diff --git a/app/Console/Commands/SyncAlipayRechargeState.php b/app/Console/Commands/SyncAlipayRechargeState.php
index 1f7e9b6..5695cac 100644
--- a/app/Console/Commands/SyncAlipayRechargeState.php
+++ b/app/Console/Commands/SyncAlipayRechargeState.php
@@ -42,7 +42,7 @@ class SyncAlipayRechargeState extends Command
     {
         $threshold = 5;
         $offset_seconds = 40; //支付发起后多少秒开始轮询
-        $due_minutes = 10; //支付发起后第一次开始轮询的时间往后延迟5分钟后不再轮询
+        $due_minutes = 10; //支付发起后第一次开始轮询的时间往后延迟若干分钟后不再轮询
         $last_id = cache("last_sync_alipay_recharge_id", 0);
 
         DB::enableQueryLog();
diff --git a/app/Http/Controllers/Admin/StatisticsController.php b/app/Http/Controllers/Admin/StatisticsController.php
index aee76c3..8066377 100755
--- a/app/Http/Controllers/Admin/StatisticsController.php
+++ b/app/Http/Controllers/Admin/StatisticsController.php
@@ -39,6 +39,16 @@ class StatisticsController extends CommonController
         return $projects;
     }
 
+    public function getYears()
+    {
+        $start_year = config("start_year");
+        $years = [];
+        for ($i = date("Y"); $i >= $start_year; $i--) {
+            $years[] = $i;
+        }
+        view()->share(compact("years"));
+    }
+
     public function _getMonths()
     {
         $months = [];
diff --git a/app/Http/Controllers/Worker/AuthController.php b/app/Http/Controllers/Worker/AuthController.php
new file mode 100644
index 0000000..5c8c509
--- /dev/null
+++ b/app/Http/Controllers/Worker/AuthController.php
@@ -0,0 +1,138 @@
+<?php
+
+namespace App\Http\Controllers\Worker;
+
+use App\Models\Paramedic;
+use App\Worker;
+use App\Http\Controllers\Controller;
+use Illuminate\Support\Facades\DB;
+
+class AuthController extends Controller
+{
+
+    public $guardName = "worker";
+    public $authModel;
+
+    public function __construct()
+    {
+        $this->authModel = new Worker();
+    }
+
+    /**
+     * Create a new AuthController instance.
+     *
+     * @return void
+     */
+
+    public function guard()
+    {
+        return auth()->guard($this->guardName);
+    }
+
+    public function guardName()
+    {
+        return $this->guardName;
+    }
+
+    /**
+     * @OA\Post(
+     *     path="/worker/login-by-username",
+     *     tags={"护工端用户相关"},
+     *     summary="V2-通过用户名密码登录",
+     *     description="",
+     *     @OA\Parameter(name="username", in="query", @OA\Schema(type="string"), required=true, description="用户名（身份证号）"),
+     *     @OA\Parameter(name="password", in="query", @OA\Schema(type="string"), required=true, description="密码"),
+     *     @OA\Response(
+     *      response="200",
+     *      description="护工通过用户名（身份证号）密码登录"
+     *     )
+     * )
+     */
+    public function loginByUsername()
+    {
+        $credentials = [
+            "id_card_number" => request()->username,
+            "password" => request()->password
+        ];
+        if (!$token = $this->guard()->attempt($credentials)) {
+            return response()->json([
+                'errorcode' => '401',
+                'errormsg' => '登录失败'
+            ], 401);
+        }
+
+        return $this->respondWithToken($token);
+    }
+
+    /**
+     * @OA\Post(
+     *     path="/worker/me",
+     *     tags={"护工端用户相关"},
+     *     summary="V2-获取登录者信息",
+     *     @OA\Parameter(name="token", in="query", @OA\Schema(type="string"), required=true, description="token"),
+     *     description="",
+     *     @OA\Response(
+     *      response="200",
+     *      description="获取登录者信息"
+     *     )
+     * )
+     */
+    public function me()
+    {
+        $id = $this->guard()->id();
+        $paramedic = (new Paramedic())->find($id);
+        return response()->json($paramedic->toArray());
+    }
+
+    /**
+     * @OA\Post(
+     *     path="/worker/logout",
+     *     tags={"护工端用户相关"},
+     *     summary="V2 退出登录",
+     *     @OA\Parameter(name="token", in="query", @OA\Schema(type="string"), required=true, description="token"),
+     *     description="",
+     *     @OA\Response(
+     *      response="200",
+     *      description="退出登录"
+     *     )
+     * )
+     */
+    public function logout()
+    {
+        DB::beginTransaction();
+        try {
+            $this->guard()->logout();
+            DB::commit();
