[home]官方网站内容更新

home/docs/advanced/custom-datasource.md

@@ -1,81 +0,0 @@
----
-id: custom-datasource  
-title: 自定义数据源   
-sidebar_label: 自定义数据源     
----
-
-## 自定义数据源
-
-自定义前建议了解`sureness`处理流程和提供的扩展接口,详见 [进阶扩展](/docs/advanced/extend-point)
-
-- `PathTreeProvider`: 资源的数据源接口,实现从数据库,文本等加载数据,加载到对应的资源权限匹配器`DefaultPathRoleMatcher`中
-- `SurenessAccountProvider`: 用户的账户密钥信息接口,实现从数据库,文本等加载数据，加载到需要账户数据的`processor`中
-
-
-首先我们先来认识下sureness提供的两个用户信息和资源权限信息的接口，用户可以实现这些接口自定义从不同的数据源给sureness提供数据。
-当我们把项目从配置文件模式切换成数据库模式时，也只是简单替换了这些接口的实现类而已。
-
-一. `PathTreeProvider` 资源权限配置信息的数据源接口,我们可以实现从数据库,文本等加载接口想要的资源权限配置数据
-
-````
-public interface PathTreeProvider {
-
-    Set<String> providePathData();
-
-    Set<String> provideExcludedResource();
-}
-
-````  
-
-此接口主要是需要实现上面这两个方法，providePathData是加载资源权限配置信息，也就是我们配置文件模式下sureness.yml的resourceRole信息列，
-provideExcludedResource是加载哪些资源可以被过滤不认证鉴权，也就是sureness.yml下的excludedResource信息列，如下。
-
-````
-resourceRole:
-  - /api/v2/host===post===[role2,role3,role4]
-  - /api/v2/host===get===[role2,role3,role4]
-  - /api/v2/host===delete===[role2,role3,role4]
-  - /api/v2/host===put===[role2,role3,role4]
-  - /api/mi/**===put===[role2,role3,role4]
-  - /api/v1/getSource1===get===[role1,role2]
-  - /api/v2/getSource2/*/*===get===[role2]
-
-excludedResource:
-  - /api/v1/source3===get
-  - /api/v3/host===get
-  - /**/*.css===get
-  - /**/*.ico===get
-  - /**/*.png===get
-````
-
-而当我们使用数据库模式时，实现这些信息从数据库关联读取就ok了，规范返回 eg: /api/v2/host===post===[role2,role3,role4] 格式的数据列，
-具体的数据库实现类参考类 - [DatabasePathTreeProvider](https://github.com/tomsun28/sureness/blob/master/sample-tom/src/main/java/com/usthe/sureness/sample/tom/sureness/provider/DatabasePathTreeProvider.java)
-
-二. `SurenessAccountProvider`这第二个相关的接口就是用户的账户密钥信息提供接口,我们需要实现从数据库或者文本等其他数据源那里去加载我们想要的用户的账户信息数据，
-这些数据提供需要账户数据的processor进行用户的认证。
-
-````
-public interface SurenessAccountProvider {
-    SurenessAccount loadAccount(String appId);
-}
-````
-此接口主要需要实现上面这个loadAccount方法，通过用户的唯一标识appid来从数据库或者redis缓存中查找到用户的账户信息返回即可。
-用户账户信息类SurenessAccount如下：
-
-````
-public class DefaultAccount implements SurenessAccount {
-
-    private String appId;
-    private String password;
-    private String salt;
-    private List<String> ownRoles;
-    private boolean disabledAccount;
-    private boolean excessiveAttempts;
-}
-```` 
-
-比较简单，主要是需要提供用户的密码相关信息即可，供sureness认证时密钥判断正确与否。  
-这个具体的数据库接口实现可参考类 - [DatabaseAccountProvider](https://github.com/tomsun28/sureness/blob/master/sample-tom/src/main/java/com/usthe/sureness/sample/tom/sureness/provider/DatabaseAccountProvider.java)
-
-
-具体扩展实践请参考 [Springboot项目集成-数据库方案](/docs/integrate/sample-tom)     

home/docs/advanced/custom-processor.md

@@ -1,35 +0,0 @@
----
-id: custom-processor  
-title: 自定义processor     
-sidebar_label: 自定义processor     
----
-
-processor就是对请求的用户账户信息subject真正的认证鉴权处理器，我们需要实现BaseProcessor接口，来实现我们自定义的认证鉴权方式。  
-sureness已经内置基于账户密码认证方式处理PasswordSubject的PasswordProcessor，基于jwt认证方式处理JwtSubject的JwtProcessor等。
-
-自定义前建议了解`sureness`处理流程和提供的扩展接口,详见 [进阶扩展](/docs/advanced/extend-point)
-
-- `Processor`: `Subject`处理接口,根据Subject信息,进行认证鉴权
-
-```
-public abstract class BaseProcessor implements Processor{
-
-    public abstract boolean canSupportSubjectClass(Class<?> var);
-
-    public abstract Subject authenticated (Subject var) throws SurenessAuthenticationException;
-
-    public abstract void authorized(Subject var) throws SurenessAuthorizationException;
-}
-
-```
-
-上面就是BaseProcessor的一些重要接口方法，自定义processor需要我们去实现这些方法。
-
-- `canSupportSubjectClass` 判断是否支持入参的此Subject类类型，比如 JwtProcessor只支持JwtSubject, PasswordProcessor只支持PasswordSubject
-- `authenticated` 对subject进行认证，根据传入的subject信息和系统内信息，进行请求用户的账户认证
-- `authorized` 对subject进行鉴权，鉴权判断此用户是否拥有其访问api的访问权限
-
-sureness使用异常流程模型，以上的认证失败或鉴权失败都会抛出不同类型的异常，用户在最外部捕获判断实现接下来的流程。
-
-sureness默认异常类型参考 [默认异常类型](/docs/start/default-exception)    
-具体扩展实践请参考 [Springboot项目集成-数据库方案](/docs/integrate/sample-tom)    

home/docs/advanced/custom-subject-creator.md

@@ -1,20 +0,0 @@
----
-id: custom-subject-creator  
-title: 自定义subject creator   
-sidebar_label: 自定义subject creator    
----
-
-自定义`subject creator`是我们使用频率最高的扩展，当请求体对象并不是`servlet`或者`jax-rs`标准`api`时，
-或者我们从request请求的不同地方获取账户信息时，我们就需要自定义`subject creator`,
-使其通过请求对象获取我们需要的请求信息(请求路径，请求方法，认证信息等), 从而创建出对应的`subject`.
-
-sureness已经内置能创建出基于账户密码的PasswordSubject的BasicSubjectServletCreator，
-和创建出jwt类型JwtSubject的JwtSubjectServletCreator等，当然我们可以自定义自己需要的subjectCreator来创建subject
-
-自定义前建议了解`sureness`处理流程和提供的扩展接口,详见 [进阶扩展](/docs/advanced/extend-point)
-
-- `SubjectCreate`: 创建`Subject`接口,根据请求内容创建不同类型的`Subject`对象
-
-实现`SubjectCreate`接口方法,根据request请求的内容创建出对应需要的的`subject`
-
-具体扩展实践请参考 [sample-spring-webflux项目集成案例](/docs/integrate/sample-spring-webflux)      

home/docs/advanced/custom-subject.md

@@ -1,20 +0,0 @@
----
-id: custom-subject  
-title: 自定义subject  
-sidebar_label: 自定义subject  
----
-
-subject包含的就是我们request请求所带的用户信息，sureness已经内置基于账户密码的PasswordSubject，
-基于jwt的JwtSubject等，当然我们可以自定义自己需要的subject来扩充自己的用户信息
-
-自定义前建议了解`sureness`处理流程和提供的扩展接口,详见 [进阶扩展](/docs/advanced/extend-point)
-
-- `Subject`: 认证鉴权对象接口,提供访问对象的账户密钥,请求资源,角色等信息
-
-自定义subject需要走以下流程：
-
-1. 实现`Subject`接口,添加自定义的`subject`内容
-2. 实现`SubjectCreate`接口方法,创建出自定义的`subject` 参考[自定义Subject Creator](/docs/advanced/custom-subject-creator)
-3. 实现`Processor`接口,支持处理自定义的`subject` 参考[自定义Processor](/docs/advanced/custom-processor)
-
-具体扩展实践请参考 [使用sureness30分钟项目集成案例](/docs/integrate/sample-tom)     

home/docs/advanced/extend-point.md

@@ -1,22 +1,202 @@
 ---
 id: extend-point  
-title: 进阶扩展  
-sidebar_label: 扩展点    
+title: 自定义监控  
+sidebar_label: 自定义监控    
 ---
+> HertzBeat拥有自定义监控能力，您只需配置两个YML文件就能适配一款自定义的监控类型。目前自定义监控支持HTTP协议，MYSQL协议，后续会支持更多通用协议。  
 
