diff --git a/src/pages/LoginPage.vue b/src/pages/LoginPage.vue
index 2971b1e..4c481c6 100644
--- a/src/pages/LoginPage.vue
+++ b/src/pages/LoginPage.vue
@@ -86,13 +86,21 @@ async function redirectToOidc(options = {}) {
     codeChallenge: pkce.codeChallenge,
     codeChallengeMethod: 'S256'
   })
-  const authorizeUrl = res.data.authorize_url
-  const parsed = new URL(authorizeUrl)
+  const authorizeUrl = res?.data?.authorize_url
+  if (!authorizeUrl) {
+    throw new Error('登入設定錯誤：未取得授權網址')
+  }
+  let parsed
+  try {
+    parsed = new URL(authorizeUrl, window.location.origin)
+  } catch (_err) {
+    throw new Error(`登入設定錯誤：授權網址無效 (${authorizeUrl})`)
+  }
   const state = parsed.searchParams.get('state')
   if (state) {
     sessionStorage.setItem('oidc_expected_state', state)
   }
-  window.location.href = authorizeUrl
+  window.location.href = parsed.toString()
 }
 
 async function generatePkcePair() {