diff --git a/internal/handlers/base.go b/internal/handlers/base.go
index 1035537..2332375 100644
--- a/internal/handlers/base.go
+++ b/internal/handlers/base.go
@@ -4,15 +4,14 @@ import (
 	"net/http"
 
 	"github.com/rs/xid"
-	"github.com/zhang2092/mediahls/internal/pkg/cookie"
 )
 
 const (
-	AuthorizeCookie             = "authorize"
-	ContextUser     CtxTypeUser = "context_user"
+	AuthorizeCookie        = "authorize"
+	ContextUser     ctxKey = "context_user"
 )
 
-type CtxTypeUser string
+type ctxKey string
 
 type Authorize struct {
 	ID   string `json:"id"`
@@ -25,13 +24,10 @@ func genId() string {
 }
 
 func (server *Server) isRedirect(w http.ResponseWriter, r *http.Request) {
-	_, err := server.withCookie(r)
-	if err != nil {
-		// 1. 删除cookie
-		cookie.DeleteCookie(w, cookie.AuthorizeName)
+	u := withUser(r.Context())
+	if u != nil {
+		// 已经登录, 直接到首页
+		http.Redirect(w, r, "/", http.StatusFound)
 		return
 	}
-
-	// cookie 校验成功
-	http.Redirect(w, r, "/", http.StatusFound)
 }
diff --git a/internal/handlers/home.go b/internal/handlers/home.go
index 4529b5d..088fcba 100644
--- a/internal/handlers/home.go
+++ b/internal/handlers/home.go
@@ -8,25 +8,12 @@ import (
 	"github.com/zhang2092/mediahls/internal/db"
 )
 
-// obj
-
-// homePageData 首页数据
-type homePageData struct {
-	Authorize
-	Videos []db.Video
-}
-
 // view
 
 // home 首页
 func (server *Server) homeView(w http.ResponseWriter, r *http.Request) {
-	data := homePageData{}
-	auth, err := server.withCookie(r)
-	if err == nil {
-		data.Authorize = *auth
-	}
-
 	ctx := r.Context()
+	var result []db.Video
 	videos, err := server.store.ListVideos(ctx, db.ListVideosParams{
 		Limit:  100,
 		Offset: 0,
@@ -38,9 +25,9 @@ func (server *Server) homeView(w http.ResponseWriter, r *http.Request) {
 				item.Description = temp
 				log.Println(item.Description)
 			}
-			data.Videos = append(data.Videos, item)
+			result = append(result, item)
 		}
 	}
 
-	server.renderLayout(w, r, data, "home.html.tmpl")
+	server.renderLayout(w, r, result, "home.html.tmpl")
 }
diff --git a/internal/handlers/middleware.go b/internal/handlers/middleware.go
index 781a2f4..bcb4efd 100644
--- a/internal/handlers/middleware.go
+++ b/internal/handlers/middleware.go
@@ -2,57 +2,47 @@ package handlers
 
 import (
 	"context"
-	"encoding/json"
-	"log"
 	"net/http"
-
-	"github.com/zhang2092/mediahls/internal/pkg/convert"
 )
 
-func (server *Server) authorizeMiddleware(next http.Handler) http.Handler {
+func (server *Server) authorize(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		u, err := server.withCookie(r)
-		if err != nil {
+		u := withUser(r.Context())
+		if u == nil {
 			http.Redirect(w, r, "/login", http.StatusFound)
 			return
 		}
 
-		b, err := json.Marshal(u)
+		next.ServeHTTP(w, r)
+	})
+}
+
+func (server *Server) setUser(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		cookie, err := r.Cookie(AuthorizeCookie)
 		if err != nil {
-			log.Printf("json marshal authorize user: %v", err)
-			http.Redirect(w, r, "/login", http.StatusFound)
+			next.ServeHTTP(w, r)
+			return
+		}
+
+		u := Authorize{}
+		err = server.secureCookie.Decode(AuthorizeCookie, cookie.Value, &u)
+		if err != nil {
+			next.ServeHTTP(w, r)
 			return
 		}
 
 		ctx := r.Context()
-		ctx = context.WithValue(ctx, ContextUser, b)
+		ctx = context.WithValue(ctx, ContextUser, u)
 		next.ServeHTTP(w, r.WithContext(ctx))
 	})
 }
 
