diff --git a/app/Http/Controllers/Api/UserController.php b/app/Http/Controllers/Api/UserController.php
index 57f8fa5..93e0f45 100644
--- a/app/Http/Controllers/Api/UserController.php
+++ b/app/Http/Controllers/Api/UserController.php
@@ -7,8 +7,25 @@
 
 class UserController extends Controller
 {
-    public function __invoke(Request $request)
+    public function user(Request $request)
     {
-        return $this->success(auth('sanctum')->user());
+        return $this->success($request->user('sanctum'));
+    }
+
+    public function create(Request $request)
+    {
+        $name = date('Y-m-d H:i:s');
+        $token = $request->user()->createToken($name);
+
+        return $this->success([
+            'token' => $token->plainTextToken,
+        ]);
+    }
+
+    public function deleteAll(Request $request)
+    {
+        $request->user()->tokens()->delete();
+
+        return $this->success();
     }
 }
diff --git a/resources/js/views/Index.vue b/resources/js/views/Index.vue
index ca958e0..a2ac286 100644
--- a/resources/js/views/Index.vue
+++ b/resources/js/views/Index.vue
@@ -1,36 +1,69 @@
 <template>
     <div>
         <h3>欢迎</h3>
-
     </div>
 
     <div class="mt-3">
-         <p>用户名: {{ user.name }}</p>
-        <p>剩余流量: {{ user.traffic }}GB</p>
+        <p>用户名: {{ user.name }}</p>
+        <p>剩余流量: {{ user.traffic }} GB</p>
     </div>
 
     <div class="mt-3" v-if="!user.realnamed">
-        <p>注意，您没有完成实名认证，请点击下方按钮完成实名认证，否则您只能使用中国大陆以外的隧道。</p>
-        <a class="btn btn-primary" target="_blank" href="https://oauth.laecloud.com/real_name">实名认证</a>
+        <h3>实名认证</h3>
+        <p>
+            注意，您没有完成实名认证，请点击下方按钮完成实名认证，否则您只能使用中国大陆以外的隧道。
+        </p>
+        <a
+            class="btn btn-primary"
+            target="_blank"
+            href="https://oauth.laecloud.com/real_name"
+            >实名认证</a
+        >
         <p>在实名认证后，请重新登录 {{ sitename }}。</p>
     </div>
 
+    <h3>访问密钥</h3>
+    <div class="mt-3" v-if="!user.realnamed">
+        <p>
+            访问密钥是用于访问 {{ sitename }} API
+            的密钥，您可以使用它来开发自己的客户端。
+        </p>
+        <p v-if="newToken" class="text-success">获取成功，请妥善保管您的 Token: {{ newToken }}</p>
+        <button class="btn btn-primary" @click="getNewToken">
+            获取新密钥
+        </button>
+        <button class="btn btn-danger" style="margin-left: 5px;" @click="deleteAllToken">
+            删除所有密钥
+        </button>
+    </div>
 </template>
 
 <script setup>
 import { ref } from "vue";
-import http from '../plugins/http'
+import http from "../plugins/http";
 
-const sitename = window.Base.SiteName
+const sitename = window.Base.SiteName;
 
 const user = ref({
-    name: 'loading...',
-    traffic: ''
-})
+    name: "loading...",
+    traffic: "",
+});
 
-http.get('user').then((res) => {
-    user.value = res.data
-})
+const newToken = ref("");
 
+http.get("user").then((res) => {
+    user.value = res.data;
+});
 
+function getNewToken() {
+    http.post("tokens").then((res) => {
+        newToken.value = res.data.token;
+    });
+}
+
+function deleteAllToken() {
+    http.delete("tokens").then((res) => {
+        alert("所有 Token 删除成功。");
+    });
+}
 </script>
diff --git a/routes/api.php b/routes/api.php
index 7a2abce..770e84a 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -16,7 +16,7 @@
 
 
 Route::middleware('auth:sanctum')->group(function () {
-    Route::get('user', UserController::class);
+    Route::get('user', [UserController::class, 'user']);
     Route::apiResource('tunnels', TunnelController::class);
     Route::post('tunnels/{tunnel}/close', [TunnelController::class, 'close']);
     Route::apiResource('servers', ServerController::class);
@@ -30,6 +30,10 @@
     Route::post('providers/{provider}/charge', [TrafficController::class, 'charge']);
     Route::post('providers/{provider}/ticket', [TicketController::class, 'submit']);
 
+
+    Route::post('tokens', [UserController::class, 'create']);
+    Route::delete('tokens', [UserController::class, 'deleteAll']);
+
 });
 
 Route::prefix('application')->name('application.')->middleware('whmcs_api')->group(function () {