diff --git a/apps/DocFlow/src/app/auth/callback/page.tsx b/apps/DocFlow/src/app/auth/callback/page.tsx
index 34133d4b..7beac285 100644
--- a/apps/DocFlow/src/app/auth/callback/page.tsx
+++ b/apps/DocFlow/src/app/auth/callback/page.tsx
@@ -6,158 +6,161 @@ import { CheckCircle, Loader2, AlertCircle } from 'lucide-react';
 
 import { useGitHubLogin, useTokenLogin } from '@/hooks/useAuth';
 
+const DEFAULT_REDIRECT = '/dashboard';
+const REDIRECT_STORAGE_KEY = 'auth_redirect';
+
+function safeDecode(value: string | null): string | null {
+  if (!value) return null;
+
+  try {
+    return decodeURIComponent(value);
+  } catch {
+    return value;
+  }
+}
+
+function parseOptionalInt(value: string | null): number | undefined {
+  if (value == null || value === '') return undefined;
+
+  const n = Number(value);
+
+  return Number.isFinite(n) ? n : undefined;
+}
+
+type CallbackState = 'loading' | 'success' | 'error';
+
 function CallbackContent() {
   const [status, setStatus] = useState('处理中...');
-  const [state, setState] = useState<'loading' | 'success' | 'error'>('loading');
+  const [uiState, setUiState] = useState<CallbackState>('loading');
   const [mounted, setMounted] = useState(false);
-  const [authProcessed, setAuthProcessed] = useState(false); // 添加认证处理标记
+  const [processed, setProcessed] = useState(false);
   const searchParams = useSearchParams();
   const router = useRouter();
 
   const gitHubLoginMutation = useGitHubLogin();
   const tokenLoginMutation = useTokenLogin();
 
-  // 确保组件在客户端挂载
   useEffect(() => {
     setMounted(true);
   }, []);
 
-  // 获取重定向 URL
   const getRedirectUrl = (): string => {
-    // 1. 优先从 state 参数获取（GitHub OAuth 标准）
-    const state = searchParams?.get('state');
+    const stateParam = safeDecode(searchParams?.get('state') ?? null);
 
-    if (state) {
-      try {
-        return decodeURIComponent(state);
-      } catch {}
+    if (stateParam) {
+      return stateParam;
     }
 
-    // 2. 从 redirect_to 参数获取
-    const redirectTo = searchParams?.get('redirect_to');
+    const redirectTo = safeDecode(searchParams?.get('redirect_to') ?? null);
 
     if (redirectTo) {
-      try {
-        return decodeURIComponent(redirectTo);
-      } catch {}
+      return redirectTo;
     }
 
-    // 3. 从 sessionStorage 获取（仅客户端）
-    if (mounted && typeof window !== 'undefined') {
-      try {
-        const saved = sessionStorage.getItem('auth_redirect');
+    if (typeof window !== 'undefined') {
+      const saved = sessionStorage.getItem(REDIRECT_STORAGE_KEY);
 
-        if (saved) {
-          sessionStorage.removeItem('auth_redirect');
+      if (saved) {
+        sessionStorage.removeItem(REDIRECT_STORAGE_KEY);
 
-          return saved;
-        }
-      } catch {}
+        return saved;
+      }
     }
 
-    // 4. 默认跳转到仪表盘
-    return '/dashboard';
+    return DEFAULT_REDIRECT;
   };
 
