diff --git a/app.js b/app.js
index 0d5a4f5..0f130b4 100644
--- a/app.js
+++ b/app.js
@@ -18,7 +18,7 @@ const loadAPIRoutes = () => {
 
   files.forEach((file) => {
     if (file.endsWith(".js") && file !== "index.js") {
-      const routePath = `/${file.replace(".js", "")}`;
+      const routePath = `/api/${file.replace(".js", "")}`;
       const handler = require(path.join(apiDir, file));
 
       router.post(routePath, async (ctx) => {
@@ -42,7 +42,7 @@ app.use(async (ctx, next) => {
       // 这里假设第三方Token可以通过某种方式验证并转换为JWT Token
       const decoded = verifyThirdPartyToken(thirdPartyToken); // 假设有一个验证函数
       const jwtToken = jwt.sign(decoded, process.env.JWT_SECRET, { expiresIn: "1h" });
-      ctx.state.user = user; // 将用户信息存储在ctx.state中
+      ctx.state.user = decoded; // 将用户信息存储在ctx.state中
       ctx.headers.authorization = `Bearer ${jwtToken}`; // 替换为JWT Token
     } catch (err) {
       ctx.throw(401, 'Invalid third-party token');
diff --git a/auth/verifyThirdPartyToken.js b/auth/verifyThirdPartyToken.js
index 018e478..5853ddc 100644
--- a/auth/verifyThirdPartyToken.js
+++ b/auth/verifyThirdPartyToken.js
@@ -1,3 +1,3 @@
-module.exports = token=>{
-    return {token}
-}
\ No newline at end of file
+module.exports = (token) => {
+  return { token, username: token };
+};