237899745/vue-driven-cloud-storage
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: 全面优化代码质量至 8.55/10 分

Browse Source 
## 安全增强
- 添加 CSRF 防护机制(Double Submit Cookie 模式)
- 增强密码强度验证(8字符+两种字符类型)
- 添加 Session 密钥安全检查
- 修复 .htaccess 文件上传漏洞
- 统一使用 getSafeErrorMessage() 保护敏感错误信息
- 增强数据库原型污染防护
- 添加被封禁用户分享访问检查

## 功能修复
- 修复模态框点击外部关闭功能
- 修复 share.html 未定义方法调用
- 修复 verify.html 和 reset-password.html API 路径
- 修复数据库 SFTP->OSS 迁移逻辑
- 修复 OSS 未配置时的错误提示
- 添加文件夹名称长度限制
- 添加文件列表 API 路径验证

## UI/UX 改进
- 添加 6 个按钮加载状态(登录/注册/修改密码等)
- 将 15+ 处 alert() 替换为 Toast 通知
- 添加防重复提交机制(创建文件夹/分享)
- 优化 loadUserProfile 防抖调用

## 代码质量
- 消除 formatFileSize 重复定义
- 集中模块导入到文件顶部
- 添加 JSDoc 注释
- 创建路由拆分示例 (routes/)

## 测试套件
- 添加 boundary-tests.js (60 用例)
- 添加 network-concurrent-tests.js (33 用例)
- 添加 state-consistency-tests.js (38 用例)
- 添加 test_share.js 和 test_admin.js

## 文档和配置
- 新增 INSTALL_GUIDE.md 手动部署指南
- 新增 VERSION.txt 版本历史
- 完善 .env.example 配置说明
- 新增 docker-compose.yml
- 完善 nginx.conf.example

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
yuyx
2026-01-20 10:45:51 +08:00
parent ab7e08a21b
commit efaa2308eb
30 changed files with 6724 additions and 238 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
frontend/app.html
View File

