diff --git a/pkg/config/gormdb/casbin.go b/pkg/config/gormdb/casbin.go
new file mode 100644
index 0000000..43c70e4
--- /dev/null
+++ b/pkg/config/gormdb/casbin.go
@@ -0,0 +1,24 @@
+package gormdb
+
+/*
+ * @Author: lwnmengjing<lwnmengjing@qq.com>
+ * @Date: 2023/3/4 00:24:48
+ * @Last Modified by: lwnmengjing<lwnmengjing@qq.com>
+ * @Last Modified time: 2023/3/4 00:24:48
+ */
+
+// CasbinRule casbin rule
+type CasbinRule struct {
+	PType string `json:"pType" gorm:"size:100;"`
+	V0    string `json:"v0" gorm:"size:100;"`
+	V1    string `json:"v1" gorm:"size:100;"`
+	V2    string `json:"v2" gorm:"size:100;"`
+	V3    string `json:"v3" gorm:"size:100;"`
+	V4    string `json:"v4" gorm:"size:100;"`
+	V5    string `json:"v5" gorm:"size:100;"`
+}
+
+// TableName table name
+func (*CasbinRule) TableName() string {
+	return "casbin_rule"
+}
diff --git a/pkg/config/gormdb/gorm.go b/pkg/config/gormdb/gorm.go
index 476be18..d69d340 100644
--- a/pkg/config/gormdb/gorm.go
+++ b/pkg/config/gormdb/gorm.go
@@ -95,7 +95,7 @@ func (e *Database) Init() {
 	if e.CasbinModel != "" {
 		//set casbin adapter
 		var a persist.Adapter
-		a, err = gormadapter.NewAdapterByDBUseTableName(DB, "mss_boot", "casbin_rule")
+		a, err = gormadapter.NewAdapterByDBWithCustomTable(DB, &CasbinRule{})
 		if err != nil {
 			log.Fatalf("gormadapter.NewAdapterByDB error : %s", err.Error())
 		}
@@ -112,8 +112,8 @@ func (e *Database) Init() {
 		if err != nil {
 			log.Fatalf("Enforcer.LoadPolicy error : %s", err.Error())
 		}
-		Enforcer.EnableAutoSave(true)
-		Enforcer.EnableAutoBuildRoleLinks(true)
-		Enforcer.EnableLog(true)
+		//Enforcer.EnableAutoSave(true)
+		//Enforcer.EnableAutoBuildRoleLinks(true)
+		//Enforcer.EnableLog(true)
 	}
 }
diff --git a/pkg/config/gormdb/logger/logger.go b/pkg/config/gormdb/logger/logger.go
index 2d96e54..39d1e96 100644
--- a/pkg/config/gormdb/logger/logger.go
+++ b/pkg/config/gormdb/logger/logger.go
@@ -11,12 +11,6 @@ import (
 	"gorm.io/gorm/utils"
 )
 
-var log loggerCore.Logger
-
-func init() {
-	log = loggerCore.NewLogger()
-}
-
 // Colors
 const (
 	Reset       = "\033[0m"
@@ -42,11 +36,11 @@ type gormLogger struct {
 func (l *gormLogger) getLogger(ctx context.Context) loggerCore.Logger {
 	requestID := ctx.Value("X-Request-ID")
 	if requestID != nil {
-		return log.Fields(map[string]interface{}{
+		return loggerCore.DefaultLogger.Fields(map[string]interface{}{
 			"x-request-id": requestID,
 		})
 	}
-	return log
+	return loggerCore.DefaultLogger
 }
 
