From f3369d8cee2ca9e00529e865dd73416fc41b845c Mon Sep 17 00:00:00 2001
From: HuangXin <huangxin@cmhi.chinamobile.com>
Date: Mon, 27 Jul 2020 11:06:27 +0800
Subject: [PATCH] =?UTF-8?q?OCT=20REM:=201.=20=E5=AE=8C=E6=88=90=E5=9F=BA?=
 =?UTF-8?q?=E6=9C=AC=E5=8D=8F=E8=AE=AE=E5=AE=9A=E4=B9=89=E5=8A=9F=E8=83=BD?=
 =?UTF-8?q?=202.=20=E5=AE=8C=E6=88=90=E5=9F=BA=E6=9C=AC=E5=8D=8F=E8=AE=AE?=
 =?UTF-8?q?=E5=AD=97=E6=AE=B5=E8=87=AA=E5=8A=A8=E5=8C=96=E6=A0=A1=E9=AA=8C?=
 =?UTF-8?q?=E5=8A=9F=E8=83=BD=203.=20=E5=AE=8C=E6=88=90REST-ful=E6=8E=A5?=
 =?UTF-8?q?=E5=8F=A3=E5=93=8D=E5=BA=94=E7=BC=96=E7=A0=81=E5=8A=9F=E8=83=BD?=
 =?UTF-8?q?=204.=20=E5=AE=8C=E6=88=90REST-ful=E6=8E=A5=E5=8F=A3token?=
 =?UTF-8?q?=E6=A0=A1=E9=AA=8C=E5=8A=9F=E8=83=BD=205.=20=E5=AE=8C=E6=88=90?=
 =?UTF-8?q?=E7=99=BB=E5=BD=95=E3=80=81=E6=B3=A8=E9=94=80=E6=8E=A5=E5=8F=A3?=
 =?UTF-8?q?=206.=20=E4=BC=98=E5=8C=96=E5=90=84=E4=B8=AA=E6=A8=A1=E5=9D=97?=
 =?UTF-8?q?=E9=85=8D=E7=BD=AE=E9=A1=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 config/application-local.properties           | 11 ++-
 .../com/dispose/common/AuthConfigValue.java   | 29 +++++++
 .../java/com/dispose/common/ConstValue.java   | 51 +----------
 .../com/dispose/common/DpTechConfigValue.java | 17 ++++
 .../com/dispose/common/ProtoCryptoType.java   | 56 +++++++++++++
 .../com/dispose/config/AuthConfigure.java     | 22 +++++
 .../com/dispose/config/DisposeConfigure.java  |  5 --
 .../com/dispose/config/DpTechConfigure.java   | 11 ++-
 .../dispose/controller/AuthController.java    | 84 +++++++++++++++----
 .../dispose/interceptor/TokenInterceptor.java | 66 +++++++++++++++
 .../manager/impl/UserAccountManagerImpl.java  |  4 +-
 .../pojo/dto/protocol/auth/LoginReq.java      | 16 ++--
 .../pojo/dto/protocol/auth/LoginRsp.java      |  8 +-
 .../dto/protocol/base/BaseProtocolDTO.java    | 29 +++++--
 .../dto/protocol/base/BaseRespStatus.java     |  4 +-
 .../dto/protocol/base/ProtocolReqDTO.java     | 32 +++++++
 .../dto/protocol/base/ProtocolRespDTO.java    | 11 +--
 .../pojo/dto/protocol/base/ValidGroups.java   | 32 +++++++
 .../service/impl/UserAccountServiceImpl.java  |  6 +-
 .../java/com/dispose/setup/SystemInitial.java | 80 ++++++++++++++++++
 20 files changed, 469 insertions(+), 105 deletions(-)
 create mode 100644 src/main/java/com/dispose/common/AuthConfigValue.java
 create mode 100644 src/main/java/com/dispose/common/DpTechConfigValue.java
 create mode 100644 src/main/java/com/dispose/common/ProtoCryptoType.java
 create mode 100644 src/main/java/com/dispose/config/AuthConfigure.java
 create mode 100644 src/main/java/com/dispose/interceptor/TokenInterceptor.java
 create mode 100644 src/main/java/com/dispose/pojo/dto/protocol/base/ValidGroups.java
 create mode 100644 src/main/java/com/dispose/setup/SystemInitial.java

diff --git a/config/application-local.properties b/config/application-local.properties
index 59529ca0..bf044b25 100644
--- a/config/application-local.properties
+++ b/config/application-local.properties
@@ -52,17 +52,22 @@ phoenix.response-enc-switch=false
 #config aes 128 key,用于上述body的加解密
 phoenix.aes-key=Wt4EJu6Rrq5udd/42bNpCQ==
 #====custom config,begin with phoenix====
+
 #调试配置
 dispose.debug-model=true
 dispose.check-protocol-timeout=false
 dispose.check-request-token=true
 dispose.split_char=,
+
 # 迪普设备配置
 # 发送超时时间(ms)
-#dptech.soap-conn-timeout=5000
+#dptech.soap-conn-timeout-second=60
 # 接收超时时间(ms)
-dptech.soap-recv-timeout=50000
+dptech.soap-recv-timeout-second=60
 
