feat: 实现完整安全防护系统

Phase 1 - 威胁检测引擎:
- security/threat_detector.py: JNDI/SQL/XSS/路径遍历/命令注入检测
- security/constants.py: 威胁检测规则和评分常量
- 数据库表: threat_events, ip_risk_scores, user_risk_scores, ip_blacklist

Phase 2 - 风险评分与黑名单:
- security/risk_scorer.py: IP/用户风险评分引擎，支持分数衰减
- security/blacklist.py: 黑名单管理，自动封禁规则

Phase 3 - 响应策略:
- security/honeypot.py: 蜜罐响应生成器
- security/response_handler.py: 渐进式响应策略

Phase 4 - 集成:
- security/middleware.py: Flask安全中间件
- routes/admin_api/security.py: 管理后台安全仪表板API
- 36个测试用例全部通过

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

routes/__init__.py

@@ -5,6 +5,7 @@ from __future__ import annotations
 
 def register_blueprints(app) -> None:
     from routes.admin_api import admin_api_bp
+    from routes.admin_api import security_bp as admin_security_bp
     from routes.api_accounts import api_accounts_bp
     from routes.api_auth import api_auth_bp
     from routes.api_schedules import api_schedules_bp
@@ -21,3 +22,6 @@ def register_blueprints(app) -> None:
     app.register_blueprint(api_screenshots_bp)
     app.register_blueprint(api_schedules_bp)
     app.register_blueprint(admin_api_bp)
+    # Security admin APIs (support both /api/admin/* and /yuyx/api/admin/*)
+    app.register_blueprint(admin_security_bp)
+    app.register_blueprint(admin_security_bp, url_prefix="/yuyx", name="admin_security_yuyx")