+            return response()->json([
+                'errormsg' => "退出登录成功！"
+            ]);
+        } catch (\Exception $exception) {
+            DB::rollBack();
+            return response()->json([
+                'errorcode' => '402',
+                'errormsg' => $exception->getMessage()
+            ]);
+        }
+    }
+
+
+    /**
+     * Get the token array structure.
+     *
+     * @param string $token
+     *
+     * @return \Illuminate\Http\JsonResponse
+     */
+    protected function respondWithToken($token)
+    {
+        $user = $this->guard()->user();
+        $user = $user->toArray();
+
+        return response()->json([
+            'access_token' => $token,
+            'token_type' => 'bearer',
+            'expires_in' => $this->guard()->factory()->getTTL() * 60,
+            'user_info' => $user
+        ]);
+    }
+}
diff --git a/app/Http/Controllers/Worker/CommonController.php b/app/Http/Controllers/Worker/CommonController.php
new file mode 100644
index 0000000..df24d7e
--- /dev/null
+++ b/app/Http/Controllers/Worker/CommonController.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Controllers\Worker;
+
+use App\Http\Controllers\Controller;
+
+class CommonController extends Controller
+{
+    public $guardName = "worker";
+    public $worker;
+
+    public function __construct()
+    {
+        $worker = $this->guard()->user();
+        $this->worker = $worker;
+    }
+
+    public function guard()
+    {
+        return auth()->guard($this->guardName);
+    }
+
+    public function guardName()
+    {
+        return $this->guardName;
+    }
+}
diff --git a/app/Http/Middleware/VerifyCsrfToken.php b/app/Http/Middleware/VerifyCsrfToken.php
index 454152c..fbf5dfc 100644
--- a/app/Http/Middleware/VerifyCsrfToken.php
+++ b/app/Http/Middleware/VerifyCsrfToken.php
@@ -13,6 +13,7 @@ class VerifyCsrfToken extends Middleware
      */
     protected $except = [
         'customer/*',
-        'manager/*'
+        'manager/*',
+        'worker/*',
     ];
 }
diff --git a/app/Worker.php b/app/Worker.php
new file mode 100644
index 0000000..d9a7115
--- /dev/null
+++ b/app/Worker.php
@@ -0,0 +1,88 @@
+<?php
+
+namespace App;
+
+use Illuminate\Foundation\Auth\User as Authenticatable;
+use Illuminate\Notifications\Notifiable;
+use Tymon\JWTAuth\Contracts\JWTSubject;
+
+/**
+ * App\Manager
+ *
+ */
+class Worker extends Authenticatable implements JWTSubject
+{
+    use Notifiable;
+
+    protected $table = "paramedic";
+
+    const GUARD_NAME = "worker";
+
+    public function getAvatarUrlAttribute()
+    {
+        $protocol = request()->secure() ? "https" : "http";
+        if (!$this->avatar) {
+            switch ($this->sex) {
+                case "男":
+                    $this->avatar = "/images/male.png";
+                    break;
+                case "女":
+                    $this->avatar = "/images/female.png";
+                    break;
+            }
+        }
+        return $this->avatar ? $protocol . "://" . request()->getHost() . $this->avatar : $this->avatar;
+    }
+
+    public function guardName()
+    {
+        return self::GUARD_NAME;
+    }
+
+    // Rest omitted for brevity
+
+    /**
+     * Get the identifier that will be stored in the subject claim of the JWT.
+     *
+     * @return mixed
+     */
+    public function getJWTIdentifier()
+    {
+        return $this->getKey();
+    }
+
+    /**
+     * Return a key value array, containing any custom claims to be added to the JWT.
+     *
+     * @return array
+     */
+    public function getJWTCustomClaims()
+    {
+        return [];
+    }
+
+    /**
+     * The attributes that are mass assignable.
+     *
+     * @var array
+     */
+    protected $fillable = [];
+
+    /**
+     * The attributes that should be hidden for arrays.
+     *
+     * @var array
+     */
+    protected $hidden = [
+        'password', 'remember_token',
+    ];
+
+    /**
+     * The attributes that should be cast to native types.
+     *
+     * @var array
+     */
+    protected $casts = [
+        'verified_at' => 'datetime',
+    ];
+}
diff --git a/config/app.php b/config/app.php
index 4c2cf5f..99d7613 100644
--- a/config/app.php
+++ b/config/app.php
@@ -39,7 +39,7 @@ return [
     |
     */
 
