diff --git a/src/router/index.ts b/src/router/index.ts
index c02a587680..6ea1f1160a 100644
--- a/src/router/index.ts
+++ b/src/router/index.ts
@@ -4,7 +4,6 @@ import { AdminEntryRouter } from './entry/admin'
 import { AppEntryRouter } from './entry/app'
 import { FileRouter } from './file/index'
 import { FunctionRouter } from './function/index'
-import { UserRouter } from './user/index'
 
 export const router = Router()
 
@@ -12,7 +11,6 @@ router.use('/admin', AdminEntryRouter)
 router.use('/admin', AdminRouter)
 
 router.use('/app', AppEntryRouter)
-router.use('/app', UserRouter)
 
 router.use('/file', FileRouter)
 router.use('/func', FunctionRouter)
\ No newline at end of file
diff --git a/src/router/user/index.ts b/src/router/user/index.ts
deleted file mode 100644
index 4e90628bdc..0000000000
--- a/src/router/user/index.ts
+++ /dev/null
@@ -1,8 +0,0 @@
-import { Router } from 'express'
-import { LoginRouter } from './login'
-import { RegisterRouter } from './register'
-
-export const UserRouter = Router()
-
-UserRouter.use('/user', LoginRouter)
-UserRouter.use('/user', RegisterRouter)
\ No newline at end of file
diff --git a/src/router/user/login.ts b/src/router/user/login.ts
deleted file mode 100644
index 8b7cb0379f..0000000000
--- a/src/router/user/login.ts
+++ /dev/null
@@ -1,65 +0,0 @@
-import { Router } from 'express'
-import { getToken } from '../../lib/utils/token'
-import { db } from '../../lib/db'
-import { hashPassword } from '../../lib/utils/hash'
-
-export const LoginRouter = Router()
-
-/**
-* 用户名/手机号/邮箱+密码登陆
-*/
-LoginRouter.post('/login/password', async (req, res) => {
-  const { username, password } = req.body
-
-  if (!username || !password) {
-    return res.send({
-      code: 1,
-      error: 'invalid phone or password'
-    })
-  }
-
-  //
-  const ret = await db.collection('users')
-    .withOne({
-      query: db.collection('password')
-        .field({ password: 0 })
-        .where({ password: hashPassword(password), type: 'login' }),
-      localField: '_id',
-      foreignField: 'uid'
-    })
-    .where({
-      $or: [
-        { email: username },
-        { phone: username },
-        { username: username }
-      ]
-    })
-    .merge({ intersection: true })
-
-  if (ret.ok && ret.data.length) {
-    const user = ret.data[0]
-
-    // 默认 token 有效期为 7 天
-    const expire = Math.floor(Date.now() / 1000) + 60 * 60  * 24 * 7
-    const payload = {
-      uid: user._id,
-      type: 'user',
-      exp: expire
-    }
-    const access_token = getToken(payload)
-    return res.send({
-      code: 0,
-      data: {
-        access_token,
-        user,
-        uid: user._id,
-        expire
-      }
-    })
-  }
-
-  return res.send({
-    code: 1,
-    error: 'invalid phone or password'
-  })
-})
\ No newline at end of file
diff --git a/src/router/user/register.ts b/src/router/user/register.ts
deleted file mode 100644
index 8708efca26..0000000000
--- a/src/router/user/register.ts
+++ /dev/null
@@ -1,78 +0,0 @@
-import { Router } from 'express'
-import { getToken } from '../../lib/utils/token'
-import { db } from '../../lib/db'
-import * as assert from 'assert'
-import { hashPassword } from '../../lib/utils/hash'
-export const RegisterRouter = Router()
-
-/**
-* 用户名/手机号/邮箱+密码注册
-*/
-RegisterRouter.post('/register/password', async (req, res) => {
-  const { username, email, phone, password } = req.body
-  let key, value = null
-  if (username) {
-    key = 'username'
-    value = username
-  } else if (email) {
-    key = 'email'
-    value = email
-  } else if (phone) {
-    key = 'phone'
-    value = phone
-  }
-
-  if (!key || !value || !password) {
-    return res.send({ code: 1, error: 'invalid username or password' })
-  }
-
-  // 检查邮箱/手机/用户名 是否已存在
-  const r_count = await db.collection('users')
-    .where({ [key]: value })
-    .count()
-
-  assert(r_count.ok, `check ${key} exists occurs error`)
-  if (r_count.total > 0) {
-    return res.send({
-      code: 1,
-      error: `${key} already exists`
-    })
-  }
-
-  // 创建 user
-  const r = await db.collection('users').add({
-    [key]: value,
-    created_at: Date.now(),
-    updated_at: Date.now()
-  })
-
-  // 创建 user password
-  await db.collection('password').add({
-    uid: r.id,
-    password: hashPassword(password),
-    created_at: Date.now(),
-    updated_at: Date.now()
-  })
-
-
-  // 注册完成后自动登录，生成 token: 默认 token 有效期为 7 天
-  const expire = Math.floor(Date.now()) + 60 * 60 * 24 * 7
-  const payload = {
-    uid: r.id,
-    type: 'user',
-    exp: expire
-  }
-
-  const access_token = getToken(payload)
-  return res.send({
-    code: 0,
-    data: {
-      access_token,
-      email,
-      phone,
-      username,
-      uid: r.id,
-      expire
-    }
-  })
-})
\ No newline at end of file