diff --git a/api/user.http.go b/api/user.http.go
index 83b2528..e0ce61c 100644
--- a/api/user.http.go
+++ b/api/user.http.go
@@ -1,16 +1,18 @@
 package user
 
 import (
+	"github.com/gin-gonic/gin"
 	"context"
 	"git.diulo.com/mogfee/kit/middleware"
 	"git.diulo.com/mogfee/kit/errors"
 	"git.diulo.com/mogfee/kit/response"
-	"github.com/gin-gonic/gin"
 )
 
 func RegisterUserHandler(app *gin.Engine, srv UserServer, m ...middleware.Middleware) {
 	app.GET("/api/v1/user/list", httpListHandler(srv, m...))
 	app.GET("/api/v1/user/login", httpLoginHandler(srv, m...))
+	app.GET("/api/v1/user/delete", httpDeleteHandler(srv, m...))
+	app.GET("/api/v1/user/delete1", httpDelete1Handler(srv, m...))
 }
 func httpListHandler(srv UserServer, m ...middleware.Middleware) func(c *gin.Context) {
 	return func(c *gin.Context) {
@@ -58,3 +60,49 @@ func httpLoginHandler(srv UserServer, m ...middleware.Middleware) func(c *gin.Co
 		}
 	}
 }
+func httpDeleteHandler(srv UserServer, m ...middleware.Middleware) func(c *gin.Context) {
+	return func(c *gin.Context) {
+		var post LoginRequest
+		resp := response.New(c)
+		if err := resp.BindQuery(&post); err != nil {
+			resp.Error(err)
+			return
+		}
+		h := func(ctx context.Context, a any) (any, error) {
+			return srv.Delete(ctx, a.(*LoginRequest))
+		}
+		out, err := middleware.HttpMiddleware(c, h, m...)(c, &post)
+		if err != nil {
+			resp.Error(err)
+		} else {
+			if v, ok := out.(*LoginResponse); ok {
+				resp.Success(v)
+			} else {
+				resp.Error(errors.InternalServer("RESULT_TYPE_ERROR", "LoginResponse"))
+			}
+		}
+	}
+}
+func httpDelete1Handler(srv UserServer, m ...middleware.Middleware) func(c *gin.Context) {
+	return func(c *gin.Context) {
+		var post LoginRequest
+		resp := response.New(c)
+		if err := resp.BindQuery(&post); err != nil {
+			resp.Error(err)
+			return
+		}
+		h := func(ctx context.Context, a any) (any, error) {
+			return srv.Delete1(ctx, a.(*LoginRequest))
+		}
+		out, err := middleware.HttpMiddleware(c, h, m...)(c, &post)
+		if err != nil {
+			resp.Error(err)
+		} else {
+			if v, ok := out.(*LoginResponse); ok {
+				resp.Success(v)
+			} else {
+				resp.Error(errors.InternalServer("RESULT_TYPE_ERROR", "LoginResponse"))
+			}
+		}
+	}
+}
diff --git a/api/user.pb.go b/api/user.pb.go
index c83181b..d44f4c0 100644
--- a/api/user.pb.go
+++ b/api/user.pb.go
@@ -157,7 +157,7 @@ var file_user_proto_rawDesc = []byte{
 	0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x66, 0x69, 0x72, 0x73, 0x74, 0x4e, 0x61,
 	0x6d, 0x65, 0x22, 0x25, 0x0a, 0x0d, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f,
 	0x6e, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01,
-	0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x32, 0x98, 0x02, 0x0a, 0x04, 0x75, 0x73,
+	0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x32, 0x9c, 0x03, 0x0a, 0x04, 0x75, 0x73,
 	0x65, 0x72, 0x12, 0x68, 0x0a, 0x04, 0x6c, 0x69, 0x73, 0x74, 0x12, 0x1b, 0x2e, 0x63, 0x6f, 0x6d,
 	0x2e, 0x64, 0x69, 0x75, 0x6c, 0x6f, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x6c, 0x6f, 0x67, 0x69, 0x6e,
 	0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x63, 0x6f, 0x6d, 0x2e, 0x64, 0x69,
@@ -171,12 +171,20 @@ var file_user_proto_rawDesc = []byte{
 	0x70, 0x69, 0x2e, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
 	0x22, 0x1d, 0xc0, 0x45, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x14, 0x12, 0x12, 0x2f, 0x61, 0x70,
 	0x69, 0x2f, 0x76, 0x31, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x2f, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x12,
-	0x43, 0x0a, 0x06, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x12, 0x1b, 0x2e, 0x63, 0x6f, 0x6d, 0x2e,
