diff --git a/backend/src/main/java/io/dataease/auth/config/F2CRealm.java b/backend/src/main/java/io/dataease/auth/config/F2CRealm.java
index 5d686c2abe..46b942ef48 100644
--- a/backend/src/main/java/io/dataease/auth/config/F2CRealm.java
+++ b/backend/src/main/java/io/dataease/auth/config/F2CRealm.java
@@ -1,10 +1,13 @@
 package io.dataease.auth.config;
 
+import io.dataease.auth.api.dto.CurrentRoleDto;
+import io.dataease.auth.api.dto.CurrentUserDto;
 import io.dataease.auth.entity.JWTToken;
 import io.dataease.auth.entity.SysUserEntity;
 import io.dataease.auth.entity.TokenInfo;
 import io.dataease.auth.service.AuthUserService;
 import io.dataease.auth.util.JWTUtils;
+import io.dataease.commons.utils.BeanUtils;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
@@ -16,6 +19,8 @@ import org.apache.shiro.subject.PrincipalCollection;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Component;
+
+import java.util.List;
 import java.util.Set;
 import java.util.stream.Collectors;
 
@@ -58,7 +63,7 @@ public class F2CRealm extends AuthorizingRealm {
         if (username == null) {
             throw new AuthenticationException("token invalid");
         }
-
+        // 使用缓存
         SysUserEntity user = authUserService.getUserById(userId);
         if (user == null) {
             throw new AuthenticationException("User didn't existed!");
@@ -72,6 +77,13 @@ public class F2CRealm extends AuthorizingRealm {
         if (! JWTUtils.verify(token, tokenInfo, pass)) {
             throw new AuthenticationException("Username or password error");
         }
-        return new SimpleAuthenticationInfo(token, token, "f2cReam");
+        // 使用缓存
+        List<CurrentRoleDto> currentRoleDtos = authUserService.roleInfos(user.getUserId());
+        // 使用缓存
+        List<String> permissions = authUserService.permissions(user.getUserId());
+        CurrentUserDto currentUserDto = BeanUtils.copyBean(new CurrentUserDto(), user);
+        currentUserDto.setRoles(currentRoleDtos);
+        currentUserDto.setPermissions(permissions);
+        return new SimpleAuthenticationInfo(currentUserDto, token, "f2cReam");
     }
 }
diff --git a/backend/src/main/java/io/dataease/auth/server/AuthServer.java b/backend/src/main/java/io/dataease/auth/server/AuthServer.java
index 474e013a69..a3a1640706 100644
--- a/backend/src/main/java/io/dataease/auth/server/AuthServer.java
+++ b/backend/src/main/java/io/dataease/auth/server/AuthServer.java
@@ -15,6 +15,7 @@ import io.dataease.commons.utils.CodingUtil;
 import io.dataease.commons.utils.ServletUtils;
 import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.SecurityUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
@@ -58,19 +59,26 @@ public class AuthServer implements AuthApi {
 
     @Override
     public CurrentUserDto userInfo() {
-        String token = ServletUtils.getToken();
-        Long userId = JWTUtils.tokenInfoByToken(token).getUserId();
-        SysUserEntity user = authUserService.getUserById(userId);
-        CurrentUserDto currentUserDto = BeanUtils.copyBean(new CurrentUserDto(), user);
-        List<CurrentRoleDto> currentRoleDtos = authUserService.roleInfos(user.getUserId());
-        List<String> permissions = authUserService.permissions(user.getUserId());
-        currentUserDto.setRoles(currentRoleDtos);
-        currentUserDto.setPermissions(permissions);
-        return currentUserDto;
+        CurrentUserDto userDto = (CurrentUserDto)SecurityUtils.getSubject().getPrincipal();
+        if (ObjectUtils.isEmpty(userDto)) {
+            String token = ServletUtils.getToken();
+            Long userId = JWTUtils.tokenInfoByToken(token).getUserId();
+            SysUserEntity user = authUserService.getUserById(userId);
+            CurrentUserDto currentUserDto = BeanUtils.copyBean(new CurrentUserDto(), user);
+            List<CurrentRoleDto> currentRoleDtos = authUserService.roleInfos(user.getUserId());
+            List<String> permissions = authUserService.permissions(user.getUserId());
+            currentUserDto.setRoles(currentRoleDtos);
+            currentUserDto.setPermissions(permissions);
+            return currentUserDto;
+        }
+        return userDto;
     }
 
