diff --git a/pkg/common/storage/controller/auth.go b/pkg/common/storage/controller/auth.go
index b725513d9..410283927 100644
--- a/pkg/common/storage/controller/auth.go
+++ b/pkg/common/storage/controller/auth.go
@@ -60,10 +60,13 @@ func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformI
 		return "", err
 	}
 	var deleteTokenKey []string
+	var kickedTokenKey []string
 	for k, v := range tokens {
-		_, err = tokenverify.GetClaimFromToken(k, authverify.Secret(a.accessSecret))
+		t, err := tokenverify.GetClaimFromToken(k, authverify.Secret(a.accessSecret))
 		if err != nil || v != constant.NormalToken {
 			deleteTokenKey = append(deleteTokenKey, k)
+		} else if t.UserID == userID && t.PlatformID == platformID {
+			kickedTokenKey = append(kickedTokenKey, k)
 		}
 	}
 	if len(deleteTokenKey) != 0 {
@@ -72,6 +75,14 @@ func (a *authDatabase) CreateToken(ctx context.Context, userID string, platformI
 			return "", err
 		}
 	}
+	if len(kickedTokenKey) != 0 {
+		for _, k := range kickedTokenKey {
+			err := a.cache.SetTokenFlagEx(ctx, userID, platformID, k, constant.KickedToken)
+			if err != nil {
+				return "", err
+			}
+		}
+	}
 
 	claims := tokenverify.BuildClaims(userID, platformID, a.accessExpire)
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)