-`sureness`支持自定义`subject`，自定义注册`subjectCreator`，自定义`processor`处理器，自定义数据源加载器等。
+### 自定义步骤  
 
-进阶自定义扩展之前我们先来了解下sureness的大致流程：
+配置自定义监控类型需新增配置两个YML文件
+1. 用监控类型命名的监控配置定义文件 - example.yml 需位于安装目录 /hertz-beat/define/app/ 下
+2. 用监控类型命名的监控参数定义文件 - example.yml 需位于安装目录 /hertz-beat/define/param/ 下
+3. 重启hertzbeat系统，我们就适配好了一个新的自定义监控类型。  
 
-![flow](/img/docs/flow-cn.png)
+------- 
+下面详细介绍下这俩文件的配置用法。   
 
-如上面的流程所讲，Subject被SubjectCreate根据request请求体所创造，不同的认证鉴权处理器Processor来处理所支持的Subject。
+### 监控配置定义文件   
 
+> 监控配置定义文件用于定义 *监控类型的名称(国际化), 请求参数映射, 指标信息, 采集协议配置信息*等。  
 
-sureness提供了下面这些常用接口作为扩展点:
+样例：自定义一个名称为example的自定义监控类型，其使用HTTP协议采集指标数据。    
+文件名称: example.yml 位于 /hertz-beat/define/app/example.yml   
 
-- `Subject`: 认证鉴权对象接口,提供访问对象的账户密钥,请求资源,角色等信息
-- `SubjectCreate`: 创建`Subject`接口,根据请求内容创建不同类型的`Subject`对象
-- `Processor`: `Subject`处理接口,根据Subject信息,进行认证鉴权
-- `PathTreeProvider`: 资源的数据源接口,实现从数据库,文本等加载数据
-- `SurenessAccountProvider`: 用户的账户密钥信息接口,实现从数据库,文本等加载数据    
+```yaml
+# 监控应用类型(与文件名保持一致) eg: linux windows tomcat mysql aws...
+app: example
+name:
+  zh-CN: 模拟应用类型
+  en-US: EXAMPLE APP
+# 参数映射map. type是参数类型: 0-number数字, 1-string明文字符串, 2-secret加密字符串
+# 强制固定必须参数 - host
+configmap:
+  - key: host
+    type: 1
+  - key: port
+    type: 0
+  - key: username
+    type: 1
+  - key: password
+    type: 2
+# 指标组列表
+metrics:
+# 第一个监控指标组 cpu
+# 注意：内置监控指标有 (responseTime - 响应时间)
+  - name: cpu
+    # 指标组调度优先级(0-127)越小优先级越高,优先级低的指标组会等优先级高的指标组采集完成后才会被调度,相同优先级的指标组会并行调度采集
+    # 优先级为0的指标组为可用性指标组,即它会被首先调度,采集成功才会继续调度其它指标组,采集失败则中断调度
+    priority: 0
+    # 指标组中的具体监控指标
+    fields:
+      # 指标信息 包括 field名称   type字段类型:0-number数字,1-string字符串   instance是否为实例主键   unit:指标单位
+      - field: hostname
+        type: 1
+        instance: true
+      - field: usage
+        type: 0
+        unit: '%'
+      - field: cores
+        type: 0
+      - field: waitTime
+        type: 0
+        unit: s
+# (非必须)监控指标别名，与上面的指标名映射。用于采集接口数据字段不直接是最终指标名称,需要此别名做映射转换
+    aliasFields:
+      - hostname
+      - core1
+      - core2
+      - usage
+      - allTime
+      - runningTime
+# (非必须)指标计算表达式,与上面的别名一起作用,计算出最终需要的指标值
+# eg: cores=core1+core2, usage=usage, waitTime=allTime-runningTime
+    calculates:
+      - hostname=hostname
+      - cores=core1+core2
+      - usage=usage
+      - waitTime=allTime-runningTime
+# 监控采集使用协议 eg: sql, ssh, http, telnet, wmi, snmp, sdk
+    protocol: http
+# 当protocol为http协议时具体的采集配置
+    http:
+      # 主机host: ipv4 ipv6 域名
+      host: ^_^host^_^
+      # 端口
+      port: ^_^port^_^
+      # url请求接口路径
+      url: /metrics/cpu
+      # 请求方式 GET POST PUT DELETE PATCH
+      method: GET
+      # 是否启用ssl/tls,即是http还是https,默认false
+      ssl: false
+      # 请求头内容
+      headers:
+        apiVersion: v1
+      # 请求参数内容
+      params:
+        param1: param1
+        param2: param2
+      # 认证
+      authorization:
+        # 认证方式: Basic Auth, Digest Auth, Bearer Token
+        type: Basic Auth
+        basicAuthUsername: ^_^username^_^
+        basicAuthPassword: ^_^password^_^
+      # 响应数据解析方式: default-系统规则,jsonPath-jsonPath脚本,website-网站可用性指标监控
+      # todo xmlPath-xmlPath脚本,prometheus-Prometheus数据规则
+      parseType: jsonPath
+      parseScript: '$'
+
+  - name: memory
+    priority: 1
+    fields:
+      - field: hostname
+        type: 1
+        instance: true
+      - field: total
+        type: 0
+        unit: kb
+      - field: usage
+        type: 0
+        unit: '%'
+      - field: speed
+        type: 0
+    protocol: http
+    http:
+      host: ^_^host^_^
+      port: ^_^port^_^
+      url: /metrics/memory
+      method: GET
+      headers:
+        apiVersion: v1
+      params:
+        param1: param1
+        param2: param2
+      authorization:
+        type: Basic Auth
+        basicAuthUsername: ^_^username^_^
+        basicAuthPassword: ^_^password^_^
+      parseType: default
+```
+
+### 监控参数定义文件  
+
+> 监控参数定义文件用于定义 *需要的输入参数字段结构定义(前端页面根据结构渲染输入参数框)*。   
+
+样例：自定义一个名称为example的自定义监控类型，其使用HTTP协议采集指标数据。    
+文件名称: example.yml 位于 /hertz-beat/define/param/example.yml   
+
+```yaml
+# 监控应用类型名称(与文件名保持一致) eg: linux windows tomcat mysql aws...
+app: example
+# 强制固定必须参数 - host(ipv4,ipv6,域名)
+param:
+    # field-字段名称标识符
+  - field: host
+    # name-参数字段显示名称
+    name: 主机Host
+    # type-字段类型,样式(大部分映射input标签type属性)
+    type: host
+    # 是否是必输项 true-必填 false-可选
+    required: true
+  - field: port
+    name: 端口
+    type: number
+    # 当type为number时,用range表示范围
+    range: '[0,65535]'
+    required: true
+    # 端口默认值
+    defaultValue: 80
+    # 参数输入框提示信息
+    placeholder: '请输入端口'
+  - field: username
+    name: 用户名
+    type: text
+    # 当type为text时,用limit表示字符串限制大小
+    limit: 20
+    required: false
+  - field: password
+    name: 密码
+    type: password
+    required: false
+  - field: ssl
+    name: 启动SSL
+    # 当type为boolean时,前端用switch展示开关
+    type: boolean
+    required: false
+  - field: method
+    name: 请求方式
+    type: radio
+    required: true
+    # 当type为radio单选框,checkbox复选框时,option表示可选项值列表 {name1:value1,name2:value2}
+    options:
+      - label: GET请求
+        value: GET
+      - label: POST请求
+        value: POST
+      - label: PUT请求
+        value: PUT
+      - label: DELETE请求
+        value: DELETE
+```

home/docs/design.md

@@ -1,13 +0,0 @@
----
-id: design  
-title: 设计文档     
-sidebar_label: 设计文档     
----
-
-### 高性能匹配
-
-![pathRoleMatcher](/img/docs/PathRoleMatcher.svg)
-
-### 处理流程
-
-![sureness-core](/img/docs/sureness-core.svg)  

home/docs/help/help.md

@@ -0,0 +1,5 @@
+---
+id: help  
+title: 帮助入门    
+sidebar_label: 帮助入门  
+---

home/docs/integrate/sample-bootstrap.md

@@ -1,14 +0,0 @@
----
-id: sample-bootstrap  
-title: Springboot项目集成-配置文件方案    
-sidebar_label: Springboot项目集成-配置文件方案    
----
-
-[Springboot项目集成-配置文件方案代码仓库地址](https://github.com/tomsun28/sureness/tree/master/sample-bootstrap)
-
-- 基于`springboot`
-- 从默认的配置文件`sureness.yml`加载账户信息,资源角色,过滤资源等信息
-- 使用默认的`sureness-config`
-- 使用默认的`JWT, Basic Auth, Digest Auth`方式认证鉴权
-- 保护入口: `SurenessFilterExample`
-- 推荐使用`postman`测试,测试样例为`sample-bootstrap-postman.json`,导入`postman`即可  

