diff --git a/spug_api/apps/account/views.py b/spug_api/apps/account/views.py
index 108fdd1..ac6ccee 100644
--- a/spug_api/apps/account/views.py
+++ b/spug_api/apps/account/views.py
@@ -1,7 +1,8 @@
 from django.core.cache import cache
 from django.views.generic import View
+from django.db.models import F
 from libs import JsonParser, Argument, human_datetime, json_response
-from .models import User, Role
+from apps.account.models import User, Role
 import time
 import uuid
 import json
@@ -9,14 +10,19 @@ import json
 
 class UserView(View):
     def get(self, request):
-        users = User.objects.filter(is_supper=False, deleted_by_id__isnull=True)
-        return json_response([x.to_dict(excludes=('access_token', 'password_hash')) for x in users])
+        users = []
+        for u in User.objects.filter(is_supper=False, deleted_by_id__isnull=True).annotate(role_name=F('role__name')):
+            tmp = u.to_dict(excludes=('access_token', 'password_hash'))
+            tmp['role_name'] = u.role_name
+            users.append(tmp)
+        return json_response(users)
 
     def post(self, request):
         form, error = JsonParser(
             Argument('username', help='请输入登录名'),
             Argument('password', help='请输入密码'),
             Argument('nickname', help='请输入姓名'),
+            Argument('role_id', type=int, help='请选择角色'),
         ).parse(request.body)
         if error is None:
             form.password_hash = User.make_password(form.pop('password'))
@@ -30,10 +36,12 @@ class UserView(View):
             Argument('username', required=False),
             Argument('password', required=False),
             Argument('nickname', required=False),
+            Argument('role_id', required=False),
             Argument('is_active', type=bool, required=False),
         ).parse(request.body, True)
         if error is None:
             if form.get('password'):
+                form.token_expired = 0
                 form.password_hash = User.make_password(form.pop('password'))
             User.objects.filter(pk=form.pop('id')).update(**form)
         return json_response(error=error)
diff --git a/spug_web/src/pages/system/account/Form.js b/spug_web/src/pages/system/account/Form.js
index 48c13c2..9357f8d 100644
--- a/spug_web/src/pages/system/account/Form.js
+++ b/spug_web/src/pages/system/account/Form.js
@@ -1,7 +1,10 @@
 import React from 'react';
-import { Modal, Form, Input, message } from 'antd';
+import {Modal, Form, Select, Input, message, Col} from 'antd';
 import http from 'libs/http';
 import store from './store';
+import roleStore from '../role/store';
+import {Link} from "react-router-dom";
+import {LinkButton} from 'components';
 
 class ComForm extends React.Component {
   constructor(props) {
@@ -11,12 +14,23 @@ class ComForm extends React.Component {
     }
   }
 
+  componentDidMount() {
+    if (roleStore.records.length === 0) {
+      roleStore.fetchRecords()
+    }
+  }
+
   handleSubmit = () => {
     this.setState({loading: true});
     const formData = this.props.form.getFieldsValue();
-    formData['id'] = store.record.id;
-    http.post('/api/account/user/', formData)
-      .then(() => {
+    let request;
+    if (store.record.id) {
+      formData['id'] = store.record.id;
+      request = http.patch('/api/account/user/', formData)
+    } else {
+      request = http.post('/api/account/user/', formData)
+    }
+    request.then(() => {
         message.success('操作成功');
         store.formVisible = false;
         store.fetchRecords()
@@ -29,6 +43,7 @@ class ComForm extends React.Component {
     return (
       <Modal
         visible
+        width={800}
         maskClosable={false}
         title={store.record.id ? '编辑账户' : '新建账户'}
         onCancel={() => store.formVisible = false}
@@ -45,10 +60,26 @@ class ComForm extends React.Component {
               <Input placeholder="请输入姓名"/>
             )}
           </Form.Item>
-          <Form.Item required label="密码">
-            {getFieldDecorator('password', {initialValue: info.id ? '******' : undefined})(
-              <Input type="password" placeholder="请输入密码"/>
-            )}
+          {info.id === undefined && (
+            <Form.Item required label="密码">
+              {getFieldDecorator('password')(
+                <Input type="password" placeholder="请输入密码"/>
+              )}
+            </Form.Item>
+          )}
+          <Form.Item required label="角色">
+            <Col span={18}>
+              {getFieldDecorator('role_id', {initialValue: info['role_id']})(
+                <Select placeholder="请选择">
+                  {roleStore.records.map(item => (
+                    <Select.Option value={item.id} key={item.id}>{item.name}</Select.Option>
+                  ))}
+                </Select>
+              )}
+            </Col>
+            <Col span={4} offset={2}>
+              <Link to="/system/role">新建角色</Link>
+            </Col>
           </Form.Item>
         </Form>
       </Modal>
diff --git a/spug_web/src/pages/system/account/Table.js b/spug_web/src/pages/system/account/Table.js
index 648a94b..a1aa67a 100644
--- a/spug_web/src/pages/system/account/Table.js
+++ b/spug_web/src/pages/system/account/Table.js
@@ -1,13 +1,19 @@
 import React from 'react';
-import { observer } from 'mobx-react';
-import { Table, Divider, Modal, Badge, message } from 'antd';
-import { LinkButton } from 'components';
+import {observer} from 'mobx-react';
+import {Table, Divider, Modal, Badge, message, Form, Input} from 'antd';
+import {LinkButton} from 'components';
 import ComForm from './Form';
 import http from 'libs/http';
 import store from './store';
 
 @observer
 class ComTable extends React.Component {
+  constructor(props) {
+    super(props);
+    this.state = {
+      password: ''
+    }
+  }
   componentDidMount() {
     store.fetchRecords()
   }
@@ -23,6 +29,9 @@ class ComTable extends React.Component {
   }, {
     title: '姓名',
     dataIndex: 'nickname',
+  }, {
+    title: '角色',
+    dataIndex: 'role_name'
   }, {
     title: '状态',
     render: text => text['is_active'] ? <Badge status="success" text="正常"/> : <Badge status="default" text="禁用"/>
@@ -33,10 +42,13 @@ class ComTable extends React.Component {
     title: '操作',
     render: info => (
       <span>
-        <LinkButton className="span-button" onClick={() => this.handleActive(info)}>{info['is_active'] ? '禁用' : '启用'}</LinkButton>
+        <LinkButton className="span-button"
+                    onClick={() => this.handleActive(info)}>{info['is_active'] ? '禁用' : '启用'}</LinkButton>
         <Divider type="vertical"/>
         <LinkButton className="span-button" onClick={() => store.showForm(info)}>编辑</LinkButton>
         <Divider type="vertical"/>
+        <LinkButton className="span-button" onClick={() => this.handleReset(info)}>重置密码</LinkButton>
+        <Divider type="vertical"/>
         <LinkButton className="span-button" onClick={() => this.handleDelete(info)}>删除</LinkButton>
       </span>
     )
@@ -56,6 +68,22 @@ class ComTable extends React.Component {
     })
   };
 
+  handleReset = (info) => {
+    Modal.confirm({
+      icon: 'exclamation-circle',
+      title: '重置登录密码',
+      content: <Form>
+        <Form.Item required label="重置后的新密码">
+          <Input.Password onChange={val => this.setState({password: val.target.value})}/>
+        </Form.Item>
+      </Form>,
+      onOk: () => {
+        return http.patch('/api/account/user/', {id: info.id, password: this.state.password})
+          .then(() => message.success('重置成功', 0.5))
+      },
+    })
+  };
+
   handleDelete = (text) => {
     Modal.confirm({
       title: '删除确认',