diff --git a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/controller/auth/SysAuthController.java b/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/controller/auth/SysAuthController.java
index fbca500f7..5eb0e533d 100644
--- a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/controller/auth/SysAuthController.java
+++ b/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/controller/auth/SysAuthController.java
@@ -81,19 +81,6 @@ public class SysAuthController {
         return CommonResult.success(socialService.getAuthorizeUrl(type, redirectUri));
     }
 
-    // TODO @timfruit：这个接口，是要删除的么？
-    @GetMapping("/social-login-get")
-    @ApiOperation("微信公众号授权回调地址，输出social-login2的必要参数用于测试，使用 code 授权码")
-    @ResponseBody
-    @Deprecated
-    public CommonResult<MbrAuthSocialLoginReqVO> socialLoginGet(HttpServletRequest request,String code,String state) {
-        // 返回结果
-        MbrAuthSocialLoginReqVO reqVO = MbrAuthSocialLoginReqVO.builder().state(state).code(code).build();
-        reqVO.setType(12);
-        //输出social-login2的必要参数用于测试
-        System.out.println(JSON.toJSON(reqVO));
-        return success(reqVO);
-    }
 
     @PostMapping("/social-login")
     @ApiOperation("社交登录，使用 code 授权码")
@@ -102,10 +89,9 @@ public class SysAuthController {
         return success(SysAuthLoginRespVO.builder().token(token).build());
     }
 
-    // TODO @timfruit：社交登陆时，使用手机验证码来验证哈。这块我当时没设计好，改改，嘿嘿。
 
     @PostMapping("/social-login2")
-    @ApiOperation("社交登录，使用 code 授权码 + 账号密码")
+    @ApiOperation("社交登录，使用 手机号 + 手机验证码")
     public CommonResult<SysAuthLoginRespVO> socialLogin2(@RequestBody @Valid MbrAuthSocialLogin2ReqVO reqVO) {
         String token = authService.socialLogin2(reqVO, getClientIP(), getUserAgent());
         return success(SysAuthLoginRespVO.builder().token(token).build());
diff --git a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/controller/auth/vo/MbrAuthSocialLogin2ReqVO.java b/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/controller/auth/vo/MbrAuthSocialLogin2ReqVO.java
index 584df7ed1..1da763ed3 100644
--- a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/controller/auth/vo/MbrAuthSocialLogin2ReqVO.java
+++ b/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/controller/auth/vo/MbrAuthSocialLogin2ReqVO.java
@@ -34,15 +34,16 @@ public class MbrAuthSocialLogin2ReqVO {
     @NotEmpty(message = "state 不能为空")
     private String state;
 
-    @ApiModelProperty(value = "账号", required = true, example = "yudaoyuanma")
-    @NotEmpty(message = "登录账号不能为空")
-    @Length(min = 4, max = 16, message = "账号长度为 4-16 位")
-    @Pattern(regexp = "^[A-Za-z0-9]+$", message = "账号格式为数字以及字母")
-    private String username;
+    @ApiModelProperty(value = "手机号", required = true, example = "15119100000")
+    @NotEmpty(message = "手机号不能为空")
+    @Length(min = 11, max = 11, message = "手机号是11位数字")
+    private String mobile;
+
+    @ApiModelProperty(value = "手机验证码", required = true, example = "1024")
+    @NotEmpty(message = "手机验证码不能为空")
+    @Length(min = 4, max = 6, message = "手机验证码长度为 4-6 位")
+    @Pattern(regexp = "^[0-9]+$", message = "手机验证码必须都是数字")
+    private String smsCode;
 
-    @ApiModelProperty(value = "密码", required = true, example = "buzhidao")
-    @NotEmpty(message = "密码不能为空")
-    @Length(min = 4, max = 16, message = "密码长度为 4-16 位")
-    private String password;
 
 }
diff --git a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/service/auth/SysAuthService.java b/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/service/auth/SysAuthService.java
index 628f95c80..3b6b73691 100644
--- a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/service/auth/SysAuthService.java
+++ b/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/service/auth/SysAuthService.java
@@ -46,7 +46,7 @@ public interface SysAuthService extends SecurityAuthFrameworkService {
     String socialLogin(@Valid MbrAuthSocialLoginReqVO reqVO, String userIp, String userAgent);
 
     /**
-     * 社交登录，使用 code 授权码 + 账号密码
+     * 社交登录，使用 手机号 + 手机验证码
      *
      * @param reqVO 登录信息
      * @param userIp 用户 IP
diff --git a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/service/auth/impl/SysAuthServiceImpl.java b/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/service/auth/impl/SysAuthServiceImpl.java
index c5c512890..bd9100b85 100644
--- a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/service/auth/impl/SysAuthServiceImpl.java
+++ b/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/system/service/auth/impl/SysAuthServiceImpl.java
@@ -140,19 +140,21 @@ public class SysAuthServiceImpl implements SysAuthService {
 
     @Override
     public String socialLogin2(MbrAuthSocialLogin2ReqVO reqVO, String userIp, String userAgent) {
-        // 使用 code 授权码，进行登录
         AuthUser authUser = socialService.getAuthUser(reqVO.getType(), reqVO.getCode(), reqVO.getState());
         org.springframework.util.Assert.notNull(authUser, "授权用户不为空");
 
