diff --git a/router/router.go b/router/router.go
index 896a568..9471b3d 100644
--- a/router/router.go
+++ b/router/router.go
@@ -32,7 +32,7 @@ func Recover(c *gin.Context) {
 			//打印错误堆栈信息
 			log.Printf("panic: %v\n", r)
 			debug.PrintStack()
-			response.NewResult(c).Error(500, "服务器内部错误")
+			// response.NewResult(c).Error(500, "服务器内部错误")
 		}
 	}()
 	//继续后续接口调用
diff --git a/security/security.go b/security/security.go
index 8cff1e3..4f33855 100644
--- a/security/security.go
+++ b/security/security.go
@@ -3,6 +3,7 @@ package security
 import (
 	"electricity_bill_calc/cache"
 	"electricity_bill_calc/model"
+	"log"
 	"net/http"
 	"strings"
 
@@ -18,7 +19,7 @@ func SessionRecovery(c *gin.Context) {
 		token := strings.Fields(auth)[1]
 		session, err := cache.RetreiveSession(token)
 
-		if err == nil {
+		if err == nil && session != nil {
 			c.Set("session", session)
 		}
 	}
@@ -29,7 +30,11 @@ func SessionRecovery(c *gin.Context) {
 // ! 通过该中间件以后，是可以保证上下文中一定具有用户会话信息的。
 func MustAuthenticated(c *gin.Context) {
 	session, exists := c.Get("session")
-	if _, ok := session.(*model.Session); !exists || session == nil || !ok {
+	if !exists || session == nil {
+		c.AbortWithStatus(http.StatusForbidden)
+		return
+	}
+	if _, ok := session.(*model.Session); !ok {
 		c.AbortWithStatus(http.StatusForbidden)
 	}
 	c.Next()
@@ -39,7 +44,10 @@ func MustAuthenticated(c *gin.Context) {
 // ! 通过该中间件以后，是可以保证上下文中一定具有用户会话信息的。
 func EnterpriseAuthorize(c *gin.Context) {
 	session, exists := c.Get("session")
-	if sess, ok := session.(*model.Session); !exists || !ok || sess.Type != 0 {
+	if !exists || session == nil {
+		c.AbortWithStatus(http.StatusForbidden)
+	}
+	if sess, ok := session.(*model.Session); !ok || sess.Type != 0 {
 		c.AbortWithStatus(http.StatusForbidden)
 	}
 	c.Next()
@@ -49,7 +57,10 @@ func EnterpriseAuthorize(c *gin.Context) {
 // ! 通过该中间件以后，是可以保证上下文中一定具有用户会话信息的。
 func ManagementAuthorize(c *gin.Context) {
 	session, exists := c.Get("session")
-	if sess, ok := session.(*model.Session); !exists || !ok || (sess.Type != 1 && sess.Type != 2) {
+	if !exists || session == nil {
+		c.AbortWithStatus(http.StatusForbidden)
+	}
+	if sess, ok := session.(*model.Session); !ok || (sess.Type != 1 && sess.Type != 2) {
 		c.AbortWithStatus(http.StatusForbidden)
 	}
 	c.Next()
@@ -59,7 +70,11 @@ func ManagementAuthorize(c *gin.Context) {
 // ! 通过该中间件以后，是可以保证上下文中一定具有用户会话信息的。
 func OPSAuthorize(c *gin.Context) {
 	session, exists := c.Get("session")
-	if sess, ok := session.(*model.Session); !exists || !ok || sess.Type != 2 {
+	log.Printf("[debug]session exists: %v, %v \n", exists, session)
+	if !exists {
+		c.AbortWithStatus(http.StatusForbidden)
+	}
+	if sess, ok := session.(*model.Session); !ok || sess.Type != 2 {
 		c.AbortWithStatus(http.StatusForbidden)
 	}
 	c.Next()