diff --git a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java
index e93769df..767f6d92 100644
--- a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java
@@ -14,6 +14,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.web.bind.annotation.CookieValue;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -99,7 +100,8 @@ public class CourseWareApi extends ApiBaseController {
 	 * @throws Exception
 	 */
 	@GetMapping("/resource")
-	public JsonResponse<String> getVideo(HttpServletRequest request, HttpServletResponse response, String sign) throws Exception {
+	public JsonResponse<String> getVideo(HttpServletRequest request, HttpServletResponse response, String sign,
+										 @CookieValue(name = "token",required = false)String token) throws Exception {
 
 		if (StringUtils.isBlank(sign)) {
 			return badRequest("非法请求");
@@ -119,10 +121,10 @@ public class CourseWareApi extends ApiBaseController {
 		if(!has) {
 			return badRequest("页面不存在");
 		}
-		String token = request.getHeader("Xboe-Access-Token");
-		if (StringUtils.isEmpty(token)) {
-			token = request.getHeader("token");
-		}
+//		String token = request.getHeader("Xboe-Access-Token");
+//		if (StringUtils.isEmpty(token)) {
+//			token = request.getHeader("token");
+//		}
 //		读取cookies中的时间
 //		String cookieTime = getSignTimeCookie(request);
 //		if (StringUtils.isBlank(cookieTime)) {