diff --git a/src/main/java/com/supwisdom/dlpay/water/pay/PayInit.java b/src/main/java/com/supwisdom/dlpay/water/pay/PayInit.java
index c928620..b5af832 100644
--- a/src/main/java/com/supwisdom/dlpay/water/pay/PayInit.java
+++ b/src/main/java/com/supwisdom/dlpay/water/pay/PayInit.java
@@ -46,6 +46,4 @@
         assertThat("get version error " + version.getException(),
                 version.getVersion(), notNullValue());
     }
-
-    //TODO:刷新TOKEN
 }
diff --git a/src/main/kotlin/com/supwisdom/dlpay/water/controller/api_controller.kt b/src/main/kotlin/com/supwisdom/dlpay/water/controller/api_controller.kt
index 73a42b8..91651f9 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/water/controller/api_controller.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/water/controller/api_controller.kt
@@ -205,7 +205,11 @@
         // 1. 根据 cobillno 查询 collectdtl , 并加锁
         val querycodtl = collectdtlService.queryTrans(param.cobillno)
                 ?: return ResponseEntity.ok(ResponseBodyBuilder.create()
-                        .fail(WaterErrorCode.DATA_NOTFOUND_ERROR, "采集流水号未找到"))
+                        .fail(WaterErrorCode.DATA_NOTFOUND_ERROR, "采集流水号"+param.cobillno+"未找到"))
+        if (param.deviceno != querycodtl.deviceno) {
+            return ResponseEntity.ok(ResponseBodyBuilder.create()
+                    .fail(WaterErrorCode.REQUEST_DATA_ERROR, "设备号"+param.deviceno+"与采集流水号"+param.cobillno+"不匹配"))
+        }
         //  流水是否重复上传
         if (!querycodtl.uploadStatus) {
             val dtl = collectdtlService.saveDeviceDtlData(param)
diff --git a/src/main/kotlin/com/supwisdom/dlpay/water/scheduler_task.kt b/src/main/kotlin/com/supwisdom/dlpay/water/scheduler_task.kt
index affc99e..8f1ffe6 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/water/scheduler_task.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/water/scheduler_task.kt
@@ -1,6 +1,7 @@
 package com.supwisdom.dlpay.water
 
 import com.supwisdom.dlpay.framework.service.SystemUtilService
+import com.supwisdom.dlpay.paysdk.ApiLoginHelper
 import com.supwisdom.dlpay.paysdk.proxy.ApiLoginProxy
 import com.supwisdom.dlpay.water.pay.WaterPayAsyncTask
 import com.supwisdom.dlpay.water.service.CollectdtlService
@@ -59,9 +60,7 @@
     @Scheduled(cron = "0 */20 * * * ?")
     @SchedulerLock(name = "refreshJwt", lockAtMostForString = "PT10M")
     fun refreshJwt() {
-        val response = apiLoginProxy.refresh()
-        if (response.retcode != 0) {
-            logger.error { "刷新jwt失败!状态码:"+response.retcode+" 错误信息:"+response.retmsg}
-        }
+        val loginHelper = ApiLoginHelper(apiLoginProxy)
+        loginHelper.refresh()
     }
 }
\ No newline at end of file
diff --git a/src/main/kotlin/com/supwisdom/dlpay/water/service/collectdtl_service.kt b/src/main/kotlin/com/supwisdom/dlpay/water/service/collectdtl_service.kt
index bf1480d..fe2fbd7 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/water/service/collectdtl_service.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/water/service/collectdtl_service.kt
@@ -23,6 +23,7 @@
 import org.springframework.data.domain.PageRequest
 import org.springframework.data.jpa.domain.Specification
 import org.springframework.stereotype.Service
+import java.lang.IllegalStateException
 import java.lang.RuntimeException
 import java.math.BigInteger
 import java.util.ArrayList
@@ -66,8 +67,12 @@
         return dtl
     }
 
-    override fun queryTrans(cobillno: Int?): TCollectdtl {
-        return collectdtlDao.findByCobillnoForUpdate(cobillno)
+    override fun queryTrans(cobillno: Int?): TCollectdtl? {
+        return try {
+            collectdtlDao.findByCobillnoForUpdate(cobillno)
+        } catch (ex: IllegalStateException) {
+            null
+        }
     }
 
     override fun userAuth(param: UserAuthRequest): TCollectdtl {
diff --git a/src/main/resources/static/custom/module/admin.js b/src/main/resources/static/custom/module/admin.js
index cbdbc36..bcb348d 100644
--- a/src/main/resources/static/custom/module/admin.js
+++ b/src/main/resources/static/custom/module/admin.js
@@ -145,6 +145,16 @@
                         layer.msg(jsonRs.msg, {icon: 2});
                     }
                 }
+                if (result.indexOf("<title>用户登录</title>") != -1) {
+                    layer.msg("登录过期,请重新登录!", {icon: 2, time: 1500}, function () {
+                        location.replace(baseUrl + 'login');
+                    }, 500);
+                    return;
+                }else if (result.indexOf("<title>403 无权限</title>") != -1) {
+                    layer.close(popupCenterIndex);
+                    layer.msg("无资源权限",{icon:2, time: 2000})
+                    return;
+                }
                 successCallback(result, status, xhr);
             };
             param.error = function (xhr) {
diff --git a/src/main/resources/templates/home/theme.html b/src/main/resources/templates/home/theme.html
index 67cb12a..392a02a 100755
--- a/src/main/resources/templates/home/theme.html
+++ b/src/main/resources/templates/home/theme.html
@@ -7,8 +7,8 @@
 
