diff --git a/src/main/java/com/dhu/config/ShiroConfig.java b/src/main/java/com/dhu/config/ShiroConfig.java
new file mode 100644
index 0000000000000000000000000000000000000000..461c6c8bf1efee855af8642252a25f039ea47953
--- /dev/null
+++ b/src/main/java/com/dhu/config/ShiroConfig.java
@@ -0,0 +1,82 @@
+//package com.dhu.config;
+//
+//import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
+//import com.dhu.realm.MyRealm;
+//import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
+//import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
+//import org.apache.shiro.web.mgt.CookieRememberMeManager;
+//import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
+//import org.apache.shiro.web.servlet.SimpleCookie;
+//import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.context.annotation.Bean;
+//import org.springframework.context.annotation.Configuration;
+//
+////@Configuration
+//public class ShiroConfig {
+//    @Autowired
+//    private MyRealm myRealm;
+//
+//    //配置SecurityManager
+//    @Bean
+//    public DefaultWebSecurityManager defaultWebSecurityManager() {
+//        //1.创建defaultWebSecurityManager对象
+//        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
+//        //2.创建加密对象，设置相关属性
+//        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
+//        //2.1采用md5加密
+//        matcher.setHashAlgorithmName("md5");
+//        //2.2设置迭代加密次数
+//        matcher.setHashIterations(3);
+//        //3.将加密对象存储到MyRealm中
+//        myRealm.setCredentialsMatcher(matcher);
+//        //4.将MyRealm存储到defaultWebSecurityManager对象中
+//        defaultWebSecurityManager.setRealm(myRealm);
+//        //5.设置rememberme
+//        defaultWebSecurityManager.setRememberMeManager(rememberMeManager());
+//
+//        return defaultWebSecurityManager;
+//    }
+//
+//    //实现rememberme功能
+//    //cookie属性设置
+//    public SimpleCookie rememberMeCookie(){
+//        SimpleCookie cookie = new SimpleCookie("rememberMe");
+//        //设置跨域
+//        //cookie.setDomain(domain);
+//        cookie.setPath("/");
+//        cookie.setHttpOnly(true);
+//        cookie.setMaxAge(30*24*60*60);
+//        return cookie;
+//    }
+//    //创建Shiro的cookie管理对象
+//    public CookieRememberMeManager rememberMeManager() {
+//        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
+//        cookieRememberMeManager.setCookie(rememberMeCookie());
+//        cookieRememberMeManager.setCipherKey("1234567890987654".getBytes());
+//        return cookieRememberMeManager;
+//    }
+//
+//    //配置Shiro内置过滤器拦截范围
+//    @Bean
+//    public DefaultShiroFilterChainDefinition shiroFilterChainDefinition() {
+//        DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition();
+//        //设置不认证可以访问的资源
+//        definition.addPathDefinition("/myController/userLogin","anon");
+//        definition.addPathDefinition("/myController/login","anon");
+//        definition.addPathDefinition("/front/**","anon");
+//        definition.addPathDefinition("/backend/**","anon");
+//        //配置登出过滤器
+//        definition.addPathDefinition("/myController/logout", "logout");
+//        //设置需要进行登录认证的拦截范围
+//        definition.addPathDefinition("/myController/**", "authc");
+//        //添加存在用户的过滤器(rememberMe)
+//        definition.addPathDefinition("/**", "user");
+//        return definition;
+//    }
+//
+//    //用于解析thymeleaf中的shiro:相关属性
+//    @Bean
+//    public ShiroDialect shiroDialect(){
+//        return new ShiroDialect();
+//    }
+//}
diff --git a/src/main/java/com/dhu/controller/MyController.java b/src/main/java/com/dhu/controller/MyController.java
new file mode 100644
