diff --git a/api/login.js b/api/login.js
index 38ec3b2..a8bbfd1 100644
--- a/api/login.js
+++ b/api/login.js
@@ -11,13 +11,22 @@ router.post("/", async function(req, res) {
         let conn;
 	    try {
 	    	conn = await util.getDBConnection(); // get connection from db
-	    	const result = await conn.query("SELECT COUNT(*) FROM user WHERE username = ? AND pass = ?;", [account, password]);
-            if (result[0]["COUNT(*)"]) {
+	    	var result = await conn.query("SELECT * FROM user WHERE username = ? AND pass = ? ;", [account, password]);
+            if (result.length == 1) {
                 // valid user, create a token
-                const data = {uid : account};
+                let is_assistant = result[0]['is_assistant'] == 1
+                const data = {uid : account, is_assistent: is_assistant};
                 const token = util.signJwtToken(data);
+                if (!is_assistant){
+                    var result = await conn.query("SELECT student_name FROM student WHERE student_id = ? ;", [account]);
+                    var name = result[0]['student_name'];
+                } else {
+                    var result = await conn.query("SELECT assistant_name FROM assistant WHERE username = ? ;", [account]);
+                    var name = result[0]['assistant_name'];
+                }
+                console.log(name);
                 res.cookie("token", token);
-                res.json({suc : true});
+                res.json({'suc' : true, 'is_assistant': is_assistant, 'name': name});
             }
             else {
                 res.json({suc : false, msg : "wrong username or password"});
@@ -36,4 +45,4 @@ router.post("/", async function(req, res) {
     }
 })
 
-module.exports = router;
\ No newline at end of file
+module.exports = router;
diff --git a/js/login.js b/js/login.js
index d95933b..c3d0085 100644
--- a/js/login.js
+++ b/js/login.js
@@ -2,20 +2,19 @@ async function submit() {
     const account = document.getElementById("account").value;
     const password = document.getElementById("password").value;
     let data = {account : account, password : password};
-    let suc_login = await axios.post('http://163.22.17.184:5000/api/login', data);
+    let suc_login = await axios.post('/api/login', data);
     suc_login = suc_login.data;
-	console.log(suc_login);
     if (suc_login.suc) {
-        if (account.length >= 9) {
+        if (!suc_login.is_assistant) {
             // student
-            location.href = `/main?name=${suc_login.authen_result}&s_num=${account}`;
+            location.href = `/main?name=${suc_login.name}&s_num=${account}`;
         }
         else {
             // assistant
-            location.href = `/audit?name=${suc_login.authen_result}&s_num=${account}`;
+            location.href = `/audit?name=${suc_login.name}&s_num=${account}`;
         }
     }
     else {
 	    alert("帳號或密碼錯誤");
     }
-}
\ No newline at end of file
+}