diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/config/OAuth2ClientConfig.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/config/OAuth2ClientConfig.java
index dfb51cec..e3e3d9d2 100755
--- a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/config/OAuth2ClientConfig.java
+++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/config/OAuth2ClientConfig.java
@@ -2,7 +2,10 @@ package ink.wgink.login.oauth2.client.config;
 
 
 import ink.wgink.login.oauth2.client.converter.OAuth2ClientUserAccessTokenConverter;
+import ink.wgink.properties.BaseProperties;
 import ink.wgink.properties.oauth2.client.OAuth2ClientProperties;
+import org.apache.commons.lang3.ArrayUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
 import org.springframework.context.annotation.Bean;
@@ -26,22 +29,42 @@ import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
 @EnableOAuth2Sso
 public class OAuth2ClientConfig extends WebSecurityConfigurerAdapter {
 
+    @Autowired
+    private BaseProperties baseProperties;
     @Autowired
     private OAuth2ClientProperties oAuth2ClientProperties;
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
+        /**
+         * 默认放行配置
+         */
+        String[] defaultAntMatchers = {
+                "/app/**",
+                "/approute/**",
+                "/wechat/**",
+                "/wechat-miniapp/**",
+                "/route/file/**",
+        };
+        String assetsMatchers = baseProperties.getAssetsMatchers();
+        String[] fullAntMatchers;
+        if (!StringUtils.isBlank(assetsMatchers)) {
+            String[] assetsMatchersArray = baseProperties.getAssetsMatchers().split(",");
+            fullAntMatchers = ArrayUtils.addAll(defaultAntMatchers, assetsMatchersArray);
+        } else {
+            fullAntMatchers = defaultAntMatchers;
+        }
         http
                 .formLogin()
                 .defaultSuccessUrl("/authorize", true)
                 .and()
                 .logout().logoutSuccessUrl(oAuth2ClientProperties.getOauthLogout())
                 .and()
-                .authorizeRequests().antMatchers("/app/**","/resource/**", "/route/file/**").permitAll()
+                .authorizeRequests().antMatchers(fullAntMatchers).permitAll()
                 .and()
                 .authorizeRequests()
                 .anyRequest()
-                .access("@clientRbacService.hasPermission(request, authentication)")
+                .access("@rbacService.hasPermission(request, authentication)")
                 .and()
                 .headers().frameOptions().sameOrigin()
                 .and()
diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/apis/department/DepartmentController.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/apis/department/DepartmentController.java
new file mode 100644
index 00000000..c29cc1c5
--- /dev/null
+++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/apis/department/DepartmentController.java
@@ -0,0 +1,115 @@
+package ink.wgink.login.oauth2.client.controller.apis.department;
+
+import ink.wgink.common.base.DefaultBaseController;
+import ink.wgink.interfaces.consts.ISystemConstant;
+import ink.wgink.login.oauth2.client.service.department.IDepartmentService;
+import ink.wgink.pojo.ListPage;
+import ink.wgink.pojo.dtos.ZTreeDTO;
+import ink.wgink.pojo.dtos.department.DepartmentDTO;
+import ink.wgink.pojo.result.ErrorResult;
+import ink.wgink.pojo.result.SuccessResultData;
+import ink.wgink.pojo.result.SuccessResultList;
+import io.swagger.annotations.*;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * @ClassName: DepartmentController
+ * @Description: 组织部门
+ * @Author: wenc
+ * @Date: 2019/1/8 7:23 PM
+ * @Version: 1.0
+ **/
+@Api(tags = ISystemConstant.API_TAGS_SYSTEM_PREFIX + "组织部门")
+@RestController
+@RequestMapping(ISystemConstant.API_PREFIX + "/department")
+public class DepartmentController extends DefaultBaseController {
+
+    @Autowired
+    private IDepartmentService departmentService;
+
+    @ApiOperation(value = "组织部门列表", notes = "组织部门列表接口")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "departmentParentId", value = "组织部门上级ID", paramType = "path")
+    })
+    @ApiResponses({@ApiResponse(code = 400, message = "请求失败", response = ErrorResult.class)})
+    @GetMapping("list/{departmentParentId}")
+    public List<DepartmentDTO> list(@PathVariable("departmentParentId") String departmentParentId) {
+        Map<String, Object> params = new HashMap<>(0);
+        params.put("departmentParentId", departmentParentId);
+        return departmentService.listAll(params);
+    }
+
+    @ApiOperation(value = "组织部门zTree列表", notes = "组织部门zTree列表接口")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "id", value = "父ID", paramType = "query", dataType = "String")
+    })
+    @ApiResponses({@ApiResponse(code = 400, message = "请求失败", response = ErrorResult.class)})
+    @GetMapping("listztree")
+    public List<ZTreeDTO> listZTree() {
+        Map<String, Object> params = requestParams();
+        String departmentParentId = "0";
+        if (!StringUtils.isBlank(params.get("id") == null ? null : params.get("id").toString())) {
+            departmentParentId = params.get("id").toString();
+        }
+        return departmentService.listZTree(departmentParentId, params);
+    }
+
+    @ApiOperation(value = "组织部门详情", notes = "组织部门详情接口")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "departmentId", value = "部门ID", paramType = "path")
+    })
+    @ApiResponses({@ApiResponse(code = 400, message = "请求失败", response = ErrorResult.class)})
+    @GetMapping("get/{departmentId}")
+    public DepartmentDTO get(@PathVariable("departmentId") String departmentId) {
+        return departmentService.get(departmentId);
+    }
+
+    @ApiOperation(value = "组织部门分页列表", notes = "组织部门分页列表接口")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "parentId", value = "上级ID", paramType = "query", dataType = "String"),
+            @ApiImplicitParam(name = "page", value = "当前页码", paramType = "query", dataType = "int", defaultValue = "1"),
+            @ApiImplicitParam(name = "rows", value = "显示数量", paramType = "query", dataType = "int", defaultValue = "20"),
+            @ApiImplicitParam(name = "keywords", value = "关键字", paramType = "query", dataType = "String"),
+            @ApiImplicitParam(name = "startTime", value = "开始时间", paramType = "query", dataType = "String"),
+            @ApiImplicitParam(name = "endTime", value = "结束时间", paramType = "query", dataType = "String")
+    })
+    @ApiResponses({@ApiResponse(code = 400, message = "请求失败", response = ErrorResult.class)})
+    @GetMapping("listpage")
+    public SuccessResultList<List<DepartmentDTO>> listPage(ListPage page) {
+        Map<String, Object> params = requestParams();
+        String departmentParentId = "0";
+        if (!StringUtils.isBlank(params.get("parentId") == null ? null : params.get("parentId").toString())) {
+            departmentParentId = params.get("parentId").toString();
+        }
+        params.put("departmentParentId", departmentParentId);
+        page.setParams(params);
+        return departmentService.listPage(page);
+    }
+
+    @ApiOperation(value = "组织部门获得同一级部门数量（按部门名称）", notes = "组织部门获得同一级部门数量（按部门名称）接口")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "departmentParentId", value = "上级部门ID", paramType = "path"),
+            @ApiImplicitParam(name = "departmentName", value = "上级部门ID", paramType = "path"),
+            @ApiImplicitParam(name = "noDepartmentId", value = "不统计的部门ID", paramType = "query"),
+    })
+    @ApiResponses({@ApiResponse(code = 400, message = "请求失败", response = ErrorResult.class)})
+    @GetMapping("countbyparentidandname/{departmentParentId}/{departmentName}")
+    public SuccessResultData<Integer> countByParentIdAndName(@PathVariable("departmentParentId") String departmentParentId,
+                                                             @PathVariable("departmentName") String departmentName,
+                                                             @RequestParam(name = "noDepartmentId", required = false) String noDepartmentId) throws UnsupportedEncodingException {
+        Map<String, Object> params = getParams();
+        params.put("departmentParentId", departmentParentId);
+        params.put("departmentName", URLDecoder.decode(departmentName, "UTF-8"));
+        params.put("noDepartmentId", noDepartmentId);
+        return new SuccessResultData<>(departmentService.count(params));
+    }
+
+}
diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/apis/department/DepartmentUserController.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/apis/department/DepartmentUserController.java
new file mode 100644
index 00000000..2e7c278a
--- /dev/null
+++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/apis/department/DepartmentUserController.java
@@ -0,0 +1,62 @@
+package ink.wgink.login.oauth2.client.controller.apis.department;
+
+import ink.wgink.common.base.DefaultBaseController;
+import ink.wgink.interfaces.consts.ISystemConstant;
+import ink.wgink.login.oauth2.client.service.department.IDepartmentUserService;
+import ink.wgink.pojo.ListPage;
+import ink.wgink.pojo.dtos.department.DepartmentUserDTO;
+import ink.wgink.pojo.result.ErrorResult;
+import ink.wgink.pojo.result.SuccessResult;
+import ink.wgink.pojo.result.SuccessResultList;
+import io.swagger.annotations.*;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * When you feel like quitting. Think about why you started
+ * 当你想要放弃的时候，想想当初你为何开始
+ *
+ * @ClassName: DepartmentUserController
+ * @Description: 组织部门用户
+ * @Author: wanggeng
+ * @Date: 2021/1/28 4:19 下午
+ * @Version: 1.0
+ */
+@Api(tags = ISystemConstant.API_TAGS_SYSTEM_PREFIX + "组织部门用户")
+@RestController
+@RequestMapping(ISystemConstant.API_PREFIX + "/department/user")
+public class DepartmentUserController extends DefaultBaseController {
+
+    @Autowired
+    private IDepartmentUserService departmentUserService;
+
+    @ApiOperation(value = "组织部门用户列表", notes = "组织部门用户列表接口")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "departmentId", value = "部门ID", paramType = "path"),
+            @ApiImplicitParam(name = "page", value = "当前页码", paramType = "query", dataType = "int", defaultValue = "1"),
+            @ApiImplicitParam(name = "rows", value = "显示数量", paramType = "query", dataType = "int", defaultValue = "20"),
+            @ApiImplicitParam(name = "keywords", value = "关键字", paramType = "query")
+    })
+    @ApiResponses({@ApiResponse(code = 400, message = "请求失败", response = ErrorResult.class)})
+    @GetMapping("listpage/{departmentId}")
+    public SuccessResultList<List<DepartmentUserDTO>> listPage(@PathVariable("departmentId") String departmentId, ListPage page) {
+        Map<String, Object> params = requestParams();
+        page.setParams(params);
+        return departmentUserService.listPage(departmentId, page);
+    }
+
+    @ApiOperation(value = "组织部门用户ID列表", notes = "组织部门用户ID列表接口")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "departmentId", value = "部门ID", paramType = "path"),
+    })
+    @ApiResponses({@ApiResponse(code = 400, message = "请求失败", response = ErrorResult.class)})
+    @GetMapping("listuserid/{departmentId}")
+    public List<String> listUserId(@PathVariable("departmentId") String departmentId) {
+        return departmentUserService.listUserId(departmentId);
+    }
+
+}
diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/apis/user/UserController.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/apis/user/UserController.java
index 47baa3ed..1a205169 100644
--- a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/apis/user/UserController.java
+++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/apis/user/UserController.java
@@ -1,19 +1,20 @@
 package ink.wgink.login.oauth2.client.controller.apis.user;
 