index 0000000000000000000000000000000000000000..e0c35631b54417d5006ad883aa34b69831eb423c
--- /dev/null
+++ b/src/main/java/com/dhu/controller/MyController.java
@@ -0,0 +1,84 @@
+//package com.dhu.controller;
+//
+//import org.apache.shiro.SecurityUtils;
+//import org.apache.shiro.authc.AuthenticationException;
+//import org.apache.shiro.authc.AuthenticationToken;
+//import org.apache.shiro.authc.UsernamePasswordToken;
+//import org.apache.shiro.authz.annotation.RequiresAuthentication;
+//import org.apache.shiro.authz.annotation.RequiresPermissions;
+//import org.apache.shiro.authz.annotation.RequiresRoles;
+//import org.apache.shiro.subject.Subject;
+//import org.springframework.stereotype.Controller;
+//import org.springframework.web.bind.annotation.GetMapping;
+//import org.springframework.web.bind.annotation.RequestMapping;
+//import org.springframework.web.bind.annotation.RequestParam;
+//import org.springframework.web.bind.annotation.ResponseBody;
+//
+//import javax.servlet.http.HttpSession;
+//
+//
+///**
+// * 测试shiro使用流程
+// */
+////@Controller
+////@RequestMapping("/myController")
+//public class MyController {
+//
+//    //跳转登录界面
+//    @RequestMapping("login")
+//    public String login(){
+//        return "login";
+//    }
+//
+//    //跳转到主界面
+//    @RequestMapping("main")
+//    public String main(){
+//        return "main";
+//    }
+//
+//    @GetMapping("/userLogin")
+//    public String userLogin(String name,
+//                            String password,
+//                            @RequestParam(defaultValue = "false")boolean rememberMe ,
+//                            HttpSession session){
+//        //1.获取登录认证的subject对象
+//        Subject subject = SecurityUtils.getSubject();
+//        //2.将账号密码封装到token中
+//        AuthenticationToken token = new UsernamePasswordToken(name, password,rememberMe);
+//        //调用Login方法进行登录认证
+//        try{
+//            subject.login(token);
+//            session.setAttribute("user", token.getPrincipal().toString());
+//            return "main";
+//        } catch (AuthenticationException e){
+//            e.printStackTrace();
+//            System.out.println("登录失败");
+//            return "login";
+//        }
+//    }
+//
+//    //登录认证验证rememberMe
+//    @GetMapping("/userLoginRm")
+//    public String userLogin(HttpSession session){
+//        session.setAttribute("user", "rememberMe");
+//        return "main";
+//    }
+//
+//    //登录认证验证角色
+//    @RequiresRoles("admin")
+//    @GetMapping("/userLoginRoles")
+//    @ResponseBody
+//    public String userLoginRoles(){
+//        System.out.println("登录认证验证角色");
+//        return "has admin role success";
+//    }
+//
+//    //登录认证验证权限
+//    @RequiresPermissions("user:delete")
+//    @GetMapping("/userLoginPermissions")
+//    @ResponseBody
+//    public String userLoginPermissions(){
+//        System.out.println("登录认证验证权限");
+//        return "has delete permission success";
+//    }
+//}
diff --git a/src/main/java/com/dhu/entity/User.java b/src/main/java/com/dhu/entity/User.java
new file mode 100644
index 0000000000000000000000000000000000000000..e6a508f07e0950823d4085f373976a98d8938a56
--- /dev/null
+++ b/src/main/java/com/dhu/entity/User.java
@@ -0,0 +1,132 @@
+package com.dhu.entity;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableName;
+import java.io.Serializable;
+import lombok.Data;
+
+/**
+ * 用户信息
+ * @TableName user
+ */
+@TableName(value ="user")
+@Data
+public class User implements Serializable {
+    /**
+     * 主键
+     */
+    @TableId(value = "id")
+    private Long id;
+
+    /**
+     * 姓名
+     */
+    @TableField(value = "name")
+    private String name;
+
+    /**
+     * 手机号
