diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index c0905e89c..19fc3adf1 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -12,6 +12,7 @@ class ApplicationController < ActionController::Base
 
 	protect_from_forgery prepend: true, unless: -> { request.format.json? }
 
+	before_action :check_sign
 	before_action :user_setup
 	#before_action :check_account
 
@@ -20,6 +21,13 @@ class ApplicationController < ActionController::Base
 
 	helper_method :current_user
 
+	# 所有请求必须合法签名
+	def check_sign
+		timestamp = Time.now.to_i
+		sign = Digest::MD5.hexdigest("#{OPENKEY}#{timestamp}")
+		tip_exception(501, "请求不合理") if sign != params[:client_key]
+	end
+
 	# 全局配置参数
 	# 返回name对应的value
 	def edu_setting(name)
diff --git a/app/controllers/cooperative/base_controller.rb b/app/controllers/cooperative/base_controller.rb
index 51af05ed2..dfc99b7b8 100644
--- a/app/controllers/cooperative/base_controller.rb
+++ b/app/controllers/cooperative/base_controller.rb
@@ -16,7 +16,7 @@ class Cooperative::BaseController < ApplicationController
   private
 
   def current_laboratory
-    @_current_laboratory ||= Laboratory.find_by_subdomain(request.subdomain)
+    @_current_laboratory ||= (Laboratory.find_by_subdomain(request.subdomain) || Laboratory.first)
     # @_current_laboratory ||= Laboratory.find 1
   end