diff --git a/app/Http/Controllers/Admin/ModuleController.php b/app/Http/Controllers/Admin/ModuleController.php
index cb254c2..bb817d8 100644
--- a/app/Http/Controllers/Admin/ModuleController.php
+++ b/app/Http/Controllers/Admin/ModuleController.php
@@ -61,7 +61,7 @@ public function store(Request $request): RedirectResponse
 
         $module->save();
 
-        return redirect()->route('admin.modules.edit', $module)->with('success', '模块创建成功, 请重置以获得 API Token。');
+        return redirect()->route('admin.modules.edit', $module)->with('success', '模块创建成功。');
 
     }
 
@@ -101,7 +101,7 @@ public function show(Module $module): View
      */
     public function edit(Module $module): View
     {
-        $module = $module->makeVisible('wecom_key');
+        $module = $module->makeVisible(['wecom_key', 'api_token']);
 
         return view('admin.modules.edit', compact('module'));
     }
@@ -118,16 +118,18 @@ public function update(Request $request, Module $module): RedirectResponse
     {
         $request->validate($this->rules());
 
-        if ($request->input('reset_api_token')) {
-            $module->api_token = Str::random(60);
-        }
-
         $module->id = $request->input('id');
         $module->name = $request->input('name');
         $module->url = $request->input('url');
         $module->status = $request->input('status');
         $module->wecom_key = $request->input('wecom_key');
 
+        if (!$request->filled('api_token')) {
+            $module->api_token = Str::random(60);
+        } else {
+            $module->api_token = $request->input('api_token');
+        }
+
         $module->save();
 
         $text = '模块更新成功';
@@ -158,8 +160,9 @@ public function destroy(Module $module): RedirectResponse
     public function allows(Module $module): View
     {
         $allows = (new ModuleAllow)->where('module_id', $module->id)->with('allowed_module')->paginate(50);
+        $modules = (new Module)->where('id', '!=', $module->id)->get();
 
-        return view('admin.modules.allows', compact('module', 'allows'));
+        return view('admin.modules.allows', compact('module', 'allows', 'modules'));
     }
 
     public function allows_store(Request $request, Module $module): RedirectResponse
diff --git a/resources/views/admin/modules/allows.blade.php b/resources/views/admin/modules/allows.blade.php
index 652d440..44547f6 100644
--- a/resources/views/admin/modules/allows.blade.php
+++ b/resources/views/admin/modules/allows.blade.php
@@ -44,7 +44,13 @@
 
         <div class="form-group">
             <label for="allowed_module_id">另一个 模块</label>
-            <input type="text" class="form-control" id="allowed_module_id" name="allowed_module_id"/>
+
+            <select name="allowed_module_id" id="allowed_module_id" class="form-control">
+                <option value="">无</option>
+                @foreach ($modules as $module)
+                    <option value="{{ $module->id }}">{{ $module->name }}</option>
+                @endforeach
+            </select>
         </div>
 
 
diff --git a/resources/views/admin/modules/edit.blade.php b/resources/views/admin/modules/edit.blade.php
index 6e20e11..930430e 100644
--- a/resources/views/admin/modules/edit.blade.php
+++ b/resources/views/admin/modules/edit.blade.php
@@ -3,59 +3,60 @@
 @section('title', '模块: ' . $module->name)
 
 @section('content')
-<h3>{{ $module->name }}</h3>
-<a class="mt-3" href="{{ route('admin.modules.show', $module) }}">查看</a>
-<a class="mt-3" href="{{ route('admin.modules.allows', $module) }}">MQTT 授权</a>
+    <h3>{{ $module->name }}</h3>
+    <a class="mt-3" href="{{ route('admin.modules.show', $module) }}">查看</a>
+    <a class="mt-3" href="{{ route('admin.modules.allows', $module) }}">MQTT 授权</a>
 
-<form method="POST" action="{{ route('admin.modules.update', $module)}}">
-    @csrf
-    @method('PATCH')
+    <form method="POST" action="{{ route('admin.modules.update', $module)}}">
+        @csrf
+        @method('PATCH')
 
