1、引入lombok支持，重构JavaBean 将 常规getter/setter去除

2、去除Gson 依赖

src/main/java/net/tccn/servlet/BaseServlet.java

@@ -1,7 +1,6 @@
 package net.tccn.servlet;
 
 import com.arangodb.ArangoDBException;
-import com.google.gson.Gson;
 import net.tccn.base.JBean;
 import net.tccn.base.Kv;
 import net.tccn.base.arango.ArangoSource;
@@ -9,7 +8,6 @@ import net.tccn.service.UserService;
 import net.tccn.user.User;
 import org.redkale.net.http.HttpRequest;
 import org.redkale.net.http.HttpResponse;
-import org.redkale.net.http.HttpScope;
 import org.redkale.net.http.HttpServlet;
 
 import javax.annotation.Resource;
@@ -26,7 +24,6 @@ public class BaseServlet extends HttpServlet {
     private UserService userService;
 
     public Logger logger = Logger.getLogger(this.getClass().getSimpleName());
-    protected static Gson gson = new Gson();
 
     @Override
     protected void preExecute(HttpRequest request, HttpResponse response) throws IOException {
@@ -50,10 +47,13 @@ public class BaseServlet extends HttpServlet {
     protected void authenticate(HttpRequest request, HttpResponse response) throws IOException {
          //fixme: 权限拦截
         if (request.currentUser() == null) {
-            if ("XMLHttpRequest".equals(request.getHeader("X-Requested-With"))){
+            String accept = request.getHeader("Accept");
+            if ("XMLHttpRequest".equals(request.getHeader("X-Requested-With")) || (accept != null && accept.contains("application/json"))) {
                 response.finish(JBean.by(-2, "未登陆"));
-            }else {
-                response.finish(HttpScope.refer("/user/login.html"));
+            } else {
+                response.setStatus(302);
+                response.setHeader("location", "/user/login.html");
+                response.finish();
             }
             return;
         }