diff --git a/.gitignore b/.gitignore
index c26082b..e8481af 100644
--- a/.gitignore
+++ b/.gitignore
@@ -214,3 +214,6 @@ test/
 hs_err_pid*
 replay_pid*
 
+
+# BitFun snapshot data - auto managed
+.bitfun/
diff --git a/server/cmd/api/main.go b/server/cmd/api/main.go
index d201312..c271e66 100644
--- a/server/cmd/api/main.go
+++ b/server/cmd/api/main.go
@@ -9,6 +9,7 @@ import (
 	"time"
 	"x-agents/server/internal/config"
 	"x-agents/server/internal/handler"
+	"x-agents/server/internal/middleware"
 	"x-agents/server/internal/model"
 	"x-agents/server/internal/repository"
 	"x-agents/server/internal/service"
@@ -70,13 +71,14 @@ func main() {
 	}
 
 	// 3. 自动迁移表
-	db.AutoMigrate(&model.DatabaseInfo{}, &model.SubTableInfo{}, &model.ModelInfo{}, &model.KnowledgeBase{}, &model.KnowledgeDocument{})
+	db.AutoMigrate(&model.DatabaseInfo{}, &model.SubTableInfo{}, &model.ModelInfo{}, &model.KnowledgeBase{}, &model.KnowledgeDocument{}, &model.User{}, &model.Role{})
 
 	// 4. 初始化 Repository
 	dbRepo := repository.NewDatabaseRepository(db)
 	subTableRepo := repository.NewSubTableRepository(db)
 	modelRepo := repository.NewModelRepository(db)
 	knowledgeRepo := repository.NewKnowledgeRepository(db)
+	userRepo := repository.NewUserRepository(db)
 
 	// 5. 初始化 Service
 	dbService := service.NewDatabaseService(dbRepo, subTableRepo)
@@ -88,6 +90,7 @@ func main() {
 		log.Printf("Warning: Failed to initialize upload service: %v (files will not be available)", err)
 	}
 	knowledgeService := service.NewKnowledgeService(knowledgeRepo, modelRepo, uploadService, cfg.PythonServiceURL, cfg.AICoreServiceAddr, cfg.MarkdownLocalPath)
+	authService := service.NewAuthService(cfg.JWTSecret, userRepo)
 
 	// 6. 初始化 Handler
 	dbHandler := handler.NewDatabaseHandler(dbService)
@@ -96,6 +99,7 @@ func main() {
 	modelHandler := handler.NewModelHandler(modelService)
 	systemHandler := handler.NewSystemHandler()
 	knowledgeHandler := handler.NewKnowledgeHandler(knowledgeService)
+	authHandler := handler.NewAuthHandler(authService)
 	var uploadHandler *handler.UploadHandler
 	if uploadService != nil {
 		uploadHandler = handler.NewUploadHandler(uploadService, knowledgeRepo)
@@ -144,6 +148,20 @@ func main() {
 		c.Next()
 	})
 
+	// 认证模块（无需登录）
+	authGroup := r.Group("/auth")
+	{
+		authGroup.POST("/register", authHandler.Register)
+		authGroup.POST("/login", authHandler.Login)
+	}
+
+	// 需要登录的认证模块
+	authProtectedGroup := r.Group("/auth")
+	authProtectedGroup.Use(middleware.Auth(cfg.JWTSecret))
+	{
+		authProtectedGroup.GET("/me", authHandler.GetCurrentUser)
+	}
+
 	// 数据库管理模块
 	databaseGroup := r.Group("/database")
 	{
diff --git a/server/internal/handler/auth_handler.go b/server/internal/handler/auth_handler.go
index 0c35032..9ea874c 100644
--- a/server/internal/handler/auth_handler.go
+++ b/server/internal/handler/auth_handler.go
@@ -78,3 +78,27 @@ func (h *AuthHandler) Register(c *gin.Context) {
 		"email":    user.Email,
 	})
 }
+
+// GetCurrentUser 获取当前登录用户信息
+func (h *AuthHandler) GetCurrentUser(c *gin.Context) {
+	userID, exists := c.Get("user_id")
+	if !exists {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "user not found in context"})
+		return
+	}
+
+	user, err := h.authService.GetUserByID(userID.(string))
+	if err != nil {
+		c.JSON(http.StatusNotFound, gin.H{"error": "user not found"})
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{
+		"id":        user.ID,
+		"username":  user.Username,
+		"email":     user.Email,
+		"role_id":   user.RoleID,
+		"is_active": user.IsActive,
+		"created_at": user.CreatedAt,
+	})
+}