diff --git a/pom.xml b/pom.xml
index 1145d6d..ca98066 100644
--- a/pom.xml
+++ b/pom.xml
@@ -22,6 +22,9 @@
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 		<java.version>1.8</java.version>
+		<swagger2.version>2.9.2</swagger2.version>
+		<swagger-models.version>1.6.0</swagger-models.version>
+		<swagger-annotations.version>1.6.0</swagger-annotations.version>
 	</properties>
 
 	<dependencies>
@@ -49,6 +52,59 @@
 			<artifactId>spring-boot-starter-test</artifactId>
 			<scope>test</scope>
 		</dependency>
+		<!-- https://mvnrepository.com/artifact/org.mybatis/mybatis -->
+		<dependency>
+			<groupId>org.mybatis</groupId>
+			<artifactId>mybatis</artifactId>
+			<version>3.5.6</version>
+		</dependency>
+		<dependency>
+			<groupId>org.mybatis.spring.boot</groupId>
+			<artifactId>mybatis-spring-boot-starter</artifactId>
+			<!--版本1.2.0否则无效-->
+			<version>1.2.0</version>
+		</dependency>
+		<!--
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.thymeleaf.extras</groupId>
+			<artifactId>thymeleaf-extras-springsecurity5</artifactId>
+			<version>3.0.4.RELEASE</version>
+		</dependency>
+		-->
+		<!--Swagger-UI API文档生产工具-->
+		<dependency>
+			<groupId>io.springfox</groupId>
+			<artifactId>springfox-swagger2</artifactId>
+			<version>${swagger2.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>io.springfox</groupId>
+			<artifactId>springfox-swagger-ui</artifactId>
+			<version>${swagger2.version}</version>
+		</dependency>
+		<!--解决Swagger 2.9.2版本NumberFormatException-->
+		<dependency>
+			<groupId>io.swagger</groupId>
+			<artifactId>swagger-models</artifactId>
+			<version>${swagger-models.version}</version>
+		</dependency>
+		<dependency>
+			<groupId>io.swagger</groupId>
+			<artifactId>swagger-annotations</artifactId>
+			<version>${swagger-annotations.version}</version>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+			<version>2.0.1.RELEASE</version>
+		</dependency>
+
 	</dependencies>
 
 	<build>
@@ -59,6 +115,4 @@
 			</plugin>
 		</plugins>
 	</build>
-
-
 </project>
diff --git a/src/main/java/com/example/easynotes/EasyNotesApplication.java b/src/main/java/com/example/easynotes/EasyNotesApplication.java
index af3b8dd..592a877 100644
--- a/src/main/java/com/example/easynotes/EasyNotesApplication.java
+++ b/src/main/java/com/example/easynotes/EasyNotesApplication.java
@@ -1,11 +1,16 @@
 package com.example.easynotes;
 
+import com.example.easynotes.model.User;
+import org.apache.ibatis.type.MappedTypes;
+import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
 
 @SpringBootApplication
 @EnableJpaAuditing
+@MappedTypes(User.class)
+@MapperScan("com.example.easynotes.mappers")
 public class EasyNotesApplication {
 
 	public static void main(String[] args) {
diff --git a/src/main/java/com/example/easynotes/adapters/SecurityConfig.java b/src/main/java/com/example/easynotes/adapters/SecurityConfig.java
new file mode 100644
index 0000000..e9d7281
--- /dev/null
+++ b/src/main/java/com/example/easynotes/adapters/SecurityConfig.java
@@ -0,0 +1,34 @@
+package com.example.easynotes.adapters;
+
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+/**
+ * @EnableWebSecurity：此注解会启用Spring Security
+ */
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    /**
+     * 1）HttpSecurity支持cors。
+     * 2）默认会启用CRSF，此处因为没有使用thymeleaf模板（会自动注入_csrf参数），
+     * 要先禁用csrf，否则登录时需要_csrf参数，而导致登录失败。
+     * 3）antMatchers：匹配 "/" 路径，不需要权限即可访问，匹配 "/user" 及其以下所有路径，
+     *  都需要 "USER" 权限
+     * 4）配置登录地址和退出地址
+     */
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .cors().and()
+                .csrf().disable()
+                .authorizeRequests()
+                .antMatchers("/").permitAll()
