diff --git a/application/behavior/GodPolicy.php b/application/behavior/GodPolicy.php
new file mode 100644
index 0000000..1dd3646
--- /dev/null
+++ b/application/behavior/GodPolicy.php
@@ -0,0 +1,15 @@
+<?php
+
+namespace app\behavior;
+
+use think\facade\Session;
+
+class GodPolicy
+{
+  public function run()
+  {
+    $is_god = Session::get('user.god');
+
+    return $is_god;
+  }
+}
diff --git a/application/http/middleware/GodAuthorize.php b/application/http/middleware/GodAuthorize.php
new file mode 100644
index 0000000..a171106
--- /dev/null
+++ b/application/http/middleware/GodAuthorize.php
@@ -0,0 +1,17 @@
+<?php
+
+namespace app\http\middleware;
+
+use think\facade\Hook;
+
+class GodAuthorize
+{
+    public function handle($request, \Closure $next)
+    {
+        $result = Hook::exec('app\\behavior\\GodPolicy');
+        return
+            $result
+            ? $next($request)
+            : redirect('user/session/create')->with('validate', '非法操作');
+    }
+}
diff --git a/application/http/middleware/UserAuthorize.php b/application/http/middleware/UserAuthorize.php
index 42fd980..f6abd43 100644
--- a/application/http/middleware/UserAuthorize.php
+++ b/application/http/middleware/UserAuthorize.php
@@ -2,16 +2,27 @@
 
 namespace app\http\middleware;
 
+use Closure;
 use think\facade\Hook;
 
 class UserAuthorize
 {
-    public function handle($request, \Closure $next)
+    public function handle($request, Closure $next)
     {
+        $is_god = Hook::exec('app\\behavior\\GodPolicy');
+        if ($is_god) {
+            return $next($request);
+        }
+
         $result = Hook::exec('app\\behavior\\UserPolicy', $request->id);
         return
             $result
             ? $next($request)
-            : redirect('user/session/create')->with('validate', '非法操作');
+            : $this->redirect();
+    }
+
+    private function redirect()
+    {
+        return redirect('user/session/create')->with('validate', '非法操作');
     }
 }
diff --git a/application/user/controller/Auth.php b/application/user/controller/Auth.php
index a4b3c79..c002df5 100644
--- a/application/user/controller/Auth.php
+++ b/application/user/controller/Auth.php
@@ -6,6 +6,7 @@
 use think\Request;
 use think\facade\Session;
 use app\user\model\User;
+use think\facade\Hook;
 
 class Auth extends Controller
 {
@@ -16,6 +17,11 @@ class Auth extends Controller
 				'save'
 			]
 		],
+		'GodAuthorize' => [
+			'only' => [
+				'delete'
+			]
+		]
 	];
 
 	/**
@@ -26,7 +32,8 @@ class Auth extends Controller
 	public function index()
 	{
 		$this->assign([
-			'users' => User::paginate(10)
+			'users' => User::paginate(10),
+			'god' => Hook::exec('app\\behavior\\GodPolicy')
 		]);
 		return $this->fetch();
 	}
@@ -120,6 +127,7 @@ public function update(Request $request, $id)
 	 */
 	public function delete($id)
 	{
-		//
+		User::where('id', $id)->where('god', false)->delete();
+		return redirect('user/auth/index');
 	}
 }
diff --git a/database/seeds/Users.php b/database/seeds/Users.php
index cd2026b..b752eea 100644
--- a/database/seeds/Users.php
+++ b/database/seeds/Users.php
@@ -1,6 +1,7 @@
 <?php
 
 use think\migration\Seeder;
+use app\user\model\User;
 
 class Users extends Seeder
 {
@@ -25,5 +26,10 @@ public function run()
         }
 
         $this->table('users')->insert($data)->save();
+
+        // allowField(false) 屏蔽 Model 中设置的保护字段 $field
+        User::get(1)->allowField(false)->save([
+            'god' => true
+        ]);
     }
 }
diff --git a/resources/views/user/auth/index.blade.php b/resources/views/user/auth/index.blade.php
index 160e0b9..33f8f81 100644
--- a/resources/views/user/auth/index.blade.php
+++ b/resources/views/user/auth/index.blade.php
@@ -12,6 +12,13 @@
       <a href="{{ url('user/auth/read', ['id' => $user->id]) }}">
         {{ $user->name }}
       </a>
+      @if ($god)
+      <form action="{{ url('user/auth/delete', ['id' => $user->id]) }}" method="post" class="float-right">
+        @php echo token() @endphp
+        <input type="hidden" name="_method" value="DELETE">
+        <button type="submit" class="btn btn-sm btn-danger delete-btn">删除</button>
+      </form>
+      @endif
     </div>
     @endforeach
   </div>
@@ -20,4 +27,4 @@
     {!! $users !!}
   </div>
 </div>
-@stop
+@stop
\ No newline at end of file