-        // 使用账号密码，进行登录。
-        LoginUser loginUser = this.login0(reqVO.getUsername(), reqVO.getPassword());
-//        loginUser.setRoleIds(this.getUserRoleIds(loginUser.getId())); // 获取用户角色列表
+        // 使用手机号、手机验证码登录
+        SysAuthSmsLoginReqVO loginReqVO = SysAuthSmsLoginReqVO
+                .builder()
+                .mobile(reqVO.getMobile())
+                .code(reqVO.getSmsCode())
+                .build();
+        String sessionId = this.smsLogin(loginReqVO, userIp, userAgent);
+        LoginUser loginUser = userSessionCoreService.getLoginUser(sessionId);
 
         // 绑定社交用户（新增）
         socialService.bindSocialUser(loginUser.getId(), reqVO.getType(), authUser, USER_TYPE_ENUM);
-
-        // 缓存登录用户到 Redis 中，返回 sessionId 编号
-        return userSessionCoreService.createUserSession(loginUser, userIp, userAgent);
+        return sessionId;
     }
 
     @Override
diff --git a/yudao-user-server/src/main/resources/static/social-login.html b/yudao-user-server/src/main/resources/static/social-login.html
index 2570d7084..7cf09f00e 100644
--- a/yudao-user-server/src/main/resources/static/social-login.html
+++ b/yudao-user-server/src/main/resources/static/social-login.html
@@ -13,14 +13,16 @@
 </div>
 </body>
 <script>
-    let server = 'http://127.0.0.1:28080';
+    // let server = 'http://127.0.0.1:28080';
+    let server = 'http://192.168.1.2:28080';
+
 
     // 微信公众号
     $( "#wx_pub").on( "click", function() {
         // 获得授权链接
         $.ajax({
             url: server + "/api/social-auth-redirect?type=31&redirectUri=" +
-                encodeURIComponent(server + '/api/social-login-get'),
+                encodeURIComponent(server + '/static/social-login2.html'),  //重定向地址
             method: 'GET',
             success: function( result ) {
                 if (result.code !== 0) {
diff --git a/yudao-user-server/src/main/resources/static/social-login2.html b/yudao-user-server/src/main/resources/static/social-login2.html
new file mode 100644
index 000000000..23e35b4de
--- /dev/null
+++ b/yudao-user-server/src/main/resources/static/social-login2.html
@@ -0,0 +1,87 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no"/>
+    <title>社交登陆测试页</title>
+    <script src="https://cdn.bootcdn.net/ajax/libs/jquery/3.6.0/jquery.js"></script>
+</head>
+<body>
+<div>点击如下按钮，授权登录</div>
+<div>
+    手机号<input id="mobile" value="15601691300"><br>
+    手机验证码<input id="smsCode">
+    <button id="send_sms_code">发送手机验证码</button>
+    <br>
+    <button id="wx_pub">微信公众号授权登录</button>
+</div>
+</body>
+<script>
+    // let server = 'http://127.0.0.1:28080';
+    let server = 'http://192.168.1.2:28080';
+
+    let type = 31; //登录类型 微信公众号
+
+    // 微信公众号
+    $("#wx_pub").on("click", function () {
+        let code = getUrlParam("code"); // 访问授权连接后，会回调本页面地址，参数在本页面url后面
+        let state = getUrlParam("state");
+        console.log("获取code: " + code + ", state: " + state)
+
+        let data = {
+            'mobile': $('#mobile').val(),
+            'smsCode': $('#smsCode').val(),
+            'code': code,
+            'state': state,
+            'type': type
+        }
+
+        // 调用授权登录接口
+        $.ajax({
+            url: server + "/api/social-login2",
+            method: 'POST',
+            data: JSON.stringify(data),
+            contentType: "application/json;charset=utf-8",
+            dataType: "json",
+            success: function( result ) {
+                if (result.code !== 0) {
+                    alert('调用授权登录接口失败，原因：' + result.msg)
+                    return;
+                }
+                alert("授权登录成功, token: "+result.data.token)
+            }
+        })
+    });
+
+    // 发送手机验证码
+    $("#send_sms_code").on("click", function () {
+        let data = {
+            'mobile': $('#mobile').val(),
+            'scene': 1 // 手机号登陆 类型
+        }
+        $.ajax({
+            url: server + "/api/send-sms-code",
+            method: 'POST',
+            data: JSON.stringify(data),
+            contentType: "application/json;charset=utf-8",
+            dataType: "json",
+            success: function (result) {
+                if (result.code !== 0) {
+                    alert('发送手机验证码失败，原因：' + result.msg)
+                    return;
+                }
+                alert("发送成功, 请查看日志");
+            }
+        })
+    })
+
+
+    //获取url中的参数
+    function getUrlParam(name) {
+        var reg = new RegExp("(^|&)" + name + "=([^&]*)(&|$)"); //构造一个含有目标参数的正则表达式对象
+        var r = window.location.search.substr(1).match(reg);  //匹配目标参数
+        if (r != null) return unescape(r[2]);
+        return null; //返回参数值
+    }
+</script>
+</html>