     @Override
     public String logout(){
+        String token = ServletUtils.getToken();
+        Long userId = JWTUtils.tokenInfoByToken(token).getUserId();
+        authUserService.clearCache(userId);
         return "success";
     }
 
diff --git a/backend/src/main/java/io/dataease/auth/service/AuthUserService.java b/backend/src/main/java/io/dataease/auth/service/AuthUserService.java
index 2eb887365d..8154412bbd 100644
--- a/backend/src/main/java/io/dataease/auth/service/AuthUserService.java
+++ b/backend/src/main/java/io/dataease/auth/service/AuthUserService.java
@@ -19,6 +19,8 @@ public interface AuthUserService {
 
     List<CurrentRoleDto> roleInfos(Long userId);
 
+    void clearCache(Long userId);
+
 
 
 }
diff --git a/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java b/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java
index e4fde7aba2..7254206150 100644
--- a/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java
+++ b/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java
@@ -4,8 +4,11 @@ import io.dataease.auth.api.dto.CurrentRoleDto;
 import io.dataease.auth.entity.SysUserEntity;
 import io.dataease.base.mapper.ext.AuthMapper;
 import io.dataease.auth.service.AuthUserService;
+import io.dataease.commons.constants.AuthConstants;
 import org.apache.commons.lang3.StringUtils;
+import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.cache.annotation.Cacheable;
+import org.springframework.cache.annotation.Caching;
 import org.springframework.stereotype.Service;
 
 import javax.annotation.Resource;
@@ -16,7 +19,6 @@ import java.util.stream.Collectors;
 @Service
 public class AuthUserServiceImpl implements AuthUserService {
 
-    private final String USER_CACHE_NAME = "users_info";
 
     @Resource
     private AuthMapper authMapper;
@@ -26,7 +28,7 @@ public class AuthUserServiceImpl implements AuthUserService {
      * @param userId
      * @return
      */
-    @Cacheable(value = USER_CACHE_NAME,  key = "'user' + #userId" )
+    @Cacheable(value = AuthConstants.USER_CACHE_NAME,  key = "'user' + #userId" )
     @Override
     public SysUserEntity getUserById(Long userId){
         return authMapper.findUser(userId);
@@ -41,14 +43,42 @@ public class AuthUserServiceImpl implements AuthUserService {
     public List<String> roles(Long userId){
         return authMapper.roleCodes(userId);
     }
+
+    /**
+     * 此处需被F2CRealm登录认证调用 也就是说每次请求都会被调用 所以最好加上缓存
+     * @param userId
+     * @return
+     */
+    @Cacheable(value = AuthConstants.USER_PERMISSION_CACHE_NAME,  key = "'user' + #userId" )
     @Override
     public List<String> permissions(Long userId){
         List<String> permissions = authMapper.permissions(userId);
         return permissions.stream().filter(StringUtils::isNotEmpty).collect(Collectors.toList());
     }
 
+    /**
+     * 此处需被F2CRealm登录认证调用 也就是说每次请求都会被调用 所以最好加上缓存
+     * @param userId
+     * @return
+     */
+    @Cacheable(value = AuthConstants.USER_ROLE_CACHE_NAME,  key = "'user' + #userId" )
     @Override
     public List<CurrentRoleDto> roleInfos(Long userId) {
         return authMapper.roles(userId);
     }
+
+
+    /**
+     * 一波清除3个缓存
+     * @param userId
+     */
+    @Caching(evict = {
+            @CacheEvict(value = AuthConstants.USER_CACHE_NAME, key = "'user' + #userId"),
+            @CacheEvict(value = AuthConstants.USER_ROLE_CACHE_NAME, key = "'user' + #userId"),
+            @CacheEvict(value = AuthConstants.USER_PERMISSION_CACHE_NAME, key = "'user' + #userId")
+    })
+    @Override
+    public void clearCache(Long userId) {
+
+    }
 }
diff --git a/backend/src/main/java/io/dataease/commons/constants/AuthConstants.java b/backend/src/main/java/io/dataease/commons/constants/AuthConstants.java
index bf6c0dac22..b78abf26f8 100644
--- a/backend/src/main/java/io/dataease/commons/constants/AuthConstants.java
+++ b/backend/src/main/java/io/dataease/commons/constants/AuthConstants.java
@@ -3,4 +3,9 @@ package io.dataease.commons.constants;
 public class AuthConstants {
 
     public final static String TOKEN_KEY = "Authorization";
+    public final static String USER_CACHE_NAME = "users_info";
+    public final static String USER_ROLE_CACHE_NAME = "users_roles_info";
+    public final static String USER_PERMISSION_CACHE_NAME = "users_permissions_info";
+
+
 }
diff --git a/backend/src/main/java/io/dataease/commons/utils/AuthUtils.java b/backend/src/main/java/io/dataease/commons/utils/AuthUtils.java
index 5fcc32d725..e84b597d2d 100644
--- a/backend/src/main/java/io/dataease/commons/utils/AuthUtils.java
+++ b/backend/src/main/java/io/dataease/commons/utils/AuthUtils.java
@@ -1,9 +1,11 @@
 package io.dataease.commons.utils;
 
