fix

db/init.sql

@@ -1,11 +1,22 @@
+DROP TABLE IF EXISTS `mps_wxapp_access_token`;
+CREATE TABLE `mps_wxapp_access_token` (
+  `id` bigint NOT NULL AUTO_INCREMENT,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
+  `creator_id` bigint DEFAULT NULL,
+  `updater_id` bigint DEFAULT NULL,
+  `access_token` varchar(512) COLLATE utf8_bin DEFAULT NULL,
+  `expires_time` bigint DEFAULT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
 -- ----------------------------
 -- Table structure for mps_course
 -- ----------------------------
 DROP TABLE IF EXISTS `mps_course`;
 CREATE TABLE `mps_course` (
   `id` bigint NOT NULL AUTO_INCREMENT,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
   `code` varchar(255) COLLATE utf8_bin NOT NULL,
@@ -21,8 +32,8 @@ CREATE TABLE `mps_course` (
 DROP TABLE IF EXISTS `mps_exam`;
 CREATE TABLE `mps_exam` (
   `id` bigint NOT NULL AUTO_INCREMENT,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
   `exam_status` varchar(255) COLLATE utf8_bin NOT NULL,
@@ -38,8 +49,8 @@ CREATE TABLE `mps_exam` (
 DROP TABLE IF EXISTS `mps_paper`;
 CREATE TABLE `mps_paper` (
   `id` bigint NOT NULL AUTO_INCREMENT,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
   `course_id` bigint NOT NULL,
@@ -62,8 +73,8 @@ CREATE TABLE `mps_paper` (
 DROP TABLE IF EXISTS `mps_paper_detail`;
 CREATE TABLE `mps_paper_detail` (
   `id` bigint NOT NULL AUTO_INCREMENT,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
   `name` varchar(255) COLLATE utf8_bin NOT NULL,
@@ -79,8 +90,8 @@ CREATE TABLE `mps_paper_detail` (
 DROP TABLE IF EXISTS `mps_paper_detail_unit`;
 CREATE TABLE `mps_paper_detail_unit` (
   `id` bigint NOT NULL AUTO_INCREMENT,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
   `detail_id` bigint NOT NULL,
@@ -99,8 +110,8 @@ CREATE TABLE `mps_paper_detail_unit` (
 DROP TABLE IF EXISTS `mps_paper_group`;
 CREATE TABLE `mps_paper_group` (
   `id` bigint NOT NULL AUTO_INCREMENT,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
   `number` int NOT NULL,
@@ -115,8 +126,8 @@ CREATE TABLE `mps_paper_group` (
 DROP TABLE IF EXISTS `mps_paper_group_unit`;
 CREATE TABLE `mps_paper_group_unit` (
   `id` bigint NOT NULL AUTO_INCREMENT,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
   `group_id` bigint NOT NULL,
@@ -133,8 +144,8 @@ CREATE TABLE `mps_paper_group_unit` (
 DROP TABLE IF EXISTS `mps_privilege`;
 CREATE TABLE `mps_privilege` (
   `id` bigint NOT NULL AUTO_INCREMENT,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
   `code` varchar(255) COLLATE utf8_bin DEFAULT NULL,
@@ -157,8 +168,8 @@ CREATE TABLE `mps_privilege` (
 DROP TABLE IF EXISTS `mps_role`;
 CREATE TABLE `mps_role` (
   `id` bigint NOT NULL AUTO_INCREMENT,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
   `code` varchar(255) COLLATE utf8_bin NOT NULL,
@@ -173,14 +184,14 @@ CREATE TABLE `mps_role` (
 -- ----------------------------
 DROP TABLE IF EXISTS `mps_role_privilege_relation`;
 CREATE TABLE `mps_role_privilege_relation` (
-  `schoolId` bigint NOT NULL,
+  `school_id` bigint NOT NULL,
   `role_id` bigint NOT NULL,
   `privilege_id` bigint NOT NULL,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
-  PRIMARY KEY (`schoolId`,`role_id`,`privilege_id`)
+  PRIMARY KEY (`school_id`,`role_id`,`privilege_id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
 
