diff --git a/app/Admin/Controllers/AuthController.php b/app/Admin/Controllers/AuthController.php
index 594631f..a3f2c39 100644
--- a/app/Admin/Controllers/AuthController.php
+++ b/app/Admin/Controllers/AuthController.php
@@ -2,9 +2,56 @@
 
 namespace App\Admin\Controllers;
 
+use Slowlyo\OwlAdmin\Admin;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Validator;
+use Symfony\Component\HttpFoundation\Response;
+use Slowlyo\OwlAdmin\Models\AdminUser;
 use Slowlyo\OwlAdmin\Controllers\AuthController as AdminAuthController;
+use Illuminate\Support\Facades\Hash;
 
 class AuthController extends AdminAuthController
 {
+    public function login(Request $request)
+    {
+        if (Admin::config('admin.auth.login_captcha')) {
+            if (!$request->has('captcha')) {
+                return $this->response()->fail(__('admin.required', ['attribute' => __('admin.captcha')]));
+            }
 
+            if (strtolower(admin_decode($request->sys_captcha)) != strtolower($request->captcha)) {
+                return $this->response()->fail(__('admin.captcha_error'));
+            }
+        }
+
+        try {
+            $validator = Validator::make($request->all(), [
+                'username' => 'required',
+                'password' => 'required',
+            ], [
+                'username' . '.required' => __('admin.required', ['attribute' => __('admin.username')]),
+                'password.required'      => __('admin.required', ['attribute' => __('admin.password')]),
+            ]);
+
+            if ($validator->fails()) {
+                abort(Response::HTTP_BAD_REQUEST, $validator->errors()->first());
+            }
+            $adminModel = Admin::config("admin.auth.model", AdminUser::class);
+            $user       = $adminModel::query()->where('username', $request->username)->first();
+            if($user && $user->lock){
+                abort(Response::HTTP_BAD_REQUEST, '您的账号已被锁定，需要联系超级管理员解锁。');
+            }else{
+                if ($user && Hash::check($request->password, $user->password)) {
+                    $module = Admin::currentModule(true);
+                    $prefix = $module ? $module . '.' : '';
+                    $token  = $user->createToken($prefix . 'admin')->plainTextToken;
+                    return $this->response()->success(compact('token'), __('admin.login_successful'));
+                }
+
+                abort(Response::HTTP_BAD_REQUEST, __('admin.login_failed'));
+            }
+        } catch (\Exception $e) {
+            return $this->response()->fail($e->getMessage());
+        }
+    }
 }
diff --git a/app/Admin/routes.php b/app/Admin/routes.php
index 1795217..bbb9095 100644
--- a/app/Admin/routes.php
+++ b/app/Admin/routes.php
@@ -17,6 +17,11 @@ Route::group([
 
     $router->resource('index', \App\Admin\Controllers\HomeController::class);
 
+    $router->post('login', [App\Admin\Controllers\AuthController::class, 'login']);
+
+    $router->resource('system/admin_users', App\Admin\Controllers\AdminUserController::class);
+    $router->post('quick-edit/admin_users/{admin_user}',[\App\Admin\Controllers\AdminUserController::class, 'update']);
+
     $router->resource('system/settings', \App\Admin\Controllers\SettingController::class);
 
     $router->resource('system/keywords', \App\Admin\Controllers\KeywordController::class);