName", "parentId", "children"};
+    String[] TREE_ENTITY = {"parentName", "parentId", "children"};

    /**
     * 文本框
     */
-    public static final String HTML_INPUT = "input";
+    String HTML_INPUT = "input";

    /**
     * 文本域
     */
-    public static final String HTML_TEXTAREA = "textarea";
+    String HTML_TEXTAREA = "textarea";

    /**
     * 下拉框
     */
-    public static final String HTML_SELECT = "select";
+    String HTML_SELECT = "select";

    /**
     * 单选框
     */
-    public static final String HTML_RADIO = "radio";
+    String HTML_RADIO = "radio";

    /**
     * 复选框
     */
-    public static final String HTML_CHECKBOX = "checkbox";
+    String HTML_CHECKBOX = "checkbox";

    /**
     * 日期控件
     */
-    public static final String HTML_DATETIME = "datetime";
+    String HTML_DATETIME = "datetime";

    /**
     * 图片上传控件
     */
-    public static final String HTML_IMAGE_UPLOAD = "imageUpload";
+    String HTML_IMAGE_UPLOAD = "imageUpload";

    /**
     * 文件上传控件
     */
-    public static final String HTML_FILE_UPLOAD = "fileUpload";
+    String HTML_FILE_UPLOAD = "fileUpload";

    /**
     * 富文本控件
     */
-    public static final String HTML_EDITOR = "editor";
+    String HTML_EDITOR = "editor";

    /**
     * 字符串类型
     */
-    public static final String TYPE_STRING = "String";
+    String TYPE_STRING = "String";

    /**
     * 整型
     */
-    public static final String TYPE_INTEGER = "Integer";
+    String TYPE_INTEGER = "Integer";

    /**
     * 长整型
     */
-    public static final String TYPE_LONG = "Long";
+    String TYPE_LONG = "Long";

    /**
     * 浮点型
     */
-    public static final String TYPE_DOUBLE = "Double";
+    String TYPE_DOUBLE = "Double";

    /**
     * 高精度计算类型
     */
-    public static final String TYPE_BIGDECIMAL = "BigDecimal";
+    String TYPE_BIGDECIMAL = "BigDecimal";

    /**
     * 时间类型
     */
-    public static final String TYPE_DATE = "Date";
+    String TYPE_DATE = "Date";

    /**
     * 模糊查询
     */
-    public static final String QUERY_LIKE = "LIKE";
+    String QUERY_LIKE = "LIKE";
+
+    /**
+     * 相等查询
+     */
+    String QUERY_EQ = "EQ";

    /**
     * 需要
     */
-    public static final String REQUIRE = "1";
+    String REQUIRE = "1";
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java
@ -5,108 +5,134 @@ package com.ruoyi.common.constant;
 *
 * @author ruoyi
 */
-public class UserConstants {
+public interface UserConstants {

    /**
     * 平台内系统用户的唯一标志
     */
-    public static final String SYS_USER = "SYS_USER";
+    String SYS_USER = "SYS_USER";

    /**
     * 正常状态
     */
-    public static final String NORMAL = "0";
+    String NORMAL = "0";

    /**
     * 异常状态
     */
-    public static final String EXCEPTION = "1";
+    String EXCEPTION = "1";
+
+    /**
+     * 用户正常状态
+     */
+    String USER_NORMAL = "0";

    /**
     * 用户封禁状态
     */
-    public static final String USER_DISABLE = "1";
+    String USER_DISABLE = "1";
+
+    /**
+     * 角色正常状态
+     */
+    String ROLE_NORMAL = "0";

    /**
     * 角色封禁状态
     */
-    public static final String ROLE_DISABLE = "1";
+    String ROLE_DISABLE = "1";

    /**
     * 部门正常状态
     */
-    public static final String DEPT_NORMAL = "0";
+    String DEPT_NORMAL = "0";

    /**
     * 部门停用状态
     */
-    public static final String DEPT_DISABLE = "1";
+    String DEPT_DISABLE = "1";

    /**
     * 字典正常状态
     */
-    public static final String DICT_NORMAL = "0";
+    String DICT_NORMAL = "0";

    /**
     * 是否为系统默认（是）
     */
-    public static final String YES = "Y";
+    String YES = "Y";

    /**
     * 是否菜单外链（是）
     */
-    public static final String YES_FRAME = "0";
+    String YES_FRAME = "0";

    /**
     * 是否菜单外链（否）
     */
-    public static final String NO_FRAME = "1";
+    String NO_FRAME = "1";
+
+    /**
+     * 菜单正常状态
+     */
+    String MENU_NORMAL = "0";
+
+    /**
+     * 菜单停用状态
+     */
+    String MENU_DISABLE = "1";

    /**
     * 菜单类型（目录）
     */
-    public static final String TYPE_DIR = "M";
+    String TYPE_DIR = "M";

    /**
     * 菜单类型（菜单）
     */
-    public static final String TYPE_MENU = "C";
+    String TYPE_MENU = "C";

    /**
     * 菜单类型（按钮）
     */
-    public static final String TYPE_BUTTON = "F";
+    String TYPE_BUTTON = "F";

    /**
     * Layout组件标识
     */
-    public final static String LAYOUT = "Layout";
+    String LAYOUT = "Layout";

    /**
     * ParentView组件标识
     */
-    public final static String PARENT_VIEW = "ParentView";
+    String PARENT_VIEW = "ParentView";

    /**
     * InnerLink组件标识
     */
-    public final static String INNER_LINK = "InnerLink";
+    String INNER_LINK = "InnerLink";

    /**
     * 校验返回结果码
     */
-    public final static String UNIQUE = "0";
-    public final static String NOT_UNIQUE = "1";
+    String UNIQUE = "0";
+    String NOT_UNIQUE = "1";

    /**
     * 用户名长度限制
     */
-    public static final int USERNAME_MIN_LENGTH = 2;
-    public static final int USERNAME_MAX_LENGTH = 20;
+    int USERNAME_MIN_LENGTH = 2;
+    int USERNAME_MAX_LENGTH = 20;

    /**
     * 密码长度限制
     */
-    public static final int PASSWORD_MIN_LENGTH = 5;
-    public static final int PASSWORD_MAX_LENGTH = 20;
+    int PASSWORD_MIN_LENGTH = 5;
+    int PASSWORD_MAX_LENGTH = 20;
+
+    /**
+     * 管理员ID
+     */
+    Long ADMIN_ID = 1L;
+
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/convert/ExcelBigNumberConvert.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/convert/ExcelBigNumberConvert.java
@ -4,8 +4,9 @@ import cn.hutool.core.convert.Convert;
 import cn.hutool.core.util.ObjectUtil;
 import com.alibaba.excel.converters.Converter;
 import com.alibaba.excel.enums.CellDataTypeEnum;
-import com.alibaba.excel.metadata.CellData;
 import com.alibaba.excel.metadata.GlobalConfiguration;
+import com.alibaba.excel.metadata.data.ReadCellData;
+import com.alibaba.excel.metadata.data.WriteCellData;
 import com.alibaba.excel.metadata.property.ExcelContentProperty;
 import lombok.extern.slf4j.Slf4j;

@ -20,32 +21,32 @@ import java.math.BigDecimal;
@Slf4j
 public class ExcelBigNumberConvert implements Converter<Long> {

-	@Override
-	public Class<Long> supportJavaTypeKey() {
-		return Long.class;
-	}
+    @Override
+    public Class<Long> supportJavaTypeKey() {
+        return Long.class;
+    }

-	@Override
-	public CellDataTypeEnum supportExcelTypeKey() {
-		return CellDataTypeEnum.STRING;
-	}
+    @Override
+    public CellDataTypeEnum supportExcelTypeKey() {
+        return CellDataTypeEnum.STRING;
+    }

-	@Override
-	public Long convertToJavaData(CellData cellData, ExcelContentProperty contentProperty, GlobalConfiguration globalConfiguration) {
-		return Convert.toLong(cellData.getData());
-	}
+    @Override
+    public Long convertToJavaData(ReadCellData<?> cellData, ExcelContentProperty contentProperty, GlobalConfiguration globalConfiguration) {
+        return Convert.toLong(cellData.getData());
+    }

-	@Override
-	public CellData<Object> convertToExcelData(Long object, ExcelContentProperty contentProperty, GlobalConfiguration globalConfiguration) {
-		if (ObjectUtil.isNotNull(object)) {
-			String str = Convert.toStr(object);
-			if (str.length() > 15) {
-				return new CellData<>(str);
-			}
-		}
-		CellData<Object> cellData = new CellData<>(new BigDecimal(object));
-		cellData.setType(CellDataTypeEnum.NUMBER);
-		return cellData;
-	}
+    @Override
+    public WriteCellData<Object> convertToExcelData(Long object, ExcelContentProperty contentProperty, GlobalConfiguration globalConfiguration) {
+        if (ObjectUtil.isNotNull(object)) {
+            String str = Convert.toStr(object);
+            if (str.length() > 15) {
+                return new WriteCellData<>(str);
+            }
+        }
+        WriteCellData<Object> cellData = new WriteCellData<>(new BigDecimal(object));
+        cellData.setType(CellDataTypeEnum.NUMBER);
+        return cellData;
+    }

 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/convert/ExcelDictConvert.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/convert/ExcelDictConvert.java
@ -2,10 +2,12 @@ package com.ruoyi.common.convert;

 import cn.hutool.core.annotation.AnnotationUtil;
 import cn.hutool.core.convert.Convert;
+import cn.hutool.core.util.ObjectUtil;
 import com.alibaba.excel.converters.Converter;
 import com.alibaba.excel.enums.CellDataTypeEnum;
-import com.alibaba.excel.metadata.CellData;
 import com.alibaba.excel.metadata.GlobalConfiguration;
+import com.alibaba.excel.metadata.data.ReadCellData;
+import com.alibaba.excel.metadata.data.WriteCellData;
 import com.alibaba.excel.metadata.property.ExcelContentProperty;
 import com.ruoyi.common.annotation.ExcelDictFormat;
 import com.ruoyi.common.core.service.DictService;
@ -24,48 +26,48 @@ import java.lang.reflect.Field;
@Slf4j
 public class ExcelDictConvert implements Converter<Object> {

-	@Override
-	public Class<Object> supportJavaTypeKey() {
-		return Object.class;
-	}
+    @Override
+    public Class<Object> supportJavaTypeKey() {
+        return Object.class;
+    }

-	@Override
-	public CellDataTypeEnum supportExcelTypeKey() {
-		return null;
-	}
+    @Override
+    public CellDataTypeEnum supportExcelTypeKey() {
+        return null;
+    }

-	@Override
-	public Object convertToJavaData(CellData cellData, ExcelContentProperty contentProperty, GlobalConfiguration globalConfiguration) {
-		ExcelDictFormat anno = getAnnotation(contentProperty.getField());
-		String type = anno.dictType();
-		String label = cellData.getStringValue();
-		String value;
-		if (StringUtils.isBlank(type)) {
-			value = ExcelUtil.reverseByExp(label, anno.readConverterExp(), anno.separator());
-		} else {
-			value = SpringUtils.getBean(DictService.class).getDictValue(type, label, anno.separator());
-		}
-		return Convert.convert(contentProperty.getField().getType(), value);
-	}
+    @Override
+    public Object convertToJavaData(ReadCellData<?> cellData, ExcelContentProperty contentProperty, GlobalConfiguration globalConfiguration) {
+        ExcelDictFormat anno = getAnnotation(contentProperty.getField());
+        String type = anno.dictType();
+        String label = cellData.getStringValue();
+        String value;
+        if (StringUtils.isBlank(type)) {
+            value = ExcelUtil.reverseByExp(label, anno.readConverterExp(), anno.separator());
+        } else {
+            value = SpringUtils.getBean(DictService.class).getDictValue(type, label, anno.separator());
+        }
+        return Convert.convert(contentProperty.getField().getType(), value);
+    }

-	@Override
-	public CellData<String> convertToExcelData(Object object, ExcelContentProperty contentProperty, GlobalConfiguration globalConfiguration) {
-		if (StringUtils.isNull(object)) {
-			return new CellData<>("");
-		}
-		ExcelDictFormat anno = getAnnotation(contentProperty.getField());
-		String type = anno.dictType();
-		String value = Convert.toStr(object);
-		String label;
-		if (StringUtils.isBlank(type)) {
-			label = ExcelUtil.convertByExp(value, anno.readConverterExp(), anno.separator());
-		} else {
-			label = SpringUtils.getBean(DictService.class).getDictLabel(type, value, anno.separator());
-		}
-		return new CellData<>(label);
-	}
+    @Override
+    public WriteCellData<String> convertToExcelData(Object object, ExcelContentProperty contentProperty, GlobalConfiguration globalConfiguration) {
+        if (ObjectUtil.isNull(object)) {
+            return new WriteCellData<>("");
+        }
+        ExcelDictFormat anno = getAnnotation(contentProperty.getField());
+        String type = anno.dictType();
+        String value = Convert.toStr(object);
+        String label;
+        if (StringUtils.isBlank(type)) {
+            label = ExcelUtil.convertByExp(value, anno.readConverterExp(), anno.separator());
+        } else {
+            label = SpringUtils.getBean(DictService.class).getDictLabel(type, value, anno.separator());
+        }
+        return new WriteCellData<>(label);
+    }

-	private ExcelDictFormat getAnnotation(Field field) {
-		return AnnotationUtil.getAnnotation(field, ExcelDictFormat.class);
-	}
+    private ExcelDictFormat getAnnotation(Field field) {
+        return AnnotationUtil.getAnnotation(field, ExcelDictFormat.class);
+    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/controller/BaseController.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/controller/BaseController.java
@ -1,53 +1,25 @@
 package com.ruoyi.common.core.controller;

-import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.R;
 import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.common.helper.LoginHelper;
 import com.ruoyi.common.utils.StringUtils;

 /**
 * web层通用数据处理
 *
- * @author ruoyi
+ * @author Lion Li
 */
 public class BaseController {

-    /**
-     * 返回成功
-     */
-    public AjaxResult<Void> success() {
-        return AjaxResult.success();
-    }
-
-    /**
-     * 返回失败消息
-     */
-    public AjaxResult<Void> error() {
-        return AjaxResult.error();
-    }
-
-    /**
-     * 返回成功消息
-     */
-    public AjaxResult<Void> success(String message) {
-        return AjaxResult.success(message);
-    }
-
-    /**
-     * 返回失败消息
-     */
-    public AjaxResult<Void> error(String message) {
-        return AjaxResult.error(message);
-    }
-
    /**
     * 响应返回结果
     *
     * @param rows 影响行数
     * @return 操作结果
     */
-    protected AjaxResult<Void> toAjax(int rows) {
-        return rows > 0 ? AjaxResult.success() : AjaxResult.error();
+    protected R<Void> toAjax(int rows) {
+        return rows > 0 ? R.ok() : R.fail();
    }

    /**
@ -56,8 +28,8 @@ public class BaseController {
     * @param result 结果
     * @return 操作结果
     */
-    protected AjaxResult<Void> toAjax(boolean result) {
-        return result ? success() : error();
+    protected R<Void> toAjax(boolean result) {
+        return result ? R.ok() : R.fail();
    }

    /**
@ -71,27 +43,27 @@ public class BaseController {
     * 获取用户缓存信息
     */
    public LoginUser getLoginUser() {
-        return SecurityUtils.getLoginUser();
+        return LoginHelper.getLoginUser();
    }

    /**
     * 获取登录用户id
     */
    public Long getUserId() {
-        return getLoginUser().getUserId();
+        return LoginHelper.getUserId();
    }

    /**
     * 获取登录部门id
     */
    public Long getDeptId() {
-        return getLoginUser().getDeptId();
+        return LoginHelper.getDeptId();
    }