 // LogMode log mode
diff --git a/pkg/middlewares/auth.go b/pkg/middlewares/auth.go
deleted file mode 100644
index 5cd3dfd..0000000
--- a/pkg/middlewares/auth.go
+++ /dev/null
@@ -1,83 +0,0 @@
-package middlewares
-
-/*
- * @Author: lwnmengjing<lwnmengjing@qq.com>
- * @Date: 2022/4/13 22:44
- * @Last Modified by: lwnmengjing<lwnmengjing@qq.com>
- * @Last Modified time: 2022/4/13 22:44
- */
-
-import (
-	"errors"
-	"net/http"
-	"strings"
-
-	"github.com/coreos/go-oidc/v3/oidc"
-	"github.com/gin-gonic/gin"
-
-	"github.com/mss-boot-io/mss-boot/pkg/response"
-	"github.com/mss-boot-io/mss-boot/pkg/store"
-)
-
-// AuthMiddleware 认证中间件
-func AuthMiddleware() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		api := response.Make(c)
-		//登录认证
-		accessToken := getTokenFromHeader(c)
-		if accessToken == "" {
-			api.AddError(errors.New("token is empty"))
-			api.Err(http.StatusUnauthorized)
-			return
-		}
-		client, err := store.DefaultOAuth2Store.
-			GetClientByDomain(c.Request.Context(), c.Request.Host)
-		if err != nil {
-			api.AddError(err)
-			api.Err(http.StatusUnauthorized)
-			return
-		}
-		provider, err := oidc.NewProvider(c, client.GetIssuer())
-		if err != nil {
-			api.AddError(err)
-			api.Err(http.StatusUnauthorized)
-			return
-		}
-		idTokenVerifier := provider.Verifier(&oidc.Config{ClientID: client.GetClientID()})
-		idToken, err := idTokenVerifier.Verify(c, accessToken)
-		if err != nil {
-			api.AddError(err)
-			api.Err(http.StatusUnauthorized)
-			return
-		}
-		user := &User{}
-		err = idToken.Claims(user)
-		if err != nil {
-			api.AddError(err)
-			api.Err(http.StatusUnauthorized)
-			return
-		}
-		//鉴权
-		c.Set("user", user)
-		c.Next()
-	}
-}
-
-// getTokenFromHeader 获取token
-func getTokenFromHeader(c *gin.Context) string {
-	return strings.ReplaceAll(strings.ReplaceAll(
-		c.GetHeader("Authorization"),
-		"Bearer ",
-		""),
-		"bearer",
-		"")
-}
-
-// GetLoginUser 获取登录用户
-func GetLoginUser(c *gin.Context) *User {
-	user, ok := c.Get("user")
-	if !ok {
-		return nil
-	}
-	return user.(*User)
-}
diff --git a/pkg/response/actions/get_gorm.go b/pkg/response/actions/get_gorm.go
index a230df2..4f26b89 100644
--- a/pkg/response/actions/get_gorm.go
+++ b/pkg/response/actions/get_gorm.go
@@ -8,8 +8,6 @@ package actions
  */
 
 import (
-	"errors"
-	"gorm.io/gorm"
 	"net/http"
 
 	"github.com/gin-gonic/gin"
@@ -32,12 +30,8 @@ func NewGetGorm(m schema.Tabler, key string) *Get {
 func (e *Get) getGorm(c *gin.Context, key string) {
 	api := response.Make(c)
 	m := pkg.TablerDeepCopy(e.ModelGorm)
-	err := gormdb.DB.First(m, "id = ?", c.Param(key)).Error
+	err := gormdb.DB.First(m, c.Param(key)).Error
 	if err != nil {
-		if errors.Is(err, gorm.ErrRecordNotFound) {
-			api.Err(http.StatusNotFound)
-			return
-		}
 		api.Log.Error(err)
 		api.AddError(err)
 		api.Err(http.StatusInternalServerError)
diff --git a/pkg/response/actions/get_mgm.go b/pkg/response/actions/get_mgm.go
index 21b2f3f..4375874 100644
--- a/pkg/response/actions/get_mgm.go
+++ b/pkg/response/actions/get_mgm.go
@@ -44,8 +44,8 @@ func (*Get) String() string {
 // Handler action handler
 func (e *Get) Handler() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		if e.ModelGorm != nil {
-			e.getGorm(c, e.Key)
+		if e.ModelMgm != nil {
+			e.getMgm(c, e.Key)
 			return
 		}
 		if e.ModelMgm != nil {
diff --git a/pkg/response/actions/type.go b/pkg/response/actions/type.go
index 41bc990..91c8d7e 100644
--- a/pkg/response/actions/type.go
+++ b/pkg/response/actions/type.go
@@ -46,11 +46,6 @@ type ModelGorm struct {
 	DeletedAt gorm.DeletedAt `gorm:"index" bson:"-" json:"-"`
 }
 
-func (e *ModelGorm) BeforeCreate(_ *gorm.DB) (err error) {
-	_, err = e.PrepareID(nil)
-	return err
-}
-
 // PrepareID prepare id
 func (e *ModelGorm) PrepareID(_ any) (any, error) {
 	if e.ID == "" {
diff --git a/pkg/response/model.go b/pkg/response/model.go
index 011e8e9..fcaf01c 100644
--- a/pkg/response/model.go
+++ b/pkg/response/model.go
@@ -1,14 +1,13 @@
 package response
 
 import (
+	"strconv"
 	"strings"
 )
 
 // Response response
 type Response struct {
 	Success      bool   `json:"success,omitempty"`
-	Status       string `json:"status,omitempty"`
-	Code         int    `json:"code,omitempty"`
 	ErrorCode    string `json:"errorCode,omitempty"`
 	ErrorMessage string `json:"errorMessage,omitempty"`
 	ShowType     uint8  `json:"showType,omitempty"`
@@ -18,7 +17,7 @@ type Response struct {
 
 type response struct {
 	Response
-	List interface{} `json:"list,omitempty"`
+	Data interface{} `json:"data"`
 }
 
 // Page page
@@ -34,8 +33,8 @@ type page struct {
 }
 
 // SetData set data
-func (e *response) SetList(data interface{}) {
-	e.List = data
+func (e *response) SetData(data interface{}) {
+	e.Data = data
 }
 
 // Clone clone
@@ -55,10 +54,11 @@ func (e *response) SetMsg(s ...string) {
 }
 
 // SetCode set code
-func (e *response) SetCode(code int) {
-	e.Code = code
+func (e *response) SetCode(code int32) {
+	e.ErrorCode = strconv.Itoa(int(code))
 }
 
