diff --git a/src/main/java/cn/lihongjie/coal/aop/ControllerAop.java b/src/main/java/cn/lihongjie/coal/aop/ControllerAop.java
index d2017914..b46a2953 100644
--- a/src/main/java/cn/lihongjie/coal/aop/ControllerAop.java
+++ b/src/main/java/cn/lihongjie/coal/aop/ControllerAop.java
@@ -9,6 +9,7 @@ import cn.lihongjie.coal.common.RequestUtils;
 import cn.lihongjie.coal.dto.R;
 import cn.lihongjie.coal.entity.*;
 import cn.lihongjie.coal.exception.BizException;
+import cn.lihongjie.coal.service.SessionService;
 import cn.lihongjie.coal.service.SysLogService;
 import jakarta.servlet.http.HttpServletRequest;
 import lombok.extern.slf4j.Slf4j;
@@ -42,12 +43,16 @@ public class ControllerAop {
 
     }
 
+    @Autowired
+    SessionService sessionService;
+
 
     @Around("controllerMethods()")
     public Object call(ProceedingJoinPoint proceedingJoinPoint) {
 
         Method method = ((MethodSignature) proceedingJoinPoint.getSignature()).getMethod();
         HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+        sessionService.rebuildSession(request.getHeader("X-Token"));
 
 
         // 处理接口权限
@@ -67,6 +72,7 @@ public class ControllerAop {
 
         } else {
 
+
             if (!Ctx.isSysAdmin()) {
 
                 OrgAdmin orgAdmin = ObjectUtils.defaultIfNull(AnnotationUtils.findAnnotation(method, OrgAdmin.class), AnnotationUtils.findAnnotation(method.getClass(), OrgAdmin.class));
diff --git a/src/main/java/cn/lihongjie/coal/service/SessionService.java b/src/main/java/cn/lihongjie/coal/service/SessionService.java
index b2c9a9e9..52c62fd4 100644
--- a/src/main/java/cn/lihongjie/coal/service/SessionService.java
+++ b/src/main/java/cn/lihongjie/coal/service/SessionService.java
@@ -107,7 +107,13 @@ public class SessionService {
     }
 
 
-    public void buildSession(String sessionId){
+    public void rebuildSession(String sessionId) {
+
+        if (StringUtils.isEmpty(sessionId)) {
+            SecurityContextHolder.clearContext();
+            return;
+        }
+
 
         String userId = stringRedisTemplate.opsForValue().getAndExpire(sessionId, 1, TimeUnit.HOURS);
 
@@ -121,6 +127,7 @@ public class SessionService {
 
         context.setAuthentication(new MyAuthentication(null, user, sessionId));
 
+        SecurityContextHolder.setContext(context);
 
     }