+                .antMatchers("/user/**").hasRole("USER")
+                .and()
+                .formLogin().loginPage("/login").defaultSuccessUrl("/hello")
+                .and()
+                .logout().logoutUrl("/logout").logoutSuccessUrl("/login");
+    }
+}
diff --git a/src/main/java/com/example/easynotes/controller/UserController.java b/src/main/java/com/example/easynotes/controller/UserController.java
new file mode 100644
index 0000000..891d4e4
--- /dev/null
+++ b/src/main/java/com/example/easynotes/controller/UserController.java
@@ -0,0 +1,35 @@
+package com.example.easynotes.controller;
+
+import com.example.easynotes.exception.ResourceNotFoundException;
+import com.example.easynotes.model.Note;
+import com.example.easynotes.model.User;
+import com.example.easynotes.services.UserService;
+import io.swagger.annotations.ApiOperation;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+
+@RestController
+@RequestMapping("/users")
+public class UserController {
+    @Autowired
+    private UserService userService;
+
+    @ApiOperation("批量删除角色")
+    @RequestMapping(value = "/delete", method = RequestMethod.DELETE)
+    @ResponseBody
+    public String delete(@RequestParam("ids") Long id) {
+        int count = userService.delete(id);
+        if (count > 0) {
+            return "Success";
+        }
+        return "Failed";
+    }
+    @GetMapping("/all")
+    public List<User> findAll(){
+        return userService.findAll();
+    }
+}
diff --git a/src/main/java/com/example/easynotes/mappers/UserMapper.java b/src/main/java/com/example/easynotes/mappers/UserMapper.java
new file mode 100644
index 0000000..100ebd3
--- /dev/null
+++ b/src/main/java/com/example/easynotes/mappers/UserMapper.java
@@ -0,0 +1,16 @@
+package com.example.easynotes.mappers;
+
+import com.example.easynotes.model.User;
+import org.apache.ibatis.annotations.Delete;
+import org.apache.ibatis.annotations.Mapper;
+import org.apache.ibatis.annotations.Select;
+
+import java.util.List;
+
+@Mapper
+public interface UserMapper {
+    @Select("select * from users")
+    public List<User> getUserList();
+    @Delete("delete from users where id = #{id, jdbcType=BIGINT}")
+    public int deleteByPrimaryKey(Long id);
+}
diff --git a/src/main/java/com/example/easynotes/model/User.java b/src/main/java/com/example/easynotes/model/User.java
new file mode 100644
index 0000000..2d09f9f
--- /dev/null
+++ b/src/main/java/com/example/easynotes/model/User.java
@@ -0,0 +1,61 @@
+package com.example.easynotes.model;
+
+import io.swagger.annotations.ApiModelProperty;
+
+import java.io.Serializable;
+
+public class User implements Serializable {
+    Long id;
+
+    @ApiModelProperty(value = "Email")
+    String email;
+    @ApiModelProperty(value = "User Name")
+    String userName;
+
+    String password;
+
+    public Long getId() {
+        return id;
+    }
+
+    public void setId(Long id) {
+        this.id = id;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getUserName() {
+        return userName;
+    }
+
+    public void setUserName(String userName) {
+        this.userName = userName;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    @Override
+    public String toString() {
+        StringBuilder sb = new StringBuilder();
+        sb.append(getClass().getSimpleName());
+        sb.append(" [");
+        sb.append("Hash = ").append(hashCode());
+        sb.append(", id=").append(id);
+        sb.append(", email=").append(email);
+        sb.append(", username=").append(userName);
+        sb.append("]");
+        return sb.toString();
+    }
+}
