1.冲突解决

2.循环依赖问题解决 3.api扣除次数bug修复

1.冲突解决
2.循环依赖问题解决 3.api扣除次数bug修复
fd2d3871 · lijinqi · 5c84d461 · fd2d3871 · fd2d3871 · fd2d3871
Commit fd2d3871 authored Sep 15, 2025 by lijinqi
27 changed files
--- a/computility-framework/computility-spring-boot-starter-protection/pom.xml
+++ b/computility-framework/computility-spring-boot-starter-protection/pom.xml
@@ -42,6 +42,11 @@
            <artifactId>computility-spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
+        <dependency>
+            <groupId>com.luhu</groupId>
+            <artifactId>computility-module-apihub-api</artifactId>
+            <version>${revision}</version>
+        </dependency>
    </dependencies>

--- a/computility-framework/computility-spring-boot-starter-protection/src/main/java/com/luhu/computility/framework/signature/core/aop/ApiSignatureAspect.java
+++ b/computility-framework/computility-spring-boot-starter-protection/src/main/java/com/luhu/computility/framework/signature/core/aop/ApiSignatureAspect.java
 package com.luhu.computility.framework.signature.core.aop;
+import cn.hutool.core.collection.CollectionUtil;
 import cn.hutool.core.lang.Assert;
 import cn.hutool.core.map.MapUtil;
-import cn.hutool.core.util.BooleanUtil;
 import cn.hutool.core.util.ObjUtil;
+import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.crypto.digest.DigestUtil;
+import com.alibaba.fastjson.JSON;
 import com.luhu.computility.framework.common.exception.ServiceException;
-import com.luhu.computility.framework.common.exception.enums.GlobalErrorCodeConstants;
+import com.luhu.computility.framework.common.pojo.CommonResult;
 import com.luhu.computility.framework.common.util.servlet.ServletUtils;
 import com.luhu.computility.framework.signature.core.annotation.ApiSignature;
 import com.luhu.computility.framework.signature.core.redis.ApiSignatureRedisDAO;
+import com.luhu.computility.module.apihub.api.apicalllog.ApiCallLogApi;
+import com.luhu.computility.module.apihub.api.apicalllog.dto.ApiCallLogSaveReqDTO;
+import com.luhu.computility.module.apihub.api.apiendpoint.ApiEndpointApi;
+import com.luhu.computility.module.apihub.api.apiendpoint.vo.ApiEndpointRespDTO;
+import com.luhu.computility.module.apihub.api.appcredential.AppCredentialApi;
+import com.luhu.computility.module.apihub.api.appcredential.dto.AppCredentialRespDTO;
+import com.luhu.computility.module.apihub.api.userapiusage.UserApiUsageApi;
+import com.luhu.computility.module.apihub.api.userapiusage.dto.JoinUserApiUsageDTO;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.aspectj.lang.JoinPoint;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
-import org.aspectj.lang.annotation.Before;
+import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
+import java.time.LocalDateTime;
+import java.util.List;
 import java.util.Map;
 import java.util.Objects;
 import java.util.SortedMap;
 import java.util.TreeMap;
-import static com.luhu.computility.framework.common.exception.enums.GlobalErrorCodeConstants.BAD_REQUEST;
+import static com.luhu.computility.module.apihub.enums.ErrorCodeConstants.API_ENDPOINT_EXPIRED;
+import static com.luhu.computility.module.apihub.enums.ErrorCodeConstants.API_ENDPOINT_NOT_AVAILABLE;
+import static com.luhu.computility.module.apihub.enums.ErrorCodeConstants.API_ENDPOINT_NOT_EXISTS;
+import static com.luhu.computility.module.apihub.enums.ErrorCodeConstants.INVALID_APPID;
+import static com.luhu.computility.module.apihub.enums.ErrorCodeConstants.TIMESTAMP_EXCEPTION;
 /**
 * 拦截声明了 {@link ApiSignature} 注解的方法，实现签名
@@ -37,51 +54,151 @@ public class ApiSignatureAspect {
    private final ApiSignatureRedisDAO signatureRedisDAO;
-    @Before("@annotation(signature)")
+    @Resource
-    public void beforePointCut(JoinPoint joinPoint, ApiSignature signature) {
+    private AppCredentialApi appCredentialApi;
-        // 1. 验证通过，直接结束
-        if (verifySignature(signature, Objects.requireNonNull(ServletUtils.getRequest()))) {
+    @Resource
-            return;
+    private ApiEndpointApi apiEndpointApi;
+    @Resource
+    private ApiCallLogApi apiCallLogApi;
+    @Resource
+    private UserApiUsageApi userApiUsageApi;
+    public ApiSignatureAspect(ApiSignatureRedisDAO signatureRedisDAO) {
+        this.signatureRedisDAO = signatureRedisDAO;
+    }
+    @Around("@annotation(signature)")
+    public Object aroundPointCut(ProceedingJoinPoint joinPoint, ApiSignature signature) throws Throwable {
+        HttpServletRequest request = Objects.requireNonNull(ServletUtils.getRequest());
+        // 1.校验 Header
+       /* if (!verifyHeaders(signature, request)) {
+            throw new ServiceException(HEAD_EXCEPTION);
+        }*/
+        //查询appId对应的Secret
+        String appId = request.getHeader(signature.appId());
+        AppCredentialRespDTO appCredentialRespDTO = appCredentialApi.getAppSecretByAppid(appId);
+        if (!ObjectUtil.isEmpty(appCredentialRespDTO)) {
+            Assert.notNull(appCredentialRespDTO.getAppId(), "[appId({})] 找不到对应的 appSecret", appId);
+        } else {
+            throw new ServiceException(INVALID_APPID);
+        }
+        // 2. 签名校验
+        /*if (!verifySignature(signature, request, appCredentialDO)) {
+            log.error("[aroundPointCut][方法 {} 参数({}) 签名失败]", joinPoint.getSignature(), joinPoint.getArgs());
+            throw new ServiceException(BAD_REQUEST.getCode(),
+                    StrUtil.blankToDefault(signature.message(), BAD_REQUEST.getMsg()));
+        }*/
+        // 2. 应用-接口绑定校验
+        String path = request.getRequestURI();
+        String method = request.getMethod();
+        //2.1是否有该接口
+        ApiEndpointRespDTO apiEndpointRespDTO = apiEndpointApi.getApiEndpointByPathAndMethod(path, method);
+        if (Objects.isNull(apiEndpointRespDTO)) {
+            throw new ServiceException(API_ENDPOINT_NOT_EXISTS);
+        }
+        //2.2该接口是否订阅过
+        List<JoinUserApiUsageDTO> joinUserApiUsageResults = userApiUsageApi.selectJoinUserApiUsageResult(appCredentialRespDTO.getUserId(), apiEndpointRespDTO.getId());
+        if (CollectionUtil.isEmpty(joinUserApiUsageResults)){
+            throw new ServiceException(API_ENDPOINT_NOT_AVAILABLE);
+        }
+        //3. 用户套餐校验（只校验，不扣减）如果有一个套餐符合条件，则继续往下走
+        JoinUserApiUsageDTO joinUserApiUsageResult = null;
+        LocalDateTime now = LocalDateTime.now();
+        for (JoinUserApiUsageDTO j : joinUserApiUsageResults) {
+            // 未过期且有剩余额度
+            if (j.getExpireTime().isAfter(now) && j.getUsedTimes() < j.getPackageTimes()) {
+                if (joinUserApiUsageResult == null || j.getExpireTime().isBefore(joinUserApiUsageResult.getExpireTime())) {