 # 用户权限配置
 permission.admin-check=true
-permission.admin-users=admin,xajhuang
+permission.admin-users=admin
+
+# 认证配置
+auth.token-timeout-minute=30
\ No newline at end of file
diff --git a/src/main/java/com/dispose/common/AuthConfigValue.java b/src/main/java/com/dispose/common/AuthConfigValue.java
new file mode 100644
index 00000000..3a945fef
--- /dev/null
+++ b/src/main/java/com/dispose/common/AuthConfigValue.java
@@ -0,0 +1,29 @@
+package com.dispose.common;
+
+/**
+ * The type Global configure.
+ *
+ * @author <huangxin@cmhi.chinamoblie.com>
+ */
+public class AuthConfigValue {
+    /**
+     * The constant ALLOW_PWD_ERR_TIMES.
+     */
+    public static final int ALLOW_PWD_ERR_TIMES = 5;
+
+    /**
+     * The constant TOKEN_EXPIRED_TIME_MS.
+     */
+    public static long TOKEN_EXPIRED_TIME_MS = 30 * 60 * 1000;
+
+    /**
+     * The constant MYSQL_REGEX.
+     */
+    public static final String MYSQL_REGEX = "^((?!(and|exec|insert|select|drop|grant|alter" +
+            "|delete|update|count|chr|mid|master|truncate|char|declare|or|--|\\s|\\*|%|\\+|'|;])).)*$";
+
+    /**
+     * The constant MYSQL_REGEX_CHARS.
+     */
+    public static final String MYSQL_REGEX_CHARS = "^((?!(--|\\s|\\*|%|\\+|'|;])).)*$";
+}
diff --git a/src/main/java/com/dispose/common/ConstValue.java b/src/main/java/com/dispose/common/ConstValue.java
index bea76cba..fda207bb 100644
--- a/src/main/java/com/dispose/common/ConstValue.java
+++ b/src/main/java/com/dispose/common/ConstValue.java
@@ -8,39 +8,9 @@ package com.dispose.common;
 public class ConstValue {
 
     /**
-     * The type Global configure.
-     *
-     * @author <huangxin@cmhi.chinamoblie.com>
+     * The constant STRING_HTTP_AUTH_HEAD.
      */
-    public static class GlobalConfigure {
-        /**
-         * The constant TOKEN_TIMEOUT_MS.
-         */
-        public static final int TOKEN_TIMEOUT_MS = 30 * 60 * 1000;
-        /**
-         * The constant ALLOW_PWD_ERR_TIMES.
-         */
-        public static final int ALLOW_PWD_ERR_TIMES = 5;
-        /**
-         * The constant IS_SKIP_TIMEOUT_CHECK.
-         */
-        public static final boolean IS_SKIP_TIMEOUT_CHECK = true;
-        /**
-         * The constant TOKEN_EXPIRED_TIME_MS.
-         */
-        public static final long TOKEN_EXPIRED_TIME_MS = TOKEN_TIMEOUT_MS;
-
-        /**
-         * The constant MYSQL_REGEX.
-         */
-        public static final String MYSQL_REGEX = "^((?!(and|exec|insert|select|drop|grant|alter" +
-                "|delete|update|count|chr|mid|master|truncate|char|declare|or|--|\\s|\\*|%|\\+|'|;])).)*$";
-
-        /**
-         * The constant MYSQL_REGEX_CHARS.
-         */
-        public static final String MYSQL_REGEX_CHARS = "^((?!(--|\\s|\\*|%|\\+|'|;])).)*$";
-    }
+    public static final String STRING_HTTP_AUTH_HEAD = "Bearer ";
 
     /**
      * The type Protocol.
@@ -52,23 +22,6 @@ public class ConstValue {
          * The constant VERSION.
          */
         public static final int VERSION = 3;
-        /**
-         * The constant CRYPTO_NONE.
-         */
-        public static final int CRYPTO_NONE = 0;
-        /**
-         * The constant CRYPTO_BASE64.
-         */
-        public static final int CRYPTO_BASE64 = 1;
-        /**
-         * The constant CRYPTO_AES256.
-         */
-        public static final int CRYPTO_AES256 = 2;
-
-        /**
-         * The constant REQUEST_TIMEOUT_MS.
-         */
-        public static final int REQUEST_TIMEOUT_MS = 10 * 1000;
     }
 
