diff --git a/app.js b/app.js
index 2d22bdb..afcf78f 100644
--- a/app.js
+++ b/app.js
@@ -53,7 +53,7 @@ startServer()
 
 // app.use('/', loginUtils.aopMiddleware, indexRouter);
 app.use('/', indexRouter)
-app.use('/user',loginUtil.authenticateSeesion, userRouter)
+app.use('/user', loginUtil.authenticateSession, userRouter)
 
 // catch 404 and forward to error handler
 app.use(function (req, res, next) {
diff --git a/controllers/userController.js b/controllers/userController.js
index aacf1ce..b9ba8f6 100644
--- a/controllers/userController.js
+++ b/controllers/userController.js
@@ -1,3 +1,4 @@
+const { body, validationResult } = require('express-validator')
 const userService = require('../services/userService')
 
 exports.getAllUsers = async (req, res) => {
@@ -9,11 +10,19 @@ exports.getAllUsers = async (req, res) => {
   }
 }
 
-exports.createUser = async (req, res) => {
-  try {
-    const user = await userService.create_user(req.body)
-    res.json(user)
-  } catch (err) {
-    res.status(500).json({ error: err.message })
+exports.createUser = [
+  body('account').isLength({ min: 3 }),
+  body('password').isLength({ min: 6 }),
+  async (req, res, next) => {
+    const errors = validationResult(req)
+    if (!errors.isEmpty()) {
+      return res.status(400).json({ errors: errors.array() })
+    }
+    try {
+      await userService.create_user(req.body)
+      res.status(201).json({ message: 'User created successfully' })
+    } catch (err) {
+      res.status(500).json({ error: err.message })
+    }
   }
-}
+]
diff --git a/package-lock.json b/package-lock.json
index e44e40b..0b4ca9a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -16,7 +16,7 @@
         "express": "^4.19.2",
         "express-async-handler": "^1.2.0",
         "express-session": "^1.18.0",
-        "express-validator": "^7.0.1",
+        "express-validator": "^7.2.0",
         "http-errors": "~1.6.3",
         "jade": "^0.29.0",
         "mongoose": "^8.3.4",
@@ -767,12 +767,13 @@
       ]
     },
     "node_modules/express-validator": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/express-validator/-/express-validator-7.0.1.tgz",
-      "integrity": "sha512-oB+z9QOzQIE8FnlINqyIFA8eIckahC6qc8KtqLdLJcU3/phVyuhXH3bA4qzcrhme+1RYaCSwrq+TlZ/kAKIARA==",
+      "version": "7.2.0",
+      "resolved": "https://registry.npmmirror.com/express-validator/-/express-validator-7.2.0.tgz",
+      "integrity": "sha512-I2ByKD8panjtr8Y05l21Wph9xk7kk64UMyvJCl/fFM/3CTJq8isXYPLeKW/aZBCdb/LYNv63PwhY8khw8VWocA==",
+      "license": "MIT",
       "dependencies": {
         "lodash": "^4.17.21",
-        "validator": "^13.9.0"
+        "validator": "~13.12.0"
       },
       "engines": {
         "node": ">= 8.0.0"
diff --git a/package.json b/package.json
index 09a427c..6402910 100644
--- a/package.json
+++ b/package.json
@@ -15,7 +15,7 @@
     "express": "^4.19.2",
     "express-async-handler": "^1.2.0",
     "express-session": "^1.18.0",
-    "express-validator": "^7.0.1",
+    "express-validator": "^7.2.0",
     "http-errors": "~1.6.3",
     "jade": "^0.29.0",
     "mongoose": "^8.3.4",