diff --git a/app/common/cache/AdminAccountSafeCache.php b/app/common/cache/AdminAccountSafeCache.php
index e354867f2..f819836ed 100644
--- a/app/common/cache/AdminAccountSafeCache.php
+++ b/app/common/cache/AdminAccountSafeCache.php
@@ -11,12 +11,12 @@ class AdminAccountSafeCache extends BaseCache
     public $minute = 15;//缓存设置为15分钟，即密码错误次数达到，锁定15分钟
     public $count = 15;  //设置连续输错次数，即15分钟内连续输错误15次后，锁定
 
-    public function __construct()
+    public function __construct($prefix = 'admin_')
     {
         parent::__construct();
         $ip = \request()->getLocalIp();
         // $this->key = $this->tagName . $ip;
-        $this->key = 'admin_' . $ip;
+        $this->key = $prefix . $ip;
     }
 
     /**
@@ -59,4 +59,4 @@ class AdminAccountSafeCache extends BaseCache
     {
         Cache::delete($this->key);
     }
-}
\ No newline at end of file
+}
diff --git a/app/common/cache/StaffTokenCache.php b/app/common/cache/StaffTokenCache.php
new file mode 100644
index 000000000..e32de4bc1
--- /dev/null
+++ b/app/common/cache/StaffTokenCache.php
@@ -0,0 +1,90 @@
+<?php
+
+
+namespace app\common\cache;
+
+
+use app\common\model\auth\Admin;
+use app\common\model\auth\AdminSession;
+use app\common\model\auth\SystemRole;
+use app\common\model\BaseModel;
+use app\common\model\system_store\SystemStoreStaff;
+use app\common\model\system_store\SystemStoreStaffSession;
+use support\Cache;
+use think\facade\Db;
+
+class StaffTokenCache extends BaseCache
+{
+    private $prefix = 'token_staff_';
+
+    /**
+     * @notes 通过token获取缓存管理员信息
+     * @param $token
+     * @return false|mixed
+     * @author 令狐冲
+     * @date 2021/6/30 16:57
+     */
+    public function getAdminInfo($token)
+    {
+        //直接从缓存获取
+        $adminInfo = Cache::get($this->prefix . $token);
+        if ($adminInfo) {
+            return $adminInfo;
+        }
+
+        //从数据获取信息被设置缓存(可能后台清除缓存）
+        $adminInfo = $this->setAdminInfo($token);
+        if ($adminInfo) {
+            return $adminInfo;
+        }
+
+        return false;
+    }
+
+    /**
+     * @notes 通过有效token设置管理信息缓存
+     * @param $token
+     * @return array|false|mixed
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\DbException
+     * @throws \think\db\exception\ModelNotFoundException
+     * @author 令狐冲
+     * @date 2021/7/5 12:12
+     */
+    public function setAdminInfo($token)
+    {
+        $adminSession = SystemStoreStaffSession::where([['token', '=', $token], ['expire_time', '>', time()]])
+            ->find();
+        if (empty($adminSession)) {
+            return [];
+        }
+        $admin = SystemStoreStaff::where('id', '=', $adminSession->staff_id)
+            ->append(['role_id'])
+            ->find();
+        $adminInfo = [
+            'admin_id' => $admin->id,
+            'name' => $admin->staff_name,
+            'role_name' => $admin->is_manager == 1? '店长' : '店员',
+            'account' => $admin->account,
+            'store_id' => $admin->store_id,
+            'is_manager' => $admin->is_manager,
+            'is_admin' => $admin->is_admin,
+            'token' => $token,
+            'expire_time' => $adminSession->expire_time,
+        ];
+        Cache::set($this->prefix . $token, $adminInfo);
+        return $this->getAdminInfo($token);
+    }
+
+    /**
+     * @notes 删除缓存
+     * @param $token
+     * @return bool
+     * @author 令狐冲
+     * @date 2021/7/3 16:57
+     */
+    public function deleteAdminInfo($token)
+    {
+        return Cache::delete($this->prefix . $token);
+    }
+}
diff --git a/app/common/model/system_store/SystemStoreStaffSession.php b/app/common/model/system_store/SystemStoreStaffSession.php
new file mode 100644
index 000000000..ad2c073f2
--- /dev/null
+++ b/app/common/model/system_store/SystemStoreStaffSession.php
@@ -0,0 +1,14 @@
+<?php
+
+namespace app\common\model\system_store;
+
+use app\common\model\BaseModel;
+
+class SystemStoreStaffSession extends BaseModel
+{
+
+    protected $name = 'system_store_staff_session';
+
+    protected $createTime = false;
+
+}
diff --git a/app/store/logic/LoginLogic.php b/app/store/logic/LoginLogic.php
index 82c0363ad..a5c00bb01 100644
--- a/app/store/logic/LoginLogic.php
+++ b/app/store/logic/LoginLogic.php
@@ -16,6 +16,7 @@ namespace app\store\logic;
 