 -- ----------------------------
@@ -189,8 +200,8 @@ CREATE TABLE `mps_role_privilege_relation` (
 DROP TABLE IF EXISTS `mps_school`;
 CREATE TABLE `mps_school` (
   `id` bigint NOT NULL AUTO_INCREMENT,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
   `contacts` varchar(255) COLLATE utf8_bin DEFAULT NULL,
@@ -199,7 +210,7 @@ CREATE TABLE `mps_school` (
   `region` varchar(255) COLLATE utf8_bin DEFAULT NULL,
   `telephone` varchar(255) COLLATE utf8_bin DEFAULT NULL,
   PRIMARY KEY (`id`),
-  UNIQUE KEY `IDX_SCHOOL_01` (`name`),
+  UNIQUE KEY `IDX_SCHOOL_01` (`name`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
 
 -- ----------------------------
@@ -208,8 +219,8 @@ CREATE TABLE `mps_school` (
 DROP TABLE IF EXISTS `mps_user`;
 CREATE TABLE `mps_user` (
   `id` bigint NOT NULL AUTO_INCREMENT,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
   `enable` bit(1) NOT NULL,
@@ -229,9 +240,38 @@ DROP TABLE IF EXISTS `mps_user_course_relation`;
 CREATE TABLE `mps_user_course_relation` (
   `user_id` bigint NOT NULL,
   `course_id` bigint NOT NULL,
-  `create_time` bigint DEFAULT NULL,
-  `update_time` bigint DEFAULT NULL,
+  `create_time` datetime DEFAULT NULL,
+  `update_time` datetime DEFAULT NULL,
   `creator_id` bigint DEFAULT NULL,
   `updater_id` bigint DEFAULT NULL,
   PRIMARY KEY (`user_id`,`course_id`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+
+INSERT INTO `mps_wxapp_access_token` (`id`) VALUES (1);
+INSERT INTO `mps_school` (`id`, `create_time`, `update_time`, `enable`, `name`) VALUES (1, now(), now(), 1, '启明泰和');
+
+
+INSERT INTO `mps_privilege` (`id`, `create_time`, `update_time`, `code`, `description`, `ext1`, `ext2`, `ext3`, `ext4`, `ext5`, `name`, `parent_id`, `seq`) VALUES (1, now(), now(), 'index_school', NULL, 'menu', NULL, NULL, NULL, '/struct/school', '学校管理', NULL, 1);
+INSERT INTO `mps_privilege` (`id`, `create_time`, `update_time`, `code`, `description`, `ext1`, `ext2`, `ext3`, `ext4`, `ext5`, `name`, `parent_id`, `seq`) VALUES (2, now(), now(), 'exam_manage', '', 'menu', '', '', '', '', '考试管理', NULL, 2);
+INSERT INTO `mps_privilege` (`id`, `create_time`, `update_time`, `code`, `description`, `ext1`, `ext2`, `ext3`, `ext4`, `ext5`, `name`, `parent_id`, `seq`) VALUES (3, now(), now(), 'index_exam', '', 'menu', '', '', '', '/struct/exam', '考试批次管理', 2, 1);
+INSERT INTO `mps_privilege` (`id`, `create_time`, `update_time`, `code`, `description`, `ext1`, `ext2`, `ext3`, `ext4`, `ext5`, `name`, `parent_id`, `seq`) VALUES (4, now(), now(), 'index_paper', '', 'menu', '', '', '', '/struct/paper', '科目试卷结构', 2, 2);
+INSERT INTO `mps_privilege` (`id`, `create_time`, `update_time`, `code`, `description`, `ext1`, `ext2`, `ext3`, `ext4`, `ext5`, `name`, `parent_id`, `seq`) VALUES (5, now(), now(), 'index_user', '', 'menu', '', '', '', '/struct/user', '用户管理', NULL, 3);
+
+
+INSERT INTO `mps_role` (`id`, `create_time`, `update_time`, `code`, `name`, `school_id`) VALUES (1, now(), now(), 'SUPER_ADMIN', '超级管理员', -1);
+INSERT INTO `mps_role` (`id`, `create_time`, `update_time`, `code`, `name`, `school_id`) VALUES (2, now(), now(), 'SCHOOL_ADMIN', '机构管理员', -1);
+INSERT INTO `mps_role` (`id`, `create_time`, `update_time`, `code`, `name`, `school_id`) VALUES (3, now(), now(), 'SECTION_LEADER', '科组长', -1);
+
+INSERT INTO `mps_role_privilege_relation` (`privilege_id`, `role_id`, `school_id`, `create_time`, `update_time`) VALUES (1, 2, -1, now(), now());
+INSERT INTO `mps_role_privilege_relation` (`privilege_id`, `role_id`, `school_id`, `create_time`, `update_time`) VALUES (2, 2, -1, now(), now());
+INSERT INTO `mps_role_privilege_relation` (`privilege_id`, `role_id`, `school_id`, `create_time`, `update_time`) VALUES (3, 2, -1, now(), now());
+INSERT INTO `mps_role_privilege_relation` (`privilege_id`, `role_id`, `school_id`, `create_time`, `update_time`) VALUES (4, 2, -1, now(), now());
+INSERT INTO `mps_role_privilege_relation` (`privilege_id`, `role_id`, `school_id`, `create_time`, `update_time`) VALUES (5, 2, -1, now(), now());
+
+
+INSERT INTO `mps_user` (`id`, `create_time`, `update_time`,  `enable`,  `login_name`, `name`,  `password`,  `school_id`,  `role_id`) VALUES (1, now(), now(),  1,  'admin1', '超管1',  UPPER(SHA2('autumn123',256)), 1, 1);
+INSERT INTO `mps_user` (`id`, `create_time`, `update_time`,  `enable`,  `login_name`, `name`,  `password`,  `school_id`,  `role_id`) VALUES (2, now(), now(),  1,  'admin2', '超管2',  UPPER(SHA2('autumn123',256)), 1, 1);
+INSERT INTO `mps_user` (`id`, `create_time`, `update_time`,  `enable`,  `login_name`, `name`,  `password`,  `school_id`,  `role_id`) VALUES (3, now(), now(),  1,  'admin3', '超管3',  UPPER(SHA2('autumn123',256)), 1, 1);
+INSERT INTO `mps_user` (`id`, `create_time`, `update_time`,  `enable`,  `login_name`, `name`,  `password`,  `school_id`,  `role_id`) VALUES (4, now(), now(),  1,  'admin4', '超管4',  UPPER(SHA2('autumn123',256)), 1, 1);
+INSERT INTO `mps_user` (`id`, `create_time`, `update_time`,  `enable`,  `login_name`, `name`,  `password`,  `school_id`,  `role_id`) VALUES (5, now(), now(),  1,  'admin5', '超管5',  UPPER(SHA2('autumn123',256)), 1, 1);
+