    /**
     * 获取登录用户名
     */
    public String getUsername() {
-        return getLoginUser().getUsername();
+        return LoginHelper.getUsername();
    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/AjaxResult.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/AjaxResult.java
@ -1,134 +0,0 @@
-package com.ruoyi.common.core.domain;
-
-import cn.hutool.http.HttpStatus;
-import io.swagger.annotations.ApiModel;
-import io.swagger.annotations.ApiModelProperty;
-import lombok.AllArgsConstructor;
-import lombok.Data;
-import lombok.NoArgsConstructor;
-import lombok.experimental.Accessors;
-
-/**
- * 操作消息提醒
- *
- * @author Lion Li
- */
-@Data
-@NoArgsConstructor
-@AllArgsConstructor
-@Accessors(chain = true)
-@ApiModel("请求响应对象")
-public class AjaxResult<T> {
-
-	private static final long serialVersionUID = 1L;
-
-	/**
-	 * 状态码
-	 */
-	@ApiModelProperty("消息状态码")
-	private int code;
-
-	/**
-	 * 返回内容
-	 */
-	@ApiModelProperty("消息内容")
-	private String msg;
-
-	/**
-	 * 数据对象
-	 */
-	@ApiModelProperty("数据对象")
-	private T data;
-
-	/**
-	 * 初始化一个新创建的 AjaxResult 对象
-	 *
-	 * @param code 状态码
-	 * @param msg  返回内容
-	 */
-	public AjaxResult(int code, String msg) {
-		this.code = code;
-		this.msg = msg;
-	}
-
-	/**
-	 * 返回成功消息
-	 *
-	 * @return 成功消息
-	 */
-	public static AjaxResult<Void> success() {
-		return AjaxResult.success("操作成功");
-	}
-
-	/**
-	 * 返回成功数据
-	 *
-	 * @return 成功消息
-	 */
-	public static <T> AjaxResult<T> success(T data) {
-		return AjaxResult.success("操作成功", data);
-	}
-
-	/**
-	 * 返回成功消息
-	 *
-	 * @param msg 返回内容
-	 * @return 成功消息
-	 */
-	public static AjaxResult<Void> success(String msg) {
-		return AjaxResult.success(msg, null);
-	}
-
-	/**
-	 * 返回成功消息
-	 *
-	 * @param msg  返回内容
-	 * @param data 数据对象
-	 * @return 成功消息
-	 */
-	public static <T> AjaxResult<T> success(String msg, T data) {
-		return new AjaxResult<>(HttpStatus.HTTP_OK, msg, data);
-	}
-
-	/**
-	 * 返回错误消息
-	 *
-	 * @return
-	 */
-	public static AjaxResult<Void> error() {
-		return AjaxResult.error("操作失败");
-	}
-
-	/**
-	 * 返回错误消息
-	 *
-	 * @param msg 返回内容
-	 * @return 警告消息
-	 */
-	public static AjaxResult<Void> error(String msg) {
-		return AjaxResult.error(msg, null);
-	}
-
-	/**
-	 * 返回错误消息
-	 *
-	 * @param msg  返回内容
-	 * @param data 数据对象
-	 * @return 警告消息
-	 */
-	public static <T> AjaxResult<T> error(String msg, T data) {
-		return new AjaxResult<>(HttpStatus.HTTP_INTERNAL_ERROR, msg, data);
-	}
-
-	/**
-	 * 返回错误消息
-	 *
-	 * @param code 状态码
-	 * @param msg  返回内容
-	 * @return 警告消息
-	 */
-	public static AjaxResult<Void> error(int code, String msg) {
-		return new AjaxResult<>(code, msg, null);
-	}
-
-}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/BaseEntity.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/BaseEntity.java
@ -4,7 +4,6 @@ import com.baomidou.mybatisplus.annotation.FieldFill;
 import com.baomidou.mybatisplus.annotation.TableField;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
-import lombok.experimental.Accessors;

 import java.io.Serializable;
 import java.util.Date;
@ -18,51 +17,50 @@ import java.util.Map;
 */

@Data
-@Accessors(chain = true)
 public class BaseEntity implements Serializable {

-	private static final long serialVersionUID = 1L;
+    private static final long serialVersionUID = 1L;

-	/**
-	 * 搜索值
-	 */
-	@ApiModelProperty(value = "搜索值")
-	@TableField(exist = false)
-	private String searchValue;
+    /**
+     * 搜索值
+     */
+    @ApiModelProperty(value = "搜索值")
+    @TableField(exist = false)
+    private String searchValue;

-	/**
-	 * 创建者
-	 */
-	@ApiModelProperty(value = "创建者")
-	@TableField(fill = FieldFill.INSERT)
-	private String createBy;
+    /**
+     * 创建者
+     */
+    @ApiModelProperty(value = "创建者")
+    @TableField(fill = FieldFill.INSERT)
+    private String createBy;

-	/**
-	 * 创建时间
-	 */
-	@ApiModelProperty(value = "创建时间")
-	@TableField(fill = FieldFill.INSERT)
-	private Date createTime;
+    /**
+     * 创建时间
+     */
+    @ApiModelProperty(value = "创建时间")
+    @TableField(fill = FieldFill.INSERT)
+    private Date createTime;

-	/**
-	 * 更新者
-	 */
-	@ApiModelProperty(value = "更新者")
-	@TableField(fill = FieldFill.INSERT_UPDATE)
-	private String updateBy;
+    /**
+     * 更新者
+     */
+    @ApiModelProperty(value = "更新者")
+    @TableField(fill = FieldFill.INSERT_UPDATE)
+    private String updateBy;

-	/**
-	 * 更新时间
-	 */
-	@ApiModelProperty(value = "更新时间")
-	@TableField(fill = FieldFill.INSERT_UPDATE)
-	private Date updateTime;
+    /**
+     * 更新时间
+     */
+    @ApiModelProperty(value = "更新时间")
+    @TableField(fill = FieldFill.INSERT_UPDATE)
+    private Date updateTime;

-	/**
-	 * 请求参数
-	 */
-	@ApiModelProperty(value = "请求参数")
-	@TableField(exist = false)
-	private Map<String, Object> params = new HashMap<>();
+    /**
+     * 请求参数
+     */
+    @ApiModelProperty(value = "请求参数")
+    @TableField(exist = false)
+    private Map<String, Object> params = new HashMap<>();

 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/PageQuery.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/PageQuery.java
@ -0,0 +1,91 @@
+package com.ruoyi.common.core.domain;
+
+import cn.hutool.core.util.ObjectUtil;
+import com.baomidou.mybatisplus.core.metadata.OrderItem;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.sql.SqlUtil;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import java.io.Serializable;
+
+/**
+ * 分页查询实体类
+ *
+ * @author Lion Li
+ */
+
+@Data
+public class PageQuery implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 分页大小
+     */
+    @ApiModelProperty("分页大小")
+    private Integer pageSize;
+
+    /**
+     * 当前页数
+     */
+    @ApiModelProperty("当前页数")
+    private Integer pageNum;
+
+    /**
+     * 排序列
+     */
+    @ApiModelProperty("排序列")
+    private String orderByColumn;
+
+    /**
+     * 排序的方向desc或者asc
+     */
+    @ApiModelProperty(value = "排序的方向", example = "asc,desc")
+    private String isAsc;
+
+    /**
+     * 当前记录起始索引 默认值
+     */
+    public static final int DEFAULT_PAGE_NUM = 1;
+
+    /**
+     * 每页显示记录数 默认值 默认查全部
+     */
+    public static final int DEFAULT_PAGE_SIZE = Integer.MAX_VALUE;
+
+    public <T> Page<T> build() {
+        Integer pageNum = ObjectUtil.defaultIfNull(getPageNum(), DEFAULT_PAGE_NUM);
+        Integer pageSize = ObjectUtil.defaultIfNull(getPageSize(), DEFAULT_PAGE_SIZE);
+        if (pageNum <= 0) {
+            pageNum = DEFAULT_PAGE_NUM;
+        }
+        Page<T> page = new Page<>(pageNum, pageSize);
+        OrderItem orderItem = buildOrderItem();
+        if (ObjectUtil.isNotNull(orderItem)) {
+            page.addOrder(orderItem);
+        }
+        return page;
+    }
+
+    private OrderItem buildOrderItem() {
+        // 兼容前端排序类型
+        if ("ascending".equals(isAsc)) {
+            isAsc = "asc";
+        } else if ("descending".equals(isAsc)) {
+            isAsc = "desc";
+        }
+        if (StringUtils.isNotBlank(orderByColumn)) {
+            String orderBy = SqlUtil.escapeOrderBySql(orderByColumn);
+            orderBy = StringUtils.toUnderScoreCase(orderBy);
+            if ("asc".equals(isAsc)) {
+                return OrderItem.asc(orderBy);
+            } else if ("desc".equals(isAsc)) {
+                return OrderItem.desc(orderBy);
+            }
+        }
+        return null;
+    }
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/R.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/R.java
@ -0,0 +1,84 @@
+package com.ruoyi.common.core.domain;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.io.Serializable;
+
+/**
+ * 响应信息主体
+ *
+ * @author Lion Li
+ */
+@Data
+@NoArgsConstructor
+@ApiModel("请求响应对象")
+public class R<T> implements Serializable {
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 成功
+     */
+    public static final int SUCCESS = 200;
+
+    /**
+     * 失败
+     */
+    public static final int FAIL = 500;
+
+    @ApiModelProperty("消息状态码")
+    private int code;
+
+    @ApiModelProperty("消息内容")
+    private String msg;
+
+    @ApiModelProperty("数据对象")
+    private T data;
+
+    public static <T> R<T> ok() {
+        return restResult(null, SUCCESS, "操作成功");
+    }
+
+    public static <T> R<T> ok(T data) {
+        return restResult(data, SUCCESS, "操作成功");
+    }
+
+    public static <T> R<T> ok(String msg) {
+        return restResult(null, SUCCESS, msg);
+    }
+
+    public static <T> R<T> ok(String msg, T data) {
+        return restResult(data, SUCCESS, msg);
+    }
+
+    public static <T> R<T> fail() {
+        return restResult(null, FAIL, "操作失败");
+    }
+
+    public static <T> R<T> fail(String msg) {
+        return restResult(null, FAIL, msg);
+    }
+
+    public static <T> R<T> fail(T data) {
+        return restResult(data, FAIL, "操作失败");
+    }
+
+    public static <T> R<T> fail(String msg, T data) {
+        return restResult(data, FAIL, msg);
+    }
+
+    public static <T> R<T> fail(int code, String msg) {
+        return restResult(null, code, msg);
+    }
+
+    private static <T> R<T> restResult(T data, int code, String msg) {
+        R<T> r = new R<>();
+        r.setCode(code);
+        r.setData(data);
+        r.setMsg(msg);
+        return r;
+    }
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/TreeEntity.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/TreeEntity.java
@ -4,7 +4,6 @@ import com.baomidou.mybatisplus.annotation.TableField;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
-import lombok.experimental.Accessors;

 import java.util.ArrayList;
 import java.util.List;
@ -17,29 +16,28 @@ import java.util.List;

@Data
@EqualsAndHashCode(callSuper = true)
-@Accessors(chain = true)
-public class TreeEntity extends BaseEntity {
+public class TreeEntity<T> extends BaseEntity {

-	private static final long serialVersionUID = 1L;
+    private static final long serialVersionUID = 1L;

-	/**
-	 * 父菜单名称
-	 */
-	@TableField(exist = false)
-	@ApiModelProperty(value = "父菜单名称")
-	private String parentName;
+    /**
+     * 父菜单名称
+     */
+    @TableField(exist = false)
+    @ApiModelProperty(value = "父菜单名称")
+    private String parentName;

-	/**
-	 * 父菜单ID
-	 */
-	@ApiModelProperty(value = "父菜单ID")
-	private Long parentId;
+    /**
+     * 父菜单ID
+     */
+    @ApiModelProperty(value = "父菜单ID")
+    private Long parentId;

-	/**
-	 * 子部门
-	 */
-	@TableField(exist = false)
-	@ApiModelProperty(value = "子部门")
-	private List<?> children = new ArrayList<>();
+    /**
+     * 子部门
+     */
+    @TableField(exist = false)
+    @ApiModelProperty(value = "子部门")
+    private List<T> children = new ArrayList<>();

 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/dto/OperLogDTO.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/dto/OperLogDTO.java
@ -1,8 +1,6 @@
 package com.ruoyi.common.core.domain.dto;

 import lombok.Data;
-import lombok.NoArgsConstructor;
-import lombok.experimental.Accessors;

 import java.io.Serializable;
 import java.util.Date;
@ -14,8 +12,6 @@ import java.util.Date;
 */

@Data
-@NoArgsConstructor
-@Accessors(chain = true)
 public class OperLogDTO implements Serializable {

    private static final long serialVersionUID = 1L;
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/dto/RoleDTO.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/dto/RoleDTO.java
@ -0,0 +1,38 @@
+package com.ruoyi.common.core.domain.dto;
+
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.io.Serializable;
+
+/**
+ * 角色
+ *
+ * @author Lion Li
+ */
+
+@Data
+@NoArgsConstructor
+public class RoleDTO implements Serializable {
+
+    /**
+     * 角色ID
+     */
+    private Long roleId;
+
+    /**
+     * 角色名称
+     */
+    private String roleName;
+
+    /**
+     * 角色权限
+     */
+    private String roleKey;
+
+    /**
+     * 数据范围（1：所有数据权限；2：自定义数据权限；3：本部门数据权限；4：本部门及以下数据权限；5：仅本人数据权限）
+     */
+    private String dataScope;
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/dto/UserOnlineDTO.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/dto/UserOnlineDTO.java
@ -0,0 +1,61 @@
+package com.ruoyi.common.core.domain.dto;
+
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.io.Serializable;
+
+/**
+ * 当前在线会话
+ *
+ * @author ruoyi
+ */
+
+@Data
+@NoArgsConstructor
+public class UserOnlineDTO implements Serializable {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 会话编号
+     */
+    private String tokenId;
+
+    /**
+     * 部门名称
+     */
+    private String deptName;
+
+    /**
+     * 用户名称
+     */
+    private String userName;
+
+    /**
+     * 登录IP地址
+     */
+    private String ipaddr;
+
+    /**
+     * 登录地址
+     */
+    private String loginLocation;
+
+    /**
+     * 浏览器类型
+     */
+    private String browser;
+
+    /**
+     * 操作系统
+     */
+    private String os;
+
+    /**
+     * 登录时间
+     */
+    private Long loginTime;
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysDept.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysDept.java
@ -8,10 +8,10 @@ import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
-import lombok.experimental.Accessors;

 import javax.validation.constraints.Email;
 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
 import javax.validation.constraints.Size;

 /**
@ -22,72 +22,71 @@ import javax.validation.constraints.Size;

@Data
@EqualsAndHashCode(callSuper = true)
-@Accessors(chain = true)
@TableName("sys_dept")
@ApiModel("部门业务对象")
-public class SysDept extends TreeEntity {
-	private static final long serialVersionUID = 1L;
+public class SysDept extends TreeEntity<SysDept> {
+    private static final long serialVersionUID = 1L;

-	/**
-	 * 部门ID
-	 */
-	@ApiModelProperty(value = "部门id")
-	@TableId(value = "dept_id")
-	private Long deptId;
+    /**
+     * 部门ID
+     */
+    @ApiModelProperty(value = "部门id")
+    @TableId(value = "dept_id")
+    private Long deptId;

-	/**
-	 * 部门名称
-	 */
-	@ApiModelProperty(value = "部门名称")
-	@NotBlank(message = "部门名称不能为空")
-	@Size(min = 0, max = 30, message = "部门名称长度不能超过30个字符")
-	private String deptName;
+    /**
+     * 部门名称
+     */
+    @ApiModelProperty(value = "部门名称")
+    @NotBlank(message = "部门名称不能为空")
+    @Size(min = 0, max = 30, message = "部门名称长度不能超过30个字符")
+    private String deptName;

-	/**
-	 * 显示顺序
-	 */
-	@ApiModelProperty(value = "显示顺序")
-	@NotBlank(message = "显示顺序不能为空")
-	private String orderNum;
+    /**
+     * 显示顺序
+     */
+    @ApiModelProperty(value = "显示顺序")
+    @NotNull(message = "显示顺序不能为空")
+    private Integer orderNum;

-	/**
-	 * 负责人
-	 */
-	@ApiModelProperty(value = "负责人")
-	private String leader;
+    /**
+     * 负责人
+     */
+    @ApiModelProperty(value = "负责人")
+    private String leader;

-	/**
-	 * 联系电话
-	 */
-	@ApiModelProperty(value = "联系电话")
-	@Size(min = 0, max = 11, message = "联系电话长度不能超过11个字符")
-	private String phone;
+    /**
+     * 联系电话
+     */
+    @ApiModelProperty(value = "联系电话")
+    @Size(min = 0, max = 11, message = "联系电话长度不能超过11个字符")
+    private String phone;

-	/**
-	 * 邮箱
-	 */
-	@ApiModelProperty(value = "邮箱")
-	@Email(message = "邮箱格式不正确")
-	@Size(min = 0, max = 50, message = "邮箱长度不能超过50个字符")
-	private String email;
+    /**
+     * 邮箱
+     */
+    @ApiModelProperty(value = "邮箱")
+    @Email(message = "邮箱格式不正确")
+    @Size(min = 0, max = 50, message = "邮箱长度不能超过50个字符")
+    private String email;

-	/**
-	 * 部门状态:0正常,1停用
-	 */
-	@ApiModelProperty(value = "部门状态:0正常,1停用")
-	private String status;
+    /**
+     * 部门状态:0正常,1停用
+     */
+    @ApiModelProperty(value = "部门状态:0正常,1停用")
+    private String status;

-	/**
-	 * 删除标志（0代表存在 2代表删除）
-	 */
-	@ApiModelProperty(value = "删除标志（0代表存在 2代表删除）")
-	@TableLogic
-	private String delFlag;
+    /**
+     * 删除标志（0代表存在 2代表删除）
+     */
+    @ApiModelProperty(value = "删除标志（0代表存在 2代表删除）")
+    @TableLogic
+    private String delFlag;

-	/**
-	 * 祖级列表
-	 */
-	@ApiModelProperty(value = "祖级列表")
-	private String ancestors;
+    /**
+     * 祖级列表
+     */
+    @ApiModelProperty(value = "祖级列表")
+    private String ancestors;

 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysDictData.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysDictData.java
@ -12,7 +12,6 @@ import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
-import lombok.experimental.Accessors;

 import javax.validation.constraints.NotBlank;
 import javax.validation.constraints.Size;
@ -25,91 +24,90 @@ import javax.validation.constraints.Size;

