diff --git a/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysUserController.java b/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysUserController.java
index 0fa2446..de77b7e 100644
--- a/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysUserController.java
+++ b/bonus-modules/bonus-system/src/main/java/com/bonus/system/controller/SysUserController.java
@@ -1,7 +1,9 @@
 package com.bonus.system.controller;
 
+import com.alibaba.nacos.common.utils.UuidUtils;
 import com.bonus.common.core.constant.CacheConstants;
 import com.bonus.common.core.domain.R;
+import com.bonus.common.core.exception.ServiceException;
 import com.bonus.common.core.utils.StringUtils;
 import com.bonus.common.core.utils.poi.ExcelUtil;
 import com.bonus.common.core.web.controller.BaseController;
@@ -24,6 +26,7 @@ import com.bonus.system.service.*;
 import com.bonus.system.warning.WebSocketHandler;
 import org.apache.commons.lang3.ArrayUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
@@ -32,6 +35,7 @@ import javax.annotation.Resource;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.*;
+import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 
 /**
@@ -73,6 +77,9 @@ public class SysUserController extends BaseController {
     @Autowired
     private ISysLogService sysLogService;
 
+    @Autowired
+    public RedisTemplate redisTemplate;
+
     /**
      * 获取用户列表
      */
@@ -629,4 +636,47 @@ public class SysUserController extends BaseController {
         boolean b = SecurityUtils.matchesPassword(user.getPassword(), sysUser.getPassword());
         return b? success():error("密码错误");
     }
+
+
+    /**
+     * 获得用户token、userId、当前时间加密的字符串
+     * 跳转第三方菜单时，获取 登录凭证 Ticket
+     *  将Ticket记录在redis中，设置时效 3600s,记录用户id、用户的token、和当前时间
+     */
+    @GetMapping("getUserTicket")
+    public AjaxResult getUserTicket() {
+        Long userId = SecurityUtils.getUserId();
+        if (Objects.nonNull(userId)) {
+            String uuid = UuidUtils.generateUuid();
+            redisTemplate.opsForValue().set(uuid, userId, 3600, TimeUnit.SECONDS);
+            Map<String, Object> resMap = new HashMap<>();
+            resMap.put("ticket", uuid);
+            return AjaxResult.success(resMap);
+        }
+        throw new ServiceException("用户未登录");
+    }
+
+    /**
+     *  登录凭证 Ticket校验
+     *  第三方系统拿到Ticket后需要校验该Ticket有效性，校验通过返回用户信息
+     * @param ticket：登录凭证
+     * @return
+     */
+    @GetMapping("validate")
+    public AjaxResult getUserInfo(@RequestHeader("ticket") String ticket) {
+        if (ticket==null || "".equals(ticket)) {
+            return new AjaxResult(10001, "令牌为空!");
+        }
+        Long userId = (Long)redisTemplate.opsForValue().get(ticket);
+        if (Objects.isNull(userId)) {
+            return new AjaxResult(10002, "令牌已失效!");
+        }
+        SysUser sysUser = userService.selectUserById(userId);
+        Map<String, Object> resMap = new HashMap<>();
+        resMap.put("userName", sysUser.getUserName());
+        resMap.put("name", sysUser.getNickName());
+        resMap.put("deptId", sysUser.getDeptId());
+        resMap.put("deptName", Objects.nonNull(sysUser.getDept()) ? sysUser.getDept().getDeptName() : "");
+        return AjaxResult.success(resMap);
+    }
 }