diff --git a/Admin.NET/Admin.NET.Application/Service/Test/DemoOpenApi.cs b/Admin.NET/Admin.NET.Application/Service/Test/DemoOpenApi.cs
index d09b5ac0..76f806a9 100644
--- a/Admin.NET/Admin.NET.Application/Service/Test/DemoOpenApi.cs
+++ b/Admin.NET/Admin.NET.Application/Service/Test/DemoOpenApi.cs
@@ -4,13 +4,14 @@
 //
 // 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动！任何基于本项目二次开发而产生的一切法律纠纷和责任，我们不承担任何责任！
 
+using Microsoft.AspNetCore.Authentication.JwtBearer;
+
 namespace Admin.NET.Application;
 
 /// <summary>
 /// 开放接口示例
 /// </summary>
 [ApiDescriptionSettings("开放接口", Name = "Demo", Order = 100)]
-[Authorize(AuthenticationSchemes = SignatureAuthenticationDefaults.AuthenticationScheme)]
 public class DemoOpenApi : IDynamicApiController
 {
     private readonly UserManager _userManager;
@@ -19,10 +20,26 @@ public class DemoOpenApi : IDynamicApiController
     {
         _userManager = userManager;
     }
-
-    [HttpGet("helloWord")]
-    public Task<string> HelloWord()
+
+    /// <summary>
+    /// SignatureAuthentication
+    /// </summary>
+    /// <returns></returns>
+    [HttpGet("helloWordSignatureAuthentication")]
+    [Authorize(AuthenticationSchemes = SignatureAuthenticationDefaults.AuthenticationScheme)]
+    public Task<string> HelloWordSignatureAuthentication()
     {
-        return Task.FromResult($"Hello, {_userManager.Account}.");
+        return Task.FromResult($"Hello 只能支持 OpenApi, {_userManager.Account}.");
+    }
+
+    /// <summary>
+    /// SignatureAuthenticationJwt
+    /// </summary>
+    /// <returns></returns>
+    [HttpGet("HelloWordSignatureAuthenticationOrJwt")]
+    [Authorize(AuthenticationSchemes = JwtBearerDefaults.AuthenticationScheme + "," + SignatureAuthenticationDefaults.AuthenticationScheme)]
+    public Task<string> HelloWordSignatureAuthenticationOrJwt()
+    {
+        return Task.FromResult($"Hello 支持 OpenApi 或 Jwt, {_userManager.Account}.");
     }
 }
\ No newline at end of file
diff --git a/Admin.NET/Admin.NET.Core/Service/OpenAccess/Dto/GenerateSignatureOutput.cs b/Admin.NET/Admin.NET.Core/Service/OpenAccess/Dto/GenerateSignatureOutput.cs
new file mode 100644
index 00000000..c5d4efd3
--- /dev/null
+++ b/Admin.NET/Admin.NET.Core/Service/OpenAccess/Dto/GenerateSignatureOutput.cs
@@ -0,0 +1,25 @@
+// Admin.NET 项目的版权、商标、专利和其他相关权利均受相应法律法规的保护。使用本项目应遵守相关法律法规和许可证的要求。
+//
+// 本项目主要遵循 MIT 许可证和 Apache 许可证（版本 2.0）进行分发和使用。许可证位于源代码树根目录中的 LICENSE-MIT 和 LICENSE-APACHE 文件。
+//
+// 不得利用本项目从事危害国家安全、扰乱社会秩序、侵犯他人合法权益等法律法规禁止的活动！任何基于本项目二次开发而产生的一切法律纠纷和责任，我们不承担任何责任！
+
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Admin.NET.Core.Service;
+public class GenerateSignatureOutput
+{
+    /// <summary>
+    /// 时间戳
+    /// </summary>
+    public long Timestamp { get; set; }
+
+    /// <summary>
+    /// 签名
+    /// </summary>
+    public string Signature { get; set; }
+}
\ No newline at end of file
diff --git a/Admin.NET/Admin.NET.Core/Service/OpenAccess/SysOpenAccessService.cs b/Admin.NET/Admin.NET.Core/Service/OpenAccess/SysOpenAccessService.cs
index c5477667..93652663 100644
--- a/Admin.NET/Admin.NET.Core/Service/OpenAccess/SysOpenAccessService.cs
+++ b/Admin.NET/Admin.NET.Core/Service/OpenAccess/SysOpenAccessService.cs
@@ -34,8 +34,12 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
     /// <param name="input"></param>
     /// <returns></returns>
     [DisplayName("生成签名")]
-    public string GenerateSignature(GenerateSignatureInput input)
-    {
+    public GenerateSignatureOutput GenerateSignature(GenerateSignatureInput input)
+    {
+        if (input.Timestamp==0)
+        {
+            input.Timestamp = DateTimeUtil.ToUnixTimestampByMilliseconds(DateTime.Now);
+        }
         // 密钥
         var appSecretByte = Encoding.UTF8.GetBytes(input.AccessSecret);
 
@@ -45,7 +49,11 @@ public class SysOpenAccessService : IDynamicApiController, ITransient
         using HMAC hmac = new HMACSHA256();
         hmac.Key = appSecretByte;
         var sign = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(parameter)));
-        return sign;
+        return new GenerateSignatureOutput
+        {
+            Timestamp = input.Timestamp,
+            Signature = sign
+        };
     }
 
     /// <summary>
diff --git a/Admin.NET/Admin.NET.Core/SignatureAuth/SignatureAuthenticationHandler.cs b/Admin.NET/Admin.NET.Core/SignatureAuth/SignatureAuthenticationHandler.cs
index ee231b06..2ad5bd69 100644
--- a/Admin.NET/Admin.NET.Core/SignatureAuth/SignatureAuthenticationHandler.cs
+++ b/Admin.NET/Admin.NET.Core/SignatureAuth/SignatureAuthenticationHandler.cs
@@ -1,4 +1,4 @@
-// Admin.NET 项目的版权、商标、专利和其他相关权利均受相应法律法规的保护。使用本项目应遵守相关法律法规和许可证的要求。
+// Admin.NET 项目的版权、商标、专利和其他相关权利均受相应法律法规的保护。使用本项目应遵守相关法律法规和许可证的要求。
 //
 // 本项目主要遵循 MIT 许可证和 Apache 许可证（版本 2.0）进行分发和使用。许可证位于源代码树根目录中的 LICENSE-MIT 和 LICENSE-APACHE 文件。
 //
@@ -75,7 +75,7 @@ public sealed class SignatureAuthenticationHandler : AuthenticationHandler<Signa
 
         // 重放检测
         var cache = App.GetRequiredService<SysCacheService>();
-        var cacheKey = $"{CacheConst.KeyOpenAccessNonce}{accessKey}|{nonce}";
+        var cacheKey = $"{CacheConst.KeyOpenAccessNonce}{accessKey}|{timestampStr}|{nonce}";
         if (cache.ExistKey(cacheKey))
             return await AuthenticateResultFailAsync("重复的请求");
         cache.Set(cacheKey, null, Options.AllowedDateDrift * 2); // 缓存过期时间为偏差范围时间的2倍