@Data
@EqualsAndHashCode(callSuper = true)
-@Accessors(chain = true)
@TableName("sys_dict_data")
@ExcelIgnoreUnannotated
@ApiModel("字典数据业务对象")
 public class SysDictData extends BaseEntity {

-	/**
-	 * 字典编码
-	 */
-	@ApiModelProperty(value = "字典编码")
-	@ExcelProperty(value = "字典编码")
-	@TableId(value = "dict_code")
-	private Long dictCode;
+    /**
+     * 字典编码
+     */
+    @ApiModelProperty(value = "字典编码")
+    @ExcelProperty(value = "字典编码")
+    @TableId(value = "dict_code")
+    private Long dictCode;

-	/**
-	 * 字典排序
-	 */
-	@ApiModelProperty(value = "字典排序")
-	@ExcelProperty(value = "字典排序")
-	private Long dictSort;
+    /**
+     * 字典排序
+     */
+    @ApiModelProperty(value = "字典排序")
+    @ExcelProperty(value = "字典排序")
+    private Integer dictSort;

-	/**
-	 * 字典标签
-	 */
-	@ApiModelProperty(value = "字典标签")
-	@ExcelProperty(value = "字典标签")
-	@NotBlank(message = "字典标签不能为空")
-	@Size(min = 0, max = 100, message = "字典标签长度不能超过100个字符")
-	private String dictLabel;
+    /**
+     * 字典标签
+     */
+    @ApiModelProperty(value = "字典标签")
+    @ExcelProperty(value = "字典标签")
+    @NotBlank(message = "字典标签不能为空")
+    @Size(min = 0, max = 100, message = "字典标签长度不能超过100个字符")
+    private String dictLabel;

-	/**
-	 * 字典键值
-	 */
-	@ApiModelProperty(value = "字典键值")
-	@ExcelProperty(value = "字典键值")
-	@NotBlank(message = "字典键值不能为空")
-	@Size(min = 0, max = 100, message = "字典键值长度不能超过100个字符")
-	private String dictValue;
+    /**
+     * 字典键值
+     */
+    @ApiModelProperty(value = "字典键值")
+    @ExcelProperty(value = "字典键值")
+    @NotBlank(message = "字典键值不能为空")
+    @Size(min = 0, max = 100, message = "字典键值长度不能超过100个字符")
+    private String dictValue;

-	/**
-	 * 字典类型
-	 */
-	@ApiModelProperty(value = "字典类型")
-	@ExcelProperty(value = "字典类型")
-	@NotBlank(message = "字典类型不能为空")
-	@Size(min = 0, max = 100, message = "字典类型长度不能超过100个字符")
-	private String dictType;
+    /**
+     * 字典类型
+     */
+    @ApiModelProperty(value = "字典类型")
+    @ExcelProperty(value = "字典类型")
+    @NotBlank(message = "字典类型不能为空")
+    @Size(min = 0, max = 100, message = "字典类型长度不能超过100个字符")
+    private String dictType;

-	/**
-	 * 样式属性（其他样式扩展）
-	 */
-	@ApiModelProperty(value = "样式属性（其他样式扩展）")
-	@Size(min = 0, max = 100, message = "样式属性长度不能超过100个字符")
-	private String cssClass;
+    /**
+     * 样式属性（其他样式扩展）
+     */
+    @ApiModelProperty(value = "样式属性（其他样式扩展）")
+    @Size(min = 0, max = 100, message = "样式属性长度不能超过100个字符")
+    private String cssClass;

-	/**
-	 * 表格字典样式
-	 */
-	@ApiModelProperty(value = "表格字典样式")
-	private String listClass;
+    /**
+     * 表格字典样式
+     */
+    @ApiModelProperty(value = "表格字典样式")
+    private String listClass;

-	/**
-	 * 是否默认（Y是 N否）
-	 */
-	@ApiModelProperty(value = "是否默认（Y是 N否）")
-	@ExcelProperty(value = "是否默认", converter = ExcelDictConvert.class)
-	@ExcelDictFormat(dictType = "sys_yes_no")
-	private String isDefault;
+    /**
+     * 是否默认（Y是 N否）
+     */
+    @ApiModelProperty(value = "是否默认（Y是 N否）")
+    @ExcelProperty(value = "是否默认", converter = ExcelDictConvert.class)
+    @ExcelDictFormat(dictType = "sys_yes_no")
+    private String isDefault;

-	/**
-	 * 状态（0正常 1停用）
-	 */
-	@ApiModelProperty(value = "状态（0正常 1停用）")
-	@ExcelProperty(value = "状态", converter = ExcelDictConvert.class)
-	@ExcelDictFormat(dictType = "sys_normal_disable")
-	private String status;
+    /**
+     * 状态（0正常 1停用）
+     */
+    @ApiModelProperty(value = "状态（0正常 1停用）")
+    @ExcelProperty(value = "状态", converter = ExcelDictConvert.class)
+    @ExcelDictFormat(dictType = "sys_normal_disable")
+    private String status;

-	/**
-	 * 备注
-	 */
-	@ApiModelProperty(value = "备注")
-	private String remark;
+    /**
+     * 备注
+     */
+    @ApiModelProperty(value = "备注")
+    private String remark;

-	public boolean getDefault() {
-		return UserConstants.YES.equals(this.isDefault);
-	}
+    public boolean getDefault() {
+        return UserConstants.YES.equals(this.isDefault);
+    }

 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysDictType.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysDictType.java
@ -14,6 +14,7 @@ import lombok.EqualsAndHashCode;
 import lombok.experimental.Accessors;

 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
 import javax.validation.constraints.Size;

 /**
@ -24,50 +25,50 @@ import javax.validation.constraints.Size;

@Data
@EqualsAndHashCode(callSuper = true)
-@Accessors(chain = true)
@TableName("sys_dict_type")
@ExcelIgnoreUnannotated
@ApiModel("字典类型业务对象")
 public class SysDictType extends BaseEntity {

-	/**
-	 * 字典主键
-	 */
-	@ApiModelProperty(value = "字典主键")
-	@ExcelProperty(value = "字典主键")
-	@TableId(value = "dict_id")
-	private Long dictId;
+    /**
+     * 字典主键
+     */
+    @ApiModelProperty(value = "字典主键")
+    @ExcelProperty(value = "字典主键")
+    @TableId(value = "dict_id")
+    private Long dictId;

-	/**
-	 * 字典名称
-	 */
-	@ApiModelProperty(value = "字典名称")
-	@ExcelProperty(value = "字典名称")
-	@NotBlank(message = "字典名称不能为空")
-	@Size(min = 0, max = 100, message = "字典类型名称长度不能超过100个字符")
-	private String dictName;
+    /**
+     * 字典名称
+     */
+    @ApiModelProperty(value = "字典名称")
+    @ExcelProperty(value = "字典名称")
+    @NotBlank(message = "字典名称不能为空")
+    @Size(min = 0, max = 100, message = "字典类型名称长度不能超过100个字符")
+    private String dictName;

-	/**
-	 * 字典类型
-	 */
-	@ApiModelProperty(value = "字典类型")
-	@ExcelProperty(value = "字典类型")
-	@NotBlank(message = "字典类型不能为空")
-	@Size(min = 0, max = 100, message = "字典类型类型长度不能超过100个字符")
-	private String dictType;
+    /**
+     * 字典类型
+     */
+    @ApiModelProperty(value = "字典类型")
+    @ExcelProperty(value = "字典类型")
+    @NotBlank(message = "字典类型不能为空")
+    @Size(min = 0, max = 100, message = "字典类型类型长度不能超过100个字符")
+    @Pattern(regexp = "^[a-z][a-z0-9_]*$", message = "字典类型必须以字母开头，且只能为（小写字母，数字，下滑线）")
+    private String dictType;

-	/**
-	 * 状态（0正常 1停用）
-	 */
-	@ApiModelProperty(value = "状态（0正常 1停用）")
-	@ExcelProperty(value = "状态", converter = ExcelDictConvert.class)
-	@ExcelDictFormat(dictType = "sys_normal_disable")
-	private String status;
+    /**
+     * 状态（0正常 1停用）
+     */
+    @ApiModelProperty(value = "状态（0正常 1停用）")
+    @ExcelProperty(value = "状态", converter = ExcelDictConvert.class)
+    @ExcelDictFormat(dictType = "sys_normal_disable")
+    private String status;

-	/**
-	 * 备注
-	 */
-	@ApiModelProperty(value = "备注")
-	private String remark;
+    /**
+     * 备注
+     */
+    @ApiModelProperty(value = "备注")
+    private String remark;

 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysMenu.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysMenu.java
@ -2,14 +2,15 @@ package com.ruoyi.common.core.domain.entity;

 import com.baomidou.mybatisplus.annotation.TableId;
 import com.baomidou.mybatisplus.annotation.TableName;
+import com.fasterxml.jackson.annotation.JsonInclude;
 import com.ruoyi.common.core.domain.TreeEntity;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
-import lombok.experimental.Accessors;

 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
 import javax.validation.constraints.Size;

 /**
@ -20,101 +21,101 @@ import javax.validation.constraints.Size;

@Data
@EqualsAndHashCode(callSuper = true)
-@Accessors(chain = true)
@TableName("sys_menu")
@ApiModel("菜单权限业务对象")
-public class SysMenu extends TreeEntity {
+public class SysMenu extends TreeEntity<SysMenu> {

-	/**
-	 * 菜单ID
-	 */
-	@ApiModelProperty(value = "菜单ID")
-	@TableId(value = "menu_id")
-	private Long menuId;
+    /**
+     * 菜单ID
+     */
+    @ApiModelProperty(value = "菜单ID")
+    @TableId(value = "menu_id")
+    private Long menuId;

-	/**
-	 * 菜单名称
-	 */
-	@ApiModelProperty(value = "菜单名称")
-	@NotBlank(message = "菜单名称不能为空")
-	@Size(min = 0, max = 50, message = "菜单名称长度不能超过50个字符")
-	private String menuName;
+    /**
+     * 菜单名称
+     */
+    @ApiModelProperty(value = "菜单名称")
+    @NotBlank(message = "菜单名称不能为空")
+    @Size(min = 0, max = 50, message = "菜单名称长度不能超过50个字符")
+    private String menuName;

-	/**
-	 * 显示顺序
-	 */
-	@ApiModelProperty(value = "显示顺序")
-	@NotBlank(message = "显示顺序不能为空")
-	private String orderNum;
+    /**
+     * 显示顺序
+     */
+    @ApiModelProperty(value = "显示顺序")
+    @NotNull(message = "显示顺序不能为空")
+    private Integer orderNum;

-	/**
-	 * 路由地址
-	 */
-	@ApiModelProperty(value = "路由地址")
-	@Size(min = 0, max = 200, message = "路由地址不能超过200个字符")
-	private String path;
+    /**
+     * 路由地址
+     */
+    @ApiModelProperty(value = "路由地址")
+    @Size(min = 0, max = 200, message = "路由地址不能超过200个字符")
+    private String path;

-	/**
-	 * 组件路径
-	 */
-	@ApiModelProperty(value = "组件路径")
-	@Size(min = 0, max = 200, message = "组件路径不能超过255个字符")
-	private String component;
+    /**
+     * 组件路径
+     */
+    @ApiModelProperty(value = "组件路径")
+    @Size(min = 0, max = 200, message = "组件路径不能超过255个字符")
+    private String component;

    /**
     * 路由参数
     */
-	@ApiModelProperty(value = "路由参数")
-    private String query;
+    @ApiModelProperty(value = "路由参数")
+    private String queryParam;

-	/**
-	 * 是否为外链（0是 1否）
-	 */
-	@ApiModelProperty(value = "是否为外链（0是 1否）")
-	private String isFrame;
+    /**
+     * 是否为外链（0是 1否）
+     */
+    @ApiModelProperty(value = "是否为外链（0是 1否）")
+    private String isFrame;

-	/**
-	 * 是否缓存（0缓存 1不缓存）
-	 */
-	@ApiModelProperty(value = "是否缓存（0缓存 1不缓存）")
-	private String isCache;
+    /**
+     * 是否缓存（0缓存 1不缓存）
+     */
+    @ApiModelProperty(value = "是否缓存（0缓存 1不缓存）")
+    private String isCache;

-	/**
-	 * 类型（M目录 C菜单 F按钮）
-	 */
-	@ApiModelProperty(value = "类型（M目录 C菜单 F按钮）")
-	@NotBlank(message = "菜单类型不能为空")
-	private String menuType;
+    /**
+     * 类型（M目录 C菜单 F按钮）
+     */
+    @ApiModelProperty(value = "类型（M目录 C菜单 F按钮）")
+    @NotBlank(message = "菜单类型不能为空")
+    private String menuType;

-	/**
-	 * 显示状态（0显示 1隐藏）
-	 */
-	@ApiModelProperty(value = "显示状态（0显示 1隐藏）")
-	private String visible;
+    /**
+     * 显示状态（0显示 1隐藏）
+     */
+    @ApiModelProperty(value = "显示状态（0显示 1隐藏）")
+    private String visible;

-	/**
-	 * 菜单状态（0显示 1隐藏）
-	 */
-	@ApiModelProperty(value = "菜单状态（0显示 1隐藏）")
-	private String status;
+    /**
+     * 菜单状态（0显示 1隐藏）
+     */
+    @ApiModelProperty(value = "菜单状态（0显示 1隐藏）")
+    private String status;

-	/**
-	 * 权限字符串
-	 */
-	@ApiModelProperty(value = "权限字符串")
-	@Size(min = 0, max = 100, message = "权限标识长度不能超过100个字符")
-	private String perms;
+    /**
+     * 权限字符串
+     */
+    @ApiModelProperty(value = "权限字符串")
+    @JsonInclude(JsonInclude.Include.NON_NULL)
+    @Size(min = 0, max = 100, message = "权限标识长度不能超过100个字符")
+    private String perms;

-	/**
-	 * 菜单图标
-	 */
-	@ApiModelProperty(value = "菜单图标")
-	private String icon;
+    /**
+     * 菜单图标
+     */
+    @ApiModelProperty(value = "菜单图标")
+    private String icon;

-	/**
-	 * 备注
-	 */
-	@ApiModelProperty(value = "备注")
-	private String remark;
+    /**
+     * 备注
+     */
+    @ApiModelProperty(value = "备注")
+    private String remark;

 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysRole.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysRole.java
@ -7,15 +7,16 @@ import com.baomidou.mybatisplus.annotation.TableId;
 import com.baomidou.mybatisplus.annotation.TableLogic;
 import com.baomidou.mybatisplus.annotation.TableName;
 import com.ruoyi.common.annotation.ExcelDictFormat;
+import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.convert.ExcelDictConvert;
 import com.ruoyi.common.core.domain.BaseEntity;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.NoArgsConstructor;
-import lombok.experimental.Accessors;

 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
 import javax.validation.constraints.Size;

 /**
@ -27,118 +28,112 @@ import javax.validation.constraints.Size;
@Data
@NoArgsConstructor
@EqualsAndHashCode(callSuper = true)
-@Accessors(chain = true)
@TableName("sys_role")
@ExcelIgnoreUnannotated
 public class SysRole extends BaseEntity {

-	/**
-	 * 角色ID
-	 */
-	@ApiModelProperty(value = "角色ID")
-	@ExcelProperty(value = "角色序号")
-	@TableId(value = "role_id")
-	private Long roleId;
+    /**
+     * 角色ID
+     */
+    @ApiModelProperty(value = "角色ID")
+    @ExcelProperty(value = "角色序号")
+    @TableId(value = "role_id")
+    private Long roleId;

-	/**
-	 * 角色名称
-	 */
-	@ApiModelProperty(value = "角色名称")
-	@ExcelProperty(value = "角色名称")
-	@NotBlank(message = "角色名称不能为空")
-	@Size(min = 0, max = 30, message = "角色名称长度不能超过30个字符")
-	private String roleName;
+    /**
+     * 角色名称
+     */
+    @ApiModelProperty(value = "角色名称")
+    @ExcelProperty(value = "角色名称")
+    @NotBlank(message = "角色名称不能为空")
+    @Size(min = 0, max = 30, message = "角色名称长度不能超过30个字符")
+    private String roleName;

-	/**
-	 * 角色权限
-	 */
-	@ApiModelProperty(value = "角色权限")
-	@ExcelProperty(value = "角色权限")
-	@NotBlank(message = "权限字符不能为空")
-	@Size(min = 0, max = 100, message = "权限字符长度不能超过100个字符")
-	private String roleKey;
+    /**
+     * 角色权限
+     */
+    @ApiModelProperty(value = "角色权限")
+    @ExcelProperty(value = "角色权限")
+    @NotBlank(message = "权限字符不能为空")
+    @Size(min = 0, max = 100, message = "权限字符长度不能超过100个字符")
+    private String roleKey;

-	/**
-	 * 角色排序
-	 */
-	@ApiModelProperty(value = "角色排序")
-	@ExcelProperty(value = "角色排序")
-	@NotBlank(message = "显示顺序不能为空")
-	private String roleSort;
+    /**
+     * 角色排序
+     */
+    @ApiModelProperty(value = "角色排序")
+    @ExcelProperty(value = "角色排序")
+    @NotNull(message = "显示顺序不能为空")
+    private Integer roleSort;

