diff --git a/Server/src/APIs/Console/DelResource.ts b/Server/src/APIs/Console/DelResource.ts
new file mode 100644
index 0000000..f5c3c5b
--- /dev/null
+++ b/Server/src/APIs/Console/DelResource.ts
@@ -0,0 +1,26 @@
+import { API } from "../../Plugs/API/API";
+import ServerStdResponse from "../../ServerStdResponse";
+import MySQLConnection from '../../Plugs/MySQLConnection'
+import Auth from "../../Plugs/Middleware/Auth";
+
+// 删除资源
+class DelResource extends API {
+    constructor() {
+        super('DELETE', '/console/resource', Auth);
+    }
+
+    public async onRequset(data: any, res: any) {
+        let { id } = data;
+        if (!id) {
+            return res.json(ServerStdResponse.PARAMS_MISSING);
+        }
+        let execRes = await MySQLConnection.execute('DELETE FROM resource  WHERE `id` = ?', [id]);
+
+        if (!execRes || execRes.affectedRows != 1) {
+            return res.json(ServerStdResponse.SERVER_ERROR);
+        }
+        return res.json({ ...ServerStdResponse.OK });
+    }
+}
+
+export default DelResource;
\ No newline at end of file
diff --git a/Server/src/APIs/Console/GetBlogs.ts b/Server/src/APIs/Console/GetBlogs.ts
new file mode 100644
index 0000000..6c24738
--- /dev/null
+++ b/Server/src/APIs/Console/GetBlogs.ts
@@ -0,0 +1,22 @@
+import { API } from "../../Plugs/API/API";
+import ServerStdResponse from "../../ServerStdResponse";
+import MySQLConnection from '../../Plugs/MySQLConnection'
+import Auth from "../../Plugs/Middleware/Auth";
+
+// 获取博客列表
+class GetBlogs extends API {
+    constructor() {
+        super('GET', '/console/blogs', Auth);
+    }
+
+    public async onRequset(data: any, res: any) {
+        // const { uuid } = data._jwt;
+        let resourcesRes = await MySQLConnection.execute("SELECT * FROM blog");
+        if (!resourcesRes) {
+            return res.json(ServerStdResponse.SERVER_ERROR);
+        }
+        return res.json({ ...ServerStdResponse.OK, data: resourcesRes });
+    }
+}
+
+export default GetBlogs;
\ No newline at end of file
diff --git a/Server/src/APIs/Console/GetResources.ts b/Server/src/APIs/Console/GetResources.ts
new file mode 100644
index 0000000..8b5d22c
--- /dev/null
+++ b/Server/src/APIs/Console/GetResources.ts
@@ -0,0 +1,22 @@
+import { API } from "../../Plugs/API/API";
+import ServerStdResponse from "../../ServerStdResponse";
+import MySQLConnection from '../../Plugs/MySQLConnection'
+import Auth from "../../Plugs/Middleware/Auth";
+
+// 获取资源列表
+class GetResources extends API {
+    constructor() {
+        super('GET', '/console/resources', Auth);
+    }
+
+    public async onRequset(data: any, res: any) {
+        // const { uuid } = data._jwt;
+        let resourcesRes = await MySQLConnection.execute("SELECT * FROM resource");
+        if (!resourcesRes) {
+            return res.json(ServerStdResponse.SERVER_ERROR);
+        }
+        return res.json({ ...ServerStdResponse.OK, data: resourcesRes });
+    }
+}
+
+export default GetResources;
\ No newline at end of file
diff --git a/Server/src/APIs/Console/SaveResource.ts b/Server/src/APIs/Console/SaveResource.ts
new file mode 100644
index 0000000..1876bc8
--- /dev/null
+++ b/Server/src/APIs/Console/SaveResource.ts
@@ -0,0 +1,33 @@
+import { API } from "../../Plugs/API/API";
+import ServerStdResponse from "../../ServerStdResponse";
+import MySQLConnection from '../../Plugs/MySQLConnection'
+import Auth from "../../Plugs/Middleware/Auth";
+
+// 保存资源
+class SaveResource extends API {
+    constructor() {
+        super('POST', '/console/saveResource', Auth);
+    }
+
