diff --git a/app/index/controller/UserController.php b/app/index/controller/UserController.php
index 40a01c0..09603d3 100644
--- a/app/index/controller/UserController.php
+++ b/app/index/controller/UserController.php
@@ -9,6 +9,8 @@ use \think\facade\Log;
 use \think\facade\Cache;
 use PHPMailer\PHPMailer\PHPMailer;
 use think\Response;
+use app\index\model\UserMessage;
+use app\index\model\SystemNotice;
 
 class UserController extends BaseController
 {
@@ -141,14 +143,22 @@ class UserController extends BaseController
     {
         try {
             Log::record('用户退出登录', 'info');
-            
+
             // 清除所有会话和缓存数据
             session(null);
             Cache::tag('user_cache')->clear();
-            
+
             // 清除所有cookie
-            $cookies = ['user_id', 'user_account', 'user_name', 'user_avatar', 
-                       'expire_time', 'is_auto_login', 'auto_login_attempted', 'PHPSESSID'];
+            $cookies = [
+                'user_id',
+                'user_account',
+                'user_name',
+                'user_avatar',
+                'expire_time',
+                'is_auto_login',
+                'auto_login_attempted',
+                'PHPSESSID'
+            ];
             foreach ($cookies as $cookie) {
                 cookie($cookie, null, ['expire' => -1]);
             }
@@ -408,4 +418,218 @@ class UserController extends BaseController
         }
     }
 
+    /**
+     * 获取系统通知列表
+     */
+    public function getNotifications()
+    {
+        // 检查用户是否登录
+        if (!cookie('user_account')) {
+            return json(['code' => 1, 'msg' => '请先登录']);
+        }
+
+        $type = $this->request->get('type', 'all'); // 获取通知类型：all, unread, read
+        $userId = cookie('user_id');
+
+        try {
+            // 构建查询条件
+            $where = [
+                ['status', '=', 1] // 只获取启用的通知
+            ];
+
+            // 查询系统通知
+            $notices = SystemNotice::where($where)
+                ->order('is_top', 'desc') // 置顶的排在前面
+                ->order('create_time', 'desc')
+                ->select();
+
+            // 格式化数据
+            $data = [];
+            foreach ($notices as $notice) {
+                // 检查用户是否已读该通知
+                $isRead = SystemNotice::where([
+                    ['user_id', '=', $userId],
+                    ['notice_id', '=', $notice->id],
+                    ['is_read', '=', 1]
+                ])->find();
+
+                // 根据type过滤
+                if ($type == 'unread' && $isRead)
+                    continue;
+                if ($type == 'read' && !$isRead)
+                    continue;
+
+                $data[] = [
+                    'id' => $notice->id,
+                    'title' => $notice->title,
+                    'content' => $notice->content,
+                    'type' => $notice->type,
+                    'is_top' => $notice->is_top,
+                    'is_read' => $isRead ? 1 : 0,
+                    'create_time' => date('Y-m-d H:i:s', $notice->create_time)
+                ];
+            }
+
+            return json(['code' => 0, 'msg' => '获取成功', 'data' => $data]);
+        } catch (\Exception $e) {
+            return json(['code' => 1, 'msg' => '获取失败：' . $e->getMessage()]);
+        }
+    }
+
+    /**
+     * 查看通知详情
+     */
+    public function readNotification()
+    {
+        // 检查用户是否登录
+        if (!cookie('user_account')) {
+            return json(['code' => 1, 'msg' => '请先登录']);
+        }
+
+        $data = $this->request->post();
+        $noticeId = $data['id'] ?? 0;
+        $userId = cookie('user_id');
+
+        try {
+            // 查询通知
+            $notice = SystemNotice::where('id', $noticeId)
+                ->where('status', 1)
+                ->find();
+
+            if (!$notice) {
+                return json(['code' => 1, 'msg' => '通知不存在']);
+            }
+
+            // 记录用户已读状态
+            $message = SystemNotice::where([
+                ['user_id', '=', $userId],
+                ['notice_id', '=', $noticeId]
+            ])->find();
+
+            if (!$message) {
+                // 创建新的已读记录
+                $message = new SystemNotice;
+                $message->user_id = $userId;
+                $message->notice_id = $noticeId;
+                $message->is_read = 1;
+                $message->read_time = time();
+                $message->save();
+            } elseif (!$message->is_read) {
+                // 更新已读状态
+                $message->is_read = 1;
+                $message->read_time = time();
+                $message->save();
+            }
+
+            return json(['code' => 0, 'msg' => '操作成功']);
+        } catch (\Exception $e) {
+            return json(['code' => 1, 'msg' => '操作失败：' . $e->getMessage()]);
+        }
+    }
+
+    /**
+     * 通知详情页面
+     */
+    public function notificationDetail()
+    {
+        // 检查用户是否登录
+        if (!cookie('user_account')) {
+            return redirect('/index/user/login');
+        }
+
+        $noticeId = $this->request->get('id');
+        $userId = cookie('user_id');
+
+        try {
+            // 查询通知
+            $notice = SystemNotice::where('id', $noticeId)
+                ->where('status', 1)
+                ->find();
+
+            if (!$notice) {
+                return $this->error('通知不存在');
+            }
+
+            // 记录用户已读状态
+            $message = SystemNotice::where([
+                ['user_id', '=', $userId],
+                ['notice_id', '=', $noticeId]
+            ])->find();
+
+            if (!$message) {
+                // 创建新的已读记录
+                $message = new SystemNotice;
+                $message->user_id = $userId;
+                $message->notice_id = $noticeId;
+                $message->is_read = 1;
+                $message->read_time = time();
+                $message->save();
+            } elseif (!$message->is_read) {
+                // 更新已读状态
+                $message->is_read = 1;
+                $message->read_time = time();
+                $message->save();
+            }
+
+            // 增加查看次数
+            $notice->view_count = $notice->view_count + 1;
+            $notice->save();
+
+            View::assign('notice', $notice);
+            return $this->fetch('notification_detail');
+        } catch (\Exception $e) {
+            return $this->error('获取通知详情失败：' . $e->getMessage());
+        }
+    }
+
+    //修改密码
+    public function updatePassword()
+    {
+        // 检查用户是否登录
+        if (!cookie('user_account')) {
+            return redirect('/index/user/login');
+        }
+
+        // 获取用户信息
+        $user = Users::where('account', cookie('user_account'))->find();
+        if (!$user) {
+            return redirect('/index/user/login');
+        }
+
+        // 如果是GET请求，显示修改密码页面
+        if ($this->request->isGet()) {
+            return $this->fetch();
+        }
+
+        // 如果是POST请求，处理密码修改
+        if ($this->request->isPost()) {
+            $data = $this->request->post();
+
+            // 验证旧密码
+            if ($user->password !== md5($data['old_password'])) {
+                return json(['code' => 1, 'msg' => '旧密码错误']);
+            }
+
+            // 验证新密码
+            if ($data['new_password'] !== $data['confirm_password']) {
+                return json(['code' => 1, 'msg' => '两次输入的密码不一致']);
+            }
+
+            // 更新密码
+            $user->password = md5($data['new_password']);
+            $user->update_time = time();
+
+            if ($user->save()) {
+                // 清除登录状态
+                cookie('user_id', null, ['expire' => -1]);
+                cookie('user_account', null, ['expire' => -1]);
+                cookie('user_name', null, ['expire' => -1]);
+                cookie('user_avatar', null, ['expire' => -1]);
+
+                return json(['code' => 0, 'msg' => '密码修改成功，请重新登录']);
+            } else {
+                return json(['code' => 1, 'msg' => '密码修改失败']);
+            }
+        }
+    }
 }
diff --git a/app/index/view/user/component/security.php b/app/index/view/user/component/security.php
index b6b416c..a564c88 100644
--- a/app/index/view/user/component/security.php
+++ b/app/index/view/user/component/security.php
@@ -1,6 +1,6 @@
 <div class="security-section">
     <h2 class="section-title">安全设置</h2>
-    
+
     <form class="layui-form" lay-filter="securityForm">
         <div class="layui-form-item">
             <label class="layui-form-label">登录密码</label>
@@ -8,7 +8,7 @@
                 <button type="button" class="layui-btn" onclick="changePassword()">修改密码</button>
             </div>
         </div>
-        
+
         <div class="layui-form-item">
             <label class="layui-form-label">手机绑定</label>
             <div class="layui-input-block">
@@ -18,87 +18,94 @@
                 </div>
             </div>
         </div>
-    
+
     </form>
 </div>
 
