From 7c976bdf0a4c294d964cdfc779f5d8138c2049d8 Mon Sep 17 00:00:00 2001 From: hex2077 Date: Sun, 14 Dec 2025 20:20:31 +0800 Subject: [PATCH] =?UTF-8?q?feat(=E5=AE=89=E5=85=A8):=20=E6=B7=BB=E5=8A=A0?= =?UTF-8?q?=E5=90=8E=E5=8F=B0=E7=99=BB=E5=BD=95=E5=AF=86=E7=A0=81=E9=85=8D?= =?UTF-8?q?=E7=BD=AE=E5=8A=9F=E8=83=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 实现后台管理密码的设置和更新功能,包括: - 在前端添加密码输入框和显示/隐藏切换按钮 - 在后端添加密码验证和存储逻辑 - 密码修改后需要重新登录生效 --- src/ui-manager.js | 40 ++++++++++++++++++++++++++++++++++++ static/app/config-manager.js | 18 ++++++++++++++++ static/index.html | 12 +++++++++++ 3 files changed, 70 insertions(+) diff --git a/src/ui-manager.js b/src/ui-manager.js index f1213fb..2f7276a 100644 --- a/src/ui-manager.js +++ b/src/ui-manager.js @@ -478,6 +478,46 @@ export async function handleUIApiRequests(method, pathParam, req, res, currentCo return true; } + // Update admin password + if (method === 'POST' && pathParam === '/api/admin-password') { + try { + const body = await getRequestBody(req); + const { password } = body; + + if (!password || password.trim() === '') { + res.writeHead(400, { 'Content-Type': 'application/json' }); + res.end(JSON.stringify({ + error: { + message: '密码不能为空' + } + })); + return true; + } + + // 写入密码到 pwd 文件 + const pwdFilePath = path.join(process.cwd(), 'pwd'); + await fs.writeFile(pwdFilePath, password.trim(), 'utf8'); + + console.log('[UI API] Admin password updated successfully'); + + res.writeHead(200, { 'Content-Type': 'application/json' }); + res.end(JSON.stringify({ + success: true, + message: '后台登录密码已更新' + })); + return true; + } catch (error) { + console.error('[UI API] Failed to update admin password:', error); + res.writeHead(500, { 'Content-Type': 'application/json' }); + res.end(JSON.stringify({ + error: { + message: '更新密码失败: ' + error.message + } + })); + return true; + } + } + // Get configuration if (method === 'GET' && pathParam === '/api/config') { let systemPrompt = ''; diff --git a/static/app/config-manager.js b/static/app/config-manager.js index d7214d7..27a9fd2 100644 --- a/static/app/config-manager.js +++ b/static/app/config-manager.js @@ -133,6 +133,9 @@ async function saveConfiguration() { systemPrompt: document.getElementById('systemPrompt')?.value || '', }; + // 获取后台登录密码(如果有输入) + const adminPassword = document.getElementById('adminPassword')?.value || ''; + // 根据不同提供商保存不同的配置 const provider = document.getElementById('modelProvider')?.value; @@ -194,6 +197,21 @@ async function saveConfiguration() { try { await window.apiClient.post('/config', config); + + // 如果输入了新密码,单独保存密码 + if (adminPassword) { + try { + await window.apiClient.post('/admin-password', { password: adminPassword }); + // 清空密码输入框 + const adminPasswordEl = document.getElementById('adminPassword'); + if (adminPasswordEl) adminPasswordEl.value = ''; + showToast('后台密码已更新,下次登录生效', 'success'); + } catch (pwdError) { + console.error('Failed to save admin password:', pwdError); + showToast('保存后台密码失败: ' + pwdError.message, 'error'); + } + } + await window.apiClient.post('/reload-config'); showToast('配置已保存', 'success'); diff --git a/static/index.html b/static/index.html index 6a11099..ce62cbf 100644 --- a/static/index.html +++ b/static/index.html @@ -711,6 +711,18 @@ + + +
+ +
+ + +
+ 用于保护管理控制台的访问,修改后需要重新登录 +