+import ink.wgink.annotation.CheckRequestBodyAnnotation;
 import ink.wgink.common.base.DefaultBaseController;
 import ink.wgink.common.component.SecurityComponent;
 import ink.wgink.interfaces.consts.ISystemConstant;
 import ink.wgink.login.oauth2.client.service.user.IUserService;
 import ink.wgink.pojo.result.ErrorResult;
+import ink.wgink.pojo.result.SuccessResult;
 import ink.wgink.pojo.result.SuccessResultData;
+import ink.wgink.pojo.vos.UpdatePasswordVO;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiResponse;
 import io.swagger.annotations.ApiResponses;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
 /**
  * When you feel like quitting. Think about why you started
@@ -35,6 +36,15 @@ public class UserController extends DefaultBaseController {
     @Autowired
     private SecurityComponent securityComponent;
 
+    @ApiOperation(value = "修改密码", notes = "修改密码接口")
+    @ApiResponses({@ApiResponse(code = 400, message = "请求失败", response = ErrorResult.class)})
+    @PutMapping("update-password")
+    @CheckRequestBodyAnnotation
+    public SuccessResult updatePassword(@RequestBody UpdatePasswordVO updatePasswordVO) {
+        userService.updatePassword(updatePasswordVO);
+        return new SuccessResult();
+    }
+
     @ApiOperation(value = "获取密码状态", notes = "获取密码状态接口")
     @ApiResponses({@ApiResponse(code = 400, message = "请求失败", response = ErrorResult.class)})
     @GetMapping("get-password-status")
diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/route/department/DepartmentUserRouteController.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/route/department/DepartmentUserRouteController.java
new file mode 100644
index 00000000..a0c49e57
--- /dev/null
+++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/route/department/DepartmentUserRouteController.java
@@ -0,0 +1,30 @@
+package ink.wgink.login.oauth2.client.controller.route.department;
+
+import ink.wgink.interfaces.consts.ISystemConstant;
+import io.swagger.annotations.Api;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.servlet.ModelAndView;
+
+/**
+ * When you feel like quitting. Think about why you started
+ * 当你想要放弃的时候，想想当初你为何开始
+ *
+ * @ClassName: DepartmentUserRouteController
+ * @Description: 组织部门用户
+ * @Author: wanggeng
+ * @Date: 2021/2/13 12:03 下午
+ * @Version: 1.0
+ */
+@Api(tags = ISystemConstant.ROUTE_TAGS_PREFIX + "组织部门接口")
+@Controller
+@RequestMapping(ISystemConstant.ROUTE_PREFIX + "/department/user")
+public class DepartmentUserRouteController {
+
+    @GetMapping("select-user")
+    public ModelAndView selectUser() {
+        return new ModelAndView("department/user/select-user");
+    }
+
+}
diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/route/user/UserRouteController.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/route/user/UserRouteController.java
new file mode 100644
index 00000000..7e217eab
--- /dev/null
+++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/controller/route/user/UserRouteController.java
@@ -0,0 +1,30 @@
+package ink.wgink.login.oauth2.client.controller.route.user;
+
+import ink.wgink.interfaces.consts.ISystemConstant;
+import io.swagger.annotations.Api;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.servlet.ModelAndView;
+
+/**
+ * When you feel like quitting. Think about why you started
+ * 当你想要放弃的时候，想想当初你为何开始
+ *
+ * @ClassName: UserRouteController
+ * @Description: 用户路由
+ * @Author: wanggeng
+ * @Date: 2021/2/5 7:50 下午
+ * @Version: 1.0
+ */
+@Api(tags = ISystemConstant.API_TAGS_SYSTEM_PREFIX + "用户路由接口")
+@Controller
+@RequestMapping(ISystemConstant.ROUTE_PREFIX + "/user")
+public class UserRouteController {
+
+    @GetMapping("update-password")
+    public ModelAndView updatePassword() {
+        return new ModelAndView("user/update-password");
+    }
+
+}
diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/remote/user/IUserRemoteService.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/remote/user/IUserRemoteService.java
index d9a38e07..bea281e9 100644
--- a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/remote/user/IUserRemoteService.java
+++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/remote/user/IUserRemoteService.java
@@ -3,14 +3,14 @@ package ink.wgink.login.oauth2.client.remote.user;
 import ink.wgink.annotation.rpc.rest.RemoteService;
 import ink.wgink.annotation.rpc.rest.method.RemoteGetMethod;
 import ink.wgink.annotation.rpc.rest.method.RemotePostMethod;
-import ink.wgink.annotation.rpc.rest.params.RemotePathParams;
-import ink.wgink.annotation.rpc.rest.params.RemoteQueryParams;
-import ink.wgink.annotation.rpc.rest.params.RemoteQueryParamsMap;
-import ink.wgink.annotation.rpc.rest.params.RemoteServerParams;
+import ink.wgink.annotation.rpc.rest.method.RemotePutMethod;
+import ink.wgink.annotation.rpc.rest.params.*;
 import ink.wgink.pojo.dtos.user.UserDTO;
+import ink.wgink.pojo.result.SuccessResult;
 import ink.wgink.pojo.result.SuccessResultData;
 import ink.wgink.pojo.result.SuccessResultList;
 import ink.wgink.pojo.vos.IdsVO;
+import ink.wgink.pojo.vos.UpdatePasswordVO;
 import org.springframework.web.bind.annotation.RequestBody;
 
 import java.util.List;
@@ -62,4 +62,7 @@ public interface IUserRemoteService {
     @RemoteGetMethod("/get-password-status/{userId}")
     SuccessResultData<String> getPasswordStatus(@RemoteServerParams String userCenter, @RemotePathParams("userId") String userId, @RemoteQueryParams("access_token") String accessToken);
 
+    @RemotePutMethod("/update-password/{userId}")
+    SuccessResult updatePassword(@RemoteServerParams String userCenter, @RemotePathParams("userId") String userId, @RemoteQueryParams("access_token") String accessToken, @RemoteJsonBodyParams UpdatePasswordVO updatePasswordVO);
+
 }
diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/rbac/IOAuth2ClientRbacService.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/rbac/IOAuth2ClientRbacService.java
deleted file mode 100644
index 095ee757..00000000
--- a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/rbac/IOAuth2ClientRbacService.java
+++ /dev/null
@@ -1,28 +0,0 @@
-package ink.wgink.login.oauth2.client.service.rbac;
-
-import org.springframework.security.core.Authentication;
-
-import javax.servlet.http.HttpServletRequest;
-
-/**
- * When you feel like quitting. Think about why you started
- * 当你想要放弃的时候，想想当初你为何开始
- *
- * @ClassName: IClientRbacService
- * @Description: 客户端RBAC权限校验
- * @Author: WangGeng
- * @Date: 2019/11/11 3:27 下午
- * @Version: 1.0
- **/
-public interface IOAuth2ClientRbacService {
-
-    /**
-     * 权限校验
-     *
-     * @param request
-     * @param authentication
-     * @return
-     */
-    boolean hasPermission(HttpServletRequest request, Authentication authentication);
-
-}
diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/rbac/impl/OAuth2ClientRbacServiceImpl.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/rbac/impl/OAuth2ClientRbacServiceImpl.java
deleted file mode 100644
index 58e7cdfc..00000000
--- a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/rbac/impl/OAuth2ClientRbacServiceImpl.java
+++ /dev/null
@@ -1,34 +0,0 @@
-package ink.wgink.login.oauth2.client.service.rbac.impl;
-
-import ink.wgink.login.oauth2.client.service.rbac.IOAuth2ClientRbacService;
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.security.core.Authentication;
-import org.springframework.stereotype.Component;
-
-import javax.servlet.http.HttpServletRequest;
-import java.util.Objects;
-
-/**
- * When you feel like quitting. Think about why you started
- * 当你想要放弃的时候，想想当初你为何开始
- *
- * @ClassName: ClientRbacServiceImpl
- * @Description: 客户端RBAC权限校验
- * @Author: WangGeng
- * @Date: 2019/11/11 3:27 下午
- * @Version: 1.0
- **/
-@Component("clientRbacService")
-public class OAuth2ClientRbacServiceImpl implements IOAuth2ClientRbacService {
-
-    @Override
-    public boolean hasPermission(HttpServletRequest request, Authentication authentication) {
-        boolean hasPermission = false;
-        Object principal = authentication.getPrincipal();
-        if (Objects.isNull(principal) || StringUtils.equals("anonymousUser", principal.toString())) {
-            return false;
-        }
-        return true;
-    }
-
-}
diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/user/IUserService.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/user/IUserService.java
index dd3cfafc..8f5fc386 100644
--- a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/user/IUserService.java
+++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/user/IUserService.java
@@ -1,6 +1,7 @@
 package ink.wgink.login.oauth2.client.service.user;
 
 import ink.wgink.interfaces.user.IUserBaseService;
+import ink.wgink.pojo.vos.UpdatePasswordVO;
 