diff --git a/src/main/java/com/example/easynotes/services/UserService.java b/src/main/java/com/example/easynotes/services/UserService.java
new file mode 100644
index 0000000..524093d
--- /dev/null
+++ b/src/main/java/com/example/easynotes/services/UserService.java
@@ -0,0 +1,25 @@
+package com.example.easynotes.services;
+
+import com.example.easynotes.model.User;
+
+import java.util.List;
+
+public interface UserService {
+    /**
+     * create users
+     */
+    int create(User user);
+    /**
+     * update user
+     */
+    int update(Long id, User user);
+    /**
+     * delete users
+     */
+    int delete(Long id);
+
+    /**
+     * find all users
+     */
+    List<User> findAll();
+}
diff --git a/src/main/java/com/example/easynotes/services/impl/UserServiceImpl.java b/src/main/java/com/example/easynotes/services/impl/UserServiceImpl.java
new file mode 100644
index 0000000..6ef5ba6
--- /dev/null
+++ b/src/main/java/com/example/easynotes/services/impl/UserServiceImpl.java
@@ -0,0 +1,43 @@
+package com.example.easynotes.services.impl;
+
+import com.example.easynotes.mappers.UserMapper;
+import com.example.easynotes.model.User;
+import com.example.easynotes.services.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+
+@Service
+public class UserServiceImpl implements UserService {
+    @Autowired
+    private UserMapper userMapper;
+
+    @Override
+    public List<User> findAll() {
+        return userMapper.getUserList();
+    }
+
+    @Override
+    public int create(User user) {
+        return 0;
+    }
+
+    @Override
+    public int update(Long id, User user) {
+        return 0;
+    }
+
+    @Override
+    public int delete(Long id) {
+        int count = userMapper.deleteByPrimaryKey(id);
+        return count;
+    }
+
+    private void encryptPassword(User userInfo){
+        String password = userInfo.getPassword();
+        password = new BCryptPasswordEncoder().encode(password);
+        userInfo.setPassword(password);
+    }
+}
diff --git a/src/main/java/com/example/easynotes/testForGitIngore.java b/src/main/java/com/example/easynotes/testForGitIngore.java
new file mode 100644
index 0000000..844bb4d
--- /dev/null
+++ b/src/main/java/com/example/easynotes/testForGitIngore.java
@@ -0,0 +1,4 @@
+package com.example.easynotes;
+
+public class testForGitIngore {
+}
diff --git a/src/main/resources/Mappers/MyMapper.xml b/src/main/resources/Mappers/MyMapper.xml
new file mode 100644
index 0000000..5f31726
--- /dev/null
+++ b/src/main/resources/Mappers/MyMapper.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper
+        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<!-- mapper:根标签，namespace：命名空间，随便写，一般保证命名空间唯一 -->
+<mapper namespace="MyMapper">
+    <!-- statement，内容：sql语句。id：唯一标识，随便写，在同一个命名空间下保持唯一
+       resultType：sql语句查询结果集的封装类型,tb_user即为数据库中的表
+     -->
+    <select id="selectUser" resultType="com.zpc.mybatis.User">
+        select * from tb_user where id = #{id}
+    </select>
+</mapper>
\ No newline at end of file
diff --git a/src/main/resources/Mappers/UserMapper.xml b/src/main/resources/Mappers/UserMapper.xml
new file mode 100644
index 0000000..83c002b
--- /dev/null
+++ b/src/main/resources/Mappers/UserMapper.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE mapper
+        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<!-- mapper:根标签，namespace：命名空间，随便写，一般保证命名空间唯一 -->
+<mapper namespace="com.example.easynotes.mappers.UserMapper">
+    <!-- statement，内容：sql语句。id：唯一标识，随便写，在同一个命名空间下保持唯一
+       resultType：sql语句查询结果集的封装类型,tb_user即为数据库中的表
+     -->
+    <select id="getUserList" resultType="com.zpc.mybatis.User">
+        select * from users
+    </select>
