diff --git a/apps/backend/src/user/user.controller.ts b/apps/backend/src/user/user.controller.ts
index f4a49a5..bf8b791 100644
--- a/apps/backend/src/user/user.controller.ts
+++ b/apps/backend/src/user/user.controller.ts
@@ -18,7 +18,8 @@ export class UserController {
 
   @UseGuards(AuthGuard)
   @Put('password')
-  async update(@CurrentUser() user: AuthUser, @Body() dto: UpdateUserPasswordDto) {
-    return this.userService.setPassword(user.userId, dto.password);
+  async update(@CurrentUser() user: AuthUser, @Body() dto: UpdateUserPasswordDto): Promise<null> {
+    await this.userService.setPassword(user.userId, dto.password.trim());
+    return null;
   }
 }
diff --git a/apps/backend/src/user/user.service.ts b/apps/backend/src/user/user.service.ts
index 950adec..a10fe7b 100644
--- a/apps/backend/src/user/user.service.ts
+++ b/apps/backend/src/user/user.service.ts
@@ -133,15 +133,15 @@ export class UserService {
     return uuid().replace(/-/g, '');
   }
 
-  async setPassword(userId: string, password: string): Promise<User> {
+  async setPassword(userId: string, password: string) {
     const user = await this.userRepository.findOne({ where: { userId } });
     if (!user) {
-      throw new BadRequestException('User not found');
+      throw new BadRequestException('用户不存在');
     }
     const salt = this.generateSalt();
     user.password_hash = this.hashPassword(password, salt);
     user.salt = salt;
-    return this.userRepository.save(user);
+    await this.userRepository.save(user);
   }
 
   private getDuplicateErrorMessage(error: QueryFailedError): string {