小程序对接，鉴权

build-uat/update.sql

@@ -1337,6 +1337,9 @@ COMMENT ON COLUMN "PRESSURE2_PIPE_USE_REGISTRATION_REPORT"."CERTIFICATE_NO" IS '
 COMMENT ON COLUMN "PRESSURE2_PIPE_USE_REGISTRATION_REPORT"."DEPT_ID" IS '部门ID';
 COMMENT ON COLUMN "PRESSURE2_PIPE_USE_REGISTRATION_REPORT"."EQUIP_ID" IS '设备ID';
 
+
+ALTER TABLE "PRESSURE2_EQUIP_PIPE" ADD COLUMN "IS_EFFECTIVE" VARCHAR(50) DEFAULT (1);
+COMMENT ON COLUMN "PRESSURE2_EQUIP_PIPE"."IS_EFFECTIVE" IS '是否有效';
 --20260519
 ALTER TABLE "PRESSURE2_BOILER_TASK_ORDER_ITEM" ADD COLUMN "IS_SUSPEND" BIT DEFAULT (0);
 ALTER TABLE "PRESSURE2_BOILER_TASK_ORDER_ITEM" ADD COLUMN "SUSPEND_TIME" DATETIME(6);

tz-module-member/tz-module-member-api/src/main/java/cn/start/tz/module/member/api/user/MemberUserApi.java

@@ -85,6 +85,10 @@ public interface MemberUserApi {
     @Operation(summary = "用户关联企业认证信息新增")
     CommonResult<String> createUseUnitRelation(@RequestBody @Valid UseUnitRelationSaveReqVO createReqVO);
 
+    @PostMapping(PREFIX + "/getUseUnitRelation")
+    @Operation(summary = "用户关联企业认证信息新增")
+    CommonResult<List<UseUnitRelationSaveReqVO>> getUseUnitRelation(@RequestBody @Valid String id);
+
     @PostMapping(PREFIX + "/deleteUseUnitRelation")
     @Operation(summary = "用户关联企业认证信息新增")
     CommonResult<Boolean> deleteUseUnitRelation(@RequestBody @Valid UseUnitRelationSaveReqVO createReqVO);

tz-module-member/tz-module-member-api/src/main/java/cn/start/tz/module/member/api/user/dto/UseUnitVO.java

@@ -0,0 +1,181 @@
+package cn.start.tz.module.member.api.user.dto;
+
+import lombok.*;
+
+/**
+ * 用户认证企业 DO
+ *
+ * @author 特种管理员
+ */
+@Data
+@ToString(callSuper = true)
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class UseUnitVO{
+
+    /**
+     * 主键
+     */
+    private String id;
+    /**
+     * 营业执照
+     */
+    private String businessLicense;
+    /**
+     * 主体类型
+     */
+    private String subjectType;
+    /**
+     * 单位名称
+     */
+    private String unitName;
+    /**
+     * 统一社会信用代码
+     */
+    private String unifiedSocialCreditCode;
+    /**
+     * 法人
+     */
+    private String legalName;
+    /**
+     * 详细地址
+     */
+    private String unitAddress;
+    /**
+     * 所在区域
+     */
+    private Integer administrativeRegion;
+    /**
+     * 所在街道
+     */
+    private Integer unitStreet;
+    /**
+     * 所在区域名字
+     */
+    private String administrativeRegionName;
+    /**
+     * 所在街道名字
+     */
+    private String unitStreetName;
+    /**
+     * 单位管理员姓名
+     */
+    private String unitManageName;
+    /**
+     * 单位管理员手机号
+     */
+    private String unitManagePhone;
+    /**
+     * 单位状态默认为0待审核 1已认证2被拒绝3已作废
+     */
+    private String unitStatus;
+    /**
+     * 拒绝原因
+     */
+    private String refuseReason;
+    /**
+     * 委托书
+     */
+    private String entrustBook;
+    /**
+     * 认证类型(个人/企业)
+     */
+    private String authenticationType;
+    /**
+     * 认证编号
+     */
+    private String authenticationNo;
+
+    /**
+     * 发票类型
+     */
+    private String invoiceType;
+    /**
+     * 抬头类型
+     */
+    private String riseType;
+    /**
+     * 单位税号
+     */
+    private String unitTax;
+    /**
+     * 发票抬头
+     */
+    private String invoiceRise;
+    /**
+     * 注册地址
+     */
+    private String regAddress;
+    /**
+     * 注册电话
+     */
+    private String regPhone;
+    /**
+     * 开户银行
+     */
+    private String bankDeposit;
+    /**
+     * 银行账号
+     */
+    private String bankAccount;
+    /**
+     * 收票邮箱
+     */
+    private String ticketReceivingEmail;
+    /**
+     * 关联单位库的id
+     */
+    private String systemUnitId;
+    /**
+     * 审核人
+     */
+    private String auditor;
+    /**
+     * 审核人名称
+     */
+    private String auditorName;
+
+    /**
+     *  作业地址
+     * */
+    private String homeworkAddress;
+    /**
+     *  作业区域
+     * */
+    private String homeworkDistrict;
+
+
+    /**
+     *
+     *  注册所在区域
+     * */
+    private Integer regBeDistrict;
+
+    /**
+     * 是否使用单位（0、否；1、是）
+     */
+    private String isUseUnit;
+    /**
+     * 是否制造单位（0、否；1、是）
+     */
+    private String isMakeUnit;
+    /**
+     * 是否安装单位（0、否；1、是）
+     */
+    private String isInstallUnit;
+    /**
+     * 是否维保单位（0、否；1、是）
+     */
+    private String isMaintUnit;
+    /**
+     * 是否改造单位（0、否；1、是）
+     */
+    private String isReformUnit;
+
+
+    private String username;
+
+    private String password;
+
+}

tz-module-member/tz-module-member-biz/src/main/java/cn/start/tz/module/member/api/user/MemberUserApiImpl.java

@@ -6,6 +6,7 @@ import cn.start.tz.framework.common.util.object.BeanUtils;
 import cn.start.tz.module.member.api.user.dto.*;
 import cn.start.tz.module.member.controller.admin.templatesendlog.vo.TemplateSendLogSaveReqVO;
 import cn.start.tz.module.member.controller.app.user.vo.MpUserInfoVo;
+import cn.start.tz.module.member.controller.app.useruint.vo.UseUnitRelationRsp;
 import cn.start.tz.module.member.convert.user.MemberUserConvert;
 import cn.start.tz.module.member.dal.dataobject.mprelation.MpRelationDO;
 import cn.start.tz.module.member.dal.dataobject.user.MemberUserDO;
@@ -162,6 +163,13 @@ public class MemberUserApiImpl implements MemberUserApi {
         return success(useUnitRelation.getId());
     }
 
+    @Override
+    public CommonResult<List<UseUnitRelationSaveReqVO>> getUseUnitRelation(String id) {
+        List<UseUnitRelationDO> unitByUserId = useUnitRelationMapper.selectList(UseUnitRelationDO::getMemberId,id);
+
+        return success(BeanUtils.toBean(unitByUserId, UseUnitRelationSaveReqVO.class));
+    }
+
     @Override
     public CommonResult<Boolean> deleteUseUnitRelation(@RequestBody @Valid UseUnitRelationSaveReqVO createReqVO) {
         useUnitRelationMapper.delete(UseUnitRelationDO::getMemberId, createReqVO.getMemberId());

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/admin/boilertaskordersignfile/vo/BoilerTaskOrderSignFileRespVO.java

@@ -74,6 +74,10 @@ public class BoilerTaskOrderSignFileRespVO {
 
     private String equipCode;
 
+    private String equipName;
+
+    private String projectName;
+
     private String orderNo;
 
     private String useUnitName;

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/acceptorder/BoilerAcceptOrderAppController.java

@@ -1,9 +1,12 @@
 package cn.start.tz.module.pressure2.controller.app.acceptorder;
 
+import cn.hutool.core.util.StrUtil;
 import cn.start.tz.framework.common.pojo.CommonResult;
 import cn.start.tz.framework.common.pojo.PageResult;
 import cn.start.tz.framework.ratelimiter.core.annotation.RateLimiter;
 import cn.start.tz.framework.security.core.LoginUser;
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
+import cn.start.tz.module.pressure2.framework.appauth.core.context.AppAuthContextHolder;
 import cn.start.tz.module.pressure2.controller.admin.acceptorder.vo.AcceptOrderPageReqVO;
 import cn.start.tz.module.pressure2.controller.admin.acceptorder.vo.AcceptOrderRespVO;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskorder.vo.BoilerTaskOrderRespVO;
@@ -14,20 +17,18 @@ import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.annotation.Resource;
-import jakarta.annotation.security.PermitAll;
 import jakarta.validation.Valid;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 import static cn.start.tz.framework.common.pojo.CommonResult.success;
 import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUser;
-import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUserMobile;
 
 @Tag(name = "小程序 - 锅炉受理单")
 @RestController
 @RequestMapping("/pressure2/accept-order/boiler")
 @Validated
+@AppAuth
 public class BoilerAcceptOrderAppController {
 
