diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index d7608ec3d..b976ee8fa 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -702,6 +702,15 @@ class UsersController < ApplicationController
     @user = User.find_by(mail: params[:email])
   end
 
+  #根据login获取用户信息
+  def get_user_info_by_login
+    private_token = "hriEn3UwXfJs3PmyXnSH"
+    sign = Digest::MD5.hexdigest("#{private_token}:#{params[:login]}")
+    tip_exception(401, '401 Unauthorized')  unless params[:sign].to_s == sign
+    user = User.find_by_login params[:login]
+    render_ok(data: {username: user.real_name, school: user.custom_department, login: user.login, phone: user.phone, mail: user.mail})
+  end
+
   private
   def load_user
     @user = User.find_by_login(params[:id]) || User.find_by(id: params[:id])
@@ -731,7 +740,7 @@ class UsersController < ApplicationController
   end
 
   def sso_login
-    if params[:login].present? && !current_user.logged? && params[:websiteName].present?
+    if params[:login].present? && !current_user.logged? && params[:websiteName].present? && request.referer.to_s.include?("gitlink.org.cn")
       user = User.where("login = ?", "#{params[:login].presence}").first
       # 已同步注册，直接登录
       if user.present?
diff --git a/config/routes.rb b/config/routes.rb
index a25447641..75caa100d 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -288,6 +288,7 @@ Rails.application.routes.draw do
         post :following
         post :unfollow
         get :get_user_info
+        get :get_user_info_by_login
         get :attachment_show
         get :html_show
         get :get_navigation_info