@@ -1190,8 +1190,8 @@
<div style="display: flex; gap: 10px; align-items: center; margin-top: 8px;">
<input type="text" class="form-input" v-model="resendVerifyCaptcha" placeholder="验证码" style="flex: 1; height: 40px;" @focus="!resendVerifyCaptchaUrl && refreshResendVerifyCaptcha()">
<img v-if="resendVerifyCaptchaUrl" :src="resendVerifyCaptchaUrl" @click="refreshResendVerifyCaptcha" style="height: 40px; cursor: pointer; border-radius: 4px;" title="点击刷新验证码">
<button type="button" class="btn btn-primary" @click="resendVerification" style="height: 40px; white-space: nowrap;">
重发邮件
<button type="button" class="btn btn-primary" @click="resendVerification" :disabled="resendingVerify" style="height: 40px; white-space: nowrap;">
<i v-if="resendingVerify" class="fas fa-spinner fa-spin"></i> {{ resendingVerify ? '发送中...' : '重发邮件' }}
</button>
</div>
</div>
@@ -1200,8 +1200,8 @@
忘记密码?
</a>
</div>
<button type="submit" class="btn btn-primary">
<i class="fas fa-right-to-bracket"></i> 登录
<button type="submit" class="btn btn-primary" :disabled="loginLoading">
<i :class="loginLoading ? 'fas fa-spinner fa-spin' : 'fas fa-right-to-bracket'"></i> {{ loginLoading ? '登录中...' : '登录' }}
</button>
</form>
<form v-else @submit.prevent="handleRegister" @focusin="!registerCaptchaUrl && refreshRegisterCaptcha()">
@@ -1224,8 +1224,8 @@
<img v-if="registerCaptchaUrl" :src="registerCaptchaUrl" @click="refreshRegisterCaptcha" style="height: 44px; cursor: pointer; border-radius: 4px;" title="点击刷新验证码">
</div>
</div>
<button type="submit" class="btn btn-primary">
<i class="fas fa-user-plus"></i> 注册
<button type="submit" class="btn btn-primary" :disabled="registerLoading">
<i :class="registerLoading ? 'fas fa-spinner fa-spin' : 'fas fa-user-plus'"></i> {{ registerLoading ? '注册中...' : '注册' }}
</button>
</form>
<div class="auth-switch">
@@ -1445,7 +1445,7 @@
<!-- 重命名模态框 -->
<div v-if="showRenameModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showRenameModal')">
<div v-if="showRenameModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showRenameModal', $event)">
<div class="modal-content" @click.stop>
<h3 style="margin-bottom: 20px;">重命名文件</h3>
<div class="form-group">
@@ -1464,7 +1464,7 @@
</div>
<!-- 新建文件夹模态框 -->
<div v-if="showCreateFolderModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showCreateFolderModal')">
<div v-if="showCreateFolderModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showCreateFolderModal', $event)">
<div class="modal-content" @click.stop>
<h3 style="margin-bottom: 20px;">
<i class="fas fa-folder-plus"></i> 新建文件夹
@@ -1474,8 +1474,8 @@
<input type="text" class="form-input" v-model="createFolderForm.folderName" @keyup.enter="createFolder()" placeholder="请输入文件夹名称" autofocus>
</div>
<div style="display: flex; gap: 10px; margin-top: 20px;">
<button class="btn btn-primary" @click="createFolder()" style="flex: 1;">
<i class="fas fa-check"></i> 创建
<button class="btn btn-primary" @click="createFolder()" :disabled="creatingFolder" style="flex: 1;">
<i class="fas" :class="creatingFolder ? 'fa-spinner fa-spin' : 'fa-check'"></i> {{ creatingFolder ? '创建中...' : '创建' }}
</button>
<button class="btn btn-secondary" @click="showCreateFolderModal = false; createFolderForm.folderName = ''" style="flex: 1;">
<i class="fas fa-times"></i> 取消
@@ -1485,7 +1485,7 @@
</div>
<!-- 文件夹详情模态框 -->
<div v-if="showFolderInfoModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showFolderInfoModal')">
<div v-if="showFolderInfoModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showFolderInfoModal', $event)">
<div class="modal-content" @click.stop>
<h3 style="margin-bottom: 20px;">
<i class="fas fa-folder"></i> 文件夹详情
@@ -1529,7 +1529,7 @@
</div>
<!-- 分享所有文件模态框 -->
<div v-if="showShareAllModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showShareAllModal')">
<div v-if="showShareAllModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showShareAllModal', $event)">