 <div class="layui-card-header"><h2 class="header-title">设置主题：</h2></div>
 <div class="layui-card-body layui-text">
-    <a href="/home/setTheme" class="layui-btn" style="background-color: #009688;">默认主题</a>
-    <a href="/home/setTheme?themeName=blue" class="layui-btn layui-btn-normal">蓝色主题</a>
+    <a th:href="@{/home/setTheme}" class="layui-btn" style="background-color: #009688;">默认主题</a>
+    <a th:href="@{/home/setTheme?themeName=blue}" class="layui-btn layui-btn-normal">蓝色主题</a>
     <br><br><br>
   
 </div>
diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html
index bf8f12c..c0ae0bf 100755
--- a/src/main/resources/templates/index.html
+++ b/src/main/resources/templates/index.html
@@ -157,6 +157,27 @@
         var dictpool = DictPoolToolkit();
         dictpool.initAll("/dictpool"); //加载字典
     });
+    //  处理登录过期ajax跳转问题
+    $.ajaxSetup({
+        asycn: false,
+        xhrFields: {
+            withCredentials: true
+        },
+        error: function (XMLHttpRequest, textStatus, errorThrown){
+            if(XMLHttpRequest.status==403){
+                alert('您没有权限访问此资源或进行此操作');
+                return false;
+            }
+        },
+        contentType:"application/x-www-form-urlencoded;charset=utf-8",
+        complete: function (xhr,status) {
+            if (xhr.responseText.indexOf("<title>用户登录</title>") != -1) {
+                layer.msg("登录过期,请重新登录!", {icon: 2, time: 1500}, function () {
+                    location.replace(window.location.pathname + 'login');
+                }, 500);
+            }
+        }
+    });
 </script>
 </body>
 
diff --git a/src/main/resources/templates/system/operator/setpwd.html b/src/main/resources/templates/system/operator/setpwd.html
index d549946..53f4fef 100644
--- a/src/main/resources/templates/system/operator/setpwd.html
+++ b/src/main/resources/templates/system/operator/setpwd.html
@@ -42,7 +42,7 @@
             admin.closeThisTabs()
         });
         form.render('select');
-        let url = '/operator/dosetpwd';
+        let url = '[[@{/operator/dosetpwd}]]';
         // 表单提交事件
         form.on('submit(setmypass)', function (data) {
             layer.load(2);
@@ -58,11 +58,11 @@
                     layer.closeAll('loading');
                     if (result.code == 200) {
                         layer.msg(result.msg, {icon: 1, time: 1500}, function () {
-                            location.replace('/login');
+                            location.replace('[[@{/login}]]');
                         }, 1000);
                     } else if (data.code == 401) {
                         layer.msg(result.msg, {icon: 2, time: 1500}, function () {
-                            location.replace('/login');
+                            location.replace('[[@{/login}]]');
                         }, 1000);
                         return;
                     } else {
diff --git a/src/main/resources/templates/system/operator/userinfor.html b/src/main/resources/templates/system/operator/userinfor.html
index 8ca3c10..a7d8652 100644
--- a/src/main/resources/templates/system/operator/userinfor.html
+++ b/src/main/resources/templates/system/operator/userinfor.html
@@ -34,7 +34,7 @@
                 <div class="layui-form-item">
                     <label class="layui-form-label">邮箱</label>
                     <div class="layui-input-inline">
-                        <input type="text" name="email" th:value="${user.mobile}" autocomplete="off"
+                        <input type="text" name="email" th:value="${user.email}" autocomplete="off"
                                class="layui-input">
                     </div>
                 </div>
@@ -55,8 +55,8 @@
         $('#cancelBtn').click(function () {
             admin.closeThisTabs()
         });
-        form.render('select');
-        let url = '/operator/updateinfor';
+        form.render('radio');
+        let url = '[[@{/operator/updateinfor}]]';
         // 表单提交事件
         form.on('submit(infor-form-submit)', function (data) {
             layer.load(2);
@@ -79,7 +79,7 @@
                         layer.msg(result.msg, {icon: 1});
                     } else if (data.code == 401) {
                         layer.msg(result.msg, {icon: 2, time: 1500}, function () {
-                            location.replace('/login');
+                            location.replace('[[@{/login}]]');
                         }, 1000);
                         return;
                     } else {