diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/UserTokenWebFilter.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/UserTokenWebFilter.java
index 82f8a17a3..8846d681d 100644
--- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/UserTokenWebFilter.java
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/UserTokenWebFilter.java
@@ -57,7 +57,11 @@ public class UserTokenWebFilter implements WebFilter, BeanPostProcessor {
             GeneratedToken token = generator.generate(event.getAuthentication());
             event.getResult().put("token", token.getToken());
             event.getResult().putAll(token.getResponse());
-            userTokenManager.signIn(token.getToken(), token.getType(), event.getAuthentication().getUser().getId(), token.getTimeout())
+
+            long expires = event.<String>getParameter("expires").map(Long::parseLong).orElse(token.getTimeout());
+
+            userTokenManager
+                    .signIn(token.getToken(), token.getType(), event.getAuthentication().getUser().getId(), expires)
                     .subscribe(t -> {
                         log.debug("user [{}] sign in", t.getUserId());
                     });