 /**
  * @ClassName: IUserService
@@ -10,4 +11,13 @@ import ink.wgink.interfaces.user.IUserBaseService;
  * @Version: 1.0
  */
 public interface IUserService extends IUserBaseService {
+
+    /**
+     * 修改密码
+     *
+     * @param updatePasswordVO
+     * @return
+     */
+    void updatePassword(UpdatePasswordVO updatePasswordVO);
+
 }
diff --git a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/user/impl/UserServiceImpl.java b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/user/impl/UserServiceImpl.java
index 043a393f..7a3711df 100644
--- a/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/user/impl/UserServiceImpl.java
+++ b/login-oauth2-client/src/main/java/ink/wgink/login/oauth2/client/service/user/impl/UserServiceImpl.java
@@ -10,6 +10,7 @@ import ink.wgink.pojo.dtos.user.UserDTO;
 import ink.wgink.pojo.result.SuccessResultData;
 import ink.wgink.pojo.result.SuccessResultList;
 import ink.wgink.pojo.vos.IdsVO;
+import ink.wgink.pojo.vos.UpdatePasswordVO;
 import ink.wgink.properties.ApiPathProperties;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@@ -126,4 +127,8 @@ public class UserServiceImpl extends DefaultBaseService implements IUserService
         return list(params);
     }
 
+    @Override
+    public void updatePassword(UpdatePasswordVO updatePasswordVO) {
+        userRemoteService.updatePassword(apiPathProperties.getUserCenter(), securityComponent.getCurrentUser().getUserId(), OAuth2ClientTokenManager.getInstance().getToken().getAccessToken(), updatePasswordVO);
+    }
 }
diff --git a/login-oauth2-client/src/main/resources/templates/default-main.html b/login-oauth2-client/src/main/resources/templates/default-main.html
index 3ca69b42..58bafa24 100644
--- a/login-oauth2-client/src/main/resources/templates/default-main.html
+++ b/login-oauth2-client/src/main/resources/templates/default-main.html
@@ -216,7 +216,7 @@
         $('#defaultIFrame').attr('src', 'default-home');
         $('#LAY-logout').on('click', function() {
             top.dialog.confirm('确认退出?', function() {
-                window.location.href = 'oauth/logout';
+                window.location.href = 'logout';
             });
         });
 