 <style>
-.security-section {
-    max-width: 800px;
-    margin: 0 auto;
-}
+    .security-section {
+        max-width: 800px;
+        margin: 0 auto;
+    }
 
-.section-title {
-    font-size: 20px;
-    font-weight: 600;
-    color: #333;
-    margin-bottom: 24px;
-    padding-bottom: 16px;
-    border-bottom: 1px solid #f0f0f0;
-}
+    .section-title {
+        font-size: 20px;
+        font-weight: 600;
+        color: #333;
+        margin-bottom: 24px;
+        padding-bottom: 16px;
+        border-bottom: 1px solid #f0f0f0;
+    }
 
-.phone-info, .email-info {
-    display: flex;
-    align-items: center;
-    gap: 16px;
-}
+    .phone-info,
+    .email-info {
+        display: flex;
+        align-items: center;
+        gap: 16px;
+    }
 
-.layui-form-label {
-    width: 100px;
-}
-
-.layui-input-block {
-    margin-left: 130px;
-}
-
-@media (max-width: 768px) {
     .layui-form-label {
-        width: 80px;
+        width: 100px;
     }
-    
+
     .layui-input-block {
-        margin-left: 110px;
+        margin-left: 130px;
+    }
+
+    @media (max-width: 768px) {
+        .layui-form-label {
+            width: 80px;
+        }
+
+        .layui-input-block {
+            margin-left: 110px;
+        }
     }
-}
 </style>
 
