diff --git a/src/lib/auth/token.ts b/src/lib/auth/token.ts
index e37ce2f..cedb038 100644
--- a/src/lib/auth/token.ts
+++ b/src/lib/auth/token.ts
@@ -17,6 +17,7 @@ function generateDeviceId(): string {
   return `did_${timestamp}_${randomStr}_${browserInfo}`.toLowerCase();
 }
 
+const cookieSecure = false;
 export const tokenManager = {
   // 获取token - 支持客户端和服务端
   getToken: (cookieString?: string): string | null => {
@@ -84,7 +85,7 @@ export const tokenManager = {
     if (typeof window !== 'undefined') {
       Cookies.set(TOKEN_COOKIE_NAME, token, {
         expires: 365,
-        secure: false,
+        secure: cookieSecure,
         sameSite: 'lax',
       });
     }
@@ -96,7 +97,7 @@ export const tokenManager = {
       // 设置cookie，365天过期（设备ID应该长期保存）
       Cookies.set(DEVICE_ID_COOKIE_NAME, deviceId, {
         expires: 365,
-        secure: false,
+        secure: cookieSecure,
         sameSite: 'lax',
       });
     }
@@ -108,7 +109,7 @@ export const tokenManager = {
       console.log('remove token');
       // 删除cookie时需要指定与设置时相同的选项
       Cookies.remove(TOKEN_COOKIE_NAME, {
-        secure: process.env.NODE_ENV === 'production',
+        secure: cookieSecure,
         sameSite: 'lax',
         path: '/',
       });
@@ -122,7 +123,7 @@ export const tokenManager = {
   clearAll: (): void => {
     if (typeof window !== 'undefined') {
       const cookieOptions = {
-        secure: process.env.NODE_ENV === 'production',
+        secure: cookieSecure,
         sameSite: 'lax' as const,
         path: '/',
       };