home/docs/integrate/sample-javalin.md

@@ -1,296 +0,0 @@
----
-id: sample-javalin  
-title: Javalin项目集成    
-sidebar_label: Javalin项目集成    
----
-
-
-# Using Sureness to protect the security of Javalin REST API
-
-[javalin-sureness sample repository](https://github.com/tomsun28/sureness/tree/master/samples/javalin-sureness)
-
-Using Sureness to secure Javalin REST API by providing authentication(JWT,Basic,Digest) and authorization(RBAC)
-
-
-## What You Will Learn
-
-* Creating a simple REST API using Javalin
-* Learn how to integrate Sureness into a Javalin application
-* Learn how to issue a JWT
-* Test API authentication - use JWT Auth, Basic Auth, Digest Auth to test the security of the REST API
-* Test API authorization - use different users to verify that they can access the REST API
-
-
-The tutorial assumes that you know what  JWT, Basic Auth, Digest Auth, RBAC are. If you
-do not, then you can check [jwt](https://jwt.io/introduction/), [basic auth](https://docs.oracle.com/cd/E50612_01/doc.11122/user_guide/content/authn_http_basic.html) , [digest auth](https://docs.oracle.com/cd/E50612_01/doc.11122/user_guide/content/authn_http_digest.html), [rbac](https://en.wikipedia.org/wiki/Role-based_access_control) for an introduction.
-
-## Setting Up Dependencies
-
-First, you will need to create a maven project and add Javalin, Sureness dependencies coordinate
-
-````
-        <dependency>
-            <groupId>io.javalin</groupId>
-            <artifactId>javalin</artifactId>
-            <version>{{site.javalinversion}}</version>
-        </dependency>
-        <dependency>
-            <groupId>com.usthe.sureness</groupId>
-            <artifactId>sureness-core</artifactId>
-            <version>1.0.2</version>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-simple</artifactId>
-            <version>1.7.30</version>
-        </dependency>
-````
-
-
-## Setting Up Javalin and Create REST API
-
-We need to create a simple Javalin app and provide some  REST API for test.
-
-```
-        // init javalin
-        Javalin app = Javalin.create().start(8088);
-```
-
-```
-        // create simple rest api
-        // simple rest api
-        app.routes(() ->
-            path("api", () -> {
-                path("v3", () -> {
-                    get("host", ctx -> ctx.result("get /api/v3/host success"));
-                    put("book", ctx -> ctx.result("put /api/v3/book success"));
-                });
-                path("v2", () -> {
-                    path("host", () -> {
-                        get(ctx -> ctx.result("get /api/v2/host success"));
-                        post(ctx -> ctx.result("post /api/v2/host success"));
-                        put(ctx -> ctx.result("put /api/v2/host success"));
-                        delete(ctx -> ctx.result("delete /api/v2/host success"));
-                    });
-                });
-                path("v1", () -> {
-                    path("source1", () -> {
-                        get(ctx -> ctx.result("get /api/v1/source1 success"));
-                        post(ctx -> ctx.result("post /api/v1/source1 success"));
-                        put(ctx -> ctx.result("put /api/v1/source1 success"));
-                        delete(ctx -> ctx.result("delete /api/v1/source1 success"));
-                    });
-                });
-            }));
-```
-
-
-## Setting Up Sureness
-
-#### 1. Use the Default Configuration to Configure Sureness
-
-The default configuration -`DefaultSurenessConfig` uses the document datasource `sureness.yml` as the auth datasource.  
-It supports JWT, Basic Auth, Digest Auth authentication.
-```
-    public static void main(String[] args) {
-        // init sureness default config
-        new DefaultSurenessConfig();
-    }
-```
-
-####  2. Config Document Datasource - `sureness.yml`
-
-Sureness authentication requires us to provide our own account data, role permission data. These data may come from document, databases,, annotations, etc. When we use sureness default configuration above, the datasource is document - `sureness.yml`.
-
-Create a file named `sureness.yml` in the `resource` directory. Configure account data, role permission data in the `sureness.yml`.  eg:
-
-````yaml
-## -- sureness.yml document dataSource-- ##
-
-# load api resource which need be protected, config role who can access these resource.
-# resources that are not configured are also authenticated and protected by default, but not authorized
-# eg: /api/v2/host===post===[role2,role3] means /api/v2/host===post can be access by role2,role3
-# eg: /api/v1/source2===get===[] means /api/v1/source2===get can not be access by any role
-resourceRole:
-  - /api/v1/source1===get===[role2]
-  - /api/v1/source1===post===[role1]
-  - /api/v1/source1===delete===[role3]
-  - /api/v1/source1===put===[role1,role2]
-  - /api/v1/source2===get===[]
-  - /api/v2/host===post===[role2,role3]
-  - /api/v2/host===get===[role2,role3]
-  - /api/v2/host===delete===[role2,role3]
-  - /api/v2/host===put===[role2,role3]
-  - /api/v3/*===*===[role1,role2,role3]
-
-# load api resource which do not need be protected, means them need be excluded.
-# these api resource can be access by everyone
-excludedResource:
-  - /api/v3/host===get
-  - /**/*.html===get
-  - /**/*.js===get
-  - /**/*.css===get
-  - /**/*.ico===get
-
-# account info
-# there are three account: admin, root, tom
-# eg: admin has [role1,role2] ROLE, unencrypted password is admin, encrypted password is 0192023A7BBD73250516F069DF18B500
-# eg: root has role1, unencrypted password is 23456
-# eg: tom has role3, unencrypted password is 32113
-account:
-  - appId: admin
-    # if add salt, the password is encrypted password - the result: MD5(password+salt)
-    # digest auth not support encrypted password
-    # if no salt, the password is unencrypted password
-    credential: 0192023A7BBD73250516F069DF18B500
-    salt: 123
-    role: [role1,role2]
-  - appId: root
-    credential: 23456
-    role: [role1,role2]
-  - appId: tom
-    credential: 32113
-    role: [role3]
-
-````
-
-
-
-####  3. Add an Interceptor Intercepting All Requests
-
-The essence of sureness is to intercept all rest requests for authenticating and authorizing.     The interceptor can be a filter or interceptor, it intercepts all request to check them. In Javalin, we use `app.before()`.
-
-```
-        // intercept all rest requests for authenticating and authorizing
-        app.before(ctx -> {
-            SubjectSum subject = SurenessSecurityManager.getInstance().checkIn(ctx.req);
-            // when auth error , the exception throw, you should use app.exception() catch it and define return
-            if (subject != null) {
-                SurenessContextHolder.bindSubject(subject);
-            }
-        });
-
-        app.after(ctx ->  SurenessContextHolder.unbindSubject());
-
-```
-
-#### 4. Last, Implement Auth Exception Handling Process
-
-Sureness uses exception handling process:
-
-- If auth success, method - `checkIn()` will return a `SubjectSum` object containing user information.
-- If auth failure, method - `checkIn()` will throw different types of auth exceptions.
-
-We need to continue the subsequent process based on these exceptions.(eg: return the request response)
-
-Here we need to customize the exceptions thrown by `checkIn`, passed directly when auth success, catch exception when auth failure and do something:
-
-````
-        // when auth error , the exception throw, you should use app.exception() catch it and define return
-        app.exception(UnknownAccountException.class, (e, ctx) -> {
-            log.debug("this request user account not exist");
-            ctx.status(401).result(e.getMessage());
-        }).exception(IncorrectCredentialsException.class, (e, ctx) -> {
-            log.debug("this account credential is incorrect");
-            ctx.status(401).result(e.getMessage());
-        }).exception(ExpiredCredentialsException.class, (e, ctx) -> {
-            log.debug("this account credential expired");
-            ctx.status(401).result(e.getMessage());
-        }).exception(NeedDigestInfoException.class, (e, ctx) -> {
-            log.debug("you should try once again with digest auth information");
-            ctx.status(401).header("WWW-Authenticate", e.getAuthenticate());
-        }).exception(UnauthorizedException.class, (e, ctx) -> {
-            log.debug("this account can not access this resource");
-            ctx.status(403).result(e.getMessage());
-        }).exception(Exception.class, (e, ctx) -> {
-            log.error("other exception happen: ", e);
-            ctx.status(500).result(e.getMessage());
-        });
-
-````
-
-
-## Provide an Issue JWT Api
-
-Now we provide a REST API to issue JWT. We can use this JWT to test JWT auth.
-
-````
-       // issue jwt rest api
-        app.get("/auth/token", ctx -> {
-            SubjectSum subjectSum = SurenessContextHolder.getBindSubject();
-            if (subjectSum == null) {
-                ctx.result("Please auth!");
-            } else {
-                String principal = (String) subjectSum.getPrincipal();
-                List<String> roles = (List<String>) subjectSum.getRoles();
-                // issue jwt
-                String jwt = JsonWebTokenUtil.issueJwt(UUID.randomUUID().toString(), principal,
-                        "token-server", 3600L, roles);
-                ctx.result(jwt);
-            }
-        });
-````
-
-**All done, we can test now!**
-
-## Test
-
-Through the above steps, a complete auth function project is completed. Someone maybe think that with only these few steps, where is its complete function and what can it support?   
-This built project is based on the RBAC permission model and supports Baisc authentication, Digest authentication and JWT authentication. It can fine-grained control the user's access to the restful api provided by the Javalin. That is to control which users can access which api.
-
-Let's test it. (we use postman and chrome to test.)
-
-### Test Authentication
-
-####  1. Basic Auth Test
-
-Use postman Basic auth, as shown below:
-
-* success - input username: admin, password: admin
-
-![success](/img/docs/javalin/test1.PNG)
-
-
-* fail - input username: admin, password: 12345
-
-![fail](/img/docs/javalin/test2.PNG)
-
-####  2. Digest Auth Test
-
-Note: If password has been encrypted,  Digest auth not support.(So the account admin not support Digest auth).  
-Use chrome to Digest auth, as shown below:
-
-![success](/img/docs/javalin/test3.PNG)
-
-![success](/img/docs/javalin/test4.PNG)
-
-####  3. JWT Auth Test
-
-First, we should access **[GET /auth/token]** api to get a JWT to use, as shown below:
-
-![success](/img/docs/javalin/test5.PNG)
-
-Then, use the JWT as Bearer Token to access REST API, as shown below:
-
-![success](/img/docs/javalin/test6.PNG)
-
-
-### Test Authorization
-
-* success - user **tom** has role **role3**, the api **[DELETE - /api/v2/host]** support **role3** access, so **tom** can access api **[DELETE - /api/v2/host]** success, as shown below:
-
-![success](/img/docs/javalin/test7.PNG)
-
-
-* fail - user **tom** only has role **role3**, the api **[GET - /api/v1/source1]** only support **role2** access, not support **role3**,  so **tom** can not access api **[GET - /api/v1/source1]**, as shown below:
-
-![fail](/img/docs/javalin/test8.PNG)
-
-
-## Conclusion
-
-Javalin is a framework dedicated to simplicity and ease of use, and so is Sureness.  
-We hope you enjoy this tutorial. Of course, the tutorial only introduces a simple introduction. Our account data, role permission data can not only be written in `sureness.yml`, but also loaded and obtained from the database and annotations. We can also customize the authentication method, data source, etc.   
-Finally, thank you again for reading.
-
-[DEMO SOURCE CODE ON GITHUB](https://github.com/usthe/sureness/tree/master/samples/javalin-sureness)

