diff --git a/backend/api/auth_deps.py b/backend/api/auth_deps.py
index 1b43885..68b4824 100644
--- a/backend/api/auth_deps.py
+++ b/backend/api/auth_deps.py
@@ -90,13 +90,31 @@ def get_account_id(
 ) -> int:
     import logging
     logger = logging.getLogger(__name__)
-    # 注意：x_account_id 可能是 None，需要处理
-    raw_header_value = x_account_id
-    aid = int(x_account_id or 1)
-    logger.info(f"get_account_id: X-Account-Id header={raw_header_value}, parsed account_id={aid}, user_id={user.get('id')}, username={user.get('username')}")
-    result = require_account_access(aid, user)
-    logger.info(f"get_account_id: 最终返回 account_id={result}")
-    return result
+    
+    # 1. 如果 header 存在，直接校验
+    if x_account_id is not None:
+        aid = int(x_account_id)
+        return require_account_access(aid, user)
+    
+    # 2. 如果 header 不存在
+    # 如果是 admin，默认访问 1
+    if (user.get("role") or "user") == "admin":
+        return require_account_access(1, user)
+        
+    # 如果是普通用户，尝试查找他拥有的第一个账号
+    try:
+        # 查找用户关联的账号
+        accounts = UserAccountMembership.get_user_accounts(int(user["id"]))
+        if accounts and len(accounts) > 0:
+            first_aid = int(accounts[0]["id"])
+            logger.info(f"get_account_id: No header provided, auto-selected account_id={first_aid} for user {user['id']}")
+            return first_aid
+    except Exception as e:
+        logger.error(f"get_account_id: Failed to auto-select account for user {user['id']}: {e}")
+        
+    # 兜底：仍然尝试 1，然后会由 require_account_access 抛出 403
+    logger.warning(f"get_account_id: No header provided and no accounts found for user {user['id']}, defaulting to 1")
+    return require_account_access(1, user)
 
 
 def require_system_admin(
diff --git a/backend/api/routes/config.py b/backend/api/routes/config.py
index 2fa39ad..6768a81 100644
--- a/backend/api/routes/config.py
+++ b/backend/api/routes/config.py
@@ -815,6 +815,19 @@ async def check_config_feasibility(
         raise HTTPException(status_code=500, detail=f"检查配置可行性失败: {str(e)}")
 
 
+
+
+
+@router.get("/meta")
+async def get_config_meta(user: Dict[str, Any] = Depends(get_current_user)) -> Dict[str, Any]:
+    is_admin = (user.get("role") or "user") == "admin"
+    return {
+        "is_admin": bool(is_admin),
+        "user_risk_knobs": sorted(list(USER_RISK_KNOBS)),
+        "note": "平台兜底模式：策略核心由全局配置表统一管理（管理员专用）；普通用户仅可调整风险旋钮。",
+    }
+
+
 @router.get("/{key}")
 async def get_config(
     key: str,
@@ -1053,16 +1066,6 @@ async def update_configs_batch(
         raise HTTPException(status_code=500, detail=str(e))
 
 
-@router.get("/meta")
-async def get_config_meta(user: Dict[str, Any] = Depends(get_current_user)) -> Dict[str, Any]:
-    is_admin = (user.get("role") or "user") == "admin"
-    return {
-        "is_admin": bool(is_admin),
-        "user_risk_knobs": sorted(list(USER_RISK_KNOBS)),
-        "note": "平台兜底模式：策略核心由全局配置表统一管理（管理员专用）；普通用户仅可调整风险旋钮。",
-    }
-
-
 @router.put("/global/{key}")
 async def update_global_config(
     key: str,