diff --git a/aircraft-system/src/main/java/com/aircraft/modules/security/rest/AuthController.java b/aircraft-system/src/main/java/com/aircraft/modules/security/rest/AuthController.java
index 86f0f87..6731990 100644
--- a/aircraft-system/src/main/java/com/aircraft/modules/security/rest/AuthController.java
+++ b/aircraft-system/src/main/java/com/aircraft/modules/security/rest/AuthController.java
@@ -116,6 +116,35 @@ public class AuthController {
         return ResponseEntity.ok(authInfo);
     }
 
+    @ApiOperation("登录授权（内部使用）")
+    @AnonymousPostMapping(value = "/login/inner")
+    public ResponseEntity<Object> loginInner(@Validated @RequestBody AuthUserDto authUser, HttpServletRequest request) throws Exception {
+
+        // 获取用户信息
+        JwtUserDto jwtUser = userDetailsService.loadUserByUsername(authUser.getUsername());
+        // 验证用户密码
+        if (!passwordEncoder.matches(authUser.getPassword(), jwtUser.getPassword())) {
+            throw new BadRequestException("登录密码错误");
+        }
+        Authentication authentication = new UsernamePasswordAuthenticationToken(jwtUser, null, jwtUser.getAuthorities());
+        SecurityContextHolder.getContext().setAuthentication(authentication);
+        // 生成令牌
+        String token = tokenProvider.createToken(jwtUser);
+        // 返回 token 与 用户信息
+        Map<String, Object> authInfo = new HashMap<String, Object>(2) {{
+            put("token", properties.getTokenStartWith() + token);
+            put("user", jwtUser);
+        }};
+        if (loginProperties.isSingleLogin()) {
+            // 踢掉之前已经登录的token
+            onlineUserService.kickOutForUsername(authUser.getUsername());
+        }
+        // 保存在线信息
+        onlineUserService.save(jwtUser, token, request);
+        // 返回登录信息
+        return ResponseEntity.ok(authInfo);
+    }
+
     @ApiOperation("获取用户信息")
     @GetMapping(value = "/info")
     public ResponseEntity<UserDetails> getUserInfo() {