src/main/java/cn/com/qmth/mps/bean/WxappAccessToken.java

@@ -0,0 +1,33 @@
+package cn.com.qmth.mps.bean;
+
+public class WxappAccessToken {
+	private String access_token;
+	private Integer expires_in;
+	private Integer errcode;
+	private String errmsg;
+	public String getAccess_token() {
+		return access_token;
+	}
+	public void setAccess_token(String access_token) {
+		this.access_token = access_token;
+	}
+	public Integer getExpires_in() {
+		return expires_in;
+	}
+	public void setExpires_in(Integer expires_in) {
+		this.expires_in = expires_in;
+	}
+	public Integer getErrcode() {
+		return errcode;
+	}
+	public void setErrcode(Integer errcode) {
+		this.errcode = errcode;
+	}
+	public String getErrmsg() {
+		return errmsg;
+	}
+	public void setErrmsg(String errmsg) {
+		this.errmsg = errmsg;
+	}
+	
+}

src/main/java/cn/com/qmth/mps/config/FillMetaObjectHandler.java

@@ -18,9 +18,9 @@ public class FillMetaObjectHandler implements MetaObjectHandler {
 			this.setFieldValByName("creatorId", user.getId(), metaObject);
 		}
 		if(this.getFieldValByName("createTime", metaObject)==null) {
-			this.setFieldValByName("createTime", new Date().getTime(), metaObject);
+			this.setFieldValByName("createTime", new Date(), metaObject);
 		}
-		this.setFieldValByName("updateTime", new Date().getTime(), metaObject);
+		this.setFieldValByName("updateTime", new Date(), metaObject);
 	}
 
