diff --git a/cloud-common/cloud-common-gateway/src/main/java/cn/sh/stc/sict/cloud/common/gateway/filter/GptServerFilter.java b/cloud-common/cloud-common-gateway/src/main/java/cn/sh/stc/sict/cloud/common/gateway/filter/GptServerFilter.java
index 9c6581d7c4886265ba8e3b857c5cc8604142d6d7..76d486f01f5d26fb1209c1be5d15ce5531a92991 100644
--- a/cloud-common/cloud-common-gateway/src/main/java/cn/sh/stc/sict/cloud/common/gateway/filter/GptServerFilter.java
+++ b/cloud-common/cloud-common-gateway/src/main/java/cn/sh/stc/sict/cloud/common/gateway/filter/GptServerFilter.java
@@ -1,12 +1,11 @@
 package cn.sh.stc.sict.cloud.common.gateway.filter;
 
 import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.core.util.StrUtil;
 import cn.sh.stc.sict.cloud.common.core.util.R;
-
 import cn.sh.stc.sict.cloud.common.gateway.feign.RemoteAuthService;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang.StringUtils;
 import org.springframework.cloud.gateway.filter.GatewayFilter;
 import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
 import org.springframework.http.server.reactive.ServerHttpRequest;
@@ -24,14 +23,14 @@ public class GptServerFilter extends AbstractGatewayFilterFactory {
 
     public final RemoteAuthService remoteAuthService;
 
-    public static final String SEC_WEBSOCKET_PROTOCOL = "Sec-WebSocket-Protocol";
+    public static final String WEB_TOKEN = "ws-token";
 
     @Override
     public GatewayFilter apply(Object config) {
         return (exchange, chain) -> {
             ServerHttpRequest request = exchange.getRequest();
-            String token = request.getHeaders().getFirst(SEC_WEBSOCKET_PROTOCOL);
-            log.info("ws-token{}", token);
+            String token = request.getQueryParams().getFirst(WEB_TOKEN);
+            log.error("ws-token = {}", token);
             // 权限校验
             if (checkToken(token)) {
                 return chain.filter(exchange);
@@ -48,15 +47,20 @@ public class GptServerFilter extends AbstractGatewayFilterFactory {
      * @return
      */
     private boolean checkToken(String token) {
-//        if (StringUtils.isEmpty(token)) {
-//            return false;
-//        }
-        return true;
-//        R<Boolean> valid = remoteAuthService.isValid(token);
-//        if (ObjectUtil.isNull(valid) || ObjectUtil.isNull(valid.getData())) {
-//            return false;
-//        }
-//        return valid.getData();
+        try {
+            if (StrUtil.isBlank(token)) {
+                return false;
+            }
+
+            R<Boolean> valid = remoteAuthService.isValid(token);
+            if (ObjectUtil.isNull(valid) || ObjectUtil.isNull(valid.getData())) {
+                return false;
+            }
+            return valid.getData();
+        } catch (Exception e) {
+            log.error("权限校验失败", e);
+            return false;
+        }
     }
 
 }