     @Resource
@@ -39,13 +40,13 @@ public class BoilerAcceptOrderAppController {
     @Operation(summary = "获得受理单&任务单分页")
     @RateLimiter
     public CommonResult<PageResult<AcceptOrderAppRespVO>> getAcceptOrderPage(@Valid AcceptOrderPageReqVO pageReqVO) {
-//        LoginUser loginUser = getLoginUser();
-//        if(loginUser == null){
-//            return success(new PageResult<>());
-//        }
-//        String mobile = getLoginUserMobile();
-        pageReqVO.setContactPhone(null);
-//        pageReqVO.setUnitPhone(mobile);
+        String userId = AppAuthContextHolder.getUserId();
+        if (StrUtil.isEmpty(userId)) {
+            return success(new PageResult<>());
+        }
+        String mobile = AppAuthContextHolder.getMobile();
+        pageReqVO.setContactPhone(mobile);
+        pageReqVO.setUnitPhone(mobile);
 
         return success(acceptOrderService.getAcceptAppOrderPage(getLoginUser(), pageReqVO));
     }
@@ -56,10 +57,10 @@ public class BoilerAcceptOrderAppController {
     @RateLimiter
     public CommonResult<AcceptOrderRespVO> getAcceptAppOrder(@RequestParam("id") String id) {
         AcceptOrderRespVO acceptOrder = acceptOrderService.getAcceptOrder(id);
-//        String mobile = getLoginUserMobile();
-//        if(acceptOrder != null && !mobile.equals(acceptOrder.getUnitPhone())){
-//            return success(null);
-//        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (mobile != null && acceptOrder != null && !mobile.equals(acceptOrder.getUnitPhone())) {
+            return success(null);
+        }
 
         return success(acceptOrder);
     }
@@ -70,10 +71,10 @@ public class BoilerAcceptOrderAppController {
     @RateLimiter
     public CommonResult<BoilerTaskOrderRespVO> getTaskAppOrder(@RequestParam("id") String id) {
         BoilerTaskOrderRespVO taskOrder = boilerTaskOrderService.getBoilerTaskOrder(id);
-//        String mobile = getLoginUserMobile();
-//        if(taskOrder != null && !mobile.equals(taskOrder.getUnitPhone())){
-//            return success(null);
-//        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (mobile != null && taskOrder != null && !mobile.equals(taskOrder.getUnitPhone())) {
+            return success(null);
+        }
 
         return success(taskOrder);
     }

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/acceptorder/PipeAcceptOrderAppController.java

@@ -1,9 +1,11 @@
 package cn.start.tz.module.pressure2.controller.app.acceptorder;
 
+import cn.hutool.core.util.StrUtil;
 import cn.start.tz.framework.common.pojo.CommonResult;
 import cn.start.tz.framework.common.pojo.PageResult;
 import cn.start.tz.framework.ratelimiter.core.annotation.RateLimiter;
-import cn.start.tz.framework.security.core.LoginUser;
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
+import cn.start.tz.module.pressure2.framework.appauth.core.context.AppAuthContextHolder;
 import cn.start.tz.module.pressure2.controller.admin.acceptorder.vo.AcceptOrderPageReqVO;
 import cn.start.tz.module.pressure2.controller.admin.acceptorder.vo.AcceptOrderRespVO;
 import cn.start.tz.module.pressure2.controller.admin.acceptorder.vo.PipeAcceptOrderRespVO;
@@ -21,12 +23,12 @@ import org.springframework.web.bind.annotation.*;
 
 import static cn.start.tz.framework.common.pojo.CommonResult.success;
 import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUser;
-import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUserMobile;
 
 @Tag(name = "小程序 - 管道受理单")
 @RestController
 @RequestMapping("/pressure2/accept-order/pipe")
 @Validated
+@AppAuth
 public class PipeAcceptOrderAppController {
 
     @Resource
@@ -38,13 +40,13 @@ public class PipeAcceptOrderAppController {
     @Operation(summary = "获得受理单&任务单分页")
     @RateLimiter
     public CommonResult<PageResult<AcceptOrderAppRespVO>> getAcceptOrderPage(@Valid AcceptOrderPageReqVO pageReqVO) {
-//        LoginUser loginUser = getLoginUser();
-//        if(loginUser == null){
-//            return success(new PageResult<>());
-//        }
-//        String mobile = getLoginUserMobile();
-//        pageReqVO.setContactPhone(mobile);
-//        pageReqVO.setUnitPhone(mobile);
+        String userId = AppAuthContextHolder.getUserId();
+        if (StrUtil.isEmpty(userId)) {
+            return success(new PageResult<>());
+        }
+        String mobile = AppAuthContextHolder.getMobile();
+        pageReqVO.setContactPhone(mobile);
+        pageReqVO.setUnitPhone(mobile);
 
         return success(pipeAcceptOrderService.getAcceptAppOrderPage(getLoginUser(), pageReqVO));
     }
@@ -55,10 +57,10 @@ public class PipeAcceptOrderAppController {
     @RateLimiter
     public CommonResult<PipeAcceptOrderRespVO> getAcceptAppOrder(@RequestParam("id") String id) {
         PipeAcceptOrderRespVO acceptOrder = pipeAcceptOrderService.getAcceptOrder(id);
-//        String mobile = getLoginUserMobile();
-//        if(acceptOrder != null && !mobile.equals(acceptOrder.getUnitPhone())){
-//            return success(null);
-//        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (mobile != null && acceptOrder != null && !mobile.equals(acceptOrder.getUnitPhone())) {
+            return success(null);
+        }
 
         return success(acceptOrder);
     }
@@ -69,10 +71,10 @@ public class PipeAcceptOrderAppController {
     @RateLimiter
     public CommonResult<PipeTaskOrderRespVO> getTaskAppOrder(@RequestParam("id") String id) {
         PipeTaskOrderRespVO taskOrder = pipeTaskOrderService.getPipeTaskOrder(id);
-//        String mobile = getLoginUserMobile();
-//        if(taskOrder != null && !mobile.equals(taskOrder.getUnitPhone())){
-//            return success(null);
-//        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (mobile != null && taskOrder != null && !mobile.equals(taskOrder.getUnitPhone())) {
+            return success(null);
+        }
 
         return success(taskOrder);
     }

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/appointmentconfirmorder/BoilerAppointmentConfirmOrderAppController.java

@@ -1,8 +1,11 @@
 package cn.start.tz.module.pressure2.controller.app.appointmentconfirmorder;
 
+import cn.hutool.core.util.StrUtil;
 import cn.start.tz.framework.common.pojo.CommonResult;
 import cn.start.tz.framework.common.pojo.PageResult;
 import cn.start.tz.framework.ratelimiter.core.annotation.RateLimiter;
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
+import cn.start.tz.module.pressure2.framework.appauth.core.context.AppAuthContextHolder;
 import cn.start.tz.module.pressure2.controller.admin.appointmentconfirmorder.vo.*;
 import cn.start.tz.module.pressure2.controller.app.appointmentconfirmorder.vo.AppAppointmentRefuseVO;
 import cn.start.tz.module.pressure2.service.appointmentconfirmorder.AppointmentConfirmOrderService;
@@ -10,19 +13,17 @@ import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.annotation.Resource;
-import jakarta.annotation.security.PermitAll;
 import jakarta.validation.Valid;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 import static cn.start.tz.framework.common.pojo.CommonResult.success;
-import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUser;
-import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUserMobile;
 
 @Tag(name = "小程序 - 锅炉约检确认")
 @RestController
 @RequestMapping("/pressure2/appointment-confirm-order/boiler")
 @Validated
+@AppAuth
 public class BoilerAppointmentConfirmOrderAppController {
 
     @Resource
@@ -33,14 +34,13 @@ public class BoilerAppointmentConfirmOrderAppController {
     @PutMapping("/confirm")
     @Operation(summary = "约检确认")
     @RateLimiter
-    // TODO: 待提供更多信息 - 手机号校验逻辑需确认
     public CommonResult<Boolean> updateAppointmentConfirmOrderMini(@Valid @RequestBody ConfirmOrderVO confirmOrderVO) {
-//        // 校验手机号权限
-//        String mobile = getLoginUserMobile();
-//        AppointmentConfirmOrderRespVO order = appointmentConfirmOrderService.getAppointmentConfirmOrder(confirmOrderVO.getId());
-//        if (order != null && !mobile.equals(order.getUnitPhone())) {
-//            return success(false);
-//        }
+        // 校验手机号权限
+        String mobile = AppAuthContextHolder.getMobile();
+        AppointmentConfirmOrderRespVO order = appointmentConfirmOrderService.getAppointmentConfirmOrder(confirmOrderVO.getId());
+        if (mobile != null && order != null && !mobile.equals(order.getUnitPhone())) {
+            return success(false);
+        }
 
         appointmentConfirmOrderService.confirm(confirmOrderVO);
         return success(true);
@@ -53,24 +53,23 @@ public class BoilerAppointmentConfirmOrderAppController {
     public CommonResult<AppointmentConfirmOrderRespVO> getAppointmentConfirmOrderMini(@RequestParam("id") String id) {
         AppointmentConfirmOrderRespVO appointmentConfirmOrder = appointmentConfirmOrderService.getAppointmentConfirmOrder(id);
 
-//        String mobile = getLoginUserMobile();
-//        if(appointmentConfirmOrder != null && !mobile.equals(appointmentConfirmOrder.getUnitPhone())){
-//            return success(null);
-//        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (mobile != null && appointmentConfirmOrder != null && !mobile.equals(appointmentConfirmOrder.getUnitPhone())) {
+            return success(null);
+        }
         return success(appointmentConfirmOrder);
     }
 