diff --git a/login-oauth2-client/src/main/resources/templates/department/user/select-user.html b/login-oauth2-client/src/main/resources/templates/department/user/select-user.html
new file mode 100644
index 00000000..fa0d0820
--- /dev/null
+++ b/login-oauth2-client/src/main/resources/templates/department/user/select-user.html
@@ -0,0 +1,344 @@
+<!doctype html>
+<html xmlns:th="http://www.thymeleaf.org">
+<head>
+    <base th:href="${#request.getContextPath() + '/'}">
+    <meta charset="utf-8">
+    <meta name="renderer" content="webkit">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=0">
+    <link rel="stylesheet" href="assets/fonts/font-awesome/css/font-awesome.css"/>
+    <link rel="stylesheet" type="text/css" href="assets/js/vendor/zTree3/css/metroStyle/metroStyle.css"/>
+    <link rel="stylesheet" href="assets/layuiadmin/layui/css/layui.css" media="all">
+    <link rel="stylesheet" href="assets/layuiadmin/style/admin.css" media="all">
+    <style>
+        .user-search {width: 188px !important; display: inline;}
+        .user-selected {border-left: 2px solid #009688 !important;}
+    </style>
+</head>
+<body>
+<div class="layui-fluid layui-anim layui-anim-fadein" style="padding: 0;">
+    <div class="layui-card">
+        <div class="layui-card-body" style="padding: 0px;">
+            <div class="layui-row">
+                <div class="layui-col-xs12">
+                    <div id="selectUsers" class="layui-btn-container selector-title-wrapper"></div>
+                </div>
+            </div>
+            <div class="layui-row">
+                <div class="layui-col-xs5">
+                    <div class="selector-tree-wrapper">
+                        <ul id="leftTree" class="ztree"></ul>
+                    </div>
+                </div>
+                <div class="layui-col-xs7">
+                    <div class="selector-body-wrapper">
+                        <div class="selector-body-search">
+                            <input type="text" id="searchUser" class="layui-input user-search" placeholder="快捷检索当前列表"/>
+                            <div class="layui-btn-group">
+                                <button type="button" class="layui-btn layui-btn-normal layui-btn-sm" lay-click-select-all-user>全选</button>
+                                <button type="button" class="layui-btn layui-btn-danger layui-btn-sm" lay-click-clear-all-user>清空</button>
+                            </div>
+                        </div>
+                        <div id="users" class="selector-body-content list-group">
+                            <div id="userWrapper"></div>
+                        </div>
+                    </div>
+                </div>
+            </div>
+            <div class="layui-form-item layui-layout-admin">
+                <div class="layui-input-block">
+                    <div class="layui-footer" style="left: 0;">
+                        <button type="button" class="layui-btn confirm">确认</button>
+                        <button type="button" class="layui-btn layui-btn-primary close">关闭</button>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+<script src="assets/layuiadmin/layui/layui.js"></script>
+<script>
+    layui.config({
+        base: 'assets/layuiadmin/'
+    }).extend({
+        index: 'lib/index'
+    }).use(['index', 'flow', 'ztree', 'common'], function() {
+        var $ = layui.$;
+        var $win = $(window);
+        var common = layui.common;
+        var flow = layui.flow;
+        var selectedUserIds = top.dialog.dialogData.selectedUserIds;
+        var selectDepartmentUserOldArray = [];
+        var selectDepartmentUserArray = [];
+        var selectedParentId = 0;
+        var searchTimeout;
+        top.dialog.dialogData.selectedDepartmentUsers = [];
+
+        function closeBox() {
+            top.dialog.closeBox();
+        }
+        function initFrame() {
+            var height = $win.height() - 160;
+            $('.selector-tree-wrapper').css({
+                height: height +'px',
+                border: '1px dotted silver'
+            });
+            $('.selector-body-wrapper').css({
+                height: (height - 10) +'px',
+                border: '1px dotted silver'
+            });
+            $('.selector-body-content').css({
+                height: ($('.selector-body-wrapper').height() - 30) +'px'
+            });
+        }
+        // 初始化树
+        function initThree() {
+            var setting = {
+                async: {
+                    enable: true,
+                    autoLoad: false,
+                    type: 'get',
+                    url: top.restAjax.path('api/department/listztree', []),
+                    autoParam:['id'],
+                    otherParam:{},
+                    dataFilter: function(treeId, parentNode, childNodes) {
+                        if (!childNodes) return null;
+                        for (var i=0, l=childNodes.length; i<l; i++) {
+                            childNodes[i].name = childNodes[i].name.replace(/\.n/g, '.');
+                        }
+                        return childNodes;
+                    }
+                },
+                callback: {
+                    onClick: function(event, treeId, treeNode) {
+                        if(treeNode.id == 0) {
+                            return;
+                        } else if(treeNode.id == 1) {
+                            parentId = 0;
+                        } else {
+                            parentId = treeNode.id;
+                        }
+                        $('#searchUser').val('');
+                        initUsers(parentId);
+                        return false;
+                    }
+                },
+                view: {
+                    fontCss: {'color': 'black'}
+                }
+            };
+            var zTree = $.fn.zTree.init($('#leftTree'), setting);
+            zTree.addNodes(null, {id: '1', pId: '-1', name: '自由用户', url: 'javascript:void(0);', isParent: 'false'});
+            zTree.addNodes(null, {id: '0', pId: '-1', name: '组织部门', url: 'javascript:void(0);', isParent: 'true'});
+            common.refreshTree('leftTree');
+        }
+        // 添加人员dom
+        function addUserDom(data) {
+            var userDom = '';
+            for(var i = 0, item; item = data[i++];) {
+                var avatarDom;
+                if(null == item.userAvatar || '' == item.userAvatar) {
+                    avatarDom = '<img class="user-avatar" src="assets/images/profile-photo.jpg"/> '
+                } else {
+                    avatarDom = '<img class="user-avatar" src="route/file/download/false/'+ item.userAvatar +'"/> ';
+                }
+                userDom += '<a id="user_'+ item.userId +'" href="javascript:void(0);" class="users list-group-item '+ (isUserSelected(item.userId) ? 'user-selected' : '') +'" lay-click-user data-userid="'+ item.userId +'" data-username="'+ item.userName +'">'+ avatarDom + item.userName +' ['+ item.userUsername +']</a>';
+            }
+            $('#userWrapper').append(userDom);
+        }
+        function addSearchUserDom(data) {
+            if(data.length < 1) {
+                return;
+            }
+            var users = $('.users');
+            for(var i = 0; i < data.length; i++) {
