diff --git a/admin/admin-biz/src/main/java/cn/fateverse/admin/controller/MenuController.java b/admin/admin-biz/src/main/java/cn/fateverse/admin/controller/MenuController.java
index 5ad6311..89ddf41 100644
--- a/admin/admin-biz/src/main/java/cn/fateverse/admin/controller/MenuController.java
+++ b/admin/admin-biz/src/main/java/cn/fateverse/admin/controller/MenuController.java
@@ -70,8 +70,9 @@ public class MenuController {
         return Result.ok(optionMenuVo);
     }
 
-    @ApiOperation("获取树形接口的option")
+    @ApiOperation("菜单详情")
     @GetMapping("/info/{menuId}")
+    @PreAuthorize("@ss.hasPermission('admin:menu:info')")
     public Result<MenuVo> info(@PathVariable Long menuId) {
         ObjectUtils.checkPk(menuId);
         MenuVo menu = menuService.searchByMenuId(menuId);
diff --git a/admin/admin-biz/src/main/java/cn/fateverse/admin/controller/UserController.java b/admin/admin-biz/src/main/java/cn/fateverse/admin/controller/UserController.java
index a8cb041..c4e3418 100644
--- a/admin/admin-biz/src/main/java/cn/fateverse/admin/controller/UserController.java
+++ b/admin/admin-biz/src/main/java/cn/fateverse/admin/controller/UserController.java
@@ -76,7 +76,7 @@ public class UserController {
         return Result.ok(userChooseList);
     }
 
-    @ApiOperation("获取用户列表")
+    @ApiOperation("获取用户详情")
     @GetMapping("/info/{userId}")
     @PreAuthorize("@ss.hasPermission('admin:user:info')")
     public Result<UserDetailVo> info(@PathVariable Long userId) {
@@ -200,7 +200,7 @@ public class UserController {
     }
 
 
-    @ApiOperation("建立角色用户绑定关系")
+    @ApiOperation("建立岗位用户绑定关系")
     @PutMapping("/bind/post")
     @PreAuthorize("@ss.hasPermission('admin:user:bindPost')")
     @Log(title = "建立角色用户绑定关系", businessType = BusinessType.UPDATE)
diff --git a/admin/admin-biz/src/main/java/cn/fateverse/admin/service/impl/OnlineUserServiceImpl.java b/admin/admin-biz/src/main/java/cn/fateverse/admin/service/impl/OnlineUserServiceImpl.java
index 2ecbef1..fff6f7e 100644
--- a/admin/admin-biz/src/main/java/cn/fateverse/admin/service/impl/OnlineUserServiceImpl.java
+++ b/admin/admin-biz/src/main/java/cn/fateverse/admin/service/impl/OnlineUserServiceImpl.java
@@ -1,5 +1,6 @@
 package cn.fateverse.admin.service.impl;
 
+import cn.fateverse.admin.entity.Dept;
 import cn.fateverse.common.core.entity.PageInfo;
 import cn.fateverse.common.core.result.page.TableDataInfo;
 import cn.fateverse.common.core.utils.TableSupport;
@@ -35,7 +36,7 @@ public class OnlineUserServiceImpl implements OnlineUserService {
      * todo 现阶段一次性将所有用户全部返回,后期想办法进行分页操作
      *
      * @param place
-     * @param username
+     * @param username 用户名
      * @return
      */
     @Override
@@ -76,16 +77,21 @@ public class OnlineUserServiceImpl implements OnlineUserService {
     }
 
     private OnlineUser toOnlineUser(LoginUser user) {
-        return OnlineUser.builder()
+        OnlineUser onlineUser = OnlineUser.builder()
                 .tokenId(user.getUuid())
                 .username(user.getUsername())
-                .deptName(user.getUser().getDept().getDeptName())
                 .ipAddr(user.getIpddr())
                 .loginLocation(user.getLoginLocation())
                 .browser(user.getBrowser())
                 .os(user.getOs())
                 .loginTime(new Date(user.getLoginTime()))
                 .build();
+
+        Dept dept = user.getUser().getDept();
+        if (dept != null) {
+            onlineUser.setDeptName(dept.getDeptName());
+        }
+        return onlineUser;
     }
 
 
diff --git a/admin/admin-biz/src/main/resources/mapper/MenuMapper.xml b/admin/admin-biz/src/main/resources/mapper/MenuMapper.xml
index 47cb8ff..7971be4 100644
--- a/admin/admin-biz/src/main/resources/mapper/MenuMapper.xml
+++ b/admin/admin-biz/src/main/resources/mapper/MenuMapper.xml
@@ -61,13 +61,38 @@
     </select>
 
