diff --git a/.example.env b/.example.env
index 9f004047..b96002f5 100644
--- a/.example.env
+++ b/.example.env
@@ -42,6 +42,8 @@ MAX_ATTACHMENT_SIZE = 100mb # 附件上传最大限制
 
 # 开放API
 [OPENAPI]
+ACCESS_TOKEN_LIFETIME = 3600 # 访问令牌有效期
+REFRESH_TOKEN_LIFETIME = 1209600 # 刷新令牌有效期
 RESOURCE_IMAGES_DOMAIN = http://local.orico.com; # 图片资源服务器地址
 RESOURCE_VIDEOS_DOMAIN = http://local.orico.com; # 视频资源服务器地址
 
diff --git a/app/openapi/controller/v1/Authorize.php b/app/openapi/controller/v1/Authorize.php
index 13bd8c02..262273c8 100644
--- a/app/openapi/controller/v1/Authorize.php
+++ b/app/openapi/controller/v1/Authorize.php
@@ -25,7 +25,10 @@ class Authorize
             $server  = request()->server();
             $request = new Request([], $post, [], [], [], $server);
             $storage = new OAuthStorage;
-            $oauth   = new OAuth2($storage);
+            $oauth   = new OAuth2($storage, [
+                'access_token_lifetime'  => env('OPENAPI.ACCESS_TOKEN_LIFETIME', 3600),
+                'refresh_token_lifetime' => env('OPENAPI.REFRESH_TOKEN_LIFETIME', 1209600),
+            ]);
             $token   = $oauth->grantAccessToken($request);
             return success('success', json_decode($token->getContent(), true));
         } catch (OAuth2ServerException $e) {