diff --git a/backend/app/api/login.go b/backend/app/api/login.go
index 27cd076..c69bf7d 100644
--- a/backend/app/api/login.go
+++ b/backend/app/api/login.go
@@ -24,7 +24,7 @@ func Sign(c *gin.Context) {
 	}
 	form.Username = strings.TrimSpace(form.Username)
 	form.Code = strings.TrimSpace(form.Code)
-	
+
 	// 从数据库拿用户
 	s, err := public.NewSqlite("data/data.db", "")
 	if err != nil {
@@ -41,10 +41,10 @@ func Sign(c *gin.Context) {
 		public.FailMsg(c, err.Error())
 		return
 	}
-	
+
 	session := sessions.Default(c)
 	now := time.Now()
-	
+
 	loginErrCount := session.Get("__loginErrCount")
 	loginErrEnd := session.Get("__loginErrEnd")
 	ErrCount := 0
@@ -57,9 +57,9 @@ func Sign(c *gin.Context) {
 	if __loginErrEnd, ok := loginErrEnd.(time.Time); ok {
 		ErrEnd = __loginErrEnd
 	}
-	
+
 	// fmt.Println(ErrCount, ErrEnd)
-	
+
 	// 判断登录错误次数
 	switch {
 	case ErrCount >= 5:
@@ -91,7 +91,7 @@ func Sign(c *gin.Context) {
 			}
 		}
 	}
-	
+
 	// 判断用户是否存在
 	if len(res) == 0 {
 		session.Set("__loginErrCount", ErrCount+1)
@@ -117,7 +117,7 @@ func Sign(c *gin.Context) {
 	keyMd5 := md5.Sum([]byte(passwd))
 	passwdMd5 := hex.EncodeToString(keyMd5[:])
 	// fmt.Println(passwdMd5)
-	
+
 	if res[0]["password"] != passwdMd5 {
 		session.Set("__loginErrCount", ErrCount+1)
 		session.Set("__loginErrEnd", now)
@@ -128,12 +128,12 @@ func Sign(c *gin.Context) {
 		public.FailMsg(c, "密码错误")
 		return
 	}
-	
+
 	// session := sessions.Default(c)
 	session.Set("__loginErrCount", 0)
 	session.Delete("__loginErrEnd")
 	session.Set("login", true)
-	session.Set("__login_key", public.GetSettingIgnoreError("login_key"))
+	session.Set("__login_key", public.LoginKey)
 	_ = session.Save()
 	// c.JSON(http.StatusOK, public.ResOK(0, nil, "登录成功"))
 	// 设置cookie
@@ -145,7 +145,7 @@ func Sign(c *gin.Context) {
 func GetCode(c *gin.Context) {
 	_, bs64, code, _ := public.GenerateCode()
 	session := sessions.Default(c)
-	
+
 	session.Set("_verifyCode", code)
 	_ = session.Save()
 	public.SuccessData(c, bs64, 0)
diff --git a/backend/internal/setting/setting.go b/backend/internal/setting/setting.go
index ff2f6b1..124630c 100644
--- a/backend/internal/setting/setting.go
+++ b/backend/internal/setting/setting.go
@@ -131,7 +131,7 @@ func Save(setting *Setting) error {
 		return nil
 	} else {
 		if reload {
-			s.Where("key = 'login_key'", []interface{}{}).Update(map[string]interface{}{"value": public.GenerateUUID()})
+			public.LoginKey = public.GenerateUUID()
 		}
 	}
 	return nil
diff --git a/backend/middleware/auth.go b/backend/middleware/auth.go
index 7d12d35..01c568d 100644
--- a/backend/middleware/auth.go
+++ b/backend/middleware/auth.go
@@ -26,7 +26,7 @@ func SessionAuthMiddleware() gin.HandlerFunc {
 		if checkApiKey(c) {
 			return
 		}
-		
+
 		routePath := c.Request.URL.Path
 		method := c.Request.Method
 		paths := strings.Split(strings.TrimPrefix(routePath, "/"), "/")
@@ -34,7 +34,7 @@ func SessionAuthMiddleware() gin.HandlerFunc {
 		now := time.Now()
 		gob.Register(time.Time{})
 		last := session.Get("lastRequestTime")
-		
+
 		if routePath == public.Secure {
 			if session.Get("secure") == nil {
 				// 访问安全入口，设置 session
@@ -97,13 +97,13 @@ func SessionAuthMiddleware() gin.HandlerFunc {
 							c.Abort()
 							return
 						} else {
-							if session.Get("__login_key") != public.GetSettingIgnoreError("login_key") {
+							if session.Get("__login_key") != public.LoginKey {
 								// session.Set("secure", true)
 								session.Set("login", nil)
 								session.Save()
 								// c.JSON(http.StatusUnauthorized, gin.H{"message": "登录信息发生变化，请重新登录"})
 								c.Redirect(http.StatusFound, "/login")
-								// c.Abort()
+								c.Abort()
 							} else {
 								// 访问正常，更新最后请求时间
 								session.Set("lastRequestTime", now)
@@ -169,7 +169,7 @@ func checkApiKey(c *gin.Context) bool {
 func generateSignature(timestamp, apiKey string) string {
 	keyMd5 := md5.Sum([]byte(apiKey))
 	keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:]))
-	
+
 	signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex))
 	signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:]))
 	return signMd5Hex
diff --git a/backend/migrations/init.go b/backend/migrations/init.go
index 675f593..ae9bcf2 100644
--- a/backend/migrations/init.go
+++ b/backend/migrations/init.go
@@ -178,7 +178,7 @@ func init() {
 	);
 
