237899745/zsglpt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 添加安全模块 + Dockerfile添加curl支持健康检查

Browse Source 
主要更新:
- 新增 security/ 安全模块 (风险评估、威胁检测、蜜罐等)
- Dockerfile 添加 curl 以支持 Docker 健康检查
- 前端页面更新 (管理后台、用户端)
- 数据库迁移和 schema 更新
- 新增 kdocs 上传服务
- 添加安全相关测试用例

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Yu Yon
2026-01-08 17:48:33 +08:00
parent e3b0c35da6
commit 53c78e8e3c
76 changed files with 8563 additions and 4709 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
templates/admin.html
View File

@@ -5,13 +5,48 @@
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0" />
<title>后台管理 - 知识管理平台</title>
{% for css_file in admin_spa_css_files %}
{% if admin_spa_build_id %}
<link rel="stylesheet" href="{{ url_for('serve_static', filename=css_file, v=admin_spa_build_id) }}" />
{% else %}
<link rel="stylesheet" href="{{ url_for('serve_static', filename=css_file) }}" />
{% endif %}
{% endfor %}
</head>
<body>
<noscript>该页面需要启用 JavaScript 才能使用。</noscript>
<script>
(function () {
var search = window.location.search || ''
if (search.indexOf('legacy=1') !== -1) {
return
}
var needsLegacy = false
try {
new Function('let a = 1; const b = 2;')
} catch (e) {
needsLegacy = true
}
if (!window.Promise || !window.Proxy) {
needsLegacy = true
}
if (needsLegacy) {
var href = window.location.href
var hash = ''
var hashIndex = href.indexOf('#')
if (hashIndex !== -1) {
hash = href.slice(hashIndex)
href = href.slice(0, hashIndex)
}
var sep = href.indexOf('?') !== -1 ? '&' : '?'
window.location.replace(href + sep + 'legacy=1' + hash)
}
})()
</script>
<div id="app"></div>
{% if admin_spa_build_id %}
<script type="module" src="{{ url_for('serve_static', filename=admin_spa_js_file, v=admin_spa_build_id) }}"></script>
{% else %}
<script type="module" src="{{ url_for('serve_static', filename=admin_spa_js_file) }}"></script>
{% endif %}
</body>
</html>

