diff --git a/src/oauth/server.go b/src/oauth/server.go
index 87c04a5c2..3be24941e 100644
--- a/src/oauth/server.go
+++ b/src/oauth/server.go
@@ -846,18 +846,17 @@ func HandleAuthorizeRequest(c *gin.Context) {
 	// 检查用户会话（要求已登录）
 	sess := sessions.Default(c)
 	uidVal := sess.Get("id")
-	if uidVal == nil {
-		if mode == "prepare" {
-			c.JSON(http.StatusUnauthorized, gin.H{"error": "login_required"})
-			return
-		}
-		// 重定向到前端登录后回到同意页
-		consentPath := "/oauth/consent?" + c.Request.URL.RawQuery
-		loginPath := "/login?next=" + url.QueryEscape(consentPath)
-		writeNoStore(c)
-		c.Redirect(http.StatusFound, loginPath)
-		return
-	}
+    if uidVal == nil {
+        if mode == "prepare" {
+            c.JSON(http.StatusUnauthorized, gin.H{"error": "login_required"})
+            return
+        }
+        // 直接跳转到同意页，由前端在需要时引导登录，避免已登录用户被/login重定向到/console
+        consentPath := "/oauth/consent?" + c.Request.URL.RawQuery
+        writeNoStore(c)
+        c.Redirect(http.StatusFound, consentPath)
+        return
+    }
 	userID, _ := uidVal.(int)
 	if userID == 0 {
 		// 某些 session 库会将数字解码为 int64
diff --git a/web/src/components/auth/LoginForm.jsx b/web/src/components/auth/LoginForm.jsx
index 32087ab02..b3d1d7461 100644
--- a/web/src/components/auth/LoginForm.jsx
+++ b/web/src/components/auth/LoginForm.jsx
@@ -176,7 +176,11 @@ const LoginForm = () => {
               centered: true,
             });
           }
-          navigate('/console');
+          // 优先跳回 next（仅允许相对路径）
+          const sp = new URLSearchParams(window.location.search);
+          const next = sp.get('next');
+          const isSafeInternalPath = next && next.startsWith('/') && !next.startsWith('//');
+          navigate(isSafeInternalPath ? next : '/console');
         } else {
           showError(message);
         }
@@ -286,7 +290,10 @@ const LoginForm = () => {
     setUserData(data);
     updateAPI();
     showSuccess('登录成功！');
-    navigate('/console');
+    const sp = new URLSearchParams(window.location.search);
+    const next = sp.get('next');
+    const isSafeInternalPath = next && next.startsWith('/') && !next.startsWith('//');
+    navigate(isSafeInternalPath ? next : '/console');
   };
 
   // 返回登录页面
diff --git a/web/src/helpers/auth.jsx b/web/src/helpers/auth.jsx
index d841afed7..b84aeeff2 100644
--- a/web/src/helpers/auth.jsx
+++ b/web/src/helpers/auth.jsx
@@ -36,7 +36,11 @@ export const AuthRedirect = ({ children }) => {
   const user = localStorage.getItem('user');
 
   if (user) {
-    return <Navigate to='/console' replace />;
+    // 优先使用登录页上的 next 参数（仅允许站内相对路径）
+    const sp = new URLSearchParams(window.location.search);
+    const next = sp.get('next');
+    const isSafeInternalPath = next && next.startsWith('/') && !next.startsWith('//');
+    return <Navigate to={isSafeInternalPath ? next : '/console'} replace />;
   }
 
   return children;