diff --git a/custom/conf/app.ini.sample b/custom/conf/app.ini.sample
index 87027910e..bc30ac5c2 100755
--- a/custom/conf/app.ini.sample
+++ b/custom/conf/app.ini.sample
@@ -1052,6 +1052,7 @@ PASSWORD =
 USER_CENTER_HOST = http://192.168.202.73:31441
 CLIENT_ID = 3Z377wcplxeE2qpycpjv
 CLIENT_SECRET = J5ykfVl2kcxW0H9cawSL
+REST_SERVER_HOST = http://192.168.202.73
 ; cloudbrain visit opendata
 USER     = cW4cMtH24eoWPE7X
 PWD      = 4BPmgvK2hb2Eywwyp4YZRY4B7yQf4DAC
diff --git a/docs/opendata对外接口文档.docx b/docs/opendata对外接口文档.docx
index 88229ff12..10828c452 100755
Binary files a/docs/opendata对外接口文档.docx and b/docs/opendata对外接口文档.docx differ
diff --git a/docs/云脑用户登录流程图.png b/docs/云脑用户登录流程图.png
new file mode 100755
index 000000000..c05ca75b8
Binary files /dev/null and b/docs/云脑用户登录流程图.png differ
diff --git a/docs/开源社区与云脑平台对接方案(2)(1).docx b/docs/开源社区与云脑平台对接方案(2)(1).docx
new file mode 100755
index 000000000..a234ea0bc
Binary files /dev/null and b/docs/开源社区与云脑平台对接方案(2)(1).docx differ
diff --git a/models/login_source.go b/models/login_source.go
index e8d3d0670..b8c1ae224 100755
--- a/models/login_source.go
+++ b/models/login_source.go
@@ -830,6 +830,12 @@ func LoginViaCloudBrain(user *User, login, password string, source *LoginSource)
 		return nil, err
 	}
 
+	if user != nil {
+		//todo: update token
+		user.Token = token
+		return user, UpdateUserCols(user, "token")
+	}
+
 	cloudBrainUser, err := cloudbrain.GetUserInfo(token, login)
 
 	if len(cloudBrainUser.Email) == 0 {
@@ -844,6 +850,7 @@ func LoginViaCloudBrain(user *User, login, password string, source *LoginSource)
 		LoginSource:  source.ID,
 		LoginName:    login,
 		IsActive:     true,
+		Token:		  token,
 	}
 
 	err = CreateUser(user)
@@ -852,5 +859,5 @@ func LoginViaCloudBrain(user *User, login, password string, source *LoginSource)
 		return nil, err
 	}
 
-	return user, err
+	return user, nil
 }
diff --git a/models/user.go b/models/user.go
index b5ffae03f..29e1a5d9f 100755
--- a/models/user.go
+++ b/models/user.go
@@ -167,8 +167,7 @@ type User struct {
 	Theme         string `xorm:"NOT NULL DEFAULT ''"`
 
 	//CloudBrain
-	CloudBrainValidated			bool	`xorm:"NOT NULL DEFAULT false"`
-	Token						string	`xorm:"VARCHAR(64)"`
+	Token						string	`xorm:"VARCHAR(1024)"`
 }
 
 // SearchOrganizationsOptions options to filter organizations
diff --git a/modules/auth/cloudbrain/cloudbrain.go b/modules/auth/cloudbrain/cloudbrain.go
index 2408128b8..30ca8946d 100755
--- a/modules/auth/cloudbrain/cloudbrain.go
+++ b/modules/auth/cloudbrain/cloudbrain.go
@@ -1,20 +1,23 @@
 package cloudbrain
 
 import (
+	"bytes"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
 	"encoding/json"
 	"errors"
 	"io/ioutil"
 	"net/http"
 	"strings"
-
-	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
 )
 
 const (
-	GrantTypePassword = "password"
-	ScopeRead = "read"
-	TokenUrl = "/oauth/token"
+	UrlToken = "/rest-server/api/v1/token/"
+	UrlGetUserInfo = "/rest-server/api/v1/user/"
+
+	TokenTypeBear = "Bearer "
+
+	SuccessCode = "S000"
 )
 
 type RespAuth struct {
@@ -26,18 +29,43 @@ type RespAuth struct {
 	ErrorDescription string `json:"error_description"`
 }
 
