diff --git a/application/http/middleware/AdminLog.php b/application/http/middleware/AdminLog.php
index e4619b3..2f68562 100644
--- a/application/http/middleware/AdminLog.php
+++ b/application/http/middleware/AdminLog.php
@@ -2,9 +2,45 @@
 
 namespace app\http\middleware;
 
-class AdminLog
-{
-    public function handle($request, \Closure $next)
-    {
+use app\model\AdminMenu;
+use app\model\AdminUserAction;
+use app\util\ReturnCode;
+
+class AdminLog {
+
+    /**
+     * @param \think\facade\Request $request
+     * @param \Closure $next
+     * @return \think\response\Json
+     * @author zhaoxiang <zhaoxiang051405@gmail.com>
+     */
+    public function handle($request, \Closure $next) {
+        $ApiAuth = $request->header('ApiAuth');
+        $userInfo = cache('Login:' . $ApiAuth);
+        $userInfo = json_decode($userInfo, true);
+        $menuInfo = AdminMenu::get(['url' => $request->path()]);
+
+        if ($menuInfo) {
+            $menuInfo = $menuInfo->toArray();
+        } else {
+
+            return json([
+                'code' => ReturnCode::INVALID,
+                'msg'  => '当前路由非法：' . $request->path(),
+                'data' => []
+            ])->header(config('apiadmin.CROSS_DOMAIN'));
+        }
+
+        AdminUserAction::create([
+            'action_name' => $menuInfo['name'],
+            'uid'         => $userInfo['id'],
+            'nickname'    => $userInfo['nickname'],
+            'add_time'    => time(),
+            'url'         => $request->path(),
+            'data'        => json_encode($request->param())
+        ]);
+
+        return $next($request);
     }
+
 }
diff --git a/application/http/middleware/AdminPermission.php b/application/http/middleware/AdminPermission.php
index 4d4a2e9..7929bd6 100644
--- a/application/http/middleware/AdminPermission.php
+++ b/application/http/middleware/AdminPermission.php
@@ -23,16 +23,8 @@ class AdminPermission {
     public function handle($request, \Closure $next) {
         $ApiAuth = $request->header('ApiAuth');
         $userInfo = cache('Login:' . $ApiAuth);
-
-        if (!$userInfo) {
-            return json([
-                'code' => ReturnCode::INVALID,
-                'msg'  => '非常抱歉，您的登录状态已丢失或已过期！',
-                'data' => []
-            ])->header(config('apiadmin.CROSS_DOMAIN'));
-        }
-
         $userInfo = json_decode($userInfo, true);
+
         if (!$this->checkAuth($userInfo['id'], $request->path())) {
             return json([
                 'code' => ReturnCode::INVALID,
diff --git a/route/route.php b/route/route.php
index 3c2c251..54d4655 100644
--- a/route/route.php
+++ b/route/route.php
@@ -39,7 +39,7 @@ Route::group('admin', function () {
             'admin/Menu/del',
             ['method' => 'get']
         ]
-    ])->middleware('AdminPermission');;
+    ])->middleware(['AdminAuth', 'AdminPermission', 'AdminLog']);
     Route::group('User', [
         'index'        => [
             'admin/User/index',