diff --git a/cmd/cli.go b/cmd/cli.go
index 137e8e6..2267478 100644
--- a/cmd/cli.go
+++ b/cmd/cli.go
@@ -41,6 +41,9 @@ func GetCliFlags() (*FlareModel.Flags, *flags.FlagSet) {
 	// 其他
 	options.BoolVarP(&cliFlags.ShowVersion, "version", "v", false, "显示应用版本号")
 	options.BoolVarP(&cliFlags.ShowHelp, "help", "h", false, "显示帮助")
+	// Cookie
+	options.StringVarP(&cliFlags.CookieName, _KEY_COOKIE_NAME, _KEY_COOKIE_NAME_SHORT, FlareDefine.DEFAULT_COOKIE_NAME, "调整 Cookie 字段名称")
+	options.StringVarP(&cliFlags.CookieSecret, _KEY_COOKIE_SECRET, _KEY_COOKIE_SECRET_SHORT, FlareDefine.DEFAULT_COOKIE_SECRET, "调整 Cookie 密钥")
 
 	_ = options.Parse(os.Args)
 
@@ -130,6 +133,15 @@ func parseCLI(baseFlags FlareModel.Flags) FlareModel.Flags {
 		baseFlags.EnableEditor = cliFlags.EnableEditor
 	}
 
+	// 设置 Cookie 相关信息
+	if CheckFlagsExists(keys, []string{_KEY_COOKIE_NAME, _KEY_COOKIE_NAME_SHORT}) {
+		baseFlags.CookieName = cliFlags.CookieName
+	}
+
+	if CheckFlagsExists(keys, []string{_KEY_COOKIE_SECRET, _KEY_COOKIE_SECRET_SHORT}) {
+		baseFlags.CookieSecret = cliFlags.CookieSecret
+	}
+
 	// Forcibly disable `debug mode` in non-development mode
 	if strings.ToLower(version.Version) != "dev" {
 		baseFlags.DebugMode = false
diff --git a/cmd/define.go b/cmd/define.go
index 9021ba3..7a99a9c 100644
--- a/cmd/define.go
+++ b/cmd/define.go
@@ -29,4 +29,10 @@ const (
 
 	_KEY_DISABLE_CSP       = "disable_csp"
 	_KEY_DISABLE_CSP_SHORT = "c"
+
+	_KEY_COOKIE_NAME       = "cookie_name"
+	_KEY_COOKIE_NAME_SHORT = "k"
+
+	_KEY_COOKIE_SECRET       = "cookie_secret"
+	_KEY_COOKIE_SECRET_SHORT = "r"
 )
diff --git a/cmd/envfile.go b/cmd/envfile.go
index 691f796..afacdf7 100644
--- a/cmd/envfile.go
+++ b/cmd/envfile.go
@@ -102,6 +102,8 @@ func ParseEnvFile(baseFlags FlareModel.Flags) FlareModel.Flags {
 	baseFlags.EnableEditor = GetDotEnvFileBoolOrDefault(envs, "FLARE_EDITOR", baseFlags.EnableEditor)
 	baseFlags.EnableGuide = GetDotEnvFileBoolOrDefault(envs, "FLARE_GUIDE", baseFlags.EnableGuide)
 	baseFlags.Visibility = GetDotEnvFileStringOrDefault(envs, "FLARE_VISIBILITY", baseFlags.Visibility)
+	baseFlags.CookieName = GetDotEnvFileStringOrDefault(envs, "FLARE_COOKIE_NAME", baseFlags.CookieName)
+	baseFlags.CookieSecret = GetDotEnvFileStringOrDefault(envs, "FLARE_COOKIE_SECRET", baseFlags.CookieSecret)
 
 	return baseFlags
 }
diff --git a/config/define/cmd.go b/config/define/cmd.go
index 8108d74..c0f73c6 100644
--- a/config/define/cmd.go
+++ b/config/define/cmd.go
@@ -15,6 +15,9 @@ const (
 	DEFAULT_ENABLE_EDITOR            = true
 	DEFAULT_VISIBILITY               = "DEFAULT"
 	DEFAULT_DISABLE_CSP              = false
+
+	DEFAULT_COOKIE_NAME   = "flare"
+	DEFAULT_COOKIE_SECRET = "secret"
 )
 
 // get default env config
@@ -32,6 +35,9 @@ func GetDefaultEnvVars() FlareModel.Envs {
 
 		User: DEFAULT_USER_NAME,
 		Pass: "",
+
+		CookieName:   DEFAULT_COOKIE_NAME,
+		CookieSecret: DEFAULT_COOKIE_SECRET,
 	}
 }
 
diff --git a/config/model/cmd.go b/config/model/cmd.go
index 9f4faf5..dada181 100644
--- a/config/model/cmd.go
+++ b/config/model/cmd.go
@@ -20,6 +20,9 @@ type Flags struct {
 	Pass             string
 	UserIsGenerated  bool
 	PassIsGenerated  bool
+
+	CookieName   string
+	CookieSecret string
 }
 
 // Application Envs Data Model
@@ -36,6 +39,9 @@ type Envs struct {
 	DisableLoginMode bool   `env:"FLARE_DISABLE_LOGIN"`
 	User             string `env:"FLARE_USER,unset"`
 	Pass             string `env:"FLARE_PASS,unset"`
+
+	CookieName   string `env:"FLARE_COOKIE_NAME"`
+	CookieSecret string `env:"FLARE_COOKIE_SECRET"`
 }
 
 // Application Envfile Data Model
@@ -52,4 +58,7 @@ type EnvFile struct {
 	DisableLoginMode bool   `ini:"FLARE_DISABLE_LOGIN,omitempty"`
 	User             string `ini:"FLARE_USER,omitempty"`
 	Pass             string `ini:"FLARE_PASS,omitempty"`
+
+	CookieName   string `ini:"FLARE_COOKIE_NAME,omitempty"`
+	CookieSecret string `ini:"FLARE_COOKIE_SECRET,omitempty"`
 }
diff --git a/internal/auth/auth.go b/internal/auth/auth.go
index 266590b..38c57c8 100644
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -1,8 +1,8 @@
 package auth
 
 import (
+	"fmt"
 	"net/http"
-	"strconv"
 	"strings"
 	"time"
 
@@ -19,11 +19,8 @@ const (
 )
 
 func RequestHandle(router *gin.Engine) {
-	// 共享 store
-	// TODO: 剥离逻辑
-	// TODO：替换密钥为用户相关数据
-	store := cookie.NewStore([]byte("secret"))
-	router.Use(sessions.Sessions("flare_"+strconv.Itoa(FlareDefine.AppFlags.Port), store))
+	store := cookie.NewStore([]byte(FlareDefine.AppFlags.CookieSecret))
+	router.Use(sessions.Sessions(fmt.Sprintf("%s_%d", FlareDefine.AppFlags.CookieName, FlareDefine.AppFlags.Port), store))
 
 	// 非离线模式注册路由
 	if !FlareDefine.AppFlags.DisableLoginMode {