-	/**
-	 * 数据范围（1：所有数据权限；2：自定义数据权限；3：本部门数据权限；4：本部门及以下数据权限；5：仅本人数据权限）
-	 */
-	@ApiModelProperty(value = "数据范围（1：所有数据权限；2：自定义数据权限；3：本部门数据权限；4：本部门及以下数据权限；5：仅本人数据权限）")
-	@ExcelProperty(value = "数据范围", converter = ExcelDictConvert.class)
-	@ExcelDictFormat(readConverterExp = "1=所有数据权限,2=自定义数据权限,3=本部门数据权限,4=本部门及以下数据权限,5=仅本人数据权限")
-	private String dataScope;
+    /**
+     * 数据范围（1：所有数据权限；2：自定义数据权限；3：本部门数据权限；4：本部门及以下数据权限；5：仅本人数据权限）
+     */
+    @ApiModelProperty(value = "数据范围（1：所有数据权限；2：自定义数据权限；3：本部门数据权限；4：本部门及以下数据权限；5：仅本人数据权限）")
+    @ExcelProperty(value = "数据范围", converter = ExcelDictConvert.class)
+    @ExcelDictFormat(readConverterExp = "1=所有数据权限,2=自定义数据权限,3=本部门数据权限,4=本部门及以下数据权限,5=仅本人数据权限")
+    private String dataScope;

-	/**
-	 * 菜单树选择项是否关联显示（ 0：父子不互相关联显示 1：父子互相关联显示）
-	 */
-	@ApiModelProperty(value = "菜单树选择项是否关联显示（ 0：父子不互相关联显示 1：父子互相关联显示）")
-	private boolean menuCheckStrictly;
+    /**
+     * 菜单树选择项是否关联显示（ 0：父子不互相关联显示 1：父子互相关联显示）
+     */
+    @ApiModelProperty(value = "菜单树选择项是否关联显示（ 0：父子不互相关联显示 1：父子互相关联显示）")
+    private Boolean menuCheckStrictly;

-	/**
-	 * 部门树选择项是否关联显示（0：父子不互相关联显示 1：父子互相关联显示 ）
-	 */
-	@ApiModelProperty(value = "部门树选择项是否关联显示（0：父子不互相关联显示 1：父子互相关联显示 ）")
-	private boolean deptCheckStrictly;
+    /**
+     * 部门树选择项是否关联显示（0：父子不互相关联显示 1：父子互相关联显示 ）
+     */
+    @ApiModelProperty(value = "部门树选择项是否关联显示（0：父子不互相关联显示 1：父子互相关联显示 ）")
+    private Boolean deptCheckStrictly;

-	/**
-	 * 角色状态（0正常 1停用）
-	 */
-	@ApiModelProperty(value = "角色状态（0正常 1停用）")
-	@ExcelProperty(value = "角色状态", converter = ExcelDictConvert.class)
-	@ExcelDictFormat(dictType = "sys_common_status")
-	private String status;
+    /**
+     * 角色状态（0正常 1停用）
+     */
+    @ApiModelProperty(value = "角色状态（0正常 1停用）")
+    @ExcelProperty(value = "角色状态", converter = ExcelDictConvert.class)
+    @ExcelDictFormat(dictType = "sys_common_status")
+    private String status;

-	/**
-	 * 删除标志（0代表存在 2代表删除）
-	 */
-	@ApiModelProperty(value = "删除标志（0代表存在 2代表删除）")
-	@TableLogic
-	private String delFlag;
+    /**
+     * 删除标志（0代表存在 2代表删除）
+     */
+    @ApiModelProperty(value = "删除标志（0代表存在 2代表删除）")
+    @TableLogic
+    private String delFlag;

-	/**
-	 * 备注
-	 */
-	@ApiModelProperty(value = "备注")
-	private String remark;
+    /**
+     * 备注
+     */
+    @ApiModelProperty(value = "备注")
+    private String remark;

-	/**
-	 * 用户是否存在此角色标识 默认不存在
-	 */
-	@ApiModelProperty(value = "用户是否存在此角色标识 默认不存在")
-	@TableField(exist = false)
-	private boolean flag = false;
+    /**
+     * 用户是否存在此角色标识 默认不存在
+     */
+    @ApiModelProperty(value = "用户是否存在此角色标识 默认不存在")
+    @TableField(exist = false)
+    private boolean flag = false;

-	/**
-	 * 菜单组
-	 */
-	@ApiModelProperty(value = "菜单组")
-	@TableField(exist = false)
-	private Long[] menuIds;
+    /**
+     * 菜单组
+     */
+    @ApiModelProperty(value = "菜单组")
+    @TableField(exist = false)
+    private Long[] menuIds;

-	/**
-	 * 部门组（数据权限）
-	 */
-	@ApiModelProperty(value = "部门组（数据权限）")
-	@TableField(exist = false)
-	private Long[] deptIds;
+    /**
+     * 部门组（数据权限）
+     */
+    @ApiModelProperty(value = "部门组（数据权限）")
+    @TableField(exist = false)
+    private Long[] deptIds;

-	public SysRole(Long roleId) {
-		this.roleId = roleId;
-	}
-
-	@ApiModelProperty(value = "是否管理员")
-	public boolean isAdmin() {
-		return isAdmin(this.roleId);
-	}
-
-	public static boolean isAdmin(Long roleId) {
-		return roleId != null && 1L == roleId;
-	}
+    public SysRole(Long roleId) {
+        this.roleId = roleId;
+    }

+    @ApiModelProperty(value = "是否管理员")
+    public boolean isAdmin() {
+        return UserConstants.ADMIN_ID.equals(this.roleId);
+    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysUser.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysUser.java
@ -3,13 +3,16 @@ package com.ruoyi.common.core.domain.entity;
 import com.baomidou.mybatisplus.annotation.*;
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.fasterxml.jackson.annotation.JsonProperty;
+import com.ruoyi.common.annotation.Sensitive;
+import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.domain.BaseEntity;
+import com.ruoyi.common.enums.SensitiveStrategy;
+import com.ruoyi.common.xss.Xss;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 import lombok.NoArgsConstructor;
-import lombok.experimental.Accessors;

 import javax.validation.constraints.Email;
 import javax.validation.constraints.NotBlank;
@ -26,159 +29,158 @@ import java.util.List;
@Data
@NoArgsConstructor
@EqualsAndHashCode(callSuper = true)
-@Accessors(chain = true)
@TableName("sys_user")
@ApiModel("用户信息业务对象")
 public class SysUser extends BaseEntity {

-	/**
-	 * 用户ID
-	 */
-	@ApiModelProperty(value = "用户ID")
-	@TableId(value = "user_id")
-	private Long userId;
+    /**
+     * 用户ID
+     */
+    @ApiModelProperty(value = "用户ID")
+    @TableId(value = "user_id")
+    private Long userId;

-	/**
-	 * 部门ID
-	 */
-	@ApiModelProperty(value = "部门ID")
-	private Long deptId;
+    /**
+     * 部门ID
+     */
+    @ApiModelProperty(value = "部门ID")
+    private Long deptId;

-	/**
-	 * 用户账号
-	 */
-	@ApiModelProperty(value = "用户账号")
-	@NotBlank(message = "用户账号不能为空")
-	@Size(min = 0, max = 30, message = "用户账号长度不能超过30个字符")
-	private String userName;
+    /**
+     * 用户账号
+     */
+    @ApiModelProperty(value = "用户账号")
+    @Xss(message = "用户账号不能包含脚本字符")
+    @NotBlank(message = "用户账号不能为空")
+    @Size(min = 0, max = 30, message = "用户账号长度不能超过30个字符")
+    private String userName;

-	/**
-	 * 用户昵称
-	 */
-	@ApiModelProperty(value = "用户昵称")
-	@Size(min = 0, max = 30, message = "用户昵称长度不能超过30个字符")
-	private String nickName;
+    /**
+     * 用户昵称
+     */
+    @ApiModelProperty(value = "用户昵称")
+    @Xss(message = "用户昵称不能包含脚本字符")
+    @Size(min = 0, max = 30, message = "用户昵称长度不能超过30个字符")
+    private String nickName;

-	/**
-	 * 用户邮箱
-	 */
-	@ApiModelProperty(value = "用户邮箱")
-	@Email(message = "邮箱格式不正确")
-	@Size(min = 0, max = 50, message = "邮箱长度不能超过50个字符")
-	private String email;
+    /**
+     * 用户类型（sys_user系统用户）
+     */
+    @ApiModelProperty(value = "用户类型")
+    private String userType;

-	/**
-	 * 手机号码
-	 */
-	@ApiModelProperty(value = "手机号码")
-	private String phonenumber;
+    /**
+     * 用户邮箱
+     */
+    @Sensitive(strategy = SensitiveStrategy.EMAIL)
+    @ApiModelProperty(value = "用户邮箱")
+    @Email(message = "邮箱格式不正确")
+    @Size(min = 0, max = 50, message = "邮箱长度不能超过50个字符")
+    private String email;

-	/**
-	 * 用户性别
-	 */
-	@ApiModelProperty(value = "用户性别")
-	private String sex;
+    /**
+     * 手机号码
+     */
+    @Sensitive(strategy = SensitiveStrategy.PHONE)
+    @ApiModelProperty(value = "手机号码")
+    private String phonenumber;

-	/**
-	 * 用户头像
-	 */
-	@ApiModelProperty(value = "用户头像")
-	private String avatar;
+    /**
+     * 用户性别
+     */
+    @ApiModelProperty(value = "用户性别")
+    private String sex;

-	/**
-	 * 密码
-	 */
-	@ApiModelProperty(value = "密码")
-	@TableField(
-			insertStrategy = FieldStrategy.NOT_EMPTY,
-			updateStrategy = FieldStrategy.NOT_EMPTY,
-			whereStrategy = FieldStrategy.NOT_EMPTY
-	)
-	private String password;
+    /**
+     * 用户头像
+     */
+    @ApiModelProperty(value = "用户头像")
+    private String avatar;

-	@JsonIgnore
-	@JsonProperty
-	public String getPassword() {
-		return password;
-	}
+    /**
+     * 密码
+     */
+    @ApiModelProperty(value = "密码")
+    @TableField(
+        insertStrategy = FieldStrategy.NOT_EMPTY,
+        updateStrategy = FieldStrategy.NOT_EMPTY,
+        whereStrategy = FieldStrategy.NOT_EMPTY
+    )
+    private String password;

-	/**
-	 * 帐号状态（0正常 1停用）
-	 */
-	@ApiModelProperty(value = "帐号状态（0正常 1停用）")
-	private String status;
+    /**
+     * 帐号状态（0正常 1停用）
+     */
+    @ApiModelProperty(value = "帐号状态（0正常 1停用）")
+    private String status;

-	/**
-	 * 删除标志（0代表存在 2代表删除）
-	 */
-	@ApiModelProperty(value = "删除标志（0代表存在 2代表删除）")
-	@TableLogic
-	private String delFlag;
+    /**
+     * 删除标志（0代表存在 2代表删除）
+     */
+    @ApiModelProperty(value = "删除标志（0代表存在 2代表删除）")
+    @TableLogic
+    private String delFlag;

-	/**
-	 * 最后登录IP
-	 */
-	@ApiModelProperty(value = "最后登录IP")
-	private String loginIp;
+    /**
+     * 最后登录IP
+     */
+    @ApiModelProperty(value = "最后登录IP")
+    private String loginIp;

-	/**
-	 * 最后登录时间
-	 */
-	@ApiModelProperty(value = "最后登录时间")
-	private Date loginDate;
+    /**
+     * 最后登录时间
+     */
+    @ApiModelProperty(value = "最后登录时间")
+    private Date loginDate;

-	/**
-	 * 备注
-	 */
-	@ApiModelProperty(value = "备注")
-	private String remark;
+    /**
+     * 备注
+     */
+    @ApiModelProperty(value = "备注")
+    private String remark;

-	/**
-	 * 部门对象
-	 */
-	@ApiModelProperty(value = "部门对象")
-	@TableField(exist = false)
-	private SysDept dept;
+    /**
+     * 部门对象
+     */
+    @ApiModelProperty(value = "部门对象")
+    @TableField(exist = false)
+    private SysDept dept;

-	/**
-	 * 角色对象
-	 */
-	@ApiModelProperty(value = "角色对象")
-	@TableField(exist = false)
-	private List<SysRole> roles;
+    /**
+     * 角色对象
+     */
+    @ApiModelProperty(value = "角色对象")
+    @TableField(exist = false)
+    private List<SysRole> roles;

-	/**
-	 * 角色组
-	 */
-	@ApiModelProperty(value = "角色组")
-	@TableField(exist = false)
-	private Long[] roleIds;
+    /**
+     * 角色组
+     */
+    @ApiModelProperty(value = "角色组")
+    @TableField(exist = false)
+    private Long[] roleIds;

-	/**
-	 * 岗位组
-	 */
-	@ApiModelProperty(value = "岗位组")
-	@TableField(exist = false)
-	private Long[] postIds;
+    /**
+     * 岗位组
+     */
+    @ApiModelProperty(value = "岗位组")
+    @TableField(exist = false)
+    private Long[] postIds;

-	/**
-	 * 角色ID
-	 */
-	@ApiModelProperty(value = "角色ID")
-	@TableField(exist = false)
-	private Long roleId;
+    /**
+     * 数据权限 当前角色ID
+     */
+    @ApiModelProperty(value = "角色ID")
+    @TableField(exist = false)
+    private Long roleId;

-	public SysUser(Long userId) {
-		this.userId = userId;
-	}
+    public SysUser(Long userId) {
+        this.userId = userId;
+    }

-	@ApiModelProperty(value = "是否管理员")
-	public boolean isAdmin() {
-		return isAdmin(this.userId);
-	}
-
-	public static boolean isAdmin(Long userId) {
-		return userId != null && 1L == userId;
-	}
+    @ApiModelProperty(value = "是否管理员")
+    public boolean isAdmin() {
+        return UserConstants.ADMIN_ID.equals(this.userId);
+    }

 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java
@ -1,43 +1,49 @@
-package com.ruoyi.common.core.domain.model;
-
-import io.swagger.annotations.ApiModel;
-import io.swagger.annotations.ApiModelProperty;
-import lombok.Data;
-import lombok.experimental.Accessors;
-
-/**
- * 用户登录对象
- *
- * @author Lion Li
- */
-
-@Data
-@Accessors(chain = true)
-@ApiModel("用户登录对象")
-public class LoginBody {
-
-    /**
-     * 用户名
-     */
-    @ApiModelProperty(value = "用户名")
-    private String username;
-
-    /**
-     * 用户密码
-     */
-    @ApiModelProperty(value = "用户密码")
-    private String password;
-
-    /**
-     * 验证码
-     */
-    @ApiModelProperty(value = "验证码")
-    private String code;
-
-    /**
-     * 唯一标识
-     */
-    @ApiModelProperty(value = "唯一标识")
-    private String uuid = "";
-
-}
+package com.ruoyi.common.core.domain.model;
+
+import com.ruoyi.common.constant.UserConstants;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import org.hibernate.validator.constraints.Length;
+
+import javax.validation.constraints.NotBlank;
+
+/**
+ * 用户登录对象
+ *
+ * @author Lion Li
+ */
+
+@Data
+@ApiModel("用户登录对象")
+public class LoginBody {
+
+    /**
+     * 用户名
+     */
+    @NotBlank(message = "{user.username.not.blank}")
+    @Length(min = UserConstants.USERNAME_MIN_LENGTH, max = UserConstants.USERNAME_MAX_LENGTH, message = "{user.username.length.valid}")
+    @ApiModelProperty(value = "用户名")
+    private String username;
+
+    /**
+     * 用户密码
+     */
+    @NotBlank(message = "{user.password.not.blank}")
+    @Length(min = UserConstants.PASSWORD_MIN_LENGTH, max = UserConstants.PASSWORD_MAX_LENGTH, message = "{user.password.length.valid}")
+    @ApiModelProperty(value = "用户密码")
+    private String password;
+
+    /**
+     * 验证码
+     */
+    @ApiModelProperty(value = "验证码")
+    private String code;
+
+    /**
+     * 唯一标识
+     */
+    @ApiModelProperty(value = "唯一标识")
+    private String uuid;
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java
@ -1,13 +1,12 @@
 package com.ruoyi.common.core.domain.model;

-import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.ruoyi.common.core.domain.dto.RoleDTO;
+import com.ruoyi.common.helper.LoginHelper;
 import lombok.Data;
 import lombok.NoArgsConstructor;
-import lombok.experimental.Accessors;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.userdetails.UserDetails;

-import java.util.Collection;
+import java.io.Serializable;
+import java.util.List;
 import java.util.Set;

 /**
@ -18,8 +17,7 @@ import java.util.Set;

@Data
@NoArgsConstructor
-@Accessors(chain = true)
-public class LoginUser implements UserDetails {
+public class LoginUser implements Serializable {

    private static final long serialVersionUID = 1L;

@ -33,11 +31,21 @@ public class LoginUser implements UserDetails {
     */
    private Long deptId;

+    /**
+     * 部门名
+     */
+    private String deptName;
+
    /**
     * 用户唯一标识
     */
    private String token;