+                var user = data[i];
+                for(var j = 0, userItem; userItem = users[j++];) {
+                    if(user.userId === userItem.dataset.userid) {
+                        data.splice(i, 1);
+                        i--;
+                        break;
+                    }
+                }
+            }
+            var userDom = '';
+            for(var i = 0, item; item = data[i++];) {
+                var avatarDom;
+                if(null == item.userAvatar || '' == item.userAvatar) {
+                    avatarDom = '<img class="user-avatar" src="assets/images/profile-photo.jpg"/> '
+                } else {
+                    avatarDom = '<img class="user-avatar" src="route/file/download/false/'+ item.userAvatar +'"/> ';
+                }
+                userDom += '<a id="user_'+ item.userId +'" href="javascript:void(0);" class="users search-users list-group-item '+ (isUserSelected(item.userId) ? 'user-selected' : '') +'" lay-click-user data-userid="'+ item.userId +'" data-username="'+ item.userName +'">'+ avatarDom + item.userName +' ['+ item.userUsername +']</a>';
+            }
+            $('#userWrapper').append(userDom);
+        }
+        // 初始化懒加载
+        function initUserFlowLoad() {
+            flow.load({
+                elem: '#users',
+                scrollElem: '#users',
+                isAuto: false,
+                done: function(page, next) {
+                    var loadLayerIndex;
+                    top.restAjax.get(top.restAjax.path('api/department/user/listpage/{department}', [selectedParentId]), {
+                        page: page,
+                        rows: 20
+                    }, null, function(code, data) {
+                        next(addUserDom(data.rows), page < (parseInt(data.total / 20) + 1));
+                    }, function(code, data) {
+                        top.dialog.msg(data.msg);
+                    }, function() {
+                        loadLayerIndex = top.dialog.msg(top.dataMessage.loading, {icon: 16, time: 0, shade: 0.3});
+                    }, function() {
+                        top.dialog.close(loadLayerIndex);
+                    });
+                }
+            });
+        }
+        function listSearchUser(searchUser) {
+            if(!searchUser) {
+                return;
+            }
+            var loadLayerIndex;
+            top.restAjax.get(top.restAjax.path('api/department/user/listpage/{department}', [selectedParentId]), {
+                keywords: searchUser
+            }, null, function(code, data) {
+                addSearchUserDom(data);
+            }, function(code, data) {
+                top.dialog.msg(data.msg);
+            }, function() {
+                loadLayerIndex = top.dialog.msg(top.dataMessage.loading, {icon: 16, time: 0, shade: 0.3});
+            }, function() {
+                top.dialog.close(loadLayerIndex);
+            });
+        }
+        // 初始化人员列表
+        function initUsers(parentId) {
+            selectedParentId = parentId;
+            $('#userWrapper').empty();
+            $('.layui-flow-more').remove();
+            initUserFlowLoad();
+        }
+        // 初始化选择的人员
+        function initSelectedUsers(callback) {
+            if(!selectedUserIds) {
+                callback();
+                return;
+            }
+            var loadLayerIndex;
+            top.restAjax.post(top.restAjax.path('api/user/listbyids', []), {
+                ids: selectedUserIds.split('\_')
+            }, null, function(code, data) {
+                for(var i = 0, item; item = data[i++]; ) {
+                    selectUser(item.userId, item.userName);
+                    selectDepartmentUserOldArray.push({
+                        userId: item.userId,
+                        userName: item.userName
+                    });
+                }
+                callback();
+            }, function(code, data) {
+                top.dialog.msg(data.msg);
+            }, function() {
+                loadLayerIndex = top.dialog.msg(top.dataMessage.loading, {icon: 16, time: 0, shade: 0.3});
+            }, function() {
+                top.dialog.close(loadLayerIndex);
+            });
+        }
+        initFrame();
+        initThree();
+        initSelectedUsers(function() {
+            initUsers(0);
+        });
+        $('#searchUser').on('keyup', function() {
+            var value = $(this).val();
+            if(value) {
+                $('.layui-flow-more').hide();
+            } else {
+                $('.layui-flow-more').show();
+            }
+            $('.users').hide().filter(":contains('" + value + "')").show();
+            $('.search-users').remove();
+            if(searchTimeout) {
+                clearTimeout(searchTimeout);
+            }
+            searchTimeout = setTimeout(function() {
+                listSearchUser(value);
+            }, 1000);
+        });
+        // 人员是否已经选择
+        function isUserSelected(userId) {
+            var isSelected = false;
+            for(var i = 0, item; item = selectDepartmentUserArray[i]; i++) {
+                if(item.userId == userId) {
+                    isSelected = true;
+                    break;
+                }
+            }
+            return isSelected;
+        }
+        // 删除已经选择的人员
+        function removeSelectedUser(userId) {
+            for(var i = 0, item; item = selectDepartmentUserArray[i]; i++) {
+                if(item.userId == userId) {
+                    selectDepartmentUserArray.splice(i, 1);
+                    var selectedUserDom = $('#selected_user_'+ userId);
+                    selectedUserDom.focus();
+                    selectedUserDom.remove();
+                    $('#user_'+ userId).removeClass('user-selected');
+                    break;
+                }
+            }
+        }
+        // 选择人员
+        function selectUser(userId, userName, isOnlySelect) {
+            if(!isUserSelected(userId)) {
+                $('#user_'+ userId).addClass('user-selected');
+                selectDepartmentUserArray.push({
+                    userId: userId,
+                    userName: userName
+                });
+                $('#selectUsers').append('<a id="selected_user_'+ userId +'" href="javascript:void(0);" class="layui-btn layui-btn-xs">'+ userName +' <i class="fa fa-close" lay-click-removeuser data-userid="'+ userId +'"></i></a>');
+                $('#selected_user_'+ userId).focus();
+            } else {
+                if(!isOnlySelect) {
+                    removeSelectedUser(userId);
+                }
+            }
+        }
+        $(document.body).on('click', '*[lay-click-user]', null, function() {
+            var data = this.dataset;
+            selectUser(data.userid, data.username);
+        });
+        $(document.body).on('click', '*[lay-click-removeuser]', null, function() {
+            var data = this.dataset;
+            removeSelectedUser(data.userid);
+        });
+        $(document.body).on('click', '*[lay-click-select-all-user]', null, function() {
+            $('#userWrapper').children().each(function() {
+                var data = this.dataset;
+                selectUser(data.userid, data.username, true);
+            });
+        });