+	0x63, 0x0a, 0x06, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x12, 0x1b, 0x2e, 0x63, 0x6f, 0x6d, 0x2e,
 	0x64, 0x69, 0x75, 0x6c, 0x6f, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x52,
 	0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x63, 0x6f, 0x6d, 0x2e, 0x64, 0x69, 0x75,
 	0x6c, 0x6f, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x73, 0x70,
-	0x6f, 0x6e, 0x73, 0x65, 0x42, 0x09, 0x5a, 0x07, 0x2e, 0x2f, 0x3b, 0x75, 0x73, 0x65, 0x72, 0x62,
-	0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1e, 0xc0, 0x45, 0x00, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x15, 0x12,
+	0x13, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x2f, 0x64, 0x65,
+	0x6c, 0x65, 0x74, 0x65, 0x12, 0x62, 0x0a, 0x07, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x31, 0x12,
+	0x1b, 0x2e, 0x63, 0x6f, 0x6d, 0x2e, 0x64, 0x69, 0x75, 0x6c, 0x6f, 0x2e, 0x61, 0x70, 0x69, 0x2e,
+	0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x63,
+	0x6f, 0x6d, 0x2e, 0x64, 0x69, 0x75, 0x6c, 0x6f, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x6c, 0x6f, 0x67,
+	0x69, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1c, 0x82, 0xd3, 0xe4, 0x93,
+	0x02, 0x16, 0x12, 0x14, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x76, 0x31, 0x2f, 0x75, 0x73, 0x65, 0x72,
+	0x2f, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x31, 0x42, 0x09, 0x5a, 0x07, 0x2e, 0x2f, 0x3b, 0x75,
+	0x73, 0x65, 0x72, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
@@ -200,11 +208,13 @@ var file_user_proto_depIdxs = []int32{
 	0, // 0: com.diulo.api.user.list:input_type -> com.diulo.api.loginRequest
 	0, // 1: com.diulo.api.user.login:input_type -> com.diulo.api.loginRequest
 	0, // 2: com.diulo.api.user.delete:input_type -> com.diulo.api.loginRequest
-	1, // 3: com.diulo.api.user.list:output_type -> com.diulo.api.loginResponse
-	1, // 4: com.diulo.api.user.login:output_type -> com.diulo.api.loginResponse
-	1, // 5: com.diulo.api.user.delete:output_type -> com.diulo.api.loginResponse
-	3, // [3:6] is the sub-list for method output_type
-	0, // [0:3] is the sub-list for method input_type
+	0, // 3: com.diulo.api.user.delete1:input_type -> com.diulo.api.loginRequest
+	1, // 4: com.diulo.api.user.list:output_type -> com.diulo.api.loginResponse
+	1, // 5: com.diulo.api.user.login:output_type -> com.diulo.api.loginResponse
+	1, // 6: com.diulo.api.user.delete:output_type -> com.diulo.api.loginResponse
+	1, // 7: com.diulo.api.user.delete1:output_type -> com.diulo.api.loginResponse
+	4, // [4:8] is the sub-list for method output_type
+	0, // [0:4] is the sub-list for method input_type
 	0, // [0:0] is the sub-list for extension type_name
 	0, // [0:0] is the sub-list for extension extendee
 	0, // [0:0] is the sub-list for field type_name
diff --git a/api/user.ts b/api/user.ts
index cb8f911..64e0253 100644
--- a/api/user.ts
+++ b/api/user.ts
@@ -29,4 +29,18 @@ export class userService{
 			method:'GET'
 		})
 	}
+	static async delete(data :loginRequest, param?: Config<loginRequest>):Promise<loginResponse>{
+		return http<loginRequest, loginResponse>('/api/v1/user/delete', {
+			...param,
+			data: data,
+			method:'GET'
+		})
+	}
+	static async delete1(data :loginRequest, param?: Config<loginRequest>):Promise<loginResponse>{
+		return http<loginRequest, loginResponse>('/api/v1/user/delete1', {
+			...param,
+			data: data,
+			method:'GET'
+		})
+	}
 }
diff --git a/api/user_grpc.pb.go b/api/user_grpc.pb.go
index 47fbca5..f0c30d7 100644
--- a/api/user_grpc.pb.go
+++ b/api/user_grpc.pb.go
@@ -19,9 +19,10 @@ import (
 const _ = grpc.SupportPackageIsVersion7
 