+import io.dataease.auth.api.dto.CurrentUserDto;
 import io.dataease.auth.entity.TokenInfo;
 import io.dataease.auth.util.JWTUtils;
 import io.dataease.base.domain.SysUser;
 import io.dataease.service.sys.SysUserService;
+import org.apache.shiro.SecurityUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
@@ -17,12 +19,18 @@ public class AuthUtils {
         AuthUtils.sysUserService = sysUserService;
     }
 
-    public static SysUser getUser(){
+    /*public static SysUser getUser(){
+        SecurityUtils.getSubject().getPrincipal()
         String token = ServletUtils.getToken();
         TokenInfo tokenInfo = JWTUtils.tokenInfoByToken(token);
         SysUser sysUser = new SysUser();
         sysUser.setUserId(tokenInfo.getUserId());
         SysUser user = sysUserService.findOne(sysUser);
         return user;
+    }*/
+
+    public static CurrentUserDto getUser(){
+        CurrentUserDto userDto = (CurrentUserDto)SecurityUtils.getSubject().getPrincipal();
+        return userDto;
     }
 }
diff --git a/backend/src/main/java/io/dataease/controller/sys/SysUserController.java b/backend/src/main/java/io/dataease/controller/sys/SysUserController.java
index 4fe8913321..259ac06695 100644
--- a/backend/src/main/java/io/dataease/controller/sys/SysUserController.java
+++ b/backend/src/main/java/io/dataease/controller/sys/SysUserController.java
@@ -49,7 +49,7 @@ public class SysUserController {
         sysUserService.update(request);
     }
 
-    @ApiOperation("更新用户")
+    @ApiOperation("删除用户")
     @PostMapping("/delete/{userId}")
     public void delete(@PathVariable("userId") Long userId){
         sysUserService.delete(userId);
diff --git a/backend/src/main/java/io/dataease/notice/service/NoticeService.java b/backend/src/main/java/io/dataease/notice/service/NoticeService.java
index 3b5278e2f0..10c2fc483a 100644
--- a/backend/src/main/java/io/dataease/notice/service/NoticeService.java
+++ b/backend/src/main/java/io/dataease/notice/service/NoticeService.java
@@ -1,5 +1,6 @@
 package io.dataease.notice.service;
 
+import io.dataease.auth.api.dto.CurrentUserDto;
 import io.dataease.base.domain.MessageTask;
 import io.dataease.base.domain.MessageTaskExample;
 import io.dataease.base.domain.SysUser;
@@ -101,7 +102,7 @@ public class NoticeService {
     }
 
     public List<MessageDetail> searchMessageByType(String type) {
-        SysUser user = AuthUtils.getUser();
+        CurrentUserDto user = AuthUtils.getUser();
         //String orgId = user.getLastOrganizationId();
         List<MessageDetail> messageDetails = new ArrayList<>();
 
diff --git a/backend/src/main/java/io/dataease/service/panel/ShareService.java b/backend/src/main/java/io/dataease/service/panel/ShareService.java
index a40d2f0ed3..16bfa83eae 100644
--- a/backend/src/main/java/io/dataease/service/panel/ShareService.java
+++ b/backend/src/main/java/io/dataease/service/panel/ShareService.java
@@ -1,5 +1,7 @@
 package io.dataease.service.panel;
 
+import io.dataease.auth.api.dto.CurrentRoleDto;
+import io.dataease.auth.api.dto.CurrentUserDto;
 import io.dataease.base.domain.PanelShare;
 import io.dataease.base.domain.PanelShareExample;
 import io.dataease.base.domain.SysUser;
@@ -80,10 +82,10 @@ public class ShareService {
 
 
     public List<PanelShareDto> queryTree(BaseGridRequest request){
-        SysUser user = AuthUtils.getUser();
+        CurrentUserDto user = AuthUtils.getUser();
         Long userId = user.getUserId();
         Long deptId = user.getDeptId();
-        List<Long> roleIds = new ArrayList<>();
+        List<Long> roleIds = user.getRoles().stream().map(CurrentRoleDto::getId).collect(Collectors.toList());
 