+    public async onRequset(data: any, res: any) {
+        let { id, type, recommand, title, describe, icon_src, addition, src } = data;
+        if (!type || !recommand || !title || !describe || !icon_src || !addition || !src) {
+            return res.json(ServerStdResponse.PARAMS_MISSING);
+        }
+        let execRes: any;
+        if (id) {
+            // 保存
+            execRes = await MySQLConnection.execute('UPDATE resource SET `type` = ?, `recommand` = ?, `title` = ?, `describe` = ?, `addition` = ?, `icon_src` = ?, `src` = ? WHERE `id` = ?', [type, recommand, title, describe, addition, icon_src, src, id]);
+        } else {
+            // 新建
+            execRes = await MySQLConnection.execute('INSERT INTO resource (`type`, `recommand`, `title`, `describe`, `addition`, `icon_src`, `src`) VALUES (?,?,?,?,?,?,?)', [type, recommand, title, describe, addition, icon_src, src]);
+        }
+
+        if (!execRes || execRes.affectedRows != 1) {
+            return res.json(ServerStdResponse.SERVER_ERROR);
+        }
+        return res.json({ ...ServerStdResponse.OK });
+    }
+}
+
+export default SaveResource;
\ No newline at end of file
diff --git a/Server/src/Plugs/Middleware/Auth.ts b/Server/src/Plugs/Middleware/Auth.ts
index 4952485..b7134fa 100644
--- a/Server/src/Plugs/Middleware/Auth.ts
+++ b/Server/src/Plugs/Middleware/Auth.ts
@@ -2,14 +2,22 @@ import { Request, Response, NextFunction } from "express";
 import config from "../../config";
 import ServerStdResponse from "../../ServerStdResponse";
 import Logger from "../Logger";
+import jwt from 'jsonwebtoken'
 const logger = new Logger("Auth");
 const Auth = (req: Request, res: Response, next: NextFunction) => {
     let token = req.headers.authorization;
-    if (token === config.authToken || token == config.adminToken) {
-        next();
-    } else {
+    try {
+        if (!token) {
+            throw new Error('空Token')
+        }
+        if(typeof token != 'string' || token.indexOf('Bearer ') == -1){
+            throw new Error('格式错误的Token')
+        }
+        req.body._jwt = jwt.verify(token.replace('Bearer ',''), config.jwt.secret);
+        next()
+    } catch (error) {
         let ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || req.ip;
-        logger.info(`API[${req.method}][${req.url.split('?')[0]}] 请求鉴权不通过[${token}][${ip}]`);
+        logger.info(`API[${req.method}][${req.url.split('?')[0]}] 请求鉴权不通过[${token}][${ip}] ${error}`);
         res.json(ServerStdResponse.AUTH_ERROR);
     }
 }
diff --git a/Server/src/Server/Server.ts b/Server/src/Server/Server.ts
index 9ba3490..e2e0bd4 100644
--- a/Server/src/Server/Server.ts
+++ b/Server/src/Server/Server.ts
@@ -15,7 +15,12 @@ import BlogComment from "../APIs/BlogComment";
 import GetBlogComment from "../APIs/GetBlogComment";
 import GetCaptcha from "../APIs/GetCaptcha";
 import CheckCaptcha from "../APIs/CheckCaptcha";
+
 import Login from "../APIs/Console/Login";
+import GetResources from "../APIs/Console/GetResources";
+import GetBlogs from '../APIs/Console/GetBlogs'
+import SaveResource from '../APIs/Console/SaveResource'
+import DelResource from '../APIs/Console/DelResource'
 
 class Server {
     private logger = new Logger('Server');
@@ -39,6 +44,10 @@ class Server {
         this.apiLoader.add(CheckCaptcha);
 
         this.apiLoader.add(Login);
+        this.apiLoader.add(GetResources);
+        this.apiLoader.add(GetBlogs)
+        this.apiLoader.add(SaveResource);
+        this.apiLoader.add(DelResource);
 
         this.apiLoader.start(config.apiPort);
     }