diff --git a/oaweb/composables/api/webapi.ts b/oaweb/composables/api/webapi.ts
index 4443367..4e3aaad 100644
--- a/oaweb/composables/api/webapi.ts
+++ b/oaweb/composables/api/webapi.ts
@@ -1,10 +1,10 @@
 //
 // Copyright (C) 2024 veypi <i@veypi.com>
-// 2024-10-28 19:22:21
+// 2024-10-28 17:46:56
 // Distributed under terms of the MIT license.
 //
 
-import axios, { AxiosError, type AxiosResponse } from 'axios';
+import axios, { AxiosError, type AxiosInstance, type AxiosResponse } from 'axios';
 
 // Be careful when using SSR for cross-request state pollution
 // due to creating a Singleton instance here;
@@ -13,18 +13,10 @@ import axios, { AxiosError, type AxiosResponse } from 'axios';
 // "export default () => {}" function below (which runs individually
 // for each client)
 
-axios.defaults.withCredentials = true
-const proxy = axios.create({
-  withCredentials: true,
-  baseURL: "/api/",
-  headers: {
-    'content-type': 'application/json;charset=UTF-8',
-  },
-});
-
 export const token = {
   value: '',
   update: () => {
+    console.warn('token updater not set')
     return new Promise<string>((resolve) => { resolve(token.value) })
   },
   set_updator: (fn: () => Promise<string>) => {
@@ -34,7 +26,7 @@ export const token = {
         return new Promise<void>((resolve) => {
           setTimeout(() => {
             resolve();
-          }, 100)
+          }, 1000)
         }).then(() => {
           return token.update()
         })
@@ -58,88 +50,94 @@ export const token = {
 }
 // 请求拦截
 const beforeRequest = (config: any) => {
-  config.retryTimes = 1
+  config.retryTimes = 3
   // NOTE  添加自定义头部
   token.value && (config.headers.Authorization = `Bearer ${token.value}`)
-  // config.headers['auth_token'] = ''
   return config
 }
-proxy.interceptors.request.use(beforeRequest)
 
 // 响应拦截器
-const responseSuccess = (response: AxiosResponse) => {
-  // eslint-disable-next-line yoda
-  // 这里没有必要进行判断，axios 内部已经判断
-  // const isOk = 200 <= response.status && response.status < 300
-  let data = response.data
-  if (typeof data === 'object') {
-    if (data.code !== 0) {
-      return responseFailed({ response } as any)
+const responseSuccess = (client: AxiosInstance) => {
+  return (response: AxiosResponse) => {
+    // eslint-disable-next-line yoda
+    // 这里没有必要进行判断，axios 内部已经判断
+    // const isOk = 200 <= response.status && response.status < 300
+    let data = response.data
+    if (typeof data === 'object') {
+      if (data.code !== 0) {
+        return responseFailed(client)({ response } as any)
+      }
+      data = data.data
     }
-    data = data.data
+    return Promise.resolve(data)
   }
-  return Promise.resolve(data)
 }
 
-const responseFailed = (error: AxiosError) => {
-  const { response } = error
-  const config = response?.config
-  const data = response?.data || {} as any
-  if (!window.navigator.onLine) {
-    alert('没有网络')
-    return Promise.reject(new Error('请检查网络连接'))
-  }
+const responseFailed = (client: AxiosInstance) => {
+  return (error: AxiosError) => {
+    const { response } = error
+    const data = response?.data || {} as any
+    if (!window.navigator.onLine) {
+      alert('没有网络')
+      return Promise.reject(new Error('请检查网络连接'))
+    }
 
