diff --git a/MiddleWare/TokenValidationMiddleware.cs b/MiddleWare/TokenValidationMiddleware.cs
new file mode 100644
index 0000000..c25a8c0
--- /dev/null
+++ b/MiddleWare/TokenValidationMiddleware.cs
@@ -0,0 +1,65 @@
+ï»¿using LY.App.Common.Redis;
+using StackExchange.Redis;
+using System.IdentityModel.Tokens.Jwt;
+
+namespace LY.App.MiddleWare
+{
+    public class TokenValidationMiddleware : IMiddleware
+    {
+        private RedisService _redis;
+        public TokenValidationMiddleware(RedisService redisHelper)
+        {
+            _redis = redisHelper;
+        }
+        public async Task InvokeAsync(HttpContext context, RequestDelegate next)
+        {
+            // æŽ’é™¤ä¸éœ€è¦TokenéªŒè¯çš„API
+            if (IsExcludedPath(context.Request.Path))
+            {
+                await next(context);
+                return;
+            }
+            // èŽ·å–Token
+            var token = context.Request.Headers["Authorization"].ToString().Replace("Bearer ", "");
+            if (!string.IsNullOrEmpty(token))
+            {
+                // éªŒè¯Tokenæ˜¯å¦æœ‰æ•ˆ
+                var handler = new JwtSecurityTokenHandler();
+                var jsonToken = handler.ReadToken(token) as JwtSecurityToken;
+                if (jsonToken != null)
+                {
+                    // ä»ŽTokenä¸­èŽ·å–æ•°æ®
+                    var username = jsonToken.Claims.FirstOrDefault(claim => claim.Type == "sub")?.Value;
+                    if (username != null)
+                    {
+                        if (await _redis.ExistsAsync(RedisKeyList.TokenUser(username)))
+                        {
+                            // Tokenå’Œæ•°æ®éªŒè¯é€šè¿‡ï¼Œç»§ç»­å¤„ç†è¯·æ±‚
+                            await next(context);
+                            return;
+                        }
+                    }
+                }
+            }
+
+            else
+            {
+                // Tokenä¸å­˜åœ¨ï¼Œè¿”å›žæœªæŽˆæƒ
+                context.Response.StatusCode = 401;
+                await context.Response.WriteAsync("Unauthorized: Invalid Token");
+            }
+        }
+        /// <summary>
+        /// è¿™æ˜¯æ”¾ä¸éœ€è¦è¿‡æ»¤çš„apiåœ°å€
+        /// </summary>
+        /// <param name="path"></param>
+        /// <returns></returns>
+        private bool IsExcludedPath(PathString path)
+        {
+            // æ ¹æ®å®žé™…æƒ…å†µå®šä¹‰ä¸éœ€è¦TokenéªŒè¯çš„APIè·¯å¾„
+            string[] arry = { "login" };
+            return arry.Any(s => path.Value.Contains(s));
+            // return path.StartsWithSegments("/api/public");
+        }
+    }
+}
diff --git a/Model/LoginModel.cs b/Model/LoginModel.cs
index fb782c3..c946d26 100644
--- a/Model/LoginModel.cs
+++ b/Model/LoginModel.cs
@@ -4,7 +4,5 @@
     {
         public string username { get; set; }
         public string password { get; set; }
-        public string type { get; set; }
-        public string vertifyCode { get; set; }
     }
 }
diff --git a/Model/PositionInfo.cs b/Model/PositionInfo.cs
index 5a50e9b..e1848d2 100644
--- a/Model/PositionInfo.cs
+++ b/Model/PositionInfo.cs
@@ -6,7 +6,7 @@ namespace LY.App.Model
     /// ä½ç½®ä¿¡æ¯
     /// </summary>
     [SugarTable("ly_position")]
-    public class PositionInfo: MultPolygonEntity
+    public class PositionInfo : MultPolygonEntity
     {
         /// <summary>
         /// åç§°
@@ -30,43 +30,11 @@ namespace LY.App.Model
         /// </summary>
         [SugarColumn(Length = 31, IsNullable = true, ColumnDescription = "è”ç³»äººç”µè¯")]
         public string ContactTel { get; set; }
-
         /// <summary>
-        /// å›¾ç‰‡æ–‡ä»¶å
+        /// å›¾ç‰‡
         /// </summary>
-        [SugarColumn(IsNullable = true, ColumnDescription = "å›¾ç‰‡åœ°å€")]
-        public string ImageName { get; set; }
-
-        /// <summary>
-        /// å›¾ç‰‡åœ°å€
-        /// </summary>
-        [SugarColumn(IsIgnore = true)]
-        public string ImageUrl { get; set; }
-
-        /// <summary>
-        /// å›¾ç‰‡ç¼©ç•¥å›¾åœ°å€
-        /// </summary>
-        [SugarColumn(IsIgnore = true)]
-        public string ImageBriefUrl { get; set; }
-
-        /// <summary>
-        /// å¯ç”¨æ—¶é—´
-        /// </summary>
-        [SugarColumn(IsNullable = true, ColumnDescription = "å¯ç”¨æ—¶é—´")]
-        public DateTime? EnableTime { get; set; }
-
-        /// <summary>
-        /// æ˜¯å¦å¯ç”¨
-        /// </summary>
-        [SugarColumn(ColumnDescription = "æ˜¯å¦å¯ç”¨")]
-        public bool Enabled { get; set; }
-
-        /// <summary>
-        /// çŠ¶æ€
-        /// </summary>
-        [SugarColumn(IsNullable = true, ColumnDescription = "çŠ¶æ€")]
-        public string Status { get; set; } = "ç¦»çº¿";
-
+        [SugarColumn(IsNullable = true, ColumnDescription = "å›¾ç‰‡åœ°å€", ColumnName = "img")]
+        public string Img { get; set; }
         /// <summary>
         /// å¤‡æ³¨
         /// </summary>
@@ -78,7 +46,6 @@ namespace LY.App.Model
     /// </summary>
     public class AddPosition
     {
-
         /// <summary>
         /// åç§°
         /// </summary>
@@ -89,21 +56,9 @@ namespace LY.App.Model
         /// </summary>
 
         public string RegionJson { get; set; }
-
-        /// <summary>
-        /// ç»åº¦
-        /// </summary>
-        public double Lon { get; set; }
-
-        /// <summary>
-        /// çº¬åº¦
-        /// </summary>
-        public double Lat { get; set; }
-
         /// <summary>
         /// åœ°å€
         /// </summary> 
-
         public string Address { get; set; }
 