+                    joinUserApiUsageResult = j;
+                }
+            }
+        }
+        if (Objects.isNull(joinUserApiUsageResult)) {
+            throw new ServiceException(API_ENDPOINT_EXPIRED);
        }
+        // 4. 执行目标方法
+        Object result = joinPoint.proceed();
-        // 2. 验证不通过，抛出异常
+        // 5. 只有当接口执行成功才扣减额度
-        log.error("[beforePointCut][方法{} 参数({}) 签名失败]", joinPoint.getSignature().toString(),
+        ApiCallLogSaveReqDTO apiCallLogSaveReqVO = new ApiCallLogSaveReqDTO();
-                joinPoint.getArgs());
+        if (result instanceof CommonResult) {
-        throw new ServiceException(BAD_REQUEST.getCode(),
+            if (((CommonResult<?>) result).isSuccess()){
-                StrUtil.blankToDefault(signature.message(), BAD_REQUEST.getMsg()));
+                consumeUsage(joinUserApiUsageResults, apiEndpointRespDTO.getConsumptionPoints());
+                apiCallLogSaveReqVO.setResponseStatus(((CommonResult<?>) result).getCode().toString());
+            }
+            String requestBody = ServletUtils.isJsonRequest(request) ? ServletUtils.getBody(request) : null;
+            apiCallLogApi.createApiCallLog(
+                    apiCallLogSaveReqVO
+                            .setUserId(appCredentialRespDTO.getUserId())
+                            .setCallTime(LocalDateTime.now())
+                            .setMethod(method)
+                            .setPath(path)
+                            .setApiEndpointName(apiEndpointRespDTO.getName())
+                            .setRequestParams(requestBody)
+                            .setResponseParams(JSON.toJSONString(result))
+            );
+        }
+        return result;
    }
-    public boolean verifySignature(ApiSignature signature, HttpServletRequest request) {
-        // 1.1 校验 Header
-        if (!verifyHeaders(signature, request)) {
+    /** 扣减一次额度（优先扣最近过期的套餐，用 Redis 保证并发安全） */
-            return false;
+    private void consumeUsage(List<JoinUserApiUsageDTO> joinUserApiUsageDTOS, Integer consumptionPoints) {
+        JoinUserApiUsageDTO target = null;
+        LocalDateTime now = LocalDateTime.now();
+        for (JoinUserApiUsageDTO j : joinUserApiUsageDTOS) {
+            if (!ObjectUtil.isEmpty(j.getExpireTime()) && j.getExpireTime().isAfter(now)
+                    && j.getUsedTimes() < j.getPackageTimes()) {
+                if (ObjectUtil.isEmpty(target) || j.getExpireTime().isBefore(target.getExpireTime())) {
+                    target = j;
+                }
+            }
        }
+        String key = ApiSignatureRedisDAO.USAGE_KEY + target.getApiEndPointId() + target.getUserId();
+        // Redis 原子自增，返回累计使用次数
+        Integer used = signatureRedisDAO.incrementUsageWithExpire(key, consumptionPoints.longValue());
+        if (!ObjectUtil.isEmpty(used) && used <= target.getPackageTimes()) {
+            // 直接回写累计值
+            userApiUsageApi.asyncUpdateUsage(target.getId(), used);
+        }
+    }
+    public boolean verifySignature(ApiSignature signature, HttpServletRequest request, AppCredentialRespDTO appCredentialDO) {
        // 1.2 校验 appId 是否能获取到对应的 appSecret
        String appId = request.getHeader(signature.appId());
-        String appSecret = signatureRedisDAO.getAppSecret(appId);
-        Assert.notNull(appSecret, "[appId({})] 找不到对应的 appSecret", appId);
        // 2. 校验签名【重要！】
        String clientSignature = request.getHeader(signature.sign()); // 客户端签名
-        String serverSignatureString = buildSignatureString(signature, request, appSecret); // 服务端签名字符串
+        String serverSignatureString = buildSignatureString(signature, request, appCredentialDO.getAppSecret()); // 服务端签名字符串
        String serverSignature = DigestUtil.sha256Hex(serverSignatureString); // 服务端签名
+        log.error(DigestUtil.sha256Hex(serverSignatureString));
        if (ObjUtil.notEqual(clientSignature, serverSignature)) {
            return false;
        }
        // 3. 将 nonce 记入缓存，防止重复使用（重点二：此处需要将 ttl 设定为允许 timestamp 时间差的值 x 2 ）
        String nonce = request.getHeader(signature.nonce());
-        if (BooleanUtil.isFalse(signatureRedisDAO.setNonce(appId, nonce, signature.timeout() * 2, signature.timeUnit()))) {
+        signatureRedisDAO.setNonce(appId, nonce, signature.timeout() * 2, signature.timeUnit());
-            String timestamp = request.getHeader(signature.timestamp());
-            log.info("[verifySignature][appId({}) timestamp({}) nonce({}) sign({}) 存在重复请求]", appId, timestamp, nonce, clientSignature);
-            throw new ServiceException(GlobalErrorCodeConstants.REPEATED_REQUESTS.getCode(), "存在重复请求");
-        }
        return true;
    }
    /**
     * 校验请求头加签参数
-     * <p>
+     *
     * 1. appId 是否为空
     * 2. timestamp 是否为空，请求是否已经超时，默认 10 分钟
     * 3. nonce 是否为空，随机数是否 10 位以上，是否在规定时间内已经访问过了
@@ -113,18 +230,21 @@ public class ApiSignatureAspect {
        // 2. 检查 timestamp 是否超出允许的范围 （重点一：此处需要取绝对值）
        long expireTime = signature.timeUnit().toMillis(signature.timeout());
        long requestTimestamp = Long.parseLong(timestamp);
+        log.error("当前时间："+System.currentTimeMillis()+"");;
        long timestampDisparity = Math.abs(System.currentTimeMillis() - requestTimestamp);
        if (timestampDisparity > expireTime) {
-            return false;
+            throw new ServiceException(TIMESTAMP_EXCEPTION);
        }
        // 3. 检查 nonce 是否存在，有且仅能使用一次
        return signatureRedisDAO.getNonce(appId, nonce) == null;
    }
    /**
     * 构建签名字符串
-     * <p>
+     *
     * 格式为 = 请求参数 + 请求体 + 请求头 + 密钥
     *
     * @param signature signature
@@ -133,19 +253,17 @@ public class ApiSignatureAspect {
     * @return 签名字符串
     */
    private String buildSignatureString(ApiSignature signature, HttpServletRequest request, String appSecret) {
-        SortedMap<String, String> parameterMap = getRequestParameterMap(request); // 请求头
        SortedMap<String, String> headerMap = getRequestHeaderMap(signature, request); // 请求参数
-        String requestBody = StrUtil.nullToDefault(ServletUtils.getBody(request), ""); // 请求体
+        log.error(MapUtil.join(headerMap, "&", "=")
-        return MapUtil.join(parameterMap, "&", "=")
+                + "&appSecret=" + appSecret);
-                + requestBody
+        return MapUtil.join(headerMap, "&", "=")
-                + MapUtil.join(headerMap, "&", "=")
+                + "&appSecret=" + appSecret;
-                + appSecret;
    }
    /**
     * 获取请求头加签参数 Map
     *
-     * @param request   请求
+     * @param request 请求
     * @param signature 签名注解
     * @return signature params
     */

