diff --git a/src/auth/AuthProvider.tsx b/src/auth/AuthProvider.tsx
index f4586e1..0a7f3fd 100644
--- a/src/auth/AuthProvider.tsx
+++ b/src/auth/AuthProvider.tsx
@@ -36,6 +36,23 @@ export default function AuthProvider({ children }: { children: ReactNode }) {
   }, []);
 
   async function authenticate() {
+    // 本地开发免登录开关：.env 里设 VITE_DEV_BYPASS_AUTH=1 启用，仅 dev 生效
+    if (import.meta.env.DEV && import.meta.env.VITE_DEV_BYPASS_AUTH === '1') {
+      setState({
+        isLoading: false,
+        isAuthenticated: true,
+        user: {
+          userId: 'dev-local',
+          userName: '本地开发',
+          permissionLevel: 'full',
+          depName: '',
+          roles: ['所有权限', 'BI-SCHEDULE-OPT'],
+        },
+        error: null,
+      });
+      return;
+    }
+
     // 1. 检查 sessionStorage 中是否有 JWT
     const savedToken = sessionStorage.getItem('bi_jwt');
     if (savedToken) {
diff --git a/src/server/auth/middleware.ts b/src/server/auth/middleware.ts
index 7929be9..a535b2d 100644
--- a/src/server/auth/middleware.ts
+++ b/src/server/auth/middleware.ts
@@ -14,6 +14,21 @@ export async function authMiddleware(c: Context, next: Next) {
     return next();
   }
 
+  // 本地开发免登录开关：.env 里设 DEV_BYPASS_AUTH=1 启用
+  if (process.env.DEV_BYPASS_AUTH === '1') {
+    const devUser: AuthUser = {
+      userId: 'dev-local',
+      userName: '本地开发',
+      loginName: 'dev-local',
+      depCode: '',
+      depName: '',
+      permissionLevel: 'full',
+      roles: ['所有权限', 'BI-SCHEDULE-OPT'],
+    };
+    c.set('user', devUser);
+    return next();
+  }
+
   // 跳过不需要认证的路径
   if (path === '/api/health' || path.startsWith('/api/auth/')) {
     return next();
diff --git a/src/vite-env.d.ts b/src/vite-env.d.ts
new file mode 100644
index 0000000..11f02fe
--- /dev/null
+++ b/src/vite-env.d.ts
@@ -0,0 +1 @@
+/// <reference types="vite/client" />