diff --git a/dist/casaos-user-service-amd64_linux_amd64_v1/build/sysroot/usr/bin/casaos-user-service b/dist/casaos-user-service-amd64_linux_amd64_v1/build/sysroot/usr/bin/casaos-user-service
index 1867dce..655624e 100755
Binary files a/dist/casaos-user-service-amd64_linux_amd64_v1/build/sysroot/usr/bin/casaos-user-service and b/dist/casaos-user-service-amd64_linux_amd64_v1/build/sysroot/usr/bin/casaos-user-service differ
diff --git a/dist/metadata.json b/dist/metadata.json
index 4a0837b..f578e5c 100644
--- a/dist/metadata.json
+++ b/dist/metadata.json
@@ -1 +1 @@
-{"project_name":"casaos-user-service","tag":"v1.0.0","previous_tag":"","version":"1.0.1","commit":"dd3a9ebea4fd121d6a2383881265ed85147dbeca","date":"2024-07-04T10:29:51.218513943+07:00","runtime":{"goos":"linux","goarch":"amd64"}}
\ No newline at end of file
+{"project_name":"casaos-user-service","tag":"v1.0.0","previous_tag":"","version":"1.0.1","commit":"219fa12590c7ebbe57526514ffea6ac2b2e63641","date":"2024-07-05T17:28:10.805445951+07:00","runtime":{"goos":"linux","goarch":"amd64"}}
\ No newline at end of file
diff --git a/route/v1/user.go b/route/v1/user.go
index 04bf5db..aaf65cf 100644
--- a/route/v1/user.go
+++ b/route/v1/user.go
@@ -51,26 +51,13 @@ type OMVLogin struct {
 	} `json:"response"`
 	Error interface{} `json:"error"`
 }
-type OMVGetUser struct {
+type OMVUser struct {
 	Response struct {
-		Name            string        `json:"name"`
-		UID             int           `json:"uid"`
-		Gid             int           `json:"gid"`
-		Comment         string        `json:"comment"`
-		Dir             string        `json:"dir"`
-		Shell           string        `json:"shell"`
-		Lastchanged     string        `json:"lastchanged"`
-		Minimum         string        `json:"minimum"`
-		Maximum         string        `json:"maximum"`
-		Warn            string        `json:"warn"`
-		Inactive        string        `json:"inactive"`
-		Expire          string        `json:"expire"`
-		Reserved        string        `json:"reserved"`
-		Groups          []string      `json:"groups"`
-		System          bool          `json:"system"`
-		Email           string        `json:"email"`
-		Disallowusermod bool          `json:"disallowusermod"`
-		Sshpubkeys      []interface{} `json:"sshpubkeys"`
+		Authenticated bool   `json:"authenticated"`
+		Username      string `json:"username"`
+		Permissions   struct {
+			Role string `json:"role"`
+		} `json:"permissions"`
 	} `json:"response"`
 	Error interface{} `json:"error"`
 }
@@ -221,11 +208,9 @@ func PostOMVLogin(c *gin.Context) {
 
 	json := make(map[string]string)
 	c.ShouldBind(&json)
-
 	username := json["username"]
-
 	password := json["password"]
-	res := service.MyService.OMV().LoginSession(username, password)
+	res, cookies := service.MyService.OMV().LoginSession(username, password)
 	var resData OMVLogin
 	err := json2.Unmarshal([]byte(res), &resData)
 
@@ -240,14 +225,14 @@ func PostOMVLogin(c *gin.Context) {
 		return
 	}
 
-	getUser, err := service.MyService.OMV().GetUser(username, resData.Response.SessionID)
+	getUser, err := service.MyService.OMV().AuthUser(username, password, resData.Response.SessionID)
 	if err != nil {
 		// Handle the error, for example, log it or return it
 		log.Printf("Error getting user: %v", err)
 		return // or handle it in a way that fits your application's error handling strategy
 	}
 