 const (
-	User_List_FullMethodName   = "/com.diulo.api.user/list"
-	User_Login_FullMethodName  = "/com.diulo.api.user/login"
-	User_Delete_FullMethodName = "/com.diulo.api.user/delete"
+	User_List_FullMethodName    = "/com.diulo.api.user/list"
+	User_Login_FullMethodName   = "/com.diulo.api.user/login"
+	User_Delete_FullMethodName  = "/com.diulo.api.user/delete"
+	User_Delete1_FullMethodName = "/com.diulo.api.user/delete1"
 )
 
 // UserClient is the client API for User service.
@@ -33,6 +34,7 @@ type UserClient interface {
 	// 等了
 	Login(ctx context.Context, in *LoginRequest, opts ...grpc.CallOption) (*LoginResponse, error)
 	Delete(ctx context.Context, in *LoginRequest, opts ...grpc.CallOption) (*LoginResponse, error)
+	Delete1(ctx context.Context, in *LoginRequest, opts ...grpc.CallOption) (*LoginResponse, error)
 }
 
 type userClient struct {
@@ -70,6 +72,15 @@ func (c *userClient) Delete(ctx context.Context, in *LoginRequest, opts ...grpc.
 	return out, nil
 }
 
+func (c *userClient) Delete1(ctx context.Context, in *LoginRequest, opts ...grpc.CallOption) (*LoginResponse, error) {
+	out := new(LoginResponse)
+	err := c.cc.Invoke(ctx, User_Delete1_FullMethodName, in, out, opts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
 // UserServer is the server API for User service.
 // All implementations must embed UnimplementedUserServer
 // for forward compatibility
@@ -79,6 +90,7 @@ type UserServer interface {
 	// 等了
 	Login(context.Context, *LoginRequest) (*LoginResponse, error)
 	Delete(context.Context, *LoginRequest) (*LoginResponse, error)
+	Delete1(context.Context, *LoginRequest) (*LoginResponse, error)
 	mustEmbedUnimplementedUserServer()
 }
 
@@ -95,6 +107,9 @@ func (UnimplementedUserServer) Login(context.Context, *LoginRequest) (*LoginResp
 func (UnimplementedUserServer) Delete(context.Context, *LoginRequest) (*LoginResponse, error) {
 	return nil, status.Errorf(codes.Unimplemented, "method Delete not implemented")
 }
+func (UnimplementedUserServer) Delete1(context.Context, *LoginRequest) (*LoginResponse, error) {
+	return nil, status.Errorf(codes.Unimplemented, "method Delete1 not implemented")
+}
 func (UnimplementedUserServer) mustEmbedUnimplementedUserServer() {}
 
 // UnsafeUserServer may be embedded to opt out of forward compatibility for this service.
@@ -162,6 +177,24 @@ func _User_Delete_Handler(srv interface{}, ctx context.Context, dec func(interfa
 	return interceptor(ctx, in, info, handler)
 }
 
