diff --git a/src/auth/models/user-secret.ts b/src/auth/models/user-secret.ts
index e2fcd24..46880c2 100644
--- a/src/auth/models/user-secret.ts
+++ b/src/auth/models/user-secret.ts
@@ -56,22 +56,28 @@ export class UserSecret {
     if (oauth.getTokenType(token) === 'jwks') {
       // 先尝试作为jwt token验证，如果验证成功则直接返回用户信息
       console.log('[jwksManager] 验证token');
-      const verified = await jwksManager.verify(token);
-      if (verified) {
-        const sub = verified.sub;
-        const userId = sub.split(':')[1];
-        const user = await User.findByPk(userId);
-        if (!user) {
-          console.warn(`[jwksManager] 验证token成功，但用户不存在，userId: ${userId}`);
+      try {
+
+        const verified = await jwksManager.verify(token);
+        if (verified) {
+          const sub = verified.sub;
+          const userId = sub.split(':')[1];
+          const user = await User.findByPk(userId);
+          if (!user) {
+            console.warn(`[jwksManager] 验证token成功，但用户不存在，userId: ${userId}`);
+            return null;
+          }
+          const oauthUser = oauth.getOauthUser({
+            id: user.id,
+            username: user.username,
+            type: user.type,
+          });
+          return oauthUser;
+        } else {
           return null;
         }
-        const oauthUser = oauth.getOauthUser({
-          id: user.id,
-          username: user.username,
-          type: user.type,
-        });
-        return oauthUser;
-      } else {
+      } catch (e) {
+        console.error('[jwksManager] 验证token失败', e);
         return null;
       }
     }