diff --git a/Merge/front/src/router/App.js b/Merge/front/src/router/App.js
index d91b3b7..4da6f49 100644
--- a/Merge/front/src/router/App.js
+++ b/Merge/front/src/router/App.js
@@ -1,72 +1,75 @@
-import React from 'react';
-import {
-  Routes,
-  Route,
-  Navigate,
-} from 'react-router-dom';
-import AdminPage from '../components/Admin';
-import UserManagement from '../components/UserManagement';
-import LogsDashboard from '../components/LogsDashboard';
-import SuperAdmin from '../components/SuperAdmin';
+// src/router/index.jsx
+import React from 'react'
+import { Routes, Route, Navigate, Outlet } from 'react-router-dom'
 
-import CreatePost     from '../components/CreatePost'      // src/components/CreatePost.jsx
-import HomeFeed       from '../components/HomeFeed'        // src/components/HomeFeed.jsx
-import PlaceholderPage from '../components/PlaceholderPage'// src/components/PlaceholderPage.jsx
-import UploadPage     from '../components/UploadPage'      // src/components/UploadPage.jsx
+import LoginPage           from '../pages/LoginPage/LoginPage'
+import RegisterPage        from '../pages/RegisterPage/RegisterPage'
+import ForgotPasswordPage  from '../pages/ForgotPasswordPage/ForgotPasswordPage'
+import TestDashboard       from '../pages/TestDashboard/TestDashboard'
+import HomeFeed            from '../components/HomeFeed'
+import CreatePost          from '../components/CreatePost'
+import NotebookPage        from '../components/NotebookPage'
+import PlaceholderPage     from '../components/PlaceholderPage'
+import UserProfile         from '../components/UserProfile'
 
-import UserProfile from '../components/UserProfile'; // src/components/UserProfileRoute.jsx
+import AdminPage           from '../components/Admin'
+import SuperAdmin          from '../components/SuperAdmin'
+import UserManagement      from '../components/UserManagement'
+import LogsDashboard       from '../components/LogsDashboard'
+import TransactionLogs     from '../components/TransactionLogs'
+import PerformanceLogs     from '../components/PerformanceLogs'
 
-import LoginPage from '../pages/LoginPage/LoginPage';
-import RegisterPage from '../pages/RegisterPage/RegisterPage';
-import ForgotPasswordPage from '../pages/ForgotPasswordPage/ForgotPasswordPage';
-import TestDashboard from '../pages/TestDashboard/TestDashboard';
-
-import TransactionLogs from '../components/TransactionLogs';
-import PerformanceLogs from '../components/PerformanceLogs';
-import NotebookPage    from '../components/NotebookPage'
+import { RequireAuth, RequireRole } from './Guards'
 
 export default function AppRoutes() {
   return (
     <Routes>
-      <Route path="/posts/new" element={<CreatePost />} />
-    
-      <Route path="/home"      element={<HomeFeed />} />
+      {/* ### 公开路由（不用登录就能看） */}
+      <Route path="/login"            element={<LoginPage />} />
+      <Route path="/register"         element={<RegisterPage />} />
+      <Route path="/forgot-password"  element={<ForgotPasswordPage />} />
 
-      <Route path="/notebooks" element={<NotebookPage />} />
-      <Route path="/activity"  element={<PlaceholderPage pageId="activity"  />} />
-      <Route path="/notes"     element={<PlaceholderPage pageId="notes"     />} />
-      <Route path="/creator"   element={<PlaceholderPage pageId="creator"   />} />
-      <Route path="/journal"   element={<PlaceholderPage pageId="journal"   />} />
-      <Route path="/user/:userId" element={<UserProfile />} />
-      <Route path="/dashboard/*" element={<UploadPage />} />
+      {/* ### 需要登录才能访问的区域 */}
+      <Route element={<RequireAuth />}>
+        {/* ---- 普通用户区块 ---- */}
+        <Route element={<RequireRole allowedRoles={['user']} />}>
+          <Route path="/home"      element={<HomeFeed />} />
+          <Route path="/posts/new" element={<CreatePost />} />
+          <Route path="/notebooks" element={<NotebookPage />} />
+          <Route path="/user/:userId" element={<UserProfile />} />
+          <Route path="/activity"  element={<PlaceholderPage pageId="activity" />} />
+          <Route path="/notes"     element={<PlaceholderPage pageId="notes" />} />
+          <Route path="/creator"   element={<PlaceholderPage pageId="creator" />} />
+          <Route path="/journal"   element={<PlaceholderPage pageId="journal" />} />
 