   useEffect(() => {
-    if (!mounted || authProcessed || !searchParams) return;
-
-    const processAuth = async () => {
-      setAuthProcessed(true);
-
-      try {
-        // 场景1: 直接 Token 登录
-        const token = searchParams.get('token');
-
-        if (token) {
-          const authData = {
-            token,
-            refresh_token: searchParams.get('refresh_token') || undefined,
-            expires_in: searchParams.get('expires_in')
-              ? parseInt(searchParams.get('expires_in')!)
-              : undefined,
-            refresh_expires_in: searchParams.get('refresh_expires_in')
-              ? parseInt(searchParams.get('refresh_expires_in')!)
-              : undefined,
-          };
-
-          setStatus('登录成功，正在跳转...');
-          setState('success');
-
-          tokenLoginMutation.mutate({
-            authData,
-            redirectUrl: getRedirectUrl(),
-          });
-
-          return;
-        }
-
-        // 场景2: GitHub OAuth 授权码登录
-        const code = searchParams.get('code');
-
-        if (!code) {
-          setStatus('缺少授权码，请重新登录');
-          setState('error');
-
-          return;
-        }
-
-        setStatus('正在验证授权...');
-
-        gitHubLoginMutation.mutate(
-          {
-            code,
-            redirectUrl: getRedirectUrl(),
+    if (!mounted || processed) return;
+
+    setProcessed(true);
+
+    const redirectUrl = getRedirectUrl();
+    const token = searchParams.get('token');
+
+    if (token) {
+      setStatus('登录成功，正在跳转...');
+      setUiState('success');
+      tokenLoginMutation.mutate({
+        authData: {
+          token,
+          refresh_token: searchParams.get('refresh_token') ?? undefined,
+          expires_in: parseOptionalInt(searchParams.get('expires_in')),
+          refresh_expires_in: parseOptionalInt(searchParams.get('refresh_expires_in')),
+        },
+        redirectUrl,
+      });
+
+      return;
+    }
+
+    const code = searchParams.get('code');
+
+    if (code) {
+      setStatus('正在验证授权...');
+      gitHubLoginMutation.mutate(
+        { code, redirectUrl },
+        {
+          onSuccess: () => {
+            setStatus('登录成功，正在跳转...');
+            setUiState('success');
           },
-          {
-            onSuccess: () => {
-              setStatus('登录成功，正在跳转...');
-              setState('success');
-            },
-            onError: (error) => {
-              const message = error instanceof Error ? error.message : String(error);
-              setStatus(`认证失败: ${message}`);
-              setState('error');
-            },
+          onError: (error) => {
+            setStatus(`认证失败：${error instanceof Error ? error.message : String(error)}`);
+            setUiState('error');
           },
-        );
-      } catch (error) {
-        const message = error instanceof Error ? error.message : '未知错误';
-        setStatus(`登录失败: ${message}`);
-        setState('error');
-      }
-    };
+        },
+      );
+
+      return;
+    }
+
+    setStatus('缺少授权信息，请重新登录');
+    setUiState('error');
+  }, [mounted, processed, searchParams]);
 
-    processAuth();
-  }, [mounted, authProcessed, searchParams]);
+  const handleManualRedirect = () => router.push(getRedirectUrl());
 
   return (
     <div className="min-h-screen flex items-center justify-center bg-gradient-to-br from-blue-50 to-indigo-50">
       <div className="w-full max-w-md p-10 space-y-6 bg-white rounded-2xl shadow-xl border border-gray-100">
         <div className="text-center">
-          <h1 className="text-2xl font-bold text-gray-800 mb-2">GitHub认证</h1>
-
-          <div className="flex flex-col items-center justify-center space-y-4 mt-6">
-            {state === 'loading' && (
+          <h1 className="text-2xl font-bold text-gray-800 mb-2">登录</h1>
+
+          <div
+            className="flex flex-col items-center justify-center space-y-4 mt-6"
+            role="status"
+            aria-live="polite"
+            aria-label={status}
+          >
+            {uiState === 'loading' && (
               <div className="flex flex-col items-center">
-                <Loader2 className="h-12 w-12 text-blue-500 animate-spin mb-4" />
+                <Loader2 className="h-12 w-12 text-blue-500 animate-spin mb-4" aria-hidden />
                 <p className="text-lg font-medium text-gray-700">{status}</p>
               </div>
             )}
 
-            {state === 'success' && (
-              <div className="flex flex-col items-center">
-                <CheckCircle className="h-14 w-14 text-green-500 mb-4" />
+            {uiState === 'success' && (
+              <div className="flex flex-col items-center gap-3">
+                <CheckCircle className="h-14 w-14 text-green-500 mb-4" aria-hidden />
                 <p className="text-lg font-medium text-gray-700">{status}</p>
+                <button
+                  type="button"
+                  className="text-sm text-blue-600 hover:text-blue-800 underline focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 rounded"
+                  onClick={handleManualRedirect}
+                >
+                  若未自动跳转，请点击此处
+                </button>
               </div>
             )}
 