 	@Override
@@ -29,7 +29,7 @@ public class FillMetaObjectHandler implements MetaObjectHandler {
 		if (user != null) {
 			this.setFieldValByName("updaterId", user.getId(), metaObject);
 		}
-		this.setFieldValByName("updateTime", new Date().getTime(), metaObject);
+		this.setFieldValByName("updateTime", new Date(), metaObject);
 	}
 
 }

src/main/java/cn/com/qmth/mps/config/SysProperty.java

@@ -11,7 +11,8 @@ public class SysProperty {
 	 */
 	@Value("${session-timeout}")
     private Integer sessionTimeout;
-	
+	@Value("${wxapp-url}")
+    private String wxappUrl;
 	@Value("${wxapp-appid}")
     private String wxappAppid;
 	
@@ -41,6 +42,14 @@ public class SysProperty {
 	public void setWxappSecret(String wxappSecret) {
 		this.wxappSecret = wxappSecret;
 	}
+
+	public String getWxappUrl() {
+		return wxappUrl;
+	}
+
+	public void setWxappUrl(String wxappUrl) {
+		this.wxappUrl = wxappUrl;
+	}
     
 
 	

src/main/java/cn/com/qmth/mps/controller/AuthController.java

@@ -28,9 +28,15 @@ public class AuthController extends BaseController {
 	}
 
 	@ApiOperation(value = "微信小程序登录")
-	@PostMapping("login/wxapp")
-	public AdminLoginVo loginWxApp(@RequestParam String wxappCode, @RequestParam String phone) {
-		return authService.loginWxApp(wxappCode,phone);
+	@PostMapping("login/wxapp/code")
+	public AdminLoginVo loginWxAppCode(@RequestParam String wxappCode) {
+		return authService.loginWxAppCode(wxappCode);
+	}
+	
+	@ApiOperation(value = "微信小程序登录")
+	@PostMapping("login/wxapp/encrypted-data")
+	public AdminLoginVo loginWxAppEncryptedData(@RequestParam String wxappCode,@RequestParam String encryptedData,@RequestParam String iv) {
+		return authService.loginWxAppEncryptedData(wxappCode,encryptedData,iv);
 	}
 
 	@ApiOperation(value = "登出")

src/main/java/cn/com/qmth/mps/controller/SchoolController.java

@@ -26,7 +26,7 @@ public class SchoolController extends BaseController {
 
     @ApiOperation(value = "新增/修改")
     @RequestMapping(value = "/save", method = RequestMethod.POST)
-    public void svae(SchollDomain domain) {
+    public void save(SchollDomain domain) {
     }
 
     @ApiOperation(value = "获取分页")

src/main/java/cn/com/qmth/mps/dao/WxappAccessTokenDao.java

@@ -0,0 +1,9 @@
+package cn.com.qmth.mps.dao;
+
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+
+import cn.com.qmth.mps.entity.WxappAccessTokenEntity;
+
+public interface WxappAccessTokenDao extends BaseMapper<WxappAccessTokenEntity> {
+
+}

src/main/java/cn/com/qmth/mps/entity/WxappAccessTokenEntity.java

@@ -0,0 +1,28 @@
+package cn.com.qmth.mps.entity;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+
+import cn.com.qmth.mps.entity.base.AuditingEntity;
+
+@TableName(value="mps_wxapp_access_token")
+public class WxappAccessTokenEntity extends AuditingEntity {
+	/**
+	 * 
+	 */
+	private static final long serialVersionUID = 4999809253841553953L;
+	private String accessToken;
+	private Long expiresTime;
+	public String getAccessToken() {
+		return accessToken;
+	}
+	public void setAccessToken(String accessToken) {
+		this.accessToken = accessToken;
+	}
+	public Long getExpiresTime() {
+		return expiresTime;
+	}
+	public void setExpiresTime(Long expiresTime) {
+		this.expiresTime = expiresTime;
+	}
+	
+}