+func _User_Delete1_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(LoginRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(UserServer).Delete1(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: User_Delete1_FullMethodName,
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(UserServer).Delete1(ctx, req.(*LoginRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
 // User_ServiceDesc is the grpc.ServiceDesc for User service.
 // It's only intended for direct use with grpc.RegisterService,
 // and not to be introspected or modified (even as a copy)
@@ -181,6 +214,10 @@ var User_ServiceDesc = grpc.ServiceDesc{
 			MethodName: "delete",
 			Handler:    _User_Delete_Handler,
 		},
+		{
+			MethodName: "delete1",
+			Handler:    _User_Delete1_Handler,
+		},
 	},
 	Streams:  []grpc.StreamDesc{},
 	Metadata: "user.proto",
diff --git a/api/user_http.pb.go b/api/user_http.pb.go
index 47ede4b..b9872bf 100644
--- a/api/user_http.pb.go
+++ b/api/user_http.pb.go
@@ -10,12 +10,15 @@ type UserHTTPServer interface {
 	List(context.Context, *LoginRequest) (*LoginResponse, error)
 	Login(context.Context, *LoginRequest) (*LoginResponse, error)
 	Delete(context.Context, *LoginRequest) (*LoginResponse, error)
+	Delete1(context.Context, *LoginRequest) (*LoginResponse, error)
 }
 
 func RegisterUserHTTPServer(s *http.Server, srv UserServer) {
 	r := s.Route("/")
 	r.GET("/api/v1/user/list", _User_List0_HTTP_Handler(srv))
 	r.GET("/api/v1/user/login", _User_Login0_HTTP_Handler(srv))
+	r.GET("/api/v1/user/delete", _User_Delete0_HTTP_Handler(srv))
+	r.GET("/api/v1/user/delete1", _User_Delete10_HTTP_Handler(srv))
 }
 func _User_List0_HTTP_Handler(srv UserHTTPServer) func(ctx http.Context) error {
 	return func(ctx http.Context) error {
@@ -59,3 +62,41 @@ func _User_Login0_HTTP_Handler(srv UserHTTPServer) func(ctx http.Context) error
 		return ctx.Result(200, reply)
 	}
 }
+func _User_Delete0_HTTP_Handler(srv UserHTTPServer) func(ctx http.Context) error {
+	return func(ctx http.Context) error {
+		var in LoginRequest
+		var newCtx context.Context = ctx
+		if err := ctx.BindQuery(&in); err != nil {
+			return err
+		}
+		http.SetOperation(ctx, "/com.diulo.api.user/delete")
+		h := ctx.Middleware(func(ctx context.Context, req interface{}) (interface{}, error) {
+			return srv.Delete(ctx, req.(*LoginRequest))
+		})
+		out, err := h(newCtx, &in)
+		if err != nil {
+			return err
+		}
+		reply := out.(*LoginResponse)
+		return ctx.Result(200, reply)
+	}
+}
+func _User_Delete10_HTTP_Handler(srv UserHTTPServer) func(ctx http.Context) error {
+	return func(ctx http.Context) error {
+		var in LoginRequest
+		var newCtx context.Context = ctx
+		if err := ctx.BindQuery(&in); err != nil {
+			return err
+		}
+		http.SetOperation(ctx, "/com.diulo.api.user/delete1")
+		h := ctx.Middleware(func(ctx context.Context, req interface{}) (interface{}, error) {
+			return srv.Delete1(ctx, req.(*LoginRequest))
+		})
+		out, err := h(newCtx, &in)
+		if err != nil {
+			return err
+		}
+		reply := out.(*LoginResponse)
+		return ctx.Result(200, reply)
+	}
+}
diff --git a/cmd/kit/main.go b/cmd/kit/main.go
index 70769fc..0115ef0 100644
--- a/cmd/kit/main.go
+++ b/cmd/kit/main.go
@@ -114,7 +114,9 @@ func (u *Kit) genGet(f *protogen.File, s *protogen.Service, t *protogen.Generate
 	if authKey != "" {
 		t.P(`newCtx = jwt.SetAuthKeyContext(newCtx, "`, authKey, `")`)
 	}
-	t.P(`newCtx = jwt.SetNeedAuthContext(newCtx, `, needAuth, `)`)
+	if needAuth {
+		t.P(`newCtx = jwt.SetNeedAuthContext(newCtx, `, needAuth, `)`)
+	}
 	if method == protogen2.METHOD_GET {
 		t.P(`if err := ctx.BindQuery(&in); err != nil {
 			return err
diff --git a/git.diulo.com/mogfee/kit/third_party/auth/auth.pb.go b/git.diulo.com/mogfee/kit/third_party/auth/auth.pb.go
index 8d8b627..5496356 100644
--- a/git.diulo.com/mogfee/kit/third_party/auth/auth.pb.go
+++ b/git.diulo.com/mogfee/kit/third_party/auth/auth.pb.go
@@ -37,14 +37,30 @@ var file_third_party_auth_auth_proto_extTypes = []protoimpl.ExtensionInfo{
 		Tag:           "varint,1112,opt,name=auth",
 		Filename:      "third_party/auth/auth.proto",
 	},
+	{
+		ExtendedType:  (*descriptorpb.MethodOptions)(nil),
+		ExtensionType: (*bool)(nil),
+		Field:         1113,
+		Name:          "auth.auto_auth",
+		Tag:           "varint,1113,opt,name=auto_auth",
+		Filename:      "third_party/auth/auth.proto",
+	},
 }
 