-            {state === 'error' && (
+            {uiState === 'error' && (
               <div className="flex flex-col items-center">
-                <AlertCircle className="h-14 w-14 text-red-500 mb-4" />
+                <AlertCircle className="h-14 w-14 text-red-500 mb-4" aria-hidden />
                 <p className="text-lg font-medium text-gray-700 text-center mb-4">{status}</p>
                 <button
-                  className="py-2.5 px-6 bg-gray-900 hover:bg-gray-800 text-white rounded-xl transition-all duration-200 cursor-pointer"
+                  type="button"
+                  className="py-2.5 px-6 bg-gray-900 hover:bg-gray-800 text-white rounded-xl transition-colors focus:outline-none focus:ring-2 focus:ring-gray-700 focus:ring-offset-2"
                   onClick={() => router.push('/auth')}
                 >
                   返回登录
@@ -171,23 +174,23 @@ function CallbackContent() {
   );
 }
 
-export default function AuthCallback() {
-  return (
-    <Suspense
-      fallback={
-        <div className="min-h-screen flex items-center justify-center bg-gradient-to-br from-blue-50 to-indigo-50">
-          <div className="w-full max-w-md p-10 space-y-6 bg-white rounded-2xl shadow-xl border border-gray-100">
-            <div className="text-center">
-              <h1 className="text-2xl font-bold text-gray-800 mb-2">GitHub认证</h1>
-              <div className="flex flex-col items-center justify-center mt-6">
-                <Loader2 className="h-12 w-12 text-blue-500 animate-spin mb-4" />
-                <p className="text-lg font-medium text-gray-700">加载中...</p>
-              </div>
-            </div>
-          </div>
+const LoadingFallback = () => (
+  <div className="min-h-screen flex items-center justify-center bg-gradient-to-br from-blue-50 to-indigo-50">
+    <div className="w-full max-w-md p-10 space-y-6 bg-white rounded-2xl shadow-xl border border-gray-100">
+      <div className="text-center">
+        <h1 className="text-2xl font-bold text-gray-800 mb-2">登录</h1>
+        <div className="flex flex-col items-center justify-center mt-6">
+          <Loader2 className="h-12 w-12 text-blue-500 animate-spin mb-4" />
+          <p className="text-lg font-medium text-gray-700">加载中...</p>
         </div>
-      }
-    >
+      </div>
+    </div>
+  </div>
+);
+
+export default function AuthCallbackPage() {
+  return (
+    <Suspense fallback={<LoadingFallback />}>
       <CallbackContent />
     </Suspense>
   );
diff --git a/apps/DocFlow/src/hooks/useAuth.ts b/apps/DocFlow/src/hooks/useAuth.ts
index dd3062e0..bff8f6c4 100644
--- a/apps/DocFlow/src/hooks/useAuth.ts
+++ b/apps/DocFlow/src/hooks/useAuth.ts
@@ -8,105 +8,113 @@ import authApi from '@/services/auth';
 import type { User, AuthResponse, EmailPasswordRegisterParams } from '@/types/auth';
 import { saveAuthData } from '@/utils';
 
-// 邮箱验证码登录参数（扩展）
+// ---------------------------------------------------------------------------
+// 常量与类型
+// ---------------------------------------------------------------------------
+
+const REDIRECT_DELAY_MS = 1000;
+const REDIRECT_FALLBACK_CHECK_MS = 500;
+const AUTH_CALLBACK_PATH = '/auth/callback';
+const DEFAULT_REDIRECT_URL = '/dashboard';
+
 interface EmailLoginParams {
   email: string;
   code: string;
   redirectUrl?: string;
 }
 
-// GitHub 回调参数
 interface GitHubCallbackParams {
   code: string;
+  redirectUrl?: string;
+}
+
+interface EmailPasswordLoginParams {
+  email: string;
+  password: string;
+  redirectUrl?: string;
 }
 
-// 通用的登录成功处理函数
-const handleAuthSuccess = async (
+// ---------------------------------------------------------------------------
+// 工具函数
+// ---------------------------------------------------------------------------
+
+function getErrorMessage(error: unknown): string {
+  return error instanceof Error ? error.message : String(error);
+}
+
+function isRelativePath(url: string): boolean {
+  return url.startsWith('/');
+}
+
+// ---------------------------------------------------------------------------
+// 登录成功通用处理
+// ---------------------------------------------------------------------------
+
+async function handleAuthSuccess(
   authData: AuthResponse,
   queryClient: ReturnType<typeof useQueryClient>,
   router: ReturnType<typeof useRouter>,
   redirectUrl?: string,
-) => {
-  console.log('✅ 登录成功，处理认证数据...');
-
-  // 1. 保存认证数据
+): Promise<void> {
   saveAuthData(authData);
-  console.log('💾 认证数据已保存');
 