 }
diff --git a/src/main/java/com/dispose/common/DpTechConfigValue.java b/src/main/java/com/dispose/common/DpTechConfigValue.java
new file mode 100644
index 00000000..86883027
--- /dev/null
+++ b/src/main/java/com/dispose/common/DpTechConfigValue.java
@@ -0,0 +1,17 @@
+package com.dispose.common;
+
+/**
+ * The type Dp tech config value.
+ *
+ * @author <huangxin@cmhi.chinamoblie.com>
+ */
+public class DpTechConfigValue {
+    /**
+     * The constant SOAP_CONNECT_TIMEOUT.
+     */
+    public static volatile int SOAP_CONNECT_TIMEOUT_SECOND = 60;
+    /**
+     * The constant SOAP_RECEIVE_TIMEOUT.
+     */
+    public static volatile int SOAP_RECEIVE_TIMEOUT_SECOND = 60;
+}
diff --git a/src/main/java/com/dispose/common/ProtoCryptoType.java b/src/main/java/com/dispose/common/ProtoCryptoType.java
new file mode 100644
index 00000000..834af6ec
--- /dev/null
+++ b/src/main/java/com/dispose/common/ProtoCryptoType.java
@@ -0,0 +1,56 @@
+package com.dispose.common;
+
+/**
+ * The enum Proto crypto type.
+ *
+ * @author <huangxin@cmhi.chinamoblie.com>
+ */
+public enum ProtoCryptoType {
+    /**
+     * Crypto none proto crypto type.
+     */
+    CRYPTO_NONE(0, "不加密"),
+    CRYPTO_BASE64(1, "Base64编码"),
+    CRYPTO_AES256(2, "AES256加密"),
+    CRYPTO_RSA(3, "RSA非对称加密"),
+    CRYPTO_DES(4, "DES对称加密")
+    ;
+
+    /**
+     * The Code.
+     */
+    private final int code;
+    /**
+     * The Readme.
+     */
+    private final String readme;
+
+    /**
+     * Instantiates a new Proto crypto type.
+     *
+     * @param code   the code
+     * @param readme the readme
+     */
+    ProtoCryptoType(int code, String readme) {
+        this.code = code;
+        this.readme = readme;
+    }
+
+    /**
+     * Gets code.
+     *
+     * @return the code
+     */
+    public int getCode() {
+        return this.code;
+    }
+
+    /**
+     * Gets readme.
+     *
+     * @return the readme
+     */
+    public String getReadme() {
+        return this.readme;
+    }
+}
diff --git a/src/main/java/com/dispose/config/AuthConfigure.java b/src/main/java/com/dispose/config/AuthConfigure.java
new file mode 100644
index 00000000..9a300acb
--- /dev/null
+++ b/src/main/java/com/dispose/config/AuthConfigure.java
@@ -0,0 +1,22 @@
+package com.dispose.config;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+/**
+ * The type Auth configure.
+ *
+ * @author <huangxin@cmhi.chinamoblie.com>
+ */
+@Getter
+@Setter
+@Component
+@ConfigurationProperties(prefix = "auth")
+public class AuthConfigure {
+    /**
+     * The Token timout value.
+     */
+    private String tokenTimoutMinute;
+}
diff --git a/src/main/java/com/dispose/config/DisposeConfigure.java b/src/main/java/com/dispose/config/DisposeConfigure.java
index 20462916..de387571 100644
--- a/src/main/java/com/dispose/config/DisposeConfigure.java
+++ b/src/main/java/com/dispose/config/DisposeConfigure.java
@@ -27,9 +27,4 @@ public class DisposeConfigure {
      * The Split char.
      */
     private String splitChar;
-
-    /**
-     * The Token timout value.
-     */
-    private String tokenTimoutValue;
 }
diff --git a/src/main/java/com/dispose/config/DpTechConfigure.java b/src/main/java/com/dispose/config/DpTechConfigure.java
index 467ab3e0..0316a152 100644
--- a/src/main/java/com/dispose/config/DpTechConfigure.java
+++ b/src/main/java/com/dispose/config/DpTechConfigure.java
@@ -15,6 +15,13 @@ import org.springframework.stereotype.Component;
 @Component
 @ConfigurationProperties(prefix = "dptech")
 public class DpTechConfigure {
-    private String soapConnTimeout;
-    private String soapRecvTimeout;
+    /**
+     * The Soap conn timeout.
+     */
+    private String soapConnTimeoutSecond;
+
+    /**
+     * The Soap recv timeout.
+     */
+    private String soapRecvTimeoutSecond;
 }
diff --git a/src/main/java/com/dispose/controller/AuthController.java b/src/main/java/com/dispose/controller/AuthController.java
index 8ad9cf7c..96f4a809 100644
--- a/src/main/java/com/dispose/controller/AuthController.java
+++ b/src/main/java/com/dispose/controller/AuthController.java
@@ -1,28 +1,29 @@
 package com.dispose.controller;
 
-import com.dispose.common.ConstValue;
+import com.dispose.common.AuthConfigValue;
 import com.dispose.common.ErrorCode;
-import com.dispose.config.DisposeConfigure;
 import com.dispose.pojo.dto.protocol.auth.LoginReq;
 import com.dispose.pojo.dto.protocol.auth.LoginRsp;
 import com.dispose.pojo.dto.protocol.base.BaseRespStatus;
 import com.dispose.pojo.dto.protocol.base.ProtocolReqDTO;
 import com.dispose.pojo.dto.protocol.base.ProtocolRespDTO;
+import com.dispose.pojo.dto.protocol.base.ValidGroups;
 import com.dispose.pojo.po.MulReturnType;
 import com.dispose.service.UserAccountService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpHeaders;
 import org.springframework.stereotype.Component;
 import org.springframework.stereotype.Controller;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.ResponseBody;
 
 import javax.annotation.Resource;
-import javax.validation.Valid;
 import java.security.NoSuchAlgorithmException;
 