-      {/* 根路径重定向到 dashboard */}
-      {/* <Route path="/" element={<Navigate to="/dashboard/overview" replace />} /> */}
+          <Route path="/dashboard/*" element={<PlaceholderPage />} />
+          <Route path="/posts/new"           element={<CreatePost />} />
+          <Route path="/posts/edit/:postId"  element={<CreatePost />} />
+          <Route path="/" element={<Navigate to="/dashboard/overview" replace />} />
+        </Route>
 
-      <Route path="/" element={<LoginPage />} />
-      <Route path="/login" element={<LoginPage />} />
-      <Route path="/register" element={<RegisterPage />} />
-      <Route path="/forgot-password" element={<ForgotPasswordPage />} />
-      <Route path="/test-dashboard" element={<TestDashboard />} />
+        {/* ---- 管理员区块 ---- */}
+        <Route element={<RequireRole allowedRoles={['admin']} />}>
+          <Route path="/admin" element={<AdminPage />} />
+          <Route path="/test-dashboard" element={<TestDashboard  />} />
+        </Route>
 
-      {/* 普通管理员，无 header */}
-      <Route path="admin" element={<AdminPage />} />
-
-      {/* 超级管理员，只用 SuperAdminLayout */}
-      <Route path="superadmin" element={<SuperAdmin />}>
-        <Route index element={<Navigate to="users" replace />} />
-        <Route path="users" element={<UserManagement superAdminId={3} />} />
-
-        {/* dashboard as layout */}
-        <Route path="dashboard" element={<LogsDashboard />}>
-          <Route index element={<Navigate to="transactions" replace />} />
-          <Route path="transactions" element={<TransactionLogs userId={1} />} />
-          <Route path="performance" element={<PerformanceLogs userId={1} />} />
+        {/* ---- 超级管理员区块 ---- */}
+        <Route element={<RequireRole allowedRoles={['superadmin']} />}>
+          <Route path="/superadmin" element={<SuperAdmin />}>
+            <Route index element={<Navigate to="users" replace />} />
+            <Route path="users"         element={<UserManagement superAdminId={3} />} />
+            <Route path="dashboard"     element={<LogsDashboard />}>
+              <Route index element={<Navigate to="transactions" replace />} />
+              <Route path="transactions" element={<TransactionLogs userId={1} />} />
+              <Route path="performance"  element={<PerformanceLogs userId={1} />} />
+            </Route>
+          </Route>
         </Route>
       </Route>
 
-      {/* 最后一个兜底，放在最末尾 */}
-      <Route path="*" element={<PlaceholderPage pageId="home" />} />
+      {/* ### 兜底：不认识的地址都重定向到 /login */}
+      <Route path="*" element={<Navigate to="/login" replace />} />
     </Routes>
-  );
-}
\ No newline at end of file
+  )
+}
diff --git a/Merge/front/src/router/Guards.jsx b/Merge/front/src/router/Guards.jsx
new file mode 100644
index 0000000..3fa7408
--- /dev/null
+++ b/Merge/front/src/router/Guards.jsx
@@ -0,0 +1,24 @@
+// src/router/Guards.jsx
+import React from 'react'
+import { Navigate, Outlet, useLocation } from 'react-router-dom'
+import { getAuthToken, getUserInfo } from '../utils/auth'
+
+/** 登录检查：有 token 才放行，否则跳到 /login */
+export function RequireAuth({ children }) {
+  const token = getAuthToken()
+  const loc   = useLocation()
+  if (!token) {
+    return <Navigate to="/login" state={{ from: loc }} replace />
+  }
+  return children ?? <Outlet />
+}
+
+/** 角色检查：只有 allowedRoles 内的角色才能访问 */
+export function RequireRole({ allowedRoles, children }) {
+  const user = getUserInfo()
+  // user 里应该有 .role
+  if (!user || !allowedRoles.includes(user.role)) {
+    return <Navigate to="/login" replace />
+  }
+  return children ?? <Outlet />
+}