-  // 2. 获取用户资料
-  try {
-    console.log('👤 正在获取用户资料...');
+  const targetUrl = redirectUrl || DEFAULT_REDIRECT_URL;
+
+  // 先安排跳转，不依赖 getCurrentUser，避免接口卡住导致永不跳转
+  setTimeout(() => {
+    router.push(targetUrl);
+
+    // 若 client-side 导航未生效（如仍在回调页），用整页跳转兜底
+    setTimeout(() => {
+      if (
+        typeof window !== 'undefined' &&
+        window.location.pathname === AUTH_CALLBACK_PATH &&
+        isRelativePath(targetUrl)
+      ) {
+        window.location.href = targetUrl;
+      }
+    }, REDIRECT_FALLBACK_CHECK_MS);
+  }, REDIRECT_DELAY_MS);
 
+  // 后台拉取用户资料并更新缓存，不阻塞跳转
+  try {
     const { data: userResponse, error } = await authApi.getCurrentUser();
 
     if (error || !userResponse?.data) {
-      console.error('❌ 获取用户资料失败:', error);
       toast.warning('获取用户资料失败，但登录成功');
     } else {
-      const user = userResponse.data;
-      console.log('✅ 用户资料获取成功:', user);
-
-      // 3. 立即更新 React Query 缓存
-      queryClient.setQueryData<User>(userQueryKeys.profile(), user);
+      queryClient.setQueryData<User>(userQueryKeys.profile(), userResponse.data);
     }
-  } catch (error) {
-    console.warn('⚠️ 处理用户资料时出错:', error);
+  } catch {
     toast.warning('获取用户资料失败，但登录成功');
   }
+}
 
-  // 4. 跳转到目标页面
-  const targetUrl = redirectUrl || '/dashboard';
-  console.log('🚀 即将跳转到:', targetUrl);
-  setTimeout(() => {
-    router.push(targetUrl);
-  }, 1000);
-};
+// ---------------------------------------------------------------------------
+// 邮箱验证码登录
+// ---------------------------------------------------------------------------
 
-// 邮箱验证码登录 hook
 export function useEmailLogin() {
   const queryClient = useQueryClient();
   const router = useRouter();
 
-  console.log('🔧 useEmailLogin hook 初始化');
-
   return useMutation({
     mutationKey: ['email-login'],
     mutationFn: async (params: EmailLoginParams) => {
-      console.log('🚀 [mutationFn] 开始执行 - 邮箱验证码登录');
-      console.log('🚀 [mutationFn] 接收到的参数:', params);
-
       const { email, code, redirectUrl } = params;
-      console.log('📧 邮箱验证码登录请求:', { email, code: code ? '***' : undefined, redirectUrl });
+      const { data, error } = await authApi.emailCodeLogin({ email, code });
 
-      try {
-        console.log('🌐 开始调用 authApi.emailCodeLogin...');
-
-        const { data, error } = await authApi.emailCodeLogin({ email, code });
-        console.log('🌐 API 调用完成:', { hasData: !!data, hasError: !!error });
-
-        if (error) {
-          console.error('❌ 邮箱验证码登录 API 错误:', error);
-          throw new Error(error);
-        }
-
-        if (!data || data.code !== 200) {
-          console.error('❌ 邮箱验证码登录响应错误:', data);
-          throw new Error(data?.message || '登录失败');
-        }
-
-        console.log('✅ 邮箱验证码登录成功, 返回数据');
+      if (error) {
+        throw new Error(error);
+      }
 
-        return { authData: data.data, redirectUrl };
-      } catch (err) {
-        console.error('❌ [mutationFn] 捕获到异常:', err);
-        throw err;
+      if (!data || data.code !== 200) {
+        throw new Error(data?.message ?? '登录失败');
       }
-    },
-    onMutate: (variables) => {
-      console.log('🔄 [onMutate] mutation 开始执行, 参数:', variables);
+
+      return { authData: data.data, redirectUrl };
     },
     onSuccess: async ({ authData, redirectUrl }) => {
-      console.log('✅ [onSuccess] mutation 成功回调');
       toast.success('登录成功！', {
         description: '正在获取用户资料...',
       });
@@ -114,22 +122,22 @@ export function useEmailLogin() {
       await handleAuthSuccess(authData, queryClient, router, redirectUrl);
     },
     onError: (error) => {
-      console.error('❌ [onError] mutation 错误回调:', error);
-      toast.error(error instanceof Error ? error.message : '登录失败');
-    },
-    onSettled: (data, error) => {
-      console.log('🏁 [onSettled] mutation 完成:', { hasData: !!data, hasError: !!error });
+      toast.error(getErrorMessage(error));
     },
   });
 }
 