--- a/computility-framework/computility-spring-boot-starter-protection/src/main/java/com/luhu/computility/framework/signature/core/redis/ApiSignatureRedisDAO.java
+++ b/computility-framework/computility-spring-boot-starter-protection/src/main/java/com/luhu/computility/framework/signature/core/redis/ApiSignatureRedisDAO.java
@@ -25,6 +25,11 @@ public class ApiSignatureRedisDAO {
    private static final String SIGNATURE_NONCE = "api_signature_nonce:%s:%s";
    /**
+     * 用户套餐使用次数 Key 前缀
+     */
+    public static final String USAGE_KEY = "api_usage:";
+    /**
     * 签名密钥
     * <p>
     * HASH 结构
@@ -54,4 +59,53 @@ public class ApiSignatureRedisDAO {
        return (String) stringRedisTemplate.opsForHash().get(SIGNATURE_APPID, appId);
    }
+    // ========== 用户套餐使用次数 ==========
+    /**
+     * 原子自增用户套餐使用次数
+     *
+     * @param key Redis key（USAGE_KEY + apiEndpointId + userId）
+     * @return 当前使用次数
+     */
+    public Long incrementUsage(String key) {
+        return stringRedisTemplate.opsForValue().increment(key, 1);
+    }
+    /**
+     * 获取用户套餐已使用次数
+     *
+     * @param key Redis key
+     * @return 使用次数
+     */
+    public Long getUsage(String key) {
+        String value = stringRedisTemplate.opsForValue().get(key);
+        if (value == null) {
+            return 0L;
+        }
+        try {
+            return Long.parseLong(value);
+        } catch (NumberFormatException e) {
+            return 0L;
+        }
+    }
+    /**
+     * 重置用户套餐使用次数（可选，用于测试或套餐刷新）
+     */
+    public void resetUsage(String key) {
+        stringRedisTemplate.opsForValue().set(key, "0");
+    }
+    /**
+     * 增加用户套餐使用次数，并设置过期时间
+     *
+     * @param key Redis key
+     * @return 当前使用次数
+     */
+    public Integer incrementUsageWithExpire(String key, Long consumptionPoints) {
+        Integer used = stringRedisTemplate.opsForValue().increment(key, consumptionPoints).intValue();
+        return used;
+    }
 }
--- a/computility-module-apihub/computility-module-apihub-api/src/main/java/com/luhu/computility/module/apihub/api/apiorder/ApiOrderApi.java
+++ b/computility-module-apihub/computility-module-apihub-api/src/main/java/com/luhu/computility/module/apihub/api/apiorder/ApiOrderApi.java
@@ -3,6 +3,7 @@ package com.luhu.computility.module.apihub.api.apiorder;
 import com.luhu.computility.module.apihub.api.apiorder.dto.ApiOrderPageReqDTO;
 import com.luhu.computility.module.apihub.api.apiorder.dto.ApiOrderRespDTO;
+import java.time.LocalDateTime;
 import java.util.List;
 /**
@@ -13,6 +14,6 @@ import java.util.List;
 */
 public interface ApiOrderApi {
-    List<ApiOrderRespDTO> getOrderList(ApiOrderPageReqDTO apiOrderPageReqDTO);
+    List<ApiOrderRespDTO> getPaidOrderList(LocalDateTime[] timePeriod);
 }
--- a/computility-module-apihub/computility-module-apihub-api/src/main/java/com/luhu/computility/module/apihub/api/appcredential/AppCredentialApi.java
+++ b/computility-module-apihub/computility-module-apihub-api/src/main/java/com/luhu/computility/module/apihub/api/appcredential/AppCredentialApi.java
@@ -3,7 +3,9 @@ package com.luhu.computility.module.apihub.api.appcredential;
 import com.luhu.computility.module.apihub.api.apiorder.dto.ApiOrderPageReqDTO;
 import com.luhu.computility.module.apihub.api.apiorder.dto.ApiOrderRespDTO;
 import com.luhu.computility.module.apihub.api.appcredential.dto.AppCredentialRespDTO;
+import com.luhu.computility.module.apihub.api.appcredential.dto.AppCredentialSaveReqDTO;
+import javax.validation.Valid;
 import java.util.List;
 /**
@@ -22,4 +24,12 @@ public interface AppCredentialApi {
     */
    AppCredentialRespDTO getAppSecretByAppid(String appId);
+    /**
+     * 创建用户密钥信息
+     *
+     * @param createReqVO 创建信息
+     * @return 编号
+     */
+    Long createAppCredential(@Valid AppCredentialSaveReqDTO createReqVO);
 }
--- a/computility-module-apihub/computility-module-apihub-api/src/main/java/com/luhu/computility/module/apihub/api/appcredential/dto/AppCredentialSaveReqDTO.java
+++ b/computility-module-apihub/computility-module-apihub-api/src/main/java/com/luhu/computility/module/apihub/api/appcredential/dto/AppCredentialSaveReqDTO.java
+package com.luhu.computility.module.apihub.api.appcredential.dto;
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.Data;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotNull;
+@Schema(description = "管理后台 - 用户密钥信息新增/修改 Request VO")
+@Data
+public class AppCredentialSaveReqDTO {
+    @Schema(description = "主键ID", requiredMode = Schema.RequiredMode.REQUIRED, example = "8721")
+    private Long id;
+    @Schema(description = "应用ID，唯一", requiredMode = Schema.RequiredMode.REQUIRED, example = "23068")
+    @NotEmpty(message = "应用ID，唯一不能为空")
+    private String appId;
+    @Schema(description = "AES加密后的应用密钥", requiredMode = Schema.RequiredMode.REQUIRED)
+    @NotEmpty(message = "AES加密后的应用密钥不能为空")
+    private String appSecret;
+    @Schema(description = "所属用户ID", requiredMode = Schema.RequiredMode.REQUIRED, example = "11786")
+    @NotNull(message = "所属用户ID不能为空")
+    private Long userId;
+}
\ No newline at end of file
--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/api/ApiOrderApiServiceImpl.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/api/ApiOrderApiServiceImpl.java
@@ -8,6 +8,7 @@ import org.springframework.stereotype.Service;
 import org.springframework.validation.annotation.Validated;
 import javax.annotation.Resource;
+import java.time.LocalDateTime;
 import java.util.List;
 /**
@@ -24,7 +25,7 @@ public class ApiOrderApiServiceImpl implements ApiOrderApi {
    @Override
-    public List<ApiOrderRespDTO> getOrderList(ApiOrderPageReqDTO apiOrderPageReqDTO) {
+    public List<ApiOrderRespDTO> getPaidOrderList(LocalDateTime[] timePeriod) {
-        return apiOrderMapper.selectList(apiOrderPageReqDTO);
+        return apiOrderMapper.selectAllPaidList(timePeriod);
    }
 }
\ No newline at end of file
--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/api/AppCredentialApiServiceImpl.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/api/AppCredentialApiServiceImpl.java
 package com.luhu.computility.module.apihub.api;
+import com.luhu.computility.framework.common.util.object.BeanUtils;
 import com.luhu.computility.module.apihub.api.apicalllog.dto.ApiCallLogPageReqDTO;
 import com.luhu.computility.module.apihub.api.apicalllog.dto.ApiCallLogRespDTO;
 import com.luhu.computility.module.apihub.api.apiendpoint.ApiEndpointApi;
 import com.luhu.computility.module.apihub.api.appcredential.AppCredentialApi;
 import com.luhu.computility.module.apihub.api.appcredential.dto.AppCredentialRespDTO;
+import com.luhu.computility.module.apihub.api.appcredential.dto.AppCredentialSaveReqDTO;
+import com.luhu.computility.module.apihub.controller.admin.appcredential.vo.AppCredentialSaveReqVO;
 import com.luhu.computility.module.apihub.dal.dataobject.appcredential.AppCredentialDO;
 import com.luhu.computility.module.apihub.dal.mysql.apicalllog.ApiCallLogMapper;
 import com.luhu.computility.module.apihub.dal.mysql.appcredential.AppCredentialMapper;
@@ -31,4 +34,15 @@ public class AppCredentialApiServiceImpl implements AppCredentialApi {
        return appCredentialMapper.selectOpenByAppId(appId);
    }
+    @Override
+    public Long createAppCredential(AppCredentialSaveReqDTO createReqVO) {
+        // 插入
+        AppCredentialDO appCredential = BeanUtils.toBean(createReqVO, AppCredentialDO.class);
+        appCredentialMapper.insert(appCredential);
+        // 返回
+        return appCredential.getId();
+    }
 }
\ No newline at end of file
--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/api/UserApiUsageApiServiceImpl.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/api/UserApiUsageApiServiceImpl.java
@@ -46,7 +46,7 @@ public class UserApiUsageApiServiceImpl implements UserApiUsageApi {
            throw exception(USER_API_USAGE_NOT_EXISTS);
        }
        UserApiUsageDO userApiUsage = userApiUsageService.getUserApiUsage(id);
-        userApiUsage.setUsedTimes(userApiUsage.getUsedTimes() - used);
+        userApiUsage.setUsedTimes(used);
        userApiUsageMapper.updateById(userApiUsage);
    }
 }
\ No newline at end of file
--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/controller/admin/apiorder/ApiOrderController.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/controller/admin/apiorder/ApiOrderController.java
@@ -138,6 +138,7 @@ public class ApiOrderController {
                        .setPackageId(apiOrder.getPackageId())
                        .setPackageName(apiOrder.getPackageName())
                        .setPackageTimes(apiOrder.getPackageTimes())
+                        .setUsedTimes(0)
                        .setPackageValidDays(apiOrder.getPackageValidDays())
                        .setUserId(apiOrder.getUserId())
                        .setExpireTime(DateUtil.offsetDay(new Date(), apiOrder.getPackageTimes()).toLocalDateTime() )

