diff --git a/internal/msggateway/http_error.go b/internal/msggateway/http_error.go
index fb1d1e5de..cb64732c2 100644
--- a/internal/msggateway/http_error.go
+++ b/internal/msggateway/http_error.go
@@ -1,13 +1,11 @@
 package msggateway
 
-import (
-	"net/http"
-)
+import "github.com/OpenIMSDK/Open-IM-Server/pkg/apiresp"
 
 func httpError(ctx *UserConnContext, err error) {
-	code := http.StatusUnauthorized
-	ctx.SetHeader("Sec-Websocket-Version", "13")
-	ctx.SetHeader("ws_err_msg", err.Error())
+	//code := http.StatusUnauthorized
+	//ctx.SetHeader("Sec-Websocket-Version", "13")
+	//ctx.SetHeader("ws_err_msg", err.Error())
 	//if errors.Is(err, errs.ErrTokenExpired) {
 	//	code = errs.ErrTokenExpired.Code()
 	//}
@@ -38,5 +36,6 @@ func httpError(ctx *UserConnContext, err error) {
 	//if errors.Is(err, errs.ErrConnArgsErr) {
 	//	code = errs.ErrConnArgsErr.Code()
 	//}
-	ctx.ErrReturn(err.Error(), code)
+	//ctx.ErrReturn(err.Error(), code)
+	apiresp.HttpError(ctx.RespWriter, err)
 }
diff --git a/pkg/apiresp/http.go b/pkg/apiresp/http.go
index 10ae0997f..f079fae6a 100644
--- a/pkg/apiresp/http.go
+++ b/pkg/apiresp/http.go
@@ -5,15 +5,21 @@ import (
 	"net/http"
 )
 
-func HttpError(w http.ResponseWriter, err error) {
-	data, err := json.Marshal(ParseError(err))
+func httpJson(w http.ResponseWriter, data any) {
+	body, err := json.Marshal(data)
 	if err != nil {
-		panic(err)
+		http.Error(w, "json marshal error: "+err.Error(), http.StatusInternalServerError)
+		return
 	}
-	_ = data
+	w.Header().Set("Content-Type", "application/json; charset=utf-8")
+	w.WriteHeader(http.StatusOK)
+	_, _ = w.Write(body)
+}
 
+func HttpError(w http.ResponseWriter, err error) {
+	httpJson(w, ParseError(err))
 }
 
 func HttpSuccess(w http.ResponseWriter, data any) {
-
+	httpJson(w, ApiSuccess(data))
 }
diff --git a/pkg/common/tokenverify/jwt_token.go b/pkg/common/tokenverify/jwt_token.go
index 00ad58b17..a459e75e8 100644
--- a/pkg/common/tokenverify/jwt_token.go
+++ b/pkg/common/tokenverify/jwt_token.go
@@ -89,15 +89,15 @@ func IsManagerUserID(opUserID string) bool {
 	return utils.IsContain(opUserID, config.Config.Manager.AppManagerUid)
 }
 func WsVerifyToken(token, userID, platformID string) error {
-	//claim, err := GetClaimFromToken(token)
-	//if err != nil {
-	//	return err
-	//}
-	//if claim.UID != userID {
-	//	return errs.ErrTokenInvalid.Wrap(fmt.Sprintf("token uid %s != userID %s", claim.UID, userID))
-	//}
-	//if claim.Platform != platformID {
-	//	return errs.ErrInternalServer.Wrap(fmt.Sprintf("token platform %s != platformID %s", claim.Platform, platformID))
-	//}
+	claim, err := GetClaimFromToken(token)
+	if err != nil {
+		return err
+	}
+	if claim.UID != userID {
+		return errs.ErrTokenInvalid.Wrap(fmt.Sprintf("token uid %s != userID %s", claim.UID, userID))
+	}
+	if claim.Platform != platformID {
+		return errs.ErrTokenInvalid.Wrap(fmt.Sprintf("token platform %s != platformID %s", claim.Platform, platformID))
+	}
 	return nil
 }