diff --git a/apps/accounts/api/serializers.py b/apps/accounts/api/serializers.py
index 20f1d35..df74cef 100644
--- a/apps/accounts/api/serializers.py
+++ b/apps/accounts/api/serializers.py
@@ -6,10 +6,30 @@ User = get_user_model()
 
 
 class UserDetailSerializer(serializers.ModelSerializer):
+    name = serializers.SerializerMethodField()
+    token = serializers.SerializerMethodField()
+    roles = serializers.SerializerMethodField()
 
     class Meta:
         model = User
-        fields = ['username', 'email']
+        fields = [
+            'username',
+            'name',
+            'email',
+            'roles',
+            'introduction',
+            'avatar',
+            'token'
+        ]
+
+    def get_name(self, obj):
+        return obj.username
+
+    def get_token(self, obj):
+        return obj.username
+
+    def get_roles(self, obj):
+        return obj.role.split()
 
 
 class UserLoginSerializer(serializers.ModelSerializer):
diff --git a/apps/accounts/api/views.py b/apps/accounts/api/views.py
index 5570b55..7d5222f 100644
--- a/apps/accounts/api/views.py
+++ b/apps/accounts/api/views.py
@@ -46,11 +46,12 @@ class UserDetailAPIView(RetrieveAPIView):
     def get(self, request, *args, **kwargs):
         token = request.GET.get('token', None)
         data = {'token': token}
-        # try:
-        valid_data = VerifyJSONWebTokenSerializer().validate(data)
-        user = valid_data['user']
-        serializer = self.get_serializer(user)
-        return Response(serializer.data, HTTP_200_OK)
-        # except serializers.ValidationError as exc:
-        #     response = exception_handler(exc, context=None)
-        #     return response
+        try:
+            valid_data = VerifyJSONWebTokenSerializer().validate(data)
+            user = valid_data['user']
+            serializer = self.get_serializer(user)
+            return Response(serializer.data, HTTP_200_OK)
+        except serializers.ValidationError as exc:
+            exc.detail = exc.detail[0]
+            response = exception_handler(exc, context=None)
+            return response
diff --git a/mosqkiller/settings.py b/mosqkiller/settings.py
index 48a5183..6a8ee27 100644
--- a/mosqkiller/settings.py
+++ b/mosqkiller/settings.py
@@ -46,9 +46,6 @@ INSTALLED_APPS = [
     'smart',
 ]
 
-
-CORS_ORIGIN_ALLOW_ALL = True
-
 MIDDLEWARE = [
     'corsheaders.middleware.CorsMiddleware',
     'django.middleware.security.SecurityMiddleware',
@@ -60,6 +57,13 @@ MIDDLEWARE = [
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
 
+CORS_ORIGIN_ALLOW_ALL = True
+CORS_ALLOW_HEADERS = [
+    'X-Token',
+    'Content-Type',
+
+]
+
 ROOT_URLCONF = 'mosqkiller.urls'
 
 TEMPLATES = [