diff --git a/src/main/java/com/sztzjy/digital_credit/controller/UserController.java b/src/main/java/com/sztzjy/digital_credit/controller/UserController.java
new file mode 100644
index 0000000..39223b2
--- /dev/null
+++ b/src/main/java/com/sztzjy/digital_credit/controller/UserController.java
@@ -0,0 +1,181 @@
+package com.sztzjy.digital_credit.controller;
+
+
+
+import com.sztzjy.digital_credit.annotation.AnonymousAccess;
+import com.sztzjy.digital_credit.annotation.OperateLog;
+import com.sztzjy.digital_credit.config.exception.UnAuthorizedException;
+import com.sztzjy.digital_credit.config.security.JwtUser;
+import com.sztzjy.digital_credit.config.security.LoginResult;
+import com.sztzjy.digital_credit.config.security.TokenProvider;
+import com.sztzjy.digital_credit.entity.StuUser;
+import com.sztzjy.digital_credit.entity.StuUserExample;
+import com.sztzjy.digital_credit.entity.ZYUserInfo;
+import com.sztzjy.digital_credit.mapper.StuUserMapper;
+import com.sztzjy.digital_credit.service.StuUserService;
+import com.sztzjy.digital_credit.util.ResultDataEntity;
+import com.sztzjy.digital_credit.util.RsaUtil;
+import com.sztzjy.digital_credit.util.TzApi;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import io.swagger.annotations.ApiParam;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.util.StringUtils;
+import org.springframework.web.bind.annotation.*;
+
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+import java.security.MessageDigest;
+import java.util.ArrayList;
+import java.util.List;
+
+@Api(tags = "用户管理")
+@RequestMapping("api/user")
+@RestController
+public class UserController {
+
+
+    @Resource
+    private StuUserService stuUserService;
+    @Resource
+    private HttpServletRequest request;
+    @Autowired
+    private StuUserMapper userMapper;
+    @Resource
+    private AuthenticationManagerBuilder authenticationManagerBuilder;
+
+    @AnonymousAccess
+    @ApiOperation("用户登录")
+    @PostMapping("login")
+    @OperateLog(description = "登录授权")
+    public ResultDataEntity<LoginResult> login(@ApiParam("用户名") String username,
+                                               @ApiParam("加密后的密码") String passwordEncode,
+                                               @ApiParam("智云携带的token")@RequestParam(required = false) String TOKEN) {
+        JwtUser jwtUser;
+        String password;
+        if(org.apache.commons.lang3.StringUtils.isBlank(TOKEN)){ //子系统登录
+            try {
+                password = RsaUtil.decryptByPrivateKey(passwordEncode);
+            } catch (Exception e) {
+                return new ResultDataEntity(HttpStatus.BAD_REQUEST, "密码错误");
+            }
+            try {
+                StuUserExample example = new StuUserExample();
+                StuUserExample.Criteria criteria = example.createCriteria();
+                criteria.andStudentIdEqualTo(username);
+                List<StuUser> stuUsers = userMapper.selectByExample(example);
+                if(stuUsers.isEmpty()){
+                    throw new UnAuthorizedException("账号不存在");
+                }else {
+                    StuUser stuUser = stuUsers.get(0);
+                    LoginResult loginResult = new LoginResult();
+                    if(org.apache.commons.lang3.StringUtils.isBlank(stuUser.getPassword()) && "123qwe".equals(password)){
+                        stuUser.setPassword("123qwe");
+                        if(org.apache.commons.lang3.StringUtils.isBlank(stuUser.getClassId())){
+                            stuUser.setRoleId(3);
+                        }else {
+                            stuUser.setRoleId(4);
+                        }
+                        userMapper.updateByPrimaryKeySelective(stuUser);
+                        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
+                        Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
+                        SecurityContextHolder.getContext().setAuthentication(authentication);
+                        jwtUser = (JwtUser) authentication.getPrincipal();
+                        String token = TokenProvider.createToken(jwtUser);
+
+                        loginResult.setUserId(stuUser.getUserId());
+                        loginResult.setUsername(stuUser.getSchoolId());
+                        loginResult.setRoleId(stuUser.getRoleId());
+                        loginResult.setSchoolId(Integer.valueOf(stuUser.getSchoolId()));
+                        loginResult.setAccessToken(token);
+                        return new ResultDataEntity<>(HttpStatus.OK,loginResult);
+                    }else {
+                        if(password.equals(stuUser.getPassword())){
+                            UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
+                            Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
+                            SecurityContextHolder.getContext().setAuthentication(authentication);
+                            jwtUser = (JwtUser) authentication.getPrincipal();
+                            String token = TokenProvider.createToken(jwtUser);
+
+                            loginResult.setUserId(stuUser.getUserId());
+                            loginResult.setUsername(stuUser.getSchoolId());
+                            loginResult.setRoleId(stuUser.getRoleId());
+                            loginResult.setSchoolId(Integer.valueOf(stuUser.getSchoolId()));
+                            loginResult.setAccessToken(token);