--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/controller/admin/appcredential/AppCredentialController.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/controller/admin/appcredential/AppCredentialController.java
@@ -84,8 +84,7 @@ public class AppCredentialController {
    @Operation(summary = "获得用户密钥信息分页")
    @PreAuthorize("@ss.hasPermission('apihub:app-credential:query')")
    public CommonResult<PageResult<AppCredentialRespVO>> getAppCredentialPage(@Valid AppCredentialPageReqVO pageReqVO) {
-        PageResult<AppCredentialDO> pageResult = appCredentialService.getAppCredentialPage(pageReqVO);
+        return success(appCredentialService.getAppCredentialPage(pageReqVO));
-        return success(BeanUtils.toBean(pageResult, AppCredentialRespVO.class));
    }
    @GetMapping("/export-excel")
@@ -95,10 +94,10 @@ public class AppCredentialController {
    public void exportAppCredentialExcel(@Valid AppCredentialPageReqVO pageReqVO,
              HttpServletResponse response) throws IOException {
        pageReqVO.setPageSize(PageParam.PAGE_SIZE_NONE);
-        List<AppCredentialDO> list = appCredentialService.getAppCredentialPage(pageReqVO).getList();
+        List<AppCredentialRespVO> list = appCredentialService.getAppCredentialPage(pageReqVO).getList();
        // 导出 Excel
        ExcelUtils.write(response, "用户密钥信息.xls", "数据", AppCredentialRespVO.class,
-                        BeanUtils.toBean(list, AppCredentialRespVO.class));
+                        list);
    }
 }
\ No newline at end of file
--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/controller/admin/appcredential/vo/AppCredentialPageReqVO.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/controller/admin/appcredential/vo/AppCredentialPageReqVO.java
@@ -22,6 +22,9 @@ public class AppCredentialPageReqVO extends PageParam {
    @Schema(description = "所属用户ID", example = "11786")
    private Long userId;
+    @Schema(description = "所属用户手机", example = "11786")
+    private String userMobile;
    @Schema(description = "创建时间")
    @DateTimeFormat(pattern = FORMAT_YEAR_MONTH_DAY_HOUR_MINUTE_SECOND)
    private LocalDateTime[] createTime;