     @PostMapping("/equip/update")
     @Operation(summary = "设备调整")
     @RateLimiter
-    // TODO: 待提供更多信息 - 手机号校验逻辑需确认
     public CommonResult<Boolean> equipUpdateMini(@RequestBody AppointmentEquipUpdateVO equipUpdateVO) {
-//        // 校验手机号权限
-//        String mobile = getLoginUserMobile();
-//        AppointmentConfirmOrderRespVO order = appointmentConfirmOrderService.getAppointmentConfirmOrder(equipUpdateVO.getOrderId());
-//        if (order != null && !mobile.equals(order.getUnitPhone())) {
-//            return success(false);
-//        }
+        // 校验手机号权限
+        String mobile = AppAuthContextHolder.getMobile();
+        AppointmentConfirmOrderRespVO order = appointmentConfirmOrderService.getAppointmentConfirmOrder(equipUpdateVO.getOrderId());
+        if (mobile != null && order != null && !mobile.equals(order.getUnitPhone())) {
+            return success(false);
+        }
 
         appointmentConfirmOrderService.equipUpdate(equipUpdateVO);
         return success(true);
@@ -80,11 +79,11 @@ public class BoilerAppointmentConfirmOrderAppController {
     @Operation(summary = "约检确认编辑,设备分页")
     @RateLimiter
     public CommonResult<PageResult<AppointmentEquipsPageRespVO>> getEquipsPageMini(@Valid ConfirmOrderPageVO pageReqVO) {
-//        String mobile = getLoginUserMobile();
-//        AppointmentConfirmOrderRespVO order = appointmentConfirmOrderService.getAppointmentConfirmOrder(pageReqVO.getOrderId());
-//        if (order != null && !mobile.equals(order.getUnitPhone())) {
-//            return success(PageResult.empty());
-//        }
+        String mobile = AppAuthContextHolder.getMobile();
+        AppointmentConfirmOrderRespVO order = appointmentConfirmOrderService.getAppointmentConfirmOrder(pageReqVO.getOrderId());
+        if (mobile != null && order != null && !mobile.equals(order.getUnitPhone())) {
+            return success(PageResult.empty());
+        }
 
         return success(appointmentConfirmOrderService.getEquipsPage(pageReqVO));
     }
@@ -100,16 +99,16 @@ public class BoilerAppointmentConfirmOrderAppController {
     @GetMapping("/page")
     @Operation(summary = "获得约检确认分页")
     @RateLimiter
-    @PermitAll
+    @AppAuth(permitAll = true)
     public CommonResult<PageResult<AppointmentConfirmOrderRespVO>> getAppointmentConfirmOrderPageMini(@Valid AppointmentConfirmOrderPageReqVO pageReqVO) {
-//        LoginUser loginUser = getLoginUser();
-//        if(loginUser == null){
-//            return success(new PageResult<>());
-//        }
+        String userId = AppAuthContextHolder.getUserId();
+        if (StrUtil.isEmpty(userId)) {
+            return success(new PageResult<>());
+        }
+        String mobile = AppAuthContextHolder.getMobile();
+        pageReqVO.setUnitPhone(mobile);
         pageReqVO.setEquipMainType(200);
         return success(appointmentConfirmOrderService.getAppointmentConfirmOrderPage(pageReqVO));
     }
 
-    // TODO: 待提供更多信息 - AppointmentConfirmOrderService.getEquipsListForExport
-    // @PostMapping("/export-equips-excel")
 }

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/appointmentconfirmorder/PipeAppointmentConfirmOrderAppController.java

@@ -1,8 +1,11 @@
 package cn.start.tz.module.pressure2.controller.app.appointmentconfirmorder;
 
+import cn.hutool.core.util.StrUtil;
 import cn.start.tz.framework.common.pojo.CommonResult;
 import cn.start.tz.framework.common.pojo.PageResult;
 import cn.start.tz.framework.ratelimiter.core.annotation.RateLimiter;
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
+import cn.start.tz.module.pressure2.framework.appauth.core.context.AppAuthContextHolder;
 import cn.start.tz.module.pressure2.controller.admin.appointmentconfirmorder.vo.*;
 import cn.start.tz.module.pressure2.controller.app.appointmentconfirmorder.vo.AppAppointmentRefuseVO;
 import cn.start.tz.module.pressure2.service.appointmentconfirmorder.AppointmentConfirmOrderService;
@@ -11,19 +14,17 @@ import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.annotation.Resource;
-import jakarta.annotation.security.PermitAll;
 import jakarta.validation.Valid;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 import static cn.start.tz.framework.common.pojo.CommonResult.success;
-import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUser;
-import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUserMobile;
 
 @Tag(name = "小程序 - 管道约检确认")
 @RestController
 @RequestMapping("/pressure2/appointment-confirm-order/pipe")
 @Validated
+@AppAuth
 public class PipeAppointmentConfirmOrderAppController {
 
     @Resource
@@ -37,12 +38,12 @@ public class PipeAppointmentConfirmOrderAppController {
     @Operation(summary = "约检确认")
     @RateLimiter
     public CommonResult<Boolean> updateAppointmentConfirmOrderMini(@Valid @RequestBody ConfirmOrderVO confirmOrderVO) {
-//        // 校验手机号权限
-//        String mobile = getLoginUserMobile();
-//        PipeAppointmentConfirmOrderRespVO order = pipeAppointmentConfirmOrderService.getAppointmentConfirmOrder(confirmOrderVO.getId());
-//        if (order != null && !mobile.equals(order.getUnitPhone())) {
-//            return success(false);
-//        }
+        // 校验手机号权限
+        String mobile = AppAuthContextHolder.getMobile();
+        PipeAppointmentConfirmOrderRespVO order = pipeAppointmentConfirmOrderService.getAppointmentConfirmOrder(confirmOrderVO.getId());
+        if (mobile != null && order != null && !mobile.equals(order.getUnitPhone())) {
+            return success(false);
+        }
 
         pipeAppointmentConfirmOrderService.confirm(confirmOrderVO);
         return success(true);
@@ -55,10 +56,10 @@ public class PipeAppointmentConfirmOrderAppController {
     public CommonResult<PipeAppointmentConfirmOrderRespVO> getAppointmentConfirmOrderMini(@RequestParam("id") String id) {
         PipeAppointmentConfirmOrderRespVO appointmentConfirmOrder = pipeAppointmentConfirmOrderService.getAppointmentConfirmOrder(id);
 
-//        String mobile = getLoginUserMobile();
-//        if(appointmentConfirmOrder != null && !mobile.equals(appointmentConfirmOrder.getUnitPhone())){
-//            return success(null);
-//        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (mobile != null && appointmentConfirmOrder != null && !mobile.equals(appointmentConfirmOrder.getUnitPhone())) {
+            return success(null);
+        }
         return success(appointmentConfirmOrder);
     }
 
@@ -66,12 +67,12 @@ public class PipeAppointmentConfirmOrderAppController {
     @Operation(summary = "设备调整")
     @RateLimiter
     public CommonResult<Boolean> equipUpdateMini(@RequestBody AppointmentEquipUpdateVO equipUpdateVO) {
-//        // 校验手机号权限
-//        String mobile = getLoginUserMobile();
-//        PipeAppointmentConfirmOrderRespVO order = pipeAppointmentConfirmOrderService.getAppointmentConfirmOrder(equipUpdateVO.getOrderId());
-//        if (order != null && !mobile.equals(order.getUnitPhone())) {
-//            return success(false);
-//        }
+        // 校验手机号权限
+        String mobile = AppAuthContextHolder.getMobile();
+        PipeAppointmentConfirmOrderRespVO order = pipeAppointmentConfirmOrderService.getAppointmentConfirmOrder(equipUpdateVO.getOrderId());
+        if (mobile != null && order != null && !mobile.equals(order.getUnitPhone())) {
+            return success(false);
+        }
 
         pipeAppointmentConfirmOrderService.equipUpdate(equipUpdateVO);
         return success(true);
@@ -81,11 +82,11 @@ public class PipeAppointmentConfirmOrderAppController {
     @Operation(summary = "约检确认编辑,设备分页")
     @RateLimiter
     public CommonResult<PageResult<PipeAppointmentEquipsPageRespVO>> getEquipsPageMini(@Valid ConfirmOrderPageVO pageReqVO) {
-//        String mobile = getLoginUserMobile();
-//        PipeAppointmentConfirmOrderRespVO order = pipeAppointmentConfirmOrderService.getAppointmentConfirmOrder(pageReqVO.getOrderId());
-//        if (order != null && !mobile.equals(order.getUnitPhone())) {
-//            return success(PageResult.empty());
-//        }
+        String mobile = AppAuthContextHolder.getMobile();
+        PipeAppointmentConfirmOrderRespVO order = pipeAppointmentConfirmOrderService.getAppointmentConfirmOrder(pageReqVO.getOrderId());
+        if (mobile != null && order != null && !mobile.equals(order.getUnitPhone())) {
+            return success(PageResult.empty());
+        }
 
         return success(pipeAppointmentConfirmOrderService.getEquipsPage(pageReqVO));
     }
@@ -101,16 +102,19 @@ public class PipeAppointmentConfirmOrderAppController {
     @GetMapping("/page")
     @Operation(summary = "获得约检确认分页")
     @RateLimiter
-    @PermitAll
+    @AppAuth(permitAll = true)
     public CommonResult<PageResult<AppointmentConfirmOrderRespVO>> getAppointmentConfirmOrderPageMini(@Valid AppointmentConfirmOrderPageReqVO pageReqVO) {
-//        LoginUser loginUser = getLoginUser();
-//        if(loginUser == null){
-//            return success(new PageResult<>());
-//        }
+        String userId = AppAuthContextHolder.getUserId();
+        if (StrUtil.isEmpty(userId)) {
+            return success(new PageResult<>());
+        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (mobile == null) {
+            return success(new PageResult<>());
+        }
+        pageReqVO.setUnitPhone(mobile);
         pageReqVO.setEquipMainType(300);
         return success(appointmentConfirmOrderService.getAppointmentConfirmOrderPage(pageReqVO));
     }
 
-    // TODO: 待提供更多信息 - PipeAppointmentConfirmOrderService.getEquipsListForExport
-    // @PostMapping("/export-equips-excel")
 }

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/taskorder/BoilerTaskOrderAppApiController.java

@@ -1,7 +1,11 @@
 package cn.start.tz.module.pressure2.controller.app.taskorder;
 
+import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.core.util.StrUtil;
 import cn.start.tz.framework.common.pojo.CommonResult;
 import cn.start.tz.framework.common.pojo.PageResult;
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
+import cn.start.tz.module.pressure2.framework.appauth.core.context.AppAuthContextHolder;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskorder.vo.*;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskordersignfile.vo.BoilerTaskOrderSignFilePageReqVO;
 import cn.start.tz.module.pressure2.controller.app.taskorder.vo.ServeOrderSignRespVo;
@@ -19,13 +23,12 @@ import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 import static cn.start.tz.framework.common.pojo.CommonResult.success;
-import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUser;
-import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUserMobile;
 
 @Tag(name = "小程序 - 锅炉任务单")
 @RestController
 @RequestMapping("/pressure2/task-order/boiler")
 @Validated
+@AppAuth
 public class BoilerTaskOrderAppApiController {
 