-  let needRetry = true
-  if (response?.status == 404) {
-    needRetry = false
-  } else if (response?.status == 401) {
-    needRetry = false
-    // AuthNotFound     = New(40100, "auth not found")
-    // AuthExpired      = New(40102, "auth expired")
-    if (data.code === 40102 || data.code === 40100) {
-      token.value = ''
-      return token.update().then(() => {
-        return requestRetry(100, response!)
-      })
+    let needRetry = true
+    if (response?.status == 404) {
+      needRetry = false
+    } else if (response?.status == 401) {
+      needRetry = false
+      // AuthNotFound     = New(40100, "auth not found")
+      // AuthExpired      = New(40102, "auth expired")
+      if (data.code === 40102 || data.code === 40100) {
+        token.value = ''
+        return token.update().then((e) => {
+          console.log('token updated: ' + e)
+          return requestRetry(client)(500, response!)
+        })
+      }
+    } else if (response?.status == 500) {
+      needRetry = false
     }
-  } else if (response?.status == 500) {
-    needRetry = false
+    if (!needRetry) {
+      return Promise.reject(data || response)
+    };
+    return requestRetry(client)(1000, response!)
   }
-  console.log(data, response?.status)
-  if (!needRetry) {
-    return Promise.reject(data || response)
-  };
-  return requestRetry(1000, response!)
 }
 
-const requestRetry = (delay = 0, response: AxiosResponse) => {
-  const config = response?.config
-  // @ts-ignore
-  const { __retryCount = 0, retryDelay = 1000, retryTimes } = config;
-  // 在请求对象上设置重试次数
-  // @ts-ignore
-  config.__retryCount = __retryCount + 1;
-  // 判断是否超过了重试次数
-  if (__retryCount >= retryTimes) {
-    return Promise.reject(response?.data || response?.headers.error)
-  }
-  if (delay <= 0) {
-    return proxy.request(config as any)
+const requestRetry = (client: AxiosInstance) => {
+  return (delay = 0, response: AxiosResponse) => {
+    const config = response?.config
+    // @ts-ignore
+    const { __retryCount = 0, retryDelay = 1000, retryTimes } = config;
+    // 在请求对象上设置重试次数
+    // @ts-ignore
+    config.__retryCount = __retryCount + 1;
+    // 判断是否超过了重试次数
+    if (__retryCount >= retryTimes) {
+      return Promise.reject(response?.data || response?.headers.error)
+    }
+    if (delay <= 0) {
+      return client.request(config as any)
+    }
+    // 延时处理
+    return new Promise<void>((resolve) => {
+      setTimeout(() => {
+        resolve();
+      }, delay)
+    }).then(() => {
+      return client.request(config as any)
+    })
   }
-  // 延时处理
-  return new Promise<void>((resolve) => {
-    setTimeout(() => {
-      resolve();
-    }, delay)
-  }).then(() => {
-    return proxy.request(config as any)
-  })
 }
 
 
-proxy.interceptors.response.use(responseSuccess, responseFailed)
-
+const create_client = (client: AxiosInstance) => {
+  client.interceptors.request.use(beforeRequest)
+  client.interceptors.response.use(responseSuccess(client), responseFailed(client))
+  return client
+}
 interface data {
   json?: any
   query?: any
@@ -147,6 +145,7 @@ interface data {
   header?: any
 }
 
+
 function transData(d: data) {
   let opts = { params: d.query, data: {}, headers: {} as any }
   if (d.form) {
@@ -164,24 +163,31 @@ function transData(d: data) {
 }
 
 export const webapi = {
+  client: create_client(axios.create({
+    withCredentials: true,
+    baseURL: "/api/",
+    headers: {
+      'content-type': 'application/json;charset=UTF-8',
+    },
+  })),
   Get<T>(url: string, req: data): Promise<T> {
-    return proxy.request<T, any>(Object.assign({ method: 'get', url: url }, transData(req)))
+    return webapi.client.request<T, any>(Object.assign({ method: 'get', url: url }, transData(req)))
   },
   Head<T>(url: string, req: data): Promise<T> {
-    return proxy.request<T, any>(Object.assign({ method: 'head', url: url }, transData(req)))
+    return webapi.client.request<T, any>(Object.assign({ method: 'head', url: url }, transData(req)))
   },
   Delete<T>(url: string, req: data): Promise<T> {
-    return proxy.request<T, any>(Object.assign({ method: 'delete', url: url }, transData(req)))
+    return webapi.client.request<T, any>(Object.assign({ method: 'delete', url: url }, transData(req)))
   },
 
