diff --git a/config.json b/config.json
index 6e8c1e4..70f5a2c 100644
--- a/config.json
+++ b/config.json
@@ -3,7 +3,6 @@
     "database_name": "music.sqlite3",
     "single_thread": true,
     "addr": ":8080",
-    "token": "!! config your very strong token here !!",
     "ffmpeg_threads": 1,
     "ffmpeg_config_list": [
       {
diff --git a/main.go b/main.go
index 50fbe7f..7459b4f 100644
--- a/main.go
+++ b/main.go
@@ -37,7 +37,6 @@ func main() {
 	log.Println("Starting",
 		config.APIConfig.DatabaseName,
 		config.APIConfig.Addr,
-		config.APIConfig.Token,
 	)
 	log.Fatal(api.Server.ListenAndServe())
 }
diff --git a/pkg/api/api.go b/pkg/api/api.go
index bdc6132..f398948 100644
--- a/pkg/api/api.go
+++ b/pkg/api/api.go
@@ -12,7 +12,6 @@ import (
 type API struct {
 	Db                 *database.Database
 	Server             http.Server
-	token              string
 	APIConfig          commonconfig.APIConfig
 	Tmpfs              *tmpfs.Tmpfs
 	store              *sessions.CookieStore
@@ -96,14 +95,12 @@ func NewAPI(config commonconfig.Config) (*API, error) {
 	apiMux.HandleFunc("/update_review", api.HandleUpdateReview)
 	apiMux.HandleFunc("/delete_review", api.HandleDeleteReview)
 	apiMux.HandleFunc("/get_reviews_by_user", api.HandleGetReviewsByUser)
-	// below needs token
+	// below needs admin
 	apiMux.HandleFunc("/walk", api.HandleWalk)
 	apiMux.HandleFunc("/reset", api.HandleReset)
 
 	mux.Handle("/api/v1/", http.StripPrefix("/api/v1", apiMux))
 	mux.Handle("/", http.StripPrefix("/", http.FileServer(http.Dir("web/build"))))
 
-	api.token = apiConfig.Token
-
 	return api, nil
 }
diff --git a/pkg/api/handle_database_manage.go b/pkg/api/handle_database_manage.go
index ee929e4..cac62f5 100644
--- a/pkg/api/handle_database_manage.go
+++ b/pkg/api/handle_database_manage.go
@@ -11,19 +11,9 @@ type WalkRequest struct {
 	TagIDs  []int64  `json:"tag_ids"`
 }
 
-type ResetRequest struct {
-	Token string `json:"token"`
-}
-
 func (api *API) HandleReset(w http.ResponseWriter, r *http.Request) {
-	resetRequest := &ResetRequest{}
-	err := json.NewDecoder(r.Body).Decode(resetRequest)
-	if err != nil {
-		api.HandleError(w, r, err)
-		return
-	}
-
-	// check token
+	var err error
+	// check admin
 	err = api.CheckAdmin(w, r)
 	if err != nil {
 		api.HandleError(w, r, err)
@@ -53,7 +43,7 @@ func (api *API) HandleWalk(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	// check token match
+	// check admin
 	err = api.CheckAdmin(w, r)
 	if err != nil {
 		api.HandleError(w, r, err)
diff --git a/pkg/api/handle_token.go b/pkg/api/handle_token.go
deleted file mode 100644
index c0ff661..0000000
--- a/pkg/api/handle_token.go
+++ /dev/null
@@ -1,18 +0,0 @@
-package api
-
-import (
-	"errors"
-	"log"
-	"net/http"
-)
-
-func (api *API) CheckToken(w http.ResponseWriter, r *http.Request, token string) error {
-	if token != api.token {
-		err := errors.New("token not matched")
-		log.Println("[api] [Warning] Token not matched", token)
-		api.HandleErrorCode(w, r, err, 403)
-		return err
-	}
-	log.Println("[api] Token passed")
-	return nil
-}
diff --git a/pkg/commonconfig/config.go b/pkg/commonconfig/config.go
index 3ffdf06..52ff579 100644
--- a/pkg/commonconfig/config.go
+++ b/pkg/commonconfig/config.go
@@ -9,7 +9,6 @@ type APIConfig struct {
 	DatabaseName     string         `json:"database_name"`
 	SingleThread     bool           `json:"single_thread,default=true"`
 	Addr             string         `json:"addr"`
-	Token            string         `json:"token"`
 	FfmpegThreads    int64          `json:"ffmpeg_threads"`
 	FfmpegConfigList []FfmpegConfig `json:"ffmpeg_config_list"`
 }