diff --git a/src/routes/app-manager/list.ts b/src/routes/app-manager/list.ts
index 58c4b6c..cf50d50 100644
--- a/src/routes/app-manager/list.ts
+++ b/src/routes/app-manager/list.ts
@@ -40,15 +40,26 @@ app
   .define(async (ctx) => {
     const tokenUser = ctx.state.tokenUser;
     const id = ctx.query.id;
-    if (!id) {
+    const { key, version } = ctx.query?.data || {};
+    if (!id && (!key || !version)) {
       throw new CustomError('id is required');
     }
-    const am = await AppListModel.findByPk(id);
+    let am: AppListModel;
+    if (id) {
+      am = await AppListModel.findByPk(id);
+    } else if (key && version) {
+      am = await AppListModel.findOne({
+        where: {
+          key,
+          version,
+          uid: tokenUser.id,
+        },
+      });
+    }
     if (!am) {
       throw new CustomError('app not found');
     }
     ctx.body = prefixFix(am, tokenUser.username);
-    return ctx;
   })
   .addTo(app);
 
diff --git a/src/routes/app-manager/module/app.ts b/src/routes/app-manager/module/app.ts
index bbe3622..3a57314 100644
--- a/src/routes/app-manager/module/app.ts
+++ b/src/routes/app-manager/module/app.ts
@@ -79,6 +79,19 @@ export class AppModel extends Model {
     });
     return _;
   }
+
+  async getPublic() {
+    const value = this.toJSON();
+    // 删除不需要的字段
+    const data = value.data;
+    if (data && data.permission) {
+      delete data.permission.usernames;
+      delete data.permission.password;
+      delete data.permission['expiration-time'];
+    }
+    value.data = data;
+    return value;
+  }
 }
 AppModel.init(
   {