 <script>
-layui.use(['form', 'layer'], function(){
-    var form = layui.form;
-    var layer = layui.layer;
-    
-    // 加载用户安全信息
-    loadSecurityInfo();
-});
+    layui.use(['form', 'layer'], function () {
+        var form = layui.form;
+        var layer = layui.layer;
 
-// 加载安全信息
-function loadSecurityInfo() {
-    fetch('/index/user/getSecurityInfo')
-        .then(response => response.json())
-        .then(data => {
-            if(data.code === 0) {
-                document.getElementById('phoneNumber').textContent = data.data.phone || '未绑定';
+        // 加载用户安全信息
+        loadSecurityInfo();
+    });
+
+    // 加载安全信息
+    function loadSecurityInfo() {
+        fetch('/index/user/getSecurityInfo')
+            .then(response => response.json())
+            .then(data => {
+                if (data.code === 0) {
+                    document.getElementById('phoneNumber').textContent = data.data.phone || '未绑定';
+                }
+            });
+    }
+
+    // 修改密码
+    function changePassword() {
+        layer.open({
+            type: 2,
+            title: '修改密码',
+            area: ['500px', '400px'],
+            content: '/index/user/updatePassword',
+            end: function () {
+                // 检查是否需要跳转到登录页
+                if (window.needRedirect) {
+                    window.location.href = '/index/user/login';
+                }
             }
         });
-}
+    }
 
-// 修改密码
-function changePassword() {
-    layer.open({
-        type: 2,
-        title: '修改密码',
-        area: ['500px', '400px'],
-        content: '/index/user/component/password'
-    });
-}
-
-// 绑定手机
-function bindPhone() {
-    layer.open({
-        type: 2,
-        title: '绑定手机',
-        area: ['500px', '400px'],
-        content: '/index/user/component/bindPhone'
-    });
-}
-</script>
+    // 绑定手机
+    function bindPhone() {
+        layer.open({
+            type: 2,
+            title: '绑定手机',
+            area: ['500px', '400px'],
+            content: '/index/user/component/bindPhone'
+        });
+    }
+</script>
\ No newline at end of file
diff --git a/app/index/view/user/update_password.php b/app/index/view/user/update_password.php
new file mode 100644
index 0000000..6c70958
--- /dev/null
+++ b/app/index/view/user/update_password.php
@@ -0,0 +1,91 @@
+{include file="component/head" /}
+<form class="layui-form" action="/index/user/updatePassword" method="post">
+    <div class="layui-form-item">
+        <label class="layui-form-label">旧密码</label>
+        <div class="layui-input-block">
+            <input type="password" name="old_password" required lay-verify="required" placeholder="请输入旧密码"
+                autocomplete="off" class="layui-input">
+        </div>
+    </div>
+
+    <div class="layui-form-item">
+        <label class="layui-form-label">新密码</label>
+        <div class="layui-input-block">
+            <input type="password" name="new_password" required lay-verify="required|password" placeholder="请输入新密码"
+                autocomplete="off" class="layui-input">
+        </div>
+    </div>
+
+    <div class="layui-form-item">
+        <label class="layui-form-label">确认密码</label>
+        <div class="layui-input-block">
+            <input type="password" name="confirm_password" required lay-verify="required|confirmPassword"
+                placeholder="请再次输入新密码" autocomplete="off" class="layui-input">
+        </div>
+    </div>
+
+    <div class="layui-form-item">
+        <div class="layui-input-block">
+            <button class="layui-btn" lay-submit lay-filter="updatePassword">立即修改</button>
+            <button type="reset" class="layui-btn layui-btn-primary">重置</button>
+        </div>
+    </div>
+</form>
+
+<script>
+layui.use(['form', 'layer'], function () {
+    var form = layui.form;
+    var layer = layui.layer;
+    var $ = layui.$;
+
+    // 自定义验证规则
+    form.verify({
+        password: [
+            /^[\S]{6,20}$/,
+            '密码长度必须在6-20个字符之间'
+        ],
+        confirmPassword: function (value) {
+            var password = document.querySelector('input[name=new_password]').value;
+            if (value !== password) {
+                return '两次输入的密码不一致';
+            }
+        }
+    });
+
+    // 监听提交
+    form.on('submit(updatePassword)', function (data) {
+        // 显示加载中
+        var loadIndex = layer.load(2);
+        
+        $.ajax({
+            url: '/index/user/updatePassword',
+            type: 'POST',
+            data: data.field,
+            dataType: 'json',
+            success: function (res) {
+                layer.close(loadIndex);
+                if (res.code === 0) {
+                    layer.msg(res.msg, {
+                        icon: 1,
+                        time: 1000,
+                        end: function() {
+                            // 设置跳转标记
+                            parent.window.needRedirect = true;
+                            // 关闭当前弹窗
+                            var index = parent.layer.getFrameIndex(window.name);
+                            parent.layer.close(index);
+                        }
+                    });
+                } else {
+                    layer.msg(res.msg, { icon: 2 });
+                }
+            },
+            error: function() {
+                layer.close(loadIndex);
+                layer.msg('请求失败，请重试', { icon: 2 });
+            }
+        });
+        return false;  // 阻止表单默认提交
+    });
+});
+</script>
\ No newline at end of file