     <select id="selectListByUserId" resultType="cn.fateverse.admin.entity.Menu">
-        <include refid="selectMenuVo"/>
+        select distinct m.menu_id,
+                m.menu_name,
+                m.parent_id,
+                m.order_num,
+                m.path,
+                m.path_params,
+                m.component,
+                m.no_redirect,
+                m.breadcrumb,
+                m.is_frame,
+                m.is_cache,
+                m.menu_type,
+                m.visible,
+                m.state,
+                m.order_num,
+                ifnull(m.perms, '') as perms,
+                m.icon,
+                m.create_by,
+                m.create_time,
+                m.update_by,
+                m.update_time,
+                m.remark
+                from sys_menu m
+        left join sys_role_menu rm on rm.menu_id = m.menu_id
+        left join sys_role r on r.role_id = rm.role_id
+        left join sys_user_role ur on ur.role_id = r.role_id
         <where>
-            <if test="userId != null">and user_id = #{userId}</if>
-            <if test="menuName != null and menuName != ''">and menu_name like concat('%',#{menuName},'%')</if>
-            <if test="state != null and state != ''">and state = #{state}</if>
-            <if test="excludeId != null ">and menu_id != #{excludeId} and parent_id != #{excludeId}</if>
-            <if test="button">and menu_type in ('D', 'M')</if>
+            <if test="userId != null">and ur.role_id = #{userId}</if>
+            <if test="menuName != null and menuName != ''">and m.menu_name like concat('%',#{menuName},'%')</if>
+            <if test="state != null and state != ''">and m.state = #{state}</if>
+            <if test="excludeId != null ">and m.menu_id != #{excludeId} and parent_id != #{excludeId}</if>
+            <if test="button">and m.menu_type in ('D', 'M')</if>
         </where>
     </select>
 
diff --git a/auth/src/main/java/cn/fateverse/auth/service/impl/LoginServiceImpl.java b/auth/src/main/java/cn/fateverse/auth/service/impl/LoginServiceImpl.java
index e89241a..f71b489 100644
--- a/auth/src/main/java/cn/fateverse/auth/service/impl/LoginServiceImpl.java
+++ b/auth/src/main/java/cn/fateverse/auth/service/impl/LoginServiceImpl.java
@@ -85,17 +85,17 @@ public class LoginServiceImpl implements LoginService {
     @Override
     public String login(LoginBody login) {
         log.info("用户:{},于:{}登录系统", login.getUsername(), DateUtil.format(new Date(), DateConstants.YYYY_MM_DD_HH_MM_SS));
-        String uuid = CacheConstants.CAPTCHA_CODE_KEY + login.getUuid();
-        String code = String.valueOf(redisTemplate.opsForValue().get(uuid));
-        if (null == code) {
-            publishEvent(login.getUsername(), "验证码已过期!", Boolean.FALSE, null);
-            throw new CustomException("验证码已过期!");
-        }
-        if (!code.equals(login.getCode())) {
-            publishEvent(login.getUsername(), "验证码错误!", Boolean.FALSE, null);
-            throw new CustomException("验证码错误!");
-        }
-        redisTemplate.delete(uuid);
+//        String uuid = CacheConstants.CAPTCHA_CODE_KEY + login.getUuid();
+//        String code = String.valueOf(redisTemplate.opsForValue().get(uuid));
+//        if (null == code) {
+//            publishEvent(login.getUsername(), "验证码已过期!", Boolean.FALSE, null);
+//            throw new CustomException("验证码已过期!");
+//        }
+//        if (!code.equals(login.getCode())) {
+//            publishEvent(login.getUsername(), "验证码错误!", Boolean.FALSE, null);
+//            throw new CustomException("验证码错误!");
+//        }
+//        redisTemplate.delete(uuid);
         //用户验证
         Authentication authentication = null;
         try {
diff --git a/common/common-security/src/main/java/cn/fateverse/common/security/service/TokenService.java b/common/common-security/src/main/java/cn/fateverse/common/security/service/TokenService.java
index b8f70e7..d837632 100644
--- a/common/common-security/src/main/java/cn/fateverse/common/security/service/TokenService.java
+++ b/common/common-security/src/main/java/cn/fateverse/common/security/service/TokenService.java
@@ -118,6 +118,7 @@ public class TokenService {
         if (!StrUtil.isEmpty(token)) {
             String userKey = getTokenKey(token);
             redisTemplate.delete(userKey);
+            redisTemplate.delete(CacheConstants.ROUTE_CACHE_KEY + token);
         }
     }