+    /**
+     * 用户类型
+     */
+    private String userType;
+
    /**
     * 登录时间
     */
@ -69,9 +77,14 @@ public class LoginUser implements UserDetails {
    private String os;

    /**
-     * 权限列表
+     * 菜单权限
     */
-    private Set<String> permissions;
+    private Set<String> menuPermission;
+
+    /**
+     * 角色权限
+     */
+    private Set<String> rolePermission;

    /**
     * 用户名
@ -79,73 +92,20 @@ public class LoginUser implements UserDetails {
    private String username;

    /**
-     * 密码
+     * 角色对象
     */
-    private String password;
-
-    public LoginUser(String username, String password, Set<String> permissions) {
-        this.username = username;
-        this.password = password;
-        this.permissions = permissions;
-    }
-
-    public LoginUser(Long userId, Long deptId, String username, String password, Set<String> permissions) {
-        this.userId = userId;
-        this.deptId = deptId;
-        this.username = username;
-        this.password = password;
-        this.permissions = permissions;
-    }
-
-    @JsonIgnore
-    @Override
-    public String getPassword() {
-        return password;
-    }
-
-    @Override
-    public String getUsername() {
-        return username;
-    }
+    private List<RoleDTO> roles;

    /**
-     * 账户是否未过期,过期无法验证
+     * 数据权限 当前角色ID
     */
-    @JsonIgnore
-    @Override
-    public boolean isAccountNonExpired() {
-        return true;
-    }
+    private Long roleId;

    /**
-     * 指定用户是否解锁,锁定的用户无法进行身份验证
+     * 获取登录id
     */
-    @JsonIgnore
-    @Override
-    public boolean isAccountNonLocked() {
-        return true;
+    public String getLoginId() {
+        return userType + LoginHelper.JOIN_CODE + userId;
    }

