diff --git a/drivers/alist/driver.go b/drivers/alist/driver.go
index 24fa1f17..dc1f8e8c 100644
--- a/drivers/alist/driver.go
+++ b/drivers/alist/driver.go
@@ -101,7 +101,7 @@ func (driver Alist) Link(path string, account *model.Account) (string, error) {
 	if utils.GetFileType(filepath.Ext(path)) == conf.TEXT {
 		flag = "p"
 	}
-	return fmt.Sprintf("%s/%s%s?sign=%s", account.SiteUrl, flag, path, utils.Get16MD5Encode(fmt.Sprintf("%s-%s", conf.Token, name))), nil
+	return fmt.Sprintf("%s/%s%s?sign=%s", account.SiteUrl, flag, path, utils.SignWithToken(name,conf.Token)), nil
 }
 
 func (driver Alist) Path(path string, account *model.Account) (*model.File, []model.File, error) {
diff --git a/drivers/base/driver.go b/drivers/base/driver.go
index d0098890..eb1d8609 100644
--- a/drivers/base/driver.go
+++ b/drivers/base/driver.go
@@ -9,8 +9,9 @@ import (
 )
 
 type DriverConfig struct {
-	Name string
-	OnlyProxy bool
+	Name       string
+	OnlyProxy  bool
+	NeedHeader bool
 }
 
 type Driver interface {
diff --git a/drivers/google/driver.go b/drivers/google/driver.go
index 58dd1328..e0bd70c7 100644
--- a/drivers/google/driver.go
+++ b/drivers/google/driver.go
@@ -15,8 +15,9 @@ type GoogleDrive struct{}
 
 func (driver GoogleDrive) Config() base.DriverConfig {
 	return base.DriverConfig{
-		Name: "GoogleDrive",
-		OnlyProxy: true,
+		Name:       "GoogleDrive",
+		OnlyProxy:  true,
+		NeedHeader: true,
 	}
 }
 
diff --git a/model/account.go b/model/account.go
index 0a5bc79a..56ca5846 100644
--- a/model/account.go
+++ b/model/account.go
@@ -33,6 +33,8 @@ type Account struct {
 	SiteId         string     `json:"site_id"`
 	OnedriveType   string     `json:"onedrive_type"`
 	WebdavProxy    bool       `json:"webdav_proxy"`
+	AllowProxy     bool       `json:"allow_proxy"`
+	ProxyUrl       string     `json:"proxy_url"`
 }
 
 var accountsMap = map[string]Account{}
diff --git a/server/common/check.go b/server/common/check.go
index e8f7bfad..e7959bc5 100644
--- a/server/common/check.go
+++ b/server/common/check.go
@@ -35,7 +35,7 @@ func CheckDownLink(path string, passwordMd5 string, name string) bool {
 	log.Debugf("check down path: %s", path)
 	if err == nil {
 		log.Debugf("check down link: %s,%s", meta.Password, passwordMd5)
-		if meta.Password != "" && utils.Get16MD5Encode("alist"+meta.Password+name) != passwordMd5 {
+		if meta.Password != "" && utils.SignWithPassword(name, meta.Password) != passwordMd5 {
 			return false
 		}
 		return true
diff --git a/server/controllers/down.go b/server/controllers/down.go
index 1050bb5b..621a7e88 100644
--- a/server/controllers/down.go
+++ b/server/controllers/down.go
@@ -23,7 +23,7 @@ func Down(c *gin.Context) {
 		common.ErrorResp(c, err, 500)
 		return
 	}
-	if driver.Config().OnlyProxy {
+	if driver.Config().OnlyProxy || account.Proxy {
 		Proxy(c)
 		return
 	}
@@ -45,6 +45,12 @@ func Proxy(c *gin.Context) {
 		common.ErrorResp(c, err, 500)
 		return
 	}
+	if account.ProxyUrl != "" {
+		name := utils.Base(rawPath)
+		link := fmt.Sprintf("%s%s?sign=%s", account.ProxyUrl, rawPath, utils.SignWithToken(name, conf.Token))
+		c.Redirect(302, link)
+		return
+	}
 	if !account.Proxy && utils.GetFileType(filepath.Ext(rawPath)) != conf.TEXT {
 		common.ErrorResp(c, fmt.Errorf("[%s] not allowed proxy", account.Name), 403)
 		return
diff --git a/server/controllers/path.go b/server/controllers/path.go
index aec524f5..8438b3cb 100644
--- a/server/controllers/path.go
+++ b/server/controllers/path.go
@@ -11,7 +11,7 @@ import (
 )
 
