diff --git a/src/main/java/com/jiaruiblog/controller/UserController.java b/src/main/java/com/jiaruiblog/controller/UserController.java
index 742bd66..7ece902 100644
--- a/src/main/java/com/jiaruiblog/controller/UserController.java
+++ b/src/main/java/com/jiaruiblog/controller/UserController.java
@@ -84,6 +84,10 @@ public BaseApiResult batchInsert(@RequestBody List<RegistryUserDTO> userDTOS) {
     @PostMapping(value = "/getById")
     public BaseApiResult getById(@RequestBody UserDTO user) {
         User one = userService.queryById(user.getId());
+        // 增加对无效用户的判断
+        if (Objects.isNull(one)) {
+            return BaseApiResult.error(MessageConstant.PROCESS_ERROR_CODE, MessageConstant.DATA_IS_NULL);
+        }
         return BaseApiResult.success(one);
     }
 
diff --git a/src/main/java/com/jiaruiblog/filter/JwtFilter.java b/src/main/java/com/jiaruiblog/filter/JwtFilter.java
index c0cec4f..843e9be 100644
--- a/src/main/java/com/jiaruiblog/filter/JwtFilter.java
+++ b/src/main/java/com/jiaruiblog/filter/JwtFilter.java
@@ -44,7 +44,7 @@ public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
         response.setCharacterEncoding("UTF-8");
         String url = request.getRequestURI().substring(request.getContextPath().length());
         // 登录和注册等请求不需要令牌
-        if (url.contains("login") || url.contains("register") || url.contains("files")) {
+        if (url.contains("login") || url.contains("/user/insert") || url.contains("files")) {
             response.setStatus(HttpServletResponse.SC_OK);
             chain.doFilter(request, response);
             return;