         List<Long> targetIds = new ArrayList<>();
         targetIds.add(userId);
diff --git a/backend/src/main/java/io/dataease/service/sys/SysUserService.java b/backend/src/main/java/io/dataease/service/sys/SysUserService.java
index f36e23c859..85ccfc0ef2 100644
--- a/backend/src/main/java/io/dataease/service/sys/SysUserService.java
+++ b/backend/src/main/java/io/dataease/service/sys/SysUserService.java
@@ -8,6 +8,7 @@ import io.dataease.base.mapper.SysUserMapper;
 import io.dataease.base.mapper.SysUsersRolesMapper;
 import io.dataease.base.mapper.ext.ExtSysUserMapper;
 import io.dataease.base.mapper.ext.query.GridExample;
+import io.dataease.commons.constants.AuthConstants;
 import io.dataease.commons.utils.BeanUtils;
 import io.dataease.commons.utils.CodingUtil;
 import io.dataease.controller.sys.base.BaseGridRequest;
@@ -30,7 +31,6 @@ import java.util.stream.Collectors;
 @Service
 public class SysUserService {
 
-    private final static String USER_CACHE_NAME = "users_info";
     private final static String DEFAULT_PWD = "DataEase123..";
 
     @Resource
@@ -72,6 +72,12 @@ public class SysUserService {
         return insert;
     }
 
+    /**
+     * 修改用户密码清楚缓存
+     * @param request
+     * @return
+     */
+    @CacheEvict(value = AuthConstants.USER_CACHE_NAME, key = "'user' + #request.userId")
     @Transactional
     public int update(SysUserCreateRequest request){
         SysUser user = BeanUtils.copyBean(new SysUser(), request);
@@ -95,7 +101,7 @@ public class SysUserService {
      * @param request
      * @return
      */
-    @CacheEvict(value = USER_CACHE_NAME, key = "'user' + #request.userId")
+    @CacheEvict(value = AuthConstants.USER_CACHE_NAME, key = "'user' + #request.userId")
     public int updatePwd(SysUserPwdRequest request) {
         if (!StringUtils.equals(request.getPassword(), request.getRepeatPassword())){
             throw new RuntimeException("两次密码不一致");
@@ -115,7 +121,7 @@ public class SysUserService {
         return sysUserMapper.updateByPrimaryKeySelective(sysUser);
     }
 
-    @CacheEvict(value = USER_CACHE_NAME, key = "'user' + #request.userId")
+    @CacheEvict(value = AuthConstants.USER_CACHE_NAME, key = "'user' + #request.userId")
     public int adminUpdatePwd(SysUserPwdRequest request){
         SysUser sysUser = new SysUser();
         sysUser.setUserId(request.getUserId());
@@ -150,7 +156,7 @@ public class SysUserService {
         });
     }
 
-    @CacheEvict(value = USER_CACHE_NAME, key = "'user' + #userId")
+    @CacheEvict(value = AuthConstants.USER_CACHE_NAME, key = "'user' + #userId")
     @Transactional
     public int delete(Long userId){
         deleteUserRoles(userId);
diff --git a/backend/src/main/resources/ehcache/ehcache.xml b/backend/src/main/resources/ehcache/ehcache.xml
index a5e5d7b09a..ff551ec033 100644
--- a/backend/src/main/resources/ehcache/ehcache.xml
+++ b/backend/src/main/resources/ehcache/ehcache.xml
@@ -46,6 +46,28 @@
             timeToLiveSeconds="3600"
             memoryStoreEvictionPolicy="LRU"
     />
+    <cache
+            name="users_roles_info"
+            eternal="false"
+            maxElementsInMemory="100"
+            maxElementsOnDisk="1000"
+            overflowToDisk="true"
+            diskPersistent="true"
+            timeToIdleSeconds="1800"
+            timeToLiveSeconds="3600"
+            memoryStoreEvictionPolicy="LRU"
+    />
+    <cache
+            name="users_permissions_info"
+            eternal="false"
+            maxElementsInMemory="100"
+            maxElementsOnDisk="1000"
+            overflowToDisk="true"
+            diskPersistent="true"
+            timeToIdleSeconds="1800"
+            timeToLiveSeconds="3600"
+            memoryStoreEvictionPolicy="LRU"
+    />
 
     <cache
             name="tokens_expire"
diff --git a/frontend/src/utils/request.js b/frontend/src/utils/request.js
index b48224cdc3..408bee2102 100644
--- a/frontend/src/utils/request.js
+++ b/frontend/src/utils/request.js
@@ -14,7 +14,7 @@ const RefreshTokenKey = Config.RefreshTokenKey
 const service = axios.create({
   baseURL: process.env.VUE_APP_BASE_API, // url = base url + request url
   // withCredentials: true, // send cookies when cross-domain requests
-  timeout: 10000 // request timeout
+  timeout: 0 // request timeout
 })
 
 // request interceptor