diff --git a/api/controllers/console/explore/installed_app.py b/api/controllers/console/explore/installed_app.py
index 0c71ba6ce1..196fa9512f 100644
--- a/api/controllers/console/explore/installed_app.py
+++ b/api/controllers/console/explore/installed_app.py
@@ -65,9 +65,7 @@ class InstalledAppsListApi(Resource):
                 ):
                     res.append(installed_app)
             installed_app_list = res
-            logging.info(
-                f"installed_app_list: {installed_app_list}, user_id: {user_id}"
-            )
+            logging.info(f"installed_app_list: {installed_app_list}, user_id: {user_id}")
 
         installed_app_list.sort(
             key=lambda app: (
diff --git a/api/controllers/console/explore/wraps.py b/api/controllers/console/explore/wraps.py
index 1679a078e0..afbd78bd5b 100644
--- a/api/controllers/console/explore/wraps.py
+++ b/api/controllers/console/explore/wraps.py
@@ -70,6 +70,7 @@ def user_allowed_to_access_app(view=None):
             return view(installed_app, *args, **kwargs)
 
         return decorated
+
     if view:
         return decorator(view)
     return decorator
@@ -78,4 +79,9 @@ def user_allowed_to_access_app(view=None):
 class InstalledAppResource(Resource):
     # must be reversed if there are multiple decorators
 
-    method_decorators = [user_allowed_to_access_app, installed_app_required, account_initialization_required, login_required]
+    method_decorators = [
+        user_allowed_to_access_app,
+        installed_app_required,
+        account_initialization_required,
+        login_required,
+    ]
diff --git a/api/controllers/web/login.py b/api/controllers/web/login.py
index 4106e6a179..6af8d578c5 100644
--- a/api/controllers/web/login.py
+++ b/api/controllers/web/login.py
@@ -1,13 +1,13 @@
 from flask import request
 from flask_restful import Resource, reqparse
 from jwt import InvalidTokenError  # type: ignore
-from web import api
 from werkzeug.exceptions import BadRequest
 
 import services
 from controllers.console.auth.error import EmailCodeError, EmailOrPasswordMismatchError, InvalidEmailError
 from controllers.console.error import AccountBannedError, AccountNotFound
 from controllers.console.wraps import setup_required
+from controllers.web import api
 from libs.helper import email
 from libs.password import valid_password
 from services.account_service import AccountService
@@ -119,3 +119,5 @@ api.add_resource(LoginApi, "/login")
 # api.add_resource(LogoutApi, "/logout")
 api.add_resource(EmailCodeLoginSendEmailApi, "/email-code-login")
 api.add_resource(EmailCodeLoginApi, "/email-code-login/validity")
+api.add_resource(EmailCodeLoginSendEmailApi, "/email-code-login")
+api.add_resource(EmailCodeLoginApi, "/email-code-login/validity")
diff --git a/api/controllers/web/wraps.py b/api/controllers/web/wraps.py
index cea74b854c..3bb029d6eb 100644
--- a/api/controllers/web/wraps.py
+++ b/api/controllers/web/wraps.py
@@ -29,7 +29,7 @@ def validate_jwt_token(view=None):
 
 def decode_jwt_token():
     system_features = FeatureService.get_system_features()
-    app_code = request.headers.get("X-App-Code")
+    app_code = str(request.headers.get("X-App-Code"))
     try:
         auth_header = request.headers.get("Authorization")
         if auth_header is None:
@@ -71,7 +71,7 @@ def decode_jwt_token():
     except Unauthorized as e:
         if system_features.webapp_auth.enabled:
             app_web_auth_enabled = (
-                EnterpriseService.WebAppAuth.get_app_access_mode_by_code(app_code=app_code).access_mode != "public"
+                EnterpriseService.WebAppAuth.get_app_access_mode_by_code(app_code=str(app_code)).access_mode != "public"
             )
             if app_web_auth_enabled:
                 raise WebAppAuthRequiredError()
diff --git a/api/services/account_service.py b/api/services/account_service.py
index c9410d39df..ac84a46299 100644
--- a/api/services/account_service.py
+++ b/api/services/account_service.py
@@ -932,9 +932,10 @@ class RegisterService:
             if open_id is not None and provider is not None:
                 AccountService.link_account_integrate(provider, open_id, account)
 
-            if (FeatureService.get_system_features().is_allow_create_workspace
-                    and create_workspace_required
-                    and FeatureService.get_system_features().license.workspaces.is_available()
+            if (
+                FeatureService.get_system_features().is_allow_create_workspace
+                and create_workspace_required
+                and FeatureService.get_system_features().license.workspaces.is_available()
             ):
                 tenant = TenantService.create_tenant(f"{account.name}'s Workspace")
                 TenantService.create_tenant_member(tenant, account, role="owner")
diff --git a/api/services/enterprise/enterprise_service.py b/api/services/enterprise/enterprise_service.py
index 9a0c478e75..1be78d2e62 100644
--- a/api/services/enterprise/enterprise_service.py
+++ b/api/services/enterprise/enterprise_service.py
@@ -1,4 +1,3 @@
-
 from pydantic import BaseModel, Field
 
 from services.enterprise.base import EnterpriseRequest
@@ -18,12 +17,12 @@ class EnterpriseService:
         return EnterpriseRequest.send_request("GET", "/info")
 
     @classmethod
-    def get_workspace_info(cls, tenant_id:str):
+    def get_workspace_info(cls, tenant_id: str):
         return EnterpriseRequest.send_request("GET", f"/workspace/{tenant_id}/info")
 
     class WebAppAuth:
         @classmethod
-        def is_user_allowed_to_access_webapp(cls, user_id: str, app_code: str) -> bool:
+        def is_user_allowed_to_access_webapp(cls, user_id: str, app_code: str):
             params = {"userId": user_id, "appCode": app_code}
             data = EnterpriseRequest.send_request("GET", "/webapp/permission", params=params)
 
@@ -70,7 +69,7 @@ class EnterpriseService:
             return WebAppSettings(**data)
 
         @classmethod
-        def update_app_access_mode(cls, app_id: str, access_mode: str) -> bool:
+        def update_app_access_mode(cls, app_id: str, access_mode: str):
             if not app_id:
                 raise ValueError("app_id must be provided.")
             if access_mode not in ["public", "private", "private_all"]:
diff --git a/api/services/webapp_auth_service.py b/api/services/webapp_auth_service.py
index 506b7698e0..79d5217de7 100644
--- a/api/services/webapp_auth_service.py
+++ b/api/services/webapp_auth_service.py
@@ -89,7 +89,11 @@ class WebAppAuthService:
     @classmethod
     def create_end_user(cls, app_code, email) -> EndUser:
         site = db.session.query(Site).filter(Site.code == app_code).first()
+        if not site:
+            raise NotFound("Site not found.")
         app_model = db.session.query(App).filter(App.id == site.app_id).first()
+        if not app_model:
+            raise NotFound("App not found.")
         end_user = EndUser(
             tenant_id=app_model.tenant_id,
             app_id=app_model.id,
@@ -119,7 +123,7 @@ class WebAppAuthService:
 
     @classmethod
     def _get_account_jwt_token(cls, account: Account, site: Site, end_user_id: str) -> str:
-        exp_dt = datetime.now(UTC) + timedelta(hours=dify_config.WebAppSessionTimeoutInHours * 24)
+        exp_dt = datetime.now(UTC) + timedelta(hours=dify_config.ACCESS_TOKEN_EXPIRE_MINUTES * 24)
         exp = int(exp_dt.timestamp())
 
         payload = {