+        $(document.body).on('click', '*[lay-click-clear-all-user]', null, function() {
+            $('#userWrapper').children().each(function() {
+                var data = this.dataset;
+                removeSelectedUser(data.userid);
+            });
+        });
+        $('.close').on('click', function() {
+            // 关闭按钮返回之前的数据
+            top.dialog.dialogData.selectedDepartmentUsers = selectDepartmentUserOldArray;
+            top.dialog.dialogData.selectedUserIds = null;
+            closeBox();
+        });
+        $('.confirm').on('click', function() {
+            top.dialog.dialogData.selectedDepartmentUsers = selectDepartmentUserArray;
+            top.dialog.dialogData.selectedUserIds = null;
+            closeBox();
+        });
+    });
+</script>
+</body>
+</html>
\ No newline at end of file
diff --git a/login-oauth2-client/src/main/resources/templates/user/update-password.html b/login-oauth2-client/src/main/resources/templates/user/update-password.html
new file mode 100644
index 00000000..9597994a
--- /dev/null
+++ b/login-oauth2-client/src/main/resources/templates/user/update-password.html
@@ -0,0 +1,101 @@
+<!doctype html>
+<html xmlns:th="http://www.thymeleaf.org">
+<head>
+    <base th:href="${#request.getContextPath() + '/'}">
+    <meta charset="utf-8">
+    <meta name="renderer" content="webkit">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=0">
+    <link rel="stylesheet" href="assets/fonts/font-awesome/css/font-awesome.css"/>
+    <link rel="stylesheet" href="assets/layuiadmin/layui/css/layui.css" media="all">
+    <link rel="stylesheet" href="assets/layuiadmin/style/admin.css" media="all">
+</head>
+<body>
+<div class="layui-fluid layui-anim layui-anim-fadein" style="padding: 0;overflow: hidden;">
+    <div class="layui-card">
+        <div class="layui-card-body" style="padding: 15px;">
+            <form class="layui-form layui-form-pane" lay-filter="dataForm">
+                <div class="layui-form-item">
+                    <label class="layui-form-label">旧密码</label>
+                    <div class="layui-input-block">
+                        <input type="password" name="oldPassword" lay-verify="required" placeholder="请输入旧密码" class="layui-input">
+                    </div>
+                </div>
+                <div class="layui-form-item">
+                    <label class="layui-form-label">新密码</label>
+                    <div class="layui-input-block">
+                        <input type="password" id="newPassword" name="newPassword" lay-verify="required" placeholder="请输入新密码" class="layui-input">
+                    </div>
+                </div>
+                <div class="layui-form-item">
+                    <label class="layui-form-label">确认密码</label>
+                    <div class="layui-input-block">
+                        <input type="password" name="confirmNewPassword" lay-verify="required|passwordSame" placeholder="请输入确认密码" class="layui-input">
+                    </div>
+                </div>
+
+                <div class="layui-form-item layui-layout-admin">
+                    <div class="layui-input-block">
+                        <div class="layui-footer" style="left: 0;">
+                            <button type="button" class="layui-btn" lay-submit lay-filter="submitForm">提交编辑</button>
+                            <button type="button" class="layui-btn layui-btn-primary close">关闭窗口</button>
+                        </div>
+                    </div>
+                </div>
+            </form>
+        </div>
+    </div>
+</div>
+<script src="assets/layuiadmin/layui/layui.js"></script>
+<script>
+    layui.config({
+        base: 'assets/layuiadmin/' //静态资源所在路径
+    }).extend({
+        index: 'lib/index' //主入口模块
+    }).use(['index', 'form'], function(){
+        var $ = layui.$;
+        var form = layui.form;
+
+        function closeBox() {
+            parent.layer.close(parent.layer.getFrameIndex(window.name));
+        }
+
+        // 提交表单
+        form.on('submit(submitForm)', function(formData) {
+            top.dialog.confirm(top.dataMessage.commit, function(index) {
+                top.dialog.close(index);
+                var loadLayerIndex;
+                top.restAjax.put(top.restAjax.path('api/user/update-password', []), formData.field, null, function(code, data) {
+                    var layerIndex = top.dialog.msg('修改成功，请重新登录系统', {
+                        time: 0,
+                        btn: [top.dataMessage.button.yes],
+                        shade: 0.3,
+                        yes: function(index) {
+                            top.dialog.close(index);
+                            closeBox();
+                        }
+                    });
+                }, function(code, data) {
+                    top.dialog.msg(data.msg);
+                }, function() {
+                    loadLayerIndex = top.dialog.msg(top.dataMessage.committing, {icon: 16, time: 0, shade: 0.3});
+                }, function() {
+                    top.dialog.close(loadLayerIndex);
+                });
+            });
+            return false;
+        });
+        form.verify({
+            passwordSame: function(value, item) {
+                if($('#newPassword').val() != value) {
+                    return '确认密码不一致';
+                }
+            },
+        });
+        $('.close').on('click', function() {
+            closeBox();
+        });
+    });
+</script>
+</body>
+</html>
\ No newline at end of file
diff --git a/service-user/src/main/java/ink/wgink/service/user/controller/api/UserController.java b/service-user/src/main/java/ink/wgink/service/user/controller/api/UserController.java
index ef5bead8..fc031d76 100644
--- a/service-user/src/main/java/ink/wgink/service/user/controller/api/UserController.java
+++ b/service-user/src/main/java/ink/wgink/service/user/controller/api/UserController.java
@@ -9,6 +9,7 @@ import ink.wgink.interfaces.consts.ISystemConstant;
 import ink.wgink.interfaces.manager.ISystemConfigManager;
 import ink.wgink.pojo.result.*;
 import ink.wgink.pojo.vos.IdsVO;
+import ink.wgink.pojo.vos.UpdatePasswordVO;
 import ink.wgink.service.user.pojo.vos.*;
 import ink.wgink.pojo.ListPage;
 import ink.wgink.pojo.dtos.user.UserDTO;
diff --git a/service-user/src/main/java/ink/wgink/service/user/controller/app/api/UserAppController.java b/service-user/src/main/java/ink/wgink/service/user/controller/app/api/UserAppController.java
index da966030..56f3ed0d 100644
--- a/service-user/src/main/java/ink/wgink/service/user/controller/app/api/UserAppController.java
+++ b/service-user/src/main/java/ink/wgink/service/user/controller/app/api/UserAppController.java
@@ -10,7 +10,7 @@ import ink.wgink.pojo.result.ErrorResult;
 import ink.wgink.pojo.result.SuccessResult;
 import ink.wgink.pojo.result.SuccessResultData;
 import ink.wgink.service.user.pojo.dtos.AppUserDTO;
-import ink.wgink.service.user.pojo.vos.UpdatePasswordVO;
+import ink.wgink.pojo.vos.UpdatePasswordVO;
 import ink.wgink.service.user.pojo.vos.UpdateUserVO;
 import ink.wgink.service.user.service.IUserService;
 import ink.wgink.util.ReflectUtil;
@@ -22,7 +22,6 @@ import org.springframework.web.bind.annotation.*;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import java.io.UnsupportedEncodingException;
 