--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/controller/admin/appcredential/vo/AppCredentialRespVO.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/controller/admin/appcredential/vo/AppCredentialRespVO.java
@@ -28,6 +28,10 @@ public class AppCredentialRespVO {
    @ExcelProperty("所属用户ID")
    private Long userId;
+    @Schema(description = "用户手机号", requiredMode = Schema.RequiredMode.REQUIRED, example = "11786")
+    @ExcelProperty("用户手机号")
+    private String userMobile;
    @Schema(description = "创建时间", requiredMode = Schema.RequiredMode.REQUIRED)
    @ExcelProperty("创建时间")
    private LocalDateTime createTime;

--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/controller/admin/userapiusage/vo/UserApiUsageSaveReqVO.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/controller/admin/userapiusage/vo/UserApiUsageSaveReqVO.java
@@ -44,7 +44,6 @@ public class UserApiUsageSaveReqVO {
    @Schema(description = "已使用次数", requiredMode = Schema.RequiredMode.REQUIRED)
-    @NotNull(message = "已使用次数不能为空")
    private Integer usedTimes;
    @Schema(description = "过期时间")

--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/controller/app/apiorder/AppApiOrderController.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/controller/app/apiorder/AppApiOrderController.java
@@ -52,6 +52,7 @@ public class AppApiOrderController {
    @GetMapping("/page")
    @Operation(summary = "获得api订单分页")
    public CommonResult<PageResult<AppApiOrderRespVO>> getApiOrderPage(@Valid AppApiOrderPageReqVO pageReqVO) {
+        pageReqVO.setUserId(SecurityFrameworkUtils.getLoginUser().getId());
        PageResult<ApiOrderDO> pageResult = apiOrderService.getAppApiOrderPage(pageReqVO);
        PageResult<AppApiOrderRespVO> appApiOrderRespVOPageResult
                = BeanUtils.toBean(pageResult, AppApiOrderRespVO.class);

--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/dal/mysql/apiorder/ApiOrderMapper.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/dal/mysql/apiorder/ApiOrderMapper.java
 package com.luhu.computility.module.apihub.dal.mysql.apiorder;
+import java.time.LocalDateTime;
 import java.util.*;
 import java.util.stream.Collectors;
+import cn.hutool.core.bean.BeanUtil;
 import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
 import com.baomidou.mybatisplus.core.toolkit.StringUtils;
 import com.luhu.computility.framework.common.pojo.PageResult;
@@ -41,23 +43,11 @@ public interface ApiOrderMapper extends BaseMapperX<ApiOrderDO> {
                .orderByDesc(ApiOrderDO::getId));
    }
-    default List<ApiOrderRespDTO> selectList(ApiOrderPageReqDTO reqVO) {
+    default List<ApiOrderRespDTO> selectAllPaidList(LocalDateTime[] timePeriod) {
        List<ApiOrderDO> list = selectList(new LambdaQueryWrapperX<ApiOrderDO>()
-                .eqIfPresent(ApiOrderDO::getUserId, reqVO.getUserId())
-                .eqIfPresent(ApiOrderDO::getApiId, reqVO.getApiId())
-                .eqIfPresent(ApiOrderDO::getPackageId, reqVO.getPackageId())
-                .eqIfPresent(ApiOrderDO::getOrderNo, reqVO.getOrderNo())
                .eq(ApiOrderDO::getStatus, ApiOrderStatus.PAID.getValue())
-                .eqIfPresent(ApiOrderDO::getPayOrderId, reqVO.getPayOrderId())
+                .betweenIfPresent(ApiOrderDO::getCreateTime, timePeriod));
-                .betweenIfPresent(ApiOrderDO::getPayTime, reqVO.getPayTime())
+        return BeanUtil.copyToList(list, ApiOrderRespDTO.class);
-                .eqIfPresent(ApiOrderDO::getPayChannelCode, reqVO.getPayChannelCode())
-                .betweenIfPresent(ApiOrderDO::getCreateTime, reqVO.getCreateTime())
-                .orderByDesc(ApiOrderDO::getId));
-        return list.stream().map(doObj -> {
-            ApiOrderRespDTO dto = new ApiOrderRespDTO();
-            BeanUtils.copyProperties(doObj, dto);
-            return dto;
-        }).collect(Collectors.toList());
    }

