diff --git a/Myshipping.Core/Service/Auth/AuthService.cs b/Myshipping.Core/Service/Auth/AuthService.cs
index 365d4d9c..ea119fad 100644
--- a/Myshipping.Core/Service/Auth/AuthService.cs
+++ b/Myshipping.Core/Service/Auth/AuthService.cs
@@ -477,9 +477,15 @@ public class AuthService : IAuthService, IDynamicApiController, ITransient
     /// <remarks>默认用户名/密码：admin/admin</remarks>
     /// <returns></returns>
     [HttpPost("/GetAuthorizationKey")]
-    [AllowAnonymous]
+    [AllowAnonymous,ApiUser(ApiCode = "GetAuthorizationKey")]
     public async Task<string> GetAuthorizationKey([Required] GetAuthorizationKeyInput input)
     {
+        //验证用户ID有效性
+        var user= _sysUserRep.AsQueryable().Filter(null, true).First(u => u.DjyUserId == _cache.Get(input.UserId));
+        if (user is null)
+        {
+            throw Oops.Bah("用户Id不存在");
+        }
         //将key写入到redis 并指定五秒过期
         string key = Guid.NewGuid().ToString();
         await _cache.SetTimeoutAsync( key, input.UserId, TimeSpan.FromSeconds(5));