diff --git a/src/main/java/com/cetc32/dh/beans/LoginResult.java b/src/main/java/com/cetc32/dh/beans/LoginResult.java
index 96e1300669a07b4fbd02816ebc8e7f8c1bf3b41a..4016faf6a4d87ade8d359f6fbfaa5fe13e1db87a 100644
--- a/src/main/java/com/cetc32/dh/beans/LoginResult.java
+++ b/src/main/java/com/cetc32/dh/beans/LoginResult.java
@@ -1,5 +1,7 @@
 package com.cetc32.dh.beans;
 
+import org.apache.commons.lang3.StringUtils;
+
 import java.util.ArrayList;
 import java.util.List;
 import java.util.stream.Collectors;
@@ -11,7 +13,7 @@ public class LoginResult {
     private String username;
     private Integer userid;
     private List<Integer> role;
-    private int security;
+    private Integer security;
     private List<Integer> areacode;
     private long expriation;
     private String userBD;
@@ -75,11 +77,11 @@ public class LoginResult {
         this.role = role;
     }
 
-    public int getSecurity() {
+    public Integer getSecurity() {
         return security;
     }
 
-    public void setSecurity(int security) {
+    public void setSecurity(Integer security) {
         this.security = security;
     }
 
@@ -153,7 +155,7 @@ public class LoginResult {
     }
     private List<Integer> str2intList(String str)
     {
-        if(str==null)
+        if(StringUtils.isBlank(str))
         {
             return new ArrayList<>();
         }
diff --git a/src/main/java/com/cetc32/dh/beans/ResultUserInfo.java b/src/main/java/com/cetc32/dh/beans/ResultUserInfo.java
index 0275e1f65f8164de163affb47ccc5a9841802b9d..adf6f7864b08c9631f65affe9fc1dfb88da142eb 100644
--- a/src/main/java/com/cetc32/dh/beans/ResultUserInfo.java
+++ b/src/main/java/com/cetc32/dh/beans/ResultUserInfo.java
@@ -244,6 +244,15 @@ public class ResultUserInfo extends NumberS {
             this.permissions.addAll(permissions);
         }
     }
+    public void addPermissions (String permissions){
+        if(permissions ==null){
+            return;
+        }
+        if(this.permissions==null )
+            this.permissions=new ArrayList<>();
+        if(!this.permissions.contains(permissions))
+            this.permissions.add(permissions);
+    }
     public void setPermissions(String[] permissions){
         if(permissions ==null)
         {
diff --git a/src/main/java/com/cetc32/dh/common/response/ExceptionController.java b/src/main/java/com/cetc32/dh/common/response/ExceptionController.java
index d30f6a05f82d9613ae5b117ad1654aae2f15a4e6..9ab55b0ff70db68db823efecb74d5d2bdeef92c0 100644
--- a/src/main/java/com/cetc32/dh/common/response/ExceptionController.java
+++ b/src/main/java/com/cetc32/dh/common/response/ExceptionController.java
@@ -1,6 +1,8 @@
 package com.cetc32.dh.common.response;
 
 import org.apache.http.protocol.ResponseDate;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.http.HttpStatus;
 import org.springframework.validation.BindingResult;
 import org.springframework.validation.ObjectError;
@@ -18,6 +20,7 @@ import java.io.IOException;
 
 @ControllerAdvice
 public class ExceptionController {
+    Logger logger = LoggerFactory.getLogger(ExceptionController.class);
     @ExceptionHandler(RuntimeException.class)
     @ResponseBody
     public ResponseData hander500(HttpServletRequest r,Exception e){
@@ -32,6 +35,7 @@ public class ExceptionController {
     @ExceptionHandler(value= HttpRequestMethodNotSupportedException.class)
     @ResponseBody
     public ResponseData handler405(HttpRequestMethodNotSupportedException e){
+        e.printStackTrace();
         return ResponseData.fail(HttpStatus.METHOD_NOT_ALLOWED.value(),"方法不支持的請求方式",null);
     }
 
@@ -44,6 +48,8 @@ public class ExceptionController {
     @ResponseBody
     public ResponseData handler(IllegalArgumentException e) throws IOException {
 //        log.error("Assert异常:-------------->{}",e.getMessage());
+        e.printStackTrace();
+        logger.error(e.toString());
         return ResponseData.fail(400,e.getMessage(),null);
     }
 
@@ -54,7 +60,7 @@ public class ExceptionController {
     @ExceptionHandler(value = MethodArgumentNotValidException.class)
     @ResponseBody
     public ResponseData handler(MethodArgumentNotValidException e) throws IOException {
-
+        e.printStackTrace();
         BindingResult bindingResult = e.getBindingResult();
         //这一步是把异常的信息最简化
         ObjectError objectError = bindingResult.getAllErrors().stream().findFirst().get();
@@ -64,6 +70,7 @@ public class ExceptionController {
     @ExceptionHandler(value = NoHandlerFoundException.class)
     @ResponseBody
     public ResponseData handler(HttpServletRequest h,NoHandlerFoundException e) throws IOException {
+        e.printStackTrace();
         return ResponseData.fail(HttpStatus.NOT_FOUND.value(),"404,URL未找到！"+e.getMessage(),null);
     }
 }
diff --git a/src/main/java/com/cetc32/dh/common/response/ResponseData.java b/src/main/java/com/cetc32/dh/common/response/ResponseData.java
index f7bbd912a30679c97935ce9bf22071fae89fddc5..89bd70c355e5c3150364ee5afbcf765884e05bd3 100644
--- a/src/main/java/com/cetc32/dh/common/response/ResponseData.java
+++ b/src/main/java/com/cetc32/dh/common/response/ResponseData.java
@@ -53,6 +53,10 @@ public class ResponseData extends ResponseMessage{
         this.data = obj;
     }
 
+    public static ResponseData error (int code ,String msg){
+        return new ResponseData(code+"",msg,null);
+
+    }
     public static ResponseData error(){
         return new ResponseData("-1","error",null);
     }
diff --git a/src/main/java/com/cetc32/dh/controller/rest/AreaCommonController.java b/src/main/java/com/cetc32/dh/controller/rest/AreaCommonController.java
index 45362f6ee1a11e3a5b879429ef6a1ee0ba16f354..929a7971da8ec4e786de972f3674349711383ca2 100644
--- a/src/main/java/com/cetc32/dh/controller/rest/AreaCommonController.java
+++ b/src/main/java/com/cetc32/dh/controller/rest/AreaCommonController.java
@@ -54,8 +54,9 @@ public class AreaCommonController {
         if (id == null) {
             id = startCode;
         }
+
 //        List<AreaCommonDTO> areaCommonDTO = areaCommonService.getAreaTreeList(id);
-        return ResponseResult.success(areaCommonService.getAreaTreeList(startCode));
+        return ResponseResult.success(areaCommonService.getAreaTreeList(id));
     }
 
     @ApiOperation(value = "根据ID查询区域范围")
diff --git a/src/main/java/com/cetc32/dh/controller/rest/AuthController.java b/src/main/java/com/cetc32/dh/controller/rest/AuthController.java
index efd37bacebe21bed6729a7a7c00a52927961314d..fadb8c632c3f4aa8d585b4cb215cfacf87b6e49a 100644
--- a/src/main/java/com/cetc32/dh/controller/rest/AuthController.java
+++ b/src/main/java/com/cetc32/dh/controller/rest/AuthController.java
@@ -30,6 +30,8 @@ import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
@@ -61,16 +63,19 @@ import static com.cetc32.dh.common.utils.Tools.*;
 @RequestMapping("/rest/auth/")
 @LoginRequired(loginSuccess = true)
 public class AuthController {
-
+    @Value("${thirdRole}")
+    Integer thirdRole;
     @Value("${sso.basePermission}")
     String basePermission;
-    @Value("${sso.tokeAge}")
-    Long tokenAge=7200000L;
+    @Value("${sso.tokeAge:7200000}")
+    Long tokenAge;
     @Value("${sso.syscode}")
     String sysCode;
     @Value("${departmentRoot}")
     Integer departmentRoot;
-
+    @Value("${keyCangQiong:password}")
+    String keyCangQiong;
+    Logger logger = LoggerFactory.getLogger(AuthController.class);
     @Autowired
     AdminUserService userService;
 