--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/dal/mysql/appcredential/AppCredentialMapper.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/dal/mysql/appcredential/AppCredentialMapper.java
@@ -6,8 +6,10 @@ import com.luhu.computility.framework.common.pojo.PageResult;
 import com.luhu.computility.framework.common.util.object.BeanUtils;
 import com.luhu.computility.framework.mybatis.core.query.LambdaQueryWrapperX;
 import com.luhu.computility.framework.mybatis.core.mapper.BaseMapperX;
+import com.luhu.computility.framework.mybatis.core.query.MPJLambdaWrapperX;
 import com.luhu.computility.module.apihub.api.appcredential.dto.AppCredentialRespDTO;
 import com.luhu.computility.module.apihub.dal.dataobject.appcredential.AppCredentialDO;
+import com.luhu.computility.module.member.dal.dataobject.user.MemberUserDO;
 import org.apache.ibatis.annotations.Mapper;
 import com.luhu.computility.module.apihub.controller.admin.appcredential.vo.*;
@@ -19,13 +21,13 @@ import com.luhu.computility.module.apihub.controller.admin.appcredential.vo.*;
 @Mapper
 public interface AppCredentialMapper extends BaseMapperX<AppCredentialDO> {
-    default PageResult<AppCredentialDO> selectPage(AppCredentialPageReqVO reqVO) {
+    default PageResult<AppCredentialRespVO> selectPage(AppCredentialPageReqVO reqVO) {
-        return selectPage(reqVO, new LambdaQueryWrapperX<AppCredentialDO>()
+        return selectJoinPage(reqVO, AppCredentialRespVO.class, new MPJLambdaWrapperX<AppCredentialDO>()
-                .eqIfPresent(AppCredentialDO::getAppId, reqVO.getAppId())
+                .selectAll(AppCredentialDO.class)
-                .eqIfPresent(AppCredentialDO::getAppSecret, reqVO.getAppSecret())
+                .selectAs(MemberUserDO::getMobile, AppCredentialRespVO::getUserMobile)
-                .eqIfPresent(AppCredentialDO::getUserId, reqVO.getUserId())
+                .leftJoin(MemberUserDO.class, MemberUserDO::getId, AppCredentialDO::getUserId)
-                .betweenIfPresent(AppCredentialDO::getCreateTime, reqVO.getCreateTime())
+                .eqIfPresent(MemberUserDO::getMobile, reqVO.getUserMobile())
-                .orderByDesc(AppCredentialDO::getId));
+                .orderByDesc(AppCredentialDO::getCreateTime));
    }
    default AppCredentialDO selectOneByAppId(String appId) {
@@ -38,7 +40,6 @@ public interface AppCredentialMapper extends BaseMapperX<AppCredentialDO> {
        AppCredentialDO appCredentialDO = selectOne(new LambdaQueryWrapperX<AppCredentialDO>()
                .eqIfPresent(AppCredentialDO::getAppId, appId));
        return BeanUtils.toBean(appCredentialDO, AppCredentialRespDTO.class);
    }
 }
\ No newline at end of file
--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/service/appcredential/AppCredentialService.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/service/appcredential/AppCredentialService.java
@@ -57,7 +57,7 @@ public interface AppCredentialService {
     * @param pageReqVO 分页查询
     * @return 用户密钥信息分页
     */
-    PageResult<AppCredentialDO> getAppCredentialPage(AppCredentialPageReqVO pageReqVO);
+    PageResult<AppCredentialRespVO> getAppCredentialPage(AppCredentialPageReqVO pageReqVO);
    /**

--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/service/appcredential/AppCredentialServiceImpl.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/service/appcredential/AppCredentialServiceImpl.java
@@ -74,7 +74,7 @@ public class AppCredentialServiceImpl implements AppCredentialService {
    }
    @Override
-    public PageResult<AppCredentialDO> getAppCredentialPage(AppCredentialPageReqVO pageReqVO) {
+    public PageResult<AppCredentialRespVO> getAppCredentialPage(AppCredentialPageReqVO pageReqVO) {
        return appCredentialMapper.selectPage(pageReqVO);
    }

--- a/computility-module-biz/computility-module-biz-biz/src/main/java/com/luhu/computility/module/biz/service/home/HomeIndexServiceImpl.java
+++ b/computility-module-biz/computility-module-biz-biz/src/main/java/com/luhu/computility/module/biz/service/home/HomeIndexServiceImpl.java
@@ -259,7 +259,7 @@ public class HomeIndexServiceImpl implements HomeIndexService {
        ApiOrderPageReqDTO apiOrderPageReqDTO = new ApiOrderPageReqDTO();
        apiOrderPageReqDTO.setCreateTime(todayLocalDateTime);
-        List<ApiOrderRespDTO> apiOrderList = apiOrderApi.getOrderList(apiOrderPageReqDTO);
+        List<ApiOrderRespDTO> apiOrderList = apiOrderApi.getPaidOrderList(todayLocalDateTime);
        HomeIndexTopBarRespVO homeIndexTopBarRespVO = new HomeIndexTopBarRespVO();
@@ -326,7 +326,7 @@ public class HomeIndexServiceImpl implements HomeIndexService {
        // API订单：已支付状态
        ApiOrderPageReqDTO apiOrderPageReqDTO = new ApiOrderPageReqDTO();
        apiOrderPageReqDTO.setCreateTime(allTimePeriod);
-        List<ApiOrderRespDTO> apiOrderList = apiOrderApi.getOrderList(apiOrderPageReqDTO);
+        List<ApiOrderRespDTO> apiOrderList = apiOrderApi.getPaidOrderList(allTimePeriod);
        // 3. 按节点分组统计：数量 + 金额
        Map<LocalDate, Long> computeCountMap = groupOrderByNode(computeOrderList, timeNodes, dateType);

