diff --git a/IRaCIS.Core.API/appsettings.Development.json b/IRaCIS.Core.API/appsettings.Development.json
index e9f58c77f..492bb8a68 100644
--- a/IRaCIS.Core.API/appsettings.Development.json
+++ b/IRaCIS.Core.API/appsettings.Development.json
@@ -19,7 +19,7 @@
 
     "OpenTrialRelationDelete": true,
 
-    "OpenLoginLimit": false
+    "OpenLoginLimit": true
   },
 
   "SystemEmailSendConfig": {
diff --git a/IRaCIS.Core.Application/BusinessFilter/LimitUserRequestAuthorization.cs b/IRaCIS.Core.Application/BusinessFilter/LimitUserRequestAuthorization.cs
index dda88370f..c4d163f8f 100644
--- a/IRaCIS.Core.Application/BusinessFilter/LimitUserRequestAuthorization.cs
+++ b/IRaCIS.Core.Application/BusinessFilter/LimitUserRequestAuthorization.cs
@@ -1,7 +1,9 @@
 using EasyCaching.Core;
 using IRaCIS.Core.Domain.Share;
+using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.Filters;
 using Microsoft.Extensions.Localization;
 using Microsoft.Extensions.Options;
@@ -51,7 +53,9 @@ public class LimitUserRequestAuthorization : IAsyncAuthorizationFilter
                     context.HttpContext.Response.ContentType = "application/json";
                     context.HttpContext.Response.StatusCode = StatusCodes.Status200OK;
                 //---当前请求未从Header/Url取到用户Token,请联系开发者
-                    await context.HttpContext.Response.WriteAsync(JsonConvert.SerializeObject(ResponseOutput.NotOk(_localizer["LimitUser_AuthTokenMissing"])));
+                    //await context.HttpContext.Response.WriteAsync(JsonConvert.SerializeObject(ResponseOutput.NotOk(_localizer["LimitUser_AuthTokenMissing"])));
+
+                    context.Result = new JsonResult(ResponseOutput.NotOk(_localizer["LimitUser_AuthTokenMissing"]));
                 }
 
                 //2、在这里取缓存  进行比较  看是否有其他人进行了登陆，如果其他人登陆了，就把之前用户挤掉
@@ -77,8 +81,13 @@ public class LimitUserRequestAuthorization : IAsyncAuthorizationFilter
 
                     context.HttpContext.Response.ContentType = "application/json";
                     context.HttpContext.Response.StatusCode = StatusCodes.Status403Forbidden;
-                //---您的账户在其他地方已登陆，您被迫下线。
-                    await context.HttpContext.Response.WriteAsync(JsonConvert.SerializeObject(ResponseOutput.NotOk(_localizer["LimitUser_AccountLoggedInElsewhere"], ApiResponseCodeEnum.LoginInOtherPlace)));
+                    //---您的账户在其他地方已登陆，您被迫下线。
+
+
+                    context.Result = new JsonResult(ResponseOutput.NotOk(_localizer["LimitUser_AccountLoggedInElsewhere"], ApiResponseCodeEnum.LoginInOtherPlace));
+                        
+
+                    //await context.HttpContext.Response.WriteAsync(JsonConvert.SerializeObject(ResponseOutput.NotOk(_localizer["LimitUser_AccountLoggedInElsewhere"], ApiResponseCodeEnum.LoginInOtherPlace)));
 
                 }