diff --git a/app/account_service.py b/app/account_service.py
index cc5b585..dfc403e 100644
--- a/app/account_service.py
+++ b/app/account_service.py
@@ -58,6 +58,12 @@ def login():
         username = escape(request.form['username'])
         password = escape(request.form['password'])
         verified = verify_user(username, password)
+        #读black.txt文件判断用户是否在黑名单中
+        with open('black.txt') as f:
+            for line in f:
+                line = line.strip()
+                if username == line:
+                    return jsonify({'status': '5'})
         with open('black.txt', 'a+') as f:
             f.seek(0)
             lines = f.readlines()
@@ -65,7 +71,7 @@ def login():
             for i in lines:
                 line.append(i.strip('\n'))
             #读black.txt文件判断用户是否在黑名单中
-            if verified and username not in line:
+            if verified and username not in line: #TODO: 一个用户名是另外一个用户名的子串怎么办？
                 # 登录成功，写入session
                 session['logged_in'] = True
                 session[username] = username