diff --git a/connect.py b/connect.py
index b6156933c..181784263 100755
--- a/connect.py
+++ b/connect.py
@@ -14,6 +14,7 @@ import django
 import getpass
 from Crypto.Cipher import AES
 from binascii import b2a_hex, a2b_hex
+from ConfigParser import ConfigParser
 
 from django.core.exceptions import ObjectDoesNotExist
 os.environ['DJANGO_SETTINGS_MODULE'] = 'jumpserver.settings'
@@ -32,7 +33,10 @@ except ImportError:
 
 
 CURRENT_DIR = os.path.abspath('.')
+CONF = ConfigParser()
+CONF.read(os.path.join(CURRENT_DIR, 'jumpserver.conf'))
 LOG_DIR = os.path.join(CURRENT_DIR, 'logs')
+KEY = CONF.get('web', 'key')
 
 
 def green_print(string):
@@ -180,6 +184,8 @@ def get_user_host(username):
 
 
 def get_connect_item(username, ip):
+    cryptor = PyCrypt(KEY)
+
     try:
         asset = Asset.objects.get(ip=ip)
         port = asset.port
@@ -189,17 +195,16 @@ def get_connect_item(username, ip):
 
     if asset.ldap_enable:
         user = User.objects.get(username=username)
-        ldap_pwd = user.ldap_pwd
+        ldap_pwd = cryptor.decrypt(user.ldap_pwd)
         return username, ldap_pwd, ip, port
-
     else:
         perms = asset.permission_set.all()
         perm = perms[0]
 
         if perm.perm_user_type == 'S':
-            return asset.username_super, asset.password_super, ip, port
+            return asset.username_super, cryptor.decrypt(asset.password_super), ip, port
         else:
-            return asset.username_common, asset.password_common, ip, port
+            return asset.username_common, cryptor.decrypt(asset.password_common), ip, port
 
 
 def verify_connect(username, part_ip):
diff --git a/docs/test_add_user.py b/docs/test_add_user.py
index 0b3f2bcc9..f0cd7e3a3 100644
--- a/docs/test_add_user.py
+++ b/docs/test_add_user.py
@@ -9,25 +9,40 @@ from jasset.models import Asset, IDC
 from jpermission.models import Permission
 
 
-g = Group(name='wzp', comment='wzp project')
-g.save()
+def add_group(group):
+    group = Group(name='hadoop')
+    group.save()
+    return group
 
-u = User(username='hadoop', password='hadoop', name='hadoop', email='ibuler@qq.com', 
-         ldap_pwd='hadoop', ssh_key_pwd='hadoop', date_joined=0)
-u.save()
-u.group=[g]
-u.save()
 
-i = IDC(name='lf')
-i.save()
+def add_user(username, name,  group, ldap_pwd='hadoop', ssh_key_pwd='hadoop',
+             date_joined=0, role='CU', is_active=True, password='hadoop',):
+    user = User(username=username, password=password, name=name, group=group, ldap_pwd=ldap_pwd,
+                ssh_key_pwd=ssh_key_pwd, date_joined=date_joined, role=role, is_active=is_active)
+    user.save()
+    return user
+
+
+def add_idc(name):
+    idc = IDC(name=name)
+    idc.save()
+    return idc
+
+
+def add_asset(ip, idc, password_common, port=2001, ldap_enable=False, username_common='guanghongwei', date_add=0):
+    asset = Asset(ip=ip, idc=idc, password_common=password_common, port=port,
+                  ldap_enable=ldap_enable, username_common=username_common, date_add=date_add)
+    asset.save()
+    return asset
+
+
+wrm = add_group('wrm')
+guanghongwei = add_user('guanghongwei', 'guanghongwei', wrm)
+
+sd = add_idc('sd')
+test1 = add_asset('172.16.1.122', sd, 'Lov@j1ax1n')
 
-a = Asset(ip='172.16.1.122', port=2001, idc=i, date_added=0)
-a.save()
-a.group = [g]
-a.save()
 
-p = Permission(user=u, asset=a)
-p.save()