diff --git a/src/config/async-route.ts b/src/config/async-route.ts
index d8c2317..c22dd60 100644
--- a/src/config/async-route.ts
+++ b/src/config/async-route.ts
@@ -8,14 +8,14 @@ interface IAsyncRouteSettings {
   open: boolean
   /** 当动态路由功能关闭时：
    * 1. 应该将所有路由都写到常驻路由里面（表明所有登陆的用户能访问的页面都是一样的）
-   * 2. 系统自动给当前登录用户赋值一个默认的角色（默认为 admin，拥有所有页面权限）
+   * 2. 系统自动给当前登录用户赋值一个没有任何作用的默认角色
    */
   defaultRoles: Array<string>
 }
 
 const asyncRouteSettings: IAsyncRouteSettings = {
   open: true,
-  defaultRoles: ["admin"]
+  defaultRoles: ["DEFAULT_ROLE"]
 }
 
 export default asyncRouteSettings
diff --git a/src/store/modules/permission.ts b/src/store/modules/permission.ts
index fc5e044..723fcf0 100644
--- a/src/store/modules/permission.ts
+++ b/src/store/modules/permission.ts
@@ -3,6 +3,7 @@ import store from "@/store"
 import { defineStore } from "pinia"
 import { type RouteRecordRaw } from "vue-router"
 import { constantRoutes, asyncRoutes } from "@/router"
+import asyncRouteSettings from "@/config/async-route"
 
 const hasPermission = (roles: string[], route: RouteRecordRaw) => {
   if (route.meta && route.meta.roles) {
@@ -38,7 +39,7 @@ export const usePermissionStore = defineStore("permission", () => {
 
   const setRoutes = (roles: string[]) => {
     let accessedRoutes
-    if (roles.includes("admin")) {
+    if (!asyncRouteSettings.open) {
       accessedRoutes = asyncRoutes
     } else {
       accessedRoutes = filterAsyncRoutes(asyncRoutes, roles)
diff --git a/src/store/modules/user.ts b/src/store/modules/user.ts
index 5162341..97bd4bd 100644
--- a/src/store/modules/user.ts
+++ b/src/store/modules/user.ts
@@ -8,6 +8,7 @@ import router, { resetRouter } from "@/router"
 import { loginApi, getUserInfoApi } from "@/api/login"
 import { type ILoginRequestData } from "@/api/login/types/login"
 import { type RouteRecordRaw } from "vue-router"
+import asyncRouteSettings from "@/config/async-route"
 
 export const useUserStore = defineStore("user", () => {
   const token = ref<string>(getToken() || "")
@@ -44,8 +45,15 @@ export const useUserStore = defineStore("user", () => {
     return new Promise((resolve, reject) => {
       getUserInfoApi()
         .then((res) => {
-          roles.value = res.data.roles
-          username.value = res.data.username
+          const data = res.data
+          username.value = data.username
+          // 验证返回的 roles 是否是一个非空数组
+          if (data.roles && data.roles.length > 0) {
+            roles.value = data.roles
+          } else {
+            // 塞入一个没有任何作用的默认角色，不然路由守卫逻辑会无限循环
+            roles.value = asyncRouteSettings.defaultRoles
+          }
           resolve(res)
         })
         .catch((error) => {