     @Resource
@@ -40,10 +43,10 @@ public class BoilerTaskOrderAppApiController {
     @GetMapping("/page")
     @Operation(summary = "锅炉任务单分页")
     public CommonResult<PageResult<BoilerTaskOrderRespVO>> getTaskOrderPage(@Valid BoilerTaskOrderPageReqVO pageReqVO) {
-//        LoginUser loginUser = getLoginUser();
-//        if(loginUser == null){
-//            return success(new PageResult<>());
-//        }
+        String userId = AppAuthContextHolder.getUserId();
+        if (StrUtil.isEmpty(userId)) {
+            return success(new PageResult<>());
+        }
 
         return success(boilerTaskOrderService.getBoilerTaskOrderPage(pageReqVO));
     }
@@ -52,10 +55,10 @@ public class BoilerTaskOrderAppApiController {
     @Operation(summary = "获得锅炉任务单")
     public CommonResult<BoilerTaskOrderRespVO> getTaskOrder(@RequestParam("id") String id) {
         BoilerTaskOrderRespVO taskOrder = boilerTaskOrderService.getBoilerTaskOrder(id);
-//        String mobile = getLoginUserMobile();
-//        if(taskOrder != null && !mobile.equals(taskOrder.getUnitPhone())){
-//            return success(null);
-//        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (taskOrder != null && !mobile.equals(taskOrder.getUnitPhone())) {
+            return success(null);
+        }
 
         return success(taskOrder);
     }
@@ -63,8 +66,8 @@ public class BoilerTaskOrderAppApiController {
     @GetMapping("/order-sign/page")
     @Operation(summary = "服务单签名分页")
     public CommonResult<PageResult<ServeOrderSignRespVo>> getOrderSignPage(@Valid BoilerTaskOrderSignFilePageReqVO pageReqVO) {
-//        String mobile = getLoginUserMobile();
-
+        String mobile = AppAuthContextHolder.getMobile();
+        pageReqVO.setReceiverPhone(mobile);
         pageReqVO.setEquipMainType("200");
         return success(taskSignService.getOrderSignPage(pageReqVO));
     }
@@ -79,10 +82,15 @@ public class BoilerTaskOrderAppApiController {
     @GetMapping("/payment-bill/page")
     @Operation(summary = "缴费账单分页")
     public CommonResult<PageResult<TaskOrderPaymentRespVo>> getPaymentBillPage(@Valid BoilerTaskOrderPageReqVO pageReqVO) {
-//        LoginUser loginUser = getLoginUser();
-//        if(loginUser == null){
-//            return success(new PageResult<>());
-//        }
+        String userId = AppAuthContextHolder.getUserId();
+        if (StrUtil.isEmpty(userId)) {
+            return success(new PageResult<>());
+        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (ObjectUtil.isEmpty(mobile)) {
+            return success(new PageResult<>());
+        }
+        pageReqVO.setUnitPhone(mobile);
 
         pageReqVO.setEquipMainType("200");
         return success(taskOrderBillService.getBoilerPaymentBillPage(pageReqVO));
@@ -92,10 +100,10 @@ public class BoilerTaskOrderAppApiController {
     @Operation(summary = "获得缴费账单详情")
     public CommonResult<TaskOrderPaymentRespVo> getPaymentBillDetail(@RequestParam("id") String id) {
         TaskOrderPaymentRespVo pageResult = taskOrderBillService.getBoilerPaymentBillDetail(id);
-//        String mobile = getLoginUserMobile();
-//        if(pageResult == null || !mobile.equals(pageResult.getRecipientPhone())){
-//            return success(null);
-//        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (mobile != null && (pageResult == null || !mobile.equals(pageResult.getRecipientPhone()))) {
+            return success(null);
+        }
 
         return success(pageResult);
     }

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/taskorder/BoilerTaskOrderIssueReportAppController.java

@@ -2,6 +2,7 @@ package cn.start.tz.module.pressure2.controller.app.taskorder;
 
 import cn.start.tz.framework.common.pojo.CommonResult;
 import cn.start.tz.framework.common.pojo.PageResult;
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskorder.vo.BoilerTaskOrderPageReqVO;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskorder.vo.BoilerTaskOrderRespVO;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskorderissuereport.vo.BoilerTaskOrderIssueReportPageReqVO;
@@ -25,6 +26,7 @@ import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.ge
 @RestController
 @RequestMapping("/pressure2/task-order/issue-report/boiler")
 @Validated
+@AppAuth
 public class BoilerTaskOrderIssueReportAppController {
 
     @Resource

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/taskorder/PipeTaskOrderAppApiController.java

@@ -1,7 +1,11 @@
 package cn.start.tz.module.pressure2.controller.app.taskorder;
 
+import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.core.util.StrUtil;
 import cn.start.tz.framework.common.pojo.CommonResult;
 import cn.start.tz.framework.common.pojo.PageResult;
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
+import cn.start.tz.module.pressure2.framework.appauth.core.context.AppAuthContextHolder;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskorder.vo.BoilerTaskOrderPageReqVO;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskordersignfile.vo.BoilerTaskOrderSignFilePageReqVO;
 import cn.start.tz.module.pressure2.controller.admin.pipetaskorder.vo.PipeTaskOrderRespVO;
@@ -19,13 +23,12 @@ import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 import static cn.start.tz.framework.common.pojo.CommonResult.success;
-import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUser;
-import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUserMobile;
 
 @Tag(name = "小程序 - 管道任务单")
 @RestController
 @RequestMapping("/pressure2/task-order/pipe")
 @Validated
+@AppAuth
 public class PipeTaskOrderAppApiController {
 
     @Resource
@@ -38,10 +41,10 @@ public class PipeTaskOrderAppApiController {
     @GetMapping("/page")
     @Operation(summary = "管道任务单分页")
     public CommonResult<PageResult<PipeTaskOrderRespVO>> getTaskOrderPage(@Valid BoilerTaskOrderPageReqVO pageReqVO) {
-//        LoginUser loginUser = getLoginUser();
-//        if(loginUser == null){
-//            return success(new PageResult<>());
-//        }
+        String userId = AppAuthContextHolder.getUserId();
+        if (StrUtil.isEmpty(userId)) {
+            return success(new PageResult<>());
+        }
 
         return success(pipeTaskOrderService.getPipeTaskOrderPage(pageReqVO));
     }
@@ -50,10 +53,10 @@ public class PipeTaskOrderAppApiController {
     @Operation(summary = "获得管道任务单")
     public CommonResult<PipeTaskOrderRespVO> getTaskOrder(@RequestParam("id") String id) {
         PipeTaskOrderRespVO taskOrder = pipeTaskOrderService.getPipeTaskOrder(id);
-//        String mobile = getLoginUserMobile();
-//        if(taskOrder != null && !mobile.equals(taskOrder.getUnitPhone())){
-//            return success(null);
-//        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (taskOrder != null && !mobile.equals(taskOrder.getUnitPhone())) {
+            return success(null);
+        }
 
         return success(taskOrder);
     }
@@ -61,8 +64,8 @@ public class PipeTaskOrderAppApiController {
     @GetMapping("/order-sign/page")
     @Operation(summary = "服务单签名分页")
     public CommonResult<PageResult<ServeOrderSignRespVo>> getOrderSignPage(@Valid BoilerTaskOrderSignFilePageReqVO pageReqVO) {
-//        String mobile = getLoginUserMobile();
-
+        String mobile = AppAuthContextHolder.getMobile();
+        pageReqVO.setReceiverPhone(mobile);
         pageReqVO.setEquipMainType("300");
         return success(taskSignService.getOrderSignPage(pageReqVO));
     }
@@ -77,11 +80,15 @@ public class PipeTaskOrderAppApiController {
     @GetMapping("/payment-bill/page")
     @Operation(summary = "缴费账单分页")
     public CommonResult<PageResult<PipeTaskOrderPaymentRespVo>> getPaymentBillPage(@Valid BoilerTaskOrderPageReqVO pageReqVO) {
-//        LoginUser loginUser = getLoginUser();
-//        if(loginUser == null){
-//            return success(new PageResult<>());
-//        }
-
+        String userId = AppAuthContextHolder.getUserId();
+        if (StrUtil.isEmpty(userId)) {
+            return success(new PageResult<>());
+        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (ObjectUtil.isEmpty(mobile)) {
+            return success(new PageResult<>());
+        }
+        pageReqVO.setUnitPhone(mobile);
         pageReqVO.setEquipMainType("300");
         return success(taskOrderBillService.getPipePaymentBillPage(pageReqVO));
     }
@@ -90,10 +97,10 @@ public class PipeTaskOrderAppApiController {
     @Operation(summary = "获得缴费账单详情")
     public CommonResult<PipeTaskOrderPaymentRespVo> getPaymentBillDetail(@RequestParam("id") String id) {
         PipeTaskOrderPaymentRespVo pageResult = taskOrderBillService.getPipePaymentBillDetail(id);
-//        String mobile = getLoginUserMobile();
-//        if(pageResult == null || !mobile.equals(pageResult.getRecipientPhone())){
-//            return success(null);
-//        }
+        String mobile = AppAuthContextHolder.getMobile();
+        if (mobile != null && (pageResult == null || !mobile.equals(pageResult.getRecipientPhone()))) {
+            return success(null);
+        }
 
         return success(pageResult);
     }

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/taskorder/PipeTaskOrderIssueReportAppController.java

@@ -2,6 +2,7 @@ package cn.start.tz.module.pressure2.controller.app.taskorder;
 
 import cn.start.tz.framework.common.pojo.CommonResult;
 import cn.start.tz.framework.common.pojo.PageResult;
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskorder.vo.BoilerTaskOrderPageReqVO;
 import cn.start.tz.module.pressure2.controller.admin.pipetaskorder.vo.PipeTaskOrderRespVO;
 import cn.start.tz.module.pressure2.controller.admin.pipetaskorderissuereport.vo.PipeTaskOrderIssueReportPageReqVO;
@@ -23,6 +24,7 @@ import static cn.start.tz.framework.common.pojo.CommonResult.success;
 @RestController
 @RequestMapping("/pressure2/task-order/issue-report/pipe")
 @Validated
+@AppAuth
 public class PipeTaskOrderIssueReportAppController {
 
