diff --git a/cmd/dashboard/controller/controller.go b/cmd/dashboard/controller/controller.go
index 3ff62b3..eea190d 100644
--- a/cmd/dashboard/controller/controller.go
+++ b/cmd/dashboard/controller/controller.go
@@ -71,6 +71,7 @@ func routers(r *gin.Engine) {
 	auth.GET("/file", commonHandler(createFM))
 	auth.GET("/ws/file/:id", commonHandler(fmStream))
 
+	auth.GET("/profile", commonHandler(getProfile))
 	auth.GET("/user", commonHandler(listUser))
 	auth.POST("/user", commonHandler(createUser))
 	auth.POST("/batch-delete/user", commonHandler(batchDeleteUser))
diff --git a/cmd/dashboard/controller/jwt.go b/cmd/dashboard/controller/jwt.go
index 38f39bd..2ad3cdf 100644
--- a/cmd/dashboard/controller/jwt.go
+++ b/cmd/dashboard/controller/jwt.go
@@ -19,6 +19,7 @@ func initParams() *jwt.GinJWTMiddleware {
 		Realm:       singleton.Conf.SiteName,
 		Key:         []byte(singleton.Conf.JWTSecretKey),
 		CookieName:  "nz-jwt",
+		SendCookie:  true,
 		Timeout:     time.Hour,
 		MaxRefresh:  time.Hour,
 		IdentityKey: model.CtxKeyAuthorizedUser,
diff --git a/cmd/dashboard/controller/user.go b/cmd/dashboard/controller/user.go
index f3c6718..a4a839c 100644
--- a/cmd/dashboard/controller/user.go
+++ b/cmd/dashboard/controller/user.go
@@ -7,6 +7,23 @@ import (
 	"golang.org/x/crypto/bcrypt"
 )
 
+// Get profile
+// @Summary Get profile
+// @Security BearerAuth
+// @Schemes
+// @Description Get profile
+// @Tags auth required
+// @Produce json
+// @Success 200 {object} model.CommonResponse[model.User]
+// @Router /profile [get]
+func getProfile(c *gin.Context) (*model.User, error) {
+	auth, ok := c.Get(model.CtxKeyAuthorizedUser)
+	if !ok {
+		return nil, singleton.Localizer.ErrorT("unauthorized")
+	}
+	return auth.(*model.User), nil
+}
+
 // List user
 // @Summary List user
 // @Security BearerAuth