src/main/java/cn/com/qmth/mps/entity/base/BaseEntity.java

@@ -1,6 +1,7 @@
 package cn.com.qmth.mps.entity.base;
 
 import java.io.Serializable;
+import java.util.Date;
 
 import com.baomidou.mybatisplus.annotation.FieldFill;
 import com.baomidou.mybatisplus.annotation.TableField;
@@ -16,27 +17,27 @@ public abstract class BaseEntity implements Serializable {
      * 创建时间
      */
     @TableField(fill = FieldFill.INSERT)
-    protected Long createTime;
+    protected Date createTime;
 
     /**
      * 修改时间
      */
     @TableField(fill = FieldFill.INSERT_UPDATE)
-    protected Long updateTime;
+    protected Date updateTime;
 
-    public Long getCreateTime() {
+    public Date getCreateTime() {
         return createTime;
     }
 
-    public void setCreateTime(Long createTime) {
+    public void setCreateTime(Date createTime) {
         this.createTime = createTime;
     }
 
-    public Long getUpdateTime() {
+    public Date getUpdateTime() {
         return updateTime;
     }
 
-    public void setUpdateTime(Long updateTime) {
+    public void setUpdateTime(Date updateTime) {
         this.updateTime = updateTime;
     }
 

src/main/java/cn/com/qmth/mps/job/WxappAccessTokenJob.java

@@ -0,0 +1,18 @@
+package cn.com.qmth.mps.job;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.scheduling.annotation.Scheduled;
+import org.springframework.stereotype.Service;
+
+import cn.com.qmth.mps.service.AuthService;
+
+@Service
+public class WxappAccessTokenJob {
+	@Autowired
+	private AuthService authService;
+	@Scheduled(cron = "0 * * * * ?")
+    public void modifyWxappAccessToken() {
+		authService.modifyWxappAccessToken();
+    }
+
+}

src/main/java/cn/com/qmth/mps/service/AuthService.java

@@ -5,12 +5,16 @@ import cn.com.qmth.mps.vo.AdminLoginVo;
 
 public interface AuthService {
 
-	AdminLoginVo loginWxApp(String wxappCode, String phone);
+	AdminLoginVo loginWxAppCode(String wxappCode);
 
 	AdminLoginVo loginAdmin(String loginName, String password);
 
 	void logout(User user);
 
+	void modifyWxappAccessToken();
+
+	AdminLoginVo loginWxAppEncryptedData(String wxappCode, String encryptedData, String iv);
+
 
 
 }

src/main/java/cn/com/qmth/mps/service/WxappAccessTokenService.java

@@ -0,0 +1,11 @@
+package cn.com.qmth.mps.service;
+
+import com.baomidou.mybatisplus.extension.service.IService;
+
+import cn.com.qmth.mps.entity.WxappAccessTokenEntity;
+
+public interface WxappAccessTokenService  extends IService<WxappAccessTokenEntity> {
+
+	WxappAccessTokenEntity getWxappAccessToken();
+
+}

src/main/java/cn/com/qmth/mps/service/impl/AuthServiceImpl.java

@@ -3,6 +3,7 @@ package cn.com.qmth.mps.service.impl;
 import java.util.HashMap;
 import java.util.Map;
 
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
@@ -14,10 +15,12 @@ import com.qmth.boot.tools.uuid.FastUUID;
 import cn.com.qmth.mps.bean.User;
 import cn.com.qmth.mps.config.SysProperty;
 import cn.com.qmth.mps.entity.UserEntity;
+import cn.com.qmth.mps.entity.WxappAccessTokenEntity;
 import cn.com.qmth.mps.enums.Role;
 import cn.com.qmth.mps.service.AuthService;
 import cn.com.qmth.mps.service.SessionService;
 import cn.com.qmth.mps.service.UserService;
+import cn.com.qmth.mps.service.WxappAccessTokenService;
 import cn.com.qmth.mps.util.ByteUtil;
 import cn.com.qmth.mps.util.HttpUtil;
 import cn.com.qmth.mps.util.SHA256;
@@ -25,41 +28,40 @@ import cn.com.qmth.mps.vo.AdminLoginVo;
 import net.sf.json.JSONObject;
 