@@ -104,17 +109,86 @@ public class AuthController {
     public ResponseData weblogin2(@RequestBody LoginParameter loginParameter, HttpServletRequest request, HttpServletResponse response){
         String username=loginParameter.getUsername();
         String password=loginParameter.getPassword();
-        BaseAdminUser user= userService.findByUserName(username);
+        BaseAdminUser bAU = new BaseAdminUser();
+        bAU.setSysUserName(username);
+        bAU.setUserStatus(1);
+        BaseAdminUser user= userService.findByUser(bAU);
         ResponseData x = verifyUserLoginEnable(username,password,user);
-        if(x != null) return x;
+        if(x.getCode() < 0){
+            int code=x.getCode();
+            bAU.setUserStatus(1001);
+            user= userService.findByUser(bAU);
+            if(null==user){
+                bAU.setUserStatus(1002);
+                user = userService.findByUser(bAU);
+            }
+            x = verifyUserLoginEnable(username,password,user);
+            if(x.getCode()<0){
+                if(x.getCode()>code)
+                    code =x.getCode();
+                bAU.setUserStatus(-1);
+                user= userService.findByUser(bAU);
+                x = verifyUserLoginEnable(username,password,user);
+                if(x.getCode()<0){
+                   code =x.getCode();
+                }
+            }
+            if(x.getCode()<0){
+                return ResponseData.error(code == -2?"账户信息异常！！":"账户信息有误或未审核！");
+            }
+        }
         user.setLoginFailed(0);
         user.setWebLoginDate(new Date());
         user.setWebLoginStatus(1);
         int webCount=user.getWebLoginCount()+1;
         user.setWebLoginCount(webCount);
-        return createTokenAndSaveCookies(request, response, username, user);
+        return createTokenAndSaveCookies(request, response,  user);
+    }
+    @ApiOperation(value = "用户登录验证，并返回用户相应角色", notes = "")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "username", value = "用户名", paramType = "String"),
+            @ApiImplicitParam(name = "password", value = "密码", paramType = "String")
+    })
+    @PostMapping("/slogin")
+    @LoginSkipped
+    public ResponseData thirdLogin(@RequestBody LoginParameter loginParameter ,HttpServletRequest request, HttpServletResponse response){
+        String username=loginParameter.getUsername();
+        String password=loginParameter.getPassword();
+        BaseAdminUser bAU = new BaseAdminUser();
+        bAU.setSysUserName(username);
+        bAU.setUserStatus(1001);
+        BaseAdminUser user= userService.findByUser(bAU);
+        if(null == user){
+            bAU.setUserStatus(1002);
+            user = userService.findByUser(bAU);
+        }
+        if(null == user){//第三方用户初次登录直接录入数据库
+            bAU.setRoleId(thirdRole);
+            bAU.setRealName(bAU.getSysUserName());
+            bAU.setRegTime(new Date());
+            bAU.setSysUserPwd(DigestUtils.Md5(username,keyCangQiong));
+            bAU.setUserStatus(1001);
+            userService.insertUser(bAU);
+            user=new BaseAdminUser();
+            user.setSysUserName(username);
+            user.setUserStatus(1001);//verifyUserLoginEnable
+            BaseAdminUser u =userService.findByUser(user);
+            if(null != u)
+                user.setId(u.getId());
+            user.setRealName(username);
+            user.setSysUserPwd(keyCangQiong);
+            user.setWebLoginCount(0);
+            //user= userService.findByUser(bAU);
+        }
+        ResponseData x = verifyUserLoginEnable(username,keyCangQiong,user);
+        if(x.getCode() < 0 ) return x;
+        user.setLoginFailed(0);
+        user.setWebLoginDate(new Date());
+        user.setWebLoginStatus(1);
+        int webCount=user.getWebLoginCount()+1;
+        user.setWebLoginCount(webCount);
+        return createTokenAndSaveCookies(request, response,  user);
     }
-
     /**
      * web用户登陆
      * @Description 用户登陆接口，登陆过程中需要更新用户的登陆时间，loginFailed次数等
@@ -134,27 +208,53 @@ public class AuthController {
     public ResponseData applogin2(@RequestBody LoginParameter loginParameter, HttpServletRequest request, HttpServletResponse response){
         String username=loginParameter.getUsername();
         String password=loginParameter.getPassword();
-        BaseAdminUser user= userService.findByUserName(username);
-        ResponseData x = verifyUserLoginEnable(username, password, user);
-        if (x != null) return x;
+        BaseAdminUser bAU = new BaseAdminUser();
+        bAU.setSysUserName(username);
+        bAU.setUserStatus(1);
+        BaseAdminUser user= userService.findByUser(bAU);
+        ResponseData x = verifyUserLoginEnable(username,password,user);
+        if(x.getCode() < 0){
+            int code=x.getCode();
+            bAU.setUserStatus(1001);
+            user= userService.findByUser(bAU);
+            if(null==user){
+                bAU.setUserStatus(1002);
+                user = userService.findByUser(bAU);
+            }
+            x = verifyUserLoginEnable(username,password,user);
+            if(x.getCode()<0){
+                if(x.getCode()>code)
+                    code =x.getCode();
+                bAU.setUserStatus(-1);
+                user= userService.findByUser(bAU);
+                x = verifyUserLoginEnable(username,password,user);
+                if(x.getCode()<0){
+                    code =x.getCode();
+                }
+            }
+            if(x.getCode()<0){
+                return ResponseData.error(code == -2?"账户信息异常！！":"账户信息有误或未审核！");
+            }
+        }
         user.setLoginFailed(0);
         user.setAppLoginDate(new Date());
         user.setAppLoginStatus(1);
         int appCount=user.getAppLoginCount()+1;
         user.setAppLoginCount(appCount);
-        return createTokenAndSaveCookies(request, response, username, user);
+        return createTokenAndSaveCookies(request, response,  user);
     }
 
     @NotNull
-    private ResponseData createTokenAndSaveCookies(HttpServletRequest request, HttpServletResponse response, String username, BaseAdminUser user) {
+    private ResponseData createTokenAndSaveCookies(HttpServletRequest request, HttpServletResponse response,  BaseAdminUser user) {
         userService.updateLogin(user);
         long currentTimeMillis = System.currentTimeMillis();
-        System.out.println("tokenAge:"+tokenAge);
-        String jwtToken = JWTUtil.createToken(username, currentTimeMillis,tokenAge);
-        List<String> zqPoints = null;//userService.getZQPoints(user.getAreaCodeList());
+        logger.debug("tokenAge: {}",tokenAge);
+        String jwtToken = JWTUtil.createToken(user.getId()+"", currentTimeMillis,tokenAge);
+        logger.debug("Token info :{}",JWTUtil.getUsername(jwtToken));
+        //List<String> zqPoints = null;//userService.getZQPoints(user.getAreaCodeList());
         LoginResult data = new LoginResult(jwtToken,
-                user.getDepartment().toString(),
-                username,
+                user.getDepartment()==null?null:user.getDepartment().toString(),
+                user.getSysUserName(),
                 user.getId(),
                 user.getRoleId(),
                 user.getSecurity(),
@@ -164,7 +264,7 @@ public class AuthController {
                 user.getUserBD(),
                 user.getUserPhone(),
                 user.getRealName(),
-                zqPoints);
+                null);
         CookieUtil.setCookie(request, response, "token", jwtToken, tokenAge.intValue()/1000, true);
         return ResponseData.success(200, "success", data);
     }
@@ -172,16 +272,21 @@ public class AuthController {
     @Nullable
     private ResponseData verifyUserLoginEnable(String username, String password, BaseAdminUser user) {
         if(user == null)
-            return ResponseData.error("账户信息异常！！");
+            return ResponseData.error(-2,"账户信息异常！！");
         if(user.getUserStatus() == -1){
-            return ResponseData.error("未激活用户请先联系管理员审核账号。");
+            return ResponseData.error("账户信息有误或未审核！");
         }else if( user.getUserStatus()<1){
             return  ResponseData.error("账号已经注销。");
+        }else if(user.getUserStatus()>1000){
+            if(!user.getSysUserPwd().equals(DigestUtils.Md5(username,password))){
+                userService.updatePwd(username,password,user.getUserStatus());
+            }
+            return ResponseData.success();
         }
         int failed=user.getLoginFailed();
-        if(failed>3){
+        /*if(failed>3){
             return ResponseData.error("失败次数超过三次！");
-        }
+        }*/
         if(StringUtils.isBlank(username) || StringUtils.isBlank(password))
         {
             // loginFailed每次登陆都要更新，且登陆失败或成功都要进行更新，且登陆失败
@@ -192,7 +297,7 @@ public class AuthController {
             return ResponseData.error("用户名和密码不能为空！");
         }
 
-        if(user==null || !user.getSysUserPwd().equals(DigestUtils.Md5(username,password)))
+        if(!user.getSysUserPwd().equals(DigestUtils.Md5(username,password)))
         {
             // loginFailed每次登陆都要更新，且登陆失败或成功都要进行更新，且登陆失败
             //       也需要更新登陆时间，且登陆登出时间保持为一致，为了统计在线人数
@@ -204,7 +309,7 @@ public class AuthController {
 //        if(user.getWebLoginStatus()==1){
 //          return ResponseData.error("用户网页登录已在线，不能重复登录！");
 //        }
-        return null;
+        return ResponseData.success();
     }
 
