diff --git a/conf/nginx.conf b/conf/nginx.conf
index 32ef0ea..61a1e81 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -30,10 +30,9 @@ http {
             log_not_found off;
             access_log off;
         }
-        ## 应用路径
+        ## 应用路径 todo 路径问题
         set $APP_PATH '/home/frankly/work/AuthPlatform';
 
-
         #access_by_lua_file '${APP_PATH}/src/auth/jwt-auth.lua';
         #数据列表配置
         include 'system/system.conf';
diff --git a/src/auth/jwt-auth.lua b/src/auth/jwt-auth.lua
index c74dfaa..9499b2e 100644
--- a/src/auth/jwt-auth.lua
+++ b/src/auth/jwt-auth.lua
@@ -2,56 +2,38 @@ local jwt = require "resty.jwt"
 local validators = require "resty.jwt-validators"
 local conf = require("config")
 
+--获取用户认证数据信息
 local auth_header = ngx.var.http_Authorization
-ngx.log(ngx.INFO, auth_header)
-----定义响应数据
-local response = {}
-----如果请求头中没有令牌，则直接返回401
+
+--如果请求头中没有令牌，则直接返回401
 if auth_header == nil or auth_header == "" then
     ngx.log(ngx.WARN, "没有找到令牌数据")
-    response["code"] = ngx.HTTP_UNAUTHORIZED
-    response["message"] = "没有找到令牌数据"
     ngx.status = ngx.HTTP_UNAUTHORIZED
-    ngx.header.content_type = "application/json; charset=utf-8"
-    ngx.body = response
     ngx.exit(ngx.HTTP_UNAUTHORIZED)
 end
---[[
---查找令牌中的Bearer前缀字符，并进行截取
+
+--查找令牌中的Bearer前缀字符，并进行截取 todo 使用jsonscheme进行匹配
 local _, _, token = string.find(auth_header, "Bearer%s+(.+)")
---如果没有Bearer，则表示令牌无效
+--如果没有Bearer，则表示令牌格式不正确
 if token == nil then
-    response["code"] = ngx.HTTP_UNAUTHORIZED
-    response["message"] = "令牌格式不正确"
     ngx.log(ngx.WARN, "令牌格式不正确")
     ngx.status = ngx.HTTP_UNAUTHORIZED
-    ngx.header.content_type = "application/json; charset=utf-8"
-    ngx.body = response
     ngx.exit(ngx.HTTP_UNAUTHORIZED)
 end
---]]
 
 --校验令牌
 local jwt_obj = jwt:verify(conf.secret_key, auth_header)
 --如果校验结果中的verified==false，则表示令牌无效
 if jwt_obj.verified == false then
     ngx.log(ngx.WARN, "Invalid token: ".. jwt_obj.reason)
-    response["code"] = ngx.HTTP_UNAUTHORIZED
-    response["message"] = "令牌无效"
     ngx.status = ngx.HTTP_UNAUTHORIZED
-    ngx.header.content_type = "application/json; charset=utf-8"
-    ngx.body = response
     ngx.exit(ngx.HTTP_UNAUTHORIZED)
 end
 
---判断token是否超时
+--判断token是否超时 --令牌已过期
 if jwt_obj.payload.exp and os.time() > jwt_obj.payload.exp then
     ngx.log(ngx.WARN, "token timeout ".. jwt_obj.reason)
-    response["code"] = ngx.HTTP_UNAUTHORIZED
-    response["message"] = "令牌已过期"
     ngx.status = ngx.HTTP_UNAUTHORIZED
-    ngx.header.content_type = "application/json; charset=utf-8"
-    ngx.body = response
     ngx.exit(ngx.HTTP_UNAUTHORIZED)
 end
 
diff --git a/src/dao/user.lua b/src/dao/user.lua
index 59847a6..069b0d3 100644
--- a/src/dao/user.lua
+++ b/src/dao/user.lua
@@ -12,6 +12,12 @@ local userModel = model:new('sys_user')
 
 local _M = {}
 
+local user = {
+    ["ID"] = "",
+    ["type"] = 0,
+
+}
+
 --判断用户是否存在
 local function isExistUser(id)
     --根据用户id进行验证用户是否存在