 @Service
-public class AuthServiceImpl implements AuthorizationService<User>, AuthService{
-	private static String uri="https://api.weixin.qq.com/sns/jscode2session";
+public class AuthServiceImpl implements AuthorizationService<User>, AuthService {
 	@Autowired
 	private UserService userService;
 	@Autowired
 	private SessionService sessionService;
-	
+	@Autowired
+	private WxappAccessTokenService wxappAccessTokenService;
 	@Autowired
 	private SysProperty sysProperty;
+
 	@Override
-	public AdminLoginVo loginWxApp(String wxappCode, String phone) {
-		
-		Map<String,String> params=new HashMap<>();
-		params.put("appid", sysProperty.getWxappAppid());
-		params.put("secret", sysProperty.getWxappSecret());
-		params.put("js_code", wxappCode);
-		params.put("grant_type", "authorization_code");
+	public AdminLoginVo loginWxAppCode(String wxappCode) {
+
+		Map<String, String> params = new HashMap<>();
+		params.put("code", wxappCode);
 		String ret;
 		try {
-			ret=HttpUtil.httpActionGet(uri, null, params);
+			ret = HttpUtil.httpActionPost("https://api.weixin.qq.com/wxa/business/getuserphonenumber?access_token="
+					+ wxappAccessTokenService.getWxappAccessToken().getAccessToken(), null, params);
 		} catch (Exception e) {
-			throw new StatusException("登录失败",e);
+			throw new StatusException("登录失败", e);
 		}
-		JSONObject jo=JSONObject.fromObject(ret);
-		if(jo.containsKey("errmsg")) {
-			throw new StatusException("登录失败,"+jo.getString("errmsg"));
+		JSONObject jo = JSONObject.fromObject(ret);
+		if (jo.getInt("errcode") != 0) {
+			throw new StatusException("登录失败," + jo.getString("errmsg"));
 		}
-		UserEntity userEntity=userService.getByLoginName(phone);
-		if(userEntity==null) {
-			throw new StatusException("该手机号不存在");
+		UserEntity userEntity = userService.getByLoginName(jo.getJSONObject("phone_info").getString("purePhoneNumber"));
+		if (userEntity == null) {
+			throw new StatusException("微信所绑定手机号系统中不存在");
 		}
-		if(!userEntity.getEnable()) {
+		if (!userEntity.getEnable()) {
 			throw new StatusException("该用户已禁用");
 		}
-		if(!userEntity.getRoleId().equals(Role.SECTION_LEADER.getId())) {
+		if (!userEntity.getRoleId().equals(Role.SECTION_LEADER.getId())) {
 			throw new StatusException("该用户不是科组长");
 		}
 		User user = new User();
@@ -70,7 +72,7 @@ public class AuthServiceImpl implements AuthorizationService<User>, AuthService{
 		user.setAccessToken(FastUUID.get());
 		user.buildKey();
 		sessionService.userLogin(user);
-		AdminLoginVo vo=new AdminLoginVo();
+		AdminLoginVo vo = new AdminLoginVo();
 		vo.setAccessToken(user.getAccessToken());
 		vo.setName(user.getName());
 		vo.setSessionId(user.getSessionId());
@@ -78,17 +80,17 @@ public class AuthServiceImpl implements AuthorizationService<User>, AuthService{
 		vo.setRole(user.getRole());
 		return vo;
 	}
-	
+
 	@Override
 	public AdminLoginVo loginAdmin(String loginName, String password) {
-		UserEntity userEntity=userService.getByLoginName(loginName);
-		if(userEntity==null) {
+		UserEntity userEntity = userService.getByLoginName(loginName);
+		if (userEntity == null) {
 			throw new StatusException("账号不存在");
 		}
-		if(!userEntity.getEnable()) {
+		if (!userEntity.getEnable()) {
 			throw new StatusException("该用户已禁用");
 		}
-		if(userEntity.getRoleId().equals(Role.SECTION_LEADER.getId())) {
+		if (userEntity.getRoleId().equals(Role.SECTION_LEADER.getId())) {
 			throw new StatusException("科组长无权限登录");
 		}
 		byte[] bytes = SHA256.encode(password);
@@ -104,7 +106,7 @@ public class AuthServiceImpl implements AuthorizationService<User>, AuthService{
 		user.setAccessToken(FastUUID.get());
 		user.buildKey();
 		sessionService.userLogin(user);
-		AdminLoginVo vo=new AdminLoginVo();
+		AdminLoginVo vo = new AdminLoginVo();
 		vo.setAccessToken(user.getAccessToken());
 		vo.setName(user.getName());
 		vo.setSessionId(user.getSessionId());
@@ -118,17 +120,49 @@ public class AuthServiceImpl implements AuthorizationService<User>, AuthService{
 		sessionService.userLogout(user);
 	}
 