         /// <summary>
@@ -116,24 +71,9 @@ namespace LY.App.Model
         public string ContactTel { get; set; }
 
         /// <summary>
-        /// å›¾ç‰‡æ–‡ä»¶å
+        /// å›¾ç‰‡
         /// </summary>  
-        public string ImageName { get; set; }
-
-        /// <summary>
-        /// å¯ç”¨æ—¶é—´
-        /// </summary> 
-        public DateTime? EnableTime { get; set; }
-
-        /// <summary>
-        /// æ˜¯å¦å¯ç”¨
-        /// </summary> 
-        public bool Enabled { get; set; }
-
-        /// <summary>
-        /// çŠ¶æ€
-        /// </summary> 
-        public string Status { get; set; } = "ç¦»çº¿";
+        public string Img { get; set; }
         /// <summary>
         /// å¤‡æ³¨
         /// </summary> 
@@ -150,15 +90,4 @@ namespace LY.App.Model
         /// </summary>
         public long Id { get; set; }
     }
-    /// <summary>
-    /// é˜µåœ°ä¸‹æ‰€æœ‰åŒºåŸŸ
-    /// </summary>
-    public class GeoRegion
-    {
-        /// <summary>
-        /// è¯†åˆ«åŒº
-        /// </summary>
-        public string Region { get; set; }
-
-    }
 }
diff --git a/Program.cs b/Program.cs
index f720b88..6228714 100644
--- a/Program.cs
+++ b/Program.cs
@@ -43,6 +43,7 @@ string redisConnection = builder.Configuration.GetValue<string>("Redis:Connectio
 
 // ×¢²á RedisService
 builder.Services.AddSingleton(new RedisService(redisConnection));
+//builder.Services.AddTransient<TokenValidationMiddleware>();
 ////×¢²áSignalR
 builder.Services.AddSignalR();
 builder.Services.AddHttpClient();
@@ -77,7 +78,7 @@ builder.Services.AddTransient<SqlSugarClient>(sp =>
         };
         //´´½¨Êý¾Ý¿âºÍ±íµÄÓï¾ä½öÖ´ÐÐÒ»´Î 
         //db.DbMaintenance.CreateDatabase();
-      //  db.CodeFirst.SetStringDefaultLength(2000).InitTables(typeof(LogEntity));
+        //db.CodeFirst.SetStringDefaultLength(2000).InitTables(typeof(UserEntity));
 #endif
         //¹ýÂËÆ÷Ð´ÔÚÕâ¶ù¾ÍÐÐÁË
         // db.QueryFilter.AddTableFilter<IDeleted>(it => it.IsDeleted == false);
@@ -95,7 +96,7 @@ SnowFlakeSingle.WorkId = Convert.ToInt32(builder.Configuration.GetSection("SnowF
 var app = builder.Build();
 ServiceLocator.Instance = app.Services;
 var device = app.Services.GetService<DeviceService>();
- await device?.Init();
+await device?.Init();
 app.UseStaticFiles(new StaticFileOptions()
 {
     FileProvider = new PhysicalFileProvider(Path.Combine(Directory.GetCurrentDirectory(), "Img")),
@@ -104,7 +105,7 @@ app.UseStaticFiles(new StaticFileOptions()
 // Configure the HTTP request pipeline.
 //if (app.Environment.IsDevelopment())
 //{
-    
+
 //}
 app.UseSwagger();
 app.UseSwaggerUI();
@@ -115,6 +116,8 @@ app.UseCors("CorsPolicy");
 
 //Òì³£ÖÐ¼ä¼þ
 app.UseMiddleware<CustomErrorMiddleware>();
+//tokenÑéÖ¤ÖÐ¼ä¼þ
+app.UseMiddleware<TokenValidationMiddleware>();
 //Ö´ÐÐÆ¥ÅäµÄ¶Ëµã
 app.UseEndpoints(endpoints =>
 {
diff --git a/Service/UserService.cs b/Service/UserService.cs
index a6863df..99b644e 100644
--- a/Service/UserService.cs
+++ b/Service/UserService.cs
@@ -1,6 +1,7 @@
 ï»¿using GraphQL;
 using LY.App.Common.Cypher;
 using LY.App.Common.Redis;
+using LY.App.Extensions.DI;
 using LY.App.Model;
 using Mapster;
 using Microsoft.IdentityModel.Tokens;
@@ -12,6 +13,7 @@ using System.Text;
 
 namespace LY.App.Service
 {
+    [ServiceInjection(InjectionType.Transient)]
     public class UserService
     {
         private readonly SqlSugarClient _db;
@@ -121,7 +123,6 @@ namespace LY.App.Service
                 };
             }
             var password = MD5CypherUtil.Hash("ly_" + input.password);
-            var users = await _db.Queryable<UserEntity>().ToListAsync();
             var entity = await _db.Queryable<UserEntity>()
                  .Where(s => s.Disable == false &&
                  s.Name == input.username && s.Password == password).FirstAsync();
