diff --git a/IRaCIS.Core.API/Controllers/DownLoadController.cs b/IRaCIS.Core.API/Controllers/DownLoadController.cs
index cb12affde..218d24ea6 100644
--- a/IRaCIS.Core.API/Controllers/DownLoadController.cs
+++ b/IRaCIS.Core.API/Controllers/DownLoadController.cs
@@ -16,6 +16,7 @@ using System.Linq;
 using System.Threading.Tasks;
 using IRaCIS.Core.Domain.Share;
 using Microsoft.EntityFrameworkCore;
+using IRaCIS.Core.Application.Helper;
 
 namespace IRaCIS.Core.API.Controllers
 {
@@ -71,7 +72,8 @@ namespace IRaCIS.Core.API.Controllers
                 throw new Exception("å½“å‰code æ²¡è¦æ‰¾åˆ°å¯¹åº”çš„æ–‡ä»¶");
             }
 
-            var rootPath = Directory.GetParent(_hostEnvironment.ContentRootPath.TrimEnd('\\')).FullName;
+            var rootPath = FileStoreHelper.GetIRaCISRootDataFolder(_hostEnvironment);
+
 
             var filePath = Path.Combine(rootPath, doc.Path.Trim('/'));
 
diff --git a/IRaCIS.Core.API/Startup.cs b/IRaCIS.Core.API/Startup.cs
index 7c8db9ca1..102969299 100644
--- a/IRaCIS.Core.API/Startup.cs
+++ b/IRaCIS.Core.API/Startup.cs
@@ -159,6 +159,8 @@ namespace IRaCIS.Core.API
             //²»ÐèÒª token ·ÃÎÊµÄ¾²Ì¬ÎÄ¼þ  wwwroot css, JavaScript, and images don't require authentication.
             app.UseStaticFiles();
 
+            app.UseIRacisHostStaticFileStore(env);
+
             //LogDashboard
             app.UseLogDashboard("/LogDashboard");
 
@@ -203,7 +205,7 @@ namespace IRaCIS.Core.API
             app.UseAuthorization();
 
             //ÎÄ¼þËÅ·þ  ±ØÐë´øToken ·ÃÎÊ
-            app.UseIRacisHostStaticFileStore(env);
+            //app.UseIRacisHostStaticFileStore(env);
 
             app.UseEndpoints(endpoints =>
             {
diff --git a/IRaCIS.Core.API/_ServiceExtensions/Authorization/JWTAuthSetup.cs b/IRaCIS.Core.API/_ServiceExtensions/Authorization/JWTAuthSetup.cs
index 12bcc9e1f..1b7984ebb 100644
--- a/IRaCIS.Core.API/_ServiceExtensions/Authorization/JWTAuthSetup.cs
+++ b/IRaCIS.Core.API/_ServiceExtensions/Authorization/JWTAuthSetup.cs
@@ -61,7 +61,7 @@ namespace IRaCIS.Core.API
                          
                            //ä»…ä»…æ˜¯è®¿é—®æ–‡ä»¶çš„æ—¶å€™æ‰ä¼šåŽ»å–tokenè®¤è¯  å‰ç«¯å¯¹cookieè®¾ç½®äº†æœ‰æ•ˆæœŸ
 
-                           if (context.Request.Path.ToString().Contains("IRaCISData")|| context.Request.Path.ToString().Contains("SystemData") )
+                           if (context.Request.Path.ToString().Contains("IRaCISData") || context.Request.Path.ToString().Contains("SystemData") )
                            {
                                var cookieToken = context.Request.Cookies["access_token"];