   Post<T>(url: string, req: data): Promise<T> {
-    return proxy.request<T, any>(Object.assign({ method: 'post', url: url }, transData(req)))
+    return webapi.client.request<T, any>(Object.assign({ method: 'post', url: url }, transData(req)))
   },
   Put<T>(url: string, req: data): Promise<T> {
-    return proxy.request<T, any>(Object.assign({ method: 'put', url: url }, transData(req)))
+    return webapi.client.request<T, any>(Object.assign({ method: 'put', url: url }, transData(req)))
   },
   Patch<T>(url: string, req: data): Promise<T> {
-    return proxy.request<T, any>(Object.assign({ method: 'patch', url: url }, transData(req)))
+    return webapi.client.request<T, any>(Object.assign({ method: 'patch', url: url }, transData(req)))
   },
 }
 
diff --git a/oaweb/layouts/default.vue b/oaweb/layouts/default.vue
index 685b6ea..1916366 100644
--- a/oaweb/layouts/default.vue
+++ b/oaweb/layouts/default.vue
@@ -13,8 +13,6 @@
       <OneIcon class="mx-2" @click="toggle_lang" :name="$i18n.locale !== 'zh-CN' ? 'in-Zh_Cn' : 'in-en'"></OneIcon>
       <OneIcon class="mx-2" @click="toggle_fullscreen" :name="app.layout.fullscreen ? 'compress' : 'expend'"></OneIcon>
       <OneIcon class="mx-2" @click="toggle_theme" :name="app.layout.theme === '' ? 'light' : 'dark'"></OneIcon>
-      <!-- <OAer class="mx-2" v-if="user.ready" @logout="user.logout" :is-dark="app.layout.theme !== ''"> -->
-      <!-- </OAer> -->
       <div class="mr-4 ml-2" id='oaer'></div>
     </div>
     <div class="menu">
@@ -36,6 +34,7 @@
 import { OneIcon } from '@veypi/one-icon'
 import oaer from '@veypi/oaer'
 import { useI18n } from 'vue-i18n';
+import { apitoken } from '@veypi/oaer/lib/api';
 
 let i18n = useI18n()
 let app = useAppConfig()
@@ -44,9 +43,9 @@ const colorMode = useColorMode()
 
 app.host = window.location.protocol + '//' + window.location.host
 api.apitoken.value = oaer.Token()
+api.apitoken.set_updator(oaer.TokenRefresh)
 oaer.init(app.host).then((e) => {
   oaer.render_ui('oaer')
-  api.apitoken.set_updator(oaer.TokenRefresh)
 }).catch(() => {
   oaer.logout()
 })
diff --git a/oaweb/stores/user.ts b/oaweb/stores/user.ts
index a14573d..d76b1d7 100644
--- a/oaweb/stores/user.ts
+++ b/oaweb/stores/user.ts
@@ -5,45 +5,13 @@
  * Distributed under terms of the MIT license.
  */
 
-import { Base64 } from 'js-base64'
-import { models, type auth } from '~/composables';
 
 export const useUserStore = defineStore('user', {
   state: () => ({
-    id: '',
-    local: {} as models.User,
-    auth: {} as auth.Auths,
-    ready: false
   }),
   getters: {
   },
   actions: {
-    logout(msg?: string) {
-      console.log('logout: ' + msg)
-      this.ready = false
-      util.setToken('')
-      useRouter().push('/login')
-    },
-    fetchUserData() {
-      let token = util.getToken().split('.');
-      if (!token || token.length !== 3) {
-        return false
-      }
-      let data = JSON.parse(Base64.decode(token[1]))
-      if (data.uid) {
-        let l = 'access to'
-        data.access.map((e: any) => l = l + `\n${e.name}.${e.level}`)
-        console.log(l)
-        this.auth = NewAuths(data.access)
-        api.user.Get(data.uid).then((e) => {
-          this.id = e.id
-          this.local = e
-          this.ready = true
-        }).catch((e) => {
-          this.logout()
-        })
-      }
-    }
   },
 });