+     */
+    @TableField(value = "phone")
+    private String phone;
+
+    /**
+     * 性别
+     */
+    @TableField(value = "sex")
+    private String sex;
+
+    /**
+     * 身份证号
+     */
+    @TableField(value = "id_number")
+    private String idNumber;
+
+    /**
+     * 头像
+     */
+    @TableField(value = "avatar")
+    private String avatar;
+
+    /**
+     * 状态 0:禁用，1:正常
+     */
+    @TableField(value = "status")
+    private Integer status;
+
+    /**
+     * 
+     */
+    @TableField(value = "password")
+    private String password;
+
+    /**
+     * 
+     */
+    @TableField(value = "email")
+    private String email;
+
+    @TableField(exist = false)
+    private static final long serialVersionUID = 1L;
+
+    @Override
+    public boolean equals(Object that) {
+        if (this == that) {
+            return true;
+        }
+        if (that == null) {
+            return false;
+        }
+        if (getClass() != that.getClass()) {
+            return false;
+        }
+        User other = (User) that;
+        return (this.getId() == null ? other.getId() == null : this.getId().equals(other.getId()))
+            && (this.getName() == null ? other.getName() == null : this.getName().equals(other.getName()))
+            && (this.getPhone() == null ? other.getPhone() == null : this.getPhone().equals(other.getPhone()))
+            && (this.getSex() == null ? other.getSex() == null : this.getSex().equals(other.getSex()))
+            && (this.getIdNumber() == null ? other.getIdNumber() == null : this.getIdNumber().equals(other.getIdNumber()))
+            && (this.getAvatar() == null ? other.getAvatar() == null : this.getAvatar().equals(other.getAvatar()))
+            && (this.getStatus() == null ? other.getStatus() == null : this.getStatus().equals(other.getStatus()))
+            && (this.getPassword() == null ? other.getPassword() == null : this.getPassword().equals(other.getPassword()))
+            && (this.getEmail() == null ? other.getEmail() == null : this.getEmail().equals(other.getEmail()));
+    }
+
+    @Override
+    public int hashCode() {
+        final int prime = 31;
+        int result = 1;
+        result = prime * result + ((getId() == null) ? 0 : getId().hashCode());
+        result = prime * result + ((getName() == null) ? 0 : getName().hashCode());
+        result = prime * result + ((getPhone() == null) ? 0 : getPhone().hashCode());
+        result = prime * result + ((getSex() == null) ? 0 : getSex().hashCode());
+        result = prime * result + ((getIdNumber() == null) ? 0 : getIdNumber().hashCode());
+        result = prime * result + ((getAvatar() == null) ? 0 : getAvatar().hashCode());
+        result = prime * result + ((getStatus() == null) ? 0 : getStatus().hashCode());
+        result = prime * result + ((getPassword() == null) ? 0 : getPassword().hashCode());
+        result = prime * result + ((getEmail() == null) ? 0 : getEmail().hashCode());
+        return result;
+    }
+
+    @Override
+    public String toString() {
+        StringBuilder sb = new StringBuilder();
+        sb.append(getClass().getSimpleName());
+        sb.append(" [");
+        sb.append("Hash = ").append(hashCode());
+        sb.append(", id=").append(id);
+        sb.append(", name=").append(name);
+        sb.append(", phone=").append(phone);
+        sb.append(", sex=").append(sex);
+        sb.append(", idNumber=").append(idNumber);
+        sb.append(", avatar=").append(avatar);
+        sb.append(", status=").append(status);
+        sb.append(", Password=").append(password);
+        sb.append(", email=").append(email);
