diff --git a/Utils/AccessControl/AccessUtil.py b/Utils/AccessControl/AccessUtil.py
index 564f8f3..726397d 100644
--- a/Utils/AccessControl/AccessUtil.py
+++ b/Utils/AccessControl/AccessUtil.py
@@ -13,7 +13,7 @@ def get_user_info(token: str):
     """
     user_info = decode_token(token).get("user_info")
     if not user_info:
-        raise HTTPException(status_code=400, detail="Invalid Token")
+        raise HTTPException(status_code=401, detail="Invalid Token")
     return user_info
 
 
@@ -33,7 +33,7 @@ def ac(token: Optional[str] = Header(...)):
     return True
 
 
-def rbac(request: Request, token: Optional[str] = Header(...)):
+def rbac(request: Request, token: Optional[str] = Header(None)):
 
     # 获取用户角色
     user_info = get_user_info(token)
@@ -55,4 +55,4 @@ def rbac(request: Request, token: Optional[str] = Header(...)):
             return True
 
     # 权限匹配失败
-    raise HTTPException(status_code=400, detail="No Access")
+    raise HTTPException(status_code=202, detail="No Access")
diff --git a/Utils/Authentication/TokenUtil.py b/Utils/Authentication/TokenUtil.py
index 91f8e57..3d9bb60 100644
--- a/Utils/Authentication/TokenUtil.py
+++ b/Utils/Authentication/TokenUtil.py
@@ -11,7 +11,7 @@ def decode_token(token: str):
     try:
         payload = jwt.decode(token, Config.SECRET_KEY, algorithms=[Config.ALGORITHM])
     except jwt.exceptions.ExpiredSignatureError:
-        raise HTTPException(status_code=201, detail="Token Has Expired")
+        raise HTTPException(status_code=401, detail="Token Has Expired")
     except PyJWTError:
         raise HTTPException(status_code=401, detail="Invalid Token")
     return payload