-func (e *response) SetStatus(status string) {
-	e.Status = status
+// SetSuccess set success
+func (e *response) SetSuccess(success bool) {
+	e.Success = success
 }
diff --git a/pkg/response/return.go b/pkg/response/return.go
index 53fde53..9d6d042 100644
--- a/pkg/response/return.go
+++ b/pkg/response/return.go
@@ -24,8 +24,8 @@ func Error(c *gin.Context, code int, err error, msg ...string) {
 	}
 	res.SetMsg(msg...)
 	res.SetTraceID(pkg.GenerateMsgIDFromContext(c))
-	res.SetCode(code)
-	res.SetStatus("error")
+	res.SetCode(int32(code))
+	res.SetSuccess(false)
 	c.Set("result", res)
 	c.Set("status", code)
 	c.AbortWithStatusJSON(code, res)
@@ -35,20 +35,22 @@ func Error(c *gin.Context, code int, err error, msg ...string) {
 func OK(c *gin.Context, data interface{}, msg ...string) {
 	checkContext(c)
 	res := Default.Clone()
-	res.SetList(data)
+	res.SetData(data)
+	res.SetSuccess(true)
+	res.SetMsg(msg...)
 	res.SetTraceID(pkg.GenerateMsgIDFromContext(c))
 	switch c.Request.Method {
 	case http.MethodDelete:
 		res.SetCode(http.StatusNoContent)
-		c.AbortWithStatusJSON(http.StatusNoContent, data)
+		c.AbortWithStatusJSON(http.StatusNoContent, res)
 		return
 	case http.MethodPost:
 		res.SetCode(http.StatusCreated)
-		c.AbortWithStatusJSON(http.StatusCreated, data)
+		c.AbortWithStatusJSON(http.StatusCreated, res)
 		return
 	default:
 		res.SetCode(http.StatusOK)
-		c.AbortWithStatusJSON(http.StatusOK, data)
+		c.AbortWithStatusJSON(http.StatusOK, res)
 	}
 }
 
@@ -59,10 +61,10 @@ func PageOK(c *gin.Context, result interface{}, count int64, pageIndex int64, pa
 	res.Count = count
 	res.Current = pageIndex
 	res.PageSize = pageSize
-	res.response.SetList(result)
-	//res.response.SetMsg(msg...)
+	res.response.SetData(result)
+	res.response.SetMsg(msg...)
 	res.response.SetTraceID(pkg.GenerateMsgIDFromContext(c))
-	//res.response.SetCode(http.StatusOK)
+	res.response.SetCode(http.StatusOK)
 	c.Set("result", res)
 	c.Set("status", http.StatusOK)
 	c.AbortWithStatusJSON(http.StatusOK, res)
diff --git a/pkg/response/type.go b/pkg/response/type.go
index bea67a5..e06f258 100644
--- a/pkg/response/type.go
+++ b/pkg/response/type.go
@@ -9,10 +9,10 @@ package response
 
 // Responses responses
 type Responses interface {
-	SetCode(int)
+	SetCode(int32)
 	SetTraceID(string)
 	SetMsg(...string)
-	SetList(interface{})
-	SetStatus(string)
+	SetData(interface{})
+	SetSuccess(bool)
 	Clone() Responses
 }
diff --git a/pkg/security/security.go b/pkg/security/security.go
index 9703128..732a0e9 100644
--- a/pkg/security/security.go
+++ b/pkg/security/security.go
@@ -14,5 +14,5 @@ type Verifier interface {
 	GetRoleID() string
 	GetEmail() string
 	GetUsername() string
-	Verify() (bool, Verifier, error)
+	Verify(tenantID string, username string, password string) (bool, Verifier, error)
 }
diff --git a/pkg/store/oauth2.go b/pkg/store/oauth2.go
deleted file mode 100644
index 4568d80..0000000
--- a/pkg/store/oauth2.go
+++ /dev/null
@@ -1,32 +0,0 @@
-package store
-
-/*
- * @Author: lwnmengjing<lwnmengjing@qq.com>
- * @Date: 2022/4/21 17:20
- * @Last Modified by: lwnmengjing<lwnmengjing@qq.com>
- * @Last Modified time: 2022/4/21 17:20
- */
-
-import (
-	"context"
-
-	"golang.org/x/oauth2"
-)
-
-// DefaultOAuth2Store default oauth2 store
-var DefaultOAuth2Store OAuth2Store
-
-// OAuth2Store is the interface for OAuth2 configuration.
-type OAuth2Store interface {
-	GetClientByDomain(c context.Context, domain string) (OAuth2Configure, error)
-}
-
-// OAuth2Configure is the interface for OAuth2 configuration.
-type OAuth2Configure interface {
-	GetOAuth2Config(c context.Context) (*oauth2.Config, error)
-	GetIssuer() string
-	GetClientID() string
-	GetClientSecret() string
-	GetRedirectURL() string
-	GetScopes() []string
-}