-    @Override
-    public User findByIdentity(String identity, SignatureType type, String path) {
-        User user = sessionService.getSessionUser(identity);
-        return user;
-    }
+	@Override
+	public User findByIdentity(String identity, SignatureType type, String path) {
+		User user = sessionService.getSessionUser(identity);
+		return user;
+	}
+
+	@Override
+	public boolean hasPermission(User user, String path) {
+		sessionService.updateUserSession(user);
+		return true;
+	}
 
-    @Override
-    public boolean hasPermission(User user, String path) {
-        sessionService.updateUserSession(user);
-        return true;
-    }
+	@Override
+	public void modifyWxappAccessToken() {
+		WxappAccessTokenEntity token = wxappAccessTokenService.getWxappAccessToken();
+		long now = System.currentTimeMillis();
+		if (StringUtils.isEmpty(token.getAccessToken()) || token.getExpiresTime()-now <= 15 * 60 * 1000) {
+			Map<String, String> params = new HashMap<>();
+			params.put("appid", sysProperty.getWxappAppid());
+			params.put("secret", sysProperty.getWxappSecret());
+			params.put("grant_type", "client_credential");
+			String ret;
+			try {
+				ret = HttpUtil.httpActionGet("https://api.weixin.qq.com/cgi-bin/token", null, params);
+			} catch (Exception e) {
+				throw new StatusException("获取失败", e);
+			}
+			JSONObject jo = JSONObject.fromObject(ret);
+			if (jo.containsKey("errcode")) {
+				throw new StatusException("获取失败," + jo.getString("errmsg"));
+			}
+			int ex = jo.getInt("expires_in");
+			String at = jo.getString("access_token");
+			token.setAccessToken(at);
+			token.setExpiresTime(now + ex * 1000);
+			wxappAccessTokenService.updateById(token);
+		}
+	}
 
+	@Override
+	public AdminLoginVo loginWxAppEncryptedData(String wxappCode, String encryptedData, String iv) {
+		// TODO Auto-generated method stub
+		return null;
+	}
 
 }

src/main/java/cn/com/qmth/mps/service/impl/WxappAccessTokenServiceImpl.java

@@ -0,0 +1,19 @@
+package cn.com.qmth.mps.service.impl;
+
+import org.springframework.stereotype.Service;
+
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+
+import cn.com.qmth.mps.dao.WxappAccessTokenDao;
+import cn.com.qmth.mps.entity.WxappAccessTokenEntity;
+import cn.com.qmth.mps.service.WxappAccessTokenService;
+
+@Service
+public class WxappAccessTokenServiceImpl extends ServiceImpl<WxappAccessTokenDao, WxappAccessTokenEntity> implements WxappAccessTokenService {
+
+	@Override
+	public WxappAccessTokenEntity getWxappAccessToken() {
+		return this.getById(1L);
+	}
+
+}

src/main/java/cn/com/qmth/mps/util/HttpUtil.java

@@ -26,10 +26,91 @@ public class HttpUtil {
 
 	private static final String CONTENT_TYPE = "Content-Type";
 