-func (server *Server) withCookie(r *http.Request) (*Authorize, error) {
-	cookie, err := r.Cookie(AuthorizeCookie)
-	if err != nil {
-		return nil, err
+func withUser(ctx context.Context) *Authorize {
+	val := ctx.Value(ContextUser)
+	if u, ok := val.(Authorize); ok {
+		return &u
 	}
 
-	u := &Authorize{}
-	err = server.secureCookie.Decode(AuthorizeCookie, cookie.Value, u)
-	if err != nil {
-		// log.Printf("secure decode cookie: %v", err)
-		return nil, err
-	}
-
-	return u, nil
-}
-
-func withUser(ctx context.Context) Authorize {
-	var result Authorize
-	ctxValue, err := convert.ToByteE(ctx.Value(ContextUser))
-	if err != nil {
-		return result
-	}
-
-	json.Unmarshal(ctxValue, &result)
-	return result
+	return nil
 }
diff --git a/internal/handlers/render.go b/internal/handlers/render.go
index 1053e6b..45e9fe1 100644
--- a/internal/handlers/render.go
+++ b/internal/handlers/render.go
@@ -32,6 +32,9 @@ func (server *Server) renderLayout(w http.ResponseWriter, r *http.Request, data
 		"csrfField": func() template.HTML {
 			return csrf.TemplateField(r)
 		},
+		"currentUser": func() *Authorize {
+			return withUser(r.Context())
+		},
 	})
 
 	tpl := template.Must(t.Clone())
diff --git a/internal/handlers/server.go b/internal/handlers/server.go
index 741f9cf..7131e00 100644
--- a/internal/handlers/server.go
+++ b/internal/handlers/server.go
@@ -75,6 +75,7 @@ func (server *Server) setupRouter() {
 		csrf.CookieName("authorize_csrf"),
 	)
 	router.Use(csrfMiddleware)
+	router.Use(server.setUser)
 
 	router.Handle("/register", hds.MethodHandler{
 		http.MethodGet:  http.HandlerFunc(server.registerView),
@@ -93,7 +94,7 @@ func (server *Server) setupRouter() {
 	router.HandleFunc("/media/{xid}/stream/{segName:index[0-9]+.ts}", server.stream).Methods(http.MethodGet)
 
 	subRouter := router.PathPrefix("/").Subrouter()
-	subRouter.Use(server.authorizeMiddleware)
+	subRouter.Use(server.authorize)
 
 	subRouter.HandleFunc("/me/videos", server.videosView).Methods(http.MethodGet)
 	subRouter.HandleFunc("/me/videos/p{page}", server.videosView).Methods(http.MethodGet)
diff --git a/internal/handlers/user.go b/internal/handlers/user.go
index 3284501..432142a 100644
--- a/internal/handlers/user.go
+++ b/internal/handlers/user.go
@@ -14,7 +14,6 @@ import (
 
 // registerPageData 注册页面数据
 type registerPageData struct {
-	Authorize
 	Summary     string
 	Email       string
 	EmailMsg    string
@@ -26,7 +25,6 @@ type registerPageData struct {
 
 // loginPageData 登录页面数据
 type loginPageData struct {
-	Authorize
 	Summary     string
 	Email       string
 	EmailMsg    string
diff --git a/internal/handlers/video.go b/internal/handlers/video.go
index be41b5c..d020c31 100644
--- a/internal/handlers/video.go
+++ b/internal/handlers/video.go
@@ -18,21 +18,8 @@ import (
 
