diff --git a/src/main/java/cn/lihongjie/coal/filter/AuthFilter.java b/src/main/java/cn/lihongjie/coal/filter/AuthFilter.java
index 440b71d9..9678b9c9 100644
--- a/src/main/java/cn/lihongjie/coal/filter/AuthFilter.java
+++ b/src/main/java/cn/lihongjie/coal/filter/AuthFilter.java
@@ -43,8 +43,18 @@ public class AuthFilter extends OncePerRequestFilter {
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
 
 
+        if (isMatches(request)) {
+
+            filterChain.doFilter(request, response);
+            return ;
+        }
+
+
         String sessionId = request.getHeader("X-Token");
 
+
+
+
         Optional<ResourceEntity> resource = resourceService.findByCode(request.getRequestURI());
 
 
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 9255a809..a76cda8a 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -12,9 +12,7 @@ server:
 system:
   anonymous:
     url:
-      - "/isValid"
-      - "/genCaptcha"
-      - "/login"
+      - "/actuator/**"