+                            return new ResultDataEntity<>(HttpStatus.OK,loginResult);
+                        }else {
+                            throw new UnAuthorizedException("密码错误");
+                        }
+                    }
+                }
+            } catch (Exception e) {
+                throw new UnAuthorizedException("密码错误");
+            }
+        }else {  //单点登录
+            if (!StringUtils.hasText(username) && !StringUtils.hasText(passwordEncode) && !StringUtils.hasText(TOKEN)) {
+                throw new IllegalArgumentException("请提供登录凭据");
+            }
+            if (StringUtils.hasText(TOKEN)) {
+                jwtUser = TokenProvider.getJWTUserByZhiYun(TOKEN);
+                if (jwtUser == null) {
+                    throw new UnAuthorizedException("token无效");
+                }
+            } else {
+                try {
+                    password = RsaUtil.decryptByPrivateKey(passwordEncode);
+                } catch (Exception e) {
+                    throw new UnAuthorizedException("密码错误");
+                }
+
+                jwtUser = TzApi.foreignExchangeTradingLogin(username, password);
+                if (jwtUser == null) {
+                    throw new UnAuthorizedException("用户名或密码错误");
+                }
+            }
+            Authentication authentication = new UsernamePasswordAuthenticationToken(jwtUser, null, jwtUser.getAuthorities());
+            SecurityContextHolder.getContext().setAuthentication(authentication);
+            String token = TokenProvider.createToken(jwtUser);
+
+//        JwtUser user = TokenProvider.getJWTUser(request);
+//        stuUserService.insertAll(jwtUser);
+            return new ResultDataEntity<LoginResult>(HttpStatus.OK,LoginResult.create(jwtUser, token));
+        }
+
+    }
+
+
+
+    @ApiOperation("明文密码公钥加密方法（该方法仅在开发阶段开放用于测试接口）")
+    @AnonymousAccess
+    @GetMapping("encrypt")
+    public ResultDataEntity<String> encrypt(@ApiParam("明文密码") String pwd) throws Exception {
+        return new ResultDataEntity<>(HttpStatus.OK,"加密成功",RsaUtil.encryptByPublicKey(pwd));
+    }
+
+
+
+    @ApiOperation("同步学生信息")
+    @PostMapping("synchronizationStudentInfo")
+    public ResultDataEntity synchronizationStudentInfo() {
+        JwtUser user = TokenProvider.getJWTUser(request);
+        stuUserService.insertAll(user);
+        return new ResultDataEntity(HttpStatus.OK);
+    }
+
+
+    @ApiOperation("开放接口,自动同步学生信息")
+    @PostMapping("synchronizationStudentInfoByAuto")
+    @AnonymousAccess
+    public ResultDataEntity synchronizationStudentInfoByAuto(@RequestBody List<ZYUserInfo> studentList) {
+//        JwtUser user = TokenProvider.getJWTUser(request);
+        stuUserService.insertAllByAuto(studentList);
+        return new ResultDataEntity(HttpStatus.OK);
+    }
+
+
+}
diff --git a/src/main/java/com/sztzjy/digital_credit/entity/ZYUserInfo.java b/src/main/java/com/sztzjy/digital_credit/entity/ZYUserInfo.java
new file mode 100644
index 0000000..ade071c
--- /dev/null
+++ b/src/main/java/com/sztzjy/digital_credit/entity/ZYUserInfo.java
@@ -0,0 +1,130 @@
+package com.sztzjy.digital_credit.entity;
+
+public class ZYUserInfo {
+    private String username;
+    private String password;
+    private String name;
+    private Integer userId;
+    private  Integer roleId;
+    private Integer schoolId;
+    private String schoolName;
+    private Integer classId;
+    private String className;
+    private String phone   ;
+    private Long collegeId;
+    private  String collegeName;
+    private Long majorId;
+    private String majorName;
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public Integer getUserId() {
+        return userId;
+    }
+
+    public void setUserId(Integer userId) {
+        this.userId = userId;
+    }
+
+    public Integer getRoleId() {
+        return roleId;
+    }
+
+    public void setRoleId(Integer roleId) {
+        this.roleId = roleId;
+    }
+
+    public Integer getSchoolId() {
+        return schoolId;
+    }
+
+    public void setSchoolId(Integer schoolId) {
+        this.schoolId = schoolId;
+    }
+
+    public String getSchoolName() {
+        return schoolName;
+    }
+
+    public void setSchoolName(String schoolName) {
+        this.schoolName = schoolName;
+    }
+
+    public Integer getClassId() {
+        return classId;
+    }
+
+    public void setClassId(Integer classId) {
+        this.classId = classId;
+    }
+
+    public String getClassName() {
+        return className;
+    }
+
+    public void setClassName(String className) {
+        this.className = className;
+    }
+
+    public String getPhone() {
+        return phone;
+    }
+
+    public void setPhone(String phone) {
+        this.phone = phone;
+    }
+
+    public Long getCollegeId() {
+        return collegeId;
+    }
+
+    public void setCollegeId(Long collegeId) {
+        this.collegeId = collegeId;
+    }
+
+    public String getCollegeName() {
+        return collegeName;
+    }
+
+    public void setCollegeName(String collegeName) {
+        this.collegeName = collegeName;
+    }
+
+    public Long getMajorId() {
+        return majorId;
+    }
+
+    public void setMajorId(Long majorId) {
+        this.majorId = majorId;
+    }
+
+    public String getMajorName() {
+        return majorName;
+    }
+
+    public void setMajorName(String majorName) {
+        this.majorName = majorName;
+    }
+}