diff --git a/server/go.mod b/server/go.mod
index d51cee6..a312eb0 100644
--- a/server/go.mod
+++ b/server/go.mod
@@ -59,6 +59,7 @@ require (
 	github.com/syndtr/goleveldb v1.0.0 // indirect
 	github.com/tklauser/go-sysconf v0.3.7 // indirect
 	github.com/tklauser/numcpus v0.2.3 // indirect
+	go.uber.org/atomic v1.10.0 // indirect
 	golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e // indirect
 	golang.org/x/text v0.3.7 // indirect
 	gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
diff --git a/server/go.sum b/server/go.sum
index a016ffe..3e65191 100644
--- a/server/go.sum
+++ b/server/go.sum
@@ -557,6 +557,8 @@ go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
 go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
 go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
 go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
+go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ=
+go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
 go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
 go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
 go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU=
diff --git a/server/handler/link_tunnel.go b/server/handler/link_tunnel.go
index 72089f6..16373b2 100644
--- a/server/handler/link_tunnel.go
+++ b/server/handler/link_tunnel.go
@@ -104,7 +104,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
 	}
 
 	// 设置用户策略
-	SetUserPolicy(sess.Username, cSess.Group)
+	SetUserPolicy(cSess.Username, cSess.Group)
 
 	// 允许本地LAN访问vpn网络，必须放在路由的第一个
 	if cSess.Group.AllowLan {
diff --git a/server/handler/payload_access_audit.go b/server/handler/payload_access_audit.go
index df50c42..0ad9ea4 100644
--- a/server/handler/payload_access_audit.go
+++ b/server/handler/payload_access_audit.go
@@ -181,7 +181,7 @@ func logAudit(cSess *sessdata.ConnSession, pl *sessdata.Payload) {
 	cSess.IpAuditMap.Set(s, nu)
 
 	audit := dbdata.AccessAudit{
-		Username:    cSess.Sess.Username,
+		Username:    cSess.Username,
 		Protocol:    uint8(ipProto),
 		Src:         ipSrc.String(),
 		Dst:         ipDst.String(),
diff --git a/server/sessdata/session.go b/server/sessdata/session.go
index b2a2834..e773782 100644
--- a/server/sessdata/session.go
+++ b/server/sessdata/session.go
@@ -230,7 +230,7 @@ func (cs *ConnSession) Close() {
 		}
 
 		ReleaseIp(cs.IpAddr, cs.Sess.MacAddr)
-		LimitClient(cs.Sess.Username, true)
+		LimitClient(cs.Username, true)
 	})
 }