 /**
@@ -37,38 +38,85 @@ import java.security.NoSuchAlgorithmException;
 @Component
 @Validated
 public class AuthController {
+    /**
+     * The User account service.
+     */
     @Resource
     private UserAccountService userAccountService;
 
-    @Resource
-    private DisposeConfigure disposeConfigure;
-
+    /**
+     * User login protocol resp dto.
+     *
+     * @param mr the mr
+     * @return the protocol resp dto
+     * @throws NoSuchAlgorithmException the no such algorithm exception
+     */
     @PostMapping("/login")
     @ResponseBody
     @ApiOperation("登录")
-    public ProtocolRespDTO<? extends BaseRespStatus> userLogin(@RequestBody @Valid ProtocolReqDTO<LoginReq> mr)
+    public ProtocolRespDTO<? extends BaseRespStatus> userLogin(
+            @Validated(ValidGroups.LoginReq.class)
+            @RequestBody ProtocolReqDTO<LoginReq> mr)
             throws NoSuchAlgorithmException {
 
+        // 登录
         MulReturnType<ErrorCode, String> ret = userAccountService.loginService(mr.getMsgContent().getUserName(),
                 mr.getMsgContent().getPassword());
 
-        if(ret.getFirstParam() != ErrorCode.ERR_OK) {
+        // 登录错误
+        if (ret.getFirstParam() != ErrorCode.ERR_OK) {
             log.error("User login failed, error:{}", ret.getFirstParam().getMsg());
             return ProtocolRespDTO.result(ret.getFirstParam());
         }
 
-        long expTime = ConstValue.GlobalConfigure.TOKEN_EXPIRED_TIME_MS;
+        // 计算token过期时间
+        long expTime = AuthConfigValue.TOKEN_EXPIRED_TIME_MS / 1000 / 60;
 
-        if(disposeConfigure.getTokenTimoutValue() != null ){
-            expTime = Long.parseLong(disposeConfigure.getTokenTimoutValue());
+        LoginRsp rspInfo = LoginRsp.builder()
+                .userName(mr.getMsgContent().getUserName())
+                .token(ret.getSecondParam())
+                .logTime(System.currentTimeMillis())
+                .expireTime(System.currentTimeMillis() + expTime)
+                .build();
+
+        rspInfo.setStatus(ErrorCode.ERR_OK.getCode());
+        rspInfo.setMessage(new String[] {ErrorCode.ERR_OK.getMsg()});
+
+        return ProtocolRespDTO.result(ErrorCode.ERR_OK, rspInfo);
+    }
+
+    /**
+     * User logout protocol resp dto.
+     *
+     * @param mr      the mr
+     * @param headers the headers
+     * @return the protocol resp dto
+     */
+    @PostMapping("/logout")
+    @ResponseBody
+    @ApiOperation("注销")
+    public ProtocolRespDTO<? extends BaseRespStatus> userLogout(@Validated(ValidGroups.LogoutReq.class)
+                                                                @RequestBody ProtocolReqDTO<LoginReq> mr,
+                                                                @RequestHeader HttpHeaders headers) {
+        // 注销用户登录
+        ErrorCode err = userAccountService.logoutService(mr.getMsgContent().getUserName(),
+                mr.getAuthToken(headers));
+
+        // 注销失败
+        if (err != ErrorCode.ERR_OK) {
+            log.error("User logout failed, error:{}", err.getMsg());
+            return ProtocolRespDTO.result(err);
         }
 