     /**
@@ -214,9 +319,9 @@ public class AuthController {
     @LoginSkipped
     @GetMapping("/user/exist")
     public ResponseData findUserByName(String username){
-        System.out.println("username"+username);
-        BaseAdminUser user =userService.findByUserName(username);
-        if(user == null){
+        logger.debug("exists username : {}",username);
+        List<BaseAdminUser> users =userService.findByUserName(username);
+        if(users == null || users.size()==0){
           return   ResponseData.success( true);
         }else{
             return ResponseData.success( false);
@@ -243,7 +348,7 @@ public class AuthController {
             return ResponseData.error("密码不能为空！");
         }
         BaseAdminUser user =new BaseAdminUser();
-        System.out.println(JSONObject.toJSONString(userInfo).toString());
+        logger.debug("register userInfo : {}",JSONObject.toJSONString(userInfo));
 //        使用属性复制相同字段减少代码量
         BeanUtils.copyProperties(userInfo, user);
         user.setSysUserPwd(DigestUtils.Md5(userInfo.getUsername(),userInfo.getPassword()));
@@ -430,7 +535,7 @@ public class AuthController {
         for(ResultUserInfoDe u:users){
             List<Integer>roleIds =u.getRole();
             //确保权限优先级为当前记录
-            //System.out.println("getPermission: "+u.getPermissions());
+            logger.debug("users getPermission: {}",u.getPermissions());
             if(u.getPermissions() != null && 0 < u.getPermissions().size())
                 continue;
             if(null!=u.getRole())
@@ -459,13 +564,17 @@ public class AuthController {
     @LoginSkipped
     @PostMapping("/resetpwd")
     public ResponseData resetPwd(@RequestBody FormUser formUser){
-        BaseAdminUser us = userService.findByUserName(formUser.getUsername());
-        if(us !=null){
-            if(us.getSysUserPwd().equals(DigestUtils.Md5(formUser.getUsername(),formUser.getPassword()))){
-                userService.updatePwd(formUser.getUsername(),formUser.getPasswordN());
-                return ResponseData.success();
+        List<BaseAdminUser> us = userService.findByUserName(formUser.getUsername());
+        if(us !=null && us.size()>0){
+            for(BaseAdminUser u:us){
+                if(u.getUserStatus()>1000)
+                    continue;
+                if(u.getSysUserPwd().equals(DigestUtils.Md5(formUser.getUsername(),formUser.getPassword()))){
+                    userService.updatePwd(formUser.getUsername(),formUser.getPasswordN(),1);
+                    return ResponseData.success();
+                }
             }
-            //return ResponseData.error();
+            return ResponseData.error("非本系统维护帐号，无法修改，请到帐号所属系统维护。");
         }
         return ResponseData.error("用户账户信息有误。");
     }
@@ -633,16 +742,26 @@ public class AuthController {
     @PostMapping("/token")
     @LoginSkipped
     public ResponseData token(String token){
+        logger.debug("token in verify: {}",token);
         if(token!=null )
         {
-            String username=JWTUtil.getUsername(token);
-            if(username!=null && JWTUtil.verify(token))
+            if( JWTUtil.verify(token))
             {
-                BaseAdminUser user= userService.findByUserName(username);
+                long exp=JWTUtil.getExpire(token);
+                long currentTimeMillis = System.currentTimeMillis()/1000;
+                logger.debug("token exp:{} ,{} ",exp,currentTimeMillis);
+                if(exp <= currentTimeMillis) {
+                    logger.info("token 已过期: {}",token);
+                    return ResponseData.error("token 已过期！");
+                }
+                String userId=JWTUtil.getUsername(token);
+                logger.debug("analysis token userID: {}",userId);
+                BaseAdminUser user = new BaseAdminUser();
+                user.setId(Integer.valueOf(userId));
+                user = userService.findByUser(user);
+
                 if(user!=null)
                 {
-                    long currentTimeMillis = System.currentTimeMillis()/1000;
-                    long exp=JWTUtil.getExpire(token);
                     List<ResultUserRole> resultUserRole=null;
                     try{
                         String[] roleIds =user.getRoleId().split(",");
@@ -655,69 +774,94 @@ public class AuthController {
                             if(StringUtils.isBlank(role)){
                                 continue;
                             }
-                             ResultUserRole r = adminRoleService.findRoleById(Integer.valueOf(role));
-                             if(r!=null)
-                                 resultUserRole.add(r);
+                            ResultUserRole r = adminRoleService.findRoleById(Integer.valueOf(role));
+                            if(r!=null)
+                                resultUserRole.add(r);
                         }
                     }catch (Exception e){
                         e.printStackTrace();
                     }
-                    if(exp>currentTimeMillis)
-                    {
-                        ResultUserInfo data=new ResultUserInfo();
-                        BeanUtils.copyProperties(user, data);
-                        data.setRole(user.getRoleId());
-                        data.setUsername(username);
-                        data.setId(user.getId());
-                        data.setSecurity(user.getSecurity());
-                        data.setAreacode(user.getAreacode());
-                        data.setDepartment(user.getDepartment());
-                        data.setPwd(user.getSysUserPwd());
-                        System.out.println(user.getPermissions());
-                        if(resultUserRole!=null ){
-                            //确保user 的permission中有权限时候忽略角色权限
-                            if(StringUtils.isBlank(user.getPermissions())){
-                                for(ResultUserRole r :resultUserRole)
-                                    data.addPermissions(r.getSystemMenu());
-                            }else{
-                                data.addPermissions(Arrays.asList(user.getPermissions().split(",")));
-                            }
-                            if(null != data.getPermissions() && data.getPermissions().stream().noneMatch(f-> f.startsWith(sysCode))){
-                                data.getPermissions().add(basePermission);
-                            }
+                    ResultUserInfo data=new ResultUserInfo();
+                    BeanUtils.copyProperties(user, data);
+                    data.setRole(user.getRoleId());
+                    data.setUsername(user.getSysUserName());
+                    data.setId(user.getId());
+                    data.setSecurity(user.getSecurity());
+                    data.setAreacode(user.getAreacode());
+                    data.setDepartment(user.getDepartment());
+                    data.setPwd(user.getSysUserPwd());
+                    //System.out.println(user.getPermissions());
+                    if(resultUserRole!=null ){
+                        //确保user 的permission中有权限时候忽略角色权限
+                        if(StringUtils.isBlank(user.getPermissions())){
+                            for(ResultUserRole r :resultUserRole)
+                                data.addPermissions(r.getSystemMenu());
+                        }else{
+                            data.addPermissions(Arrays.asList(user.getPermissions().split(",")));
                         }
-                        if(null!=data.getDepartment() && data.getDepartment().size()>0){
-                            List<Integer> depIds = data.getDepartment();
-                            Integer id=depIds.get(0);
-                            if(depIds.size()>1){
-                                for(Integer i :depIds){
-                                    if(id>i&& i>departmentRoot)
-                                        id=i;
-                                }
+                        if(null != data.getPermissions() && data.getPermissions().stream().noneMatch(f-> f.startsWith(sysCode))){
+                            data.getPermissions().add(basePermission);
+                        }
+                    }
+                    if(null!=data.getDepartment() && data.getDepartment().size()>0){
+                        List<Integer> depIds = data.getDepartment();
+                        Integer id=depIds.get(0);
+                        if(depIds.size()>1){
+                            for(Integer i :depIds){
+                                if(id>i&& i>departmentRoot)
+                                    id=i;
                             }
-                            Department dept=null;
+                        }
+                        Department dept=null;
+                        try{
                             do{
                                 dept =departmentService.findByID(id);
-                                id=dept.getOrganizationid();
+                                if(null != dept){
+                                    id=dept.getOrganizationid();
+                                    data.setDepartment(dept.getId());
+                                }else{
+                                    break;
+                                }
                             }while(id!= departmentRoot);
-                            if(null != dept){
-                                data.setDepartment(dept.getId());
-                            }
+                        }catch (Exception e){
+
                         }
-                        data.setAreaMap(areaCommonService.selectCityByCodes(data.getAreacode()));
-                        return ResponseData.success(data);
-                    }
-                    else
-                    {
-                        return ResponseData.error("token 已过期！");
+
                     }
+                    data.setAreaMap(areaCommonService.selectCityByCodes(data.getAreacode()));
+                    return ResponseData.success(data);
+                }else{
+                    logger.warn("找到该token对应账户,请联系管理员:{}",token);
+                    return ResponseData.error("找到该token对应账户,请联系管理员.");
                 }
+
+            }else{
+                return ResponseData.error("token 认证失败！");
             }
-            return ResponseData.error("token 认证失败！");
         }
         return ResponseData.error("缺少参数token！");
     }
-
+    @PostMapping(path = "/check_token")
+    @LoginSkipped
+    public ResponseData checkToken(@RequestBody Map<String ,String> map) {
+        Iterator<Map.Entry<String,String>> it =map.entrySet().iterator();
+        long  expire = 0l,ep0=0l;
+        String ret=null;
+        while(it.hasNext()){
+            String v =it.next().getValue();
+            if(JWTUtil.verify(v)){
+                ep0=JWTUtil.getExpire(v);
+                if(ep0>expire){
+                    expire= ep0;
+                    ret= v;
+                }
+            }
+        }
+        if(StringUtils.isNotBlank(ret)){
+            return ResponseData.success(200,"success",ret);
+        }
+        return ResponseData.error();
+    }
     /**
      * 非授权用户登陆
      * @param message
@@ -747,4 +891,14 @@ public class AuthController {
         }
         return ResponseData.success(users);
     }
+    SysInfoService sysInfoService;
+    @Autowired
+    public void setSysInfoService(SysInfoService sysInfoService) {
+        this.sysInfoService = sysInfoService;
+    }
+    @LoginSkipped
+    @GetMapping("/systems")
+    public ResponseData systems(){
+        return ResponseData.success(sysInfoService.selectAll());
+    }
 }
diff --git a/src/main/java/com/cetc32/dh/controller/rest/AuthRoleController.java b/src/main/java/com/cetc32/dh/controller/rest/AuthRoleController.java
index ef4e12009bbdb868b6af391db342a4739f4150ab..0eba79fa28c27da736e619ee60b8f067ff4402aa 100644
--- a/src/main/java/com/cetc32/dh/controller/rest/AuthRoleController.java
+++ b/src/main/java/com/cetc32/dh/controller/rest/AuthRoleController.java
@@ -44,8 +44,8 @@ public class AuthRoleController {
             @ApiImplicitParam(name="results",value = "每页数据条数",dataType = "Integer",defaultValue = "10"),
     })
     @PostMapping(value = "/getAll")
-    public PageDataResult getRoles(@RequestBody NumberS number){
-        return new PageDataResult(adminRoleService.countRoles(), adminRoleService.getAllRoles(number),number.getOffset());
+    public PageDataResult getRoles(@RequestBody BaseAdminRole number){
+        return new PageDataResult(adminRoleService.countRoles(number), adminRoleService.getAllRoles(number),number.getOffset());
     }
 
     @ApiOperation(value = "获取角色列表(不分页)", notes = "")
diff --git a/src/main/java/com/cetc32/dh/controller/rest/DepartmentController.java b/src/main/java/com/cetc32/dh/controller/rest/DepartmentController.java
index dc2009ff1cb0f396b85a25389b63436919840414..480a9f8f379eff02d3326e95d7818aa88f04bc8d 100644
--- a/src/main/java/com/cetc32/dh/controller/rest/DepartmentController.java
+++ b/src/main/java/com/cetc32/dh/controller/rest/DepartmentController.java
@@ -20,11 +20,15 @@ import io.swagger.models.Response;
 import io.swagger.models.auth.In;
 import org.apache.commons.lang3.StringUtils;
 import org.bouncycastle.crypto.tls.MACAlgorithm;
+import org.jetbrains.annotations.Nullable;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 import springfox.documentation.spring.web.readers.operation.ResponseMessagesReader;
 
 import java.util.ArrayList;
+import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.stream.Collectors;
@@ -32,6 +36,7 @@ import java.util.stream.Collectors;
 @RestController
 @RequestMapping({"/department/","/rest/department"})
 public class DepartmentController{
+    Logger logger = LoggerFactory.getLogger(DepartmentController.class);
     @Autowired
     DepartmentServiceImpl departmentService;
 
@@ -62,14 +67,55 @@ public class DepartmentController{
     })
     @LoginSkipped
     @GetMapping(value = "/tree")
-    public ResponseResult departmentTree(Integer id) {
+    public ResponseResult departmentTree(String name) {
+        Integer id =1;
         if (id ==null ){
             id = 1;
         }
+        //String name =(String)map.get("name");
+        logger.debug("search department key : {} , {}",name,id);
         List<CommonTreeDTO> commonTreeDTO = departmentService.getTreeList(id);
+        logger.debug("department tree size() : {}",commonTreeDTO.size());
+        if(StringUtils.isNotBlank(name)){
+            name = name.trim();
+            Iterator<CommonTreeDTO> it = commonTreeDTO.iterator();
+            while(it.hasNext()){
+               CommonTreeDTO c= it.next();
+               if(null == filterTree(c,name)){
+                   it.remove();
+               }
+            }
+        }
+        logger.debug("search department tree size() : {}",commonTreeDTO.size());
         return ResponseResult.success(commonTreeDTO);
     }
 
+    private CommonTreeDTO filterTree(CommonTreeDTO tree,String key){
+
+            //Iterator<CommonTreeDTO> it =it.next();
+            if(null !=tree.getChildren() && tree.getChildren().size()>0){ //not leaf node
+                if(tree.getChildren()!=null && tree.getChildren().size()>0){
+                    Iterator<CommonTreeDTO> it = tree.getChildren().iterator();
+                    while(it.hasNext()){
+                        CommonTreeDTO dt =it.next();
+                        if(null!= dt.getChildren() && dt.getChildren().size()>0){
+                            filterTree(dt,key);
+                        }
+                        if(null == dt.getChildren() || 0== dt.getChildren().size()){
+                            if(!dt.getTitle().contains(key)){
+                                it.remove();
+                            }
+                        }
+                    }
+                }
+            }
+            if(tree.getTitle().contains(key) || tree.getChildren()!=null && tree.getChildren().size()>0){
+                return tree;
+            }
+
+        return null;
+    }
+
     /**
      * 新增部门
      * @param department
@@ -102,7 +148,9 @@ public class DepartmentController{
     private boolean checkDepartment(@RequestBody Department department) {
         List<Department> dp=departmentService.findByParentID(department.getOrganizationid());
         List<Department> result1 = dp.stream()
-                .filter(item -> item.getName().equals(department.getName()))
+                .filter(item -> item.getName().equals(department.getName())
+                        &&(null==department.getId()
+                           || null!=department.getId() && department.getId()!=item.getId()))
                 .collect(Collectors.toList());
         if(result1.size()>0)
         {
@@ -164,8 +212,9 @@ public class DepartmentController{
         }
         Department department_base= departmentService.findByID(department.getId());
         department_base.setName(department.getName());
+        logger.info("sorder:::::::::: {}",department.getSorder() );
         if (checkDepartment(department_base)) return ResponseData.error("同级已存在重复名字！");
-        departmentService.updateByPrimaryKeySelective( department_base);
+        departmentService.updateByPrimaryKeySelective( department);
         return new ResponseData("更新成功");
     }
 