 func Path(c *gin.Context) {
-	reqV,_ := c.Get("req")
+	reqV, _ := c.Get("req")
 	req := reqV.(common.PathReq)
 	if model.AccountsCount() > 1 && req.Path == "/" {
 		files, err := model.GetAccountFiles()
@@ -66,7 +66,7 @@ func Path(c *gin.Context) {
 }
 
 func Link(c *gin.Context) {
-	reqV,_ := c.Get("req")
+	reqV, _ := c.Get("req")
 	req := reqV.(common.PathReq)
 	rawPath := req.Path
 	rawPath = utils.ParsePath(rawPath)
@@ -81,6 +81,16 @@ func Link(c *gin.Context) {
 		common.ErrorResp(c, err, 500)
 		return
 	}
+	if driver.Config().NeedHeader {
+		common.SuccessResp(c, gin.H{
+			"url": link,
+			"header": gin.H{
+				"name":  "Authorization",
+				"value": "Bearer " + account.AccessToken,
+			},
+		})
+		return
+	}
 	if driver.Config().OnlyProxy {
 		common.SuccessResp(c, gin.H{
 			"url": fmt.Sprintf("//%s/d%s", c.Request.Host, req.Path),
@@ -95,7 +105,7 @@ func Link(c *gin.Context) {
 }
 
 func Preview(c *gin.Context) {
-	reqV,_ := c.Get("req")
+	reqV, _ := c.Get("req")
 	req := reqV.(common.PathReq)
 	rawPath := req.Path
 	rawPath = utils.ParsePath(rawPath)
diff --git a/server/middlewares/down.go b/server/middlewares/down.go
index 5f61d78d..e6856549 100644
--- a/server/middlewares/down.go
+++ b/server/middlewares/down.go
@@ -13,7 +13,7 @@ func DownCheck(c *gin.Context) {
 	rawPath := c.Param("path")
 	rawPath = utils.ParsePath(rawPath)
 	name := utils.Base(rawPath)
-	if sign == utils.Get16MD5Encode(fmt.Sprintf("%s-%s", conf.Token, name)) {
+	if sign == utils.SignWithToken(name, conf.Token) {
 		c.Next()
 		return
 	}
diff --git a/server/router.go b/server/router.go
index 64973ac0..b6079d19 100644
--- a/server/router.go
+++ b/server/router.go
@@ -21,7 +21,8 @@ func InitApiRouter(r *gin.Engine) {
 		path := public.Group("", middlewares.PathCheck, middlewares.CheckAccount)
 		path.POST("/path", controllers.Path)
 		path.POST("/preview", controllers.Preview)
-		path.POST("/link", controllers.Link)
+
+		//path.POST("/link",middlewares.Auth, controllers.Link)
 
 		public.GET("/settings", controllers.GetSettingsPublic)
 	}
@@ -43,6 +44,8 @@ func InitApiRouter(r *gin.Engine) {
 		admin.POST("/meta/create", controllers.CreateMeta)
 		admin.POST("/meta/save", controllers.SaveMeta)
 		admin.DELETE("/meta", controllers.DeleteMeta)
+
+		admin.POST("/link", controllers.Link)
 	}
 	Static(r)
 	WebDav(r)
diff --git a/server/webdav/file.go b/server/webdav/file.go
index 5dc8148d..2496768d 100644
--- a/server/webdav/file.go
+++ b/server/webdav/file.go
@@ -87,7 +87,7 @@ func GetPW(path string, name string) string {
 	meta, err := model.GetMetaByPath(path)
 	if err == nil {
 		if meta.Password != "" {
-			utils.Get16MD5Encode("alist" + meta.Password + name)
+			return utils.SignWithPassword(name, meta.Password)
 		}
 		return ""
 	} else {
diff --git a/utils/md5.go b/utils/md5.go
index c5ba9b04..67f962da 100644
--- a/utils/md5.go
+++ b/utils/md5.go
@@ -3,6 +3,7 @@ package utils
 import (
 	"crypto/md5"
 	"encoding/hex"
+	"fmt"
 )
 
 // GetMD5Encode
@@ -16,3 +17,11 @@ func GetMD5Encode(data string) string {
 func Get16MD5Encode(data string) string {
 	return GetMD5Encode(data)[8:24]
 }
+
+func SignWithPassword(name, password string) string {
+	return Get16MD5Encode(fmt.Sprintf("alist-%s-%s", password, name))
+}
+
+func SignWithToken(name, token string) string {
+	return Get16MD5Encode(fmt.Sprintf("alist-%s-%s", token, name))
+}