     @Resource

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/taskorder/vo/ServeOrderSignRespVo.java

@@ -53,6 +53,15 @@ public class ServeOrderSignRespVo {
     @Schema(description = "设备编码")
     private String equipCode;
 
+    @Schema(description = "工程号（管道）")
+    private String projectNo;
+
+    @Schema(description = "工程名称（管道）/ 设备名称（锅炉）")
+    private String projectName;
+
+    @Schema(description = "设备名称")
+    private String equipName;
+
     @Schema(description = "安全检查记录ID")
     private String securityCheckId;
 }

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/taskorderitemreport/BoilerAppReportTemplateController.java

@@ -1,6 +1,7 @@
 package cn.start.tz.module.pressure2.controller.app.taskorderitemreport;
 
 import cn.start.tz.framework.ratelimiter.core.annotation.RateLimiter;
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
 import cn.start.tz.module.pressure2.controller.admin.pipetaskorderinput.vo.PipeTaskOrderInputPrintReqVO;
 import cn.start.tz.module.pressure2.controller.admin.reporttemplate.vo.ReportMockPreviewVO;
 import cn.start.tz.module.pressure2.controller.appapi.boilertaskorder.vo.OrderFromPdfReqVO;
@@ -29,6 +30,7 @@ import java.nio.charset.StandardCharsets;
 @RestController
 @RequestMapping("/pressure2/app/report-template/boiler")
 @Validated
+@AppAuth
 public class BoilerAppReportTemplateController {
 
     @Resource

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/taskorderitemreport/BoilerAppTaskOrderItemReportController.java

@@ -2,6 +2,7 @@ package cn.start.tz.module.pressure2.controller.app.taskorderitemreport;
 
 import cn.start.tz.framework.common.pojo.CommonResult;
 import cn.start.tz.framework.common.pojo.PageResult;
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskorder.vo.BoilerTaskOrderPageReqVO;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskorder.vo.BoilerOrderItemPageRespVO;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskorder.vo.BoilerTaskOrderRespVO;
@@ -24,6 +25,7 @@ import static cn.start.tz.framework.common.pojo.CommonResult.success;
 @RestController
 @RequestMapping("/pressure2/app/task-order-item-report/boiler")
 @Validated
+@AppAuth
 public class BoilerAppTaskOrderItemReportController {
 
     @Resource

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/taskorderitemreport/PipeAppReportTemplateController.java

@@ -1,5 +1,6 @@
 package cn.start.tz.module.pressure2.controller.app.taskorderitemreport;
 
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
 import cn.start.tz.module.pressure2.controller.admin.pipetaskorderinput.vo.PipeTaskOrderInputPrintReqVO;
 import cn.start.tz.module.pressure2.controller.admin.reporttemplate.vo.ReportMockPreviewVO;
 import cn.start.tz.module.pressure2.controller.appapi.boilertaskorder.vo.OrderFromPdfReqVO;
@@ -25,6 +26,7 @@ import java.nio.charset.StandardCharsets;
 @RestController
 @RequestMapping("/pressure2/app/report-template/pipe")
 @Validated
+@AppAuth
 public class PipeAppReportTemplateController {
 
     @Resource

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/controller/app/taskorderitemreport/PipeAppTaskOrderItemReportController.java

@@ -2,6 +2,7 @@ package cn.start.tz.module.pressure2.controller.app.taskorderitemreport;
 
 import cn.start.tz.framework.common.pojo.CommonResult;
 import cn.start.tz.framework.common.pojo.PageResult;
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
 import cn.start.tz.module.pressure2.controller.admin.boilertaskorder.vo.BoilerTaskOrderPageReqVO;
 import cn.start.tz.module.pressure2.controller.admin.pipetaskorder.vo.PipeOrderItemPageRespVO;
 import cn.start.tz.module.pressure2.controller.admin.pipetaskorder.vo.PipeTaskOrderPageReqVO;
@@ -25,6 +26,7 @@ import static cn.start.tz.framework.common.pojo.CommonResult.success;
 @RestController
 @RequestMapping("/pressure2/app/task-order-item-report/pipe")
 @Validated
+@AppAuth
 public class PipeAppTaskOrderItemReportController {
 
     @Resource

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/dal/mysql/boilertaskorderitem/BoilerTaskOrderItemMapper.java

@@ -70,6 +70,7 @@ public interface BoilerTaskOrderItemMapper extends BaseMapperX<BoilerTaskOrderIt
                 selectAs(BoilerTaskOrderItemReportDO::getFinishUploadTime,BoilerOrderItemPageRespVO::getFinishUploadTime).
                 selectAs(BoilerTaskOrderDO::getSubmitId,BoilerOrderItemPageRespVO::getSubmitId).
                 selectAs(EquipBoilerDO::getEquipCode,BoilerOrderItemPageRespVO::getEquipCode).
+                selectAs(EquipBoilerDO::getEquipName,BoilerOrderItemPageRespVO::getEquipName).
                 selectAs(EquipBoilerDO::getEquipStreet,BoilerOrderItemPageRespVO::getEquipStreet).
                 selectAs(EquipBoilerDO::getEquipDistrict,BoilerOrderItemPageRespVO::getEquipDistrict).
                 selectAs(EquipBoilerDO::getType,BoilerOrderItemPageRespVO::getEquipmentType).

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/dal/mysql/pipetaskorderitem/PipeTaskOrderItemMapper.java

@@ -80,6 +80,8 @@ public interface PipeTaskOrderItemMapper extends BaseMapperX<PipeTaskOrderItemDO
                 selectAs(PipeTaskOrderItemReportDO::getFinishUploadTime,PipeOrderItemPageRespVO::getFinishUploadTime).
                 selectAs(PipeTaskOrderDO::getSubmitId,PipeOrderItemPageRespVO::getSubmitId).
                 selectAs(EquipPipeDO::getProjectNo,PipeOrderItemPageRespVO::getProjectNo).
+                selectAs(EquipPipeDO::getProjectName, PipeOrderItemPageRespVO::getEquipName).
+                selectAs(EquipPipeDO::getCertificateNo, PipeOrderItemPageRespVO::getUseRegisterNo).
                 selectAs(EquipPipeDO::getEquipStreet,PipeOrderItemPageRespVO::getEquipStreet).
                 selectAs(EquipPipeDO::getEquipDistrict,PipeOrderItemPageRespVO::getEquipDistrict).
                 selectAs(EquipPipeDO::getPipeCategory,PipeOrderItemPageRespVO::getEquipmentType).

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/framework/appauth/config/AppAuthWebConfiguration.java

@@ -0,0 +1,29 @@
+package cn.start.tz.module.pressure2.framework.appauth.config;
+
+import cn.start.tz.module.pressure2.framework.appauth.core.interceptor.AppAuthInterceptor;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+import jakarta.annotation.Resource;
+
+@Configuration
+public class AppAuthWebConfiguration implements WebMvcConfigurer {
+
+    @Resource
+    private AppAuthInterceptor appAuthInterceptor;
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(appAuthInterceptor)
+                .addPathPatterns(
+                        "/app-api/pressure2/accept-order/**",
+                        "/app-api/pressure2/appointment-confirm-order/**",
+                        "/app-api/pressure2/equip-container/**",
+                        "/app-api/pressure2/task-order/**",
+                        "/app-api/pressure2/task-order-item-report/**",
+                        "/app-api/pressure2/report-template/**"
+                );
+    }
+
+}

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/framework/appauth/core/annotation/AppAuth.java

@@ -0,0 +1,15 @@
+package cn.start.tz.module.pressure2.framework.appauth.core.annotation;
+
+import jakarta.annotation.security.PermitAll;
+
+import java.lang.annotation.*;
+
+@Target({ElementType.METHOD, ElementType.TYPE})
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@PermitAll
+public @interface AppAuth {
+
+    boolean permitAll() default false;
+
+}

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/framework/appauth/core/context/AppAuthContextHolder.java

@@ -0,0 +1,46 @@
+package cn.start.tz.module.pressure2.framework.appauth.core.context;
+
+import com.alibaba.ttl.TransmittableThreadLocal;
+
+public class AppAuthContextHolder {
+
+    private static final ThreadLocal<AppAuthUserInfo> CONTEXT = new TransmittableThreadLocal<>();
+
+    public static void set(AppAuthUserInfo userInfo) {
+        CONTEXT.set(userInfo);
+    }
+
+    public static AppAuthUserInfo get() {
+        return CONTEXT.get();
+    }
+
+    public static String getUserId() {
+        AppAuthUserInfo userInfo = CONTEXT.get();
+        return userInfo != null ? userInfo.getId() : null;
+    }
+
+    public static String getMobile() {
+        AppAuthUserInfo userInfo = CONTEXT.get();
+        return userInfo != null ? userInfo.getMobile() : null;
+    }
+
+    public static String getNickname() {
+        AppAuthUserInfo userInfo = CONTEXT.get();
+        return userInfo != null ? userInfo.getNickname() : null;
+    }
+
+    public static Integer getUnitType() {
+        AppAuthUserInfo userInfo = CONTEXT.get();
+        return userInfo != null ? userInfo.getUnitType() : null;
+    }
+
+    public static String getUnitId() {
+        AppAuthUserInfo userInfo = CONTEXT.get();
+        return userInfo != null ? userInfo.getUnitId() : null;
+    }
+
+    public static void clear() {
+        CONTEXT.remove();
+    }
+
+}

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/framework/appauth/core/context/AppAuthUserInfo.java