diff --git a/src/main/java/com/cetc32/dh/controller/rest/SysInfoController.java b/src/main/java/com/cetc32/dh/controller/rest/SysInfoController.java
index f4948d2893039aa47a9ea4dfe719018eb55db9ed..2ec4ed25de85dfea575942737367c0a2b0529791 100644
--- a/src/main/java/com/cetc32/dh/controller/rest/SysInfoController.java
+++ b/src/main/java/com/cetc32/dh/controller/rest/SysInfoController.java
@@ -8,13 +8,12 @@
 package com.cetc32.dh.controller.rest;
 
 import com.cetc32.dh.beans.FormSysInfo;
+import com.cetc32.dh.beans.ResultUserRole;
 import com.cetc32.dh.common.response.PageDataResult;
 import com.cetc32.dh.common.response.ResponseData;
 import com.cetc32.dh.dto.TreeData;
-import com.cetc32.dh.entity.BaseAdminUser;
-import com.cetc32.dh.entity.BaseSysInfo;
-import com.cetc32.dh.entity.SysInfo;
-import com.cetc32.dh.entity.UserVisit;
+import com.cetc32.dh.entity.*;
+import com.cetc32.dh.service.AdminRoleService;
 import com.cetc32.dh.service.SysInfoService;
 import com.cetc32.webutil.common.annotations.LoginRequired;
 import com.cetc32.webutil.common.annotations.LoginSkipped;
@@ -23,9 +22,12 @@ import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.*;
+import java.util.concurrent.Semaphore;
+import java.util.concurrent.TimeUnit;
 
 @RestController
 @RequestMapping("/rest/api/sys")
@@ -33,7 +35,14 @@ import java.util.*;
 public class SysInfoController {
     Logger logger = LoggerFactory.getLogger(SysInfoController.class);
 
+    private  static Semaphore semaphore = new Semaphore(1);
+
     SysInfoService sysInfoService;
+
+    AdminRoleService adminRoleService;
+    @Value("${adminRoleId:0}")
+    private Integer roleId;
+
     @LoginSkipped
     @PostMapping("/sync")
     public ResponseData updateSysinfo(FormSysInfo formSysInfo){
@@ -50,14 +59,30 @@ public class SysInfoController {
         List<SysInfo> list =new ArrayList<>();
         list.add(sysInfo);
         sysInfoService.insertOrUpdate(list);
-        /*String[] ps = formSysInfo.getPermission().split("S");
-        List<SysInfo> list =new ArrayList<>();
-        for(String p: ps){
-            if(StringUtils.isBlank(p))
-                continue;
-            list.add(new SysInfo("S"+p,formSysInfo.getSysname(),formSysInfo.getSysurl()));
-        }*/
-        //sysInfoService.insertOrUpdate(list);
+        // update super admin permission if needed
+        try{
+            logger.debug("start to tryAcquire semaphore");
+            if(semaphore.tryAcquire(1,30, TimeUnit.SECONDS)){
+                logger.debug("get semaphore successfully");
+                BaseAdminRole role =adminRoleService.selectById(roleId);
+                if(role.getSystemMenu().indexOf(sysInfo.getSysCode())<0){
+                    logger.debug("user has not permission");
+                    role.setSystemMenu(role.getSystemMenu()
+                            + sysInfo.getpCode().replaceAll("^S[0-9]{3}",
+                            ","+sysInfo.getSysCode())
+                    );
+                    adminRoleService.updateRole(role);
+                }
+                //semaphore.release(1);
+            }else{
+                logger.error("Failed to get semaphore",sysInfo.getpCode());
+            }
+        }catch ( Exception e){
+            e.printStackTrace();
+            logger.error("Failed to add permision tu super admin role of permission {}",sysInfo.getpCode());
+        }finally {
+            semaphore.release(1);
+        }
         logger.debug(formSysInfo.getSysurl());
         logger.debug(formSysInfo.getSysname());
         logger.debug(formSysInfo.getPermission());
@@ -123,7 +148,7 @@ public class SysInfoController {
     /***
      * 应用访问统计次数接口
      * 传入参数为系统code形如S001 ，S002 ，S003等
-     * @param sysCode 系统编码
+     * @param map 系统编码
      * ***/
     @PostMapping("/access")
     public ResponseData statisticUserAccess(@RequestBody Map<String,Object> map){ //
@@ -227,4 +252,9 @@ public class SysInfoController {
     public void setSysInfoService(SysInfoService sysInfoService) {
         this.sysInfoService = sysInfoService;
     }
+
+    @Autowired
+    public void setAdminRoleService(AdminRoleService adminRoleService) {
+        this.adminRoleService = adminRoleService;
+    }
 }
diff --git a/src/main/java/com/cetc32/dh/controller/views/IndexController.java b/src/main/java/com/cetc32/dh/controller/views/IndexController.java
index 716532e35c7babb7e4b4b697175a93ca475186ef..b266af5b253591863cc361f6d40d0c57f92eb15a 100644
--- a/src/main/java/com/cetc32/dh/controller/views/IndexController.java
+++ b/src/main/java/com/cetc32/dh/controller/views/IndexController.java
@@ -1,10 +1,17 @@
 package com.cetc32.dh.controller.views;
 
+import com.alibaba.fastjson.JSONObject;
+import com.cetc32.dh.dto.AreaCommonDTO;
+import com.cetc32.dh.dto.CommonTreeDTO;
 import com.cetc32.dh.entity.BaseAdminUser;
 import com.cetc32.dh.service.AdminUserService;
+import com.cetc32.dh.service.AreaCommonService;
+import com.cetc32.webutil.common.annotations.LoginRequired;
 import com.cetc32.webutil.common.annotations.LoginSkipped;
 import com.cetc32.webutil.common.util.CookieUtil;
 import com.cetc32.webutil.common.util.JWTUtil;
+import com.cetc32.webutil.common.util.SecurityUserUtil;
+import com.fasterxml.jackson.databind.ser.Serializers;
 import org.apache.commons.lang3.StringUtils;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
@@ -20,6 +27,9 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.util.ArrayList;
+import java.util.List;
+
 /**
  * SSO认证中心登陆页面，注册页面视图控制器材
  * @author  root
@@ -30,12 +40,18 @@ import javax.servlet.http.HttpServletResponse;
 public class IndexController {
     @Autowired
     AdminUserService adminUserService;
+    @Autowired
+    private AreaCommonService areaCommonService;
+    @Value("${chinaCode:100000}")
+    String chinaCode;
     @Value("${eip}")
     String eip = "http://www.baidu.com/";
+    @Value("${title}")
+    String title;
     private Logger logger = LoggerFactory.getLogger(this.getClass());
 
     @RequestMapping({"/index","/"})
-    public String index(String ReturnUrl, ModelMap map, HttpServletRequest req, @Nullable Integer cate ){
+    public String index(String ReturnUrl, ModelMap map, HttpServletRequest req, @Nullable Integer cate ,HttpServletResponse rep){
         if(ReturnUrl==null)
             ReturnUrl=eip;
         if(null == cate){
@@ -43,10 +59,19 @@ public class IndexController {
         }
         String token=CookieUtil.getCookieValue(req,"token",true);
         ReturnUrl=getSimpleUrl(ReturnUrl);
-        if(cate!=0 && StringUtils.isNotBlank(token) && (System.currentTimeMillis()/1000L)<JWTUtil.getExpire(token)){
+        /*if(cate==0){
+            map.put("cate",0);
+            return logout(ReturnUrl,req.getParameter("type"),map,req,rep);
+        }else*/
+        if(cate!=0 &&
+                StringUtils.isNotBlank(token) &&
+                (System.currentTimeMillis()/1000L)<JWTUtil.getExpire(token)){
             ReturnUrl +="?token="+token;
             return "redirect:"+ReturnUrl;
         }
+        CookieUtil.deleteCookie(req,rep,"token");
+        req.getSession().invalidate();
+        map.put("title", title);
         map.put("ReturnUrl", ReturnUrl);
         map.put("originUrl", req.getRequestURL());
         map.put("eip",eip);
@@ -60,24 +85,23 @@ public class IndexController {
     public String logout(String ReturnUrl,String type, ModelMap map, HttpServletRequest req, HttpServletResponse rep){
         if(ReturnUrl==null)
             ReturnUrl=eip;
+        req.getSession().invalidate();
         String token =CookieUtil.getCookieValue(req,"token",true);
         if(StringUtils.isNotBlank(token)){
-            String username = JWTUtil.getUsername(token);
-            if(null != username){
-               BaseAdminUser bAu = adminUserService.findByUserName(username);
-               if(bAu != null){
-                   BaseAdminUser bu = new BaseAdminUser();
-                   bu.setId(bAu.getId());
-                   bu.setAppLoginStatus(0);
-                   bu.setWebLoginStatus(0);
-                   adminUserService.updateLogin(bu);
-               }
+            String userId = JWTUtil.getUsername(token);
+            if(null != userId){
+               BaseAdminUser user=new BaseAdminUser();
+               user.setId(Integer.valueOf(userId));
+               user.setAppLoginStatus(0);
+               user.setWebLoginStatus(0);
+               adminUserService.updateLogin(user);
             }
         }
         rep.addCookie(new Cookie("token",null));
         //CookieUtil.setCookie(req,rep,"token",null,0,false);
         map.put("ReturnUrl", ReturnUrl);
         map.put("originUrl", req.getRequestURL());
+        map.put("title", title);
         //System.out.println(ReturnUrl);
         ReturnUrl = getSimpleUrl(ReturnUrl);
         String url =null;
@@ -92,7 +116,7 @@ public class IndexController {
 
