diff --git a/server/handles/auth.go b/server/handles/auth.go
index e1f512c4..7a2c0fb5 100644
--- a/server/handles/auth.go
+++ b/server/handles/auth.go
@@ -113,6 +113,10 @@ func UpdateCurrent(c *gin.Context) {
 		return
 	}
 	user := c.MustGet("user").(*model.User)
+	if user.IsGuest() {
+		common.ErrorStrResp(c, "Guest user can not update profile", 403)
+		return
+	}
 	user.Username = req.Username
 	if req.Password != "" {
 		user.SetPassword(req.Password)