home/docs/integrate/sample-ktor.md

@@ -1,17 +0,0 @@
----
-id: sample-ktor  
-title: Ktor项目集成    
-sidebar_label: Ktor项目集成     
----
-
-[ktor-sureness例子项目仓库地址](https://github.com/tomsun28/sureness/tree/master/samples/ktor-sureness)
-
-- 基于`ktor, servlet`
-- 从默认的配置文件`sureness.yml`加载账户信息,资源角色,过滤资源等信息
-- 使用默认的`sureness-config`
-- 使用默认的`JWT, Basic Auth, Digest Auth`方式认证鉴权
-- 例子中包含`REST API`
-- 保护入口: `Application.kt`
-- 推荐使用`postman`测试
-
-

home/docs/integrate/sample-micronaut.md

@@ -1,423 +0,0 @@
----
-id: sample-micronaut  
-title: Micronaut项目集成    
-sidebar_label: Micronaut项目集成  
----
-
-Using Sureness to secure micronaut REST API by providing authentication(JWT,Basic,Digest) and authorization(RBAC)
-
-
-## What You Will Learn
-
-* Creating a simple REST API using micronaut
-* Learn how to integrate Sureness into a micronaut application
-* Test API authentication - use JWT Auth, Basic Auth, Digest Auth to test the security of the REST API
-* Test API authorization - use different users to verify that they can access the REST API
-
-
-The tutorial assumes that you know what  JWT, Basic Auth, Digest Auth, RBAC are. If you
-do not, then you can check [jwt](https://jwt.io/introduction/), [basic auth](https://docs.oracle.com/cd/E50612_01/doc.11122/user_guide/content/authn_http_basic.html) , [digest auth](https://docs.oracle.com/cd/E50612_01/doc.11122/user_guide/content/authn_http_digest.html), [rbac](https://en.wikipedia.org/wiki/Role-based_access_control) for an introduction.
-
-## Setting Up Dependencies
-
-First, you will need to create a maven project and add micronautn, Sureness dependencies coordinate
-
-````
-
-    <properties>
-        <release.version>8</release.version>
-        <maven.compiler.source>1.8</maven.compiler.source>
-        <maven.compiler.target>1.8</maven.compiler.target>
-        <packaging>jar</packaging>
-        <jdk.version>1.8</jdk.version>
-        <micronaut.version>2.4.3</micronaut.version>
-        <micronaut-maven-plugin.version>1.1.8</micronaut-maven-plugin.version>
-        <maven-compiler-plugin.version>3.8.1</maven-compiler-plugin.version>
-        <exec.mainClass>com.usthe.sureness.micronaut.Application</exec.mainClass>
-        <micronaut.runtime>netty</micronaut.runtime>
-    </properties>
-
-    <dependencyManagement>
-        <dependencies>
-            <dependency>
-                <groupId>io.micronaut</groupId>
-                <artifactId>micronaut-bom</artifactId>
-                <version>${micronaut.version}</version>
-                <type>pom</type>
-                <scope>import</scope>
-            </dependency>
-        </dependencies>
-    </dependencyManagement>
-
-    <dependencies>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-simple</artifactId>
-            <version>1.7.30</version>
-        </dependency>
-        <dependency>
-            <groupId>com.usthe.sureness</groupId>
-            <artifactId>sureness-core</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>io.micronaut</groupId>
-            <artifactId>micronaut-inject</artifactId>
-            <scope>compile</scope>
-        </dependency>
-        <dependency>
-            <groupId>io.micronaut</groupId>
-            <artifactId>micronaut-validation</artifactId>
-            <scope>compile</scope>
-        </dependency>
-        <dependency>
-            <groupId>ch.qos.logback</groupId>
-            <artifactId>logback-classic</artifactId>
-            <scope>runtime</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.junit.jupiter</groupId>
-            <artifactId>junit-jupiter-api</artifactId>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.junit.jupiter</groupId>
-            <artifactId>junit-jupiter-engine</artifactId>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>io.micronaut.test</groupId>
-            <artifactId>micronaut-test-junit5</artifactId>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>io.micronaut</groupId>
-            <artifactId>micronaut-http-client</artifactId>
-            <scope>compile</scope>
-        </dependency>
-        <dependency>
-            <groupId>io.micronaut</groupId>
-            <artifactId>micronaut-http-server-netty</artifactId>
-            <scope>compile</scope>
-        </dependency>
-        <dependency>
-            <groupId>io.micronaut</groupId>
-            <artifactId>micronaut-runtime</artifactId>
-            <scope>compile</scope>
-        </dependency>
-    </dependencies>
-
-    <build>
-
-        <plugins>
-            <plugin>
-                <groupId>io.micronaut.build</groupId>
-                <artifactId>micronaut-maven-plugin</artifactId>
-                <version>${micronaut-maven-plugin.version}</version>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-compiler-plugin</artifactId>
-                <version>${maven-compiler-plugin.version}</version>
-                <configuration>
-                    <annotationProcessorPaths combine.children="append">
-                        <path>
-                            <groupId>io.micronaut</groupId>
-                            <artifactId>micronaut-inject-java</artifactId>
-                            <version>${micronaut.version}</version>
-                        </path>
-                        <path>
-                            <groupId>io.micronaut</groupId>
-                            <artifactId>micronaut-validation</artifactId>
-                            <version>${micronaut.version}</version>
-                        </path>
-                    </annotationProcessorPaths>
-                    <compilerArgs>
-                        <arg>-Amicronaut.processing.group=com.usthe.sureness</arg>
-                        <arg>-Amicronaut.processing.module=micronaut-sureness</arg>
-                    </compilerArgs>
-                </configuration>
-            </plugin>
-        </plugins>
-    </build>
-
-
-     
-````
-
-
-- [User Guide](https://docs.micronaut.io/2.4.3/guide/index.html)
-- [API Reference](https://docs.micronaut.io/2.4.3/api/index.html)
-- [Configuration Reference](https://docs.micronaut.io/2.4.3/guide/configurationreference.html)
-- [Micronaut Guides](https://guides.micronaut.io/index.html)
-
-We need to create a simple micronautn app and provide some  REST API for test.
-
-
-
-## Setting Up Sureness
-
-#### 1.Run Micronaut Application
-
-```
-  
-import io.micronaut.runtime.Micronaut;
-
-
-public class Application{
-
-    public static void main(String[] args) {
-        Micronaut.run(Application.class, args);
-
-    }
-}
-
-```
-
-####  2. Config Document Datasource - `sureness.yml`
-
-Sureness authentication requires us to provide our own account data, role permission data. These data may come from document, databases,, annotations, etc. When we use sureness default configuration above, the datasource is document - `sureness.yml`.
-
-Create a file named `sureness.yml` in the `resource` directory. Configure account data, role permission data in the `sureness.yml`.  eg:
-
-````yaml
-## -- sureness.yml document dataSource-- ##
-
-# load api resource which need be protected, config role who can access these resource.
-# resources that are not configured are also authenticated and protected by default, but not authorized
-# eg: /api/v2/host===post===[role2,role3] means /api/v2/host===post can be access by role2,role3
-# eg: /api/v1/source2===get===[] means /api/v1/source2===get can not be access by any role
-resourceRole:
-  - /api/v1/source1===get===[role2]
-  - /api/v1/source1===post===[role1]
-  - /api/v1/source1===delete===[role3]
-  - /api/v1/source1===put===[role1,role2]
-  - /api/v1/source2===get===[]
-  - /api/v2/host===post===[role2,role3]
-  - /api/v2/host===get===[role2,role3]
-  - /api/v2/host===delete===[role2,role3]
-  - /api/v2/host===put===[role2,role3]
-  - /api/v3/*===*===[role1,role2,role3]
-
-# load api resource which do not need be protected, means them need be excluded.
-# these api resource can be access by everyone
-excludedResource:
-  - /api/v3/host===get
-  - /**/*.html===get
-  - /**/*.js===get
-  - /**/*.css===get
-  - /**/*.ico===get
-
-# account info
-# there are three account: admin, root, tom
-# eg: admin has [role1,role2] ROLE, unencrypted password is admin, encrypted password is 0192023A7BBD73250516F069DF18B500
-# eg: root has role1, unencrypted password is 23456
-# eg: tom has role3, unencrypted password is 32113
