diff --git a/enforcer_interface.go b/enforcer_interface.go
index ae23d75..9ff7242 100644
--- a/enforcer_interface.go
+++ b/enforcer_interface.go
@@ -75,7 +75,7 @@ type IEnforcer interface {
 	GetQRCode(QRCodeId string) *model.QRCode
 	GetQRCodeState(QRCodeId string) model.QRCodeState
 	GetQRCodeTimeout(QRCodeId string) int64
-	Scanned(QRCodeId string, token string) (string, error)
+	Scanned(QRCodeId string, loginId string) (string, error)
 	ConfirmAuth(QRCodeTempToken string) error
 	CancelAuth(QRCodeTempToken string) error
 
diff --git a/enforcer_manager_api.go b/enforcer_manager_api.go
index 3fb3804..3540f32 100644
--- a/enforcer_manager_api.go
+++ b/enforcer_manager_api.go
@@ -231,11 +231,7 @@ func (e *Enforcer) CreateQRCodeState(QRCodeId string, timeout int64) error {
 }
 
 // Scanned update state to constant.WaitAuth, return tempToken
-func (e *Enforcer) Scanned(QRCodeId string, token string) (string, error) {
-	id, err := e.GetLoginIdByToken(token)
-	if err != nil {
-		return "", err
-	}
+func (e *Enforcer) Scanned(QRCodeId string, loginId string) (string, error) {
 	qrCode := e.getQRCode(QRCodeId)
 	if qrCode == nil {
 		return "", fmt.Errorf("QRCode doesn't exist")
@@ -244,9 +240,9 @@ func (e *Enforcer) Scanned(QRCodeId string, token string) (string, error) {
 		return "", fmt.Errorf("QRCode state error: unexpected state value %v, want is %v", qrCode.State, model.WaitScan)
 	}
 	qrCode.State = model.WaitAuth
-	qrCode.LoginId = id
+	qrCode.LoginId = loginId
 
-	err = e.updateQRCode(QRCodeId, qrCode)
+	err := e.updateQRCode(QRCodeId, qrCode)
 	if err != nil {
 		return "", err
 	}
diff --git a/enforcer_manager_api_test.go b/enforcer_manager_api_test.go
index 6de1e87..4e44c72 100644
--- a/enforcer_manager_api_test.go
+++ b/enforcer_manager_api_test.go
@@ -38,7 +38,8 @@ func TestEnforcer_TempToken(t *testing.T) {
 func TestEnforcer_ConfirmQRCode(t *testing.T) {
 	enforcer, _ := NewTestEnforcer(t)
 	// in APP
-	token, err := enforcer.LoginById("1")
+	loginId := "1"
+	token, err := enforcer.LoginById(loginId)
 	if err != nil {
 		t.Fatalf("Login failed: %v", err)
 	}
@@ -51,7 +52,11 @@ func TestEnforcer_ConfirmQRCode(t *testing.T) {
 		t.Fatalf("CreateQRCodeState() failed: %v", err)
 	}
 	t.Logf("After CreateQRCodeState(), current QRCode state: %v", enforcer.GetQRCodeState(qrCodeId))
-	tempToken, err := enforcer.Scanned(qrCodeId, token)
+	loginIdByToken, err := enforcer.GetLoginIdByToken(token)
+	if err != nil {
+		t.Fatalf("GetLoginIdByToken() failed: %v", err)
+	}
+	tempToken, err := enforcer.Scanned(qrCodeId, loginIdByToken)
 	if err != nil {
 		t.Fatalf("Scanned() failed: %v", err)
 	}
@@ -77,7 +82,8 @@ func TestEnforcer_ConfirmQRCode(t *testing.T) {
 func TestEnforcer_CancelAuthQRCode(t *testing.T) {
 	enforcer, _ := NewTestEnforcer(t)
 	// in APP
-	token, err := enforcer.LoginById("1")
+	loginId := "1"
+	token, err := enforcer.LoginById(loginId)
 	if err != nil {
 		t.Fatalf("Login failed: %v", err)
 	}
@@ -90,7 +96,11 @@ func TestEnforcer_CancelAuthQRCode(t *testing.T) {
 		t.Fatalf("CreateQRCodeState() failed: %v", err)
 	}
 	t.Logf("After CreateQRCodeState(), current QRCode state: %v", enforcer.GetQRCodeState(qrCodeId))
-	tempToken, err := enforcer.Scanned(qrCodeId, token)
+	loginIdByToken, err := enforcer.GetLoginIdByToken(token)
+	if err != nil {
+		t.Fatalf("GetLoginIdByToken() failed: %v", err)
+	}
+	tempToken, err := enforcer.Scanned(qrCodeId, loginIdByToken)
 	if err != nil {
 		t.Fatalf("Scanned() failed: %v", err)
 	}