@@ -0,0 +1,107 @@
+package cn.start.tz.module.pressure2.framework.appauth.core.context;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import lombok.Data;
+
+import java.util.List;
+
+@Data
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class AppAuthUserInfo {
+
+    private String id;
+    private String nickname;
+    private String avatar;
+    private String mobile;
+    private Integer sex;
+    private Integer point;
+    private Integer experience;
+    private LevelInfo level;
+    private Boolean brokerageEnabled;
+    private String name;
+    private String mail;
+    private List<UnitRoleInfo> unitRoleList;
+    private UnitContactInfo unitContact;
+    private SupervisionUnitAccountInfo supervisionUnitAccount;
+    private Integer unitType;
+    private String unitId;
+
+    @Data
+    @JsonIgnoreProperties(ignoreUnknown = true)
+    public static class LevelInfo {
+        private Long id;
+        private String name;
+        private Integer level;
+        private String icon;
+    }
+
+    @Data
+    @JsonIgnoreProperties(ignoreUnknown = true)
+    public static class UnitRoleInfo {
+        private String id;
+        private String name;
+        private String code;
+        private Integer sort;
+        private Integer dataScope;
+        private String dataScopeDeptIds;
+        private Integer status;
+        private Integer type;
+        private String remark;
+        private String createTime;
+    }
+
+    @Data
+    @JsonIgnoreProperties(ignoreUnknown = true)
+    public static class UnitContactInfo {
+        private String id;
+        private String unitId;
+        private String contactName;
+        private String contactPhone;
+        private String contactEmail;
+        private String isDefault;
+        private String username;
+        private String employeeNo;
+        private String deptId;
+        private String deptName;
+        private String source;
+        private String createTime;
+        private Integer sex;
+        private String post;
+        private String idNumber;
+        private String role;
+        private List<UnitRoleInfo> roleList;
+        private List<Object> menuList;
+        private Integer accountLevel;
+        private String memberId;
+        private List<Object> qualifications;
+        private List<String> equipList;
+        private Integer district;
+        private String districtName;
+    }
+
+    @Data
+    @JsonIgnoreProperties(ignoreUnknown = true)
+    public static class SupervisionUnitAccountInfo {
+        private String id;
+        private String unitId;
+        private String unitName;
+        private String contactName;
+        private String contactPhone;
+        private String contactEmail;
+        private String isDefault;
+        private String username;
+        private String role;
+        private UnitRoleInfo roleInfo;
+        private String employeeNo;
+        private Integer status;
+        private String post;
+        private Integer district;
+        private String districtName;
+        private String deptId;
+        private Integer sex;
+        private String idNumber;
+        private String createTime;
+        private String source;
+    }
+
+}

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/framework/appauth/core/exception/AppAuthErrorCodeConstants.java

@@ -0,0 +1,12 @@
+package cn.start.tz.module.pressure2.framework.appauth.core.exception;
+
+import cn.start.tz.framework.common.exception.ErrorCode;
+
+public interface AppAuthErrorCodeConstants {
+
+    ErrorCode APP_AUTH_TOKEN_MISSING = new ErrorCode(1001000001, "小程序令牌缺失，请先登录");
+    ErrorCode APP_AUTH_TOKEN_INVALID = new ErrorCode(1001000002, "小程序令牌无效，请重新登录");
+    ErrorCode APP_AUTH_SERVICE_ERROR = new ErrorCode(1001000003, "小程序鉴权服务异常，请稍后重试");
+    ErrorCode APP_AUTH_USER_FORBIDDEN = new ErrorCode(1001000004, "小程序用户无权限访问该接口");
+
+}

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/framework/appauth/core/exception/AppAuthException.java

@@ -0,0 +1,26 @@
+package cn.start.tz.module.pressure2.framework.appauth.core.exception;
+
+import cn.start.tz.framework.common.exception.ErrorCode;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+@Data
+@EqualsAndHashCode(callSuper = true)
+public class AppAuthException extends RuntimeException {
+
+    private final Integer code;
+    private final String message;
+
+    public AppAuthException(Integer code, String message) {
+        super(message);
+        this.code = code;
+        this.message = message;
+    }
+
+    public AppAuthException(ErrorCode errorCode) {
+        super(errorCode.getMsg());
+        this.code = errorCode.getCode();
+        this.message = errorCode.getMsg();
+    }
+
+}

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/framework/appauth/core/exception/AppAuthExceptionHandler.java

@@ -0,0 +1,39 @@
+package cn.start.tz.module.pressure2.framework.appauth.core.exception;
+
+import cn.start.tz.framework.common.exception.ServiceException;
+import cn.start.tz.framework.common.pojo.CommonResult;
+import cn.start.tz.module.pressure2.framework.appauth.core.context.AppAuthContextHolder;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.core.Ordered;
+import org.springframework.core.annotation.Order;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.ResponseStatus;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+
+@Slf4j
+@RestControllerAdvice(basePackages = "cn.start.tz.module.pressure2.controller.app")
+@Order(Ordered.HIGHEST_PRECEDENCE)
+public class AppAuthExceptionHandler {
+
+    @ExceptionHandler(AppAuthException.class)
+    @ResponseStatus(HttpStatus.UNAUTHORIZED)
+    public CommonResult<?> handleAppAuthException(AppAuthException e) {
+        log.warn("[handleAppAuthException][鉴权异常: code={}, msg={}, userId={}]",
+                e.getCode(), e.getMessage(),
+                AppAuthContextHolder.getUserId());
+        AppAuthContextHolder.clear();
+        return CommonResult.error(e.getCode(), e.getMessage());
+    }
+
+    @ExceptionHandler(ServiceException.class)
+    public CommonResult<?> handleServiceException(ServiceException e) {
+        if (e.getCode() != null && e.getCode() >= 1001000001 && e.getCode() <= 1001000999) {
+            log.warn("[handleServiceException][小程序鉴权业务异常: code={}, msg={}]",
+                    e.getCode(), e.getMessage());
+            AppAuthContextHolder.clear();
+        }
+        return CommonResult.error(e.getCode(), e.getMessage());
+    }
+
+}

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/framework/appauth/core/interceptor/AppAuthInterceptor.java

@@ -0,0 +1,127 @@
+package cn.start.tz.module.pressure2.framework.appauth.core.interceptor;
+
+import cn.hutool.core.util.StrUtil;
+import cn.start.tz.framework.common.pojo.CommonResult;
+import cn.start.tz.framework.common.util.servlet.ServletUtils;
+import cn.start.tz.framework.security.core.LoginUser;
+import cn.start.tz.framework.security.core.util.SecurityFrameworkUtils;
+import cn.start.tz.framework.web.core.util.WebFrameworkUtils;
+import cn.start.tz.module.pressure2.framework.appauth.core.annotation.AppAuth;
+import cn.start.tz.module.pressure2.framework.appauth.core.context.AppAuthContextHolder;
+import cn.start.tz.module.pressure2.framework.appauth.core.context.AppAuthUserInfo;
+import cn.start.tz.module.pressure2.framework.appauth.core.service.AppAuthService;
+import jakarta.annotation.Resource;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
+import org.springframework.stereotype.Component;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+import java.util.Collections;
+
+@Slf4j
+@Component
+public class AppAuthInterceptor implements HandlerInterceptor {
+
+    private static final String AUTHORIZATION_HEADER = "Authorization";
+    private static final String BEARER_PREFIX = "Bearer ";
+
+    @Resource
+    private AppAuthService appAuthService;
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
+        if (!(handler instanceof HandlerMethod)) {
+            return true;
+        }
+
+        HandlerMethod handlerMethod = (HandlerMethod) handler;
+
+        AppAuth methodAnnotation = handlerMethod.getMethodAnnotation(AppAuth.class);
+        AppAuth classAnnotation = handlerMethod.getBeanType().getAnnotation(AppAuth.class);
+
+        if (methodAnnotation == null && classAnnotation == null) {
+            return true;
+        }
+
+        AppAuth effectiveAnnotation = methodAnnotation != null ? methodAnnotation : classAnnotation;
+
+        String accessToken = extractAccessToken(request);
+
+        if (effectiveAnnotation.permitAll()) {
+            if (StrUtil.isNotEmpty(accessToken)) {
+                authenticateAndSetContext(accessToken, request);
+            }
+            return true;
+        }
+
+        if (StrUtil.isEmpty(accessToken)) {
+            log.warn("[preHandle][小程序接口缺少 Authorization 令牌, uri={}]", request.getRequestURI());
+            ServletUtils.writeJSON(response, CommonResult.error(401, "账号未登录"));
+            return false;
+        }
+
+        AppAuthUserInfo userInfo = authenticateAndSetContext(accessToken, request);
+        if (userInfo == null) {
+            log.warn("[preHandle][小程序鉴权失败, uri={}]", request.getRequestURI());
+            ServletUtils.writeJSON(response, CommonResult.error(401, "账号未登录"));
+            return false;
+        }
+
+        return true;
+    }
+
+    @Override
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {
+        AppAuthContextHolder.clear();
+    }
+
+    private String extractAccessToken(HttpServletRequest request) {
+        String bearerToken = request.getHeader(AUTHORIZATION_HEADER);
+        if (StrUtil.isNotEmpty(bearerToken) && bearerToken.startsWith(BEARER_PREFIX)) {
+            return bearerToken.substring(BEARER_PREFIX.length()).trim();
+        }
+        return null;
+    }
+
+    private AppAuthUserInfo authenticateAndSetContext(String accessToken, HttpServletRequest request) {
+        AppAuthUserInfo userInfo = appAuthService.authenticate(accessToken);
+        if (userInfo != null) {
+            AppAuthContextHolder.set(userInfo);
+            setLoginUserToSecurityContext(userInfo, request);
+        }
+        return userInfo;
+    }
+
+    private void setLoginUserToSecurityContext(AppAuthUserInfo userInfo, HttpServletRequest request) {
+        if (SecurityFrameworkUtils.getLoginUser() != null) {
+            return;
+        }
+
+        LoginUser loginUser = new LoginUser();
+        loginUser.setId(userInfo.getId());
+        loginUser.setUserType(2);
+        loginUser.setInfo("mobile", userInfo.getMobile() != null ? userInfo.getMobile() : "");
+        loginUser.setInfo("nickname", userInfo.getNickname() != null ? userInfo.getNickname() : "");
+        if (userInfo.getUnitType() != null) {
+            loginUser.setContext(LoginUser.INFO_KEY_UNIT_TYPE, userInfo.getUnitType());
+        }
+        if (userInfo.getUnitId() != null) {
+            loginUser.setContext(LoginUser.INFO_KEY_UNIT_ID, userInfo.getUnitId());
+        }
+
+        UsernamePasswordAuthenticationToken authenticationToken =
+                new UsernamePasswordAuthenticationToken(loginUser, null, Collections.emptyList());
+        authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
+        SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+
+        WebFrameworkUtils.setLoginUserId(request, loginUser.getId());
+        WebFrameworkUtils.setLoginUserType(request, loginUser.getUserType());
+    }
+
+}