-    /**
-     * 指示是否已过期的用户的凭据(密码),过期的凭据防止认证
-     */
-    @JsonIgnore
-    @Override
-    public boolean isCredentialsNonExpired() {
-        return true;
-    }
-
-    /**
-     * 是否可用 ,禁用的用户不能身份验证
-     */
-    @JsonIgnore
-    @Override
-    public boolean isEnabled() {
-        return true;
-    }
-
-    @Override
-    public Collection<? extends GrantedAuthority> getAuthorities() {
-        return null;
-    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/RegisterBody.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/RegisterBody.java
@ -1,13 +1,21 @@
-package com.ruoyi.common.core.domain.model;
-
-import io.swagger.annotations.ApiModel;
-
-/**
- * 用户注册对象
- *
- * @author Lion Li
- */
-@ApiModel("用户注册对象")
-public class RegisterBody extends LoginBody {
-
-}
+package com.ruoyi.common.core.domain.model;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+/**
+ * 用户注册对象
+ *
+ * @author Lion Li
+ */
+@Data
+@EqualsAndHashCode(callSuper = true)
+@ApiModel("用户注册对象")
+public class RegisterBody extends LoginBody {
+
+    @ApiModelProperty(value = "用户类型")
+    private String userType;
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/SmsLoginBody.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/SmsLoginBody.java
@ -0,0 +1,33 @@
+package com.ruoyi.common.core.domain.model;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+
+/**
+ * 短信登录对象
+ *
+ * @author Lion Li
+ */
+
+@Data
+@ApiModel("短信登录对象")
+public class SmsLoginBody {
+
+    /**
+     * 用户名
+     */
+    @NotBlank(message = "{user.phonenumber.not.blank}")
+    @ApiModelProperty(value = "用户手机号")
+    private String phonenumber;
+
+    /**
+     * 用户密码
+     */
+    @NotBlank(message = "{sms.code.not.blank}")
+    @ApiModelProperty(value = "短信验证码")
+    private String smsCode;
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/XcxLoginUser.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/XcxLoginUser.java
@ -0,0 +1,24 @@
+package com.ruoyi.common.core.domain.model;
+
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import lombok.NoArgsConstructor;
+
+/**
+ * 小程序登录用户身份权限
+ *
+ * @author Lion Li
+ */
+@Data
+@EqualsAndHashCode(callSuper = true)
+@NoArgsConstructor
+public class XcxLoginUser extends LoginUser {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * openid
+     */
+    private String openid;
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/mapper/BaseMapperPlus.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/mapper/BaseMapperPlus.java
@ -0,0 +1,229 @@
+package com.ruoyi.common.core.mapper;
+
+import cn.hutool.core.collection.CollUtil;
+import cn.hutool.core.util.ObjectUtil;
+import com.baomidou.mybatisplus.core.conditions.Wrapper;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.enums.SqlMethod;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.core.metadata.TableInfo;
+import com.baomidou.mybatisplus.core.metadata.TableInfoHelper;
+import com.baomidou.mybatisplus.core.toolkit.*;
+import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import com.baomidou.mybatisplus.extension.toolkit.SqlHelper;
+import com.ruoyi.common.utils.BeanCopyUtils;
+import org.apache.ibatis.binding.MapperMethod;
+import org.apache.ibatis.logging.Log;
+import org.apache.ibatis.logging.LogFactory;
+
+import java.io.Serializable;
+import java.util.Collection;
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+
+/**
+ * 自定义 Mapper 接口, 实现 自定义扩展
+ *
+ * @param <M> mapper 泛型
+ * @param <T> table 泛型
+ * @param <V> vo 泛型
+ * @author Lion Li
+ * @since 2021-05-13
+ */
+@SuppressWarnings("unchecked")
+public interface BaseMapperPlus<M, T, V> extends BaseMapper<T> {
+
+    Log log = LogFactory.getLog(BaseMapperPlus.class);
+
+    int DEFAULT_BATCH_SIZE = 1000;
+
+    default Class<V> currentVoClass() {
+        return (Class<V>) ReflectionKit.getSuperClassGenericType(this.getClass(), BaseMapperPlus.class, 2);
+    }
+
+    default Class<T> currentModelClass() {
+        return (Class<T>) ReflectionKit.getSuperClassGenericType(this.getClass(), BaseMapperPlus.class, 1);
+    }
+
+    default Class<M> currentMapperClass() {
+        return (Class<M>) ReflectionKit.getSuperClassGenericType(this.getClass(), BaseMapperPlus.class, 0);
+    }
+
+    default List<T> selectList() {
+        return this.selectList(new QueryWrapper<>());
+    }
+
+    /**
+     * 批量插入
+     */
+    default boolean insertBatch(Collection<T> entityList) {
+        return insertBatch(entityList, DEFAULT_BATCH_SIZE);
+    }
+
+    /**
+     * 批量更新
+     */
+    default boolean updateBatchById(Collection<T> entityList) {
+        return updateBatchById(entityList, DEFAULT_BATCH_SIZE);
+    }
+
+    /**
+     * 批量插入或更新
+     */
+    default boolean insertOrUpdateBatch(Collection<T> entityList) {
+        return insertOrUpdateBatch(entityList, DEFAULT_BATCH_SIZE);
+    }
+
+    /**
+     * 批量插入(包含限制条数)
+     */
+    default boolean insertBatch(Collection<T> entityList, int batchSize) {
+        String sqlStatement = SqlHelper.getSqlStatement(this.currentMapperClass(), SqlMethod.INSERT_ONE);
+        return SqlHelper.executeBatch(this.currentModelClass(), log, entityList, batchSize,
+            (sqlSession, entity) -> sqlSession.insert(sqlStatement, entity));
+    }
+
+    /**
+     * 批量更新(包含限制条数)
+     */
+    default boolean updateBatchById(Collection<T> entityList, int batchSize) {
+        String sqlStatement = SqlHelper.getSqlStatement(this.currentMapperClass(), SqlMethod.UPDATE_BY_ID);
+        return SqlHelper.executeBatch(this.currentModelClass(), log, entityList, batchSize,
+            (sqlSession, entity) -> {
+                MapperMethod.ParamMap<T> param = new MapperMethod.ParamMap<>();
+                param.put(Constants.ENTITY, entity);
+                sqlSession.update(sqlStatement, param);
+            });
+    }
+
+    /**
+     * 批量插入或更新(包含限制条数)
+     */
+    default boolean insertOrUpdateBatch(Collection<T> entityList, int batchSize) {
+        TableInfo tableInfo = TableInfoHelper.getTableInfo(this.currentModelClass());
+        Assert.notNull(tableInfo, "error: can not execute. because can not find cache of TableInfo for entity!");
+        String keyProperty = tableInfo.getKeyProperty();
+        Assert.notEmpty(keyProperty, "error: can not execute. because can not find column for id from entity!");
+        return SqlHelper.saveOrUpdateBatch(this.currentModelClass(), this.currentMapperClass(), log, entityList, batchSize, (sqlSession, entity) -> {
+            Object idVal = tableInfo.getPropertyValue(entity, keyProperty);
+            String sqlStatement = SqlHelper.getSqlStatement(this.currentMapperClass(), SqlMethod.SELECT_BY_ID);
+            return StringUtils.checkValNull(idVal)
+                || CollectionUtils.isEmpty(sqlSession.selectList(sqlStatement, entity));
+        }, (sqlSession, entity) -> {
+            MapperMethod.ParamMap<T> param = new MapperMethod.ParamMap<>();
+            param.put(Constants.ENTITY, entity);
+            String sqlStatement = SqlHelper.getSqlStatement(this.currentMapperClass(), SqlMethod.UPDATE_BY_ID);
+            sqlSession.update(sqlStatement, param);
+        });
+    }
+
+    /**
+     * 插入或更新(包含限制条数)
+     */
+    default boolean insertOrUpdate(T entity) {
+        if (null != entity) {
+            TableInfo tableInfo = TableInfoHelper.getTableInfo(this.currentModelClass());
+            Assert.notNull(tableInfo, "error: can not execute. because can not find cache of TableInfo for entity!");
+            String keyProperty = tableInfo.getKeyProperty();
+            Assert.notEmpty(keyProperty, "error: can not execute. because can not find column for id from entity!");
+            Object idVal = tableInfo.getPropertyValue(entity, tableInfo.getKeyProperty());
+            return StringUtils.checkValNull(idVal) || Objects.isNull(selectById((Serializable) idVal)) ? insert(entity) > 0 : updateById(entity) > 0;
+        }
+        return false;
+    }
+
+    default V selectVoById(Serializable id) {
+        return selectVoById(id, this.currentVoClass());
+    }
+
+    /**
+     * 根据 ID 查询
+     */
+    default <C> C selectVoById(Serializable id, Class<C> voClass) {
+        T obj = this.selectById(id);
+        if (ObjectUtil.isNull(obj)) {
+            return null;
+        }
+        return BeanCopyUtils.copy(obj, voClass);
+    }
+
+    default List<V> selectVoById(Collection<? extends Serializable> idList) {
+        return selectVoBatchIds(idList, this.currentVoClass());
+    }
+
+    /**
+     * 查询（根据ID 批量查询）
+     */
+    default <C> List<C> selectVoBatchIds(Collection<? extends Serializable> idList, Class<C> voClass) {
+        List<T> list = this.selectBatchIds(idList);
+        if (CollUtil.isEmpty(list)) {
+            return CollUtil.newArrayList();
+        }
+        return BeanCopyUtils.copyList(list, voClass);
+    }
+
+    default List<V> selectVoByMap(Map<String, Object> map) {
+        return selectVoByMap(map, this.currentVoClass());
+    }
+
+    /**
+     * 查询（根据 columnMap 条件）
+     */
+    default <C> List<C> selectVoByMap(Map<String, Object> map, Class<C> voClass) {
+        List<T> list = this.selectByMap(map);
+        if (CollUtil.isEmpty(list)) {
+            return CollUtil.newArrayList();
+        }
+        return BeanCopyUtils.copyList(list, voClass);
+    }
+
+    default V selectVoOne(Wrapper<T> wrapper) {
+        return selectVoOne(wrapper, this.currentVoClass());
+    }
+
+    /**
+     * 根据 entity 条件，查询一条记录
+     */
+    default <C> C selectVoOne(Wrapper<T> wrapper, Class<C> voClass) {
+        T obj = this.selectOne(wrapper);
+        if (ObjectUtil.isNull(obj)) {
+            return null;
+        }
+        return BeanCopyUtils.copy(obj, voClass);
+    }
+
+    default List<V> selectVoList(Wrapper<T> wrapper) {
+        return selectVoList(wrapper, this.currentVoClass());
+    }
+
+    /**
+     * 根据 entity 条件，查询全部记录
+     */
+    default <C> List<C> selectVoList(Wrapper<T> wrapper, Class<C> voClass) {
+        List<T> list = this.selectList(wrapper);
+        if (CollUtil.isEmpty(list)) {
+            return CollUtil.newArrayList();
+        }
+        return BeanCopyUtils.copyList(list, voClass);
+    }
+
+    default <P extends IPage<V>> P selectVoPage(IPage<T> page, Wrapper<T> wrapper) {
+        return selectVoPage(page, wrapper, this.currentVoClass());
+    }
+
+    /**
+     * 分页查询VO
+     */
+    default <C, P extends IPage<C>> P selectVoPage(IPage<T> page, Wrapper<T> wrapper, Class<C> voClass) {
+        IPage<T> pageData = this.selectPage(page, wrapper);
+        IPage<C> voPage = new Page<>(pageData.getCurrent(), pageData.getSize(), pageData.getTotal());
+        if (CollUtil.isEmpty(pageData.getRecords())) {
+            return (P) voPage;
+        }
+        voPage.setRecords(BeanCopyUtils.copyList(pageData.getRecords(), voClass));
+        return (P) voPage;
+    }
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/mybatisplus/core/BaseMapperPlus.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/mybatisplus/core/BaseMapperPlus.java
@ -1,21 +0,0 @@
-package com.ruoyi.common.core.mybatisplus.core;
-
-import com.baomidou.mybatisplus.core.mapper.BaseMapper;
-import org.apache.ibatis.annotations.Param;
-
-import java.util.Collection;
-
-/**
- * 自定义 Mapper 接口, 实现 自定义扩展
- *
- * @author Lion Li
- * @since 2021-05-13
- */
-public interface BaseMapperPlus<T> extends BaseMapper<T> {
-
-	/**
-	 * 单sql批量插入( 全量填充 )
-	 */
-	int insertAll(@Param("list") Collection<T> batchList);
-
-}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/mybatisplus/core/IServicePlus.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/mybatisplus/core/IServicePlus.java
@ -1,175 +0,0 @@
-package com.ruoyi.common.core.mybatisplus.core;
-
-import cn.hutool.core.bean.copier.CopyOptions;
-import com.baomidou.mybatisplus.core.conditions.Wrapper;
-import com.baomidou.mybatisplus.core.toolkit.Wrappers;
-import com.baomidou.mybatisplus.extension.service.IService;
-import com.ruoyi.common.core.page.PagePlus;
-
-import java.io.Serializable;
-import java.util.Collection;
-import java.util.List;
-import java.util.Map;
-import java.util.function.Function;
-
-/**
- * 自定义 Service 接口, 实现 数据库实体与 vo 对象转换返回
- *
- * @param <T> 数据实体类
- * @param <V> vo类
- * @author Lion Li
- */
-public interface IServicePlus<T, V> extends IService<T> {
-
-	/**
-	 * @param id          主键id
-	 * @param copyOptions copy条件
-	 * @return V对象
-	 */
-	V getVoById(Serializable id, CopyOptions copyOptions);
-
-	default V getVoById(Serializable id) {
-		return getVoById(id, new CopyOptions());
-	}
-
-	/**
-	 * @param convertor 自定义转换器
-	 */
-	default V getVoById(Serializable id, Function<T, V> convertor) {
-		return convertor.apply(getById(id));
-	}
-
-	/**
-	 * @param idList      id列表
-	 * @param copyOptions copy条件
-	 * @return V对象
-	 */
-	List<V> listVoByIds(Collection<? extends Serializable> idList, CopyOptions copyOptions);
-
-	default List<V> listVoByIds(Collection<? extends Serializable> idList) {
-		return listVoByIds(idList, new CopyOptions());
-	}
-
-	/**
-	 * @param convertor 自定义转换器
-	 */
-	default List<V> listVoByIds(Collection<? extends Serializable> idList,
-								Function<Collection<T>, List<V>> convertor) {
-		List<T> list = getBaseMapper().selectBatchIds(idList);
-		if (list == null) {
-			return null;
-		}
-		return convertor.apply(list);
-	}
-
-	/**
-	 * @param columnMap   表字段 map 对象
-	 * @param copyOptions copy条件
-	 * @return V对象
-	 */
-	List<V> listVoByMap(Map<String, Object> columnMap, CopyOptions copyOptions);
-
-	default List<V> listVoByMap(Map<String, Object> columnMap) {
-		return listVoByMap(columnMap, new CopyOptions());
-	}
-
-	/**
-	 * @param convertor 自定义转换器
-	 */
-	default List<V> listVoByMap(Map<String, Object> columnMap,
-								Function<Collection<T>, List<V>> convertor) {
-		List<T> list = getBaseMapper().selectByMap(columnMap);
-		if (list == null) {
-			return null;
-		}
-		return convertor.apply(list);
-	}
-
-	/**
-	 * @param queryWrapper 查询条件
-	 * @param copyOptions  copy条件
-	 * @return V对象
-	 */
-	V getVoOne(Wrapper<T> queryWrapper, CopyOptions copyOptions);
-
-	default V getVoOne(Wrapper<T> queryWrapper) {
-		return getVoOne(queryWrapper, new CopyOptions());
-	}
-
-	/**
-	 * @param convertor 自定义转换器
-	 */
-	default V getVoOne(Wrapper<T> queryWrapper, Function<T, V> convertor) {
-		return convertor.apply(getOne(queryWrapper, true));
-	}
-
-	/**
-	 * @param queryWrapper 查询条件
-	 * @param copyOptions  copy条件
-	 * @return V对象
-	 */
-	List<V> listVo(Wrapper<T> queryWrapper, CopyOptions copyOptions);
-
-	default List<V> listVo(Wrapper<T> queryWrapper) {
-		return listVo(queryWrapper, new CopyOptions());
-	}
-
-	/**
-	 * @param convertor 自定义转换器
-	 */
-	default List<V> listVo(Wrapper<T> queryWrapper, Function<Collection<T>, List<V>> convertor) {
-		List<T> list = getBaseMapper().selectList(queryWrapper);
-		if (list == null) {
-			return null;
-		}
-		return convertor.apply(list);
-	}
-
-	default List<V> listVo() {
-		return listVo(Wrappers.emptyWrapper());
-	}
-
-	/**
-	 * @param convertor 自定义转换器
-	 */
-	default List<V> listVo(Function<Collection<T>, List<V>> convertor) {
-		return listVo(Wrappers.emptyWrapper(), convertor);
-	}
-
-	/**
-	 * @param page         分页对象
-	 * @param queryWrapper 查询条件
-	 * @param copyOptions  copy条件
-	 * @return V对象
-	 */
-	PagePlus<T, V> pageVo(PagePlus<T, V> page, Wrapper<T> queryWrapper, CopyOptions copyOptions);
-
-	default PagePlus<T, V> pageVo(PagePlus<T, V> page, Wrapper<T> queryWrapper) {
-		return pageVo(page, queryWrapper, new CopyOptions());
-	}
-
-	/**
-	 * @param convertor 自定义转换器
-	 */
-	default PagePlus<T, V> pageVo(PagePlus<T, V> page, Wrapper<T> queryWrapper,
-								  Function<Collection<T>, List<V>> convertor) {
-		PagePlus<T, V> result = getBaseMapper().selectPage(page, queryWrapper);
-		return result.setRecordsVo(convertor.apply(result.getRecords()));
-	}
-
-	default PagePlus<T, V> pageVo(PagePlus<T, V> page) {
-		return pageVo(page, Wrappers.emptyWrapper());
-	}
-
-	/**
-	 * @param convertor 自定义转换器
-	 */
-	default PagePlus<T, V> pageVo(PagePlus<T, V> page, Function<Collection<T>, List<V>> convertor) {
-		return pageVo(page, Wrappers.emptyWrapper(), convertor);
-	}
-
-	boolean saveAll(Collection<T> entityList);
-
-	boolean saveOrUpdateAll(Collection<T> entityList);
-}
-
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/mybatisplus/core/ServicePlusImpl.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/mybatisplus/core/ServicePlusImpl.java
@ -1,241 +0,0 @@
-package com.ruoyi.common.core.mybatisplus.core;
-
-import cn.hutool.core.bean.copier.CopyOptions;
-import cn.hutool.core.collection.CollUtil;
-import cn.hutool.core.util.ObjectUtil;
-import com.baomidou.mybatisplus.core.conditions.Wrapper;
-import com.baomidou.mybatisplus.core.metadata.TableInfo;
-import com.baomidou.mybatisplus.core.metadata.TableInfoHelper;
-import com.baomidou.mybatisplus.core.toolkit.Assert;
-import com.baomidou.mybatisplus.core.toolkit.ReflectionKit;
-import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
-import com.ruoyi.common.core.page.PagePlus;
-import com.ruoyi.common.utils.BeanCopyUtils;
-import com.ruoyi.common.utils.reflect.ReflectUtils;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Autowired;
-
-import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-import java.util.Map;
-
-/**
- * IServicePlus 实现类
- *
- * @param <M> Mapper类
- * @param <T> 数据实体类
- * @param <V> vo类
- * @author Lion Li
- */
-@Slf4j
-@SuppressWarnings("unchecked")
-public class ServicePlusImpl<M extends BaseMapperPlus<T>, T, V> extends ServiceImpl<M, T> implements IServicePlus<T, V> {
-
-	@Autowired
-	protected M baseMapper;
-
-	@Override
-	public M getBaseMapper() {
-		return baseMapper;
-	}
-
-
-	protected Class<T> entityClass = currentModelClass();
-
-	@Override
-	public Class<T> getEntityClass() {
-		return entityClass;
-	}
-
-	protected Class<M> mapperClass = currentMapperClass();
-
-	protected Class<V> voClass = currentVoClass();
-
-	public Class<V> getVoClass() {
-		return voClass;
-	}
-
-	@Override
-	protected Class<M> currentMapperClass() {
-		return (Class<M>) ReflectionKit.getSuperClassGenericType(this.getClass(), ServicePlusImpl.class, 0);
-	}
-
-	@Override
-	protected Class<T> currentModelClass() {
-		return (Class<T>) ReflectionKit.getSuperClassGenericType(this.getClass(), ServicePlusImpl.class, 1);
-	}
-
-	protected Class<V> currentVoClass() {
-		return (Class<V>) ReflectionKit.getSuperClassGenericType(this.getClass(), ServicePlusImpl.class, 2);
-	}
-
-	/**
-	 * 单条执行性能差 适用于列表对象内容不确定
-	 */
-	@Override
-	public boolean saveBatch(Collection<T> entityList, int batchSize) {
-		return super.saveBatch(entityList, batchSize);
-	}
-
-	@Override
-	public boolean saveOrUpdate(T entity) {
-		return super.saveOrUpdate(entity);
-	}
-
-	/**
-	 * 单条执行性能差 适用于列表对象内容不确定
-	 */
-	@Override
-	public boolean saveOrUpdateBatch(Collection<T> entityList, int batchSize) {
-		return super.saveOrUpdateBatch(entityList, batchSize);
-	}
-
-	@Override
-	public boolean updateBatchById(Collection<T> entityList, int batchSize) {
-		return super.updateBatchById(entityList, batchSize);
-	}
-
-	/**
-	 * 单sql批量插入( 全量填充 无视数据库默认值 )
-	 * 适用于无脑插入
-	 */
-	@Override
-	public boolean saveBatch(Collection<T> entityList) {
-		return saveBatch(entityList, DEFAULT_BATCH_SIZE);
-	}
-
-	@Override
-	public boolean saveOrUpdateBatch(Collection<T> entityList) {
-		return saveOrUpdateBatch(entityList, DEFAULT_BATCH_SIZE);
-	}
-
-	@Override
-	public boolean updateBatchById(Collection<T> entityList) {
-		return updateBatchById(entityList, DEFAULT_BATCH_SIZE);
-	}
-
-	/**
-	 * 单sql批量插入( 全量填充 )
-	 */
-	@Override
-	public boolean saveAll(Collection<T> entityList) {
-		if (CollUtil.isEmpty(entityList)) {
-			return false;
-		}
-		return baseMapper.insertAll(entityList) == entityList.size();
-	}
-
-	/**
-	 * 全量保存或更新 ( 按主键区分 )
-	 */
-	@Override
-	public boolean saveOrUpdateAll(Collection<T> entityList) {
-		if (CollUtil.isEmpty(entityList)) {
-			return false;
-		}
-		TableInfo tableInfo = TableInfoHelper.getTableInfo(entityClass);
-		Assert.notNull(tableInfo, "error: can not execute. because can not find cache of TableInfo for entity!");
-		String keyProperty = tableInfo.getKeyProperty();
-		Assert.notEmpty(keyProperty, "error: can not execute. because can not find column for id from entity!");
-		List<T> addList = new ArrayList<>();
-		List<T> updateList = new ArrayList<>();
-		int row = 0;
-		for (T entity : entityList) {
-			Object id = ReflectUtils.invokeGetter(entity, keyProperty);
-			if (ObjectUtil.isNull(id)) {
-				addList.add(entity);
-			} else {
-				updateList.add(entity);
-			}
-		}
-		if (CollUtil.isNotEmpty(updateList) && updateBatchById(updateList)) {
-			row += updateList.size();
-		}
-        if (CollUtil.isNotEmpty(addList)) {
-            row += baseMapper.insertAll(addList);
-        }
-		return row == entityList.size();
-	}
-
-	/**
-	 * 根据 ID 查询
-	 *
-	 * @param id 主键ID
-	 */
-	@Override
-	public V getVoById(Serializable id, CopyOptions copyOptions) {
-		T t = getBaseMapper().selectById(id);
-		return BeanCopyUtils.oneCopy(t, copyOptions, voClass);
-	}
-
-	/**
-	 * 查询（根据ID 批量查询）
-	 *
-	 * @param idList 主键ID列表
-	 */
-	@Override
-	public List<V> listVoByIds(Collection<? extends Serializable> idList, CopyOptions copyOptions) {
-		List<T> list = getBaseMapper().selectBatchIds(idList);
-		if (list == null) {
-			return null;
-		}
-		return BeanCopyUtils.listCopy(list, copyOptions, voClass);
-	}
-
-	/**
-	 * 查询（根据 columnMap 条件）
-	 *
-	 * @param columnMap 表字段 map 对象
-	 */
-	@Override
-	public List<V> listVoByMap(Map<String, Object> columnMap, CopyOptions copyOptions) {
-		List<T> list = getBaseMapper().selectByMap(columnMap);
-		if (list == null) {
-			return null;
-		}
-		return BeanCopyUtils.listCopy(list, copyOptions, voClass);
-	}
-
-	/**
-	 * 根据 Wrapper，查询一条记录 <br/>
-	 * <p>结果集，如果是多个会抛出异常，随机取一条加上限制条件 wrapper.last("LIMIT 1")</p>
-	 *
-	 * @param queryWrapper 实体对象封装操作类 {@link com.baomidou.mybatisplus.core.conditions.query.QueryWrapper}
-	 */
-	@Override
-	public V getVoOne(Wrapper<T> queryWrapper, CopyOptions copyOptions) {
-		T t = getOne(queryWrapper, true);
-		return BeanCopyUtils.oneCopy(t, copyOptions, voClass);
-	}
-
-	/**
-	 * 查询列表
-	 *
-	 * @param queryWrapper 实体对象封装操作类 {@link com.baomidou.mybatisplus.core.conditions.query.QueryWrapper}
-	 */
-	@Override
-	public List<V> listVo(Wrapper<T> queryWrapper, CopyOptions copyOptions) {
-		List<T> list = getBaseMapper().selectList(queryWrapper);
-		if (list == null) {
-			return null;
-		}
-		return BeanCopyUtils.listCopy(list, copyOptions, voClass);
-	}
-
-	/**
-	 * 翻页查询
-	 *
-	 * @param page         翻页对象
-	 * @param queryWrapper 实体对象封装操作类
-	 */
-	@Override
-	public PagePlus<T, V> pageVo(PagePlus<T, V> page, Wrapper<T> queryWrapper, CopyOptions copyOptions) {
-		PagePlus<T, V> result = getBaseMapper().selectPage(page, queryWrapper);
-		List<V> volist = BeanCopyUtils.listCopy(result.getRecords(), copyOptions, voClass);
-		result.setRecordsVo(volist);
-		return result;
-	}
-
-}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/mybatisplus/methods/InsertAll.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/mybatisplus/methods/InsertAll.java
@ -1,101 +0,0 @@
-package com.ruoyi.common.core.mybatisplus.methods;
-
-import com.baomidou.mybatisplus.annotation.IdType;
-import com.baomidou.mybatisplus.core.injector.AbstractMethod;
-import com.baomidou.mybatisplus.core.metadata.TableFieldInfo;
-import com.baomidou.mybatisplus.core.metadata.TableInfo;
-import com.baomidou.mybatisplus.core.metadata.TableInfoHelper;
-import com.ruoyi.common.utils.StringUtils;
-import org.apache.ibatis.executor.keygen.Jdbc3KeyGenerator;
-import org.apache.ibatis.executor.keygen.KeyGenerator;
-import org.apache.ibatis.executor.keygen.NoKeyGenerator;
-import org.apache.ibatis.mapping.MappedStatement;
-import org.apache.ibatis.mapping.SqlSource;
-
-import java.util.List;
-
-/**
- * 单sql批量插入( 全量填充 )
- *
- * @author Lion Li
- */
-public class InsertAll extends AbstractMethod {
-
-	private final static String[] FILL_PROPERTY = {"createTime", "createBy", "updateTime", "updateBy"};
-
-	@Override
-	public MappedStatement injectMappedStatement(Class<?> mapperClass, Class<?> modelClass, TableInfo tableInfo) {
-		final String sql = "<script>insert into %s %s values %s</script>";
-		final String fieldSql = prepareFieldSql(tableInfo);
-		final String valueSql = prepareValuesSqlForMysqlBatch(tableInfo);
-		KeyGenerator keyGenerator = new NoKeyGenerator();
-		String sqlMethod = "insertAll";
-		String keyProperty = null;
-		String keyColumn = null;
-		// 表包含主键处理逻辑,如果不包含主键当普通字段处理
-		if (StringUtils.isNotBlank(tableInfo.getKeyProperty())) {
-			if (tableInfo.getIdType() == IdType.AUTO) {
-				/** 自增主键 */
-				keyGenerator = new Jdbc3KeyGenerator();
-				keyProperty = tableInfo.getKeyProperty();
-				keyColumn = tableInfo.getKeyColumn();
-			} else {
-				if (null != tableInfo.getKeySequence()) {
-					keyGenerator = TableInfoHelper.genKeyGenerator(sqlMethod, tableInfo, builderAssistant);
-					keyProperty = tableInfo.getKeyProperty();
-					keyColumn = tableInfo.getKeyColumn();
-				}
-			}
-		}
-		final String sqlResult = String.format(sql, tableInfo.getTableName(), fieldSql, valueSql);
-		SqlSource sqlSource = languageDriver.createSqlSource(configuration, sqlResult, modelClass);
-		return this.addInsertMappedStatement(mapperClass, modelClass, sqlMethod, sqlSource, keyGenerator, keyProperty, keyColumn);
-	}
-
-	private String prepareFieldSql(TableInfo tableInfo) {
-		StringBuilder fieldSql = new StringBuilder();
-		if (StringUtils.isNotBlank(tableInfo.getKeyColumn())) {
-			fieldSql.append(tableInfo.getKeyColumn()).append(",");
-		}
-		tableInfo.getFieldList().forEach(x -> fieldSql.append(x.getColumn()).append(","));
-		fieldSql.delete(fieldSql.length() - 1, fieldSql.length());
-		fieldSql.insert(0, "(");
-		fieldSql.append(")");
-		return fieldSql.toString();
-	}
-
-	private String prepareValuesSqlForMysqlBatch(TableInfo tableInfo) {
-		final StringBuilder valueSql = new StringBuilder();
-		valueSql.append("<foreach collection=\"list\" item=\"item\" index=\"index\" open=\"(\" separator=\"),(\" close=\")\">");
-		if (StringUtils.isNotBlank(tableInfo.getKeyColumn())) {
-			valueSql.append("\n#{item.").append(tableInfo.getKeyProperty()).append("},\n");
-		}
-		List<TableFieldInfo> fieldList = tableInfo.getFieldList();
-		int last = fieldList.size() - 1;
-		for (int i = 0; i < fieldList.size(); i++) {
-			String property = fieldList.get(i).getProperty();
-			if (!StringUtils.equalsAny(property, FILL_PROPERTY)) {
-				valueSql.append("<if test=\"item.").append(property).append(" != null\">");
-				valueSql.append("#{item.").append(property).append("}");
-				if (i != last) {
-					valueSql.append(",");
-				}
-				valueSql.append("</if>");
-				valueSql.append("<if test=\"item.").append(property).append(" == null\">");
-				valueSql.append("DEFAULT");
-				if (i != last) {
-					valueSql.append(",");
-				}
-				valueSql.append("</if>");
-			} else {
-				valueSql.append("#{item.").append(property).append("}");
-				if (i != last) {
-					valueSql.append(",");
-				}
-			}
-		}
-		valueSql.append("</foreach>");
-		return valueSql.toString();
-	}
-}
-
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/page/PagePlus.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/page/PagePlus.java
@ -1,156 +0,0 @@
-package com.ruoyi.common.core.page;
-
-import com.baomidou.mybatisplus.core.metadata.IPage;
-import com.baomidou.mybatisplus.core.metadata.OrderItem;
-import lombok.Data;
-import lombok.experimental.Accessors;
-
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
-
-/**
- * 分页 Page 增强对象
- *
- * @param <T> 数据库实体
- * @param <K> vo实体
- * @author Lion Li
- */
-@Data
-@Accessors(chain = true)
-public class PagePlus<T,K> implements IPage<T> {
-
-    /**
-     * domain实体列表
-     */
-    private List<T> records = Collections.emptyList();
-
-    /**
-     * vo实体列表
-     */
-    private List<K> recordsVo = Collections.emptyList();
-
-    /**
-     * 总数
-     */
-    private long total = 0L;
-
-    /**
-     * 页长度
-     */
-    private long size = 10L;
-
-    /**
-     * 当前页
-     */
-    private long current = 1L;
-
-    /**
-     * 排序字段信息
-     */
-    private List<OrderItem> orders = new ArrayList<>();
-
-    /**
-     * 自动优化 COUNT SQL
-     */
-    private boolean optimizeCountSql = true;
-
-    /**
-     * 是否进行 count 查询
-     */
-    private boolean isSearchCount = true;
-
-    /**
-     * 是否命中count缓存
-     */
-    private boolean hitCount = false;
-
-    /**
-     * countId
-     */
-    private String countId;
-
-    /**
-     * 最大limit
-     */
-    private Long maxLimit;
-
-    public PagePlus() {
-    }
-
-    public PagePlus(long current, long size) {
-        this(current, size, 0L);
-    }
-
-    public PagePlus(long current, long size, long total) {
-        this(current, size, total, true);
-    }
-
-    public PagePlus(long current, long size, boolean isSearchCount) {
-        this(current, size, 0L, isSearchCount);
-    }
-
-    public PagePlus(long current, long size, long total, boolean isSearchCount) {
-        if (current > 1L) {
-            this.current = current;
-        }
-        this.size = size;
-        this.total = total;
-        this.isSearchCount = isSearchCount;
-    }
-
-    @Override
-    public String countId() {
-        return this.getCountId();
-    }
-
-    @Override
-    public Long maxLimit() {
-        return this.getMaxLimit();
-    }
-
-    public PagePlus<T, K> addOrder(OrderItem... items) {
-        this.orders.addAll(Arrays.asList(items));
-        return this;
-    }
-
-    public PagePlus<T, K> addOrder(List<OrderItem> items) {
-        this.orders.addAll(items);
-        return this;
-    }
-
-    @Override
-    public List<OrderItem> orders() {
-        return this.getOrders();
-    }
-
-    @Override
-    public boolean optimizeCountSql() {
-        return this.optimizeCountSql;
-    }
-
-	@Override
-	public long getPages() {
-		// 解决 github issues/3208
-		return IPage.super.getPages();
-	}
-
-	public static <T,K> PagePlus<T,K> of(long current, long size) {
-		return of(current, size, 0);
-	}
-
-	public static <T,K> PagePlus<T,K> of(long current, long size, long total) {
-		return of(current, size, total, true);
-	}
-
-	public static <T,K> PagePlus<T,K> of(long current, long size, boolean searchCount) {
-		return of(current, size, 0, searchCount);
-	}
-
-	public static <T,K> PagePlus<T,K> of(long current, long size, long total, boolean searchCount) {
-		return new PagePlus<>(current, size, total, searchCount);
-	}
-
-}
-
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/page/TableDataInfo.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/page/TableDataInfo.java
@ -1,5 +1,7 @@
 package com.ruoyi.common.core.page;

