diff --git a/IRaCIS.Core.API/Controllers/ExtraController.cs b/IRaCIS.Core.API/Controllers/ExtraController.cs
index 921317a8..a1e4c4b5 100644
--- a/IRaCIS.Core.API/Controllers/ExtraController.cs
+++ b/IRaCIS.Core.API/Controllers/ExtraController.cs
@@ -165,8 +165,8 @@ namespace IRaCIS.Api.Controllers
                 {
                     Expires = DateTime.Now.AddMonths(1),
                     HttpOnly = true, // 确保 cookie 只能通过 HTTP 访问
-                    SameSite = Microsoft.AspNetCore.Http.SameSiteMode.None, // 设置 SameSite 属性
-                    Secure = true // 确保 cookie 只能通过 HTTPS 访问
+                    SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Unspecified, // 设置 SameSite 属性
+                    Secure = false // 确保 cookie 只能通过 HTTPS 访问
                 };
 
                 HttpContext.Response.Cookies.Append("access_token", returnModel.Data.JWTStr, option);
diff --git a/IRaCIS.Core.API/Properties/launchSettings.json b/IRaCIS.Core.API/Properties/launchSettings.json
index a5c135eb..7654e41c 100644
--- a/IRaCIS.Core.API/Properties/launchSettings.json
+++ b/IRaCIS.Core.API/Properties/launchSettings.json
@@ -46,13 +46,13 @@
       },
       "applicationUrl": "http://localhost:6300"
     },
-    "IRaCIS.CertificateApply": {
+    "IRaCIS.Test-EIImageViewer": {
       "commandName": "Project",
       "launchBrowser": true,
       "environmentVariables": {
-        "ASPNETCORE_ENVIRONMENT": "CertificateApply"
+        "ASPNETCORE_ENVIRONMENT": "Test-EIImageViewer"
       },
-      "applicationUrl": "http://localhost:6400"
+      "applicationUrl": "http://localhost:6100"
     }
   }
 }
\ No newline at end of file
diff --git a/IRaCIS.Core.Application/BusinessFilter/LimitUserRequestAuthorization.cs b/IRaCIS.Core.Application/BusinessFilter/LimitUserRequestAuthorization.cs
index 953f1abb..6054484d 100644
--- a/IRaCIS.Core.Application/BusinessFilter/LimitUserRequestAuthorization.cs
+++ b/IRaCIS.Core.Application/BusinessFilter/LimitUserRequestAuthorization.cs
@@ -62,6 +62,7 @@ public class LimitUserRequestAuthorization : IAsyncAuthorizationFilter
                 //缓存中没有取到Token
                 if (string.IsNullOrWhiteSpace(cacheUserToken))
                 {
+
                     //设置当前用户最新Token
                     await _provider.SetAsync(_userInfo.Id.ToString(), _userInfo.UserToken, TimeSpan.FromDays(7));
 
diff --git a/IRaCIS.Core.Domain.Share/AuthUser/UserInfo.cs b/IRaCIS.Core.Domain.Share/AuthUser/UserInfo.cs
index 890033cd..522c39f6 100644
--- a/IRaCIS.Core.Domain.Share/AuthUser/UserInfo.cs
+++ b/IRaCIS.Core.Domain.Share/AuthUser/UserInfo.cs
@@ -186,6 +186,13 @@ namespace IRaCIS.Core.Domain.Share
                 {
                     return token;
 
+                }
+
+                var cookieToken = _accessor?.HttpContext?.Request.Cookies["access_token"].ToString();
+                if (!string.IsNullOrWhiteSpace(cookieToken))
+                {
+                    return cookieToken;
+
                 }
                 return string.Empty;