     @NotNull
     private String getSimpleUrl(String ReturnUrl) {
-        int start=ReturnUrl.indexOf("?token"),end=ReturnUrl.indexOf("#");
+        int start=ReturnUrl.indexOf("?"),end=ReturnUrl.indexOf("#");
         if(start >0 && end>0 && start<end)
             ReturnUrl = ReturnUrl.replaceAll(ReturnUrl.substring(start,end),"");
         else if(start>0)
@@ -105,6 +129,7 @@ public class IndexController {
         if(ReturnUrl==null)
             ReturnUrl=eip;
         map.put("ReturnUrl", ReturnUrl);
+        map.put("title", title);
         map.put("originUrl", req.getRequestURL());
         return "register";
     }
@@ -112,10 +137,80 @@ public class IndexController {
     public String changepwd(String ReturnUrl, ModelMap map, HttpServletRequest req){
         if(ReturnUrl==null)
             ReturnUrl=eip;
-        System.out.println(ReturnUrl);
+        //System.out.println(ReturnUrl);
         map.put("ReturnUrl", ReturnUrl);
+        map.put("title", title);
         map.put("originUrl", req.getRequestURL());
         return "changepwd";
     }
+    @GetMapping({"/wizard"})
+    public String wizard(String token, ModelMap map, HttpServletRequest req,HttpServletResponse response){
+        if(!JWTUtil.verify(token) || JWTUtil.getExpire(token)< (System.currentTimeMillis()/1000)){
+            logger.info("Token Verify Failed: {}", token);
+            return "redirect:"+eip;
+        }
+        BaseAdminUser user =new BaseAdminUser();
+        logger.debug("Token Verify Success userId: {} ----token: {}",JWTUtil.getUsername(token), token);
+        user.setId(Integer.valueOf(JWTUtil.getUsername(token)));
+        BaseAdminUser bau = adminUserService.findByUser(user);
+        if(bau.getUserStatus()==1001){
+            List<CommonTreeDTO> list =areaCommonService.getAreaTreeList(chinaCode);
+            List<String> code = new ArrayList<>();
+            for(CommonTreeDTO<String,String> c:list){
+                code.addAll(searchValueByKey(c));
+            }
+            BaseAdminUser baseAdminUser =new BaseAdminUser();
+            baseAdminUser.setAreacode(code);
+            baseAdminUser.setSecurity(2);
+            baseAdminUser.setUserStatus(1002);
+            baseAdminUser.setId(user.getId());
+            adminUserService.updateUserInfo(baseAdminUser);
+            logger.debug("{} code: {}",code.size() ,code);
+        }
+        logger.debug("status  1002 wizard token: {}",token);
+        return "redirect:"+eip+"?token="+token;
+    }
+
+    private List<String> searchValueByKey(CommonTreeDTO<String,String> cdto){
+        List<String> ret = new ArrayList<>();
+        ret.add(cdto.getKey());
+        if(null != cdto.getChildren()){
+            List<CommonTreeDTO> list = cdto.getChildren();
+            for(CommonTreeDTO<String,String> c: list){
+                ret.addAll(searchValueByKey(c));
+            }
+        }
+        return ret;
+    }
+
+
+    public String wizard0(String token, ModelMap map, HttpServletRequest req,HttpServletResponse response){
+        if(!JWTUtil.verify(token) || JWTUtil.getExpire(token)< (System.currentTimeMillis()/1000)){
+            logger.debug("Token Verify Failed: {}", token);
+            /*if(StringUtils.isNotBlank(token))
+                return "redirect:"+eip+"?token="+token;
+            else*/
+            return "redirect:"+eip;
+        }
+        BaseAdminUser user =new BaseAdminUser();
+        logger.debug("Token Verify Success userId: {} ----token: {}",JWTUtil.getUsername(token), token);
+        user.setId(Integer.valueOf(JWTUtil.getUsername(token)));
+        BaseAdminUser bau = adminUserService.findByUser(user);
+        if(bau.getUserStatus()!=1001){
+            logger.debug("status  1002 wizard token: {}",token);
+            return "redirect:"+eip+"?token="+token;
+        }
+        map.put("eip", eip);
+        map.put("token",token);
+        map.put("title", title);
+        map.put("id",bau.getId());
+        map.put("username",bau.getSysUserName());
+        map.put("realName",bau.getRealName());
+        if(bau.getRoleIdList()!=null && bau.getRoleIdList().size()>0)
+            map.put("role",bau.getRoleIdList().get(0));
+        map.put("userStatus",1002);
+        map.put("originUrl", req.getRequestURL());
+        return "wizard";
+    }
 }
 
diff --git a/src/main/java/com/cetc32/dh/dto/CommonTreeDTO.java b/src/main/java/com/cetc32/dh/dto/CommonTreeDTO.java
index e359f1f6504ad84e0c1d9712063e4e11aabf282a..12f357d173fef3dffe17ed9894bc39dc36b819e9 100644
--- a/src/main/java/com/cetc32/dh/dto/CommonTreeDTO.java
+++ b/src/main/java/com/cetc32/dh/dto/CommonTreeDTO.java
@@ -5,6 +5,7 @@ import java.util.List;
 public class CommonTreeDTO<K,V> {
     private List<CommonTreeDTO> children;
     private String title;
+    private Integer sorder;
     private V value;
     private K key;
 
@@ -14,6 +15,11 @@ public class CommonTreeDTO<K,V> {
         this.key = key;
     }
 
+    public CommonTreeDTO(String title, V value, K key ,Integer sorder) {
+        this(title,value,key);
+        this.sorder = sorder;
+    }
+
     public CommonTreeDTO(List<CommonTreeDTO> children, String title, V value, K key) {
         this.children = children;
         this.title = title;
@@ -54,4 +60,12 @@ public class CommonTreeDTO<K,V> {
     public void setKey(K key) {
         this.key = key;
     }
+
+    public Integer getSorder() {
+        return sorder;
+    }
+
+    public void setSorder(Integer sorder) {
+        this.sorder = sorder;
+    }
 }
diff --git a/src/main/java/com/cetc32/dh/entity/BaseAdminUser.java b/src/main/java/com/cetc32/dh/entity/BaseAdminUser.java
index ad709f49d391806d989856ce14943d5511be316d..ce579493a2143a98f0144666d6dcab4611c3b036 100644
--- a/src/main/java/com/cetc32/dh/entity/BaseAdminUser.java
+++ b/src/main/java/com/cetc32/dh/entity/BaseAdminUser.java
@@ -75,7 +75,7 @@ public class  BaseAdminUser extends NumberS {
      * 状态（0：无效；1：有效）
      */
     @Column(name = "user_status")
-    private Integer userStatus = null;
+    private Integer userStatus ;
 
     /**
      * 区域代码
@@ -180,7 +180,7 @@ public class  BaseAdminUser extends NumberS {
 
     }
   }
-
+    @Transient
   public String sortField;
 
   public String getSortOrder() {
@@ -198,7 +198,7 @@ public class  BaseAdminUser extends NumberS {
       }
     }
   }
-
+    @Transient
   public String sortOrder;
 
 
diff --git a/src/main/java/com/cetc32/dh/entity/Department.java b/src/main/java/com/cetc32/dh/entity/Department.java
index dd56904c1e2cdf0ae27b9298601bb9afee9e23cd..840cc7958b69302daabac581778db1bce4bb6ec7 100644
--- a/src/main/java/com/cetc32/dh/entity/Department.java
+++ b/src/main/java/com/cetc32/dh/entity/Department.java
@@ -9,6 +9,8 @@ public class Department extends NumberS{
 
     private Integer organizationid;
 
+    private Integer sorder;
+
     public Integer getId() {
         return id;
     }
@@ -36,4 +38,14 @@ public class Department extends NumberS{
     public Integer getOrganizationid(){return organizationid;}
 
     public void setOrganizationid(Integer organizationid1){this.organizationid=organizationid1;}
+
+    public Integer getSorder() {
+        if(null == sorder)
+            return 10000;
+        return sorder;
+    }
+
+    public void setSorder(Integer sorder) {
+        this.sorder = sorder;
+    }
 }
diff --git a/src/main/java/com/cetc32/dh/mybatis/BaseAdminRoleMapper.java b/src/main/java/com/cetc32/dh/mybatis/BaseAdminRoleMapper.java
index 191d265fbaa2d096173c00a665f8baa63ecc3107..2013bb95147786d43bf6b04bbb1853ab7dbb24f5 100644
--- a/src/main/java/com/cetc32/dh/mybatis/BaseAdminRoleMapper.java
+++ b/src/main/java/com/cetc32/dh/mybatis/BaseAdminRoleMapper.java
@@ -25,13 +25,13 @@ import java.util.List;
 @Repository
 public interface BaseAdminRoleMapper extends MyMapper<BaseAdminRole> {
 
-    List<ResultUserRole> getAllRoles(NumberS number);
+    List<ResultUserRole> getAllRoles(BaseAdminRole number);
     List<ResultUserRole> getRoleList();
     List<BaseAdminRole> geALLRoleList();
     ResultUserRole findRoleByID(Integer id);
     int addRole(BaseAdminRole baseAdminRole);
     ResultUserRole findRoleByName(String roleName);
-    int countRoles();
+    int countRoles(BaseAdminRole baseAdminRole);
     int updateRole(BaseAdminRole baseAdminRole);
     int delRoleByID(Integer id);
     List<StatisticBean>countByRole();
diff --git a/src/main/java/com/cetc32/dh/mybatis/BaseAdminUserMapper.java b/src/main/java/com/cetc32/dh/mybatis/BaseAdminUserMapper.java
index c3120977be95a028f66b4ea42fde2fce41035933..c088a60f83c473aaaa8fc1886d689fd9133b5cec 100644
--- a/src/main/java/com/cetc32/dh/mybatis/BaseAdminUserMapper.java
+++ b/src/main/java/com/cetc32/dh/mybatis/BaseAdminUserMapper.java
@@ -40,10 +40,10 @@ public interface BaseAdminUserMapper extends MyMapper<BaseAdminUser> {
 
     int updateUser(BaseAdminUser user);
 
-    int updatePwd(@Param("userName") String userName, @Param("password") String password);
+    int updatePwd(@Param("userName") String userName, @Param("password") String password,@Param("status") Integer status);
 
 
-    BaseAdminUser findByUserName(@Param("userName") String userName);
+    List<BaseAdminUser> findByUserName(@Param("userName") String userName);
 
     BaseAdminUser findByUserNameAll(@Param("userName") String userName);
     List<ResultUserInfoDe> findUserByCondition(BaseAdminUser user);
diff --git a/src/main/java/com/cetc32/dh/service/AdminRoleService.java b/src/main/java/com/cetc32/dh/service/AdminRoleService.java
index 355f4a4001ad52a317fe291ee95546575a6c57ed..7518b61b94c37759cf4353944436f810507e32c1 100644
--- a/src/main/java/com/cetc32/dh/service/AdminRoleService.java
+++ b/src/main/java/com/cetc32/dh/service/AdminRoleService.java
@@ -22,16 +22,18 @@ import java.util.List;
  */
 public interface AdminRoleService {
 
-    List<ResultUserRole> getAllRoles(NumberS number);
+    List<ResultUserRole> getAllRoles(BaseAdminRole number);
 
     List<ResultUserRole> getRoleList();
 
     ResultUserRole findRoleByName(String roleName);
 
-    int countRoles();
+    int countRoles(BaseAdminRole baseAdminRole);
 
     ResultUserRole findRoleById(Integer id);
 
+    BaseAdminRole selectById(Integer id);
+
     int updateRole(BaseAdminRole baseAdminRole);
 
     int delRoleByID(Integer id);
diff --git a/src/main/java/com/cetc32/dh/service/AdminUserService.java b/src/main/java/com/cetc32/dh/service/AdminUserService.java
index acd07b6454a248456728c62eb02b776a459ed009..d97fb3b2b3984a540b3393cdc2251a3827c8959b 100644
--- a/src/main/java/com/cetc32/dh/service/AdminUserService.java
+++ b/src/main/java/com/cetc32/dh/service/AdminUserService.java
@@ -39,11 +39,11 @@ public interface AdminUserService {
 