--- a/computility-module-external/src/main/java/com/luhu/computility/module/external/controller/openapi/AigcNewApiController.java
+++ b/computility-module-external/src/main/java/com/luhu/computility/module/external/controller/openapi/AigcNewApiController.java
@@ -8,7 +8,6 @@ import com.luhu.computility.framework.common.exception.enums.GlobalResponseCodeC
 import com.luhu.computility.framework.common.pojo.CommonResult;
 import com.luhu.computility.framework.common.util.http.HttpUtils;
 import com.luhu.computility.framework.signature.core.annotation.ApiSignature;
-import com.luhu.computility.module.apihub.signature.core.annotation.ApiHubApiSignature;
 import com.luhu.computility.module.external.controller.openapi.dto.ImageRespDTO;
 import com.luhu.computility.module.external.controller.openapi.dto.PoetryImageReqDTO;
 import com.luhu.computility.module.external.controller.openapi.dto.TextToImageReqDTO;
@@ -49,7 +48,7 @@ public class AigcNewApiController {
    @ApiAccessLog
    @PostMapping(value = "/text-to-image/season")
    @Operation(summary = "四季和景点id生成图", description = "接收简单生图参数，将生成图片保存在本地服务器，并返回生成图片的url")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<ImageRespDTO> textToImageV2(@RequestBody TextToImageReqDTO textToImageReqDTO){
        try {
            String requestBody = JSONUtil.toJsonStr(textToImageReqDTO);
@@ -73,7 +72,7 @@ public class AigcNewApiController {
    @ApiAccessLog
    @PostMapping("/text-to-image/poetry")
    @Operation(summary = "获取藏头诗图片", description = "接收关键词、景点id、省份id这些参数，返回藏头诗图片url")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<ImageRespDTO> textToImageByPoetry(@RequestBody PoetryImageReqDTO poetryImageReqDTO){
        try {
            String requestBody = JSONUtil.toJsonStr(poetryImageReqDTO);

--- a/computility-module-external/src/main/java/com/luhu/computility/module/external/controller/openapi/AigcOldApiController.java
+++ b/computility-module-external/src/main/java/com/luhu/computility/module/external/controller/openapi/AigcOldApiController.java
@@ -8,7 +8,6 @@ import com.luhu.computility.framework.common.exception.enums.GlobalResponseCodeC
 import com.luhu.computility.framework.common.pojo.CommonResult;
 import com.luhu.computility.framework.common.util.http.HttpUtils;
 import com.luhu.computility.framework.signature.core.annotation.ApiSignature;
-import com.luhu.computility.module.apihub.signature.core.annotation.ApiHubApiSignature;
 import com.luhu.computility.module.external.controller.openapi.dto.ImageRespDTO;
 import com.luhu.computility.module.external.controller.openapi.dto.PoetryImageReqDTO;
 import com.luhu.computility.module.external.controller.openapi.dto.TextToImageReqDTO;
@@ -50,7 +49,7 @@ public class AigcOldApiController {
    @ApiAccessLog
    @PostMapping(value = "/text-to-image/season")
    @Operation(summary = "四季和景点id生成图", description = "接收简单生图参数，将生成图片保存在本地服务器，并返回生成图片的url")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<ImageRespDTO> textToImageBySeason(@RequestBody TextToImageReqDTO textToImageReqDTO){
        try {
            String requestBody = JSONUtil.toJsonStr(textToImageReqDTO);
@@ -74,7 +73,7 @@ public class AigcOldApiController {
    @ApiAccessLog
    @PostMapping("/text-to-image/poetry")
    @Operation(summary = "获取藏头诗图片", description = "接收关键词、景点id、省份id这些参数，返回藏头诗图片url")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<ImageRespDTO> textToImageByPoetry(@RequestBody PoetryImageReqDTO poetryImageReqDTO){
        try {
            String requestBody = JSONUtil.toJsonStr(poetryImageReqDTO);