-        return ProtocolRespDTO.result(ErrorCode.ERR_OK,
-                LoginRsp.builder()
-                        .userName(mr.getMsgContent().getUserName())
-                        .token(ret.getSecondParam())
-                        .logTime(System.currentTimeMillis())
-                        .expireTime(System.currentTimeMillis() + expTime)
-                        .build());
+        // 创建返回消息
+        LoginRsp rspInfo = LoginRsp.builder()
+                .userName(mr.getMsgContent().getUserName())
+                .build();
+
+        rspInfo.setStatus(err.getCode());
+        rspInfo.setMessage(new String[] {err.getMsg()});
+
+        return ProtocolRespDTO.result(ErrorCode.ERR_OK, rspInfo);
     }
+
 }
diff --git a/src/main/java/com/dispose/interceptor/TokenInterceptor.java b/src/main/java/com/dispose/interceptor/TokenInterceptor.java
new file mode 100644
index 00000000..4a5f4aaa
--- /dev/null
+++ b/src/main/java/com/dispose/interceptor/TokenInterceptor.java
@@ -0,0 +1,66 @@
+package com.dispose.interceptor;
+
+import com.dispose.common.ConstValue;
+import com.dispose.common.ErrorCode;
+import com.dispose.pojo.dto.protocol.base.ProtocolRespDTO;
+import com.dispose.service.UserAccountService;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.servlet.HandlerInterceptor;
+import reactor.util.annotation.NonNull;
+
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * The type Token interceptor.
+ *
+ * @author <huangxin@cmhi.chinamoblie.com>
+ */
+@Slf4j
+public class TokenInterceptor implements HandlerInterceptor {
+    @Resource
+    private UserAccountService userAccountService;
+
+    /**
+     * Pre handle boolean.
+     *
+     * @param request  the request
+     * @param response the response
+     * @param handler  the handler
+     * @return the boolean
+     * @throws Exception the exception
+     */
+    @Override
+    public boolean preHandle(HttpServletRequest request,
+                             @NonNull HttpServletResponse response,
+                             @NonNull Object handler) throws Exception {
+        // 提取header中的Authorization字段里面的token值
+        String token = request.getHeader("Authorization");
+
+        if (token != null && token.length() > 0) {
+            token = token.replaceFirst(ConstValue.STRING_HTTP_AUTH_HEAD, "");
+            ErrorCode err = userAccountService.authTokenCheck(token);
+            // 判断token是否合法
+            if (err != ErrorCode.ERR_OK) {
+                response.setCharacterEncoding("UTF-8");
+                response.setContentType("application/json;charset=UTF-8");
+                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+                response.getWriter().write(new ObjectMapper().writeValueAsString(ProtocolRespDTO.result(err)));
+                log.error("Http request token [{}] is error: {}", token, err);
+                return false;
+            }
+        } else {
+            // 缺少必要的认证头部
+            response.setCharacterEncoding("UTF-8");
+            response.setContentType("application/json;charset=UTF-8");
+            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+            response.getWriter().write(new ObjectMapper().writeValueAsString(ProtocolRespDTO.result(ErrorCode.ERR_MISSAUTHHEAD)));
+            log.error("Http request head miss \"Authorization\" item");
+            return false;
+        }
+
+        return true;
+    }
+}
diff --git a/src/main/java/com/dispose/manager/impl/UserAccountManagerImpl.java b/src/main/java/com/dispose/manager/impl/UserAccountManagerImpl.java
index eaff26c5..1882266a 100644
--- a/src/main/java/com/dispose/manager/impl/UserAccountManagerImpl.java
+++ b/src/main/java/com/dispose/manager/impl/UserAccountManagerImpl.java
@@ -1,7 +1,7 @@
 package com.dispose.manager.impl;
 
 import cn.hutool.core.convert.Convert;
-import com.dispose.common.ConstValue;
+import com.dispose.common.AuthConfigValue;
 import com.dispose.common.ErrorCode;
 import com.dispose.common.Helper;
 import com.dispose.config.DisposeConfigure;
@@ -453,7 +453,7 @@ public class UserAccountManagerImpl implements UserAccountManager {
     private boolean tokenTimeout(String lastAccess) {
         try {
             return (System.currentTimeMillis() - Helper.getTimestampMilliSecond(lastAccess))
-                    >= ConstValue.GlobalConfigure.TOKEN_TIMEOUT_MS;
+                    >= AuthConfigValue.TOKEN_EXPIRED_TIME_MS;
         } catch (Exception ex) {
             return false;
         }
diff --git a/src/main/java/com/dispose/pojo/dto/protocol/auth/LoginReq.java b/src/main/java/com/dispose/pojo/dto/protocol/auth/LoginReq.java
index 66024563..c2e2e0ee 100644
--- a/src/main/java/com/dispose/pojo/dto/protocol/auth/LoginReq.java
+++ b/src/main/java/com/dispose/pojo/dto/protocol/auth/LoginReq.java
@@ -1,6 +1,7 @@
 package com.dispose.pojo.dto.protocol.auth;
 
-import com.dispose.common.ConstValue;
+import com.dispose.common.AuthConfigValue;
+import com.dispose.pojo.dto.protocol.base.ValidGroups;
 import com.fasterxml.jackson.annotation.JsonInclude;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
@@ -26,7 +27,7 @@ public class LoginReq {
      * The User name.
      */
     @NotBlank(message = "userName 用户名不能为空")
-    @Pattern(regexp = ConstValue.GlobalConfigure.MYSQL_REGEX_CHARS,
+    @Pattern(regexp = AuthConfigValue.MYSQL_REGEX_CHARS,
             flags = Pattern.Flag.CASE_INSENSITIVE,
             message = "userName 用户名存在非法字符串")
     private String userName;
@@ -34,10 +35,13 @@ public class LoginReq {
     /**
      * The Password.
      */
-    @NotBlank(message = "password 密码不能为空")
-    @Length(min = 64, max = 64, message = "password 密码长度必须为SHA256编码后的长度")
-    @Pattern(regexp = ConstValue.GlobalConfigure.MYSQL_REGEX_CHARS,
+    @NotBlank(message = "password 密码不能为空", groups = ValidGroups.LoginReq.class)
+    @Length(min = 64, max = 64,
+            message = "password 密码长度必须为SHA256编码后的长度",
+            groups = ValidGroups.LoginReq.class)
+    @Pattern(regexp = AuthConfigValue.MYSQL_REGEX_CHARS,
             flags = Pattern.Flag.CASE_INSENSITIVE,
-            message = "password 密码存在非法字符串")
+            message = "password 密码存在非法字符串",
+            groups = ValidGroups.LoginReq.class)
     private String password;
 }
diff --git a/src/main/java/com/dispose/pojo/dto/protocol/auth/LoginRsp.java b/src/main/java/com/dispose/pojo/dto/protocol/auth/LoginRsp.java
index cd8f4208..656c39c7 100644
--- a/src/main/java/com/dispose/pojo/dto/protocol/auth/LoginRsp.java
+++ b/src/main/java/com/dispose/pojo/dto/protocol/auth/LoginRsp.java
@@ -24,21 +24,21 @@ import lombok.NoArgsConstructor;
 public class LoginRsp extends BaseRespStatus {
 