 use app\common\logic\BaseLogic;
 use app\common\model\auth\Admin;
+use app\common\model\system_store\SystemStoreStaff;
 use app\store\service\AdminTokenService;
 use app\common\model\auth\AdminRole;
 use app\common\service\FileService;
@@ -43,25 +44,13 @@ class LoginLogic extends BaseLogic
     public function login($params)
     {
         $time = time();
-        $admin = Admin::where('account', '=', $params['account'])->find();
-        if ($params['is_admin'] == 0 && $admin) {
-            $auth_shop = Db::name('user_auth_shop')->where(['admin_id' => $admin['id'], 'status' => 1, 'apply_status' => 1, 'type' => 2])->find();
-            if (!$auth_shop) {
-                throw new MyBusinessException('该账户没有权限');
-            }
-        }
-        if ($admin && $params['is_admin'] == 1) {
-            $role_find = AdminRole::where('admin_id', $admin['id'])->where('role_id', 'in', [1, 2])->find();
-            if ($role_find) {
-                throw new MyBusinessException('没有权限访问');
-            }
-        }
+        $admin = SystemStoreStaff::where('account', '=', $params['account'])->find();
         //用户表登录信息更新
-        $admin->login_time = $time;
-        $admin->login_ip = request()->getLocalIp();
+        $admin->last_time = $time;
+        $admin->last_ip = request()->getLocalIp();
         $admin->save();
         //设置token
-        $adminInfo = AdminTokenService::setToken($admin->id, $params['terminal'], $admin->multipoint_login);
+        $adminInfo = AdminTokenService::setToken($admin->id, $params['terminal']);
 
         //返回登录信息
         $avatar = $admin->avatar ? $admin->avatar : Config::get('project.default_image.admin_avatar');
diff --git a/app/store/service/AdminTokenService.php b/app/store/service/AdminTokenService.php
index 0041efce6..94f2b18c5 100644
--- a/app/store/service/AdminTokenService.php
+++ b/app/store/service/AdminTokenService.php
@@ -5,7 +5,9 @@ namespace app\store\service;
 
 
 use app\common\cache\AdminTokenCache;
+use app\common\cache\StaffTokenCache;
 use app\common\model\auth\AdminSession;
+use app\common\model\system_store\SystemStoreStaffSession;
 use Webman\Config;
 
 class AdminTokenService
@@ -25,12 +27,12 @@ class AdminTokenService
     public static function setToken($adminId, $terminal, $multipointLogin = 1)
     {
         $time = time();
-        $adminSession = AdminSession::where([['admin_id', '=', $adminId], ['terminal', '=', $terminal]])->find();
+        $adminSession = SystemStoreStaffSession::where([['staff_id', '=', $adminId], ['terminal', '=', $terminal]])->find();
 
         //获取token延长过期的时间
         $expireTime = $time + Config::get('project.admin_token.expire_duration');
 
-        $adminTokenCache = new AdminTokenCache();
+        $adminTokenCache = new StaffTokenCache();
 
         //token处理
         if ($adminSession) {
@@ -46,8 +48,8 @@ class AdminTokenService
             $adminSession->save();
         } else {
             //找不到在该终端的token记录，创建token记录
-            $adminSession = AdminSession::create([
-                'admin_id' => $adminId,
+            $adminSession = SystemStoreStaffSession::create([
+                'staff_id' => $adminId,
                 'terminal' => $terminal,
                 'token' => create_token($adminId),
                 'expire_time' => $expireTime
@@ -93,24 +95,18 @@ class AdminTokenService
      */
     public static function expireToken($token)
     {
-        $adminSession = AdminSession::where('token', '=', $token)
-            ->with('admin')
+        $adminSession = SystemStoreStaffSession::where('token', '=', $token)
             ->findOrEmpty();
 
         if ($adminSession->isEmpty()) {
             return false;
         }
 
-        //当支持多处登录的时候，服务端不注销
-        if ($adminSession->admin->multipoint_login === 1) {
-            return false;
-        }
-
         $time = time();
         $adminSession->expire_time = $time;
         $adminSession->update_time = $time;
         $adminSession->save();
 