     BaseAdminUser getUserById(Integer id);
 
-    BaseAdminUser findByUserName(String userName);
+    List<BaseAdminUser> findByUserName(String userName);
 
     BaseAdminUser findByUserNameAll(String userName);
 
-    int updatePwd(String userName, String password);
+    int updatePwd(String userName, String password,Integer status);
 
     int updateUserStatus(Integer id, Integer status);
 
@@ -64,4 +64,5 @@ public interface AdminUserService {
     List<String> getZQPoints(List<String> idList);
 
     List<BaseAdminUser> selectUserByDepartmentId(List<Integer>ids);
+    BaseAdminUser findByUser(BaseAdminUser user);
 }
diff --git a/src/main/java/com/cetc32/dh/service/impl/AdminRoleServiceImpl.java b/src/main/java/com/cetc32/dh/service/impl/AdminRoleServiceImpl.java
index 07ad3421cac17560f259d23bd7bfc6df646f643c..565fe7bc896649f07ed73a799972206e73e3ba6b 100644
--- a/src/main/java/com/cetc32/dh/service/impl/AdminRoleServiceImpl.java
+++ b/src/main/java/com/cetc32/dh/service/impl/AdminRoleServiceImpl.java
@@ -18,6 +18,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
+import tk.mybatis.mapper.entity.Example;
 
 import java.util.List;
 
@@ -102,7 +103,7 @@ public class AdminRoleServiceImpl implements AdminRoleService {
      * @return List<BaseAdminRole>
      */
     @Override
-    public List<ResultUserRole> getAllRoles(NumberS number) {
+    public List<ResultUserRole> getAllRoles(BaseAdminRole number) {
         return baseAdminRoleMapper.getAllRoles(number);
     }
 
@@ -111,6 +112,20 @@ public class AdminRoleServiceImpl implements AdminRoleService {
         return baseAdminRoleMapper.countByRole();
     }
 
+    /**
+     *  Example select role by id
+     *
+     * @param id role ID
+     * @return BaseAdminRole entity
+     */
+    @Override
+    public BaseAdminRole selectById(Integer id){
+        Example e = new Example(BaseAdminRole.class);
+        e.and().andEqualTo("id",id);
+        BaseAdminRole role =baseAdminRoleMapper.selectOneByExample(e);
+        return role;
+    }
+
     /**
      * 获取所有用户角色列表
      * @return List<BaseAdminRole>
@@ -127,8 +142,8 @@ public class AdminRoleServiceImpl implements AdminRoleService {
     }
 
     @Override
-    public int countRoles()
+    public int countRoles(BaseAdminRole baseAdminRole)
     {
-        return baseAdminRoleMapper.countRoles();
+        return baseAdminRoleMapper.countRoles(baseAdminRole);
     }
 }
diff --git a/src/main/java/com/cetc32/dh/service/impl/AdminUserServiceImpl.java b/src/main/java/com/cetc32/dh/service/impl/AdminUserServiceImpl.java
index e2a91c0b3e8fa6f3e415d692ca1b953acae4c706..90bac7ff8d6d0fe150186268e4ec0239d61111df 100644
--- a/src/main/java/com/cetc32/dh/service/impl/AdminUserServiceImpl.java
+++ b/src/main/java/com/cetc32/dh/service/impl/AdminUserServiceImpl.java
@@ -44,7 +44,7 @@ import java.util.stream.Collectors;
 @Service
 public class AdminUserServiceImpl implements AdminUserService {
 
-    private Logger logger = LoggerFactory.getLogger(this.getClass());
+    private Logger logger = LoggerFactory.getLogger(AdminUserServiceImpl.class);
 
     @Autowired
     private BaseAdminUserMapper baseAdminUserMapper;
@@ -68,6 +68,16 @@ public class AdminUserServiceImpl implements AdminUserService {
         return baseAdminUserMapper.insertUser(user);
     }
 
+    @Override
+    public BaseAdminUser findByUser(BaseAdminUser user){
+        if (user == null)
+            return null;
+        //List<BaseAdminUser> users= baseAdminUserMapper.selectByExample(user);
+        List<BaseAdminUser> users = baseAdminUserMapper.select(user);
+        if(null ==users || users.size()==0)
+            return null;
+        return users.get(0);
+    }
 
     @Override
     public List<ResultUserInfoDe> findUserByCondition(BaseAdminUser user)
@@ -258,8 +268,13 @@ public class AdminUserServiceImpl implements AdminUserService {
      * @return BaseAdminUser
      */
     @Override
-    public BaseAdminUser findByUserName(String userName) {
-        return baseAdminUserMapper.findByUserName(userName);
+    public List<BaseAdminUser> findByUserName(String userName) {
+        if(StringUtils.isBlank(userName))
+            return null;
+        List<BaseAdminUser> list =baseAdminUserMapper.findByUserName(userName);
+        if(null ==list || list.size()<=0)
+            return null;
+        return  list;
     }
     /**
      * 根据用户名字查找用户(不论是否删除)
@@ -278,9 +293,9 @@ public class AdminUserServiceImpl implements AdminUserService {
      * @return int
      */
     @Override
-    public int updatePwd(String userName, String password) {
+    public int updatePwd(String userName, String password,Integer status) {
         password = DigestUtils.Md5(userName,password);
-        return baseAdminUserMapper.updatePwd(userName,password);
+        return baseAdminUserMapper.updatePwd(userName,password,status);
     }
 
     public  List<BaseAdminUser> getAllUserList(){
diff --git a/src/main/java/com/cetc32/dh/service/impl/DepartmentServiceImpl.java b/src/main/java/com/cetc32/dh/service/impl/DepartmentServiceImpl.java
index 2c5fe39189f67397fa172992f1511eaa5d43256e..eb27e8cb74fd49f8c22962ef4a3b1832d643ee70 100644
--- a/src/main/java/com/cetc32/dh/service/impl/DepartmentServiceImpl.java
+++ b/src/main/java/com/cetc32/dh/service/impl/DepartmentServiceImpl.java
@@ -10,6 +10,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
 import java.util.ArrayList;
+import java.util.Comparator;
 import java.util.List;
 import java.util.stream.Collectors;
 
@@ -94,7 +95,7 @@ public class DepartmentServiceImpl implements DepartmentService {
         List<Department> all=departmentMapper.getDepartmentList();
         Department rootTree = findByID(pid);
         if(rootTree!=null){
-            CommonTreeDTO current=new CommonTreeDTO(rootTree.getName(),rootTree.getId(),rootTree.getId());
+            CommonTreeDTO current=new CommonTreeDTO(rootTree.getName(),rootTree.getId(),rootTree.getId(),rootTree.getSorder());
             findAllChild(current,all);
             commonDTOList.add(current);
             return commonDTOList.get(0).getChildren();
@@ -109,10 +110,11 @@ public class DepartmentServiceImpl implements DepartmentService {
         List<CommonTreeDTO> ls = new ArrayList<>();
         List<Department> result1 = all.stream()
                 .filter(item -> item.getOrganizationid().equals(parrent.getKey()))
+                .sorted(Comparator.comparing(Department::getSorder))
                 .collect(Collectors.toList());
         for (Department department:result1)
         {
-            CommonTreeDTO current=new CommonTreeDTO(department.getName(),department.getId(),department.getId());
+            CommonTreeDTO current=new CommonTreeDTO(department.getName(),department.getId(),department.getId(),department.getSorder());
             findAllChild(current,all);
             ls.add(current);
         }
diff --git a/src/main/resources/application-xwy.yml b/src/main/resources/application-xwy.yml
index a9c3470dde75b1e91db615fb8de2eb3032de19b3..ac12edabeb74db5e35cf7a5faf92cacdccb9c92a 100644
--- a/src/main/resources/application-xwy.yml
+++ b/src/main/resources/application-xwy.yml
@@ -2,13 +2,15 @@ server:
   port: 8081
   server:
     connectionTimeout: 18000000
-
+#spring:
+#  profiles:
+#    include: ,druid,redis,kafka,zconfig
 spring:
   application:
     name: dhManager
   datasource:
     #url: jdbc:postgresql://180.184.65.203:5432/dhmanage
-    url: jdbc:postgresql://192.168.1.60:5432/dhmanage
+    url: jdbc:postgresql://192.168.1.8:5432/huludaosso
     username: postgres
     password: 123456
     #password: Zdk@824.
@@ -58,8 +60,8 @@ upLoadPath: ${storePath}upLoad
 rootPath: /root/daohang/data
 myPath: ${rootPath}myPath
 writePath: ${rootPath}/product
-eip: http://192.168.1.209:8080/
-startCode: 000000
+eip: http://192.168.1.206:8080/
+startCode: 1
 #verifyUrl: ${sso.authcenter}/rest/auth/verify?token=
 #passportUrl: ${sso.authcenter}/?ReturnUrl=
 #defaultLoginRequiredEnable: false
@@ -68,7 +70,7 @@ sso:
   verifyUrl: ${sso.authcenter}/rest/auth/verify?token=
   passportUrl: ${sso.authcenter}/?ReturnUrl=
   defaultLoginRequiredEnable: false
-  permission: S000^接口用户@/rest/auth/**;*权限管理@/**;
+  permission: S000^接口用户@/rest/auth/**,/wizard;*权限管理@/**;
   sysurl : http://192.168.1.206:${server.port}
   sysname : 用户中心
   registerUrl : ${sso.authcenter}/rest/api/sys/sync
@@ -78,3 +80,5 @@ sso:
   #单位是毫秒
   tokeAge: 3600000
 departmentRoot: 1
+thirdRole: 2
+title: 公共信息门户系统
diff --git a/src/main/resources/application-xwybjb.yml b/src/main/resources/application-xwybjb.yml
index 95bcdb8a868f907d9b24df4e3d49cbfecd5b79fd..9879ac4b217aaa4fbee4885d942e64b4b7e1689a 100644
--- a/src/main/resources/application-xwybjb.yml
+++ b/src/main/resources/application-xwybjb.yml
@@ -8,8 +8,8 @@ spring:
     name: dhManager
   datasource:
     #url: jdbc:postgresql://180.184.65.203:5432/dhmanage
-    #url: jdbc:postgresql://192.168.1.60:5432/dhmanage
-    url: jdbc:postgresql://127.0.0.1:5432/dhmanage
+    url: jdbc:postgresql://192.168.1.60:5432/dhmanage
+    #url: jdbc:postgresql://127.0.0.1:5432/dhmanage
     username: postgres
     #password: 123456
     #password: Zdk@824.
@@ -81,3 +81,4 @@ sso:
   #单位是毫秒
   tokeAge : 3600000
 departmentRoot: 1
+thirdRole: 1
diff --git a/src/main/resources/mapper/BaseAdminRoleMapper.xml b/src/main/resources/mapper/BaseAdminRoleMapper.xml
index d5bcb87089b298fd7139ed1ee94f658d14abfc0b..0ab9a1ac1c4dc50ac722043da59fbf299f330b15 100644
--- a/src/main/resources/mapper/BaseAdminRoleMapper.xml
+++ b/src/main/resources/mapper/BaseAdminRoleMapper.xml
@@ -30,9 +30,13 @@
     </if>
   </update>
 