     /**
-     * The User name.
+     * 登录的用户名
      */
     private String userName;
 
     /**
-     * The Token.
+     * 访问权限token
      */
     private String token;
 
     /**
-     * The Log time.
+     * 登录UTC时间戳(ms)
      */
     private Long logTime;
     /**
-     * The Expire time.
+     * token超时时间 (分钟)
      */
     private Long expireTime;
 }
diff --git a/src/main/java/com/dispose/pojo/dto/protocol/base/BaseProtocolDTO.java b/src/main/java/com/dispose/pojo/dto/protocol/base/BaseProtocolDTO.java
index c10cdf54..371948d7 100644
--- a/src/main/java/com/dispose/pojo/dto/protocol/base/BaseProtocolDTO.java
+++ b/src/main/java/com/dispose/pojo/dto/protocol/base/BaseProtocolDTO.java
@@ -14,6 +14,7 @@ import javax.validation.constraints.NotNull;
 /**
  * The type Base protocol dto.
  *
+ * @param <T> the type parameter
  * @author <huangxin@cmhi.chinamoblie.com>
  */
 @Data
@@ -21,26 +22,42 @@ import javax.validation.constraints.NotNull;
 @ApiModel("通信协议实体")
 @JsonPropertyOrder({"ver", "cryptoType", "timeStamp", "msgContent"})
 public class BaseProtocolDTO<T> {
+    /**
+     * 当前协议版本号
+     */
     @ApiModelProperty(value = "协议版本号", required = true, example = "1")
-    @NotNull(message = "ver 字段不能为空")
-    @Range(min = 3, max = 9999, message = "ver 字段最小值为 3")
+    @NotNull(message = "ver 字段不能为空", groups = ValidGroups.ProtocolCommon.class)
+    @Range(min = 3, max = 9999, message = "ver 字段最小值为 3", groups = ValidGroups.ProtocolCommon.class)
     private Integer ver;
 
+    /**
+     * msgContent字段内容编码格式
+     */
     @ApiModelProperty(value = "msgContent字段内容编码格式：\n" +
             "0：无编码格式，普通字符串\n" +
             "1：base64编码格式\n" +
             "2：采用AES加密后的base64编码格式\n", required = true,
             allowableValues = "0, 1, 2",
             example = "0")
-    @NotNull(message = "cryptoType 字段不能为空")
-    @Range(min = 0, max = 2, message = "cryptoType 字段取值为 [0, 2]")
+    @NotNull(message = "cryptoType 字段不能为空", groups = ValidGroups.ProtocolCommon.class)
+    @Range(min = 0, max = 2,
+            message = "cryptoType 字段取值为 [0, 2]"
+            , groups = ValidGroups.ProtocolCommon.class)
     private Integer cryptoType;
 
+    /**
+     * 当前UTC时间戳(ms)
+     */
     @ApiModelProperty(value = "当前UTC时间戳", required = true, example = "1526625689000")
-    @NotNull(message = "timeStamp 字段不能为空")
-    @DecimalMin(value = "1595494343000", message = "timeStamp 字段值不能为过去时间")
+    @NotNull(message = "timeStamp 字段不能为空", groups = ValidGroups.ProtocolCommon.class)
+    @DecimalMin(value = "1595494343000",
+            message = "timeStamp 字段值不能为过去时间"
+            , groups = ValidGroups.ProtocolCommon.class)
     private Long timeStamp;
 
+    /**
+     * 协议详细内容
+     */
     @ApiModelProperty(value = "协议详细内容\n", example = "{}")
     @Valid
     private T msgContent;
diff --git a/src/main/java/com/dispose/pojo/dto/protocol/base/BaseRespStatus.java b/src/main/java/com/dispose/pojo/dto/protocol/base/BaseRespStatus.java
index 4d1c6291..ac1d465b 100644
--- a/src/main/java/com/dispose/pojo/dto/protocol/base/BaseRespStatus.java
+++ b/src/main/java/com/dispose/pojo/dto/protocol/base/BaseRespStatus.java
@@ -17,11 +17,11 @@ import java.util.Arrays;
 public class BaseRespStatus {
 
     /**
-     * The Status.
+     * 0：成功；其它：失败原因.
      */
     private Integer status;
     /**
-     * The Message.
+     * 登录消息: status状态码对应的提示信息
      */
     private String[] message;
 
diff --git a/src/main/java/com/dispose/pojo/dto/protocol/base/ProtocolReqDTO.java b/src/main/java/com/dispose/pojo/dto/protocol/base/ProtocolReqDTO.java
index ec0c4b72..3697f975 100644
--- a/src/main/java/com/dispose/pojo/dto/protocol/base/ProtocolReqDTO.java
+++ b/src/main/java/com/dispose/pojo/dto/protocol/base/ProtocolReqDTO.java
@@ -1,16 +1,48 @@
 package com.dispose.pojo.dto.protocol.base;
 