+    <delete id="deleteByPrimaryKey" parameterType="java.lang.Long">
+        delete from users
+        where id = #{id, jdbcType=BIGINT}
+    </delete>
+</mapper>
\ No newline at end of file
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
deleted file mode 100644
index d357d46..0000000
--- a/src/main/resources/application.properties
+++ /dev/null
@@ -1,13 +0,0 @@
-## Spring DATASOURCE (DataSourceAutoConfiguration & DataSourceProperties)
-spring.datasource.url = jdbc:mysql://localhost:3306/notes_app?useSSL=false&serverTimezone=UTC&useLegacyDatetimeCode=false
-spring.datasource.username = root
-spring.datasource.password = callicoder
-
-
-## Hibernate Properties
-
-# The SQL dialect makes Hibernate generate better SQL for the chosen database
-spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.MySQL5InnoDBDialect
-
-# Hibernate ddl auto (create, create-drop, validate, update)
-spring.jpa.hibernate.ddl-auto = update
\ No newline at end of file
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
new file mode 100644
index 0000000..11a997f
--- /dev/null
+++ b/src/main/resources/application.yml
@@ -0,0 +1,14 @@
+spring:
+  datasource:
+    url: jdbc:mysql://localhost:3306/notes_app?allowPublicKeyRetrieval=true&useSSL=false&serverTimezone=UTC&useLegacyDatetimeCode=false
+    username: root
+    password: password
+    druid:
+      initial-size: 5 #连接池初始化大小
+      min-idle: 10 #最小空闲连接数
+      max-active: 20 #最大连接数
+      web-stat-filter:
+        exclusions: "*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid/*" #不统计这些请求数据
+      stat-view-servlet: #访问监控网页的登录用户名和密码
+        login-username: druid
+        login-password: druid
\ No newline at end of file
diff --git a/src/main/resources/mybatis-config.xml b/src/main/resources/mybatis-config.xml
new file mode 100644
index 0000000..0fe0748
--- /dev/null
+++ b/src/main/resources/mybatis-config.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE configuration
+        PUBLIC "-//mybatis.org//DTD Config 3.0//EN"
+        "http://mybatis.org/dtd/mybatis-3-config.dtd">
+<!-- 根标签 -->
+<configuration>
+    <properties>
+        <property name="driver" value="com.mysql.jdbc.Driver"/>
+        <property name="url" value="jdbc:mysql://127.0.0.1:3306/notes_app?useUnicode=true&amp;characterEncoding=utf-8&amp;allowMultiQueries=true"/>
+        <property name="username" value="root"/>
+        <property name="password" value="password"/>
+    </properties>
+
+    <!-- 环境，可以配置多个，default：指定采用哪个环境 -->
+    <environments default="test">
+        <!-- id：唯一标识 -->
+        <environment id="test">
+            <!-- 事务管理器，JDBC类型的事务管理器 -->
+            <transactionManager type="JDBC" />
+            <!-- 数据源，池类型的数据源 -->
+            <dataSource type="POOLED">
+                <property name="driver" value="com.mysql.jdbc.Driver" />
+                <property name="url" value="jdbc:mysql://127.0.0.1:3306/mybatis_test" />
+                <property name="username" value="root" />
+                <property name="password" value="password" />
+            </dataSource>
+        </environment>
+        <environment id="development">
+            <!-- 事务管理器，JDBC类型的事务管理器 -->
+            <transactionManager type="JDBC" />
+            <!-- 数据源，池类型的数据源 -->
+            <dataSource type="POOLED">
+                <property name="driver" value="${driver}" /> <!-- 配置了properties，所以可以直接引用 -->
+                <property name="url" value="${url}" />
+                <property name="username" value="${username}" />
+                <property name="password" value="${password}" />
+            </dataSource>
+        </environment>
+    </environments>
+</configuration>
\ No newline at end of file