-account:
-  - appId: admin
-    # if add salt, the password is encrypted password - the result: MD5(password+salt)
-    # digest auth not support encrypted password
-    # if no salt, the password is unencrypted password
-    credential: 0192023A7BBD73250516F069DF18B500
-    salt: 123
-    role: [role1,role2]
-  - appId: root
-    credential: 23456
-    role: [role1,role2]
-  - appId: tom
-    credential: 32113
-    role: [role3]
-
-````
-
-
-
-####  3. Add an Interceptor Intercepting All Requests
-
-The essence of sureness is to intercept all rest requests for authenticating and authorizing.     The interceptor can be a filter or interceptor, it intercepts all request to check them. In Micronaut, we use Filter
-```java
-@Filter("/**")
-public class MicronautSurenessFilterExample  implements HttpServerFilter {
-
-    private static final Logger logger = LoggerFactory.getLogger(MicronautSurenessFilterExample.class);
-
-    @Inject
-    private SurenessSecurityManager securityManager ;
-
-
-    @Override
-    public Publisher<MutableHttpResponse<?>> doFilter(HttpRequest<?> request,
-                                                             ServerFilterChain chain) {
-        Integer statusCode = null;
-        String errorMsg = null;
-        try {
-            SubjectSum subject =securityManager.checkIn(request);
-            if (subject != null) {
-                SurenessContextHolder.bindSubject(subject);
-            }
-        } catch (ProcessorNotFoundException | UnknownAccountException | UnsupportedSubjectException e4) {
-            logger.debug("this request is illegal");
-            statusCode = HttpStatus.BAD_REQUEST.getCode();
-            errorMsg = e4.getMessage();
-        } catch (DisabledAccountException | ExcessiveAttemptsException e2 ) {
-            logger.debug("the account is disabled");
-            statusCode = HttpStatus.FORBIDDEN.getCode();
-            errorMsg = e2.getMessage();
-        } catch (IncorrectCredentialsException | ExpiredCredentialsException e3) {
-            logger.debug("this account credential is incorrect or expired");
-            statusCode = HttpStatus.FORBIDDEN.getCode();
-            errorMsg = e3.getMessage();
-        } catch (UnauthorizedException e5) {
-            logger.debug("this account can not access this resource");
-            statusCode = HttpStatus.FORBIDDEN.getCode();
-            errorMsg = e5.getMessage();
-        } catch (RuntimeException e) {
-            logger.error("other exception happen: ", e);
-            statusCode = HttpStatus.FORBIDDEN.getCode();
-            errorMsg = e.getMessage();
-        }
-        if (statusCode != null && errorMsg != null) {
-            String finalErrorMsg = errorMsg;
-            Integer finalStatusCode = statusCode;
-            logger.info(statusCode+"--->"+errorMsg);
-            try {
-                URI location = new URI("/auth/error");
-                request = request.mutate().headers(httpHeaders -> {
-                    httpHeaders.add("statusCode", String.valueOf(finalStatusCode));
-                    httpHeaders.add("errorMsg", finalErrorMsg);
-                }).uri(location);
-            }catch (URISyntaxException e){
-                logger.error("uri error");
-            }
-        }
-        return chain.proceed(request);
-    }
-
-
-
-    @Override
-    public int getOrder() {
-        return ServerFilterPhase.SECURITY.order();
-    }
-
-
-}
-```
-SurenessSecurityManager configuration
-
-```java
-import io.micronaut.context.annotation.Factory;
-
-@Factory
-public class SurenessConfiguration {
-    private static final Logger logger = LoggerFactory.getLogger(SurenessConfiguration.class);
-
-    @Factory
-    public SurenessSecurityManager init() {
-        SurenessAccountProvider accountProvider = new DocumentAccountProvider();
-        List<Processor> processorList = new LinkedList<>();
-        NoneProcessor noneProcessor = new NoneProcessor();
-        processorList.add(noneProcessor);
-        PasswordProcessor passwordProcessor = new PasswordProcessor();
-        passwordProcessor.setAccountProvider(accountProvider);
-        processorList.add(passwordProcessor);
-        DefaultProcessorManager processorManager = new DefaultProcessorManager(processorList);
-        if (logger.isDebugEnabled()) {
-            logger.debug("DefaultProcessorManager init");
-        }
-        PathTreeProvider pathTreeProvider = new DocumentPathTreeProvider();
-        DefaultPathRoleMatcher pathRoleMatcher = new DefaultPathRoleMatcher();
-        pathRoleMatcher.setPathTreeProvider(pathTreeProvider);
-        pathRoleMatcher.buildTree();
-        if (logger.isDebugEnabled()) {
-            logger.debug("DefaultPathRoleMatcher init");
-        }
-
-        // SubjectFactory init
-        SubjectFactory subjectFactory = new SurenessSubjectFactory();
-        List<SubjectCreate> subjectCreates = Arrays.asList(
-                new NoneSubjectReactiveCreator(),
-                new BasicSubjectReactiveCreator());
-        subjectFactory.registerSubjectCreator(subjectCreates);
-        if (logger.isDebugEnabled()) {
-            logger.debug("SurenessSubjectFactory init");
-        }
-
-        // surenessSecurityManager init
-        SurenessSecurityManager securityManager = SurenessSecurityManager.getInstance();
-        securityManager.setPathRoleMatcher(pathRoleMatcher);
-        securityManager.setSubjectFactory(subjectFactory);
-        securityManager.setProcessorManager(processorManager);
-        if (logger.isDebugEnabled()) {
-            logger.debug("SurenessSecurityManager init");
-        }
-        return securityManager;
-    }
-
-}
-
-
-```
-
-#### 4. Last, Implement Auth Exception Handling Process
-
-Sureness uses exception handling process:
-
-- If auth success, method - `checkIn()` will return a `SubjectSum` object containing user information.
-- If auth failure, method - `checkIn()` will throw different types of auth exceptions.
-
-We need to continue the subsequent process based on these exceptions.(eg: return the request response)
-
-Here we need to customize the exceptions thrown by `checkIn`, passed directly when auth success, catch exception when auth failure and do something:
-
-````
-// when auth error , add error msg to HttpRequest
-   if (statusCode != null && errorMsg != null) {
-            String finalErrorMsg = errorMsg;
-            Integer finalStatusCode = statusCode;
-            logger.info(statusCode+"--->"+errorMsg);
-            try {
-                URI location = new URI("/auth/error");
-                request = request.mutate().headers(httpHeaders -> {
-                    httpHeaders.add("statusCode", String.valueOf(finalStatusCode));
-                    httpHeaders.add("errorMsg", finalErrorMsg);
-                }).uri(location);
-            }catch (URISyntaxException e){
-                logger.error("uri error");
-            }
-        } 
-
-````
-
-
-**All done, we can test now!**
-
-## Test
-
-Through the above steps, a complete auth function project is completed. Someone maybe think that with only these few steps, where is its complete function and what can it support?   
-This built project is based on the RBAC permission model and supports Baisc authentication, Digest authentication and JWT authentication. It can fine-grained control the user's access to the restful api provided by the Javalin. That is to control which users can access which api.
-
-Let's test it. (we use postman and chrome to test.)
-
-### Test Authentication
-
-####  1. Basic Auth Test
-
-Use postman Basic auth, as shown below:
-
-* success - input username: admin, password: admin
-
-![success](/img/docs/micronaut/success.png)
-
-
-* fail - input username: admin, password: admin1234
-
-![fail](/img/docs/micronaut/error.png)
-
-
-## Conclusion
-
-micronaut is a framework dedicated to simplicity and ease of use, and so is Sureness.  
-We hope you enjoy this tutorial. Of course, the tutorial only introduces a simple introduction. Our account data, role permission data can not only be written in `sureness.yml`, but also loaded and obtained from the database and annotations. We can also customize the authentication method, data source, etc.   
-Finally, thank you again for reading.
-
-[DEMO SOURCE CODE ON GITHUB](https://github.com/usthe/sureness/tree/master/samples/javalin-sureness)