+import com.dispose.common.ConstValue;
 import lombok.NoArgsConstructor;
 import lombok.ToString;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpHeaders;
+
+import java.util.Objects;
 
 /**
  * The type Protocol req dto.
  *
+ * @param <T> the type parameter
  * @author <huangxin@cmhi.chinamoblie.com>
  */
 @NoArgsConstructor
 @ToString
 @Slf4j
 public class ProtocolReqDTO<T> extends BaseProtocolDTO<T> {
+    /**
+     * Gets auth token.
+     *
+     * @param headers the headers
+     * @return the auth token
+     */
+    public String getAuthToken(HttpHeaders headers) {
+        // 是否有必要的HTTP Head字段
+        if (headers == null) {
+            log.error("Http request is missing authentication header");
+            return "";
+        }
+
+        try {
+            String authString = Objects.requireNonNull(headers.get("Authorization")).get(0);
+
+            if (authString.length() == 0 || !authString.startsWith(ConstValue.STRING_HTTP_AUTH_HEAD)) {
+                log.error("Input Authorization header error: [{}]", authString);
+                return "";
+            }
+            // 保持当前请求token内容
+            return authString.replaceFirst(ConstValue.STRING_HTTP_AUTH_HEAD, "");
+        } catch (Exception ex) {
+            log.error(ex.getMessage());
+            return "";
+        }
+    }
 }
diff --git a/src/main/java/com/dispose/pojo/dto/protocol/base/ProtocolRespDTO.java b/src/main/java/com/dispose/pojo/dto/protocol/base/ProtocolRespDTO.java
index f16816ec..4e94ff15 100644
--- a/src/main/java/com/dispose/pojo/dto/protocol/base/ProtocolRespDTO.java
+++ b/src/main/java/com/dispose/pojo/dto/protocol/base/ProtocolRespDTO.java
@@ -2,6 +2,7 @@ package com.dispose.pojo.dto.protocol.base;
 
 import com.dispose.common.ConstValue;
 import com.dispose.common.ErrorCode;
+import com.dispose.common.ProtoCryptoType;
 import com.fasterxml.jackson.annotation.JsonPropertyOrder;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import io.swagger.annotations.ApiModelProperty;
@@ -28,7 +29,7 @@ public class ProtocolRespDTO<T> extends BaseProtocolDTO<T> {
     private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
 
     /**
-     * The Code.
+     * 状态码，用于记录服务器返回状态信息，例如HTTP返回值等.
      */
     @ApiModelProperty(value = "服务器返回状态码", example = "200")
     private Integer code;
@@ -42,7 +43,7 @@ public class ProtocolRespDTO<T> extends BaseProtocolDTO<T> {
      * @return the protocol resp dto
      */
     public static <T> ProtocolRespDTO<T> result(ErrorCode err, T obj) {
-        return result(err, obj, ConstValue.Protocol.CRYPTO_NONE);
+        return result(err, obj, ProtoCryptoType.CRYPTO_NONE.getCode());
     }
 
     /**
@@ -59,7 +60,7 @@ public class ProtocolRespDTO<T> extends BaseProtocolDTO<T> {
 
         resp.setVer(ConstValue.Protocol.VERSION);
         resp.setCode(err.getHttpCode());
-        resp.setCryptoType(ConstValue.Protocol.CRYPTO_NONE);
+        resp.setCryptoType(ProtoCryptoType.CRYPTO_NONE.getCode());
         resp.setTimeStamp(System.currentTimeMillis());
         resp.setMsgContent(respMsg);
 
@@ -81,7 +82,7 @@ public class ProtocolRespDTO<T> extends BaseProtocolDTO<T> {
 
         resp.setVer(ConstValue.Protocol.VERSION);
         resp.setCode(err.getHttpCode());
-        resp.setCryptoType(ConstValue.Protocol.CRYPTO_NONE);
+        resp.setCryptoType(ProtoCryptoType.CRYPTO_NONE.getCode());
         resp.setTimeStamp(System.currentTimeMillis());
         resp.setMsgContent(rspMsg);
 
@@ -104,7 +105,7 @@ public class ProtocolRespDTO<T> extends BaseProtocolDTO<T> {
 
         resp.setVer(ConstValue.Protocol.VERSION);
         resp.setCode(httpCode);
-        resp.setCryptoType(ConstValue.Protocol.CRYPTO_NONE);
+        resp.setCryptoType(ProtoCryptoType.CRYPTO_NONE.getCode());
         resp.setTimeStamp(System.currentTimeMillis());
         resp.setMsgContent(rspMsg);
 