-    <div class="form-group">
-        <label for="name">ID (修改后，路由也会改变)</label>
-        <input type="text" class="form-control" id="id" name="id" value="{{ $module->id }}">
-    </div>
+        <div class="form-group">
+            <label for="id">ID (修改后，路由也会改变)</label>
+            <input type="text" class="form-control" id="id" name="id" value="{{ $module->id }}">
+        </div>
 
-    <div class="form-group">
-        <label for="name">名称</label>
-        <input type="text" class="form-control" id="name" name="name" value="{{ $module->name }}">
-    </div>
+        <div class="form-group">
+            <label for="name">名称</label>
+            <input type="text" class="form-control" id="name" name="name" value="{{ $module->name }}">
+        </div>
 
-    <div class="form-group mt-1">
-        <label for="name">对端地址</label>
-        <input type="text" class="form-control" id="url" name="url" value="{{ $module->url }}">
-    </div>
+        <div class="form-group mt-1">
+            <label for="url">对端地址</label>
+            <input type="text" class="form-control" id="url" name="url" value="{{ $module->url }}">
+        </div>
 
-    <div class="form-group mt-1">
-        <label for="name">企业微信 群机器人 WebHook Key</label>
-        <input type="text" class="form-control" id="wecom_key" name="wecom_key" value="{{ $module->wecom_key }}" autocomplete="off">
-    </div>
+        <div class="form-group mt-1">
+            <label for="api_token">通信密钥(即 Api Token, 非常重要，请勿泄露。)</label>
+            <input type="text" class="form-control" id="api_token" name="api_token" value="{{ $module->api_token }}"
+                   autocomplete="off">
+        </div>
 
-    <div class="form-group mt-1">
-        <label for="status">状态</label>
-        <select class="form-control" id="status" name="status">
-            <option value="up" @if ($module->status === 'up') selected @endif>正常</option>
-            <option value="down" @if ($module->status === 'down') selected @endif>异常</option>
-            <option value="maintenance" @if ($module->status === 'maintenance') selected @endif>维护模式</option>
-        </select>
-    </div>
+        <div class="form-group mt-1">
+            <label for="wecom_key">企业微信 群机器人 WebHook Key</label>
+            <input type="text" class="form-control" id="wecom_key" name="wecom_key" value="{{ $module->wecom_key }}"
+                   autocomplete="off">
+        </div>
 
-    <div class="form-check mt-1">
-        <input class="form-check-input" type="checkbox" value="1" id="reset_api_token" name="reset_api_token">
-        <label class="form-check-label" for="reset_api_token">
-            重置 Api Token(重置后，需要到对应的模块中更新，否则会导致模块无法正常工作)
-        </label>
-    </div>
+        <div class="form-group mt-1">
+            <label for="status">状态</label>
+            <select class="form-control" id="status" name="status">
+                <option value="up" @if ($module->status === 'up') selected @endif>正常</option>
+                <option value="down" @if ($module->status === 'down') selected @endif>异常</option>
+                <option value="maintenance" @if ($module->status === 'maintenance') selected @endif>维护模式</option>
+            </select>
+        </div>
 
-    <button type="submit" class="btn btn-primary mt-3">提交</button>
-</form>
+        <button type="submit" class="btn btn-primary mt-3">提交</button>
+    </form>
 
 
-<hr />
-<form method="POST" action="{{ route('admin.modules.destroy', $module)}}" onsubmit="return confirm('删除后，业务将无法正常进行。')">
-    @csrf
-    @method('DELETE')
-    <button type="submit" class="btn btn-danger">删除</button>
-</form>
+    <hr/>
+    <form method="POST" action="{{ route('admin.modules.destroy', $module)}}"
+          onsubmit="return confirm('删除后，业务将无法正常进行。')">
+        @csrf
+        @method('DELETE')
+        <button type="submit" class="btn btn-danger">删除</button>
+    </form>
 
 @endsection