diff --git a/src/core/setting.ts b/src/core/setting.ts
index bb6c5f7a..dcf64c4e 100644
--- a/src/core/setting.ts
+++ b/src/core/setting.ts
@@ -55,6 +55,15 @@ export interface LocaleDefaultSettings {
     firstDayOfWeek: number;
 }
 
+export interface ApplicationLockState {
+    readonly username: string;
+    readonly secret: string;
+}
+
+export interface WebAuthnConfig {
+    readonly credentialId: string;
+}
+
 export const DEFAULT_APPLICATION_SETTINGS: ApplicationSettings = {
     theme: 'auto',
     fontSize: 1,
diff --git a/src/lib/userstate.ts b/src/lib/userstate.ts
index e008ea2b..977da8d2 100644
--- a/src/lib/userstate.ts
+++ b/src/lib/userstate.ts
@@ -1,5 +1,6 @@
 import CryptoJS from 'crypto-js';
 
+import type { ApplicationLockState, WebAuthnConfig } from '@/core/setting.ts';
 import type { UserBasicInfo } from '@/models/user.ts';
 
 import { isString, isObject } from './common.ts';
@@ -17,15 +18,6 @@ const tokenSessionStorageKey: string = 'ebk_user_session_token';
 const encryptedTokenSessionStorageKey: string = 'ebk_user_session_encrypted_token';
 const appLockStateSessionStorageKey: string = 'ebk_user_app_lock_state'; // { 'username': '', secret: '' }
 
-export interface ApplicationLockState {
-    readonly username: string;
-    readonly secret: string;
-}
-
-export interface WebAuthnConfig {
-    readonly credentialId: string;
-}
-
 function getAppLockSecret(pinCode: string): string {
     const hashedPinCode = CryptoJS.SHA256(appLockSecretBaseStringPrefix + pinCode).toString();
     return hashedPinCode.substring(0, 24); // put secret into user id of webauthn (user id total length must less 64 bytes)