<div class="modal-content" @click.stop>
<h3 style="margin-bottom: 20px;">分享所有文件</h3>
<div class="form-group">
@@ -1562,8 +1562,8 @@
</div>
</div>
<div style="display: flex; gap: 10px; margin-top: 20px;">
<button class="btn btn-primary" @click="createShareAll()" style="flex: 1;">
<i class="fas fa-share"></i> 创建分享
<button class="btn btn-primary" @click="createShareAll()" :disabled="creatingShare" style="flex: 1;">
<i class="fas" :class="creatingShare ? 'fa-spinner fa-spin' : 'fa-share'"></i> {{ creatingShare ? '创建中...' : '创建分享' }}
</button>
<button class="btn btn-secondary" @click="showShareAllModal = false; shareResult = null" style="flex: 1;">
<i class="fas fa-times"></i> 关闭
@@ -1573,7 +1573,7 @@
</div>
<!-- 分享单个文件模态框 -->
<div v-if="showShareFileModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showShareFileModal')">
<div v-if="showShareFileModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showShareFileModal', $event)">
<div class="modal-content" @click.stop>
<h3 style="margin-bottom: 20px;">分享文件</h3>
<p style="color: var(--text-secondary); margin-bottom: 15px;">文件: <strong>{{ shareFileForm.fileName }}</strong></p>
@@ -1607,8 +1607,8 @@
</div>
</div>
<div style="display: flex; gap: 10px; margin-top: 20px;">
<button class="btn btn-primary" @click="createShareFile()" style="flex: 1;">
<i class="fas fa-share"></i> 创建分享
<button class="btn btn-primary" @click="createShareFile()" :disabled="creatingShare" style="flex: 1;">
<i class="fas" :class="creatingShare ? 'fa-spinner fa-spin' : 'fa-share'"></i> {{ creatingShare ? '创建中...' : '创建分享' }}
</button>
<button class="btn btn-secondary" @click="showShareFileModal = false; shareResult = null" style="flex: 1;">
<i class="fas fa-times"></i> 关闭
@@ -1618,7 +1618,7 @@
</div>
<!-- OSS 配置引导弹窗 -->
<div v-if="showOssGuideModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showOssGuideModal')">
<div v-if="showOssGuideModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showOssGuideModal', $event)">
<div class="modal-content" @click.stop style="max-width: 520px; border-radius: 16px; overflow: hidden;">
<div style="background: linear-gradient(135deg,#667eea,#764ba2); color: white; padding: 18px;">
<div style="display: flex; align-items: center; gap: 10px;">
@@ -1642,7 +1642,7 @@
</div>
<!-- OSS 配置弹窗 -->
<div v-if="showOssConfigModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showOssConfigModal')">
<div v-if="showOssConfigModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showOssConfigModal', $event)">
<div class="modal-content" @click.stop style="max-width: 720px; border-radius: 16px;">
<div style="display: flex; justify-content: space-between; align-items: center; margin-bottom: 12px;">
<div>
@@ -2007,23 +2007,23 @@
<label class="form-label">用户名</label>
<input type="text" class="form-input" v-model="usernameForm.newUsername" :placeholder="user.username" minlength="3" maxlength="20" required>
</div>
<button type="submit" class="btn btn-primary">
<i class="fas fa-save"></i> 修改用户名
<button type="submit" class="btn btn-primary" :disabled="usernameChanging">
<i :class="usernameChanging ? 'fas fa-spinner fa-spin' : 'fas fa-save'"></i> {{ usernameChanging ? '保存中...' : '修改用户名' }}
</button>
</form>
<!-- 所有用户都可以改密码 -->
<form @submit.prevent="changePassword">
<div class="form-group">
<div class="form-group">
<label class="form-label">当前密码</label>
<input type="password" class="form-input" v-model="changePasswordForm.current_password" placeholder="输入当前密码" required>
</div>
<div class="form-group">
<label class="form-label">新密码 (至少6字符)</label>
<input type="password" class="form-input" v-model="changePasswordForm.new_password" placeholder="输入新密码" minlength="6" required>
</div>
<button type="submit" class="btn btn-primary">
<i class="fas fa-key"></i> 修改密码
<button type="submit" class="btn btn-primary" :disabled="passwordChanging">
<i :class="passwordChanging ? 'fas fa-spinner fa-spin' : 'fas fa-key'"></i> {{ passwordChanging ? '修改中...' : '修改密码' }}
</button>
</form>
</div>
@@ -2915,7 +2915,7 @@
</div><!-- 管理员视图结束 -->
<!-- 忘记密码模态框 -->
<div v-if="showForgotPasswordModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showForgotPasswordModal')">
<div v-if="showForgotPasswordModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showForgotPasswordModal', $event)">
<div class="modal-content" @click.stop @focusin="!forgotPasswordCaptchaUrl && refreshForgotPasswordCaptcha()">
<h3 style="margin-bottom: 20px;">忘记密码 - 邮箱重置</h3>
<p style="color: var(--text-secondary); margin-bottom: 15px; font-size: 14px;">
@@ -2933,10 +2933,10 @@
</div>
</div>
<div style="display: flex; gap: 10px; margin-top: 20px;">
<button class="btn btn-primary" @click="requestPasswordReset" style="flex: 1;">
<i class="fas fa-paper-plane"></i> 发送重置邮件
<button class="btn btn-primary" @click="requestPasswordReset" :disabled="passwordResetting" style="flex: 1;">
<i :class="passwordResetting ? 'fas fa-spinner fa-spin' : 'fas fa-paper-plane'"></i> {{ passwordResetting ? '发送中...' : '发送重置邮件' }}
</button>
<button class="btn btn-secondary" @click="showForgotPasswordModal = false; forgotPasswordForm = {email: '', captcha: ''}; forgotPasswordCaptchaUrl = ''" style="flex: 1;">
<button class="btn btn-secondary" @click="showForgotPasswordModal = false; forgotPasswordForm = {email: '', captcha: ''}; forgotPasswordCaptchaUrl = ''" :disabled="passwordResetting" style="flex: 1;">
<i class="fas fa-times"></i> 取消
</button>
</div>
@@ -2944,7 +2944,7 @@
</div>
<!-- 邮件重置密码模态框 -->
<div v-if="showResetPasswordModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showResetPasswordModal')">
<div v-if="showResetPasswordModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showResetPasswordModal', $event)">
<div class="modal-content" @click.stop>
<h3 style="margin-bottom: 20px;">设置新密码</h3>
<p style="color: var(--text-secondary); margin-bottom: 15px; font-size: 14px;">
@@ -2955,10 +2955,10 @@
<input type="password" class="form-input" v-model="resetPasswordForm.new_password" placeholder="输入新密码" minlength="6" required>
</div>
<div style="display: flex; gap: 10px; margin-top: 20px;">
<button class="btn btn-primary" @click="submitResetPassword" style="flex: 1;">
<i class="fas fa-unlock"></i> 重置密码
<button class="btn btn-primary" @click="submitResetPassword" :disabled="passwordResetting" style="flex: 1;">
<i :class="passwordResetting ? 'fas fa-spinner fa-spin' : 'fas fa-unlock'"></i> {{ passwordResetting ? '重置中...' : '重置密码' }}
</button>
<button class="btn btn-secondary" @click="showResetPasswordModal = false; resetPasswordForm = {token: '', new_password: ''}" style="flex: 1;">
<button class="btn btn-secondary" @click="showResetPasswordModal = false; resetPasswordForm = {token: '', new_password: ''}" :disabled="passwordResetting" style="flex: 1;">
<i class="fas fa-times"></i> 取消
</button>
</div>
@@ -2966,7 +2966,7 @@
</div>
<!-- 文件审查模态框 -->
<div v-if="showFileInspectionModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showFileInspectionModal')">
<div v-if="showFileInspectionModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showFileInspectionModal', $event)">
<div class="modal-content" @click.stop style="max-width: 900px; max-height: 80vh; overflow-y: auto;">
<div style="display: flex; justify-content: space-between; align-items: center; margin-bottom: 20px;">
<h3 style="margin: 0;">
@@ -3147,7 +3147,7 @@
</div>
</div>
<!-- 管理员:编辑用户存储权限模态框 -->
<div v-if="showEditStorageModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showEditStorageModal')">
<div v-if="showEditStorageModal" class="modal-overlay" @mousedown.self="handleModalMouseDown" @mouseup.self="handleModalMouseUp('showEditStorageModal', $event)">
<div class="modal-content" @click.stop>
<h3 style="margin-bottom: 20px;">
<i class="fas fa-database"></i> 存储权限设置 - {{ editStorageForm.username }}