 	`)
-	insertDefaultData(db, "users", "INSERT INTO users (id, username, password, salt) VALUES (1, 'xxxx', 'xxxxxxx', '&*ghs^&%dag');")
+	insertDefaultData(db, "users", "INSERT INTO users (id, username, password, salt) VALUES (1, 'admin', 'xxxxxxx', '&*ghs^&%dag');")
 	insertDefaultData(db, "access_type", `
 	INSERT INTO access_type (name, type) VALUES ('aliyun', 'dns');
 	INSERT INTO access_type (name, type) VALUES ('tencentcloud', 'dns');
@@ -201,10 +201,9 @@ func init() {
 INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ( 'workflow_log_path', 'logs/workflows/', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
 INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ( 'timeout', '3600', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
 INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ( 'https', '0', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
-INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ( 'login_key', '%s', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
 INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ('session_key', '%s', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
 INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ('secure', '/%s', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
-INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ('port', '%d', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);`, uuidStr, uuidStr, randomStr, port)
+INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ('port', '%d', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);`, uuidStr, randomStr, port)
 
 	insertDefaultData(db, "settings", Isql)
 
diff --git a/backend/public/config.go b/backend/public/config.go
index 85d1240..70bbbb0 100644
--- a/backend/public/config.go
+++ b/backend/public/config.go
@@ -6,11 +6,12 @@ var Port = GetSettingIgnoreError("port")
 var Secure = GetSettingIgnoreError("secure")
 var SessionKey = GetSettingIgnoreError("session_key")
 var LogPath = GetSettingIgnoreError("log_path")
+var LoginKey = GenerateUUID()
 var TimeOut = func() int {
 	settingStr := GetSettingIgnoreError("timeout")
 	setting, err := strconv.Atoi(settingStr)
 	if err != nil {
-		return 300
+		return 3600
 	}
 	return setting
 }()
@@ -25,7 +26,7 @@ func ReloadConfig() {
 	settingStr := GetSettingIgnoreError("timeout")
 	setting, err := strconv.Atoi(settingStr)
 	if err != nil {
-		TimeOut = 300
+		TimeOut = 3600
 	} else {
 		TimeOut = setting
 	}
diff --git a/cmd/main.go b/cmd/main.go
index 57b382c..03a9646 100644
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -121,7 +121,8 @@ func main() {
 			fmt.Println(err)
 			return
 		}
-		public.UpdateSetting("login_key", public.GenerateUUID())
+		envVars["web"] = "restart"
+		err = control()
 		fmt.Println("用户名设置成功:", input)
 	case "6":
 		var input string
@@ -164,8 +165,8 @@ func main() {
 			fmt.Println(err)
 			return
 		}
-		public.UpdateSetting("login_key", public.GenerateUUID())
-
+		envVars["web"] = "restart"
+		err = control()
 		fmt.Println("密码设置成功:", input)
 	case "7":
 		var input string