fix:shiro的session超时时间和token同步

service-base/src/main/java/com/simuwang/base/config/ShiroConfig.java

@@ -115,7 +115,9 @@ public class ShiroConfig {
         sessionManager.setSessionValidationSchedulerEnabled(false);
         sessionManager.setSessionIdCookieEnabled(true);
         sessionManager.setSessionIdCookie(simpleCookie());
-        sessionManager.setGlobalSessionTimeout(3600000);
+        // session 超时时间
+        long timeout = this.properties.getTokenExpire() * 60 * 1000L;
+        sessionManager.setGlobalSessionTimeout(timeout);
         return sessionManager;
     }
 

service-deploy/src/main/java/com/simuwang/deploy/components/ErrorInfoBuilder.java

@@ -81,6 +81,7 @@ public class ErrorInfoBuilder implements HandlerExceptionResolver, Ordered {
         } else if (error instanceof UnknownAccountException || error instanceof IncorrectCredentialsException) {
             msg = ResultCode.AUTH_FAILD.getMsg();
         } else if (error instanceof AuthenticationException) {
+            code = HttpStatus.UNAUTHORIZED.value();
             msg = "登录认证失败";
         } else if (error instanceof APIException e) {
             msg = e.getMsg();