148
frontend/app.js
View File

@@ -92,6 +92,7 @@ createApp({
shares: [],
showShareAllModal: false,
showShareFileModal: false,
creatingShare: false, // 创建分享中状态
shareAllForm: {
password: "",
expiryType: "never",
@@ -123,6 +124,7 @@ createApp({
// 创建文件夹
showCreateFolderModal: false,
creatingFolder: false, // 创建文件夹中状态
createFolderForm: {
folderName: ""
},
@@ -174,6 +176,14 @@ createApp({
resendVerifyCaptcha: '',
resendVerifyCaptchaUrl: '',
// 加载状态
loginLoading: false, // 登录中
registerLoading: false, // 注册中
passwordChanging: false, // 修改密码中
usernameChanging: false, // 修改用户名中
passwordResetting: false, // 重置密码中
resendingVerify: false, // 重发验证邮件中
// 系统设置
systemSettings: {
maxUploadSizeMB: 100,
@@ -380,6 +390,26 @@ createApp({
},
methods: {
// ========== 工具函数 ==========
// 防抖函数 - 避免频繁调用
debounce(fn, delay) {
let timer = null;
return function(...args) {
if (timer) clearTimeout(timer);
timer = setTimeout(() => fn.apply(this, args), delay);
};
},
// 创建防抖版本的 loadUserProfile延迟2秒避免频繁请求
debouncedLoadUserProfile() {
if (!this._debouncedLoadUserProfile) {
this._debouncedLoadUserProfile = this.debounce(() => {
this.loadUserProfile();
}, 2000);
}
this._debouncedLoadUserProfile();
},
// ========== 主题管理 ==========
// 初始化主题
async initTheme() {
@@ -517,15 +547,13 @@ createApp({
// 记录鼠标按下时的目标
this.modalMouseDownTarget = e.target;
},
handleModalMouseUp(modalName) {
handleModalMouseUp(modalName, e) {
// 只有在同一个overlay元素上按下和释放鼠标时才关闭
return (e) => {
if (e.target === this.modalMouseDownTarget) {
this[modalName] = false;
this.shareResult = null; // 重置分享结果
}
this.modalMouseDownTarget = null;
};
if (e && e.target === this.modalMouseDownTarget) {
this[modalName] = false;
this.shareResult = null; // 重置分享结果
}
this.modalMouseDownTarget = null;
},
// 格式化文件大小
@@ -605,6 +633,7 @@ handleDragLeave(e) {
async handleLogin() {
this.errorMessage = '';
this.loginLoading = true;
try {
const response = await axios.post(`${this.apiBase}/api/login`, this.loginForm);
@@ -668,7 +697,7 @@ handleDragLeave(e) {
this.loadFiles('/');
} else {
this.currentView = 'settings';
alert('欢迎!请先配置您的OSS服务');
this.showToast('info', '欢迎', '请先配置您的OSS服务');
this.openOssConfigModal();
}
} else {
@@ -695,6 +724,8 @@ handleDragLeave(e) {
this.showResendVerify = false;
this.resendVerifyEmail = '';
}
} finally {
this.loginLoading = false;
}
},
@@ -751,6 +782,7 @@ handleDragLeave(e) {
this.showToast('error', '错误', '请输入验证码');
return;
}
this.resendingVerify = true;
try {
const payload = { captcha: this.resendVerifyCaptcha };
if (this.resendVerifyEmail.includes('@')) {
@@ -772,6 +804,8 @@ handleDragLeave(e) {
// 刷新验证码
this.resendVerifyCaptcha = '';
this.refreshResendVerifyCaptcha();
} finally {
this.resendingVerify = false;
}
},
@@ -793,6 +827,7 @@ handleDragLeave(e) {
async handleRegister() {
this.errorMessage = '';
this.successMessage = '';
this.registerLoading = true;
try {
const response = await axios.post(`${this.apiBase}/api/register`, this.registerForm);
@@ -820,6 +855,8 @@ handleDragLeave(e) {
// 刷新验证码
this.registerForm.captcha = '';
this.refreshRegisterCaptcha();
} finally {
this.registerLoading = false;
}
},
@@ -957,7 +994,7 @@ handleDragLeave(e) {
);
if (response.data.success) {
alert('用户名已更新!重新登录');
this.showToast('success', '成功', '用户名已更新!即将重新登录');
// 更新用户信息(后端已通过 Cookie 更新 token
if (response.data.user) {
@@ -965,25 +1002,26 @@ handleDragLeave(e) {
localStorage.setItem('user', JSON.stringify(response.data.user));
}
// 重新登录
this.logout();
// 延迟后重新登录
setTimeout(() => this.logout(), 1500);
}
} catch (error) {
alert('修改失败: ' + (error.response?.data?.message || error.message));
this.showToast('error', '错误', '修改失败: ' + (error.response?.data?.message || error.message));
}
},
async changePassword() {
if (!this.changePasswordForm.current_password) {
alert('请输入当前密码');
this.showToast('warning', '提示', '请输入当前密码');
return;
}
