diff --git a/seqdata-cloud-authz/pom.xml b/seqdata-cloud-authz/pom.xml
index b510dd95acbf7b73556a07f6673e19399e7924a5..533b22559d889854c909407ed074bb7423be2d7b 100644
--- a/seqdata-cloud-authz/pom.xml
+++ b/seqdata-cloud-authz/pom.xml
@@ -58,5 +58,16 @@
 			<artifactId>mssql-jdbc</artifactId>
 			<scope>runtime</scope>
 		</dependency>
+
+		<dependency>
+			<groupId>mysql</groupId>
+			<artifactId>mysql-connector-java</artifactId>
+			<scope>runtime</scope>
+		</dependency>
+		<dependency>
+			<groupId>com.alibaba</groupId>
+			<artifactId>druid-spring-boot-starter</artifactId>
+			<version>1.1.20</version>
+		</dependency>
 	</dependencies>
 </project>
diff --git a/seqdata-cloud-authz/src/main/java/cn/seqdata/oauth2/AuthzServerConfiguration.java b/seqdata-cloud-authz/src/main/java/cn/seqdata/oauth2/AuthzServerConfiguration.java
index 159bd9cf608125c5ad18a040f6fe47b73d761422..8aa2bf47c76112815f1873e06911afa8494cd086 100644
--- a/seqdata-cloud-authz/src/main/java/cn/seqdata/oauth2/AuthzServerConfiguration.java
+++ b/seqdata-cloud-authz/src/main/java/cn/seqdata/oauth2/AuthzServerConfiguration.java
@@ -1,7 +1,15 @@
 package cn.seqdata.oauth2;
 
-import java.util.*;
-
+import cn.seqdata.oauth2.jpa.rbac.User;
+import cn.seqdata.oauth2.mobile.MobileNonceAuthenticationProvider;
+import cn.seqdata.oauth2.mobile.MobileNonceService;
+import cn.seqdata.oauth2.mobile.MobileTokenGranter;
+import cn.seqdata.oauth2.repos.oauth.ClientDetailRepo;
+import cn.seqdata.oauth2.service.JpaClientDetailsService;
+import cn.seqdata.oauth2.service.JpaUserDetailsManager;
+import cn.seqdata.oauth2.service.UserService;
+import cn.seqdata.oauth2.util.SecurityUtils;
+import lombok.AllArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.data.redis.connection.RedisConnectionFactory;
@@ -29,8 +37,8 @@ import org.springframework.security.oauth2.provider.token.AuthorizationServerTok
 import org.springframework.security.oauth2.provider.token.TokenEnhancer;
 import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
-import lombok.AllArgsConstructor;
 
+import java.util.*;
 import cn.seqdata.oauth2.jpa.rbac.User;
 import cn.seqdata.oauth2.mobile.MobileNonceAuthenticationProvider;
 import cn.seqdata.oauth2.mobile.MobileNonceHandler;
@@ -49,6 +57,59 @@ import cn.seqdata.oauth2.util.SecurityUtils;
 @EnableAuthorizationServer
 @AllArgsConstructor
 public class AuthzServerConfiguration extends AuthorizationServerConfigurerAdapter {
+    private final AuthenticationManager authenticationManager;
+    private final UserService userService;
+    private final JpaUserDetailsManager userDetailsService;
+    private final RedisConnectionFactory redisConnectionFactory;
+    private final ClientDetailRepo clientDetailRepo;
+    private final MobileNonceService mobileNonceService;
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return NoOpPasswordEncoder.getInstance();
+//		return PasswordEncoderFactories.createDelegatingPasswordEncoder();
+    }
+
+    @Bean
+    public TokenStore tokenStore() {
+        RedisTokenStore redisTokenStore = new RedisTokenStore(redisConnectionFactory);
+        // 解决每次生成的token都一样的问题
+        redisTokenStore.setAuthenticationKeyGenerator(oAuth2Authentication -> UUID.randomUUID().toString());
+        return redisTokenStore;
+    }
+
+    @Bean
+    public TokenEnhancer tokenEnhancer() {
+        return (accessToken, authentication) -> {
+            if (accessToken instanceof DefaultOAuth2AccessToken) {
+                Map<String, Object> attributes = new HashMap<>();
+
+                String clientId = SecurityUtils.clientId(authentication);
+                String username = SecurityUtils.username(authentication);
+                User user = userService.loadUser(clientId, username);
+
+                if (Objects.nonNull(user)) {
