diff --git a/hiboo/account/login.py b/hiboo/account/login.py
index 7d76bdab197b4d9059242f7d43b3e6f717f224bd..5bbfc5503a895cce155cea15ad2abe91f9f37f9c 100644
--- a/hiboo/account/login.py
+++ b/hiboo/account/login.py
@@ -3,27 +3,23 @@ from hiboo.account import blueprint, forms
 from flask_babel import lazy_gettext as _
 from flask import session
 from authlib.jose import JsonWebToken
-from io import BytesIO
 
 import datetime
 import flask_login
 import flask
-import pyotp
-import qrcode
-import base64
 
 @blueprint.route("/signin/password", methods=["GET", "POST"])
 def signin_password():
     form = forms.LoginForm()
     if form.validate_on_submit():
         user = models.User.login(form.username.data, form.password.data)
+        if form.remember_me.data is True:
+            session.permanent = True
         if user and models.Auth.TOTP in user.auths and user.auths[models.Auth.TOTP].enabled:
             session["username"] = user.username
             return flask.redirect(utils.url_for(".signin_totp"))
         elif user:
             flask_login.login_user(user)
-            if form.remember_me.data is True:
-                session.permanent = True
             return flask.redirect(utils.url_or_intent(".home"))
         else:
             flask.flash(_("Wrong credentials"), "danger")