+type RespToken struct {
+	Code string `json:"code"`
+	Message string `json:"message"`
+	Payload PayloadToken `json:"payload"`
+}
+
+type PayloadToken struct {
+	Username string `json:"username"`
+	Token string `json:"token"`
+	IsAdmin bool `json:"admin"`
+}
+
+type RespUserInfo struct {
+	Code string `json:"code"`
+	Message string `json:"message"`
+	Payload PayloadUserInfo `json:"payload"`
+}
+
+type PayloadUserInfo struct {
+	UserInfo StUserInfo `json:"userInfo"`
+}
+
+type StUserInfo struct {
+	Email string `json:"email"`
+}
+
 type CloudBrainUser struct {
 	UserName string `json:"username"`
 	Email string `json:"email"`
 }
 
 func UserValidate(username string, password string) (string, error) {
-	reqHttp := "client_id=" + setting.ClientID + "&client_secret=" + setting.ClientSecret +
-		"&grant_type=" + GrantTypePassword + "&scope=" + ScopeRead + "&username=" + username +
-		"&password=" + password
-	resp, err := http.Post(setting.UserCeterHost + TokenUrl,
-		"application/x-www-form-urlencoded",
-		strings.NewReader(reqHttp))
+	values := map[string]string{"username": username, "password": password}
+	jsonValue, _ := json.Marshal(values)
+	resp, err := http.Post(setting.RestServerHost + UrlToken,
+		"application/json",
+		bytes.NewBuffer(jsonValue))
 	if err != nil {
 		log.Error("req user center failed:" + err.Error())
 		return "", err
@@ -49,22 +77,56 @@ func UserValidate(username string, password string) (string, error) {
 		return "", err
 	}
 
-	var respAuth RespAuth
-	err = json.Unmarshal(body, &respAuth)
+	var res RespToken
+	err = json.Unmarshal(body, &res)
 	if err != nil {
-		log.Error("unmarshal resp failed:" + err.Error())
+		log.Error("unmarshal res failed:" + err.Error())
 		return "", err
 	}
 
-	if respAuth.Error != "" {
-		log.Error("req user_center for token failed:" + respAuth.Error + ":" + respAuth.ErrorDescription)
-		return "", errors.New(respAuth.ErrorDescription)
+	if res.Code != SuccessCode {
+		log.Error("req rest-server for token failed:", res.Message)
+		return "", errors.New(res.Message)
 	}
 
-	return respAuth.AccessToken, nil
+	return res.Payload.Token, nil
 }
 
 func GetUserInfo(username string, token string) (*CloudBrainUser, error) {
 	user := &CloudBrainUser{}
+
+	client := &http.Client{}
+	reqHttp,err := http.NewRequest("GET", setting.RestServerHost + UrlGetUserInfo  + username, strings.NewReader(""))
+	if err != nil {
+		log.Error("new req failed:", err.Error())
+		return nil, err
+	}
+
+	reqHttp.Header.Set("Authorization", TokenTypeBear + token)
+	resp,err := client.Do(reqHttp)
+	if err != nil {
+		log.Error("req rest-server failed:", err.Error())
+		return nil, err
+	}
+
+	body,err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		log.Error("read resp body failed:", err.Error())
+		return nil, err
+	}
+
+	var res RespUserInfo
+	err = json.Unmarshal(body, &res)
+	if err != nil {
+		log.Error("unmarshal resp failed:", err.Error())
+		return nil, err
+	}
+
+	if res.Code != SuccessCode {
+		log.Error("get userInfo failed:", err.Error())
+		return nil, err
+	}
+
+	user.Email = res.Payload.UserInfo.Email
 	return user, nil
 }
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index de0a4dc00..af902cb79 100755
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -437,6 +437,7 @@ var (
 	ClientID				string
 	ClientSecret			string
 	UserCeterHost			string
+	RestServerHost			string
 )
 
 // DateLang transforms standard language locale name to corresponding value in datetime plugin.
@@ -1111,6 +1112,7 @@ func NewContext() {
 	ClientID = sec.Key("CLIENT_ID").MustString("3Z377wcplxeE2qpycpjv")
 	ClientSecret = sec.Key("CLIENT_SECRET").MustString("J5ykfVl2kcxW0H9cawSL")
 	UserCeterHost = sec.Key("USER_CENTER_HOST").MustString("http://192.168.202.73:31441")
+	RestServerHost = sec.Key("REST_SERVER_HOST").MustString("http://192.168.202.73")
 }
 
 func loadInternalToken(sec *ini.Section) string {