+                    attributes.put("user_id", user.getId());
+                    attributes.put("org_id", user.getOrgId());
+                }
+
+                ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(attributes);
+            }
+
+            return accessToken;
+        };
+    }
+
+    @Override
+    public void configure(AuthorizationServerSecurityConfigurer security) {
+        security
+                .tokenKeyAccess("isAuthenticated()")
+                .checkTokenAccess("isAuthenticated()");
+    }
+
+    @Override
+    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+        clients.withClientDetails(new JpaClientDetailsService(clientDetailRepo));
 	private final AuthenticationManager authenticationManager;
 	private final UserService userService;
 	private final JpaUserDetailsManager userDetailsService;
@@ -116,43 +177,43 @@ public class AuthzServerConfiguration extends AuthorizationServerConfigurerAdapt
 //		registrationRepository.forEach(clientRegistration -> builder
 //			.withClient(clientRegistration.getRegistrationId())
 //			.authorizedGrantTypes(AuthorizationGrantType.AUTHORIZATION_CODE.getValue()));
-	}
-
-	@Override
-	public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
-		endpoints
-			.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
-			.authenticationManager(authenticationManager)
-			.userDetailsService(userDetailsService)
-			.tokenStore(tokenStore())
-			.tokenEnhancer(tokenEnhancer())
-			.tokenGranter(tokenGranter(endpoints));
-	}
-
-	/**
-	 * 重写 AuthorizationServerEndpointsConfigurer.createDefaultTokenServices，添加 NonceTokenGranter
-	 */
-	private TokenGranter tokenGranter(AuthorizationServerEndpointsConfigurer endpoints) {
-		ClientDetailsService clientDetails = endpoints.getClientDetailsService();
-		AuthorizationServerTokenServices tokenServices = endpoints.getTokenServices();
-		AuthorizationCodeServices authorizationCodeServices = endpoints.getAuthorizationCodeServices();
-		OAuth2RequestFactory requestFactory = endpoints.getOAuth2RequestFactory();
-
-		List<TokenGranter> tokenGranters = new ArrayList<>();
-		tokenGranters.add(new AuthorizationCodeTokenGranter(tokenServices, authorizationCodeServices, clientDetails, requestFactory));
-		tokenGranters.add(new RefreshTokenGranter(tokenServices, clientDetails, requestFactory));
-		tokenGranters.add(new ImplicitTokenGranter(tokenServices, clientDetails, requestFactory));
-		tokenGranters.add(new ClientCredentialsTokenGranter(tokenServices, clientDetails, requestFactory));
-		//用户名密码验证
-		if(Objects.nonNull(authenticationManager)) {
-			tokenGranters.add(new ResourceOwnerPasswordTokenGranter(authenticationManager, tokenServices, clientDetails, requestFactory));
-		}
-		//自定义的手机验证码登录
-		if(Objects.nonNull(mobileNonceHandler)) {
-			MobileNonceAuthenticationProvider authenticationProvider = new MobileNonceAuthenticationProvider(mobileNonceHandler);
-			tokenGranters.add(new MobileTokenGranter(authenticationProvider, tokenServices, clientDetails, requestFactory));
-		}
-
-		return new CompositeTokenGranter(tokenGranters);
-	}
+    }
+
+    @Override
+    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
+        endpoints
+                .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
+                .authenticationManager(authenticationManager)
+                .userDetailsService(userDetailsService)
+                .tokenStore(tokenStore())
+                .tokenEnhancer(tokenEnhancer())
+                .tokenGranter(tokenGranter(endpoints));
+    }
+
+    /**
+     * 重写 AuthorizationServerEndpointsConfigurer.createDefaultTokenServices，添加 NonceTokenGranter
+     */
+    private TokenGranter tokenGranter(AuthorizationServerEndpointsConfigurer endpoints) {
+        ClientDetailsService clientDetails = endpoints.getClientDetailsService();