-	private static final String APPLICATION_JSON = "application/x-www-form-urlencoded;charset=utf-8";
+	private static final String APPLICATION_FORM= "application/x-www-form-urlencoded;charset=utf-8";
+	
+	private static final String APPLICATION_JSON = "application/json;charset=utf-8";
 
-	private static final String METHOD_GET = "GET";
+	public static String httpActionPost(String uri, Map<String, String> heads, Map<String, String> params) {
+		String result = null;
+		HttpsURLConnection conn = null;
+		OutputStream os = null;
+		InputStream is = null;
+
+		try {
+			// 获取链接
+			URL url = new URL(uri);
+			conn = (HttpsURLConnection) url.openConnection();
+
+			conn.setRequestMethod("POST");
+			conn.setRequestProperty(CONTENT_TYPE, APPLICATION_JSON);
+			// ssl
+			SSLContext context = SSLContext.getInstance("SSL", "SunJSSE");
+			TrustManager[] tm = new TrustManager[] { new X509TrustManager() {
+
+				@Override
+				public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
+				}
+
+				@Override
+				public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
+				}
+
+				@Override
+				public X509Certificate[] getAcceptedIssuers() {
+					return null;
+				}
+			} };
+			// 初始化
+			context.init(null, tm, new java.security.SecureRandom());
+			// 获取SSLSocketFactory对象
+			SSLSocketFactory ssf = context.getSocketFactory();
+			conn.setSSLSocketFactory(ssf);
+
+			conn.setUseCaches(false);
+			conn.setDoOutput(true);
+
+			// 设置额外的参数
+			if (heads != null && !heads.isEmpty()) {
+
+				for (Map.Entry<String, String> head : heads.entrySet()) {
+					conn.setRequestProperty(head.getKey(), head.getValue());
+				}
+			}
+			// 创建链接
+			conn.connect();
+			if (params != null) {
+				StringBuilder sb = new StringBuilder();
+				for (Map.Entry<String, String> data : params.entrySet()) {
+					sb.append(data.getKey()).append("=").append(data.getValue()).append("&");
+				}
+				os = conn.getOutputStream();
+				os.write(sb.toString().getBytes());
+				os.flush();
+			}
+			result = getResult(conn);
+		} catch (Exception e) {
+			throw new StatusException("授权服务器访问失败", e);
+		} finally {
+			try {
+				if (os != null) {
+					os.close();
+					os = null;
+				}
+				if (is != null) {
+					is.close();
+					is = null;
+				}
+			} catch (IOException e) {
+			}
 
+			if (conn != null) {
+				conn.disconnect();
+				conn = null;
+			}
+		}
+
+		return result;
+	}
 	/**
 	 * 
 	 * @param params headers参数
@@ -56,8 +137,8 @@ public class HttpUtil {
 			URL url = new URL(uri);
 			conn = (HttpsURLConnection) url.openConnection();
 
-			conn.setRequestMethod(METHOD_GET);
-			conn.setRequestProperty(CONTENT_TYPE, APPLICATION_JSON);
+			conn.setRequestMethod("GET");
+			conn.setRequestProperty(CONTENT_TYPE, APPLICATION_FORM);
 			// ssl
 			SSLContext context = SSLContext.getInstance("SSL", "SunJSSE");
 			TrustManager[] tm = new TrustManager[] { new X509TrustManager() {

src/main/resources/application-test.properties

@@ -31,6 +31,6 @@ spring.jackson.date-format=yyyy-MM-dd HH:mm:ss
 spring.jackson.time-zone=GMT+8
 
 session-timeout=7200
-
+wxapp-url=xxx
 wxapp-appid=xxx
 wxapp-secret=xxxx

src/main/resources/application.properties

@@ -32,5 +32,6 @@ spring.jackson.time-zone=GMT+8
 
 session-timeout=7200
 
+wxapp-url=xxx
 wxapp-appid=xxx
-wxapp-secret=xxxx
+wxapp-secret=xxx