-        return (new AdminTokenCache())->deleteAdminInfo($token);
+        return (new StaffTokenCache())->deleteAdminInfo($token);
     }
 }
diff --git a/app/store/validate/LoginValidate.php b/app/store/validate/LoginValidate.php
index c94e79553..b7c80593f 100644
--- a/app/store/validate/LoginValidate.php
+++ b/app/store/validate/LoginValidate.php
@@ -7,6 +7,7 @@ namespace app\store\validate;
 use app\common\cache\AdminAccountSafeCache;
 use app\common\enum\AdminTerminalEnum;
 use app\common\model\auth\Admin;
+use app\common\model\system_store\SystemStoreStaff;
 use app\common\service\ConfigService;
 use app\common\validate\BaseValidate;
 use app\MyBusinessException;
@@ -46,7 +47,7 @@ class LoginValidate extends BaseValidate
             'limit_login_time' => ConfigService::get('admin_login', 'limit_login_time'),
         ];
 
-        $adminAccountSafeCache = new AdminAccountSafeCache();
+        $adminAccountSafeCache = new AdminAccountSafeCache('staff_');
         if ($config['login_restrictions'] == 1) {
             $adminAccountSafeCache->count = $config['password_error_times'];
             $adminAccountSafeCache->minute = $config['limit_login_time'];
@@ -54,27 +55,27 @@ class LoginValidate extends BaseValidate
 
         //后台账号安全机制，连续输错后锁定，防止账号密码暴力破解
         if ($config['login_restrictions'] == 1 && !$adminAccountSafeCache->isSafe()) {
-           new MyBusinessException('密码连续' . $adminAccountSafeCache->count . '次输入错误，请' . $adminAccountSafeCache->minute . '分钟后重试');
+           throw new MyBusinessException('密码连续' . $adminAccountSafeCache->count . '次输入错误，请' . $adminAccountSafeCache->minute . '分钟后重试');
         }
 
-        $adminInfo = Admin::where('account', '=', $data['account'])
-            ->field(['password,disable'])
+        $staffInfo = SystemStoreStaff::where('account', '=', $data['account'])
+            ->field(['pwd,status'])
             ->findOrEmpty();
 
-        if ($adminInfo->isEmpty()) {
+        if ($staffInfo->isEmpty()) {
             return '账号不存在';
         }
 
-        if ($adminInfo['disable'] === 1) {
+        if ($staffInfo['disable'] === 1) {
             return '账号已禁用';
         }
 
-        if (empty($adminInfo['password'])) {
+        if (empty($staffInfo['pwd'])) {
             $adminAccountSafeCache->record();
             return '账号不存在';
         }
-        $passwordSalt = Config::get('project.unique_identification');
-        if ($adminInfo['password'] !== create_password($password, $passwordSalt)) {
+        $pwdSalt = Config::get('project.unique_identification');
+        if ($staffInfo['pwd'] !== create_password($password, $pwdSalt)) {
             $adminAccountSafeCache->record();
             return '密码错误';
         }
diff --git a/config/middleware.php b/config/middleware.php
index adf239a72..5af3bd96e 100644
--- a/config/middleware.php
+++ b/config/middleware.php
@@ -27,10 +27,16 @@ return [
     'api' => [
         // 跨域中间件
         app\common\http\middleware\AdminAllowMiddleware::class,
-        
+
         app\api\http\middleware\InitMiddleware::class,
 
         app\api\http\middleware\LoginMiddleware::class,
 
+    ],
+    'store' => [
+        app\common\http\middleware\AdminAllowMiddleware::class,
+        app\store\middleware\InitMiddleware::class,
+        app\store\middleware\LoginMiddleware::class,
+        app\store\middleware\AuthMiddleware::class,
     ]
 ];
diff --git a/config/plugin/hg/apidoc/app.php b/config/plugin/hg/apidoc/app.php
index 2bb677cd5..2b5cc247b 100644
--- a/config/plugin/hg/apidoc/app.php
+++ b/config/plugin/hg/apidoc/app.php
@@ -10,7 +10,7 @@ return [
         'apps' => [
             [
                 // （必须）标题
-                'title' => 'Api接口',
+                'title' => 'store接口',
                 // （必须）控制器目录地址
                 'path' => 'app\store\controller',
                 // （必须）唯一的key