+        AuthorizationServerTokenServices tokenServices = endpoints.getTokenServices();
+        AuthorizationCodeServices authorizationCodeServices = endpoints.getAuthorizationCodeServices();
+        OAuth2RequestFactory requestFactory = endpoints.getOAuth2RequestFactory();
+
+        List<TokenGranter> tokenGranters = new ArrayList<>();
+        tokenGranters.add(new AuthorizationCodeTokenGranter(tokenServices, authorizationCodeServices, clientDetails, requestFactory));
+        tokenGranters.add(new RefreshTokenGranter(tokenServices, clientDetails, requestFactory));
+        tokenGranters.add(new ImplicitTokenGranter(tokenServices, clientDetails, requestFactory));
+        tokenGranters.add(new ClientCredentialsTokenGranter(tokenServices, clientDetails, requestFactory));
+        //用户名密码验证
+        if (Objects.nonNull(authenticationManager)) {
+            tokenGranters.add(new ResourceOwnerPasswordTokenGranter(authenticationManager, tokenServices, clientDetails, requestFactory));
+        }
+        //自定义的手机验证码登录
+        if (Objects.nonNull(mobileNonceService)) {
+            MobileNonceAuthenticationProvider authenticationProvider = new MobileNonceAuthenticationProvider(mobileNonceService);
+            tokenGranters.add(new MobileTokenGranter(authenticationProvider, tokenServices, clientDetails, requestFactory));
+        }
+
+        return new CompositeTokenGranter(tokenGranters);
+    }
 }
diff --git a/seqdata-cloud-authz/src/main/resources/bootstrap.yml b/seqdata-cloud-authz/src/main/resources/bootstrap.yml
index b06fcb6db62c66fefdea204686f50929655becce..620f47e3c0b3c4259a6ed1225724206a57cbfbf6 100644
--- a/seqdata-cloud-authz/src/main/resources/bootstrap.yml
+++ b/seqdata-cloud-authz/src/main/resources/bootstrap.yml
@@ -1,12 +1,19 @@
 spring:
   application:
-    name: authz
+    name: ${APPLICATION_NAME:authz}
   cloud:
+    gateway:
+      discovery:
+        locator:
+          enabled: true
     nacos:
-      config:
-        server-addr: nacos.seqdata.cn:8848
-        file-extension: yml
       discovery:
-        server-addr: nacos.seqdata.cn:8848
-server:
-  port: 30001
\ No newline at end of file
+        server-addr: ${NACOS_SERVICE_HOST:192.168.1.241}:${NACOS_SERVICE_PORT:8848}
+      config:
+        server-addr: ${spring.cloud.nacos.discovery.server-addr}
+        file-extension: ${CONFIG_FORMAT:yml}
+        # 公共文件
+        shared-configs[0]:
+          data-id: ${SHARE_CONFIG_PREFIX:application}.${spring.cloud.nacos.config.file-extension}
+          # 配置Data Id 在配置变更时，是否动态刷新，缺省默认 false
+          refresh: false
\ No newline at end of file
diff --git a/seqdata-cloud-gateway/src/main/resources/bootstrap.yml b/seqdata-cloud-gateway/src/main/resources/bootstrap.yml
index 02780cf4cf6e8596158fababb2a7f10c0c7cb27b..9ff0490f81069f5a30ac5a42641016dee7a4dc00 100644
--- a/seqdata-cloud-gateway/src/main/resources/bootstrap.yml
+++ b/seqdata-cloud-gateway/src/main/resources/bootstrap.yml
@@ -1,14 +1,19 @@
 spring:
   application:
-    name: gateway
+    name: ${APPLICATION_NAME:gateway}
   cloud:
     gateway:
       discovery:
         locator:
           enabled: true
     nacos:
-      config:
-        server-addr: nacos.seqdata.cn:8848
-        file-extension: yml
       discovery:
-        server-addr: nacos.seqdata.cn:8848
\ No newline at end of file
+        server-addr: ${NACOS_SERVICE_HOST:192.168.1.241}:${NACOS_SERVICE_PORT:8848}
+      config:
+        server-addr: ${spring.cloud.nacos.discovery.server-addr}
+        file-extension: ${CONFIG_FORMAT:yml}
+        # 公共文件
+        shared-configs[0]:
+          data-id: ${SHARE_CONFIG_PREFIX:application}.${spring.cloud.nacos.config.file-extension}
+          # 配置Data Id 在配置变更时，是否动态刷新，缺省默认 false
+          refresh: false
\ No newline at end of file