diff --git a/application/admin/library/Auth.php b/application/admin/library/Auth.php
index 8c56936..ddc43d3 100644
--- a/application/admin/library/Auth.php
+++ b/application/admin/library/Auth.php
@@ -72,10 +72,9 @@ class Auth extends \fast\Auth
     {
         $admin = Admin::get(intval($this->id));
         if (!$admin) {
-            return true;
+            $admin->token = '';
+            $admin->save();
         }
-        $admin->token = '';
-        $admin->save();
         $this->logined = false; //重置登录状态
         Session::delete("admin");
         Cookie::delete("keeplogin");
diff --git a/application/api/controller/User.php b/application/api/controller/User.php
index 0387d19..5619814 100644
--- a/application/api/controller/User.php
+++ b/application/api/controller/User.php
@@ -72,6 +72,9 @@ class User extends Api
         }
         $user = \app\common\model\User::getByMobile($mobile);
         if ($user) {
+            if ($user->status != 'normal') {
+                $this->error(__('Account is locked'));
+            }
             //如果已经有账号则直接登录
             $ret = $this->auth->direct($user->id);
         } else {