diff --git a/server/adminserver/middleware/actlog.go b/server/adminserver/middleware/actlog.go
new file mode 100644
index 00000000..fd7102c3
--- /dev/null
+++ b/server/adminserver/middleware/actlog.go
@@ -0,0 +1,75 @@
+package middleware
+
+import (
+	"adminserver/constant"
+	"bytes"
+	"encoding/json"
+	"f5"
+	"io"
+	"main/common"
+	"net/http"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+)
+
+/*
+ */
+func ActLog(c *gin.Context) bool {
+	s := c.MustGet("session").(common.Session)
+	account := s.GetAccountAddress()
+	httpmethod := c.Request.Method
+	if len(httpmethod) > 10 {
+		return false
+	}
+
+	url := c.Request.URL.String()
+	if len(url) > 64*1024 {
+		return false
+	}
+
+	if len(c.Request.URL.RawQuery) > 64*1024 {
+		return false
+	}
+
+	info := struct {
+		Account    string `gorm:"column:account_address" json:"account_address"`
+		Method     string `gorm:"column:http_method" json:"http_method"`
+		URL        string `gorm:"column:url" json:"url"`
+		Params     string `gorm:"column:params" json:"params"`
+		Postdata   string `gorm:"column:postdata" json:"postdata"`
+		CreateTime int32  `gorm:"column:createtime;<-:create" json:"createtime"`
+		ModifyTime int32  `gorm:"column:modifytime" json:"modifytime"`
+	}{}
+
+	nowDaySeconds := int32(f5.GetApp().GetRealSeconds())
+	info.Account = account
+	info.Method = httpmethod
+	info.URL = url
+	if len(c.Request.URL.RawQuery) > 0 {
+		params := map[string]string{}
+		for k, v := range c.Request.URL.Query() {
+			params[k] = v[0]
+		}
+		data, _ := json.Marshal(params)
+		info.Params = string(data)
+	}
+	info.CreateTime = nowDaySeconds
+	info.ModifyTime = nowDaySeconds
+	if strings.ToUpper(httpmethod) == "POST" {
+		var bodyBytes []byte
+		bodyBytes, err := io.ReadAll(c.Request.Body)
+		if err == nil {
+			c.Request.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
+			info.Postdata = string(bodyBytes)
+		}
+	}
+	if err := f5.GetApp().GetOrmDb(constant.ADMIN_DB).Table("t_op_log").Create(info).Error; err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"code":    1,
+			"message": err.Error(),
+		})
+	}
+
+	return true
+}
diff --git a/server/adminserver/middleware/permission.go b/server/adminserver/middleware/permission.go
index 69884ef6..84e1506b 100644
--- a/server/adminserver/middleware/permission.go
+++ b/server/adminserver/middleware/permission.go
@@ -1,7 +1,7 @@
 package middleware
 
 import (
-	"adminserver/common"
+	"main/common"
 	"net/http"
 
 	"main/mt"
@@ -16,7 +16,14 @@ func Permission(funcName string, cb func(*gin.Context)) gin.HandlerFunc {
 		s := c.MustGet("session").(common.Session)
 		acc := s.GetAccountAddress()
 		if mt.Table.Permission.CheckAPIPermission(acc, funcName) {
-			cb(c)
+			if ActLog(c) {
+				cb(c)
+			} else {
+				c.JSON(http.StatusOK, gin.H{
+					"code":    3,
+					"message": "Request Too Long",
+				})
+			}
 		} else {
 			c.JSON(http.StatusOK, gin.H{
 				"code":    3,