-  <select id="getAllRoles" resultType="com.cetc32.dh.beans.ResultUserRole">
+  <select id="getAllRoles" resultType="com.cetc32.dh.beans.ResultUserRole" parameterType="com.cetc32.dh.entity.BaseAdminRole">
     SELECT <include refid="baseColumn"/>
     FROM base_admin_role
+    <where>
+      <if test="roleName != null"> role_name like concat( '%',#{roleName} ,'%')   </if>
+      <if test="systemMenu != null"> and system_menu like concat( '%',#{systemMenu} ,'%')  </if>
+    </where>
     order by id asc
     limit #{results} OFFSET #{offset}
   </select>
@@ -56,9 +60,13 @@
     WHERE role_name=#{roleName}
   </select>
 
-  <select id="countRoles" resultType="java.lang.Integer">
+  <select id="countRoles" resultType="java.lang.Integer" parameterType="com.cetc32.dh.entity.BaseAdminRole">
     SELECT count(*)
     FROM base_admin_role
+    <where>
+      <if test="roleName != null">role_name like concat( '%',#{roleName} ,'%') </if>
+      <if test="systemMenu != null"> and system_menu like concat( '%',#{systemMenu} ,'%')  </if>
+    </where>
   </select>
 
   <delete id="delRoleByID">
diff --git a/src/main/resources/mapper/BaseAdminUserMapper.xml b/src/main/resources/mapper/BaseAdminUserMapper.xml
index 24f6b9a895fdd4af51cf0908359f5bd2f77d2969..337e836c467e0f74d8b3d3184eee10558a15d358 100644
--- a/src/main/resources/mapper/BaseAdminUserMapper.xml
+++ b/src/main/resources/mapper/BaseAdminUserMapper.xml
@@ -46,7 +46,7 @@
       <if test="security != null">
         security = #{security},
       </if>
-      <if test="userStatus == 0 or userStatus == 1 or userStatus == -1">
+      <if test="userStatus !=null ">
         user_status = #{userStatus},
       </if>
       <if test="webLoginStatus != null">
@@ -91,7 +91,10 @@
       <if test="realName != null">
         realname = #{realName},
       </if>
+      <if test="realName != null">
         permissions = #{permissions}
+      </if>
+
     </set>
     WHERE id = #{id}
   </update>
@@ -99,7 +102,7 @@
   <update id="updatePwd">
     UPDATE base_admin_user
     set sys_user_pwd = #{password}
-    where sys_user_name = #{userName}
+    where sys_user_name = #{userName} and user_status =#{status}
   </update>
 
   <update id="updateUserStatus">
@@ -156,7 +159,7 @@
         and areacode  LIKE '%' || #{areacode} || '%'
       </if>
       <if test="department != null and department != '' ">
-        and department  LIKE CONCAT('%' ,  #{department} , '%')
+        and department  = #{department}
       </if>
       <if test="security != null and security != '' ">
         and security = #{security}
@@ -384,24 +387,24 @@
   <select id="failedCount" resultType="java.lang.Integer">
     select count(0)
     from  base_admin_user
-    where loginfailed !=0
+    where loginfailed >2
   </select>
 
   <update id="updateLogin">
     UPDATE base_admin_user
     <set>
-      <if test="sysUserName != null">
+      <!--<if test="sysUserName != null">
         sys_user_name = #{sysUserName},
       </if>
       <if test="sysUserPwd != null">
         sys_user_pwd = #{sysUserPwd},
-      </if>
-      <if test="security != null">
+      </if>-->
+      <!--<if test="security != null">
         security = #{security},
-      </if>
-      <if test="userStatus == 0 or userStatus == 1 or userStatus == -1">
+      </if>-->
+      <!--<if test="userStatus != null">
         user_status = #{userStatus},
-      </if>
+      </if>-->
       <if test="webLoginStatus != null">
         web_login_status = #{webLoginStatus},
       </if>
@@ -423,10 +426,10 @@
       <if test="loginFailed != null">
         loginfailed = #{loginFailed},
       </if>
-      <if test="roleId != null">
+      <!--<if test="roleId != null">
         role_id = #{roleId},
-      </if>
-      <if test="userPhone != null">
+      </if>-->
+      <!--<if test="userPhone != null">
         user_phone = #{userPhone},
       </if>
       <if test="areacode != null">
@@ -434,7 +437,7 @@
       </if>
       <if test="department != null">
         department = #{department},
-      </if>
+      </if>-->
     </set>
     WHERE id = #{id}
   </update>
diff --git a/src/main/resources/mapper/DepartmentMapper.xml b/src/main/resources/mapper/DepartmentMapper.xml
index 8d4fac571beaabbae0f1527ed66081ac49618ff9..800cfca7e0e5de84045f147e7451d510c7003f9c 100644
--- a/src/main/resources/mapper/DepartmentMapper.xml
+++ b/src/main/resources/mapper/DepartmentMapper.xml
@@ -6,6 +6,7 @@
         <result column="name" jdbcType="VARCHAR" property="name" />
         <result column="description" jdbcType="VARCHAR" property="description" />
         <result column="organizationid" jdbcType="INTEGER" property="organizationid" />
+        <result column="sorder" jdbcType="INTEGER" property="sorder" />
     </resultMap>
 
     <sql id="Base_Column_List">
@@ -76,6 +77,9 @@
             <if test="organizationid != null">
                 organizationid,
             </if>
+            <if test="sorder != null">
+                sorder,
+            </if>
         </trim>
         <trim prefix="values (" suffix=")" suffixOverrides=",">
             <if test="name != null">
@@ -87,6 +91,9 @@
             <if test="organizationid != null">
                 #{organizationid,jdbcType=INTEGER},
             </if>
+            <if test="sorder != null">
+                #{sorder,jdbcType=INTEGER},
+            </if>
         </trim>
   </insert>
 
@@ -105,6 +112,9 @@
             <if test="organizationid != null">
                 organizationid,
             </if>
+            <if test="sorder != null">
+                sorder,
+            </if>
         </trim>
         <trim prefix="values (" suffix=")" suffixOverrides=",">
             <if test="id != null">
@@ -119,6 +129,9 @@
             <if test="organizationid != null">
                 #{organizationid,jdbcType=INTEGER},
             </if>
+            <if test="sorder != null">
+                #{sorder,jdbcType=INTEGER},
+            </if>
         </trim>
     </insert>
 
@@ -134,6 +147,9 @@
             <if test="organizationid !=null">
                 organizationid = #{organizationid,jdbcType=INTEGER},
             </if>
+            <if test="sorder !=null">
+                sorder = #{sorder,jdbcType=INTEGER},
+            </if>
         </set>
         where id = #{id,jdbcType=INTEGER}
     </update>
@@ -143,7 +159,8 @@
     update department
     set name = #{name,jdbcType=VARCHAR},
       description = #{description,jdbcType=VARCHAR},
-      organizationid = #{organizationid,jdbcType=INTEGER}
+      organizationid = #{organizationid,jdbcType=INTEGER},
+      sorder = #{sorder,jdbcType=INTEGER}
     where id = #{id,jdbcType=INTEGER}
   </update>
     <select id="countByDepartment" resultType="com.cetc32.dh.beans.StatisticBean" >
diff --git a/src/main/resources/templates/changepwd.html b/src/main/resources/templates/changepwd.html
index 30494e834802b491c0e5ed94314077b9af0374dc..27354475aa0c22a9566299dba0c51ee613ea55cd 100644
--- a/src/main/resources/templates/changepwd.html
+++ b/src/main/resources/templates/changepwd.html
@@ -52,6 +52,7 @@
 
 </div>
 <script type="text/javascript">
+    $("#title").html($("#title1").val())
     $(".btn_zhuce").click(
     function() {
         var username = $("#username").val();
diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html
index b6a94331813df875849599515631d1aa8f292f43..0dcfa99b312d367710466869cd35cfac5587afd7 100644
--- a/src/main/resources/templates/index.html
+++ b/src/main/resources/templates/index.html
@@ -10,18 +10,18 @@
 		window.onload = function () {
 			var count=0;
 			let timer=setInterval(()=>{
-				console.log("postMessage")
-				window.parent.postMessage('login','*');
+				///console.log("postMessage")
+				window.parent.postMessage('message','*');
 				//window.top.document.location.reload();
 				count++
-				if(count>=10){
+				if(count>=40){
 					clearInterval(timer)
 					console.log("count:"+count)
 				}
 
-				console.log("postMessage end")
+				//console.log("postMessage end")
 				//window.parent.document.location.reload();
-			},1000)
+			},100)
 			let timer2=setInterval(()=>{
 
 				if($("#cate").val()==0){
@@ -51,7 +51,8 @@
 		<!--顶部logo-->
 
 		<header>
-			<h1 style="color:#FFFFFF;">导航图生产与服务系统(一期)</h1><!--<a href="http://www.ecict.com.cn/"><img src="/img/logo.jpg"/></a><p></p>-->
+			<input type="hidden" th:value="${ title }" id ="title1">
+			<h1 style="color:#FFFFFF;"  id ="title"></h1><!--<a href="http://www.ecict.com.cn/"><img src="/img/logo.jpg"/></a><p></p>-->
 
 		</header>
 
@@ -124,6 +125,7 @@
 					submitLogin();
 				}
 			}
+			$("#title").html($("#title1").val())
 		});
 		function setCookie(name,value,time)
 			{
@@ -134,6 +136,10 @@
 			function submitLogin() {
 				var username = $("#username").val();
                 var password = $("#password").val();
+                if(!username && !password){
+					alert("请输入登录信息");
+					return;
+				}
 				$.ajax({
 					url:  "/rest/auth/login",
 					type: "POST",
@@ -141,6 +147,7 @@
 					contentType: "application/json;charset=UTF-8",
 					data: JSON.stringify({username:username,password:password}),
 					success: function (data) {
+						setCookie("token","",-1);
 						if(data.code == "200"){
 							var j=0 ,len=0;
 							setCookie("token",data.data.token,2*60*60*1000);
diff --git a/src/main/resources/templates/register.html b/src/main/resources/templates/register.html
index 1f6dbdd794361530eb95fde20521bad91a32469f..f3a6dd63a24bb9c2df8cc68befcd4c93efa6b24d 100644
--- a/src/main/resources/templates/register.html
+++ b/src/main/resources/templates/register.html
@@ -16,7 +16,10 @@
 
