diff --git a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/controller/user/UserController.kt b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/controller/user/UserController.kt
index 7c33724f1c..f7501d59c3 100644
--- a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/controller/user/UserController.kt
+++ b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/controller/user/UserController.kt
@@ -240,6 +240,7 @@ class UserController @Autowired constructor(
 
     @ApiOperation("校验用户token")
     @PostMapping("/token")
+    @Deprecated("no need work")
     fun checkToken(@RequestParam uid: String, @RequestParam token: String): Response<Boolean> {
         preCheckContextUser(uid)
         userService.findUserByUserToken(uid, token) ?: return ResponseBuilder.success(false)
diff --git a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/util/query/UserQueryHelper.kt b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/util/query/UserQueryHelper.kt
index f41c638fb3..b7b42ed44c 100644
--- a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/util/query/UserQueryHelper.kt
+++ b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/util/query/UserQueryHelper.kt
@@ -13,7 +13,7 @@ object UserQueryHelper {
             Criteria.where(TUser::pwd.name).`is`(hashPwd),
             Criteria.where("tokens.id").`is`(pwd),
             Criteria.where("tokens.id").`is`(sm3HashPwd)
-        ).and(TUser::userId.name).`is`(userId)
+        ).and(TUser::userId.name).`is`(userId).and(TUser::locked.name).`is`(false)
         return query(criteria)
     }