+import cn.hutool.http.HttpStatus;
+import com.baomidou.mybatisplus.core.metadata.IPage;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
@ -17,44 +19,68 @@ import java.util.List;

@Data
@NoArgsConstructor
-@Accessors(chain = true)
@ApiModel("分页响应对象")
 public class TableDataInfo<T> implements Serializable {
-	private static final long serialVersionUID = 1L;
+    private static final long serialVersionUID = 1L;

-	/**
-	 * 总记录数
-	 */
-	@ApiModelProperty("总记录数")
-	private long total;
+    /**
+     * 总记录数
+     */
+    @ApiModelProperty("总记录数")
+    private long total;

-	/**
-	 * 列表数据
-	 */
-	@ApiModelProperty("列表数据")
-	private List<T> rows;
+    /**
+     * 列表数据
+     */
+    @ApiModelProperty("列表数据")
+    private List<T> rows;

-	/**
-	 * 消息状态码
-	 */
-	@ApiModelProperty("消息状态码")
-	private int code;
+    /**
+     * 消息状态码
+     */
+    @ApiModelProperty("消息状态码")
+    private int code;

-	/**
-	 * 消息内容
-	 */
-	@ApiModelProperty("消息内容")
-	private String msg;
+    /**
+     * 消息内容
+     */
+    @ApiModelProperty("消息内容")
+    private String msg;

-	/**
-	 * 分页
-	 *
-	 * @param list  列表数据
-	 * @param total 总记录数
-	 */
-	public TableDataInfo(List<T> list, long total) {
-		this.rows = list;
-		this.total = total;
-	}
+    /**
+     * 分页
+     *
+     * @param list  列表数据
+     * @param total 总记录数
+     */
+    public TableDataInfo(List<T> list, long total) {
+        this.rows = list;
+        this.total = total;
+    }
+
+    public static <T> TableDataInfo<T> build(IPage<T> page) {
+        TableDataInfo<T> rspData = new TableDataInfo<>();
+        rspData.setCode(HttpStatus.HTTP_OK);
+        rspData.setMsg("查询成功");
+        rspData.setRows(page.getRecords());
+        rspData.setTotal(page.getTotal());
+        return rspData;
+    }
+
+    public static <T> TableDataInfo<T> build(List<T> list) {
+        TableDataInfo<T> rspData = new TableDataInfo<>();
+        rspData.setCode(HttpStatus.HTTP_OK);
+        rspData.setMsg("查询成功");
+        rspData.setRows(list);
+        rspData.setTotal(list.size());
+        return rspData;
+    }
+
+    public static <T> TableDataInfo<T> build() {
+        TableDataInfo<T> rspData = new TableDataInfo<>();
+        rspData.setCode(HttpStatus.HTTP_OK);
+        rspData.setMsg("查询成功");
+        return rspData;
+    }

 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/service/SensitiveService.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/service/SensitiveService.java
@ -0,0 +1,18 @@
+package com.ruoyi.common.core.service;
+
+/**
+ * 脱敏服务
+ * 默认管理员不过滤
+ * 需自行根据业务重写实现
+ *
+ * @author Lion Li
+ * @version 3.6.0
+ */
+public interface SensitiveService {
+
+    /**
+     * 是否脱敏
+     */
+    boolean isSensitive();
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/service/TokenService.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/service/TokenService.java
@ -1,69 +0,0 @@
-package com.ruoyi.common.core.service;
-
-import com.ruoyi.common.core.domain.model.LoginUser;
-
-import javax.servlet.http.HttpServletRequest;
-
-/**
- * token验证处理
- *
- * @author Lion Li
- */
-public interface TokenService {
-
-    /**
-     * 获取用户身份信息
-     *
-     * @return 用户信息
-     */
-     LoginUser getLoginUser(HttpServletRequest request);
-
-    /**
-     * 设置用户身份信息
-     */
-    void setLoginUser(LoginUser loginUser);
-
-    /**
-     * 删除用户身份信息
-     */
-    void delLoginUser(String token);
-
-    /**
-     * 创建令牌
-     *
-     * @param loginUser 用户信息
-     * @return 令牌
-     */
-    String createToken(LoginUser loginUser);
-
-    /**
-     * 验证令牌有效期，相差不足20分钟，自动刷新缓存
-     *
-     * @param loginUser
-     * @return 令牌
-     */
-    void verifyToken(LoginUser loginUser);
-
-    /**
-     * 刷新令牌有效期
-     *
-     * @param loginUser 登录信息
-     */
-    void refreshToken(LoginUser loginUser);
-
-    /**
-     * 设置用户代理信息
-     *
-     * @param loginUser 登录信息
-     */
-    void setUserAgent(LoginUser loginUser);
-
-    /**
-     * 从令牌中获取用户名
-     *
-     * @param token 令牌
-     * @return 用户名
-     */
-    String getUsernameFromToken(String token);
-
-}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/service/UserService.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/service/UserService.java
@ -1,28 +0,0 @@
-package com.ruoyi.common.core.service;
-
-import com.ruoyi.common.core.domain.entity.SysUser;
-
-/**
- * 通用 用户业务
- *
- * @author Lion Li
- */
-public interface UserService {
-
-    /**
-     * 通过用户名查询用户
-     *
-     * @param userName 用户名
-     * @return 用户对象信息
-     */
-    SysUser selectUserByUserName(String userName);
-
-    /**
-     * 通过用户ID查询用户
-     *
-     * @param userId 用户ID
-     * @return 用户对象信息
-     */
-    SysUser selectUserById(Long userId);
-
-}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/enums/DataBaseType.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/enums/DataBaseType.java
@ -0,0 +1,49 @@
+package com.ruoyi.common.enums;
+
+import com.ruoyi.common.utils.StringUtils;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+/**
+ * 数据库类型
+ *
+ * @author Lion Li
+ */
+@Getter
+@AllArgsConstructor
+public enum DataBaseType {
+
+    /**
+     * MySQL
+     */
+    MY_SQL("MySQL"),
+
+    /**
+     * Oracle
+     */
+    ORACLE("Oracle"),
+
+    /**
+     * PostgreSQL
+     */
+    POSTGRE_SQL("PostgreSQL"),
+
+    /**
+     * SQL Server
+     */
+    SQL_SERVER("Microsoft SQL Server");
+
+    private final String type;
+
+    public static DataBaseType find(String databaseProductName) {
+        if (StringUtils.isBlank(databaseProductName)) {
+            return null;
+        }
+        for (DataBaseType type : values()) {
+            if (type.getType().equals(databaseProductName)) {
+                return type;
+            }
+        }
+        return null;
+    }
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/enums/DataScopeType.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/enums/DataScopeType.java
@ -0,0 +1,72 @@
+package com.ruoyi.common.enums;
+
+import com.ruoyi.common.utils.StringUtils;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+/**
+ * 数据权限类型
+ * <p>
+ * 语法支持 spel 模板表达式
+ * <p>
+ * 内置数据 user 当前用户 内容参考 LoginUser
+ * 如需扩展数据 可使用 {@link com.ruoyi.common.helper.DataPermissionHelper} 操作
+ * 内置服务 sdss 系统数据权限服务 内容参考 SysDataScopeService
+ * 如需扩展更多自定义服务 可以参考 sdss 自行编写
+ *
+ * @author Lion Li
+ * @version 3.5.0
+ */
+@Getter
+@AllArgsConstructor
+public enum DataScopeType {
+
+    /**
+     * 全部数据权限
+     */
+    ALL("1", "", ""),
+
+    /**
+     * 自定数据权限
+     */
+    CUSTOM("2", " #{#deptName} IN ( #{@sdss.getRoleCustom( #user.roleId )} ) ", ""),
+
+    /**
+     * 部门数据权限
+     */
+    DEPT("3", " #{#deptName} = #{#user.deptId} ", ""),
+
+    /**
+     * 部门及以下数据权限
+     */
+    DEPT_AND_CHILD("4", " #{#deptName} IN ( #{@sdss.getDeptAndChild( #user.deptId )} )", ""),
+
+    /**
+     * 仅本人数据权限
+     */
+    SELF("5", " #{#userName} = #{#user.userId} ", " 1 = 0 ");
+
+    private final String code;
+
+    /**
+     * 语法 采用 spel 模板表达式
+     */
+    private final String sqlTemplate;
+
+    /**
+     * 不满足 sqlTemplate 则填充
+     */
+    private final String elseSql;
+
+    public static DataScopeType findCode(String code) {
+        if (StringUtils.isBlank(code)) {
+            return null;
+        }
+        for (DataScopeType type : values()) {
+            if (type.getCode().equals(code)) {
+                return type;
+            }
+        }
+        return null;
+    }
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/enums/DataSourceType.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/enums/DataSourceType.java
@ -1,25 +0,0 @@
-package com.ruoyi.common.enums;
-
-import lombok.AllArgsConstructor;
-import lombok.Getter;
-
-/**
- * 数据源
- *
- * @author Lion Li
- */
-@AllArgsConstructor
-public enum DataSourceType {
-    /**
-     * 主库
-     */
-    MASTER("master"),
-
-    /**
-     * 从库
-     */
-    SLAVE("slave");
-
-    @Getter
-    private final String source;
-}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/enums/DeviceType.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/enums/DeviceType.java
@ -0,0 +1,32 @@
+package com.ruoyi.common.enums;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+/**
+ * 设备类型
+ * 针对一套 用户体系
+ *
+ * @author Lion Li
+ */
+@Getter
+@AllArgsConstructor
+public enum DeviceType {
+
+    /**
+     * pc端
+     */
+    PC("pc"),
+
+    /**
+     * app端
+     */
+    APP("app"),
+
+    /**
+     * 小程序端
+     */
+    XCX("xcx");
+
+    private final String device;
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/enums/LoginType.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/enums/LoginType.java
@ -0,0 +1,39 @@
+package com.ruoyi.common.enums;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+/**
+ * 登录类型
+ *
+ * @author Lion Li
+ */
+@Getter
+@AllArgsConstructor
+public enum LoginType {
+
+    /**
+     * 密码登录
+     */
+    PASSWORD("user.password.retry.limit.exceed", "user.password.retry.limit.count"),
+
+    /**
+     * 短信登录
+     */
+    SMS("sms.code.retry.limit.exceed", "sms.code.retry.limit.count"),
+
+    /**
+     * 小程序登录
+     */
+    XCX("", "");
+
+    /**
+     * 登录重试超出限制提示
+     */
+    final String retryLimitExceed;
+
+    /**
+     * 登录重试限制计数提示
+     */
+    final String retryLimitCount;
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/enums/SensitiveStrategy.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/enums/SensitiveStrategy.java
@ -0,0 +1,49 @@
+package com.ruoyi.common.enums;
+
+import cn.hutool.core.util.DesensitizedUtil;
+import lombok.AllArgsConstructor;
+
+import java.util.function.Function;
+
+/**
+ * 脱敏策略
+ *
+ * @author Yjoioooo
+ * @version 3.6.0
+ */
+@AllArgsConstructor
+public enum SensitiveStrategy {
+
+    /**
+     * 身份证脱敏
+     */
+    ID_CARD(s -> DesensitizedUtil.idCardNum(s, 3, 4)),
+
+    /**
+     * 手机号脱敏
+     */
+    PHONE(DesensitizedUtil::mobilePhone),
+
+    /**
+     * 地址脱敏
+     */
+    ADDRESS(s -> DesensitizedUtil.address(s, 8)),
+
+    /**
+     * 邮箱脱敏
+     */
+    EMAIL(DesensitizedUtil::email),
+
+    /**
+     * 银行卡
+     */
+    BANK_CARD(DesensitizedUtil::bankCard);
+
+    //可自行添加其他脱敏策略
+
+    private final Function<String, String> desensitizer;
+
+    public Function<String, String> desensitizer() {
+        return desensitizer;
+    }
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/enums/ThreadPoolRejectedPolicy.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/enums/ThreadPoolRejectedPolicy.java
@ -1,26 +0,0 @@
-package com.ruoyi.common.enums;
-
-import lombok.AllArgsConstructor;
-import lombok.Getter;
-
-import java.util.concurrent.RejectedExecutionHandler;
-import java.util.concurrent.ThreadPoolExecutor;
-
-/**
- * 线程池 拒绝策略 泛型
- *
- * @author Lion Li
- */
-@Getter
-@AllArgsConstructor
-public enum ThreadPoolRejectedPolicy {
-
-    CALLER_RUNS_POLICY("调用方执行", ThreadPoolExecutor.CallerRunsPolicy.class),
-    DISCARD_OLDEST_POLICY("放弃最旧的", ThreadPoolExecutor.DiscardOldestPolicy.class),
-    DISCARD_POLICY("丢弃", ThreadPoolExecutor.DiscardPolicy.class),
-    ABORT_POLICY("中止", ThreadPoolExecutor.AbortPolicy.class);
-
-    private final String name;
-    private final Class<? extends RejectedExecutionHandler> clazz;
-
-}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/enums/UserType.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/enums/UserType.java
@ -0,0 +1,37 @@
+package com.ruoyi.common.enums;
+
+import com.ruoyi.common.utils.StringUtils;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+/**
+ * 设备类型
+ * 针对多套 用户体系
+ *
+ * @author Lion Li
+ */
+@Getter
+@AllArgsConstructor
+public enum UserType {
+
+    /**
+     * pc端
+     */
+    SYS_USER("sys_user"),
+
+    /**
+     * app端
+     */
+    APP_USER("app_user");
+
+    private final String userType;
+
+    public static UserType getUserType(String str) {
+        for (UserType value : values()) {
+            if (StringUtils.contains(str, value.getUserType())) {
+                return value;
+            }
+        }
+        throw new RuntimeException("'UserType' not found By " + str);
+    }
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/excel/CellMergeStrategy.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/excel/CellMergeStrategy.java
@ -0,0 +1,114 @@
+package com.ruoyi.common.excel;
+
+import com.alibaba.excel.metadata.Head;
+import com.alibaba.excel.write.merge.AbstractMergeStrategy;
+import com.ruoyi.common.annotation.CellMerge;
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.SneakyThrows;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.collections4.CollectionUtils;
+import org.apache.poi.ss.usermodel.Cell;
+import org.apache.poi.ss.usermodel.Sheet;
+import org.apache.poi.ss.util.CellRangeAddress;
+
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * 列值重复合并策略
+ *
+ * @author Lion Li
+ */
+@AllArgsConstructor
+@Slf4j
+public class CellMergeStrategy extends AbstractMergeStrategy {
+
+	private List<?> list;
+	private boolean hasTitle;
+
+	@Override
+	protected void merge(Sheet sheet, Cell cell, Head head, Integer relativeRowIndex) {
+		List<CellRangeAddress> cellList = handle(list, hasTitle);
+		// judge the list is not null
+		if (CollectionUtils.isNotEmpty(cellList)) {
+			// the judge is necessary
+			if (cell.getRowIndex() == 1 && cell.getColumnIndex() == 0) {
+				for (CellRangeAddress item : cellList) {
+					sheet.addMergedRegion(item);
+				}
+			}
+		}
+	}
+
+	@SneakyThrows
+	private static List<CellRangeAddress> handle(List<?> list, boolean hasTitle) {
+		List<CellRangeAddress> cellList = new ArrayList<>();
+		if (CollectionUtils.isEmpty(list)) {
+			return cellList;
+		}
+		Class<?> clazz = list.get(0).getClass();
+		Field[] fields = clazz.getDeclaredFields();
+		// 有注解的字段
+		List<Field> mergeFields = new ArrayList<>();
+		List<Integer> mergeFieldsIndex = new ArrayList<>();
+		for (int i = 0; i < fields.length; i++) {
+			Field field = fields[i];
+			if (field.isAnnotationPresent(CellMerge.class)) {
+				CellMerge cm = field.getAnnotation(CellMerge.class);
+				mergeFields.add(field);
+				mergeFieldsIndex.add(cm.index() == -1 ? i : cm.index());
+			}
+		}
+		// 行合并开始下标
+		int rowIndex = hasTitle ? 1 : 0;
+		Map<Field, RepeatCell> map = new HashMap<>();
+		// 生成两两合并单元格
+		for (int i = 0; i < list.size(); i++) {
+			for (int j = 0; j < mergeFields.size(); j++) {
+				Field field = mergeFields.get(j);
+				String name = field.getName();
+				String methodName = "get" + name.substring(0, 1).toUpperCase() + name.substring(1);
+				Method readMethod = clazz.getMethod(methodName);
+				Object val = readMethod.invoke(list.get(i));
+
+				int colNum = mergeFieldsIndex.get(j);
+				if (!map.containsKey(field)) {
+					map.put(field, new RepeatCell(val, i));
+				} else {
+					RepeatCell repeatCell = map.get(field);
+					Object cellValue = repeatCell.getValue();
+					if (cellValue == null || "".equals(cellValue)) {
+						// 空值跳过不合并
+						continue;
+					}
+					if (cellValue != val) {
+						if (i - repeatCell.getCurrent() > 1) {
+							cellList.add(new CellRangeAddress(repeatCell.getCurrent() + rowIndex, i + rowIndex - 1, colNum, colNum));
+						}
+						map.put(field, new RepeatCell(val, i));
+					} else if (i == list.size() - 1) {
+						if (i > repeatCell.getCurrent()) {
+							cellList.add(new CellRangeAddress(repeatCell.getCurrent() + rowIndex, i + rowIndex, colNum, colNum));
+						}
+					}
+				}
+			}
+		}
+		return cellList;
+	}
+
+	@Data
+	@AllArgsConstructor
+	static class RepeatCell {
+
+		private Object value;
+
+		private int current;
+
+	}
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/excel/DefaultExcelListener.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/excel/DefaultExcelListener.java
@ -5,7 +5,7 @@ import com.alibaba.excel.context.AnalysisContext;
 import com.alibaba.excel.event.AnalysisEventListener;
 import com.alibaba.excel.exception.ExcelAnalysisException;
 import com.alibaba.excel.exception.ExcelDataConvertException;
-import com.alibaba.fastjson.JSON;
+import com.ruoyi.common.utils.JsonUtils;
 import com.ruoyi.common.utils.ValidatorUtils;
 import lombok.NoArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
@ -84,7 +84,7 @@ public class DefaultExcelListener<T> extends AnalysisEventListener<T> implements
    @Override
    public void invokeHeadMap(Map<Integer, String> headMap, AnalysisContext context) {
        this.headMap = headMap;
-        log.debug("解析到一条表头数据: {}", JSON.toJSONString(headMap));
+        log.debug("解析到一条表头数据: {}", JsonUtils.toJsonString(headMap));
    }

