diff --git a/backend/internal/workflow/workflow.go b/backend/internal/workflow/workflow.go
index aa17387..02bf4eb 100644
--- a/backend/internal/workflow/workflow.go
+++ b/backend/internal/workflow/workflow.go
@@ -245,7 +245,12 @@ func RunNode(node *WorkflowNode, ctx *ExecutionContext) error {
 			var wg sync.WaitGroup
 			errChan := make(chan error, len(node.ConditionNodes))
 			for _, branch := range node.ConditionNodes {
-				branch.ChildNode.Config["fromNodeData"] = node.Config["fromNodeData"]
+				if branch.ChildNode != nil {
+					if branch.ChildNode.ChildNode == nil {
+						branch.ChildNode.Config = make(map[string]any)
+					}
+					branch.ChildNode.Config["fromNodeData"] = node.Config["fromNodeData"]
+				}
 				wg.Add(1)
 				go func(node *WorkflowNode) {
 					defer wg.Done()
@@ -271,6 +276,9 @@ func RunNode(node *WorkflowNode, ctx *ExecutionContext) error {
 			for _, branch := range node.ConditionNodes {
 				if branch.Config["type"] == string(lastStatus) {
 					if branch.ChildNode != nil {
+						if branch.ChildNode.Config == nil {
+							branch.ChildNode.Config = make(map[string]any)
+						}
 						fromNodeData, ok := ctx.GetOutput(node.Config["fromNodeId"].(string))
 						if !ok {
 							fromNodeData = nil
diff --git a/backend/middleware/auth.go b/backend/middleware/auth.go
index 8030beb..a204dd2 100644
--- a/backend/middleware/auth.go
+++ b/backend/middleware/auth.go
@@ -33,6 +33,11 @@ func SessionAuthMiddleware() gin.HandlerFunc {
 		session := sessions.Default(c)
 		now := time.Now()
 		gob.Register(time.Time{})
+		if public.Secure == "" && session.Get("secure") == nil {
+			session.Set("secure", true)
+			session.Set("lastRequestTime", now)
+			session.Save()
+		}
 		last := session.Get("lastRequestTime")
 
 		if routePath == public.Secure {
diff --git a/cmd/main.go b/cmd/main.go
index c9acb87..e382a5c 100644
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -39,7 +39,11 @@ func main() {
 				if public.GetSettingIgnoreError("https") == "1" {
 					http = "https"
 				}
-				url := fmt.Sprintf("%s://127.0.0.1:%s%s", http, public.Port, public.Secure)
+				secure := "/login"
+				if public.Secure != "" {
+					secure = public.Secure
+				}
+				url := fmt.Sprintf("%s://127.0.0.1:%s%s", http, public.Port, secure)
 				err := exec.Command("rundll32", "url.dll,FileProtocolHandler", url).Start()
 				if err != nil {
 					fmt.Println("无法打开浏览器，请手动访问：", url)