if (this.changePasswordForm.new_password.length < 6) {
alert('新密码至少6个字符');
this.showToast('warning', '提示', '新密码至少6个字符');
return;
}
this.passwordChanging = true;
try {
const response = await axios.post(
`${this.apiBase}/api/user/change-password`,
@@ -994,12 +1032,14 @@ handleDragLeave(e) {
);
if (response.data.success) {
alert('密码修改成功!');
this.showToast('success', '成功', '密码修改成功!');
this.changePasswordForm.new_password = '';
this.changePasswordForm.current_password = '';
}
} catch (error) {
alert('密码修改失败: ' + (error.response?.data?.message || error.message));
this.showToast('error', '错误', '密码修改失败: ' + (error.response?.data?.message || error.message));
} finally {
this.passwordChanging = false;
}
},
@@ -1028,10 +1068,11 @@ handleDragLeave(e) {
async updateUsername() {
if (!this.usernameForm.newUsername || this.usernameForm.newUsername.length < 3) {
alert('用户名至少3个字符');
this.showToast('warning', '提示', '用户名至少3个字符');
return;
}
this.usernameChanging = true;
try {
const response = await axios.post(
`${this.apiBase}/api/user/update-username`,
@@ -1039,14 +1080,16 @@ handleDragLeave(e) {
);
if (response.data.success) {
alert('用户名修改成功!请重新登录');
this.showToast('success', '成功', '用户名修改成功!');
// 更新本地用户信息
this.user.username = this.usernameForm.newUsername;
localStorage.setItem('user', JSON.stringify(this.user));
this.usernameForm.newUsername = '';
}
} catch (error) {
alert('用户名修改失败: ' + (error.response?.data?.message || error.message));
this.showToast('error', '错误', '用户名修改失败: ' + (error.response?.data?.message || error.message));
} finally {
this.usernameChanging = false;
}
},
@@ -1058,7 +1101,7 @@ handleDragLeave(e) {
);
if (response.data.success) {
alert('邮箱已更新!');
this.showToast('success', '成功', '邮箱已更新!');
// 更新本地用户信息
if (response.data.user) {
this.user = response.data.user;
@@ -1066,7 +1109,7 @@ handleDragLeave(e) {
}
}
} catch (error) {
alert('更新失败: ' + (error.response?.data?.message || error.message));
this.showToast('error', '错误', '更新失败: ' + (error.response?.data?.message || error.message));
}
},
@@ -1269,12 +1312,12 @@ handleDragLeave(e) {
this.storagePermission = response.data.storagePermission;
}
// 更新用户本地存储信息
await this.loadUserProfile();
// 更新用户本地存储信息(使用防抖避免频繁请求)
this.debouncedLoadUserProfile();
}
} catch (error) {
console.error('加载文件失败:', error);
alert('加载文件失败: ' + (error.response?.data?.message || error.message));
this.showToast('error', '加载失败', error.response?.data?.message || error.message);
if (error.response?.status === 401) {
this.logout();
@@ -1379,7 +1422,7 @@ handleDragLeave(e) {
async renameFile() {
if (!this.renameForm.newName || this.renameForm.newName === this.renameForm.oldName) {
alert('请输入新的文件名');
this.showToast('warning', '提示', '请输入新的文件名');
return;
}
@@ -1402,6 +1445,8 @@ handleDragLeave(e) {
// 创建文件夹
async createFolder() {
if (this.creatingFolder) return; // 防止重复提交
const folderName = this.createFolderForm.folderName.trim();
if (!folderName) {
@@ -1415,6 +1460,7 @@ handleDragLeave(e) {
return;
}
this.creatingFolder = true;
try {
const response = await axios.post(`${this.apiBase}/api/files/mkdir`, {
path: this.currentPath,
@@ -1431,6 +1477,8 @@ handleDragLeave(e) {
} catch (error) {
console.error('[创建文件夹失败]', error);
this.showToast('error', '错误', error.response?.data?.message || '创建文件夹失败');
} finally {
this.creatingFolder = false;
}
},
@@ -1761,6 +1809,9 @@ handleDragLeave(e) {
},
async createShareAll() {
if (this.creatingShare) return; // 防止重复提交
this.creatingShare = true;
try {
const expiryDays = this.shareAllForm.expiryType === 'never' ? null :
this.shareAllForm.expiryType === 'custom' ? this.shareAllForm.customDays :
@@ -1783,10 +1834,15 @@ handleDragLeave(e) {
} catch (error) {
console.error('创建分享失败:', error);
this.showToast('error', '错误', error.response?.data?.message || '创建分享失败');
} finally {
this.creatingShare = false;
}
},
async createShareFile() {
