diff --git a/src/main/java/com/zsc/edu/gateway/framework/security/SpringSecurityConfig.java b/src/main/java/com/zsc/edu/gateway/framework/security/SpringSecurityConfig.java
index 3bbf5ad..e73aab4 100644
--- a/src/main/java/com/zsc/edu/gateway/framework/security/SpringSecurityConfig.java
+++ b/src/main/java/com/zsc/edu/gateway/framework/security/SpringSecurityConfig.java
@@ -8,21 +8,15 @@ import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.ProviderManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
-import org.springframework.security.authorization.AuthorizationDecision;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.core.session.SessionRegistry;
 import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
 import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
 import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
-import org.springframework.security.web.csrf.CsrfTokenRepository;
-import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository;
-import org.springframework.util.AntPathMatcher;
 
 import javax.sql.DataSource;
 
@@ -46,19 +40,15 @@ public class SpringSecurityConfig {
     @Resource
     private final DataSource dataSource;
 
-//    @Bean
-//    public BCryptPasswordEncoder bCryptPasswordEncoder() {
-//        return new BCryptPasswordEncoder();
-//    };
-
     @Bean
     public PersistentTokenRepository persistentTokenRepository() {
         JdbcTokenRepositoryImpl tokenRepository = new JdbcTokenRepositoryImpl();
+        tokenRepository.setCreateTableOnStartup(true);
         tokenRepository.setDataSource(dataSource);
         return tokenRepository;
-
     }
 
+
     @Bean
     AuthenticationManager authenticationManager() {
         DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
@@ -133,7 +123,7 @@ public class SpringSecurityConfig {
                     .successHandler(customAuthenticationSuccessHandler)
                     .failureHandler(customAuthenticationFailureHandler))
                 .logout(logout -> logout
-                        .logoutUrl("/api/user/logout")
+                        .logoutUrl("/api/rest/user/logout")
                         .logoutSuccessHandler((request, response, authentication) -> {}))
                 // 添加自定义未授权和未登录结果返回
                 .exceptionHandling(exception -> exception