diff --git a/api/controllers/web/login.py b/api/controllers/web/login.py
index 36b52a7d47..fd588bc0c2 100644
--- a/api/controllers/web/login.py
+++ b/api/controllers/web/login.py
@@ -37,7 +37,7 @@ class LoginApi(Resource):
             raise AccountNotFound()
 
         token = WebAppAuthService.login(account=account)
-        return {"result": "success", "token": token}
+        return {"result": "success", "access_token": token}
 
 
 # class LogoutApi(Resource):
@@ -102,7 +102,7 @@ class EmailCodeLoginApi(Resource):
 
         token = WebAppAuthService.login(account=account)
         AccountService.reset_login_error_rate_limit(args["email"])
-        return {"result": "success", "token": token}
+        return {"result": "success", "access_token": token}
 
 
 api.add_resource(LoginApi, "/login")
diff --git a/api/services/webapp_auth_service.py b/api/services/webapp_auth_service.py
index 9ad30db90d..c6cb0f0d2f 100644
--- a/api/services/webapp_auth_service.py
+++ b/api/services/webapp_auth_service.py
@@ -115,7 +115,9 @@ class WebAppAuthService:
         return token
 
     @classmethod
-    def is_app_require_permission_check(cls, app_code: str = None, app_id: str = None, access_mode: str = None) -> bool:
+    def is_app_require_permission_check(
+        cls, app_code: Optional[str] = None, app_id: Optional[str] = None, access_mode: Optional[str] = None
+    ) -> bool:
         """
         Check if the app requires permission check based on its access mode.
         """