if (this.creatingShare) return; // 防止重复提交
this.creatingShare = true;
try {
const expiryDays = this.shareFileForm.expiryType === 'never' ? null :
this.shareFileForm.expiryType === 'custom' ? this.shareFileForm.customDays :
@@ -1815,6 +1871,8 @@ handleDragLeave(e) {
} catch (error) {
console.error('创建分享失败:', error);
this.showToast('error', '错误', error.response?.data?.message || '创建分享失败');
} finally {
this.creatingShare = false;
}
},
@@ -1992,7 +2050,7 @@ handleDragLeave(e) {
}
} catch (error) {
console.error('加载分享列表失败:', error);
alert('加载分享列表失败: ' + (error.response?.data?.message || error.message));
this.showToast('error', '加载失败', error.response?.data?.message || error.message);
}
},
@@ -2008,7 +2066,7 @@ handleDragLeave(e) {
}
} catch (error) {
console.error('创建分享失败:', error);
alert('创建分享失败: ' + (error.response?.data?.message || error.message));
this.showToast('error', '创建失败', error.response?.data?.message || error.message);
}
},
@@ -2019,12 +2077,12 @@ handleDragLeave(e) {
const response = await axios.delete(`${this.apiBase}/api/share/${id}`);
if (response.data.success) {
alert('分享已删除');
this.showToast('success', '成功', '分享已删除');
this.loadShares();
}
} catch (error) {
console.error('删除分享失败:', error);
alert('删除分享失败: ' + (error.response?.data?.message || error.message));
this.showToast('error', '删除失败', error.response?.data?.message || error.message);
}
},
@@ -2218,7 +2276,7 @@ handleDragLeave(e) {
}
} catch (error) {
console.error('加载用户列表失败:', error);
alert('加载用户列表失败: ' + (error.response?.data?.message || error.message));
this.showToast('error', '加载失败', error.response?.data?.message || error.message);
}
},
@@ -2233,12 +2291,12 @@ handleDragLeave(e) {
);
if (response.data.success) {
alert(response.data.message);
this.showToast('success', '成功', response.data.message);
this.loadUsers();
}
} catch (error) {
console.error('操作失败:', error);
alert('操作失败: ' + (error.response?.data?.message || error.message));
this.showToast('error', '操作失败', error.response?.data?.message || error.message);
}
},
@@ -2249,12 +2307,12 @@ handleDragLeave(e) {
const response = await axios.delete(`${this.apiBase}/api/admin/users/${userId}`);
if (response.data.success) {
alert('用户已删除');
this.showToast('success', '成功', '用户已删除');
this.loadUsers();
}
} catch (error) {
console.error('删除用户失败:', error);
alert('删除用户失败: ' + (error.response?.data?.message || error.message));
this.showToast('error', '删除失败', error.response?.data?.message || error.message);
}
},
@@ -2270,6 +2328,7 @@ handleDragLeave(e) {
return;
}
this.passwordResetting = true;
try {
const response = await axios.post(
`${this.apiBase}/api/password/forgot`,
@@ -2288,6 +2347,8 @@ handleDragLeave(e) {
// 刷新验证码
this.forgotPasswordForm.captcha = '';
this.refreshForgotPasswordCaptcha();
} finally {
this.passwordResetting = false;
}
},
@@ -2296,6 +2357,7 @@ handleDragLeave(e) {
this.showToast('error', '错误', '请输入有效的重置链接和新密码至少6位');
return;
}
this.passwordResetting = true;
try {
const response = await axios.post(`${this.apiBase}/api/password/reset`, this.resetPasswordForm);
if (response.data.success) {
@@ -2309,6 +2371,8 @@ handleDragLeave(e) {
} catch (error) {
console.error('密码重置失败:', error);
this.showToast('error', '错误', error.response?.data?.message || '重置失败');
} finally {
this.passwordResetting = false;
}
},
@@ -3120,6 +3184,20 @@ handleDragLeave(e) {
// 配置axios全局设置 - 确保验证码session cookie正确传递
axios.defaults.withCredentials = true;
// 设置 axios 请求拦截器,自动添加 CSRF Token
axios.interceptors.request.use(config => {
// 从 Cookie 中读取 CSRF token
const csrfToken = document.cookie
.split('; ')
.find(row => row.startsWith('csrf_token='))
?.split('=')[1];
if (csrfToken && ['POST', 'PUT', 'DELETE', 'PATCH'].includes(config.method?.toUpperCase())) {
config.headers['X-CSRF-Token'] = csrfToken;
}
return config;
});
// 初始化调试模式状态
this.debugMode = localStorage.getItem('debugMode') === 'true';