home/docs/integrate/sample-quarkus.md

@@ -1,16 +0,0 @@
----
-id: sample-quarkus  
-title: Quarkus项目集成     
-sidebar_label: Quarkus项目集成     
----
-
-[quarkus-sureness例子项目仓库地址](https://github.com/tomsun28/sureness/tree/master/samples/quarkus-sureness)
-
-- 基于`quarkus, jax-rs`
-- 从默认的配置文件`sureness.yml`加载账户信息,资源角色,过滤资源等信息
-- 使用默认的`sureness-config`
-- 使用默认的`JWT, Basic Auth, Digest Auth`方式认证鉴权
-- 例子中包含`REST API`
-- 保护入口: `SurenessFilterExample`
-- 推荐使用`postman`测试  
-

home/docs/integrate/sample-spring-webflux.md

@@ -1,15 +0,0 @@
----
-id: sample-spring-webflux  
-title: Spring-Webflux项目集成    
-sidebar_label: Spring-Webflux项目集成    
----
-
-[spring-webflux-sureness例子项目仓库地址](https://github.com/tomsun28/sureness/tree/master/samples/spring-webflux-sureness)
-
-- 基于`spring-webflux`
-- 自定义 `subject creator (BasicSubjectReactiveCreator, JwtSubjectReactiveCreator, NoneSubjectReactiveCreator)` 适配 `ServerHttpRequest` 请求体
-- 从默认的配置文件`sureness.yml`加载账户信息,资源角色,过滤资源等信息
-- 使用默认的`JWT, Basic Auth`方式认证鉴权
-- 例子中包含`REST API`
-- 保护入口: `SurenessFilterExample`
-- 推荐使用`postman`测试

home/docs/integrate/sample-tom.md

@@ -1,19 +0,0 @@
----
-id: sample-tom  
-title: Springboot项目集成-数据库方案    
-sidebar_label: Springboot项目集成-数据库方案    
----
-
-- 基于`springboot,jpa...`
-- 自定义数据源,使用从数据库加载账户信息,资源角色,过滤资源等信息,这样便于动态调整(见`AccountProvider ResourceProvider`)
-- 除了使用了默认的`JWT, Basic Auth`方式认证鉴权,新增自定义认证鉴权(自定义`subject subjectCreator processor...`)
-- 推荐使用`postman`测试,测试样例为`sample-tom-postman.json`,导入`postman`即可
-
-样例中包含2种自定义认证鉴权方式:
-
-1. 自定义了一个单独的`subjectCreator` 见 `CustomPasswdSubjectCreator`     
-   演示功能就是自定义的从不同地方获取请求体的账户密码，来创建默认的`PasswordSubject`，走默认的账户密码认证流程
-
-2. 自定义了一整套流程(包含`subject subjectCreator processor`) 见 `CustomTokenSubject CustomTokenSubjectCreator CustomTokenProcessor`  
-   演示功能就是自定义一个简单的`token`作为`subject`对象，对其自定义创建获取方式-`creator`和自定义认证鉴权处理流程-`processor`.  
-   此自定义流程也演示了一个简单的`token`刷新流程  

home/docs/others/contact.md

@@ -0,0 +1,32 @@
+---
+id: contact  
+title: 交流联系    
+sidebar_label: 交流联系     
+---
+> 如果您在使用过程有任何需要帮助或者想交流建议，可以通过 微信群、QQ群 社区网站 ISSUE 讨论交流。
+
+## BUG问题报告，功能建议相关建议通过仓库ISSUE
+
+[GITEE仓库ISSUES](https://gitee.com/usthe/hertzbeat/issues)   
+[GITHUB仓库ISSUES](https://github.com/usthe/hertzbeat/issues)
+
+## 微信交流群   
+
+加微信号 tan-cloud 或 扫描下面账号二维码拉您进微信群。
+
+<img alt="tan-cloud" src="/img/docs/help/tan-cloud-wechat.jpg" width="400"/>       
+
+## QQ交流群   
+
+加QQ群号 718618151 或 扫描下面的群二维码进群, 验证信息: tancloud        
+
+<img alt="tan-cloud" src="/img/docs/help/qq-qr.jpg" width="400"/>          
+
+## 社区交流网站
+
+[社区交流](https://support.qq.com/products/379369)  https://support.qq.com/products/379369
+
+## 其它联系  
+其它工作联系，请联系电话：18781603458   
+
+

home/docs/others/design.md

@@ -0,0 +1,13 @@
+---
+id: design  
+title: 设计文档     
+sidebar_label: 设计文档     
+---
+
+### HertzBeat架构   
+
+![architecture](/img/docs/hertzbeat-stru.svg)   
+
+### TanCloud架构  
+
+TanCloud是基于HertzBeat的公网SAAS集群版本，采用多集群，多租户的架构模式。   

home/docs/others/private.md

@@ -0,0 +1,17 @@
+---
+id: private  
+title: 私有化部署    
+sidebar_label: 私有化部署     
+---
+如果您的团队想私有化部署此监控系统，目前我们提供两种方案。   
+
+#### 社区版监控产品HertzBeat(完全免费)   
+
+我们提供社区版监控产品 HertzBeat, 可以直接参考[HertzBeat部署文档](/docs)下载部署, 对个人或企业完全免费。  
+安装部署过程中遇到的问题可以通过[社区，微信群，QQ群等](/docs/others/contact)反馈交流学习。  
+我们也提供有偿远程安装部署服务。
+
+#### HertzBeat的集群SAAS版本-TanCloud(付费)      
+
+此版本即[TanCloud官网](https://console.tancloud.cn)环境对应版本，对比HertzBeat拥有集群，用户，租户等功能，适合中大型团队企业。  
+此版本为付费版本，关于TanCloud私有化部署方案及价格，请加我们工作人员微信 tomsun28 咨询，加微信请备注：私有化+团队名   

home/docs/others/resource.md

@@ -0,0 +1,19 @@
+---
+id: resource  
+title: 相关资源    
+sidebar_label: 相关资源     
+---
+
+## 图标资源  
+
+### TANCLOUD-HertzBeat LOGO   
+
+![logo](/img/tancloud-logo.svg)  
+
+下载: [SVG](https://gitee.com/usthe/hertzbeat/raw/master/home/static/img/tancloud-logo.svg)  [JPG](https://gitee.com/usthe/hertzbeat/raw/master/home/static/img/tancloud-logo.jpg)     
+
+### TANCLOUD 品牌 LOGO  
+
+![logo](/img/tancloud-brand.svg)  
+
+下载: [SVG](https://gitee.com/usthe/hertzbeat/raw/master/home/static/img/tancloud-brand.svg)  [JPG](https://gitee.com/usthe/hertzbeat/raw/master/home/static/img/tancloud-brand.jpg)     

home/docs/sponsor.md → home/docs/others/sponsor.md

@@ -5,7 +5,7 @@ sidebar_label: 赞助
 ---
 
 
-**sureness对个人或企业完全免费，如果您喜欢这个项目并且愿意提供帮助，请作者喝杯咖啡吧**      
+**HertzBeat对个人或企业完全免费，如果您喜欢这个项目并且愿意提供帮助，请我们喝杯咖啡吧**      
 