-// GitHub 登录 hook
+// ---------------------------------------------------------------------------
+// GitHub OAuth 登录
+// ---------------------------------------------------------------------------
+
 export function useGitHubLogin() {
   const queryClient = useQueryClient();
   const router = useRouter();
 
   return useMutation({
-    mutationFn: async ({ code, redirectUrl }: GitHubCallbackParams & { redirectUrl?: string }) => {
+    mutationKey: ['github-login'],
+    mutationFn: async ({ code, redirectUrl }: GitHubCallbackParams) => {
       const { data, error } = await authApi.githubCallback(code);
 
       if (error) {
@@ -137,139 +145,100 @@ export function useGitHubLogin() {
       }
 
       if (!data || data.code !== 200) {
-        throw new Error(data?.message || 'GitHub登录失败');
+        throw new Error(data?.message ?? 'GitHub 登录失败');
       }
 
       return { authData: data.data, redirectUrl };
     },
     onSuccess: async ({ authData, redirectUrl }) => {
-      toast.success('GitHub登录成功！', {
-        description: '正在获取用户资料...',
-      });
+      toast.success('GitHub 登录成功！', { description: '正在获取用户资料...' });
 
       await handleAuthSuccess(authData, queryClient, router, redirectUrl);
     },
     onError: (error) => {
-      console.error('GitHub登录失败:', error);
-      toast.error(error instanceof Error ? error.message : 'GitHub登录失败');
+      toast.error(getErrorMessage(error));
     },
   });
 }
 
-// 通用的 Token 登录 hook（用于直接 token 认证）
+// ---------------------------------------------------------------------------
+// Token 直连登录（如 OAuth 回调带 token）
+// ---------------------------------------------------------------------------
+
 export function useTokenLogin() {
   const queryClient = useQueryClient();
   const router = useRouter();
 
   return useMutation({
+    mutationKey: ['token-login'],
     mutationFn: async ({
       authData,
       redirectUrl,
     }: {
       authData: AuthResponse;
       redirectUrl?: string;
-    }) => {
-      return { authData, redirectUrl };
-    },
+    }) => ({ authData, redirectUrl }),
     onSuccess: async ({ authData, redirectUrl }) => {
-      toast.success('登录成功！', {
-        description: '正在获取用户资料...',
-      });
+      toast.success('登录成功！', { description: '正在获取用户资料...' });
 
       await handleAuthSuccess(authData, queryClient, router, redirectUrl);
     },
     onError: (error) => {
-      console.error('Token登录失败:', error);
-      toast.error(error instanceof Error ? error.message : '登录失败');
+      toast.error(getErrorMessage(error));
     },
   });
 }
 
-// 邮箱密码登录参数（扩展）
-interface EmailPasswordLoginParams {
-  email: string;
-  password: string;
-  redirectUrl?: string;
-}
+// ---------------------------------------------------------------------------
+// 邮箱密码登录
+// ---------------------------------------------------------------------------
 
-// 邮箱密码登录 hook
 export function useEmailPasswordLogin() {
   const queryClient = useQueryClient();
   const router = useRouter();
 
-  console.log('🔧 useEmailPasswordLogin hook 初始化');
-
   return useMutation({
     mutationKey: ['password-login'],
     mutationFn: async (params: EmailPasswordLoginParams) => {
-      console.log('🚀 [mutationFn] 开始执行 - 邮箱密码登录');
-      console.log('🚀 [mutationFn] 接收到的参数:', { ...params, password: '***' });
-
       const { email, password, redirectUrl } = params;
-      console.log('🔐 邮箱密码登录请求:', {
+      const { data, error } = await authApi.emailPasswordLogin({
         email,
-        password: password ? '***' : undefined,
-        redirectUrl,
+        password,
       });
 
