feat(http-api): support password changing

lss233 · May 15, 2023 · d00c78e · d00c78e
1 parent 538519e
commit d00c78e
Show file tree

Hide file tree

Showing 19 changed files with 1,276 additions and 24 deletions.
diff --git a/assets/webui/assets/AboutView.css b/assets/webui/assets/AboutView.css
@@ -0,0 +1 @@
+.wrapper[data-v-ec33436b]{display:flex;justify-content:center;align-items:center;height:100vh}.container[data-v-ec33436b]{justify-content:center;align-items:center;flex-direction:column;text-align:center}
diff --git a/assets/webui/assets/AboutView.js b/assets/webui/assets/AboutView.js
diff --git a/assets/webui/assets/AccountConfigView.css b/assets/webui/assets/AccountConfigView.css
diff --git a/assets/webui/assets/AccountConfigView.js b/assets/webui/assets/AccountConfigView.js
diff --git a/assets/webui/assets/ConfigurationList.css b/assets/webui/assets/ConfigurationList.css
diff --git a/assets/webui/assets/ConfigurationList.js b/assets/webui/assets/ConfigurationList.js
diff --git a/assets/webui/assets/LoginView-69f14d49.css → assets/webui/assets/LoginView.css b/assets/webui/assets/LoginView-69f14d49.css → assets/webui/assets/LoginView.css
diff --git a/assets/webui/assets/LoginView.js b/assets/webui/assets/LoginView.js
diff --git a/assets/webui/assets/PlatformConfigView.css b/assets/webui/assets/PlatformConfigView.css
@@ -0,0 +1 @@
+.sub-content-wrapper[data-v-b9a58cbf]{display:flex;flex-grow:1;height:100%}.sidebar-wrapper[data-v-b9a58cbf]{width:256px;background-color:var(--vt-c-gray)}.sub-main-content-wrapper[data-v-b9a58cbf]{flex-grow:1}
diff --git a/assets/webui/assets/PlatformConfigView.js b/assets/webui/assets/PlatformConfigView.js
diff --git a/assets/webui/assets/UtilitiesConfigView.css b/assets/webui/assets/UtilitiesConfigView.css
@@ -0,0 +1 @@
+.sub-content-wrapper[data-v-70027784]{display:flex;flex-grow:1;height:100%}.sidebar-wrapper[data-v-70027784]{width:256px;background-color:var(--vt-c-gray)}.sub-main-content-wrapper[data-v-70027784]{flex-grow:1}
diff --git a/assets/webui/assets/UtilitiesConfigView.js b/assets/webui/assets/UtilitiesConfigView.js
diff --git a/assets/webui/assets/cryptojs.js b/assets/webui/assets/cryptojs.js
diff --git a/assets/webui/assets/index-60c2ab7f.css → assets/webui/assets/index.css b/assets/webui/assets/index-60c2ab7f.css → assets/webui/assets/index.css
diff --git a/assets/webui/assets/index.js b/assets/webui/assets/index.js
diff --git a/assets/webui/assets/use-message.js b/assets/webui/assets/use-message.js
diff --git a/assets/webui/index.html b/assets/webui/index.html
@@ -5,8 +5,8 @@
  <link rel="icon" href="./favicon.ico">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title>Vite App</title>
- <script type="module" crossorigin src="./assets/index-f7ff85ab.js"></script>
- <link rel="stylesheet" href="./assets/index-60c2ab7f.css">
+ <script type="module" crossorigin src="./assets/index.js"></script>
+ <link rel="stylesheet" href="./assets/index.css">
  </head>
  <body>
  <div id="app"></div>

diff --git a/config.py b/config.py
@@ -72,23 +72,25 @@ class DiscordBot(BaseModel):
 class HttpService(BaseModel):
  host: str = Field(
  title="Host",
- description="0.0.0.0则不限制访问地址",
+ description="HTTP 服务绑定的 IP 地址，0.0.0.0 表示绑定于所有 IP 地址",
  default="0.0.0.0"
  )
  port: int = Field(
  title="Port",
- description="Http service port, 默认8080",
+ description="HTTP 服务绑定的端口号",
  default=8080
  )
  debug: bool = Field(
  title="Debug",
- description="是否开启debug，错误时展示日志",
+ description="是否开启 debug ，错误时展示日志",
  default=False
  )
  password: Optional[str] = Field(
  title="登录密码",
  description="密码使用 SHA-512 哈希保存，如果未指定，则会在启动时随机生成一个密码。",
- default=None
+ default=None,
+ form_type="password",
+ password="HmacSHA512"
  )
  cloudflared: bool = Field(
  title="开启 Cloudflare 转发",
@@ -98,21 +100,6 @@ class HttpService(BaseModel):
 
 
 class WecomBot(BaseModel):
- host: str = Field(
- title="Host",
- description="企业微信回调地址，需要能够被公网访问，0.0.0.0则不限制访问地址",
- default="0.0.0.0"
- )
- port: int = Field(
- title="Port",
- description="Http service port, 默认5001",
- default=5001
- )
- debug: bool = Field(
- title="Debug",
- description="是否开启debug，错误时展示日志",
- default=False
- )
  corp_id: str = Field(
  title="企业 ID",
  description="企业微信 的 企业 ID",

diff --git a/framework/platforms/http_service.py b/framework/platforms/http_service.py
@@ -41,7 +41,10 @@
  constants.config.http.password = generate_password_hash(password, method="sha512", salt_length=6)
  constants.Config.save_config(constants.config)
 
-jwt_secret_key = hashlib.sha256(constants.config.http.password.encode('utf-8')).digest()
+
+def get_jwt_secret_key():
+ return hashlib.sha256(constants.config.http.password.encode('utf-8')).digest()
+
 
 webui_static = safe_join(os.path.dirname(os.path.pardir), 'assets/webui')
 
@@ -52,7 +55,7 @@ def generate_token():
  expiration_time = datetime.now(timezone.utc) + timedelta(days=3)
  # 令牌的 payload 包含过期时间和密码哈希
  payload = {"exp": expiration_time}
- return jwt.encode(payload, jwt_secret_key, algorithm="HS256")
+ return jwt.encode(payload, get_jwt_secret_key(), algorithm="HS256")
 
 
 def authenticate(func):
@@ -65,7 +68,7 @@ async def wrapper(*args, **kwargs):
 
  # 验证 JWT 令牌
  try:
- jwt.decode(token, jwt_secret_key, algorithms=["HS256"])
+ jwt.decode(token, get_jwt_secret_key(), algorithms=["HS256"])
  except jwt.ExpiredSignatureError:
  return jsonify({"error": "令牌已过期"}), 401
  except Exception: