diff --git a/assets/templates/login.html b/assets/templates/login.html
new file mode 100644
index 0000000..74b091d
--- /dev/null
+++ b/assets/templates/login.html
@@ -0,0 +1,62 @@
+<!DOCTYPE html>
+<html lang="">
+<head>
+    <title>Login</title>
+    <link rel="stylesheet" href="./static/lib/layui/css/layui.css">
+    <link rel="stylesheet" href="./static/css/layui-theme-dark.css">
+    <link rel="stylesheet" href="./static/css/index.css">
+    <link rel="stylesheet" href="./static/css/index-color.css">
+    <script src="./static/lib/layui/layui.js"></script>
+    <script src="./static/js/index.js"></script>
+    <style>
+        .login-container {
+            width: 320px;
+            margin: 21px auto 0;
+        }
+    </style>
+</head>
+<body>
+<div class="layui-form login-container">
+    <div class="layui-form-item">
+        <div class="layui-input-wrap">
+            <div class="layui-input-prefix">
+                <i class="layui-icon layui-icon-username"></i>
+            </div>
+            <input type="text" name="username" value="" lay-verify="required" placeholder="用户名"
+                   lay-reqtext="请填写用户名" autocomplete="off" class="layui-input" lay-affix="clear">
+        </div>
+    </div>
+    <div class="layui-form-item">
+        <div class="layui-input-wrap">
+            <div class="layui-input-prefix">
+                <i class="layui-icon layui-icon-password"></i>
+            </div>
+            <input type="password" name="password" value="" lay-verify="required" placeholder="密码"
+                   lay-reqtext="请填写密码" autocomplete="off" class="layui-input" lay-affix="eye">
+        </div>
+    </div>
+    <div class="layui-form-item">
+        <button class="layui-btn layui-btn-fluid" id="login">登录</button>
+    </div>
+</div>
+
+<script>
+    var $ = layui.$;
+
+    $(function () {
+        $('#login').click(function () {
+            $.ajax({
+                url: "/login",
+                type: "post",
+                header: {
+                    Authorization: btoa("admin" + ":" + "admin")
+                },
+                success: function (result) {
+                    console.log(result);
+                }
+            });
+        });
+    });
+</script>
+</body>
+</html>
\ No newline at end of file
diff --git a/pkg/server/controller/controller.go b/pkg/server/controller/controller.go
index 265c8a0..007765e 100644
--- a/pkg/server/controller/controller.go
+++ b/pkg/server/controller/controller.go
@@ -175,7 +175,22 @@ func (c *HandleController) MakeHandlerFunc() gin.HandlerFunc {
 	}
 }
 
-func (c *HandleController) MakeManagerFunc() func(context *gin.Context) {
+func (c *HandleController) MakeLoginFunc() func(context *gin.Context) {
+	return func(context *gin.Context) {
+		method := context.Request.Method
+		if method == "GET" {
+			context.HTML(http.StatusOK, "login.html", gin.H{
+				"version": c.Version,
+			})
+		} else {
+			context.JSON(http.StatusOK, gin.H{
+				"Success": true,
+			})
+		}
+	}
+}
+
+func (c *HandleController) MakeIndexFunc() func(context *gin.Context) {
 	return func(context *gin.Context) {
 		context.HTML(http.StatusOK, "index.html", gin.H{
 			"version":                      c.Version,
diff --git a/pkg/server/controller/op.go b/pkg/server/controller/op.go
index acfe839..a471fe9 100644
--- a/pkg/server/controller/op.go
+++ b/pkg/server/controller/op.go
@@ -1,11 +1,13 @@
 package controller
 
 import (
+	"encoding/base64"
 	"fmt"
 	plugin "github.com/fatedier/frp/pkg/plugin/server"
 	"github.com/gin-gonic/gin"
 	"gopkg.in/ini.v1"
 	"log"
+	"net/http"
 	"os"
 	"path/filepath"
 	"strconv"
@@ -37,17 +39,21 @@ func (c *HandleController) Register(rootDir string, engine *gin.Engine) {
 	engine.Delims("${", "}")
 	engine.LoadHTMLGlob(filepath.Join(assets, "templates/*"))
 	engine.POST("/handler", c.MakeHandlerFunc())
+	engine.Static("/static", filepath.Join(assets, "static"))
+	engine.GET("/login", c.MakeLoginFunc())
 
 	var group *gin.RouterGroup
 	if len(c.CommonInfo.User) != 0 {
-		group = engine.Group("/", gin.BasicAuthForRealm(gin.Accounts{
-			c.CommonInfo.User: c.CommonInfo.Pwd,
-		}, "Restricted"))
+		//group = engine.Group("/", gin.BasicAuthForRealm(gin.Accounts{
+		//	c.CommonInfo.User: c.CommonInfo.Pwd,
+		//}, "Restricted"))
+
+		group = engine.Group("/", c.Authorize())
 	} else {
 		group = engine.Group("/")
 	}
-	group.Static("/static", filepath.Join(assets, "static"))
-	group.GET("/", c.MakeManagerFunc())
+	group.POST("/login", c.MakeLoginFunc())
+	group.GET("/", c.MakeIndexFunc())
 	group.GET("/lang.json", c.MakeLangFunc())
 	group.GET("/tokens", c.MakeQueryTokensFunc())
 	group.POST("/add", c.MakeAddTokenFunc())
@@ -58,6 +64,23 @@ func (c *HandleController) Register(rootDir string, engine *gin.Engine) {
 	group.GET("/proxy/*serverApi", c.MakeProxyFunc())
 }
 
+func (c *HandleController) Authorize() gin.HandlerFunc {
+	return func(context *gin.Context) {
+		authorizationFromUser := context.Request.Header.Get("Authorization")
+
+		userAndPwd := []byte(c.CommonInfo.User + ":" + c.CommonInfo.Pwd)
+		authorizationFromConfig := "Basic " + base64.StdEncoding.EncodeToString(userAndPwd)
+
+		if authorizationFromUser == authorizationFromConfig {
+			context.Next()
+		} else {
+			context.Abort()
+			context.Redirect(http.StatusTemporaryRedirect, "/login")
+			return
+		}
+	}
+}
+
 func (c *HandleController) HandleLogin(content *plugin.LoginContent) plugin.Response {
 	token := content.Metas["token"]
 	user := content.User