 // obj
 
-// videoPageData 播放页面数据
-type videoPageData struct {
-	Authorize
-	Video db.Video
-}
-
-// videosPageData 视频列表数据
-type videosPageData struct {
-	Authorize
-	Videos []db.Video
-}
-
 // videoEditPageData 视频编辑数据
 type videoEditPageData struct {
-	Authorize
 	Summary        string
 	ID             string
 	IDMsg          string
@@ -59,32 +46,23 @@ type videoDeleteRequest struct {
 func (server *Server) videoView(w http.ResponseWriter, r *http.Request) {
 	vars := mux.Vars(r)
 	xid := vars["xid"]
-	data := videoPageData{}
-	video, err := server.store.GetVideo(r.Context(), xid)
-	if err == nil {
-		data.Video = video
-	}
-	auth, err := server.withCookie(r)
-	if err == nil {
-		data.Authorize = *auth
-	}
-	server.renderLayout(w, r, data, "video/play.html.tmpl")
+	result, _ := server.store.GetVideo(r.Context(), xid)
+	server.renderLayout(w, r, result, "video/play.html.tmpl")
 }
 
 // videosView 视频列表页面
 func (server *Server) videosView(w http.ResponseWriter, r *http.Request) {
-	ctx := r.Context()
-	data := videosPageData{
-		Authorize: withUser(ctx),
-	}
-
 	vars := mux.Vars(r)
 	page, err := strconv.Atoi(vars["page"])
 	if err != nil {
 		page = 1
 	}
+
+	ctx := r.Context()
+	u := withUser(ctx)
+	var result []db.Video
 	videos, err := server.store.ListVideosByUser(ctx, db.ListVideosByUserParams{
-		UserID: data.Authorize.ID,
+		UserID: u.ID,
 		Limit:  16,
 		Offset: int32((page - 1) * 16),
 	})
@@ -94,28 +72,30 @@ func (server *Server) videosView(w http.ResponseWriter, r *http.Request) {
 				temp := strings.TrimSpace(item.Description[0:65]) + "..."
 				item.Description = temp
 			}
-			data.Videos = append(data.Videos, item)
+			result = append(result, item)
 		}
 	}
 
-	server.renderLayout(w, r, data, "video/videos.html.tmpl")
+	server.renderLayout(w, r, result, "video/videos.html.tmpl")
 }
 