 /**
  * When you feel like quitting. Think about why you started
diff --git a/service-user/src/main/java/ink/wgink/service/user/controller/resources/UserResourceController.java b/service-user/src/main/java/ink/wgink/service/user/controller/resources/UserResourceController.java
index 69044fd7..154a8617 100644
--- a/service-user/src/main/java/ink/wgink/service/user/controller/resources/UserResourceController.java
+++ b/service-user/src/main/java/ink/wgink/service/user/controller/resources/UserResourceController.java
@@ -12,7 +12,7 @@ import ink.wgink.pojo.result.SuccessResult;
 import ink.wgink.pojo.result.SuccessResultData;
 import ink.wgink.pojo.result.SuccessResultList;
 import ink.wgink.pojo.vos.IdsVO;
-import ink.wgink.service.user.pojo.vos.UpdatePasswordVO;
+import ink.wgink.pojo.vos.UpdatePasswordVO;
 import ink.wgink.service.user.service.IUserService;
 import ink.wgink.util.ReflectUtil;
 import ink.wgink.util.RegexUtil;
@@ -43,15 +43,18 @@ public class UserResourceController extends DefaultBaseController {
     private IUserService userService;
 
     @ApiOperation(value = "修改密码", notes = "修改密码接口")
+    @ApiImplicitParams({
+            @ApiImplicitParam(name = "userId", value = "用户ID", paramType = "path"),
+    })
     @ApiResponses({@ApiResponse(code = 400, message = "请求失败", response = ErrorResult.class)})
-    @PutMapping("update-password")
+    @PutMapping("update-password/{userId}")
     @CheckRequestBodyAnnotation
-    public SuccessResult updatePassword(@RequestBody UpdatePasswordVO updatePasswordVO) throws ReflectUtil.ReflectException {
+    public SuccessResult updatePassword(@PathVariable("userId") String userId, @RequestBody UpdatePasswordVO updatePasswordVO) throws ReflectUtil.ReflectException {
         ISystemConfigManager systemConfigManager = ReflectUtil.getSingleInstance("ink.wgink.login.base.manager.ConfigManager", ISystemConfigManager.class);
         if (systemConfigManager != null) {
             checkUpdatePasswordParams(systemConfigManager.getConfig(), updatePasswordVO);
         }
-        userService.updatePassword(updatePasswordVO);
+        userService.updatePasswordByUserId(userId, updatePasswordVO);
         return new SuccessResult();
     }
 
diff --git a/service-user/src/main/java/ink/wgink/service/user/service/IUserService.java b/service-user/src/main/java/ink/wgink/service/user/service/IUserService.java
index 9da33422..1fc4305e 100644
--- a/service-user/src/main/java/ink/wgink/service/user/service/IUserService.java
+++ b/service-user/src/main/java/ink/wgink/service/user/service/IUserService.java
@@ -3,6 +3,7 @@ package ink.wgink.service.user.service;
 import ink.wgink.interfaces.user.IUserBaseService;
 import ink.wgink.interfaces.user.IUserCheckService;
 import ink.wgink.pojo.result.UploadExcelResultDTO;
+import ink.wgink.pojo.vos.UpdatePasswordVO;
 import ink.wgink.service.user.pojo.dtos.AppUserDTO;
 import ink.wgink.service.user.pojo.pos.UserPO;
 import ink.wgink.service.user.pojo.vos.*;
@@ -151,6 +152,15 @@ public interface IUserService extends IUserBaseService, IUserCheckService {
      */
     void updatePassword(String token, UpdatePasswordVO updatePasswordVO) throws ReflectUtil.ReflectException;
 
