diff --git a/src/app/admin/page.tsx b/src/app/admin/page.tsx
index a34ff52..931733a 100644
--- a/src/app/admin/page.tsx
+++ b/src/app/admin/page.tsx
@@ -23,7 +23,7 @@ import {
 import { CSS } from '@dnd-kit/utilities';
 import { ChevronDown, ChevronUp, Settings, Users, Video } from 'lucide-react';
 import { GripVertical } from 'lucide-react';
-import { useCallback, useEffect, useState } from 'react';
+import { Suspense, useCallback, useEffect, useState } from 'react';
 import Swal from 'sweetalert2';
 
 import { AdminConfig, AdminConfigResult } from '@/lib/admin.types';
@@ -1005,7 +1005,7 @@ const SiteConfigComponent = ({ config }: { config: AdminConfig | null }) => {
   );
 };
 
-export default function AdminPage() {
+function AdminPageClient() {
   const [config, setConfig] = useState<AdminConfig | null>(null);
   const [loading, setLoading] = useState(true);
   const [error, setError] = useState<string | null>(null);
@@ -1200,3 +1200,11 @@ export default function AdminPage() {
     </PageLayout>
   );
 }
+
+export default function AdminPage() {
+  return (
+    <Suspense>
+      <AdminPageClient />
+    </Suspense>
+  );
+}
diff --git a/src/app/api/login/route.ts b/src/app/api/login/route.ts
index f47208f..0078be7 100644
--- a/src/app/api/login/route.ts
+++ b/src/app/api/login/route.ts
@@ -41,9 +41,15 @@ async function generateSignature(
 // 生成认证Cookie（带签名）
 async function generateAuthCookie(
   username?: string,
-  password?: string
+  password?: string,
+  includePassword = false
 ): Promise<string> {
-  const authData: any = { password };
+  const authData: any = {};
+
+  // 只在需要时包含 password
+  if (includePassword && password) {
+    authData.password = password;
+  }
 
   if (username && process.env.PASSWORD) {
     authData.username = username;
@@ -90,7 +96,7 @@ export async function POST(req: NextRequest) {
 
       // 验证成功，设置认证cookie
       const response = NextResponse.json({ ok: true });
-      const cookieValue = await generateAuthCookie(undefined, password);
+      const cookieValue = await generateAuthCookie(undefined, password, true); // localstorage 模式包含 password
       const expires = new Date();
       expires.setDate(expires.getDate() + 7); // 7天过期
 
@@ -120,7 +126,7 @@ export async function POST(req: NextRequest) {
     ) {
       // 验证成功，设置认证cookie
       const response = NextResponse.json({ ok: true });
-      const cookieValue = await generateAuthCookie(username, password);
+      const cookieValue = await generateAuthCookie(username, password, false); // 数据库模式不包含 password
       const expires = new Date();
       expires.setDate(expires.getDate() + 7); // 7天过期
 
@@ -153,7 +159,7 @@ export async function POST(req: NextRequest) {
 
       // 验证成功，设置认证cookie
       const response = NextResponse.json({ ok: true });
-      const cookieValue = await generateAuthCookie(username, password);
+      const cookieValue = await generateAuthCookie(username, password, false); // 数据库模式不包含 password
       const expires = new Date();
       expires.setDate(expires.getDate() + 7); // 7天过期
 
diff --git a/src/app/api/register/route.ts b/src/app/api/register/route.ts
index 0e37d2d..603a984 100644
--- a/src/app/api/register/route.ts
+++ b/src/app/api/register/route.ts
@@ -39,12 +39,8 @@ async function generateSignature(
 }
 
 // 生成认证Cookie（带签名）
-async function generateAuthCookie(
-  username: string,
-  password: string
-): Promise<string> {
+async function generateAuthCookie(username: string): Promise<string> {
   const authData: any = {
-    password,
     username,
     timestamp: Date.now(),
   };
@@ -105,7 +101,7 @@ export async function POST(req: NextRequest) {
 
       // 注册成功，设置认证cookie
       const response = NextResponse.json({ ok: true });
-      const cookieValue = await generateAuthCookie(username, password);
+      const cookieValue = await generateAuthCookie(username);
       const expires = new Date();
       expires.setDate(expires.getDate() + 7); // 7天过期
 
diff --git a/src/lib/runtime.ts b/src/lib/runtime.ts
index 68e754e..866f43e 100644
--- a/src/lib/runtime.ts
+++ b/src/lib/runtime.ts
@@ -4,6 +4,11 @@
 export const config = {
   cache_time: 7200,
   api_site: {
+    dyttzy: {
+      api: 'http://caiji.dyttzyapi.com/api.php/provide/vod',
+      name: '电影天堂资源',
+      detail: 'http://caiji.dyttzyapi.com',
+    },
     heimuer: {
       api: 'https://json.heimuer.xyz/api.php/provide/vod',
       name: '黑木耳',
@@ -13,11 +18,6 @@ export const config = {
       api: 'https://cj.rycjapi.com/api.php/provide/vod',
       name: '如意资源',
     },
-    dyttzy: {
-      api: 'http://caiji.dyttzyapi.com/api.php/provide/vod',
-      name: '电影天堂资源',
-      detail: 'http://caiji.dyttzyapi.com',
-    },
     bfzy: {
       api: 'https://bfzyapi.com/api.php/provide/vod',
       name: '暴风资源',
diff --git a/src/middleware.ts b/src/middleware.ts
index 3c300fb..d9e5e13 100644
--- a/src/middleware.ts
+++ b/src/middleware.ts
@@ -146,10 +146,5 @@ function shouldSkipAuth(pathname: string): boolean {
 
 // 配置middleware匹配规则
 export const config = {
-  matcher: [
-    /*
-     * 匹配所有请求路径，除了静态文件
-     */
-    '/((?!_next/static|_next/image|favicon.ico).*)',
-  ],
+  matcher: ['/((?!_next/static|_next/image|favicon.ico|api).*)'],
 };