diff --git a/backend/web/src/custom-menu/index.js b/backend/web/src/custom-menu/index.js
index a969cdd..0c39148 100644
--- a/backend/web/src/custom-menu/index.js
+++ b/backend/web/src/custom-menu/index.js
@@ -18,6 +18,7 @@ const IconFont = Icon.createFromIconfontCN({
 });
 
 const { data: initMenuList = [] } = window;
+const { sourceUrl } = window;console.log(sourceUrl);
 
 function getActiveMenu(menuList, activeMenuInfo) {
   const activeParent = menuList.find(menu => menu.id === activeMenuInfo.id);
@@ -130,7 +131,7 @@ function App() {
   return (
     <Root>
       <Previewer>
-        <TopBar src='/img/wechat-top.png' />
+        <TopBar src={sourceUrl + '/img/wechat-top.png'} />
         <BottomBar>
           <KeyBoardIcon>
             <IconFont
diff --git a/common/config/main.php b/common/config/main.php
index 3c5a106..d6a3e51 100644
--- a/common/config/main.php
+++ b/common/config/main.php
@@ -12,7 +12,6 @@ return [
     'timeZone' => 'Asia/Shanghai',
     'language' => 'zh-CN',
     'components' => [
-        'userLogic' => ['class' => 'iron\logic\UserManager'],
         'cache' => [
             'class' => 'yii\caching\FileCache',
         ],
diff --git a/common/models/User.php b/common/models/User.php
index 07e5162..6647e90 100644
--- a/common/models/User.php
+++ b/common/models/User.php
@@ -1,71 +1,50 @@
 <?php
-
 namespace common\models;
 
 use Yii;
+use yii\base\NotSupportedException;
 use yii\behaviors\TimestampBehavior;
+use yii\db\ActiveRecord;
 use yii\web\IdentityInterface;
-use yii\web\NotFoundHttpException;
-use yii\web\UnauthorizedHttpException;
 
 /**
- * This is the model class for table "user".
+ * User model
  *
- * @property int $id
- * @property string $username 用户名
- * @property string $auth_key
+ * @property integer $id
+ * @property string $username
  * @property string $password_hash
  * @property string $password_reset_token
- * @property string $name 姓名
- * @property int $sex 性别
- * @property string $phone 联系方式
- * @property string $email 邮箱
- * @property int $role 角色
- * @property int $status 状态
- * @property string $access_token 令牌
- * @property int $expire_at 令牌过期时间
- * @property string $nickname 昵称
- * @property string $avatar 头像
- * @property string $wx_openid 微信openid
- * @property string $mini_openid 小程序openid
- * @property string $unionid 微信联合id
- * @property string $session_key 小程序会话秘钥
- * @property string $member_code 会员编号
- * @property int $exp_point 经验值
- * @property int $consume_point 消费积分
- * @property int $created_at 创建时间
- * @property int $updated_at 更新时间
+ * @property string $verification_token
+ * @property string $email
+ * @property string $auth_key
+ * @property integer $status
+ * @property integer $created_at
+ * @property integer $updated_at
+ * @property string $password write-only password
  */
-class User extends \yii\db\ActiveRecord implements IdentityInterface
+class User extends ActiveRecord implements IdentityInterface
 {
-
     const STATUS_DELETED = 0;
-    const STATUS_ACTIVE = 1;
+    const STATUS_INACTIVE = 9;
+    const STATUS_ACTIVE = 10;
+
 
     /**
      * {@inheritdoc}
      */
     public static function tableName()
     {
-        return 'user';
+        return '{{%user}}';
     }
 
-    public function fields()
+    /**
+     * {@inheritdoc}
+     */
+    public function behaviors()
     {
-        $fields = parent::fields();
-        unset($fields['auth_key']);
-        unset($fields['password_hash']);
-        unset($fields['password_reset_token']);
-        unset($fields['role']);
-        unset($fields['status']);
-        unset($fields['access_token']);
-        unset($fields['expire_at']);
-        unset($fields['wx_openid']);
-        unset($fields['mini_openid']);
-        unset($fields['session_key']);
-        unset($fields['created_at']);
-        unset($fields['updated_at']);
-        return $fields;
+        return [
+            TimestampBehavior::className(),
+        ];
     }
 
     /**
@@ -74,104 +53,88 @@ class User extends \yii\db\ActiveRecord implements IdentityInterface
     public function rules()
     {
         return [
-            [['auth_key', 'password_hash'], 'required'],
-            [['sex', 'role', 'status', 'expire_at', 'exp_point', 'consume_point'], 'integer'],
-            [['username', 'password_hash', 'password_reset_token', 'email', 'access_token', 'avatar'], 'string', 'max' => 255],
-            [['auth_key', 'wx_openid', 'mini_openid'], 'string', 'max' => 32],
-            [['name', 'nickname', 'session_key'], 'string', 'max' => 120],
-            [['phone'], 'string', 'max' => 13],
-            [['unionid'], 'string', 'max' => 60],
-            [['member_code'], 'string', 'max' => 20],
+            ['status', 'default', 'value' => self::STATUS_INACTIVE],
+            ['status', 'in', 'range' => [self::STATUS_ACTIVE, self::STATUS_INACTIVE, self::STATUS_DELETED]],
         ];
     }
 