2
frontend/reset-password.html
View File

@@ -401,7 +401,7 @@
submitBtn.innerHTML = '<i class="fas fa-spinner fa-spin"></i> 处理中...';
try {
const res = await fetch('/api/auth/reset-password', {
const res = await fetch('/api/password/reset', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({

36
frontend/share.html
View File

@@ -709,11 +709,7 @@
<!-- 大图标视图 - 多文件网格显示 -->
<div v-else-if="!viewingFile && viewMode === 'grid'" class="file-grid">
<div v-for="file in files" :key="file.name" class="file-grid-item"
@click="handleFileClick(file)"
@contextmenu="showFileContextMenu($event, file)"
@touchstart="startLongPress($event, file)"
@touchend="cancelLongPress"
@touchmove="cancelLongPress">
@click="handleFileClick(file)">
<i class="file-grid-icon fas" :class="getFileIcon(file)" :style="getIconColor(file)"></i>
<div class="file-grid-name" :title="file.name">{{ file.name }}</div>
<div class="file-grid-size">{{ file.sizeFormatted }}</div>
@@ -773,21 +769,6 @@
viewMode: "grid", // 视图模式: grid 大图标, list 列表(默认大图标)
// 主题
currentTheme: 'dark',
// 媒体预览
showImageViewer: false,
showVideoPlayer: false,
showAudioPlayer: false,
currentMediaUrl: '',
currentMediaName: '',
currentMediaType: '', // 'image', 'video', 'audio'
// 右键菜单
showContextMenu: false,
contextMenuX: 0,
contextMenuY: 0,
contextMenuFile: null,
// 长按支持(移动端)
longPressTimer: null,
longPressFile: null,
// 查看单个文件详情(用于多文件分享时点击查看)
viewingFile: null
};
@@ -893,19 +874,10 @@
}
},
// 处理文件点击 - 可预览的文件打开预览,其他文件查看详情
// 处理文件点击 - 显示文件详情页面
handleFileClick(file) {
// 如果是图片/视频/音频,打开媒体预览
const isImage = /\.(jpg|jpeg|png|gif|bmp|webp|svg)$/i.test(file.name);
const isVideo = /\.(mp4|webm|ogg|mov)$/i.test(file.name);
const isAudio = /\.(mp3|wav|ogg|m4a|flac)$/i.test(file.name);
if (isImage || isVideo || isAudio) {
this.previewMedia(file);
} else {
// 其他文件类型,显示详情页面
this.viewFileDetail(file);
}
// 所有文件类型都显示详情页面(分享页面不提供媒体预览
this.viewFileDetail(file);
},
// 查看文件详情(放大显示)

6
frontend/verify.html
View File

@@ -266,11 +266,7 @@
}
try {
const res = await fetch('/api/auth/verify-email', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ token })
});
const res = await fetch(`/api/verify-email?token=${encodeURIComponent(token)}`);
const data = await res.json();