diff --git a/src/common/dataobj/query_item.go b/src/common/dataobj/query_item.go
index 2e477c4731716ef899d60c6e599e622a508a479c..dc08a58f728f1f3c2594e3ccc2f041b3452a066c 100644
--- a/src/common/dataobj/query_item.go
+++ b/src/common/dataobj/query_item.go
@@ -1,5 +1,10 @@
 package dataobj
 
+import (
+	"fmt"
+	"time"
+)
+
 type QueryData struct {
 	Start      int64    `json:"start"`
 	End        int64    `json:"end"`
@@ -97,10 +102,34 @@ type XcludeResp struct {
 }
 
 type IndexByFullTagsRecv struct {
-	Endpoints []string  `json:"endpoints"`
-	Nids      []string  `json:"nids"`
-	Metric    string    `json:"metric"`
-	Tagkv     []TagPair `json:"tagkv"`
+	Endpoints      []string  `json:"endpoints"`
+	Nids           []string  `json:"nids"`
+	Metric         string    `json:"metric"`
+	Tagkv          []TagPair `json:"tagkv"`
+	Start          int64     `json:"start" description:"inclusive"`
+	End            int64     `json:"end" description:"exclusive"`
+	StartInclusive time.Time `json:"-"`
+	EndExclusive   time.Time `json:"-"`
+}
+
+func (p *IndexByFullTagsRecv) Validate() error {
+	if p.End == 0 {
+		p.EndExclusive = time.Now()
+	} else {
+		p.EndExclusive = time.Unix(p.End, 0)
+	}
+
+	if p.Start == 0 {
+		p.StartInclusive = p.EndExclusive.Add(-time.Hour * 25)
+	} else {
+		p.StartInclusive = time.Unix(p.Start, 0)
+	}
+
+	if p.StartInclusive.After(p.EndExclusive) {
+		return fmt.Errorf("start is after end")
+	}
+
+	return nil
 }
 
 type IndexByFullTagsResp struct {
diff --git a/src/modules/rdb/auth/authenticator.go b/src/modules/rdb/auth/authenticator.go
index 8bb9ee9e23ab23e5c21392f6f34a106a11af54ec..b06338681a32ceb9b4c306974a7bbe136bbc32a8 100644
--- a/src/modules/rdb/auth/authenticator.go
+++ b/src/modules/rdb/auth/authenticator.go
@@ -237,8 +237,7 @@ func (p *Authenticator) DeleteSession(sid string) error {
 
 	if !p.extraMode {
 		pkgcache.Delete("sid." + s.Sid)
-		models.SessionDelete(s.Sid)
-		return nil
+		return models.SessionDelete(s.Sid)
 	}
 	return deleteSession(s)
 }
@@ -490,10 +489,12 @@ func checkPassword(cf *models.AuthConfig, passwd string) error {
 
 func deleteSession(s *models.Session) error {
 	pkgcache.Delete("sid." + s.Sid)
-	models.SessionDelete(s.Sid)
 	pkgcache.Delete("access-token." + s.AccessToken)
-	models.TokenDelete(s.AccessToken)
-	return nil
+
+	if err := models.SessionDelete(s.Sid); err != nil {
+		return err
+	}
+	return models.TokenDelete(s.AccessToken)
 }
 
 func deleteSessionByToken(t *models.Token) error {
diff --git a/src/modules/rdb/http/router_auth.go b/src/modules/rdb/http/router_auth.go
index f30824a0cd4fa46d2fd230793f8826bc7918318d..0e911207f556b32e2e9891ae3d095cb774458c46 100644
--- a/src/modules/rdb/http/router_auth.go
+++ b/src/modules/rdb/http/router_auth.go
@@ -733,9 +733,15 @@ func pwdRulesGet(c *gin.Context) {
 }
 
 func sessionDestory(c *gin.Context) (sid string, err error) {
-	if sid, err = session.Destroy(c.Writer, c.Request); sid != "" {
-		auth.DeleteSession(sid)
+	if sid, err = session.GetSid(c.Request); sid == "" {
+		return
+	}
+
+	if e := auth.DeleteSession(sid); e != nil {
+		logger.Debugf("auth.deleteSession sid %s err %v", sid, e)
 	}
 
+	session.Destroy(c.Writer, c.Request)
+
 	return
 }
diff --git a/src/modules/rdb/session/session.go b/src/modules/rdb/session/session.go
index 2a44348a80fea66bfbe414b51ea533a0166cf2b5..a4f44d1b3911d4ba2df1e72bef1fad9786e8230b 100644
--- a/src/modules/rdb/session/session.go
+++ b/src/modules/rdb/session/session.go
@@ -46,6 +46,10 @@ func Destroy(w http.ResponseWriter, r *http.Request) (string, error) {
 	return DefaultSession.Destroy(w, r)
 }
 
+func GetSid(r *http.Request) (string, error) {
+	return DefaultSession.GetSid(r)
+}
+
 func Get(sid string) (*SessionStore, error) {
 	return DefaultSession.Get(sid)
 }
@@ -99,7 +103,7 @@ type Manager struct {
 func (p *Manager) Start(w http.ResponseWriter, r *http.Request) (store *SessionStore, err error) {
 	var sid string
 
-	if sid, err = p.getSid(r); err != nil {
+	if sid, err = p.GetSid(r); err != nil {
 		return
 	}
 
@@ -172,7 +176,7 @@ func (p *Manager) All() int {
 	return p.all()
 }
 
-func (p *Manager) getSid(r *http.Request) (sid string, err error) {
+func (p *Manager) GetSid(r *http.Request) (sid string, err error) {
 	var cookie *http.Cookie
 
 	cookie, err = r.Cookie(p.config.CookieName)
diff --git a/src/modules/transfer/backend/m3db/m3db.go b/src/modules/transfer/backend/m3db/m3db.go
index 1fab634545cb570fe0821be3086202a4e46d8d3f..7a66f67a3008d750e8e44d8d6c996eb5f8b17799 100644
--- a/src/modules/transfer/backend/m3db/m3db.go
+++ b/src/modules/transfer/backend/m3db/m3db.go
@@ -268,6 +268,11 @@ func (p *Client) QueryIndexByFullTags(inputs []dataobj.IndexByFullTagsRecv) ([]d
 
 	var resp dataobj.IndexByFullTagsResp
 	for i, input := range inputs {
+		if err := input.Validate(); err != nil {
+			logger.Errorf("input validate err %s", err)
+			continue
+		}
+
 		resp = p.queryIndexByFullTags(session, input)
 		list[i] = resp
 		count += resp.Count
diff --git a/src/modules/transfer/backend/m3db/query.go b/src/modules/transfer/backend/m3db/query.go
index 4dda3f0cfa313de2833a5acb5ffb6c44e6e06099..9bc80985121826a0821e214fa582cbb08bacdd0f 100644
--- a/src/modules/transfer/backend/m3db/query.go
+++ b/src/modules/transfer/backend/m3db/query.go
@@ -231,8 +231,8 @@ func (cfg M3dbSection) queryIndexByFullTagsOptions(input dataobj.IndexByFullTags
 	}
 
 	return query, index.QueryOptions{
-		StartInclusive: indexStartTime(),
-		EndExclusive:   time.Now(),
+		StartInclusive: input.StartInclusive,
+		EndExclusive:   input.EndExclusive,
 		SeriesLimit:    cfg.SeriesLimit,
 		DocsLimit:      cfg.DocsLimit,
 	}