-      try {
-        console.log('🌐 开始调用 authApi.emailPasswordLogin...');
-
-        const { data, error } = await authApi.emailPasswordLogin({ email, password });
-        console.log('🌐 API 调用完成:', { hasData: !!data, hasError: !!error });
-
-        if (error) {
-          console.error('❌ 邮箱密码登录 API 错误:', error);
-          throw new Error(error);
-        }
-
-        if (!data || data.code !== 200) {
-          console.error('❌ 邮箱密码登录响应错误:', data);
-          throw new Error(data?.message || '登录失败');
-        }
-
-        console.log('✅ 邮箱密码登录成功');
+      if (error) {
+        throw new Error(error);
+      }
 
-        return { authData: data.data, redirectUrl };
-      } catch (err) {
-        console.error('❌ [mutationFn] 捕获到异常:', err);
-        throw err;
+      if (!data || data.code !== 200) {
+        throw new Error(data?.message ?? '登录失败');
       }
-    },
-    onMutate: (variables) => {
-      console.log('🔄 [onMutate] mutation 开始执行, 参数:', { ...variables, password: '***' });
+
+      return { authData: data.data, redirectUrl };
     },
     onSuccess: async ({ authData, redirectUrl }) => {
-      console.log('✅ [onSuccess] mutation 成功回调');
       toast.success('登录成功！', { description: '正在获取用户资料...' });
+
       await handleAuthSuccess(authData, queryClient, router, redirectUrl);
     },
     onError: (error) => {
-      console.error('❌ [onError] mutation 错误回调:', error);
-      toast.error(error instanceof Error ? error.message : '登录失败');
-    },
-    onSettled: (data, error) => {
-      console.log('🏁 [onSettled] mutation 完成:', { hasData: !!data, hasError: !!error });
+      toast.error(getErrorMessage(error));
     },
   });
 }
 
-// 使用公共类型 EmailPasswordRegisterParams（src/types/auth.ts）
+// ---------------------------------------------------------------------------
+// 邮箱密码注册
+// ---------------------------------------------------------------------------
 
-// 邮箱密码注册 hook
 export function useEmailPasswordRegister() {
   const queryClient = useQueryClient();
   const router = useRouter();
 
   return useMutation({
+    mutationKey: ['email-register'],
     mutationFn: async (params: EmailPasswordRegisterParams) => {
       const { email, password, confirmPassword, redirectUrl } = params;
-      console.log('👤 邮箱密码注册请求:', {
-        email,
-        password: password ? '***' : undefined,
-        confirmPassword: confirmPassword ? '***' : undefined,
-      });
-
       const { data, error } = await authApi.emailPasswordRegister({
         email,
         password,
@@ -277,30 +246,30 @@ export function useEmailPasswordRegister() {
       });
 
       if (error) {
-        console.error('❌ 邮箱密码注册 API 错误:', error);
         throw new Error(error);
       }
 
       if (!data || data.code !== 200) {
-        console.error('❌ 邮箱密码注册响应错误:', data);
-        throw new Error(data?.message || '注册失败');
+        throw new Error(data?.message ?? '注册失败');
       }
 
-      console.log('✅ 邮箱密码注册成功');
-
       return { authData: data.data, redirectUrl };
     },
     onSuccess: async ({ authData, redirectUrl }) => {
       if (authData?.token) {
-        toast.success('注册成功，已自动登录！', { description: '正在获取用户资料...' });
+        toast.success('注册成功，已自动登录！', {
+          description: '正在获取用户资料...',
+        });
+
         await handleAuthSuccess(authData, queryClient, router, redirectUrl);
       } else {
-        toast.success('注册成功！', { description: '请使用邮箱密码进行登录' });
+        toast.success('注册成功！', {
+          description: '请使用邮箱密码进行登录',
+        });
       }
     },
     onError: (error) => {
-      console.error('❌ 邮箱密码注册失败:', error);
-      toast.error(error instanceof Error ? error.message : '注册失败');
+      toast.error(getErrorMessage(error));
     },
   });
 }
diff --git a/apps/DocFlow/src/types/auth.ts b/apps/DocFlow/src/types/auth.ts
index e5a92486..65592485 100644
--- a/apps/DocFlow/src/types/auth.ts
+++ b/apps/DocFlow/src/types/auth.ts
@@ -35,7 +35,7 @@ export interface AuthResponse {
   refresh_token?: string;
   expires_in?: number;
   refresh_expires_in?: number;
-  user?: User; // 可选，某些场景下（如从URL参数恢复token）可能没有user数据
+  user?: User;
 }
 
 // 发送验证码响应接口