diff --git a/src/main/java/com/dispose/pojo/dto/protocol/base/ValidGroups.java b/src/main/java/com/dispose/pojo/dto/protocol/base/ValidGroups.java
new file mode 100644
index 00000000..4622d16e
--- /dev/null
+++ b/src/main/java/com/dispose/pojo/dto/protocol/base/ValidGroups.java
@@ -0,0 +1,32 @@
+package com.dispose.pojo.dto.protocol.base;
+
+/**
+ * The type Valid groups.
+ *
+ * @author <huangxin@cmhi.chinamoblie.com>
+ */
+public class ValidGroups {
+    /**
+     * The interface Protocol common.
+     *
+     * @author <huangxin@cmhi.chinamoblie.com>
+     */
+    public interface ProtocolCommon {
+    }
+
+    /**
+     * The interface Login req.
+     *
+     * @author <huangxin@cmhi.chinamoblie.com>
+     */
+    public interface LoginReq extends ProtocolCommon {
+    }
+
+    /**
+     * The interface Logout req.
+     *
+     * @author <huangxin@cmhi.chinamoblie.com>
+     */
+    public interface LogoutReq extends ProtocolCommon {
+    }
+}
diff --git a/src/main/java/com/dispose/service/impl/UserAccountServiceImpl.java b/src/main/java/com/dispose/service/impl/UserAccountServiceImpl.java
index 5b37f485..ab07713e 100644
--- a/src/main/java/com/dispose/service/impl/UserAccountServiceImpl.java
+++ b/src/main/java/com/dispose/service/impl/UserAccountServiceImpl.java
@@ -1,6 +1,6 @@
 package com.dispose.service.impl;
 
-import com.dispose.common.ConstValue;
+import com.dispose.common.AuthConfigValue;
 import com.dispose.common.ErrorCode;
 import com.dispose.common.UserAccountStatus;
 import com.dispose.config.DisposeConfigure;
@@ -85,11 +85,11 @@ public class UserAccountServiceImpl implements UserAccountService {
             // 更新密码错误次数
             userAccountManager.setUserPwdErrTimes(username, errTimes);
 
-            if (errTimes == ConstValue.GlobalConfigure.ALLOW_PWD_ERR_TIMES - 1) {
+            if (errTimes == AuthConfigValue.ALLOW_PWD_ERR_TIMES - 1) {
                 // 提示用户即将锁定账户
                 log.error("User {} password [{}] error reach the upper limit", username, password);
                 return MulReturnType.<ErrorCode, String>builder().firstParam(ErrorCode.ERR_PASSWORDMORE).build();
-            } else if (errTimes >= ConstValue.GlobalConfigure.ALLOW_PWD_ERR_TIMES) {
+            } else if (errTimes >= AuthConfigValue.ALLOW_PWD_ERR_TIMES) {
                 // 锁定账户
                 userAccountManager.lockUserAccount(username);
                 log.error("User {} is locked", username);
diff --git a/src/main/java/com/dispose/setup/SystemInitial.java b/src/main/java/com/dispose/setup/SystemInitial.java
new file mode 100644
index 00000000..f94b57a0
--- /dev/null
+++ b/src/main/java/com/dispose/setup/SystemInitial.java
@@ -0,0 +1,80 @@
+package com.dispose.setup;
+
+import com.dispose.common.AuthConfigValue;
+import com.dispose.common.DpTechConfigValue;
+import com.dispose.config.AuthConfigure;
+import com.dispose.config.DisposeConfigure;
+import com.dispose.config.DpTechConfigure;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.boot.CommandLineRunner;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+
+/**
+ * The type System initial.
+ *
+ * @author <huangxin@cmhi.chinamoblie.com>
+ */
+@Component
+@Slf4j
+public class SystemInitial implements CommandLineRunner {
+    /**
+     * The Dispose configure.
+     */
+    @Resource
+    DisposeConfigure disposeConfigure;
+
+    /**
+     * The Auth configure.
+     */
+    @Resource
+    AuthConfigure authConfigure;
+
+    /**
+     * The Dp tech configure.
+     */
+    @Resource
+    DpTechConfigure dpTechConfigure;
+
+    /**
+     * Load configure.
+     */
+    private void loadConfigure() {
+
+        try {
+            AuthConfigValue.TOKEN_EXPIRED_TIME_MS = Long.parseLong(authConfigure.getTokenTimoutMinute()) * 60 * 1000;
+        } catch (Exception ex) {
+            log.error("load TOKEN_EXPIRED_TIME_MS configure error: {}", ex.getMessage());
+        }
+
+        try {
+            DpTechConfigValue.SOAP_CONNECT_TIMEOUT_SECOND = Integer.parseInt(dpTechConfigure.getSoapConnTimeoutSecond());
+        } catch(Exception ex) {
+            log.error("load SOAP_CONNECT_TIMEOUT_SECOND configure error: {}", ex.getMessage());
+        }
+
+        try {
+            DpTechConfigValue.SOAP_RECEIVE_TIMEOUT_SECOND = Integer.parseInt(dpTechConfigure.getSoapRecvTimeoutSecond());
+        } catch(Exception ex) {
+            log.error("load SOAP_RECEIVE_TIMEOUT_SECOND configure error: {}", ex.getMessage());
+        }
+//
+//        try {
+//            GlobalVar.IS_CHECK_REQUEST_TIMEOUT = Boolean.parseBoolean(disposeConfigure.getCheckProtocolTimeout());
+//        } catch(Exception ex) {
+//            log.error("load IS_CHECK_REQUEST_TIMEOUT configure error: {}", ex.getMessage());
+//        }
+    }
+
+    /**
+     * Run.
+     *
+     * @param args the args
+     */
+    @Override
+    public void run(String... args) {
+        // 系统初始化入口
+        loadConfigure();
+    }
+}