+    /**
+     * 修改面膜
+     *
+     * @param userId           用户ID
+     * @param updatePasswordVO 修改的密码
+     * @throws ReflectUtil.ReflectException
+     */
+    void updatePasswordByUserId(String userId, UpdatePasswordVO updatePasswordVO);
+
     /**
      * 更新过期时间
      *
@@ -215,4 +225,5 @@ public interface IUserService extends IUserBaseService, IUserCheckService {
      * @param response
      */
     void downLoadAvatar(String userId, HttpServletRequest request, HttpServletResponse response);
+
 }
diff --git a/service-user/src/main/java/ink/wgink/service/user/service/impl/UserServiceImpl.java b/service-user/src/main/java/ink/wgink/service/user/service/impl/UserServiceImpl.java
index 60e68c18..a9824e5c 100644
--- a/service-user/src/main/java/ink/wgink/service/user/service/impl/UserServiceImpl.java
+++ b/service-user/src/main/java/ink/wgink/service/user/service/impl/UserServiceImpl.java
@@ -21,6 +21,7 @@ import ink.wgink.pojo.dtos.user.UserDTO;
 import ink.wgink.pojo.result.SuccessResultData;
 import ink.wgink.pojo.result.SuccessResultList;
 import ink.wgink.pojo.result.UploadExcelResultDTO;
+import ink.wgink.pojo.vos.UpdatePasswordVO;
 import ink.wgink.service.user.dao.IUserDao;
 import ink.wgink.service.user.enums.UserUpdateTypeEnum;
 import ink.wgink.service.user.excel.UserExcel;
@@ -212,53 +213,37 @@ public class UserServiceImpl extends DefaultBaseService implements IUserService
 
     @Override
     public void updatePassword(UpdatePasswordVO updatePasswordVO) {
-        String oldPassword = DigestUtils.md5Hex(DigestUtils.md5Hex(DigestUtils.md5Hex(updatePasswordVO.getOldPassword())));
-        String newPassword = DigestUtils.md5Hex(DigestUtils.md5Hex(DigestUtils.md5Hex(updatePasswordVO.getNewPassword())));
-        UserPO userPO = getPO(securityComponent.getCurrentUser().getUserId());
-        if (!passwordEncoder.matches(oldPassword, userPO.getUserPassword())) {
-            throw new UpdateException("旧密码错误");
-        }
-        Map<String, Object> params = getHashMap(4);
-        params.put("userPassword", passwordEncoder.encode(newPassword));
-        params.put("gmtPasswordModified", DateUtil.getTime());
-        params.put("userId", userPO.getUserId());
-        userDao.updatePassword(params);
-
-        // 日志
-        UserAdjustmentBO userAdjustmentBO = new UserAdjustmentBO();
-        userAdjustmentBO.setUserId(securityComponent.getCurrentUser().getUserId());
-        userAdjustmentBO.setUserName(securityComponent.getCurrentUser().getUserName());
-        userAdjustmentBO.setUpdateType(UserUpdateTypeEnum.PASSWORD.getValue());
-        userAdjustmentBO.setUpdateReason("修改密码");
-        userAdjustmentBO.setCreator(securityComponent.getCurrentUser().getUserId());
-        userAdjustmentBO.setCreatorName(securityComponent.getCurrentUser().getUserName());
-        userAdjustmentBO.setGmtCreate(DateUtil.getTime());
-        userAdjustmentService.save(userAdjustmentBO);
+        updatePasswordByUserId(securityComponent.getCurrentUser().getUserId(), updatePasswordVO);
     }
 
     @Override
     public void updatePassword(String token, UpdatePasswordVO updatePasswordVO) throws ReflectUtil.ReflectException {
         AppTokenUser appTokenUser = securityComponent.getAppTokenUser(token);
+        updatePasswordByUserId(appTokenUser.getId(), updatePasswordVO);
+    }
+
+    @Override
+    public void updatePasswordByUserId(String userId, UpdatePasswordVO updatePasswordVO) {
         String oldPassword = DigestUtils.md5Hex(DigestUtils.md5Hex(DigestUtils.md5Hex(updatePasswordVO.getOldPassword())));
         String newPassword = DigestUtils.md5Hex(DigestUtils.md5Hex(DigestUtils.md5Hex(updatePasswordVO.getNewPassword())));
-        UserPO userPO = getPO(appTokenUser.getId());
+        UserPO userPO = getPO(userId);
         if (!passwordEncoder.matches(oldPassword, userPO.getUserPassword())) {
             throw new UpdateException("旧密码错误");
         }
         Map<String, Object> params = getHashMap(4);
         params.put("userPassword", passwordEncoder.encode(newPassword));
         params.put("gmtPasswordModified", DateUtil.getTime());
-        params.put("userId", userPO.getUserId());
+        params.put("userId", userId);
         userDao.updatePassword(params);
 
         // 日志
         UserAdjustmentBO userAdjustmentBO = new UserAdjustmentBO();
-        userAdjustmentBO.setUserId(appTokenUser.getId());
-        userAdjustmentBO.setUserName(appTokenUser.getName());
+        userAdjustmentBO.setUserId(userPO.getUserId());
+        userAdjustmentBO.setUserName(userPO.getUserName());
         userAdjustmentBO.setUpdateType(UserUpdateTypeEnum.PASSWORD.getValue());
         userAdjustmentBO.setUpdateReason("修改密码");
-        userAdjustmentBO.setCreator(appTokenUser.getId());
-        userAdjustmentBO.setCreatorName(appTokenUser.getName());
+        userAdjustmentBO.setCreator(userPO.getUserId());
+        userAdjustmentBO.setCreatorName(userPO.getUserName());
         userAdjustmentBO.setGmtCreate(DateUtil.getTime());
         userAdjustmentService.save(userAdjustmentBO);
     }