diff --git a/system/urls.py b/system/urls.py
index 8b57a8f..6f1e5e4 100644
--- a/system/urls.py
+++ b/system/urls.py
@@ -1,5 +1,5 @@
 from django.urls import path
-from system.views import login_view, UserPasswordUpdateView, logout_view, UserInfo
+from system.views import login_view, UserPasswordUpdateView, logout_view, UserInfo, UserLogout
 
 app_name = "system"
 
@@ -10,5 +10,5 @@ urlpatterns = [
 
 
     path('api/user_info', UserInfo.as_view()),
-    path('api/logout', UserInfo.as_view())
+    path('api/logout', UserLogout.as_view())
 ]
diff --git a/system/views.py b/system/views.py
index c76a917..11e9252 100644
--- a/system/views.py
+++ b/system/views.py
@@ -16,6 +16,8 @@ from rest_framework.authentication import TokenAuthentication
 from rest_framework.authtoken.models import Token
 from rest_framework.views import APIView
 from rest_framework.response import Response
+from rest_framework import permissions
+from rest_framework import generics
 
 logger = logging.getLogger('system')
 
@@ -24,6 +26,8 @@ class UserInfo(APIView):
     """
     获取用户信息
     """
+    permission_classes = (permissions.IsAuthenticated,)
+
     def post(self, request):
         token = (json.loads(request.body))['token']
         obj = Token.objects.get(key=token).user
@@ -37,10 +41,9 @@ class UserInfo(APIView):
         return HttpResponse(json.dumps(result))
 
 
-class UserLogin(APIView):
-    """
+class UserLogout(APIView):
+    permission_classes = (permissions.IsAuthenticated,)
 
-    """
     def post(self, request):
         token = (json.loads(request.body))['token']
         obj = Token.objects.get(key=token)
@@ -50,6 +53,7 @@ class UserLogin(APIView):
         }
         return HttpResponse(json.dumps(result))
 
+
 class CustomBackend(ModelBackend):
     """
     用户名字/邮箱名字 登录