-    'debug' => (bool) env('APP_DEBUG', false),
+    'debug' => (bool)env('APP_DEBUG', false),
 
     /*
     |--------------------------------------------------------------------------
@@ -56,6 +56,8 @@ return [
 
     'asset_url' => env('ASSET_URL', null),
 
+    'start_year' => env('START_YEAR', 2017),
+
     /*
     |--------------------------------------------------------------------------
     | Application Timezone
diff --git a/config/auth.php b/config/auth.php
index 287c850..a6b5d38 100644
--- a/config/auth.php
+++ b/config/auth.php
@@ -50,6 +50,11 @@ return [
             'provider' => 'manager',
         ],
 
+        'worker' => [
+            'driver' => 'jwt',
+            'provider' => 'worker',
+        ],
+
 //        'api' => [
 //            'driver' => 'token',
 //            'provider' => 'users',
@@ -90,6 +95,11 @@ return [
             'model' => App\Manager::class,
         ],
 
+        'worker' => [
+            'driver' => 'eloquent',
+            'model' => App\Worker::class,
+        ],
+
         // 'users' => [
         //     'driver' => 'database',
         //     'table' => 'users',
diff --git a/database/migrations/2023_07_14_093851_update_paramedic_add_auth_fields.php b/database/migrations/2023_07_14_093851_update_paramedic_add_auth_fields.php
new file mode 100644
index 0000000..2618294
--- /dev/null
+++ b/database/migrations/2023_07_14_093851_update_paramedic_add_auth_fields.php
@@ -0,0 +1,31 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class UpdateParamedicAddAuthFields extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table("paramedic", function (Blueprint $table) {
+            $table->string("remember_token")->nullable();
+            $table->string("password")->nullable();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        //
+    }
+}
diff --git a/resources/views/admin/statistics/finance.blade.php b/resources/views/admin/statistics/finance.blade.php
index 9f6d32b..9f62fdd 100755
--- a/resources/views/admin/statistics/finance.blade.php
+++ b/resources/views/admin/statistics/finance.blade.php
@@ -33,6 +33,16 @@
                                     <option value="{{$mm}}" @if($mm == $month) {{ "selected" }}@endif>{{$mm}}</option>
                                 @endforeach
                             </select>
+{{--                            <select class="form-control" name="year" onchange="$(this).closest('form').submit()">--}}
+{{--                                @foreach($years as $year)--}}
+{{--                                    <option value="{{$year}}" @if($year == reqeust()->year) {{ "selected" }}@endif>{{$year}}</option>--}}
+{{--                                @endforeach--}}
+{{--                            </select>--}}
+{{--                            <select class="form-control" name="month_duration" onchange="$(this).closest('form').submit()">--}}
+{{--                                @foreach($years as $year)--}}
+{{--                                    <option value="{{$year}}" @if($year == reqeust()->month) {{ "selected" }}@endif>{{$year}}</option>--}}
+{{--                                @endforeach--}}
+{{--                            </select>--}}
                         </form>
                     </div>
                     <h5>收款明细</h5>
diff --git a/routes/web.php b/routes/web.php
index dfd27c2..92ce0d6 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -188,3 +188,13 @@ Route::group(["namespace" => "Manager", "prefix" => "manager"], function () {
     });
 });
 
+Route::group(["namespace" => "Worker", "prefix" => "worker"], function () {
+    Route::post('logout', 'AuthController@logout');
+    Route::post('login-by-username', 'AuthController@loginByUsername');
+
+    Route::group(['middleware' => ['authorize.jwt:manager']], function () {
+        Route::post('me', 'AuthController@me');
+
+    });
+});
+