--- a/computility-module-external/src/main/java/com/luhu/computility/module/external/controller/openapi/OpenApiController.java
+++ b/computility-module-external/src/main/java/com/luhu/computility/module/external/controller/openapi/OpenApiController.java
@@ -3,7 +3,6 @@ package com.luhu.computility.module.external.controller.openapi;
 import com.luhu.computility.framework.apilog.core.annotation.ApiAccessLog;
 import com.luhu.computility.framework.common.pojo.CommonResult;
 import com.luhu.computility.framework.signature.core.annotation.ApiSignature;
-import com.luhu.computility.module.apihub.signature.core.annotation.ApiHubApiSignature;
 import com.luhu.computility.module.external.controller.openapi.dto.AIQAReqDTO;
 import com.luhu.computility.module.external.controller.openapi.dto.AIQARespDTO;
 import com.luhu.computility.module.external.controller.openapi.dto.CeateVideoStreamReqDTO;
@@ -52,7 +51,7 @@ public class OpenApiController {
    @ApiAccessLog
    @PostMapping(value = "/digital-human-conversation")
    @Operation(summary = "数字人对话", description = "和数字人朱熹进行一问一答的对话")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<ConversationRespDTO> digitalHumanConversation(@RequestBody ConversationReqDTO conversationReqDTO){
        return openApiService.digitalHumanConversation(conversationReqDTO);
    }
@@ -65,7 +64,7 @@ public class OpenApiController {
            @Parameter(name = "url", description = "图片链接")
    })
    @Operation(summary = "ai换脸-上传图片", description = "用户上传头像将视频中人物头像替换")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<UploadImageRespDTO> uploadFaceSwapImage(@RequestPart(value = "image", required = false) MultipartFile image,
                                                                @RequestParam(value = "url", required = false) String url) {
        return openApiService.uploadFaceSwapImage(image, url);
@@ -75,7 +74,7 @@ public class OpenApiController {
    @ApiAccessLog
    @GetMapping("/create-video-stream")
    @Operation(summary = "ai换脸-生成换脸工作流", description = "只有先上传图片才能开始换脸工作流,用户根据promptId取最后生成的视频")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<CeateVideoStreamRespDTO> ceateVideoStream(@RequestBody CeateVideoStreamReqDTO ceateVideoStreamReqDTO){
        return openApiService.ceateVideoStream(ceateVideoStreamReqDTO);
    }
@@ -84,7 +83,7 @@ public class OpenApiController {
    @ApiAccessLog
    @PostMapping(value = "/generate-face-swap-image", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
    @Operation(summary = "ai换脸-图片换脸：上传图+图片生成", description = "ai换脸-图片换脸：上传图片+图片生成")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<GenerateFaceSwapRespDTO> faceImageGenerate(@RequestPart(value = "sourceImage", required = false) MultipartFile sourceImage,
                                                                   @RequestParam(value = "sourceImageUrl", required = false) String sourceImageUrl,
                                                                   @RequestPart(value = "targetImage", required = false) MultipartFile targetImage,
@@ -96,7 +95,7 @@ public class OpenApiController {
    @ApiAccessLog
    @GetMapping("/view-image")
    @Operation(summary = "根据promptId取换脸后的图", description = "根据promptId取换脸后的图")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<ViewSourceRespDTO> viewImage(@RequestBody ViewImageReqDTO viewImageReqDTO){
       return openApiService.viewImage(viewImageReqDTO);
    }
@@ -109,7 +108,7 @@ public class OpenApiController {
            @Parameter(name = "url", description = "图片链接")
    })
    @Operation(summary = "ai换脸-视频换脸；ai换脸-上传图片+视频流生成", description = "ai换脸-上传图片+视频流生成")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<GenerateFaceSwapRespDTO> faceVideoGenerate(@RequestPart(value = "image", required = false) MultipartFile image,
                                                                   @RequestParam(value = "url", required = false) String url) {
        return openApiService.faceVideoGenerate(image, url);
@@ -119,7 +118,7 @@ public class OpenApiController {
    @ApiAccessLog
    @GetMapping("/view-video")
    @Operation(summary = "根据promptId取最后生成的视频", description = "根据promptId取最后生成的视频")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<ViewSourceRespDTO> viewVideo(@RequestBody ViewVideoReqDTO viewVideoReqDTO){
        return openApiService.viewVideo(viewVideoReqDTO);
    }
@@ -134,7 +133,7 @@ public class OpenApiController {
            @Parameter(name = "touristAreaId", description = "景点编码")
    })
    @Operation(summary = "图片拍照-相似图查找", description = "图片拍照-相似图查找")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<List<MatchImageRespDTO>> matchImage(@RequestPart(value = "image",  required = false) MultipartFile image
            , @RequestParam(value = "url", required = false) String url
            , @RequestParam(value = "limit", required = false) Integer limit
@@ -148,7 +147,7 @@ public class OpenApiController {
    @ApiAccessLog
    @PostMapping("/AIQA-chat")
    @Operation(summary = "AI问答", description = "AI助手，关于行程和景区的疑问")
-    @ApiHubApiSignature
+    @ApiSignature
    public CommonResult<AIQARespDTO> AIQAChat(@RequestBody AIQAReqDTO aiqaReqDTO){
        return openApiService.AIQAChat(aiqaReqDTO);
    }

--- a/computility-module-member/pom.xml
+++ b/computility-module-member/pom.xml
@@ -20,6 +20,11 @@
    <dependencies>
        <dependency>
            <groupId>com.luhu</groupId>
+            <artifactId>computility-module-apihub-api</artifactId>
+            <version>${revision}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.luhu</groupId>
            <artifactId>computility-module-system</artifactId>
            <version>${revision}</version>
        </dependency>

--- a/computility-module-member/src/main/java/com/luhu/computility/module/member/mq/producer/user/MemberUserProducer.java
+++ b/computility-module-member/src/main/java/com/luhu/computility/module/member/mq/producer/user/MemberUserProducer.java
 package com.luhu.computility.module.member.mq.producer.user;
+import com.luhu.computility.module.apihub.api.appcredential.AppCredentialApi;
+import com.luhu.computility.module.apihub.api.appcredential.dto.AppCredentialSaveReqDTO;
 import com.luhu.computility.module.member.api.message.user.MemberUserCreateMessage;
+import com.luhu.computility.module.member.utils.AppKeyGenerator;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.context.ApplicationContext;
 import org.springframework.stereotype.Component;
@@ -19,6 +22,9 @@ public class MemberUserProducer {
    @Resource
    private ApplicationContext applicationContext;
+    @Resource
+    private AppCredentialApi appCredentialApi;
    /**
     * 发送 {@link MemberUserCreateMessage} 消息
     *
@@ -26,6 +32,10 @@ public class MemberUserProducer {
     */
    public void sendUserCreateMessage(Long userId) {
        applicationContext.publishEvent(new MemberUserCreateMessage().setUserId(userId));
+        appCredentialApi.createAppCredential(new AppCredentialSaveReqDTO()
+                .setAppId(AppKeyGenerator.generateAppId())
+                .setUserId(userId)
+                .setAppSecret(AppKeyGenerator.generateAppSecret()));
    }
 }
--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/utils/AppKeyGenerator.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/utils/AppKeyGenerator.java
-package com.luhu.computility.module.apihub.utils;
+package com.luhu.computility.module.member.utils;
 import cn.hutool.crypto.digest.DigestUtil;

--- a/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/utils/AppSecretEncrypt.java
+++ b/computility-module-apihub/computility-module-apihub-biz/src/main/java/com/luhu/computility/module/apihub/utils/AppSecretEncrypt.java
-package com.luhu.computility.module.apihub.utils;
+package com.luhu.computility.module.member.utils;
 import cn.hutool.crypto.Mode;
 import cn.hutool.crypto.Padding;