 ### 微信支付宝  
 

home/docs/start/docker-deploy.md

@@ -15,12 +15,13 @@ sidebar_label: Docker方式部署
    ```
 
 2. 拉取HertzBeat Docker镜像   
+   镜像版本TAG可查看[官方镜像仓库](https://hub.docker.com/r/tancloud/hertzbeat/tags)     
    ``` 
    $ docker pull tancloud/hertzbeat:latest 
    ```
 3. 配置HertzBeat的配置文件  
    在主机目录下创建application.yml，eg:/opt/application.yml   
-   配置文件内容参考 项目仓库/script/application.yml，需要替换里面的MYSQL服务和TDengine服务参数，IP端口账户密码（若使用邮件告警，需替换里面的邮件服务器参数）
+   配置文件内容参考 项目仓库[/script/application.yml](https://gitee.com/usthe/hertzbeat/raw/master/script/application.yml)，需要替换里面的MYSQL服务和TDengine服务参数，IP端口账户密码（若使用邮件告警，需替换里面的邮件服务器参数）
    具体替换参数如下:
    ``` 
    spring.datasource.url
@@ -38,7 +39,7 @@ sidebar_label: Docker方式部署
    
    ```
 
-5. 启动HertzBeat Docker容器  
+4. 启动HertzBeat Docker容器  
    ``` 
    $ docker run -d -p 1157:1157 -v /opt/application.yml:/opt/hertz-beat/config/application.yml --name hertzbeat tancloud/hertzbeat:latest
    526aa188da767ae94b244226a2b2eec2b5f17dd8eff592893d9ec0cd0f3a1ccd
@@ -50,7 +51,7 @@ sidebar_label: Docker方式部署
    - --name hertzbeat : 命名容器名称 hertzbeat 
    - tancloud/hertzbeat:latest : 使用拉取的HertzBeat官方发布的应用镜像来启动容器 
    
-6. 开始探索HertzBeat  
+5. 开始探索HertzBeat  
    浏览器访问 http://ip:1157 开始使用HertzBeat进行监控告警。
 
 **HAVE FUN**

home/docs/start/mysql-init.md

@@ -25,6 +25,6 @@ MYSQL是一款值得信赖的关系型数据库，HertzBeat使用其存储监控
 ### SQL脚本执行   
 1. 进入MYSQL或使用客户端连接MYSQL服务
 2. 创建名称为hertzbeat的数据库
-3. 执行位于项目仓库/script/sql/目录下的数据库建表初始化脚本 schema.sql
+3. 执行位于项目仓库/script/sql/目录下的数据库建表初始化脚本 [schema.sql](https://gitee.com/usthe/hertzbeat/raw/master/script/sql/schema.sql)  
 4. 查看hertzbeat数据库是否成功建表
 

home/docs/start/package-deploy.md

@@ -20,14 +20,36 @@ sidebar_label: 安装包方式部署
    - 从[GITEE Release](https://gitee.com/usthe/hertzbeat/releases) 仓库下载
    - 从[GITHUB Release](https://github.com/usthe/hertzbeat/releases) 仓库下载
 
-3. 部署启动
+3. 配置HertzBeat的配置文件    
    解压安装包到主机 eg: /opt/hertz-beat
    ``` 
    $ tar zxvf hertz-beat-1.0.tar.gz 
    ```
-   执行位于安装目录/bin/下的启动脚本 startup.sh 
+   修改位于 hertz-beat/config/application.yml 的配置文件      
+   需要替换里面的MYSQL服务和TDengine服务参数，IP端口账户密码（若使用邮件告警，需替换里面的邮件服务器参数）
+   具体替换参数如下:
+   ``` 
+   spring.datasource.url
+   spring.datasource.username
+   spring.datasource.password
+   
+   warehouse.store.td-engine.url
+   warehouse.store.td-engine.username
+   warehouse.store.td-engine.password
+   
+   spring.mail.host
+   spring.mail.port
+   spring.mail.username
+   spring.mail.password
+   
+   ```
+
+4. 部署启动
+   执行位于安装目录hertz-beat/bin/下的启动脚本 startup.sh 
    ``` 
    $ ./startup.sh 
    ```
+5. 开始探索HertzBeat  
+   浏览器访问 http://ip:1157 开始使用HertzBeat进行监控告警。
 
 **HAVE FUN**

home/docs/start/quickstart.md

@@ -17,7 +17,7 @@ sidebar_label: 快速开始
 1. docker安装MYSQl  
 `docker run -d --name mysql -p 3306:3306 -e MYSQL_ROOT_PASSWORD=123456 mysql`   
 2. 创建名称为hertzbeat的数据库  
-3. 执行位于项目仓库/script/sql/目录下的数据库脚本 schema.sql    
+3. 执行位于项目仓库/script/sql/目录下的数据库脚本 [schema.sql](https://gitee.com/usthe/hertzbeat/raw/master/script/sql/schema.sql)      
 
 详细步骤参考 [依赖服务MYSQL安装初始化](mysql-init.md)    
 
@@ -36,8 +36,10 @@ sidebar_label: 快速开始
 
 详细步骤参考 [通过Docker方式安装HertzBeat](docker-deploy.md) 
 
-#### 通过安装包安装   
-todo  
+#### 通过安装包安装    
+1. 下载您系统环境对应的安装包 [GITEE Release](https://gitee.com/usthe/hertzbeat/releases) [GITHUB Release](https://github.com/usthe/hertzbeat/releases)  
+2. 配置HertzBeat的配置文件 hertz-beat/config/application.yml   
+3. 部署启动 `$ ./startup.sh `   
 
 详细步骤参考 [通过安装包安装HertzBeat](package-deploy.md) 
 

home/docusaurus.config.js

@@ -1,9 +1,9 @@
 const path = require('path')
 
 const organizationName = 'usthe' // Usually your GitHub org/user name.
-const projectName = 'sureness' // Usually your repo name.
+const projectName = 'hertzbeat' // Usually your repo name.
 const branch = 'master'
-const repoUrl = `https://github.com/dromara/${projectName}`
+const repoUrl = `https://github.com/usthe/${projectName}`
 const cdnUrl = '/'
 
 module.exports = {
@@ -85,51 +85,33 @@ module.exports = {
                 {
                     label: '博客',
                     position: 'left',
-                    to: 'blog',
+                    to: 'blog/',
                 },
                 {
                     label: '讨论交流',
                     position: 'left',
-                    to: 'docs/',
+                    to: 'docs/others/contact',
                 },
                 {
                     label: '私有化部署',
                     position: 'left',
-                    to: 'docs/',
-                },
-                {
-                    label: '反馈建议',
-                    position: 'left',
-                    items: [
-                        {
-                            label: 'Github Discussion',
-                            href: 'https://github.com/dromara/sureness/discussions',
-                        },
-                        {
-                            label: 'Gitter Channel',
-                            href: 'https://gitter.im/usthe/sureness',
-                        },
-                        {
-                            label: 'QQ Group - 390083213',
-                            href: 'https://qm.qq.com/cgi-bin/qm/qr?k=3IpzQjFOztJe464_eMBmDHfT0YTWK5Qa&jump_from=webapi',
-                        },
-                    ],
+                    to: 'docs/others/private',
                 },
                 {
                     label: '其它',
                     position: 'left',
                     items: [
                         {
-                            label: 'Design',
-                            to: 'docs/design',
+                            label: '设计文档',
+                            to: 'docs/others/design',
                         },
                         {
-                            label: 'Contributing',
-                            to: 'docs/contributing',
+                            label: '赞助我们',
+                            to: 'docs/others/sponsor',
                         },
                         {
-                            label: 'Sponsor',
-                            to: 'docs/sponsor',
+                            label: '相关资源',
+                            to: 'docs/others/resource',
                         },
                     ],
                 },
@@ -149,19 +131,19 @@ module.exports = {
                     items: [
                         {
                             label: '使用介绍',
-                            to: 'docs/introduce',
+                            to: 'docs/',
                         },
                         {
                             label: '安装文档',
                             to: 'docs/start/quickstart',
                         },
                         {
-                            label: 'High Performance',
-                            href: 'https://github.com/tomsun28/sureness-shiro-spring-security-benchmark',
+                            label: '自定义监控',
+                            to: 'docs/advanced/extend-point'
                         },
                         {
-                            label: 'Dashboard',
-                            href: 'https://github.com/dromara/sureness/projects/1',
+                            label: '帮助文档',
+                            to: 'docs/help/help'
                         },
                     ],
                 },
@@ -169,20 +151,20 @@ module.exports = {
                     title: '探云科技',
                     items: [
                         {
-                            label: 'Dromara',
-                            href: 'https://dromara.org',
+                            label: '交流联系',
+                            to: 'docs/others/contact',
                         },
                         {
-                            label: 'Github Discussion',
-                            href: 'https://github.com/dromara/sureness/discussions',
+                            label: '社区网站',
+                            href: 'https://support.qq.com/products/379369',
                         },
                         {
-                            label: 'Gitter Channel',
-                            href: 'https://gitter.im/usthe/sureness',
+                            label: 'TANCLOUD探云',
+                            href: 'https://tancloud.cn',
                         },
                         {
-                            label: 'QQ Group - 390083213',
-                            href: 'https://qm.qq.com/cgi-bin/qm/qr?k=3IpzQjFOztJe464_eMBmDHfT0YTWK5Qa&jump_from=webapi',
+                            label: 'HertzBeat赫兹节拍',
+                            href: 'https://hertzbeat.com',
                         },
                     ],
                 },
@@ -198,12 +180,8 @@ module.exports = {
                             href: 'https://gitee.com/usthe/hertzbeat',
                         },
                         {
-                            label: 'HertzBeat赫兹节拍',
-                            href: 'https://hertzbeat.com',
-                        },
-                        {
-                            label: 'TanCloud探云',
-                            href: 'https://tancloud.cn',
+                            label: '相关资源',
+                            to: 'docs/others/resource',
                         },
                     ],
                 },
@@ -213,7 +191,7 @@ module.exports = {
                 src: cdnUrl + 'img/tancloud-brand.svg',
                 href: 'https://tancloud.cn',
             },
-            copyright: `Apache License 2.0 | Copyright © ${new Date().getFullYear()}`,
+            copyright: `蜀ICP备2022002218号 | Copyright TANCLOUD© ${new Date().getFullYear()}`,
         },
     },
     presets: [

home/i18n/en/docusaurus-plugin-content-docs/current/advanced/custom-datasource.md

