diff --git a/server.js b/server.js
index 684eb6c..e76ae9a 100644
--- a/server.js
+++ b/server.js
@@ -58,13 +58,17 @@ app.post('/api/user/login', async (req, res) => {
 
     // 签 token：payload 里放 id / username / role
     const token = jwt.sign(
-      { id: user.id, username: user.username, role: user.role },
+      { id: user.id,
+        username: user.username,
+        role: user.role },
+
       process.env.JWT_SECRET,
+
       { expiresIn: process.env.JWT_EXPIRES_IN || '2h' }
     )
 
-    res.json({
-      code: 0,
+    res.status(200).json({
+      code: 200,
       message: 'ok',
       data: {
         token,