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/framework/appauth/core/service/AppAuthService.java

@@ -0,0 +1,9 @@
+package cn.start.tz.module.pressure2.framework.appauth.core.service;
+
+import cn.start.tz.module.pressure2.framework.appauth.core.context.AppAuthUserInfo;
+
+public interface AppAuthService {
+
+    AppAuthUserInfo authenticate(String accessToken);
+
+}

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/framework/appauth/core/service/AppAuthServiceImpl.java

@@ -0,0 +1,197 @@
+package cn.start.tz.module.pressure2.framework.appauth.core.service;
+
+import cn.hutool.core.util.IdUtil;
+import cn.hutool.core.util.StrUtil;
+import cn.hutool.crypto.digest.DigestUtil;
+import cn.start.tz.framework.common.pojo.CommonResult;
+import cn.start.tz.framework.common.util.json.JsonUtils;
+import cn.start.tz.framework.security.core.LoginUser;
+import cn.start.tz.module.member.api.user.MemberUserApi;
+import cn.start.tz.module.member.api.user.dto.MemberUserRespDTO;
+import cn.start.tz.module.member.api.user.dto.UseUnitRelationSaveReqVO;
+import cn.start.tz.module.pressure2.framework.appauth.core.context.AppAuthUserInfo;
+import cn.start.tz.module.system.api.clientunit.ClientUnitApi;
+import cn.start.tz.module.system.api.clientunit.dto.ClientUnitDTO;
+import com.fasterxml.jackson.core.type.TypeReference;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.http.*;
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestTemplate;
+
+import jakarta.annotation.Resource;
+
+import java.time.Duration;
+import java.util.List;
+
+import static cn.start.tz.framework.security.core.util.SecurityFrameworkUtils.getLoginUser;
+
+@Slf4j
+@Service
+public class AppAuthServiceImpl implements AppAuthService {
+
+    private static final int MAX_RETRY_TIMES = 3;
+    private static final long RETRY_INTERVAL_MS = 100;
+
+    /**
+     * nonce Redis Key 模板: app_auth_nonce:{appId}:{nonce}
+     */
+    private static final String NONCE_KEY_FORMAT = "app_auth_nonce:%s:%s";
+
+    private static final TypeReference<CommonResult<AppAuthUserInfo>> AUTH_RESULT_TYPE =
+            new TypeReference<CommonResult<AppAuthUserInfo>>() {
+            };
+
+    @Resource
+    private RestTemplate restTemplate;
+
+    @Resource
+    @Lazy
+    private MemberUserApi memberUserApi;
+
+    @Resource
+    @Lazy
+    private ClientUnitApi clientUnitApi;
+
+    @Resource
+    private StringRedisTemplate stringRedisTemplate;
+
+    @Value("${app-auth.base-url:http://localhost:48080}")
+    private String baseUrl;
+
+    @Value("${app-auth.enabled:true}")
+    private boolean enabled;
+
+    @Value("${app-auth.app-id:xxxxxx}")
+    private String appId;
+
+    @Value("${app-auth.app-secret:yyyyyy}")
+    private String appSecret;
+
+    @Override
+    public AppAuthUserInfo authenticate(String accessToken) {
+        if (StrUtil.isEmpty(accessToken)) {
+            log.warn("[authenticate][accessToken 为空，鉴权失败]");
+            return null;
+        }
+
+        if (!enabled) {
+            log.info("[authenticate][鉴权服务未启用，返回模拟用户]");
+            return buildMockUser(accessToken);
+        }
+
+        // 最多重试3次，每次间隔100ms
+        for (int attempt = 1; attempt <= MAX_RETRY_TIMES; attempt++) {
+            try {
+                AppAuthUserInfo userInfo = doAuthenticate(accessToken);
+                if (userInfo != null) {
+                    return userInfo;
+                }
+                log.warn("[authenticate][鉴权失败，第 {} 次尝试，共 {} 次]", attempt, MAX_RETRY_TIMES);
+            } catch (Exception e) {
+                log.error("[authenticate][鉴权异常，第 {} 次尝试，共 {} 次, accessToken={}]",
+                        attempt, MAX_RETRY_TIMES, accessToken, e);
+            }
+
+            // 未达到最大重试次数时，等待后重试
+            if (attempt < MAX_RETRY_TIMES) {
+                try {
+                    Thread.sleep(RETRY_INTERVAL_MS);
+                } catch (InterruptedException ie) {
+                    Thread.currentThread().interrupt();
+                    log.warn("[authenticate][重试等待被中断]");
+                    break;
+                }
+            }
+        }
+
+        log.error("[authenticate][鉴权失败，已达到最大重试次数 {} 次, accessToken={}]",
+                MAX_RETRY_TIMES, accessToken);
+        return null;
+    }
+
+    private AppAuthUserInfo buildMockUser(String accessToken) {
+        AppAuthUserInfo user = new AppAuthUserInfo();
+        LoginUser loginUser = getLoginUser();
+        if (loginUser != null) {
+            CommonResult<MemberUserRespDTO> userResult = memberUserApi.getUser(loginUser.getId());
+            if (userResult == null || !userResult.isSuccess() || userResult.getData() == null) {
+                log.warn("[buildMockUser][获取用户信息失败]");
+                return user;
+            }
+            MemberUserRespDTO checkedData = userResult.getData();
+
+            CommonResult<List<UseUnitRelationSaveReqVO>> relationResult = memberUserApi.getUseUnitRelation(checkedData.getId());
+            String unitId = null;
+            if (relationResult != null && relationResult.isSuccess() && relationResult.getData() != null && !relationResult.getData().isEmpty()) {
+                List<UseUnitRelationSaveReqVO> useUnitRelations = relationResult.getData();
+                UseUnitRelationSaveReqVO useUnitRelation = useUnitRelations.get(0);
+                unitId = useUnitRelation.getUnitId();
+            }
+
+            if (unitId == null) {
+                log.warn("[buildMockUser][单位ID为空]");
+            }
+
+            user.setId(loginUser.getId());
+            user.setNickname(checkedData.getNickname());
+            user.setMobile(checkedData.getMobile());
+            user.setUnitType(loginUser.getUnitType());
+            user.setUnitId(unitId);
+            user.setName(checkedData.getNickname());
+        }
+        return user;
+    }
+
+    private AppAuthUserInfo doAuthenticate(String accessToken) {
+        // 1. 生成 timestamp 和 nonce（32位UUID，长度 >= 10）
+        long timestamp = System.currentTimeMillis();
+        String nonce = IdUtil.fastSimpleUUID();
+
+        // 2. nonce 存入 Redis 防重放，过期时间 120 秒（服务器时间偏差窗口 60 秒的 2 倍）
+        String nonceKey = String.format(NONCE_KEY_FORMAT, appId, nonce);
+        stringRedisTemplate.opsForValue().set(nonceKey, "1", Duration.ofSeconds(120));
+
+        // 3. 计算签名
+        // GET 请求，无查询参数（第1步为空），无请求体（第2步为空）
+        // 第3步：Header 参数按 key 字典序排列 → appId < nonce < timestamp
+        // 第4步：末尾拼接 appSecret
+        // 最终：sign = SHA-256("appId={appId}&nonce={nonce}&timestamp={timestamp}{appSecret}")
+        String signString = "appId=" + appId + "&nonce=" + nonce + "&timestamp=" + timestamp + appSecret;
+        String sign = DigestUtil.sha256Hex(signString);
+
+        log.debug("[doAuthenticate][签名计算完成, appId={}, nonce={}, timestamp={}]", appId, nonce, timestamp);
+
+        // 4. 设置请求头并发起调用
+        HttpHeaders headers = new HttpHeaders();
+        headers.set(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken);
+        headers.set("appId", appId);
+        headers.set("timestamp", String.valueOf(timestamp));
+        headers.set("nonce", nonce);
+        headers.set("sign", sign);
+
+        HttpEntity<Void> entity = new HttpEntity<>(headers);
+
+        String url = baseUrl + "/external-api/member/auth/auth";
+        ResponseEntity<String> response = restTemplate.exchange(
+                url, HttpMethod.GET, entity, String.class);
+
+        if (response.getStatusCode().is2xxSuccessful() && response.getBody() != null) {
+            CommonResult<AppAuthUserInfo> result = JsonUtils.parseObject(
+                    response.getBody(), AUTH_RESULT_TYPE);
+            if (result != null && result.isSuccess()) {
+                return result.getData();
+            }
+            log.warn("[doAuthenticate][鉴权接口返回失败: code={}, msg={}]",
+                    result != null ? result.getCode() : null,
+                    result != null ? result.getMsg() : null);
+            return null;
+        }
+
+        log.warn("[doAuthenticate][鉴权接口HTTP状态异常: {}]", response.getStatusCode());
+        return null;
+    }
+
+}

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/framework/security/config/SecurityConfiguration.java

@@ -31,6 +31,8 @@ public class SecurityConfiguration {
                         .requestMatchers("/actuator/**").permitAll();
                 // RPC 服务的安全配置
                 registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll();
+                // 小程序接口由 AppAuthInterceptor 自行鉴权，跳过 Spring Security 校验
+//                registry.requestMatchers("/app-api/pressure2/**").permitAll();
             }
 
         };

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/service/boilertaskordersignfile/BoilerTaskOrderSignFileServiceImpl.java

