达到：

mes/hd/nladmin-system/src/main/java/org/nl/wms/system_manage/service/secutiry/HandLoginService.java

@@ -0,0 +1,22 @@
+package org.nl.wms.system_manage.service.secutiry;
+
+import java.util.Map;
+
+public interface HandLoginService {
+    /**
+     * 手持登陆
+     *
+     * @param jsonObject 条件
+     * @return Map<String, Object>
+     */
+    Map<String, Object> handleLogin(Map<String, String> jsonObject);
+
+    /**
+     * 手持登陆查询权限
+     *
+     * @param jsonObject 条件
+     * @return Map<String, Object>
+     */
+    Map<String, Object> queryAuthority(Map<String, String> jsonObject);
+
+}

mes/hd/nladmin-system/src/main/java/org/nl/wms/system_manage/service/secutiry/impl/HandLoginServiceImpl.java

@@ -0,0 +1,121 @@
+package org.nl.wms.system_manage.service.secutiry.impl;
+
+import cn.dev33.satoken.secure.SaSecureUtil;
+import cn.dev33.satoken.stp.SaLoginModel;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.map.MapUtil;
+import cn.hutool.core.util.StrUtil;
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONArray;
+import com.alibaba.fastjson.JSONObject;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import lombok.RequiredArgsConstructor;
+import lombok.SneakyThrows;
+import lombok.extern.slf4j.Slf4j;
+import org.nl.common.utils.SecurityUtils;
+import org.nl.modules.common.exception.BadRequestException;
+import org.nl.modules.common.utils.RedisUtils;
+import org.nl.modules.wql.WQL;
+
+import org.nl.wms.system_manage.service.role.ISysRoleService;
+import org.nl.wms.system_manage.service.secutiry.HandLoginService;
+import org.nl.wms.system_manage.service.user.ISysUserService;
+import org.nl.wms.system_manage.service.user.dao.SysUser;
+import org.nl.wms.system_manage.service.user.dto.CurrentUser;
+import org.springframework.stereotype.Service;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+@Service
+@RequiredArgsConstructor
+@Slf4j
+public class HandLoginServiceImpl implements HandLoginService {
+    private final RedisUtils redisUtils;
+    private final ISysUserService userService;
+    private final ISysRoleService roleService;
+
+
+    @SneakyThrows
+    @Override
+    public Map<String, Object> handleLogin(Map<String, String> param) {
+        JSONObject resultJson = new JSONObject();
+        MapUtil.getStr(param, "user");
+        String userName = MapUtil.getStr(param, "user");
+        String password = MapUtil.getStr(param, "password");
+        if (StrUtil.isEmpty(userName)) {
+            throw new BadRequestException("用户不能为空");
+        }
+        if (StrUtil.isEmpty("device_id")) {
+            resultJson.put("code", "0");
+            resultJson.put("desc", "设备不能为空");
+        }
+        if (StrUtil.isEmpty(password)) {
+            throw new BadRequestException("密码不能为空！");
+        }
+        SysUser userInfo = userService.getOne(new QueryWrapper<SysUser>().eq("username", userName));// 拿不到已经抛出异常
+        if(!SaSecureUtil.md5BySalt(userInfo.getPassword(), "salt").equals(SaSecureUtil.md5BySalt(password, "salt"))){
+            throw new BadRequestException("密码错误");
+        }
+
+        // 获取权限列表 - 登录查找权限
+        List<String> permissionList = roleService.getPermissionList(JSONObject.parseObject(JSON.toJSONString(userInfo)));
+        // 登录输入，登出删除
+        CurrentUser user = new CurrentUser();
+        user.setId(userInfo.getUser_id());
+        user.setUsername(userInfo.getUsername());
+        user.setPresonName(userInfo.getPerson_name());
+        user.setUser(userInfo);
+        user.setPermissions(permissionList);
+
+        // SaLoginModel 配置登录相关参数
+        StpUtil.login(userInfo.getUser_id(), new SaLoginModel()
+                .setDevice("PE")                // 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型
+                .setExtra("loginInfo", user)    // Token挂载的扩展参数 （此方法只有在集成jwt插件时才会生效）
+        );
+
+        // 返回 token 与 用户信息
+        JSONObject jsonObject = new JSONObject();
+        jsonObject.put("user", userInfo);
+        Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
+            put("token", StpUtil.getTokenValue());
+            put("user", jsonObject);
+        }};
+
+        redisUtils.set("pe-satoken", StpUtil.getTokenValue(), StpUtil.getTokenTimeout());
+        return resultJson;
+
+    }
+
+    @Override
+    public Map<String, Object> queryAuthority(Map<String, String> jsonObject) {
+        String accountId = String.valueOf(SecurityUtils.getCurrentUserId());
+        JSONObject returnjo = new JSONObject();
+        if (StrUtil.isEmpty(accountId)) {
+            returnjo.put("code", "0");
+            returnjo.put("desc", "用户id不能为空！");
+            returnjo.put("result", new JSONArray());
+        }
+        //查询一级
+        JSONObject result = WQL.getWO("QPADSTSETSERVICE").addParam("flag", "4").addParam("accountId", accountId).addParam("component", "0").process().uniqueResult(0);
+
+        //查询二级
+        JSONArray SecondResults = WQL.getWO("QPADSTSETSERVICE").addParam("flag", "4").addParam("accountId", accountId).addParam("component", "1").process().getResultJSONArray(0);
+        //查询三级
+        JSONArray roleTree = new JSONArray();
+        for (int i = 0; i < SecondResults.size(); i++) {
+            JSONObject row = SecondResults.getJSONObject(i);
+            String menu_id = row.getString("menu_id");
+            JSONArray ThirdResults = WQL.getWO("QPADSTSETSERVICE").addParam("flag", "4").addParam("accountId", accountId).addParam("component", "2").addParam("pid", menu_id).process().getResultJSONArray(0);
+            row.put("sonTree", ThirdResults);
+            roleTree.add(row);
+        }
+        result.put("sonTree", roleTree);
+
+        returnjo.put("code", "1");
+        returnjo.put("desc", "查询成功！");
+        returnjo.put("result", result);
+        return returnjo;
+    }
+}