 <body class="login_bj" >
 <div class="zhuce_body">
-	<div class="logo"><h1 style="color:#FFFFFF;">导航图生产与服务系统(一期)</h1></div>
+	<div class="logo">
+        <input type="hidden" th:value="${ title }" id ="title1">
+        <h1 style="color:#FFFFFF;"  id ="title"></h1><!--<a href="http://www.ecict.com.cn/"><img src="/img/logo.jpg"/></a><p></p>-->
+    </div>
     <div class="zhuce_kong">
     	<div class="zc">
         	<div class="bj_bai">
@@ -96,6 +99,7 @@
 <div class="copyrights" id="links20210126">
 </div>
 <script type="text/javascript">
+    $("#title").html($("#title1").val())
     function returnLogin(){
         window.location.href='/?ReturnUrl='+$("#returnUrl");
     }
diff --git a/src/main/resources/templates/wizard.html b/src/main/resources/templates/wizard.html
new file mode 100644
index 0000000000000000000000000000000000000000..21601322fe157718daa5bb1eb364ace8de264361
--- /dev/null
+++ b/src/main/resources/templates/wizard.html
@@ -0,0 +1,198 @@
+<!doctype html>
+<html lang="en" xmlns:th="http://www.thymeleaf.org">
+<head  >
+	<meta charset="UTF-8">
+	<title>身份授权页面 - </title>
+    <meta http-equiv="X-UA-Compatible" content="IE=edge, chrome=1">
+    <link type="text/css" rel="stylesheet" href="/css/dmaku.css">
+    <link href="/css/bootstrap.min.css" type="text/css" rel="stylesheet">
+    <link href="/css/zTreeStyle.css" type="text/css" rel="stylesheet">
+    <script type="text/javascript" src="/js/jquery-3.1.1.min.js"></script>
+    <script type="text/javascript" src="/js/bootstrap-3.3.5.min.js"></script>
+    <script type="text/javascript" src="/js/jquery.ztree.all-3.5.min.js"></script>
+    <script type="text/javascript" src="/js/jquery.ztree.exhide.js"></script>
+    <script type="text/javascript" src="/js/validator.js"></script>
+</head>
+<script type="text/css">
+    /*.bj_bai select option{
+      line-height: 20px;
+        padding-top: 5px;
+        padding-bottom: 5px;
+    }*/
+    /*.zhuce_body .zhuce_kong .zc .bj_bai {
+       !* float: left;
+        width: 514px;*!
+        height: 418px !important;
+     !*   padding-left: 40px;
+        background: #ffffff;
+        border-radius: 8px;*!
+    }*/
+
+</script>
+<body class="login_bj" >
+<div class="zhuce_body">
+	<div class="logo">
+        <input type="hidden" th:value="${ title }" id ="title1">
+        <h1 style="color:#FFFFFF;"  id ="title"></h1><!--<a href="http://www.ecict.com.cn/"><img src="/img/logo.jpg"/></a><p></p>-->
+    </div>
+    <div class="zhuce_kong">
+    	<div class="zc">
+        	<div class="bj_bai" id="bag_bag" style="height: 428px !important;">
+            <div class="">
+                <h2 style=" float: left; width: 48%;  text-align: left;  font-weight: 400;font-size: 18px; color: dodgerblue; font-weight: 700;line-height:60px">身份授权</h2>
+            </div>
+
+       	  	  <form id="formUser">
+                  <input name="username" id="username" type="text" th:value="${ username}" class="kuang_txt phone" placeholder="用户名" readonly="readonly" style="background-color: #c1c1c1;color:#FFFFFF;">
+                  <input name="realName" id="realname" type="text" th:value="${ realName}" class="kuang_txt phone" placeholder="真实姓名">
+                  <select id="areacode" name="areacode" style="display: none" multiple="multiple">
+                  </select>
+                  <div class="form-group form-group-sm" style="position: relative;width: 436px;margin-bottom: 8px;">
+                      <!-- 点击显示按钮 -->
+                      <button id="relationBtn" type="button" class="form-control btn dropdown-toggle btn-default" data-toggle="dropdown"
+                              data-id="role" title="请选择区域" style="border-radius:0px;height:32px;position: relative;text-align: left;background:url(/img/zc_lock.jpg) no-repeat 10px 10px;padding-left: 32px">
+                          <span class="filter-option pull-left pull-left1" style="width: 80%;overflow: hidden;">请选择区域权限</span>&nbsp;
+                          <span class="caret" style="position: absolute;top: 12px;right: 10px;padding-left: 0px"></span>
+                      </button>
+                      <!-- 列表panel -->
+                      <div id="relationPanel" class="tree-panel" style="z-index: 9999;display: none;width: 100%;position: absolute;left: 0px;border: 1px solid #efebeb;border-radius: 0px;background-color: #ffffff;padding: 10px 5px;">
+                          <!-- ztree列表 -->
+                          <ul id="relationTree" class="ztree" style="height:120px;overflow-y:auto;"></ul>
+                      </div>
+                  </div>
+                  <select id="department" name="department" style="display: none" >
+                  </select>
+                  <div class="form-group form-group-sm" style="position: relative;width: 436px;margin-bottom: 8px;">
+                      <!-- 点击显示按钮 -->
+                      <button id="relationBtnDepart" type="button" class="form-control btn dropdown-toggle btn-default" data-toggle="dropdown"
+                              data-id="role" title="请选择所属组织机构"
+                              style="border-radius:0px;height:32px;position: relative;text-align: left;background:url(/img/zc_lock.jpg) no-repeat 10px 10px;padding-left: 32px">
+                          <span class="filter-option pull-left pull-left1" style="width: 80%;overflow: hidden;">请选择所属组织机构</span>&nbsp;
+                          <span class="caret" style="position: absolute;top: 12px;right: 10px;padding-left: 0px"></span>
+                      </button>
+                      <!-- 列表panel -->
+                      <div id="relationPanelDepart" class="tree-panel" style="z-index: 9999;display: none; width: 100%;position: absolute;left: 0px;border: 1px solid #efebeb;border-radius: 0px;background-color: #ffffff;padding: 10px 5px;">
+                          <!-- ztree列表 -->
+                          <ul id="relationTreeDepart" class="ztree" style="height:120px;overflow-y:auto;"></ul>
+                      </div>
+                  </div>
+                  <select id="role" name="role" class="form-group form-group-sm kuang_txt yanzm" style="position: relative;width: 436px;" placeholder="juese">
+                      <option value="">请选择角色</option>
+                      <option value="1">1</option>
+                      <option value="2">2</option>
+                  </select>
+                  <select name="security" id="security" type="text" class="kuang_txt email" style="width: 436px;" placeholder="安全等级">
+                      <option value="" >请选择安全等级</option>
+                      <option value="1" >专用</option>
+                      <option value="2" >普通</option>
+                  </select>
+
+
+                  <!--<input name="" type="text" class="kuang_txt email" placeholder="安全等级">-->
+                  <!--<input name="" type="text" class="kuang_txt yanzm" placeholder="区域权限"><br/>-->
+                 <!-- <input name="password" id = "password" type="password" class="kuang_txt possword" placeholder="密码">
+                  <input name="passwordC"id = "passwordC" type="password" class="kuang_txt possword" placeholder="密码确认">-->
+                <div width="100%" height="31" class="bottom_btn">
+                    <input name="确认" type="button" class="btn_zhuce" value="确认" onclick="saveInfo()"
+                           style="float: none;  width:100%">
+                </div>
+                  <input type="hidden" name ="userStatus" th:value="${userStatus}">
+                  <input type="hidden" th:value="${id}"  name ="id">
+                  <input type="hidden" th:value="${token}"  id ="token">
+                  <input type="hidden" th:value="${eip}" id="eip">
+                  <input type="hidden" th:value="${role}" id="roleID">
+                  <input type="hidden" th:value="${ReturnUrl}" id="returnUrl">
+
+                <!--<div><a th:href="'/?ReturnUrl='+${ReturnUrl}">返回登陆</a>
+                </div>-->
+
+                </form>
+            </div>
+        	<!--<div class="bj_right">
+            	<p>使用以下账号直接登录</p>
+                <a href="#" class="zhuce_qq">QQ注册</a>
+                <a href="#" class="zhuce_wb">微博注册</a>
+                <a href="#" class="zhuce_wx">微信注册</a>
+                <p>已有账号？<a href="login.html">立即登录</a></p>
+
+            </div>-->
+        </div>
+    </div>
+
+</div>
+
+<style>
+.copyrights{text-indent:-9999px;height:0;line-height:0;font-size:0;overflow:hidden;}
+</style>
+<div class="copyrights" id="links20210126">
+</div>
+<script type="text/javascript">
+    $("#title").html($("#title1").val())
+    setCookie("token",$("#token").val(),2*60*60*1000);
+    function returnLogin(){
+        window.location.href='/?ReturnUrl='+$("#returnUrl");
+    }
+
+    function serializeToObject(jsonArray){
+        var o = {};
+        $.each(jsonArray, function() {
+            if (o[this.name] !== undefined) {
+                if (!o[this.name].push) {
+                    o[this.name] = [o[this.name]];
+                }
+                o[this.name].push(this.value || '');
+            } else {
+                o[this.name] = this.value || '';
+            }
+        });
+        return o;
+    }
+    function setCookie(name,value,time)
+    {
+        var exp = new Date();
+        exp.setTime(exp.getTime() + time);
+        document.cookie = name + "="+ escape (value) + ";expires=" + exp.toGMTString();
+    }
+    function saveInfo(){
+        console.log(serializeToObject($("#formUser").serializeArray() ))
+        //console.log(serializeToObject($("#formUser").serialize() ))
+        console.log($("#formUser").serializeArray() );
+        console.log(JSON.stringify($("#formUser").serializeArray() ));
+        $.ajax({
+            url:  "/rest/auth/user",
+            type: "put",
+            dataType: "json",
+            data:JSON.stringify(serializeToObject($("#formUser").serializeArray() )    )       ,
+            contentType: "application/json;charset=UTF-8",
+            success: function (data) {
+                if(data.code =='200'){
+                    window.location.href = $("#eip").val()+"?token="+$("#token").val();
+                }
+            },
+            error: function () {
+
+            }
+        });
+    }
+    $.ajax({
+        url:  "/rest/role/list",
+        type: "get",
+        dataType: "json",
+        contentType: "application/json;charset=UTF-8",
+        success: function (data) {
+            var role =data.list
+            $("#role").empty();
+            $("#role").append($("<option value=\"\" >请选择角色</option>"))
+            for (var i in role){
+                $("#role").append($("<option value=\""+role[i].id+"\" >"+role[i].roleName+"</option>"))
+            }
+            $("#role").val($("#roleID").val())
+        },
+        error: function () {
+
+        }
+    });
+</script>
+<script type="text/javascript" src="/js/selectTree/selectTree.js"></script>
+</body>
+</html>