diff --git a/app/controllers/accounts_controller.rb b/app/controllers/accounts_controller.rb
index fcc95089d..625d1494d 100644
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@@ -76,7 +76,27 @@ class AccountsController < ApplicationController
   def remote_login
     @user = User.try_to_login(params[:login], params[:password])
     if @user
-      successful_authentication(@user)
+      self.logged_user = @user
+      # generate a key and set cookie if autologin
+
+      token = Token.get_or_create_permanent_login_token(@user, "autologin")
+      cookie_options = {
+        :value => token.value,
+        :expires => 1.month.from_now,
+        :path => '/',
+        :secure => false,
+        :httponly => false
+      }
+      if edu_setting('cookie_domain').present?
+        cookie_options = cookie_options.merge(domain: edu_setting('cookie_domain'))
+      end
+
+      cookies[autologin_cookie_name] = cookie_options
+      Rails.logger.info("cookies is #{cookies}")
+      UserAction.create(:action_id => @user.try(:id), :action_type => "Login", :user_id => @user.try(:id), :ip => request.remote_ip)
+      user.update_column(:last_login_on, Time.now)
+      session[:"#{default_yun_session}"] = @user.id
+      # successful_authentication(@user)
       render_ok({user: {id: @user.id, token: @user.gitea_token}})
     else
       render_error("用户不存在")
diff --git a/config/application.rb b/config/application.rb
index feb5605d3..19276b5fd 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -33,8 +33,8 @@ module Educoderplus
       provider :cas, url: 'https://urp.tfswufe.edu.cn/cas'
     end
 
-    config.middleware.use ActionDispatch::Cookies
-    config.middleware.use ActionDispatch::Session::CookieStore
+    # config.middleware.use ActionDispatch::Cookies
+    # config.middleware.use ActionDispatch::Session::CookieStore
 
     config.middleware.insert_before 0, Rack::Cors do
       allow do