 // editVideoView 视频编辑页面
 func (server *Server) editVideoView(w http.ResponseWriter, r *http.Request) {
 	vars := mux.Vars(r)
 	xid := vars["xid"]
-	vm := videoEditPageData{
-		Authorize: withUser(r.Context()),
-	}
+	ctx := r.Context()
+	u := withUser(ctx)
+	vm := videoEditPageData{}
 	if len(xid) > 0 {
-		if v, err := server.store.GetVideo(r.Context(), xid); err == nil {
-			vm.ID = v.ID
-			vm.Title = v.Title
-			vm.Images = v.Images
-			vm.Description = v.Description
-			vm.OriginLink = v.OriginLink
-			vm.Status = int(v.Status)
+		if v, err := server.store.GetVideo(ctx, xid); err == nil {
+			if u.ID == v.UserID {
+				vm.ID = v.ID
+				vm.Title = v.Title
+				vm.Images = v.Images
+				vm.Description = v.Description
+				vm.OriginLink = v.OriginLink
+				vm.Status = int(v.Status)
+			}
 		}
 	}
 	server.renderEditVideo(w, r, vm)
@@ -291,7 +271,6 @@ func viladatorEditVedio(r *http.Request) (videoEditPageData, bool) {
 	ok := true
 	status, _ := strconv.Atoi(r.PostFormValue("status"))
 	resp := videoEditPageData{
-		Authorize:   withUser(r.Context()),
 		ID:          r.PostFormValue("id"),
 		Title:       r.PostFormValue("title"),
 		Images:      r.PostFormValue("images"),
diff --git a/web/templates/base/header.html.tmpl b/web/templates/base/header.html.tmpl
index b110741..d7c125b 100644
--- a/web/templates/base/header.html.tmpl
+++ b/web/templates/base/header.html.tmpl
@@ -21,9 +21,9 @@
                 HLS流媒体
             </a>
             <ul class="flex oauth">
-                {{if .Authorize.ID}}
+                {{if currentUser}}
                 <li style="font-size: 12px;">
-                    欢迎您: {{.Authorize.Name}}
+                    欢迎您: {{ currentUser.Name }}
                 </li>
                 <li style="font-size: 12px;">
                   <a href="/me/videos">我的视频</a>
diff --git a/web/templates/home.html.tmpl b/web/templates/home.html.tmpl
index c4597b5..24888e3 100644
--- a/web/templates/home.html.tmpl
+++ b/web/templates/home.html.tmpl
@@ -3,7 +3,7 @@
     <div class="main">
         <h3 style="margin-top: 20px;margin-bottom: 10px;">视频列表</h3>
         <div class="video-list">
-            {{range .Videos}}
+            {{range .}}
             <div class="card">
                 <img src="{{.Images}}" class="card-img-top" alt="{{.Title}}">
                 <div class="card-body">
diff --git a/web/templates/video/play.html.tmpl b/web/templates/video/play.html.tmpl
index 9f9ffa1..632b911 100644
--- a/web/templates/video/play.html.tmpl
+++ b/web/templates/video/play.html.tmpl
@@ -1,7 +1,7 @@
 {{template "header" .}}
 <div class="container-fluid flex justify-content">
     <div class="main">
-        {{if eq .Video.Status 200}}
+        {{if eq .Status 200}}
         <h6 style="margin-top: 20px;margin-bottom: 10px;">正在播放
             <svg class="icon" viewBox="0 0 1024 1024" width="15" height="21">
                 <path
@@ -10,7 +10,7 @@
                 <path
                     d="M864.696118 992.000352c0-7.399919-2.599971-14.899836-7.799914-20.89977l-360.796029-416.99541c-20.999769-23.999736-20.999769-60.299336 0-84.299073l0.099999-0.099999L856.896204 52.910688c11.599872-13.399853 10.099889-33.59963-3.299964-45.099504-13.399853-11.599872-33.59963-10.099889-45.099503 3.299964L447.900705 427.806562c-20.399775 23.299744-31.599652 53.199414-31.599652 84.199073s11.199877 60.89933 31.599652 84.199073l360.596032 416.695414c11.599872 13.399853 31.79965 14.799837 45.099503 3.299964 7.399919-6.299931 11.099878-15.199833 11.099878-24.199734z"
                     p-id="6426"></path>
-            </svg>{{.Video.Title}}<svg class="icon" viewBox="0 0 1024 1024" width="15" height="21">
+            </svg>{{.Title}}<svg class="icon" viewBox="0 0 1024 1024" width="15" height="21">
                 <path
                     d="M416.301053 992.000352c0-7.399919 2.599971-14.899836 7.799914-20.89977l360.79603-416.895412c20.999769-23.999736 20.999769-60.299336 0-84.299072l-0.099999-0.099999L424.100967 52.910688c-11.599872-13.399853-10.099889-33.59963 3.299964-45.099504 13.399853-11.599872 33.59963-10.099889 45.099504 3.299964l360.596031 416.695414c20.399775 23.299744 31.599652 53.199414 31.599652 84.199073s-11.199877 60.89933-31.599652 84.199073l-360.596031 416.695414c-11.599872 13.399853-31.79965 14.799837-45.099504 3.299964-7.399919-6.299931-11.099878-15.199833-11.099878-24.199734z"
                     p-id="6274"></path>
@@ -46,14 +46,14 @@
     if (Hls.isSupported()) {
         console.log("supported");
         var hls = new Hls();
-        hls.loadSource('{{.Video.PlayLink}}');
+        hls.loadSource('{{.PlayLink}}');
         hls.attachMedia(video);
         hls.on(Hls.Events.MANIFEST_PARSED, function () {
             //video.play();
         });
     } else if (video.canPlayType('application/vnd.apple.mpegurl')) {
         console.log("no supported");
-        video.src = '{{.Video.PlayLink}}';
+        video.src = '{{.PlayLink}}';
         video.addEventListener('loadedmetadata', function () {
             //video.play();
         });
diff --git a/web/templates/video/videos.html.tmpl b/web/templates/video/videos.html.tmpl
index 27bd106..00f8003 100644
--- a/web/templates/video/videos.html.tmpl
+++ b/web/templates/video/videos.html.tmpl
@@ -6,7 +6,7 @@
             <a href="/me/videos/update" class="btn btn-primary">添加</a>
         </div>
         <div class="video-list">
-            {{range .Videos}}
+            {{range .}}
             <div class="card">
                 <img src="{{.Images}}" class="card-img-top" alt="{{.Title}}">
                 <div class="card-body">