 // Extension fields to descriptorpb.MethodOptions.
 var (
+	// 权限|分割多个权限
+	//
 	// optional string auth_key = 1111;
 	E_AuthKey = &file_third_party_auth_auth_proto_extTypes[0]
+	// 是否必须授权
+	//
 	// optional bool auth = 1112;
 	E_Auth = &file_third_party_auth_auth_proto_extTypes[1]
+	// 可以不授权
+	//
+	// optional bool auto_auth = 1113;
+	E_AutoAuth = &file_third_party_auth_auth_proto_extTypes[2]
 )
 
 var File_third_party_auth_auth_proto protoreflect.FileDescriptor
@@ -61,10 +77,14 @@ var file_third_party_auth_auth_proto_rawDesc = []byte{
 	0x79, 0x3a, 0x33, 0x0a, 0x04, 0x61, 0x75, 0x74, 0x68, 0x12, 0x1e, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
 	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68,
 	0x6f, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xd8, 0x08, 0x20, 0x01, 0x28, 0x08,
-	0x52, 0x04, 0x61, 0x75, 0x74, 0x68, 0x42, 0x2b, 0x5a, 0x29, 0x67, 0x69, 0x74, 0x2e, 0x64, 0x69,
-	0x75, 0x6c, 0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6d, 0x6f, 0x67, 0x66, 0x65, 0x65, 0x2f, 0x6b,
-	0x69, 0x74, 0x2f, 0x74, 0x68, 0x69, 0x72, 0x64, 0x5f, 0x70, 0x61, 0x72, 0x74, 0x79, 0x2f, 0x61,
-	0x75, 0x74, 0x68, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x52, 0x04, 0x61, 0x75, 0x74, 0x68, 0x3a, 0x3c, 0x0a, 0x09, 0x61, 0x75, 0x74, 0x6f, 0x5f, 0x61,
+	0x75, 0x74, 0x68, 0x12, 0x1e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4f, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x18, 0xd9, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x61, 0x75, 0x74, 0x6f,
+	0x41, 0x75, 0x74, 0x68, 0x42, 0x2b, 0x5a, 0x29, 0x67, 0x69, 0x74, 0x2e, 0x64, 0x69, 0x75, 0x6c,
+	0x6f, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6d, 0x6f, 0x67, 0x66, 0x65, 0x65, 0x2f, 0x6b, 0x69, 0x74,
+	0x2f, 0x74, 0x68, 0x69, 0x72, 0x64, 0x5f, 0x70, 0x61, 0x72, 0x74, 0x79, 0x2f, 0x61, 0x75, 0x74,
+	0x68, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var file_third_party_auth_auth_proto_goTypes = []interface{}{
@@ -73,10 +93,11 @@ var file_third_party_auth_auth_proto_goTypes = []interface{}{
 var file_third_party_auth_auth_proto_depIdxs = []int32{
 	0, // 0: auth.auth_key:extendee -> google.protobuf.MethodOptions
 	0, // 1: auth.auth:extendee -> google.protobuf.MethodOptions
-	2, // [2:2] is the sub-list for method output_type
-	2, // [2:2] is the sub-list for method input_type
-	2, // [2:2] is the sub-list for extension type_name
-	0, // [0:2] is the sub-list for extension extendee
+	0, // 2: auth.auto_auth:extendee -> google.protobuf.MethodOptions
+	3, // [3:3] is the sub-list for method output_type
+	3, // [3:3] is the sub-list for method input_type
+	3, // [3:3] is the sub-list for extension type_name
+	0, // [0:3] is the sub-list for extension extendee
 	0, // [0:0] is the sub-list for field type_name
 }
 
