diff --git a/src/auth/jwt-auth.lua b/src/auth/jwt-auth.lua
index fe106f4..3ba3bb9 100644
--- a/src/auth/jwt-auth.lua
+++ b/src/auth/jwt-auth.lua
@@ -1,5 +1,5 @@
 local jwt = require "resty.jwt"
-local validators = require "resty.jwt-validators"
+local cjson = require("cjson.safe")
 local conf = require("config")
 
 -- 定义一个JSON Schema
@@ -29,7 +29,7 @@ if token == nil then
 end
 
 --校验令牌
-local jwt_obj = jwt:verify(conf.secret_key, auth_header)
+local jwt_obj = jwt:verify(conf.secret_key, token)
 --如果校验结果中的verified==false，则表示令牌无效
 if jwt_obj.verified == false then
     ngx.log(ngx.WARN, "Invalid token: ".. jwt_obj.reason)
diff --git a/src/util/token.lua b/src/util/token.lua
index 9e3c81e..5d216b3 100644
--- a/src/util/token.lua
+++ b/src/util/token.lua
@@ -56,7 +56,7 @@ function _M.authorizationToken(auth_header)
     end
 
     --校验令牌
-    local jwt_obj = jwt:verify(conf.secret_key, auth_header)
+    local jwt_obj = jwt:verify(conf.secret_key, token)
     --如果校验结果中的verified==false，则表示令牌无效
     if jwt_obj.verified == false then
         response["code"] = 401