-	var userData OMVGetUser
+	var userData OMVUser
 	err = json2.Unmarshal([]byte(getUser), &userData)
 
 	if err != nil {
@@ -266,8 +251,10 @@ func PostOMVLogin(c *gin.Context) {
 	// cookie_value, err := c.Cookie("sessionID")
 	// decrypt := encryption.Decrypt(cookie_value)
 	// fmt.Printf(decrypt)
-	sessionId := encryption.Encrypt(resData.Response.SessionID)
-	c.SetCookie("sessionID", sessionId, 3600, "/", "", false, true)
+	// sessionId := encryption.Encrypt(resData.Response.SessionID)
+	for _, cookie := range cookies {
+		c.SetCookie(cookie.Name, cookie.Value, 3600, "/", "", false, true)
+	}
 	c.JSON(common_err.SUCCESS,
 		model.Result{
 			Success: common_err.SUCCESS,
diff --git a/service/omv.go b/service/omv.go
index fcff054..81a9fc3 100644
--- a/service/omv.go
+++ b/service/omv.go
@@ -14,16 +14,19 @@ import (
 )
 
 type OMVService interface {
-	LoginSession(userName string, password string) string
+	LoginSession(userName string, password string) (string, []*http.Cookie)
 	Logout(sessionID string) (string, error)
 	GetUser(username string, sessionID string) (string, error)
+	AuthUser(username string, password string, sessionID string) (string, error)
 	SetUser(m model.UserDBModel) model.UserDBModel
 	ApplyChange()
 }
 type omvService struct {
 }
 
-func (o *omvService) LoginSession(username string, password string) string {
+// AuthUser implements OMVService.
+
+func (o *omvService) LoginSession(username string, password string) (string, []*http.Cookie) {
 	postBody, _ := json.Marshal(map[string]interface{}{
 		"service": "session",
 		"method":  "login",
@@ -34,6 +37,7 @@ func (o *omvService) LoginSession(username string, password string) string {
 	})
 	responseBody := bytes.NewBuffer(postBody)
 	response, err := http.Post(config.AppInfo.OMVServer, "application/json", responseBody)
+	cookies := response.Cookies()
 	if err != nil {
 		fmt.Print(err.Error())
 		os.Exit(1)
@@ -42,7 +46,7 @@ func (o *omvService) LoginSession(username string, password string) string {
 	if err != nil {
 		log.Fatal(err)
 	}
-	return string(responseData)
+	return string(responseData), cookies
 }
 func (o *omvService) Logout(sessionID string) (string, error) {
 	postBody, _ := json.Marshal(map[string]interface{}{
@@ -75,7 +79,40 @@ func (o *omvService) Logout(sessionID string) (string, error) {
 
 	return string(responseData), nil
 }
+func (o *omvService) AuthUser(username string, password string, sessionID string) (string, error) {
+	postBody, _ := json.Marshal(map[string]interface{}{
+		"service": "session",
+		"method":  "login",
+		"params": map[string]string{
+			"username": username,
+			"password": password,
+		},
+	})
+	responseBody := bytes.NewBuffer(postBody)
+	req, err := http.NewRequest("POST", config.AppInfo.OMVServer, responseBody)
+	if err != nil {
+		return "", fmt.Errorf("error creating request: %v", err)
+	}
+	req.Header.Set("X-OPENMEDIAVAULT-SESSIONID", sessionID) // Set session ID header
+	// Send the request
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	if err != nil {
+		return "", fmt.Errorf("error making request: %v", err)
+	}
+	defer resp.Body.Close()
+	// Check for HTTP errors
+	if resp.StatusCode != http.StatusOK {
+		return "", fmt.Errorf("HTTP error: %s", resp.Status)
+	}
+	// Read the response body
+	responseData, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return "", fmt.Errorf("error reading response body: %v", err)
+	}
 
+	return string(responseData), nil
+}
 func (o *omvService) GetUser(username string, sessionID string) (string, error) {
 	// Prepare the RPC request
 	postBody, _ := json.Marshal(map[string]interface{}{