diff --git a/src/main/java/com/codesdream/ase/component/ASEPasswordEncoder.java b/src/main/java/com/codesdream/ase/component/ASEPasswordEncoder.java
index 62e284f..4665e09 100644
--- a/src/main/java/com/codesdream/ase/component/ASEPasswordEncoder.java
+++ b/src/main/java/com/codesdream/ase/component/ASEPasswordEncoder.java
@@ -13,6 +13,6 @@ public class ASEPasswordEncoder implements PasswordEncoder {
 
     @Override
     public boolean matches(CharSequence charSequence, String s) {
-        return s.equals(DigestUtils.sha256Hex(charSequence.toString()));
+        return s.equals(charSequence.toString());
     }
 }
diff --git a/src/main/java/com/codesdream/ase/component/UserRolesListGenerator.java b/src/main/java/com/codesdream/ase/component/UserRolesListGenerator.java
new file mode 100644
index 0000000..9b6795d
--- /dev/null
+++ b/src/main/java/com/codesdream/ase/component/UserRolesListGenerator.java
@@ -0,0 +1,24 @@
+package com.codesdream.ase.component;
+
+import com.codesdream.ase.model.permission.FunctionalPermissionContainer;
+import com.codesdream.ase.model.permission.Tag;
+import com.codesdream.ase.model.permission.User;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.stereotype.Component;
+
+import java.util.ArrayList;
+import java.util.Collection;
+
+@Component
+public class UserRolesListGenerator {
+    public Collection<GrantedAuthority> GenerateRoles(User user){
+        Collection<GrantedAuthority> authorities = new ArrayList<>();
+        for(Tag tag : user.getTags()){
+            for(FunctionalPermissionContainer functionalPermissionContainer : tag.getFunctionalPermissionContainers()){
+                authorities.add(new SimpleGrantedAuthority(functionalPermissionContainer.getName()));
+            }
+        }
+        return authorities;
+    }
+}
diff --git a/src/main/java/com/codesdream/ase/configure/CustomWebSecurityConfig.java b/src/main/java/com/codesdream/ase/configure/CustomWebSecurityConfig.java
index 420ba98..7250446 100644
--- a/src/main/java/com/codesdream/ase/configure/CustomWebSecurityConfig.java
+++ b/src/main/java/com/codesdream/ase/configure/CustomWebSecurityConfig.java
@@ -43,7 +43,7 @@ public class CustomWebSecurityConfig extends WebSecurityConfigurerAdapter {
 
     @Override
     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        auth.userDetailsService(aseUserDetailService).passwordEncoder(asePasswordEncoder);
+        auth.inMemoryAuthentication().withUser("user").password("password").roles("普通用户");
     }
 
     @Override
diff --git a/src/main/java/com/codesdream/ase/model/permission/User.java b/src/main/java/com/codesdream/ase/model/permission/User.java
index 2866c16..c8b6c5a 100644
--- a/src/main/java/com/codesdream/ase/model/permission/User.java
+++ b/src/main/java/com/codesdream/ase/model/permission/User.java
@@ -1,11 +1,10 @@
 package com.codesdream.ase.model.permission;
 
+import com.codesdream.ase.component.UserRolesListGenerator;
 import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
 import javax.persistence.*;
-import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashSet;
 import java.util.Set;
@@ -93,9 +92,8 @@ public class User implements UserDetails {
 
     @Override
     public Collection<? extends GrantedAuthority> getAuthorities() {
-        Collection<GrantedAuthority> authorities = new ArrayList<>();
-        authorities.add(new SimpleGrantedAuthority("user"));
-        return authorities;
+        UserRolesListGenerator userRolesListGenerator = new UserRolesListGenerator();
+        return userRolesListGenerator.GenerateRoles(this);
     }
 
     @Override
diff --git a/src/main/java/com/codesdream/ase/repository/FunctionalPermissionRepository.java b/src/main/java/com/codesdream/ase/repository/FunctionalPermissionRepository.java
new file mode 100644
index 0000000..098f8d4
--- /dev/null
+++ b/src/main/java/com/codesdream/ase/repository/FunctionalPermissionRepository.java
@@ -0,0 +1,12 @@
+package com.codesdream.ase.repository;
+
+import com.codesdream.ase.model.permission.FunctionalPermissionContainer;
+import org.springframework.data.repository.CrudRepository;
+import org.springframework.stereotype.Repository;
+
+import java.util.Optional;
+
+@Repository
+public interface FunctionalPermissionRepository extends CrudRepository<FunctionalPermissionContainer, Integer> {
+    Optional<FunctionalPermissionRepository> findByName(String name);
+}
diff --git a/src/main/java/com/codesdream/ase/repository/ScopePermissionRepository.java b/src/main/java/com/codesdream/ase/repository/ScopePermissionRepository.java
new file mode 100644
index 0000000..8d0dd0d
--- /dev/null
+++ b/src/main/java/com/codesdream/ase/repository/ScopePermissionRepository.java
@@ -0,0 +1,10 @@
+package com.codesdream.ase.repository;
+
+import com.codesdream.ase.model.permission.ScopePermissionContainer;
+import org.springframework.data.repository.CrudRepository;
+
+import java.util.Optional;
+
+public interface ScopePermissionRepository extends CrudRepository<ScopePermissionContainer, Integer> {
+    Optional<ScopePermissionRepository> findByName(String name);
+}
diff --git a/src/main/java/com/codesdream/ase/repository/TagRepository.java b/src/main/java/com/codesdream/ase/repository/TagRepository.java
index 0d7ea18..9af0508 100644
--- a/src/main/java/com/codesdream/ase/repository/TagRepository.java
+++ b/src/main/java/com/codesdream/ase/repository/TagRepository.java
@@ -6,6 +6,7 @@ import org.springframework.data.repository.CrudRepository;
 import org.springframework.stereotype.Repository;
 
 import java.util.Optional;
+import java.util.Set;
 
 @Repository
 public interface TagRepository extends CrudRepository<Tag, Integer> {
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 216156f..929ae2a 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -5,9 +5,6 @@ spring.thymeleaf.suffix=.html
 spring.thymeleaf.mode=HTML
 spring.thymeleaf.encoding=UTF-8
 
-spring.security.user.name=user
-spring.security.user.password=123
-
 spring.jpa.generate-ddl=false
 spring.jpa.show-sql=true
 spring.jpa.hibernate.ddl-auto=create
diff --git a/src/main/resources/templates/login.html b/src/main/resources/templates/login.html
index 3769ba3..6d3baee 100644
--- a/src/main/resources/templates/login.html
+++ b/src/main/resources/templates/login.html
@@ -14,7 +14,7 @@
                     <div class="card-header">
                         <h4 class="card-title">登录</h4>
                     </div>
-                    <form action="/login" method="post">
+                    <form th:action="@{/login}" method="post">
                         <div class="card-body">
                             <div class="form-group">
                                 <label for="username">用户名</label>
@@ -29,6 +29,9 @@
                             <button type="submit" class="btn btn-primary btn-block"><b>登录</b></button>
                         </div>
                     </form>
+                    <div th:if="${param.error}">
+                        用户名或密码错误
+                    </div>
                 </div>
             </div>
         </div>