@@ -92,7 +113,7 @@ func file_third_party_auth_auth_proto_init() {
 			RawDescriptor: file_third_party_auth_auth_proto_rawDesc,
 			NumEnums:      0,
 			NumMessages:   0,
-			NumExtensions: 2,
+			NumExtensions: 3,
 			NumServices:   0,
 		},
 		GoTypes:           file_third_party_auth_auth_proto_goTypes,
diff --git a/proto/user.proto b/proto/user.proto
index 05cb904..540efae 100644
--- a/proto/user.proto
+++ b/proto/user.proto
@@ -24,7 +24,18 @@ service user{
       get: "/api/v1/user/login",
     };
   }
-  rpc delete(loginRequest)returns(loginResponse);
+  rpc delete(loginRequest)returns(loginResponse){
+    option(auth.auth) = false;
+    option (google.api.http) = {
+      get: "/api/v1/user/delete",
+    };
+  }
+
+  rpc delete1(loginRequest)returns(loginResponse){
+    option (google.api.http) = {
+      get: "/api/v1/user/delete1",
+    };
+  }
 }
 message loginRequest{
   //用户名
diff --git a/protogen/protogen.go b/protogen/protogen.go
index a164611..92833e0 100644
--- a/protogen/protogen.go
+++ b/protogen/protogen.go
@@ -34,25 +34,17 @@ func GetProtoMethod(m *protogen.Method) (method string, path string) {
 }
 
 func GetAuthKey(m *protogen.Method) (authKey string, needAuth bool) {
-
 	if op, ok := m.Desc.Options().(*descriptorpb.MethodOptions); ok {
-		if opts, err := proto.GetExtension(op, auth.E_AuthKey); err != nil {
-			//log.Println(err)
-		} else {
-			if vv, ok := opts.(*string); ok {
-				if *vv == "none" {
-					return "", false
-				}
+		if opts, err := proto.GetExtension(op, auth.E_AuthKey); err == nil {
+			if vv := opts.(*string); ok && *vv != "" {
 				return *vv, true
 			}
 		}
 	}
 
 	if op, ok := m.Desc.Options().(*descriptorpb.MethodOptions); ok {
-		if opts, err := proto.GetExtension(op, auth.E_Auth); err != nil {
-			//log.Println(err)
-		} else {
-			if _, ok := opts.(*bool); ok {
+		if opts, err := proto.GetExtension(op, auth.E_Auth); err == nil {
+			if v, ok := opts.(*bool); ok && *v {
 				return "", true
 			}
 		}
diff --git a/third_party/auth/auth.proto b/third_party/auth/auth.proto
index c555afc..8ce4599 100644
--- a/third_party/auth/auth.proto
+++ b/third_party/auth/auth.proto
@@ -5,6 +5,10 @@ option go_package = "git.diulo.com/mogfee/kit/third_party/auth";
 import "google/protobuf/descriptor.proto";
 
 extend google.protobuf.MethodOptions{
+  // 权限|分割多个权限
   string auth_key = 1111;
+  //是否必须授权
   bool auth = 1112;
+  //可以不授权
+  bool auto_auth = 1113;
 }
\ No newline at end of file