+        sb.append(", serialVersionUID=").append(serialVersionUID);
+        sb.append("]");
+        return sb.toString();
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/com/dhu/realm/MyRealm.java b/src/main/java/com/dhu/realm/MyRealm.java
new file mode 100644
index 0000000000000000000000000000000000000000..9dc3b8ff7a6bf9935f45c0de96e606b928ae3931
--- /dev/null
+++ b/src/main/java/com/dhu/realm/MyRealm.java
@@ -0,0 +1,69 @@
+//package com.dhu.realm;
+//
+//import com.dhu.entity.User;
+//import com.dhu.service.UserService;
+//import lombok.extern.slf4j.Slf4j;
+//import org.apache.shiro.authc.AuthenticationException;
+//import org.apache.shiro.authc.AuthenticationInfo;
+//import org.apache.shiro.authc.AuthenticationToken;
+//import org.apache.shiro.authc.SimpleAuthenticationInfo;
+//import org.apache.shiro.authz.AuthorizationInfo;
+//import org.apache.shiro.authz.SimpleAuthorizationInfo;
+//import org.apache.shiro.realm.AuthorizingRealm;
+//import org.apache.shiro.subject.PrincipalCollection;
+//import org.apache.shiro.util.ByteSource;
+//import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.stereotype.Component;
+//
+//import java.util.List;
+//
+////@Slf4j
+////@Component
+//public class MyRealm extends AuthorizingRealm {
+//    @Autowired
+//    private UserService userService;
+//
+//    //自定义授权方法:获取当前登录用户的角色、权限信息，返回给shiro用来进行授权认证
+//    @Override
+//    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
+//        System.out.println("自定义授权方法");
+//        //1.获取用户身份信息
+//        String principal = principalCollection.getPrimaryPrincipal().toString();
+//        //2.调用业务层获取用户的角色信息（数据库）
+//        List<String> roles = userService.getUserRoleInfo(principal);
+//        log.info("当前用户角色信息={}",roles);
+//        //2.5调用业务层获取用户的权限信息
+//        List<String> permission = userService.getUserPermissionInfo(roles);
+//        log.info("当前用户权限信息={}", permission);
+//        //3.创建对象，封装当前登录用户的权限和角色信息
+//        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
+//        //2.存储角色
+//        info.addRoles(roles);
+//        //存储权限
+//        info.addStringPermissions(permission);
+//        //返回角色信息
+//        return info;
+//    }
+//
+//    //自定义登录认证方法
+//    @Override
+//    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
+//        //1.获取用户身份信息
+//        String name = authenticationToken.getPrincipal().toString();
+//        //2.调用业务层获取用户信息（数据库）
+//        User user = userService.getUserInfoByName(name);
+//        String salt = "salt";
+//        //3.非空判断，将数据封装返回
+//        if(user!=null){
+//            AuthenticationInfo info = new SimpleAuthenticationInfo(
+//                    authenticationToken.getPrincipal(),
+//                    user.getPassword(),
+//                    ByteSource.Util.bytes(salt),
+//                    name
+//            );
+//            return info;
+//
+//        }
+//        return null;
+//    }
+//}
diff --git a/src/main/resources/backend/images/login/background.webp b/src/main/resources/backend/images/login/background.webp
new file mode 100644
index 0000000000000000000000000000000000000000..af0566d495f87cfd7329848968e2df9148c04398
Binary files /dev/null and b/src/main/resources/backend/images/login/background.webp differ
diff --git a/src/main/resources/backend/images/login/img.png b/src/main/resources/backend/images/login/img.png
new file mode 100644
index 0000000000000000000000000000000000000000..43b74fb2474f9d50e367299d9c5f0d4e1b38e3b1
Binary files /dev/null and b/src/main/resources/backend/images/login/img.png differ
diff --git a/src/main/resources/backend/images/login/logo.webp b/src/main/resources/backend/images/login/logo.webp
new file mode 100644
