update

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/config/ResourceServerConfig.java

@@ -26,7 +26,7 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
 	@Override
 	public void configure(HttpSecurity http) throws Exception {
 		http.csrf().disable().exceptionHandling().accessDeniedHandler(baseAccessDeniedHandler).authenticationEntryPoint(baseAuthenticationEntryPoint).and()
-				.authorizeRequests().antMatchers("/task/**").hasIpAddress("0.0.0.0/0").anyRequest().authenticated().and().httpBasic();
+				.authorizeRequests().antMatchers("/task/**","/user/updatePassword").hasIpAddress("0.0.0.0/0").anyRequest().authenticated().and().httpBasic();
 	}
 
 	@Override

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/web/controller/UserController.java

@@ -129,11 +129,7 @@ public class UserController extends BaseController {
 		if (StringUtils.isEmpty(mobile) || StringUtils.isEmpty(authCode) || StringUtils.isEmpty(newPassword)) {
 			return failed("参数校验异常");
 		}
-		AuthUser authUser = SecurityUtils.getUser();
-		if (authUser == null) {
-			return failed("获取用户信息失败");
-		}
-		SysUser sysUser = sysUserService.get(authUser.getUserId());
+		SysUser sysUser = sysUserService.queryByPhone(mobile);
 		if (sysUser == null) {
 			return failed("用户不存在");
 		}