diff --git a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/MobileAuthorizationController.java b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/MobileAuthorizationController.java
new file mode 100644
index 0000000..e06210e
--- /dev/null
+++ b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/system/controller/secutiry/MobileAuthorizationController.java
@@ -0,0 +1,108 @@
+package org.nl.system.controller.secutiry;
+
+import cn.dev33.satoken.annotation.SaIgnore;
+import cn.dev33.satoken.secure.SaSecureUtil;
+import cn.dev33.satoken.stp.SaLoginModel;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.util.ObjectUtil;
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import lombok.extern.slf4j.Slf4j;
+import org.nl.common.domain.query.PageQuery;
+import org.nl.common.exception.BadRequestException;
+import org.nl.common.utils.RsaUtils;
+import org.nl.common.utils.dto.CurrentUser;
+import org.nl.config.RsaProperties;
+import org.nl.system.service.role.ISysRoleService;
+import org.nl.system.service.role.dao.SysRole;
+import org.nl.system.service.secutiry.dto.AuthUserDto;
+import org.nl.system.service.user.ISysUserService;
+import org.nl.system.service.user.dao.SysUser;
+import org.nl.system.service.user.dto.SysUserDetail;
+import org.nl.system.service.user.dto.UserQuery;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.ResponseEntity;
+import org.springframework.validation.annotation.Validated;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.List;
+
+/**
+ * @Author: lyd
+ * @Description: 手持登录鉴权
+ * @Date: 2023/7/31
+ */
+@Slf4j
+@RestController
+@RequestMapping("/mobile/auth")
+@Api(tags = "手持：系统授权接口")
+public class MobileAuthorizationController {
+    @Autowired
+    private ISysUserService userService;
+    @Autowired
+    private ISysRoleService roleService;
+    @ApiOperation("登录授权")
+    @PostMapping(value = "/login")
+    @SaIgnore
+    public ResponseEntity<Object> login(@Validated @RequestBody AuthUserDto authUser, HttpServletRequest request) throws Exception {
+        // 密码解密 - 前端的加密规则: encrypt（根据实际更改）
+        String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword());
+        // 校验数据库
+        // 根据用户名查询，在比对密码
+        SysUser userInfo = userService.getOne(new LambdaQueryWrapper<SysUser>()
+                .eq(SysUser::getUsername, authUser.getUsername())); // 拿到多个已经抛出异常
+        if (ObjectUtil.isEmpty(userInfo) || !userInfo.getPassword().equals(SaSecureUtil.md5BySalt(password, "salt"))) { // 这里需要密码加密
+            throw new BadRequestException("账号或密码错误！");
+        }
+
+        // 获取权限列表 - 登录查找权限
+        List<String> permissionList = roleService.getPermissionList((JSONObject) JSON.toJSON(userInfo));
+        if (!userInfo.getIs_used()) {
+            throw new BadRequestException("账号未激活");
+        }
+
+        // 登录输入，登出删除
+        CurrentUser user = new CurrentUser();
+        user.setId(userInfo.getUser_id());
+        user.setUsername(userInfo.getUsername());
+        user.setPresonName(userInfo.getPerson_name());
+        user.setUser(userInfo);
+        user.setPermissions(permissionList);
+
+        // SaLoginModel 配置登录相关参数
+        StpUtil.login(userInfo.getUser_id(), new SaLoginModel()
+                .setDevice("PE")                // 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型
+                .setExtra("loginInfo", user)    // Token挂载的扩展参数 （此方法只有在集成jwt插件时才会生效）
+        );
+        UserQuery query=new UserQuery();
+        query.setBlurry(user.getUsername());
+        PageQuery page=new PageQuery();
+        List<SysUserDetail> userDetail = userService.getUserDetail(query, page);
+        String roles="";
+        for(SysRole role:userDetail.get(0).getRoles()){
+            if(ObjectUtil.isNotEmpty(role.getRemark())){
+                roles+=role.getRemark()+',';
+            }
+        }
+        // 返回 token 与 用户信息
+        JSONObject jsonObject = new JSONObject();
+//        jsonObject.put("roles", permissionList);
+        jsonObject.put("user", userInfo);
+        String finalRoles = roles;
+        JSONObject authInfo = new JSONObject(2) {{
+            put("token", "Bearer " + StpUtil.getTokenValue());
+            put("user", jsonObject);
+            put("roles", finalRoles);
+        }};
+
+        return ResponseEntity.ok(authInfo);
+    }
+
+}
diff --git a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/wms/pda/service/impl/PdaServiceImpl.java b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/wms/pda/service/impl/PdaServiceImpl.java
index 3208bad..fad0dcb 100644
--- a/lms/nladmin-system/nlsso-server/src/main/java/org/nl/wms/pda/service/impl/PdaServiceImpl.java
+++ b/lms/nladmin-system/nlsso-server/src/main/java/org/nl/wms/pda/service/impl/PdaServiceImpl.java
@@ -3,6 +3,7 @@ package org.nl.wms.pda.service.impl;
 import cn.hutool.core.date.DateUtil;
 import cn.hutool.core.util.ObjectUtil;
 import com.alibaba.fastjson.JSONObject;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import org.nl.common.exception.BadRequestException;
 import org.nl.wms.database.material.service.IMdBaseMaterialService;
 import org.nl.wms.database.material.service.dao.MdBaseMaterial;
@@ -50,7 +51,8 @@ public class PdaServiceImpl implements PdaService {
     @Override
     public PdaResponseVo productionScheduling(ManualSortingDto manualSortingDto) {
         // 查询工单
-        PdmBdWorkorder bdWorkorder = workorderService.getById(manualSortingDto.getWorkorder_code());
+        PdmBdWorkorder bdWorkorder = workorderService.getOne(new LambdaQueryWrapper<PdmBdWorkorder>()
+                .eq(PdmBdWorkorder::getWorkorder_code, manualSortingDto.getWorkorder_code()));
         if (ObjectUtil.isEmpty(bdWorkorder)) {
             throw new BadRequestException("工单：[" + bdWorkorder.getWorkorder_code() + "]不存在");
         }
@@ -74,7 +76,8 @@ public class PdaServiceImpl implements PdaService {
     @Override
     public PdaResponseVo productionComplete(ManualSortingDto manualSortingDto) {
         // 查询工单
-        PdmBdWorkorder bdWorkorder = workorderService.getById(manualSortingDto.getWorkorder_code());
+        PdmBdWorkorder bdWorkorder = workorderService.getOne(new LambdaQueryWrapper<PdmBdWorkorder>()
+                .eq(PdmBdWorkorder::getWorkorder_code, manualSortingDto.getWorkorder_code()));
         if (ObjectUtil.isEmpty(bdWorkorder)) {
             throw new BadRequestException("工单：[" + bdWorkorder.getWorkorder_code() + "]不存在");
         }