index 0000000000000000000000000000000000000000..7659b40f15a7ab73ae49f789fc6ebc0b11c6987b
Binary files /dev/null and b/src/main/resources/backend/images/login/logo.webp differ
diff --git a/src/main/resources/mapper/UserMapper.xml b/src/main/resources/mapper/UserMapper.xml
new file mode 100644
index 0000000000000000000000000000000000000000..5ae964418efd398bc9a75ca81732bb17d8e5f07b
--- /dev/null
+++ b/src/main/resources/mapper/UserMapper.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper
+        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.dhu.mapper.UserMapper">
+
+    <resultMap id="BaseResultMap" type="com.dhu.entity.User">
+        <id property="id" column="id" jdbcType="BIGINT"/>
+        <result property="name" column="name" jdbcType="VARCHAR"/>
+        <result property="phone" column="phone" jdbcType="VARCHAR"/>
+        <result property="sex" column="sex" jdbcType="VARCHAR"/>
+        <result property="idNumber" column="id_number" jdbcType="VARCHAR"/>
+        <result property="avatar" column="avatar" jdbcType="VARCHAR"/>
+        <result property="status" column="status" jdbcType="INTEGER"/>
+        <result property="password" column="pwd" jdbcType="VARCHAR"/>
+        <result property="email" column="email" jdbcType="VARCHAR"/>
+    </resultMap>
+
+    <sql id="Base_Column_List">
+        id
+        ,name,phone,
+        sex,id_number,avatar,
+        status,password,email
+    </sql>
+    <select id="getUserPermissionInfoMapper" resultType="java.lang.String">
+        select info
+        from permissions
+        where id in (select pid from role_ps where rid in (
+        select id from role where name in
+        <foreach collection="roles" item="name" open="(" separator="," close=")">
+            #{name}
+        </foreach>
+        ))
+    </select>
+</mapper>
diff --git a/src/main/resources/templates/login.html b/src/main/resources/templates/login.html
new file mode 100644
index 0000000000000000000000000000000000000000..8fa2c5825fbeb9b855c1f4162aaee2fb6800d19b
--- /dev/null
+++ b/src/main/resources/templates/login.html
@@ -0,0 +1,17 @@
+<!--<!DOCTYPE html>-->
+<!--<html lang="en">-->
+<!--<head>-->
+<!--    <meta charset="UTF-8">-->
+<!--    <title>Title</title>-->
+<!--</head>-->
+<!--<body>-->
+<!--<h1>Shiro登录认证</h1>-->
+<!--<br>-->
+<!--<form action="/myController/userLogin" method="get">-->
+<!--    <div>用户名:<input type="text" name="name" , value=""></div>-->
+<!--    <div>密码:<input type="text" name="password" , value=""></div>-->
+<!--    <div>记住用户：<input type="checkbox" name="rememberMe" value="true"></div>-->
+<!--    <div><input type="submit" value="登录"></div>-->
+<!--</form>-->
+<!--</body>-->
+<!--</html>-->
\ No newline at end of file
diff --git a/src/main/resources/templates/main.html b/src/main/resources/templates/main.html
new file mode 100644
index 0000000000000000000000000000000000000000..00ebcde825c9464e2fe982c200b9e7eb4eadce04
--- /dev/null
+++ b/src/main/resources/templates/main.html
@@ -0,0 +1,17 @@
+<!--<!DOCTYPE html>-->
+<!--<html lang="en" xmlns:th="http://www.thymeleaf.org"-->
+<!--      xmlns:shiro="http://www.w3.org/1999/xhtml">-->
+<!--<head>-->
+<!--    <meta charset="UTF-8">-->
+<!--    <title>Title</title>-->
+<!--</head>-->
+<!--<body>-->
+<!--<h1>Shiro 登录认证后主页面</h1>-->
+<!--<br>-->
+<!--登录用户为：<span th:text="${session.user}"></span>-->
+<!--<br>-->
+<!--<a href="/myController/logout">登出</a>-->
+<!--<a shiro:hasRole="admin" href="/myController/userLoginRoles">测试授权-角色验证</a>-->
+<!--<a shiro:hasPermission="user:delete" href="/myController/userLoginPermissions">测试授权—权限验证</a>-->
+<!--</body>-->
+<!--</html>-->
\ No newline at end of file