@@ -78,4 +78,4 @@ public class DefaultAccount implements SurenessAccount {
 这个具体的数据库接口实现可参考类 - [DatabaseAccountProvider](https://github.com/tomsun28/sureness/blob/master/sample-tom/src/main/java/com/usthe/sureness/sample/tom/sureness/provider/DatabaseAccountProvider.java)
 
 
-具体扩展实践请参考 [Springboot项目集成-数据库方案](/docs/integrate/sample-tom)     
+具体扩展实践请参考 [Springboot项目集成-数据库方案](/docs/help/sample-tom)     

home/i18n/en/docusaurus-plugin-content-docs/current/advanced/custom-processor.md

@@ -32,4 +32,4 @@ public abstract class BaseProcessor implements Processor{
 sureness使用异常流程模型，以上的认证失败或鉴权失败都会抛出不同类型的异常，用户在最外部捕获判断实现接下来的流程。
 
 sureness默认异常类型参考 [默认异常类型](/docs/start/default-exception)    
-具体扩展实践请参考 [Springboot项目集成-数据库方案](/docs/integrate/sample-tom)    
+具体扩展实践请参考 [Springboot项目集成-数据库方案](/docs/help/sample-tom)    

home/i18n/en/docusaurus-plugin-content-docs/current/advanced/custom-subject-creator.md

@@ -17,4 +17,4 @@ sureness已经内置能创建出基于账户密码的PasswordSubject的BasicSubj
 
 实现`SubjectCreate`接口方法,根据request请求的内容创建出对应需要的的`subject`
 
-具体扩展实践请参考 [sample-spring-webflux项目集成案例](/docs/integrate/sample-spring-webflux)      
+具体扩展实践请参考 [sample-spring-webflux项目集成案例](/docs/help/sample-spring-webflux)      

home/i18n/en/docusaurus-plugin-content-docs/current/advanced/custom-subject.md

@@ -17,4 +17,4 @@ subject包含的就是我们request请求所带的用户信息，sureness已经
 2. 实现`SubjectCreate`接口方法,创建出自定义的`subject` 参考[自定义Subject Creator](/docs/advanced/custom-subject-creator)
 3. 实现`Processor`接口,支持处理自定义的`subject` 参考[自定义Processor](/docs/advanced/custom-processor)
 
-具体扩展实践请参考 [使用sureness30分钟项目集成案例](/docs/integrate/sample-tom)     
+具体扩展实践请参考 [使用sureness30分钟项目集成案例](/docs/help/sample-tom)     

home/i18n/en/docusaurus-plugin-content-docs/current/introduce.md

@@ -62,13 +62,13 @@ slug: /
 
 ##### ✌ 框架支持样例
 
-- [x] Sureness集成**Spring Boot**样例(配置文件方案) [sample-bootstrap](/docs/integrate/sample-bootstrap)
-- [x] Sureness集成**Spring Boot**样例(数据库方案) [sample-tom](/docs/integrate/sample-tom)
-- [x] Sureness集成**Quarkus**样例 [sample-quarkus](/docs/integrate/sample-quarkus)
-- [x] Sureness集成**Javalin**样例 [sample-javalin](/docs/integrate/sample-javalin)
-- [x] Sureness集成**Ktor**样例 [sample-ktor](/docs/integrate/sample-ktor)
-- [x] Sureness集成**Spring Webflux**样例 [spring-webflux-sureness](/docs/integrate/sample-spring-webflux)
-- [x] Sureness集成**Micronaut**样例 [sample-micronaut](/docs/integrate/sample-micronaut)
+- [x] Sureness集成**Spring Boot**样例(配置文件方案) [sample-bootstrap](/docs/help/sample-bootstrap)
+- [x] Sureness集成**Spring Boot**样例(数据库方案) [sample-tom](/docs/help/sample-tom)
+- [x] Sureness集成**Quarkus**样例 [sample-quarkus](/docs/help/sample-quarkus)
+- [x] Sureness集成**Javalin**样例 [sample-javalin](/docs/help/sample-javalin)
+- [x] Sureness集成**Ktor**样例 [sample-ktor](/docs/help/sample-ktor)
+- [x] Sureness集成**Spring Webflux**样例 [spring-webflux-sureness](/docs/help/sample-spring-webflux)
+- [x] Sureness集成**Micronaut**样例 [sample-micronaut](/docs/help/sample-micronaut)
 - [x] Sureness使用Session样例 [sureness-session](https://github.com/usthe/sureness/tree/master/samples/sureness-session)
 - [x] Sureness分布式缓存Session样例 [sureness-redis-session](https://github.com/usthe/sureness/tree/master/samples/sureness-redis-session)
 - [x] More samples todo   

home/i18n/en/docusaurus-plugin-content-docs/current/start/default-auth.md

@@ -46,6 +46,6 @@ Authorization: Basic dG9tOjMyMTEz
 #### 其他认证方式
 目前`sureness`默认支持这三种主流的认证方式，满足绝大部分需求，当然你也可以很轻松的自定义认证方式，详见[自定义Subject](/docs/advanced/custom-subject)  
 
-我们提供了默认认证方式的使用`DEMO`，请参考 [一步一步搭建认证鉴权系统](/docs/integrate/sample-bootstrap)       
-当然我们也提供了自定义认证方式的扩展`DEMO`，请参考 [Springboot项目集成-数据库方案](/docs/integrate/sample-tom)      
+我们提供了默认认证方式的使用`DEMO`，请参考 [一步一步搭建认证鉴权系统](/docs/help/sample-bootstrap)       
+当然我们也提供了自定义认证方式的扩展`DEMO`，请参考 [Springboot项目集成-数据库方案](/docs/help/sample-tom)      
 

home/i18n/en/docusaurus-plugin-content-docs/current/start/default-datasource.md

@@ -60,5 +60,5 @@ account:
 
 ```
 
-我们提供了默认文本数据源使用`DEMO`，默认文本数据源具体实现，请参考 [一步一步搭建认证鉴权系统](/docs/integrate/sample-bootstrap)     
-当然数据源也可以来自数据库等存储,我们提供了接口让用户轻松的自定义数据源，详见[自定义数据源](/docs/advanced/custom-datasource)  
+我们提供了默认文本数据源使用`DEMO`，默认文本数据源具体实现，请参考 [一步一步搭建认证鉴权系统](/docs/help/sample-bootstrap)     
+当然数据源也可以来自数据库等存储,我们提供了接口让用户轻松的自定义数据源，详见[自定义数据源](/docs/advanced/custom-datasource)  

home/sidebars.json

@@ -16,47 +16,39 @@
       "type": "category",
       "label": "自定义监控",
       "items": [
-        "advanced/extend-point",
-        "advanced/custom-subject",
-        "advanced/custom-subject-creator",
-        "advanced/custom-processor",
-        "advanced/custom-datasource"
+        "advanced/extend-point"
       ]
     },
     {
       "type": "category",
       "label": "帮助文档",
       "items": [
+        "help/help",
         {
           "type": "category",
           "label": "应用服务监控",
           "items": [
-            "integrate/sample-bootstrap"
+            "help/help"
           ]
         },
         {
           "type": "category",
           "label": "数据库监控",
           "items": [
-            "integrate/sample-bootstrap"
+            "help/help"
           ]
-        },
-        "integrate/sample-bootstrap",
-        "integrate/sample-tom",
-        "integrate/sample-quarkus",
-        "integrate/sample-javalin",
-        "integrate/sample-spring-webflux",
-        "integrate/sample-ktor",
-        "integrate/sample-micronaut"
+        }
       ]
     },
     {
       "type": "category",
       "label": "Others",
       "items": [
-        "design",
-        "contributing",
-        "sponsor"
+        "others/contact",
+        "others/design",
+        "others/sponsor",
+        "others/private",
+        "others/resource"
       ]
     }
   ]