     /**
      * {@inheritdoc}
      */
-    public function attributeLabels()
+    public static function findIdentity($id)
     {
-        return [
-            'id' => 'id',
-            'username' => 'username',
-            'auth_key' => 'auth_key',
-            'password_hash' => 'password_hash',
-            'password_reset_token' => 'password_reset_token',
-            'name' => 'name',
-            'sex' => 'sex',
-            'phone' => '联系方式',
-            'email' => 'email',
-            'role' => 'role',
-            'status' => 'status',
-            'access_token' => 'access_token',
-            'expire_at' => 'expire_at',
-            'nickname' => 'nickname',
-            'avatar' => 'avatar',
-            'wx_openid' => '公众号openid',
-            'mini_openid' => '小程序openid',
-            'unionid' => 'unionid',
-            'session_key' => '小程序解密密钥',
-            'member_code' => '会员编号',
-            'exp_point' => '经验值',
-            'consume_point' => '消费积分',
-            'created_at' => '创建时间',
-            'updated_at' => '更新时间',
-        ];
+        return static::findOne(['id' => $id, 'status' => self::STATUS_ACTIVE]);
     }
 
+    /**
+     * {@inheritdoc}
+     */
+    public static function findIdentityByAccessToken($token, $type = null)
+    {
+        throw new NotSupportedException('"findIdentityByAccessToken" is not implemented.');
+    }
 
     /**
-     * @author linyao
-     * @email 602604991@qq.com
-     * @created Nov 8, 2019
+     * Finds user by username
      *
-     * 行为存储创建时间和更新时间
+     * @param string $username
+     * @return static|null
      */
-    public function behaviors()
+    public static function findByUsername($username)
     {
-        return [
-            [
-                'class' => TimestampBehavior::className(),
-                'createdAtAttribute' => 'created_at',
-                'updatedAtAttribute' => 'updated_at',
-                'value' => function () {
-                    return time();
-                },
-            ],
-        ];
+        return static::findOne(['username' => $username, 'status' => self::STATUS_ACTIVE]);
     }
 
     /**
-     * @inheritDoc
+     * Finds user by password reset token
+     *
+     * @param string $token password reset token
+     * @return static|null
      */
-    public static function findIdentity($id)
+    public static function findByPasswordResetToken($token)
     {
-        return static::findOne(['id' => $id, 'status' => self::STATUS_ACTIVE]);
+        if (!static::isPasswordResetTokenValid($token)) {
+            return null;
+        }
+
+        return static::findOne([
+            'password_reset_token' => $token,
+            'status' => self::STATUS_ACTIVE,
+        ]);
     }
 
     /**
-     * @param mixed $token
-     * @param null $type
-     * @return array|\yii\db\ActiveRecord|IdentityInterface|null
-     * @throws NotFoundHttpException
-     * @throws UnauthorizedHttpException
+     * Finds user by verification email token
+     *
+     * @param string $token verify email token
+     * @return static|null
      */
-    public static function findIdentityByAccessToken($token, $type = null)
+    public static function findByVerificationToken($token) {
+        return static::findOne([
+            'verification_token' => $token,
+            'status' => self::STATUS_INACTIVE
+        ]);
+    }
+
+    /**
+     * Finds out if password reset token is valid
+     *
+     * @param string $token password reset token
+     * @return bool
+     */
+    public static function isPasswordResetTokenValid($token)
     {
-        $user = static::find()
-            ->where(['access_token' => $token, 'status' => self::STATUS_ACTIVE])
-            ->one();
-        if (!$user) {
-            throw new NotFoundHttpException('user not found');
-        }
-        if ($user->expire_at < time()) {
-            throw new UnauthorizedHttpException('access - token expired ', -1);
-        } else {
-            return $user;
+        if (empty($token)) {
+            return false;
         }
+
+        $timestamp = (int) substr($token, strrpos($token, '_') + 1);
+        $expire = Yii::$app->params['user.passwordResetTokenExpire'];
+        return $timestamp + $expire >= time();
     }
 
     /**
-     * @inheritDoc
+     * {@inheritdoc}
      */
     public function getId()
     {
@@ -179,7 +142,7 @@ class User extends \yii\db\ActiveRecord implements IdentityInterface
     }
 
     /**
-     * @inheritDoc
+     * {@inheritdoc}
      */
     public function getAuthKey()
     {
@@ -187,10 +150,60 @@ class User extends \yii\db\ActiveRecord implements IdentityInterface
     }
 
     /**
-     * @inheritDoc
+     * {@inheritdoc}
      */
     public function validateAuthKey($authKey)
     {
         return $this->getAuthKey() === $authKey;
     }
-}
+
+    /**
+     * Validates password
+     *
+     * @param string $password password to validate
+     * @return bool if password provided is valid for current user
+     */
+    public function validatePassword($password)
+    {
+        return Yii::$app->security->validatePassword($password, $this->password_hash);
+    }
+
+    /**
+     * Generates password hash from password and sets it to the model
+     *
+     * @param string $password
+     */
+    public function setPassword($password)
+    {
+        $this->password_hash = Yii::$app->security->generatePasswordHash($password);
+    }
+
+    /**
+     * Generates "remember me" authentication key
+     */
+    public function generateAuthKey()
+    {
+        $this->auth_key = Yii::$app->security->generateRandomString();
+    }
+
+    /**
+     * Generates new password reset token
+     */
+    public function generatePasswordResetToken()
+    {
+        $this->password_reset_token = Yii::$app->security->generateRandomString() . '_' . time();
+    }
+
+    public function generateEmailVerificationToken()
+    {
+        $this->verification_token = Yii::$app->security->generateRandomString() . '_' . time();
+    }
+
+    /**
+     * Removes password reset token
+     */
+    public function removePasswordResetToken()
+    {
+        $this->password_reset_token = null;
+    }
+}
\ No newline at end of file