@@ -5,8 +5,14 @@ import cn.hutool.core.util.ObjectUtil;
 import cn.start.tz.framework.mybatis.core.query.LambdaQueryWrapperX;
 import cn.start.tz.module.pressure2.dal.dataobject.boilertaskorderitem.BoilerTaskOrderItemDO;
 import cn.start.tz.module.pressure2.dal.dataobject.equipboiler.EquipBoilerDO;
+import cn.start.tz.module.pressure2.dal.dataobject.equippipe.EquipPipeDO;
+import cn.start.tz.module.pressure2.dal.dataobject.pipetaskorderitem.PipeTaskOrderItemDO;
 import cn.start.tz.module.pressure2.dal.mysql.boilertaskorderitem.BoilerTaskOrderItemMapper;
 import cn.start.tz.module.pressure2.dal.mysql.equipboiler.EquipBoilerMapper;
+import cn.start.tz.module.pressure2.dal.mysql.equippipe.EquipPipeMapper;
+import cn.start.tz.module.pressure2.dal.mysql.pipetaskorder.PipeTaskOrderMapper;
+import cn.start.tz.module.pressure2.dal.mysql.pipetaskorderitem.PipeTaskOrderItemMapper;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import org.springframework.stereotype.Service;
 import jakarta.annotation.Resource;
 import org.springframework.validation.annotation.Validated;
@@ -41,6 +47,14 @@ public class BoilerTaskOrderSignFileServiceImpl extends ServiceImpl<BoilerTaskOr
     @Resource
     private EquipBoilerMapper equipBoilerMapper;
 
+    @Resource
+    private PipeTaskOrderItemMapper pipeTaskOrderItemMapper;
+   @Resource
+    private PipeTaskOrderMapper pipeTaskOrderMapper;
+
+    @Resource
+    private EquipPipeMapper equipPipeMapper;
+
     @Override
     public String createBoilerTaskOrderSignFile(BoilerTaskOrderSignFileSaveReqVO createReqVO) {
         // 插入
@@ -114,24 +128,52 @@ public class BoilerTaskOrderSignFileServiceImpl extends ServiceImpl<BoilerTaskOr
         if (ObjectUtil.isEmpty(taskOrderSignFilePage) || CollUtil.isEmpty(taskOrderSignFilePage.getList())) {
             return PageResult.empty();
         }
-
-        if (Integer.valueOf(400).equals(pageReqVO.getBusinessType())) {
-            List<String> orderItemIds = taskOrderSignFilePage.getList().stream().map(BoilerTaskOrderSignFileRespVO::getOrderItemId).toList();
-            if (CollUtil.isNotEmpty(orderItemIds)) {
-                List<BoilerTaskOrderItemDO> taskOrderItemDOS = taskOrderItemMapper.selectByIds(orderItemIds);
+        if ("200".equals(pageReqVO.getEquipMainType())) {
+//        if (Integer.valueOf(400).equals(pageReqVO.getBusinessType())) {
+            List<String> orderIds = taskOrderSignFilePage.getList().stream().map(BoilerTaskOrderSignFileRespVO::getOrderId).toList();
+            if (CollUtil.isNotEmpty(orderIds)) {
+                List<BoilerTaskOrderItemDO> taskOrderItemDOS = taskOrderItemMapper.selectList(new LambdaQueryWrapperX<BoilerTaskOrderItemDO>().in(BoilerTaskOrderItemDO::getOrderId, orderIds));
                 if (CollUtil.isNotEmpty(taskOrderItemDOS)) {
                     List<String> equipIds = taskOrderItemDOS.stream().map(BoilerTaskOrderItemDO::getEquipId).toList();
                     if (CollUtil.isNotEmpty(equipIds)) {
                         List<EquipBoilerDO> equipBoilerDOS = equipBoilerMapper.selectByIds(equipIds);
                         if (CollUtil.isNotEmpty(equipBoilerDOS)) {
                             taskOrderSignFilePage.getList().forEach(x -> {
-                                List<BoilerTaskOrderItemDO> list = taskOrderItemDOS.stream().filter(y -> y.getId().equals(x.getOrderItemId())).toList();
+                                List<BoilerTaskOrderItemDO> list = taskOrderItemDOS.stream().filter(y -> y.getOrderId().equals(x.getOrderId())).toList();
                                 if (CollUtil.isNotEmpty(list)) {
                                     List<EquipBoilerDO> list1 = equipBoilerDOS.stream().filter(y -> y.getId().equals(list.get(0).getEquipId())).toList();
                                     if (CollUtil.isNotEmpty(list1)) {
                                         x.setEquipDistrict(list1.get(0).getEquipDistrict());
                                         x.setEquipStreet(list1.get(0).getEquipStreet());
                                         x.setEquipCode(list1.get(0).getEquipCode());
+                                        x.setEquipName(list1.get(0).getEquipName());
+                                    }
+                                }
+                            });
+                        }
+                    }
+                }
+            }
+        }
+        // 管道设备类型（equipMainType=300）时，查询管道设备表获取工程号等信息
+        if ("300".equals(pageReqVO.getEquipMainType())) {
+            List<String> orderIds = taskOrderSignFilePage.getList().stream().map(BoilerTaskOrderSignFileRespVO::getOrderId).toList();
+            if (CollUtil.isNotEmpty(orderIds)) {
+                List<PipeTaskOrderItemDO> pipeTaskOrderItems = pipeTaskOrderItemMapper.selectList(new LambdaQueryWrapperX<PipeTaskOrderItemDO>().in(PipeTaskOrderItemDO::getOrderId, orderIds));
+                if (CollUtil.isNotEmpty(pipeTaskOrderItems)) {
+                    List<String> equipIds = pipeTaskOrderItems.stream().map(PipeTaskOrderItemDO::getEquipId).toList();
+                    if (CollUtil.isNotEmpty(equipIds)) {
+                        List<EquipPipeDO> equipPipes = equipPipeMapper.selectByIds(equipIds);
+                        if (CollUtil.isNotEmpty(equipPipes)) {
+                            taskOrderSignFilePage.getList().forEach(x -> {
+                                List<PipeTaskOrderItemDO> items = pipeTaskOrderItems.stream().filter(y -> y.getOrderId().equals(x.getOrderId())).toList();
+                                if (CollUtil.isNotEmpty(items)) {
+                                    List<EquipPipeDO> pipes = equipPipes.stream().filter(y -> y.getId().equals(items.get(0).getEquipId())).toList();
+                                    if (CollUtil.isNotEmpty(pipes)) {
+                                        x.setEquipDistrict(pipes.get(0).getEquipDistrict());
+                                        x.setEquipStreet(pipes.get(0).getEquipStreet());
+                                        x.setEquipCode(pipes.get(0).getProjectNo());
+                                        x.setProjectName(pipes.get(0).getProjectName());
                                     }
                                 }
                             });

tz-module-pressure2/tz-module-pressure2-biz/src/main/java/cn/start/tz/module/pressure2/service/tasksign/TaskSignServiceImpl.java

@@ -251,6 +251,9 @@ public class TaskSignServiceImpl implements TaskSignService {
                 signRespVO.setIsSignature(fileVO.getIsSignature());
                 signRespVO.setOrderItemId(fileVO.getOrderItemId());
                 signRespVO.setEquipCode(fileVO.getEquipCode());
+                signRespVO.setProjectNo(fileVO.getEquipCode());
+                signRespVO.setProjectName(fileVO.getProjectName());
+                signRespVO.setEquipName(fileVO.getEquipName());
                 signRespVO.setSecurityCheckId(fileVO.getSecurityCheckId());
                 resultList.add(signRespVO);
             }

tz-module-pressure2/tz-module-pressure2-biz/src/main/resources/application-hsd.yaml

@@ -182,3 +182,8 @@ synchronization:
   host: http://192.168.20.70:28081
   apiKey: cecb02cf8d1c7be3a05987d6acc6d913666d9cb72cc061039ffb19ecaead1bb9
   cron: 0 0 0 * * ?
+grapecity:
+  url: http://192.168.0.53:48011
+
+app-auth:
+  enabled: false

tz-module-pressure2/tz-module-pressure2-biz/src/main/resources/application-hst.yaml

@@ -166,4 +166,6 @@ synchronization:
   apiKey: cecb02cf8d1c7be3a05987d6acc6d913666d9cb72cc061039ffb19ecaead1bb9
   cron: 0 0 0 * * ?
 grapecity:
-  url: http://192.168.0.53:48011
+  url: http://192.168.0.53:48011
+app-auth:
+  enabled: false

tz-module-pressure2/tz-module-pressure2-biz/src/main/resources/application-uat.yaml

@@ -168,4 +168,6 @@ synchronization:
   apiKey: cecb02cf8d1c7be3a05987d6acc6d913666d9cb72cc061039ffb19ecaead1bb9
   cron: 0 0 0 * * ?
 grapecity:
-  url: http://192.168.19.166:48011
+  url: http://192.168.19.166:48011
+app-auth:
+  enabled: false

tz-module-pressure2/tz-module-pressure2-biz/src/main/resources/mapper/boilertaskorder/BoilerTaskOrderMapper.xml

@@ -20,6 +20,9 @@
                 <if test="unitName != null and unitName != ''">
                     AND bto.UNIT_NAME LIKE CONCAT('%',#{unitName},'%')
                 </if>
+                <if test="unitPhone != null and unitPhone != ''">
+                    AND bto.UNIT_PHONE LIKE CONCAT('%',#{unitPhone},'%')
+                </if>
                 <if test="checkType != null and checkType != ''">
                     AND bto.CHECK_TYPE = #{checkType}
                 </if>

tz-module-pressure2/tz-module-pressure2-biz/src/main/resources/mapper/pipetaskorder/PipeTaskOrderMapper.xml

@@ -20,6 +20,9 @@
                 <if test="unitName != null and unitName != ''">
                     AND bto.UNIT_NAME LIKE CONCAT('%',#{unitName},'%')
                 </if>
+                <if test="unitPhone != null and unitPhone != ''">
+                    AND bto.UNIT_PHONE LIKE CONCAT('%',#{unitPhone},'%')
+                </if>
                 <if test="checkType != null and checkType != ''">
                     AND bto.CHECK_TYPE = #{checkType}
                 </if>