    @Override
--- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/base/BaseException.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/base/BaseException.java
@ -2,7 +2,9 @@ package com.ruoyi.common.exception.base;

 import com.ruoyi.common.utils.MessageUtils;
 import com.ruoyi.common.utils.StringUtils;
-import lombok.*;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import lombok.NoArgsConstructor;

 /**
 * 基础异常
--- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/CaptchaException.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/CaptchaException.java
@ -9,6 +9,6 @@ public class CaptchaException extends UserException {
    private static final long serialVersionUID = 1L;

    public CaptchaException() {
-        super("user.jcaptcha.error", null);
+        super("user.jcaptcha.error");
    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/CaptchaExpireException.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/CaptchaExpireException.java
@ -9,6 +9,6 @@ public class CaptchaExpireException extends UserException {
    private static final long serialVersionUID = 1L;

    public CaptchaExpireException() {
-        super("user.jcaptcha.expire", null);
+        super("user.jcaptcha.expire");
    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/UserException.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/UserException.java
@ -10,7 +10,7 @@ import com.ruoyi.common.exception.base.BaseException;
 public class UserException extends BaseException {
    private static final long serialVersionUID = 1L;

-    public UserException(String code, Object[] args) {
+    public UserException(String code, Object... args) {
        super("user", code, args, null);
    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/UserPasswordNotMatchException.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/UserPasswordNotMatchException.java
@ -9,6 +9,6 @@ public class UserPasswordNotMatchException extends UserException {
    private static final long serialVersionUID = 1L;

    public UserPasswordNotMatchException() {
-        super("user.password.not.match", null);
+        super("user.password.not.match");
    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/filter/RepeatableFilter.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/filter/RepeatableFilter.java
@ -20,10 +20,10 @@ public class RepeatableFilter implements Filter {

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
-            throws IOException, ServletException {
+        throws IOException, ServletException {
        ServletRequest requestWrapper = null;
        if (request instanceof HttpServletRequest
-                && StringUtils.startsWithIgnoreCase(request.getContentType(), MediaType.APPLICATION_JSON_VALUE)) {
+            && StringUtils.startsWithIgnoreCase(request.getContentType(), MediaType.APPLICATION_JSON_VALUE)) {
            requestWrapper = new RepeatedlyRequestWrapper((HttpServletRequest) request, response);
        }
        if (null == requestWrapper) {
--- a/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java
@ -33,7 +33,7 @@ public class XssFilter implements Filter {

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
-            throws IOException, ServletException {
+        throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse resp = (HttpServletResponse) response;
        if (handleExcludeURL(req, resp)) {
--- a/ruoyi-common/src/main/java/com/ruoyi/common/helper/DataBaseHelper.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/helper/DataBaseHelper.java
@ -0,0 +1,72 @@
+package com.ruoyi.common.helper;
+
+import cn.hutool.core.convert.Convert;
+import com.baomidou.dynamic.datasource.DynamicRoutingDataSource;
+import com.ruoyi.common.enums.DataBaseType;
+import com.ruoyi.common.exception.ServiceException;
+import com.ruoyi.common.utils.spring.SpringUtils;
+import lombok.AccessLevel;
+import lombok.NoArgsConstructor;
+
+import javax.sql.DataSource;
+import java.sql.Connection;
+import java.sql.DatabaseMetaData;
+import java.sql.SQLException;
+
+/**
+ * 数据库助手
+ *
+ * @author Lion Li
+ */
+@NoArgsConstructor(access = AccessLevel.PRIVATE)
+public class DataBaseHelper {
+
+    private static final DynamicRoutingDataSource DS = SpringUtils.getBean(DynamicRoutingDataSource.class);
+
+    /**
+     * 获取当前数据库类型
+     */
+    public static DataBaseType getDataBaseType() {
+        DataSource dataSource = DS.determineDataSource();
+        try (Connection conn = dataSource.getConnection()) {
+            DatabaseMetaData metaData = conn.getMetaData();
+            String databaseProductName = metaData.getDatabaseProductName();
+            return DataBaseType.find(databaseProductName);
+        } catch (SQLException e) {
+            throw new ServiceException(e.getMessage());
+        }
+    }
+
+    public static boolean isMySql() {
+        return DataBaseType.MY_SQL == getDataBaseType();
+    }
+
+    public static boolean isOracle() {
+        return DataBaseType.ORACLE == getDataBaseType();
+    }
+
+    public static boolean isPostgerSql() {
+        return DataBaseType.POSTGRE_SQL == getDataBaseType();
+    }
+
+    public static boolean isSqlServer() {
+        return DataBaseType.SQL_SERVER == getDataBaseType();
+    }
+
+    public static String findInSet(Object var1, String var2) {
+        DataBaseType dataBasyType = getDataBaseType();
+        String var = Convert.toStr(var1);
+        if (dataBasyType == DataBaseType.SQL_SERVER) {
+            // charindex(',100,' , ',0,100,101,') <> 0
+            return "charindex('," + var + ",' , ','+" + var2 + "+',') <> 0";
+        } else if (dataBasyType == DataBaseType.POSTGRE_SQL) {
+            // (select position(',100,' in ',0,100,101,')) <> 0
+            return "(select position('," + var + ",' in ','||" + var2 + "||',')) <> 0";
+        } else if (dataBasyType == DataBaseType.ORACLE) {
+            // instr(',0,100,101,' , ',100,') <> 0
+            return "instr(','||" + var2 + "||',' , '," + var + ",') <> 0";
+        }
+        // find_in_set(100 , '0,100,101')
+        return "find_in_set(" + var + " , " + var2 + ") <> 0";
+    }
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/helper/DataPermissionHelper.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/helper/DataPermissionHelper.java
@ -0,0 +1,47 @@
+package com.ruoyi.common.helper;
+
+import cn.dev33.satoken.context.SaHolder;
+import cn.dev33.satoken.context.model.SaStorage;
+import cn.hutool.core.util.ObjectUtil;
+import lombok.AccessLevel;
+import lombok.NoArgsConstructor;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * 数据权限助手
+ *
+ * @author Lion Li
+ * @version 3.5.0
+ */
+@NoArgsConstructor(access = AccessLevel.PRIVATE)
+@SuppressWarnings("unchecked cast")
+public class DataPermissionHelper {
+
+    private static final String DATA_PERMISSION_KEY = "data:permission";
+
+    public static <T> T getVariable(String key) {
+        Map<String, Object> context = getContext();
+        return (T) context.get(key);
+    }
+
+
+    public static void setVariable(String key, Object value) {
+        Map<String, Object> context = getContext();
+        context.put(key, value);
+    }
+
+    public static Map<String, Object> getContext() {
+        SaStorage saStorage = SaHolder.getStorage();
+        Object attribute = saStorage.get(DATA_PERMISSION_KEY);
+        if (ObjectUtil.isNull(attribute)) {
+            saStorage.set(DATA_PERMISSION_KEY, new HashMap<>());
+            attribute = saStorage.get(DATA_PERMISSION_KEY);
+        }
+        if (attribute instanceof Map) {
+            return (Map<String, Object>) attribute;
+        }
+        throw new NullPointerException("data permission context type exception");
+    }
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/helper/LoginHelper.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/helper/LoginHelper.java
@ -0,0 +1,135 @@
+package com.ruoyi.common.helper;
+
+import cn.dev33.satoken.context.SaHolder;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.util.ObjectUtil;
+import com.ruoyi.common.constant.UserConstants;
+import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.enums.DeviceType;
+import com.ruoyi.common.enums.UserType;
+import com.ruoyi.common.exception.UtilException;
+import com.ruoyi.common.utils.StringUtils;
+import lombok.AccessLevel;
+import lombok.NoArgsConstructor;
+
+/**
+ * 登录鉴权助手
+ *
+ * user_type 为 用户类型 同一个用户表 可以有多种用户类型 例如 pc,app
+ * deivce 为 设备类型 同一个用户类型 可以有 多种设备类型 例如 web,ios
+ * 可以组成 用户类型与设备类型多对多的 权限灵活控制
+ *
+ * 多用户体系 针对 多种用户类型 但权限控制不一致
+ * 可以组成 多用户类型表与多设备类型 分别控制权限
+ *
+ * @author Lion Li
+ */
+@NoArgsConstructor(access = AccessLevel.PRIVATE)
+public class LoginHelper {
+
+    public static final String JOIN_CODE = ":";
+    public static final String LOGIN_USER_KEY = "loginUser";
+
+    /**
+     * 登录系统
+     *
+     * @param loginUser 登录用户信息
+     */
+    public static void login(LoginUser loginUser) {
+        SaHolder.getStorage().set(LOGIN_USER_KEY, loginUser);
+        StpUtil.login(loginUser.getLoginId());
+        setLoginUser(loginUser);
+    }
+
+    /**
+     * 登录系统 基于 设备类型
+     * 针对相同用户体系不同设备
+     *
+     * @param loginUser 登录用户信息
+     */
+    public static void loginByDevice(LoginUser loginUser, DeviceType deviceType) {
+        SaHolder.getStorage().set(LOGIN_USER_KEY, loginUser);
+        StpUtil.login(loginUser.getLoginId(), deviceType.getDevice());
+        setLoginUser(loginUser);
+    }
+
+    /**
+     * 设置用户数据(多级缓存)
+     */
+    public static void setLoginUser(LoginUser loginUser) {
+        StpUtil.getTokenSession().set(LOGIN_USER_KEY, loginUser);
+    }
+
+    /**
+     * 获取用户(多级缓存)
+     */
+    public static LoginUser getLoginUser() {
+        LoginUser loginUser = (LoginUser) SaHolder.getStorage().get(LOGIN_USER_KEY);
+        if (loginUser != null) {
+            return loginUser;
+        }
+        loginUser = (LoginUser) StpUtil.getTokenSession().get(LOGIN_USER_KEY);
+        SaHolder.getStorage().set(LOGIN_USER_KEY, loginUser);
+        return loginUser;
+    }
+
+    /**
+     * 获取用户id
+     */
+    public static Long getUserId() {
+        LoginUser loginUser = getLoginUser();
+        if (ObjectUtil.isNull(loginUser)) {
+            String loginId = StpUtil.getLoginIdAsString();
+            String userId = null;
+            for (UserType value : UserType.values()) {
+                if (StringUtils.contains(loginId, value.getUserType())) {
+                    String[] strs = StringUtils.split(loginId, JOIN_CODE);
+                    // 用户id在总是在最后
+                    userId = strs[strs.length - 1];
+                }
+            }
+            if (StringUtils.isBlank(userId)) {
+                throw new UtilException("登录用户: LoginId异常 => " + loginId);
+            }
+            return Long.parseLong(userId);
+        }
+        return loginUser.getUserId();
+    }
+
+    /**
+     * 获取部门ID
+     */
+    public static Long getDeptId() {
+        return getLoginUser().getDeptId();
+    }
+
+    /**
+     * 获取用户账户
+     */
+    public static String getUsername() {
+        return getLoginUser().getUsername();
+    }
+
+    /**
+     * 获取用户类型
+     */
+    public static UserType getUserType() {
+        String loginId = StpUtil.getLoginIdAsString();
+        return UserType.getUserType(loginId);
+    }
+
+    /**
+     * 是否为管理员
+     *
+     * @param userId 用户ID
+     * @return 结果
+     */
+    public static boolean isAdmin(Long userId) {
+        return UserConstants.ADMIN_ID.equals(userId);
+    }
+
+    public static boolean isAdmin() {
+        return isAdmin(getUserId());
+    }
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/jackson/SensitiveJsonSerializer.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/jackson/SensitiveJsonSerializer.java
@ -0,0 +1,46 @@
+package com.ruoyi.common.jackson;
+
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanProperty;
+import com.fasterxml.jackson.databind.JsonMappingException;
+import com.fasterxml.jackson.databind.JsonSerializer;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.ser.ContextualSerializer;
+import com.ruoyi.common.annotation.Sensitive;
+import com.ruoyi.common.core.service.SensitiveService;
+import com.ruoyi.common.enums.SensitiveStrategy;
+import com.ruoyi.common.utils.spring.SpringUtils;
+
+import java.io.IOException;
+import java.util.Objects;
+
+/**
+ * 数据脱敏json序列化工具
+ *
+ * @author Yjoioooo
+ */
+public class SensitiveJsonSerializer extends JsonSerializer<String> implements ContextualSerializer {
+
+    private SensitiveStrategy strategy;
+
+    @Override
+    public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException {
+        SensitiveService sensitiveService = SpringUtils.getBean(SensitiveService.class);
+        if (sensitiveService.isSensitive()) {
+            gen.writeString(strategy.desensitizer().apply(value));
+        } else {
+            gen.writeString(value);
+        }
+
+    }
+
+    @Override
+    public JsonSerializer<?> createContextual(SerializerProvider prov, BeanProperty property) throws JsonMappingException {
+        Sensitive annotation = property.getAnnotation(Sensitive.class);
+        if (Objects.nonNull(annotation) && Objects.equals(String.class, property.getType().getRawClass())) {
+            this.strategy = annotation.strategy();
+            return this;
+        }
+        return prov.findValueSerializer(property.getType(), property);
+    }
+}
--- a/Show More
+++ b/Show More