diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/AuthorizationController.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/AuthorizationController.java
index b2c1f1638..ec7f4289f 100644
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/AuthorizationController.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/AuthorizationController.java
@@ -91,6 +91,9 @@ public ResponseMessage<Map<String, Object>> authorize(@RequestParam @ApiParam("
         return doLogin(username, password, WebUtil.getParameters(request));
     }
 
+    /**
+     * <img src="https://raw.githubusercontent.com/hs-web/hsweb-framework/3.0.x/hsweb-authorization/hsweb-authorization-basic/img/autz-flow.png">
+     */
     @SneakyThrows
     protected ResponseMessage<Map<String, Object>> doLogin(String username, String password, Map<String, ?> parameter) {
         Assert.hasLength(username, "用户名不能为空");