diff --git a/app.js b/app.js
index 8f3b625..7fdfccb 100644
--- a/app.js
+++ b/app.js
@@ -34,12 +34,11 @@ app.use(cookieParser())
 app.use(
   session({
     name: 'identityKey',
-    store: new RedisStore({ client: redisClient }), // 正确的方式，不要使用 new RedisStore()，直接传递配置
+    store: new RedisStore({ client: redisClient }),
     secret: process.env.SESSION_SECRET,
     resave: false,
     saveUninitialized: false,
     cookie: {
-      secure: false,
       httpOnly: true,
       maxAge: 24 * 60 * 60 * 1000
     }
@@ -49,7 +48,8 @@ app.use(
 const corsOptions = {
   origin: 'http://localhost:5173', // 指定允许的源
   credentials: true, // 允许发送凭据（如 cookies）
-  optionsSuccessStatus: 200 // 一些旧的浏览器（IE11, various SmartTVs）需要这个
+  optionsSuccessStatus: 200,
+  allowdHeaders: ['Content-Type', 'Authorization']
 }
 
 app.use(cors(corsOptions))
diff --git a/controllers/userController.js b/controllers/userController.js
index 9d2d21e..c2afb13 100644
--- a/controllers/userController.js
+++ b/controllers/userController.js
@@ -3,7 +3,7 @@ const userService = require('../services/userService')
 const FetchResult = require('../common/web/fetchResult')
 const messages = require('../config/messages')
 const { HTTP_STATUS } = require('../common/constant/httpStatus')
-const { Search } = require('../models/Search')
+const { SearchQuery } = require('../models/Search')
 
 exports.getAllUsers = async (res) => {
   try {
@@ -17,8 +17,8 @@ exports.getAllUsers = async (res) => {
 exports.findUserList = async (req, res) => {
   try {
     const { page, size, sort } = req.query
-    const search = new Search({ page: page, size: size, sort: sort })
-    const result = await userService.find_user_list(search)
+    const search = new SearchQuery({ page: page, size: size, sort: sort })
+    const result = await userService.getUserList(search)
     return FetchResult.formatResult(res, HTTP_STATUS.ACCEPTED, 'success', result)
   } catch (err) {
     console.log(err)
diff --git a/models/Search.js b/models/Search.js
index 3e29be6..c85ab13 100644
--- a/models/Search.js
+++ b/models/Search.js
@@ -1,4 +1,4 @@
-class Search {
+class SearchQuery {
   constructor({ size, page, sort, filters }) {
     this.size = size
     this.page = page
@@ -29,4 +29,4 @@ class SearchResult {
   }
 }
 
-module.exports = { Search, SearchResult }
+module.exports = { SearchQuery, SearchResult }
diff --git a/services/userService.js b/services/userService.js
index 17cebae..62e5d23 100644
--- a/services/userService.js
+++ b/services/userService.js
@@ -2,35 +2,34 @@ const userMapper = require('../repositories/userRepository')
 const logger = require('morgan')
 const messages = require('../config/messages')
 const { comparePassword } = require('../utils/hashUtils')
+const { SearchQuery } = require('../models/Search')
 
 /**
- * @param {string} account
- * @param {string} password
- * @returns {Promise<object>}
+ * 用户登录
+ * @param {string} account - 用户账号
+ * @param {string} password - 用户密码
+ * @returns {Promise<Object>} - 登录成功返回用户信息
+ * @throws {Error} - 如果用户不存在或密码不正确
  */
 exports.login = async (account, password) => {
-  try {
-    const user = await userMapper.selectUserByAccount(account)
+  const user = await userMapper.selectUserByAccount(account)
 
-    if (!user) {
-      throw new Error(messages.user.not_found)
-    }
-
-    const isMatch = await comparePassword(password, user.password)
-
-    if (!isMatch) {
-      throw new Error(messages.user.password_incorrect)
-    }
-
-    user.last_login_date = new Date()
-
-    await userMapper.updateUserByLoginDate(user.id, user.last_login_date)
-
-    return user
-  } catch (err) {
-    logger('Error logging in: ', err)
-    throw err
+  // 用户不存在
+  if (!user) {
+    throw new Error(messages.user.not_found)
   }
+
+  // 密码不匹配
+  const isMatch = await comparePassword(password, user.password)
+  if (!isMatch) {
+    throw new Error(messages.user.password_incorrect)
+  }
+
+  // 更新用户的最后登录时间
+  user.last_login_date = new Date()
+  await userMapper.updateUserByLoginDate(user.id, user.last_login_date)
+
+  return user
 }
 
 /**
@@ -39,57 +38,46 @@ exports.login = async (account, password) => {
  * @returns {Promise<boolean>}
  */
 exports.get_user_exist = async (account) => {
-  try {
-    return await userMapper.selectUserByAccountExist(account)
-  } catch (err) {
-    throw err
-  }
+  return userMapper.selectUserByAccountExist(account)
 }
 
+// Removed the unnecessary try-catch block and simplified the function
 exports.user_list = async () => {
-  try {
-    const list_users = await userMapper.selectAllUser()
-    return list_users
-  } catch (err) {
-    throw err
-  }
+  return await userMapper.selectAllUser()
 }
 
-exports.find_user_list = async (search) => {
-  try {
-    return await userMapper.selectUserList(search)
-  } catch (err) {
-    throw err
-  }
+exports.getUserList = async (searchQuery) => {
+  return userMapper.selectUserList(searchQuery)
 }
 
-exports.create_user = async (user) => {
+/**
+ * 创建用户
+ * @param {Object} user - 用户对象
+ * @returns {Promise<Object>} - 创建成功的用户信息
+ * @throws {Error} - 如果用户已存在或事务失败
+ */
+exports.createUser = async (user) => {
+  const { account } = user
+  const session = await userMapper.startTransaction()
+
   try {
-    const { account } = user
-
-    const session = await userMapper.startTransaction()
-
-    try {
-      const check_user = await userMapper.selectUserByAccount(account)
-
-      if (check_user) {
-        throw new Error(messages.user.already_exists)
-      }
-
-      const result = await userMapper.createUser(user)
-
-      await userMapper.commitTransaction(session)
-      return result
-    } catch (err) {
-      try {
-        await userMapper.rollbackTransaction(session)
-      } catch (roolbackErr) {
-        logger('Error rolling back transaction: ', roolbackErr)
-      }
-      throw err
+    // 检查用户是否已存在
+    const existingUser = await userMapper.selectUserByAccount(account)
+    if (existingUser) {
+      throw new Error(messages.user.already_exists)
     }
+
+    // 创建新用户
+    const result = await userMapper.createUser(user)
+
+    // 提交事务
+    await userMapper.commitTransaction(session)
+    return result
   } catch (err) {
-    logger('Error creating user: ', err)
-    throw err
+    // 回滚事务
+    await userMapper.rollbackTransaction(session).catch((rollbackErr) => {
+      logger('Error rolling back transaction: ', rollbackErr)
+    })
+    throw err // 将错误抛给调用方（Controller 层）
   }
 }