diff --git a/cmd/dashboard/controller/oauth2.go b/cmd/dashboard/controller/oauth2.go
index 2a418ad..acb0218 100644
--- a/cmd/dashboard/controller/oauth2.go
+++ b/cmd/dashboard/controller/oauth2.go
@@ -65,6 +65,8 @@ func oauth2redirect(c *gin.Context) (*model.Oauth2LoginResponse, error) {
 		RedirectURL: redirectURL,
 	}, cache.DefaultExpiration)
 
+	url := o2conf.AuthCodeURL(state, oauth2.AccessTypeOnline)
+	// CodeQL go/cookie-secure-not-set: 根据请求协议动态设置 Secure 属性，避免 HTTP 环境下 Cookie 无法使用
 	c.SetCookie("nz-o2s", stateKey, 60*5, "", "", c.Request.URL.Scheme == "https" || c.Request.TLS != nil, false)
 
 	return &model.Oauth2LoginResponse{Redirect: url}, nil