diff --git a/package-lock.json b/package-lock.json
index 1bc662b..8d0abba 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -10,15 +10,18 @@
       "license": "MIT",
       "dependencies": {
         "@remixicon/vue": "^4.7.0",
+        "@types/js-cookie": "^3.0.6",
         "@vueuse/core": "^14.1.0",
         "axios": "^1.13.2",
         "browser-use-sdk": "^2.0.12",
         "bytenode": "^1.5.7",
         "crypto": "^1.0.1",
+        "dexie": "^4.2.1",
         "dotenv-cli": "^11.0.0",
         "electron-log": "^5.4.3",
         "electron-squirrel-startup": "^1.0.1",
         "element-plus": "^2.12.0",
+        "js-cookie": "^3.0.5",
         "lodash-es": "^4.17.21",
         "log4js": "^6.9.1",
         "pinia": "^2.3.1",
@@ -2885,6 +2888,12 @@
       "dev": true,
       "license": "MIT"
     },
+    "node_modules/@types/js-cookie": {
+      "version": "3.0.6",
+      "resolved": "https://registry.npmjs.org/@types/js-cookie/-/js-cookie-3.0.6.tgz",
+      "integrity": "sha512-wkw9yd1kEXOPnvEeEV1Go1MmxtBJL0RR79aOTAApecWFVu7w0NNXNqhcWgvw2YgZDYadliXkl14pa3WXw5jlCQ==",
+      "license": "MIT"
+    },
     "node_modules/@types/json-schema": {
       "version": "7.0.15",
       "resolved": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz",
@@ -4605,6 +4614,12 @@
       "license": "MIT",
       "optional": true
     },
+    "node_modules/dexie": {
+      "version": "4.2.1",
+      "resolved": "https://registry.npmjs.org/dexie/-/dexie-4.2.1.tgz",
+      "integrity": "sha512-Ckej0NS6jxQ4Po3OrSQBFddayRhTCic2DoCAG5zacOfOVB9P2Q5Xc5uL/nVa7ZVs+HdMnvUPzLFCB/JwpB6Csg==",
+      "license": "Apache-2.0"
+    },
     "node_modules/dir-compare": {
       "version": "4.2.0",
       "resolved": "https://registry.npmjs.org/dir-compare/-/dir-compare-4.2.0.tgz",
@@ -6996,6 +7011,15 @@
         "jiti": "lib/jiti-cli.mjs"
       }
     },
+    "node_modules/js-cookie": {
+      "version": "3.0.5",
+      "resolved": "https://registry.npmjs.org/js-cookie/-/js-cookie-3.0.5.tgz",
+      "integrity": "sha512-cEiJEAEoIbWfCZYKWhVwFuvPX1gETRYPw6LlaTKoxD3s2AkXzkCjnp6h0V77ozyqj0jakteJ4YqDJT830+lVGw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=14"
+      }
+    },
     "node_modules/js-tokens": {
       "version": "9.0.1",
       "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-9.0.1.tgz",
diff --git a/package.json b/package.json
index f04b9da..75c013f 100644
--- a/package.json
+++ b/package.json
@@ -47,15 +47,18 @@
   },
   "dependencies": {
     "@remixicon/vue": "^4.7.0",
+    "@types/js-cookie": "^3.0.6",
     "@vueuse/core": "^14.1.0",
     "axios": "^1.13.2",
     "browser-use-sdk": "^2.0.12",
     "bytenode": "^1.5.7",
     "crypto": "^1.0.1",
+    "dexie": "^4.2.1",
     "dotenv-cli": "^11.0.0",
     "electron-log": "^5.4.3",
     "electron-squirrel-startup": "^1.0.1",
     "element-plus": "^2.12.0",
+    "js-cookie": "^3.0.5",
     "lodash-es": "^4.17.21",
     "log4js": "^6.9.1",
     "pinia": "^2.3.1",
diff --git a/src/renderer/main.ts b/src/renderer/main.ts
index aa0d98a..69a5fbc 100644
--- a/src/renderer/main.ts
+++ b/src/renderer/main.ts
@@ -6,6 +6,7 @@ import App from "./App.vue";
 import ElementPlus from 'element-plus'
 import 'element-plus/dist/index.css'
 import locale from 'element-plus/es/locale/lang/zh-cn'
+import './permission'
 
 // 创建 Vue 应用实例
 const app = createApp(App);
diff --git a/src/renderer/permission.ts b/src/renderer/permission.ts
new file mode 100644
index 0000000..055d4d4
--- /dev/null
+++ b/src/renderer/permission.ts
@@ -0,0 +1,29 @@
+import router from './router'
+import { isPathMatch } from '@utils/validate'
+import { getToken } from '@utils/auth'
+
+// 白名单
+const whiteList = ['/login', '/register']
+
+const isWhiteList = (path: string) => whiteList.some(pattern => isPathMatch(pattern, path))
+
+router.beforeEach((to: any, _from: any, next: any) => {
+  if(getToken()) {
+    // has token
+    if (to.path === '/login') {
+      next({path: '/home'})
+    } else if (isWhiteList(to.path)) {
+      next()
+    } else {
+
+    }
+  } else {
+    // no token
+    if (isWhiteList(to.path)) {
+      // 在免登录白名单，直接进入
+      next()
+    } else {
+      next(`/login?redirect=${to.fullPath}`) // 否则全部重定向到登录页
+    }
+  }
+})
diff --git a/src/renderer/utils/auth.ts b/src/renderer/utils/auth.ts
new file mode 100644
index 0000000..0cfb272
--- /dev/null
+++ b/src/renderer/utils/auth.ts
@@ -0,0 +1,15 @@
+import Cookies from 'js-cookie'
+
+const TokenKey = 'Nianxx-Token'
+
+export function getToken() {
+  return Cookies.get(TokenKey)
+}
+
+export function setToken(token: string) {
+  return Cookies.set(TokenKey, token)
+}
+
+export function removeToken() {
+  return Cookies.remove(TokenKey)
+}
\ No newline at end of file
diff --git a/src/renderer/utils/validate.ts b/src/renderer/utils/validate.ts
new file mode 100644
index 0000000..7448650
--- /dev/null
+++ b/src/renderer/utils/validate.ts
@@ -0,0 +1,12 @@
+/**
+ * 路径匹配器
+ * @param {string} pattern
+ * @param {string} path
+ * @returns {Boolean}
+ */
+export function isPathMatch(pattern: string, path: string): boolean {
+  const regexPattern = pattern.replace(/\//g, '\\/').replace(/\*\*/g, '.*').replace(/\*/g, '[^\\/]*')
+  const regex = new RegExp(`^${regexPattern}$`)
+
+  return regex.test(path)
+}
\ No newline at end of file