diff --git "a/1.9Vercel_GithubAuth/InvolutionHell\347\232\204github\347\231\273\345\275\225\351\203\250\347\275\262\351\205\215\347\275\256.docx" "b/1.9Vercel_GithubAuth/InvolutionHell\347\232\204github\347\231\273\345\275\225\351\203\250\347\275\262\351\205\215\347\275\256.docx"
new file mode 100644
index 0000000..eed9cca
Binary files /dev/null and "b/1.9Vercel_GithubAuth/InvolutionHell\347\232\204github\347\231\273\345\275\225\351\203\250\347\275\262\351\205\215\347\275\256.docx" differ
diff --git a/auth.config.ts b/auth.config.ts
index 351a38d..6813b1d 100644
--- a/auth.config.ts
+++ b/auth.config.ts
@@ -3,11 +3,13 @@ import GitHub from "next-auth/providers/github";
 
 // 在本地开发环境允许没有 .env 的协作者运行站点，因此先尝试读取两个常见的密钥变量，缺失时再使用内置的开发兜底值。
 const envSecret = process.env.AUTH_SECRET ?? process.env.NEXTAUTH_SECRET;
+
+// 开发环境允许兜底，生产环境必须显式配置
 const secret =
   envSecret ??
-  (process.env.NODE_ENV !== "production"
-    ? "__involutionhell_dev_secret__"
-    : undefined);
+  (process.env.NODE_ENV === "production"
+    ? undefined
+    : "__involutionhell_dev_secret__");
 
 if (!envSecret && process.env.NODE_ENV !== "production") {
   console.warn(
@@ -15,11 +17,12 @@ if (!envSecret && process.env.NODE_ENV !== "production") {
   );
 }
 
-if (!secret) {
-  throw new Error("[auth] AUTH_SECRET is required in production environments");
+if (process.env.NODE_ENV === "production" && !envSecret) {
+  throw new Error("[auth] AUTH_SECRET (or NEXTAUTH_SECRET) must be set in production");
 }
 
 export const authConfig = {
+  providers: [],
   secret,
   pages: {
     signIn: "/login",
@@ -69,16 +72,5 @@ export const authConfig = {
       return extendedToken;
     },
   },
-  providers: [
-    GitHub({
-      profile(profile) {
-        return {
-          id: profile.id.toString(),
-          name: profile.name ?? profile.login,
-          email: profile.email,
-          image: profile.avatar_url,
-        };
-      },
-    }),
-  ],
+
 } satisfies NextAuthConfig;