235
templates/admin_legacy.html
View File

@@ -754,9 +754,6 @@
<div id="tab-pending" class="tab-content active">
<h3 style="margin-bottom: 15px; font-size: 16px;">用户注册审核</h3>
<div id="pendingUsersList"></div>
<h3 style="margin-top: 30px; margin-bottom: 15px; font-size: 16px;">密码重置审核</h3>
<div id="passwordResetsList"></div>
</div>
<!-- 所有用户 -->
@@ -811,7 +808,7 @@
<label>截图最大并发数</label>
<input type="number" id="maxScreenshotConcurrent" min="1" value="3" style="max-width: 200px;">
<div style="font-size: 12px; color: #666; margin-top: 5px;">
说明:同时进行截图的最大数量。每个浏览器约占用200MB内存
说明:同时进行截图的最大数量。wkhtmltoimage 资源占用较低,可按需提高
</div>
</div>
@@ -825,7 +822,7 @@
启用定时任务
</label>
<div style="font-size: 12px; color: #666; margin-top: 5px;">
开启后,系统将在指定时间自动执行所有账号的浏览任务(不包含截图)
开启后,系统将在指定时间自动执行所有账号的浏览任务,是否截图由下方开关决定。
</div>
</div>
@@ -882,6 +879,16 @@
</div>
</div>
<div class="form-group" id="scheduleScreenshotGroup" style="display: none;">
<label style="display: flex; align-items: center; gap: 10px;">
<input type="checkbox" id="enableScreenshot" style="width: auto; max-width: none;">
定时任务截图
</label>
<div style="font-size: 12px; color: #666; margin-top: 5px;">
开启后,定时任务执行时会生成截图。
</div>
</div>
<div id="scheduleActions" style="margin-top: 15px; display: flex; gap: 10px;">
<button class="btn btn-primary" onclick="updateSchedule()">保存定时任务配置</button>
<button class="btn btn-success" onclick="executeScheduleNow()" style="background: linear-gradient(135deg, #11998e 0%, #38ef7d 100%);">
@@ -1226,6 +1233,18 @@
<label>公告内容</label>
<textarea id="announcementContent" rows="5" placeholder="请输入公告内容(将以弹窗形式展示)"></textarea>
</div>
<div class="form-group">
<label>公告图片(可选)</label>
<div style="display: flex; align-items: center; gap: 10px; flex-wrap: wrap;">
<button class="btn btn-secondary" onclick="triggerAnnouncementImageUpload()">+ 上传图片</button>
<button class="btn" onclick="clearAnnouncementImage()" style="background: #eee;">移除</button>
<input type="file" id="announcementImageFile" accept="image/*" style="display: none;" onchange="uploadAnnouncementImageFile()">
<input type="text" id="announcementImageUrl" placeholder="上传后自动填充" readonly style="flex: 1; min-width: 220px;">
</div>
<div id="announcementImagePreview" style="display: none; margin-top: 8px;">
<img id="announcementImagePreviewImg" src="" alt="公告图片预览" style="max-width: 260px; max-height: 160px; border-radius: 8px; border: 1px solid #e5e7eb; object-fit: contain;">
</div>
</div>
<div style="display: flex; gap: 10px; flex-wrap: wrap;">
<button class="btn btn-primary" onclick="createAnnouncement(true)">发布并启用</button>
<button class="btn btn-secondary" onclick="createAnnouncement(false)">保存但不启用</button>
@@ -1536,7 +1555,6 @@
loadAnnouncements();
loadSystemConfig();
loadProxyConfig();
loadPasswordResets(); // 修复: 初始化时也加载密码重置申请
loadFeedbacks(); // 加载反馈统计更新徽章
// 恢复上次的标签页
@@ -1626,6 +1644,7 @@
<th style="width: 70px;">ID</th>
<th>标题</th>
<th style="width: 90px;">状态</th>
<th style="width: 70px;">图片</th>
<th style="width: 170px;">创建时间</th>
<th style="width: 220px;">操作</th>
</tr>
@@ -1640,6 +1659,7 @@
${a.is_active ? '启用' : '停用'}
</span>
</td>
<td>${a.image_url ? '有图' : '-'}</td>
<td>${a.created_at || '-'}</td>
<td>
<div class="action-buttons">
@@ -1664,17 +1684,82 @@
const content = document.getElementById('announcementContent');
if (title) title.value = '';
if (content) content.value = '';
clearAnnouncementImage();
}
function triggerAnnouncementImageUpload() {
const input = document.getElementById('announcementImageFile');
if (input) input.click();
}
async function uploadAnnouncementImageFile() {
const input = document.getElementById('announcementImageFile');
const urlInput = document.getElementById('announcementImageUrl');
const file = input?.files?.[0];
if (!file || !urlInput) return;
if (file.type && !String(file.type).startsWith('image/')) {
showNotification('请选择图片文件', 'error');
input.value = '';
return;
}
const formData = new FormData();
formData.append('file', file);
try {
const response = await fetch('/yuyx/api/announcements/upload_image', {
method: 'POST',
body: formData
});
const data = await response.json();
if (!response.ok || !data?.success) {
showNotification(data?.error || '上传失败', 'error');
return;
}
urlInput.value = data.url || '';
updateAnnouncementImagePreview();
showNotification('上传成功', 'success');
} catch (e) {
showNotification('上传失败', 'error');
} finally {
input.value = '';
}
}
function clearAnnouncementImage() {
const imageUrl = document.getElementById('announcementImageUrl');
const imageFile = document.getElementById('announcementImageFile');
if (imageUrl) imageUrl.value = '';
if (imageFile) imageFile.value = '';
updateAnnouncementImagePreview();
}
function updateAnnouncementImagePreview() {
const imageUrl = document.getElementById('announcementImageUrl');
const previewWrap = document.getElementById('announcementImagePreview');
const previewImg = document.getElementById('announcementImagePreviewImg');
if (!imageUrl || !previewWrap || !previewImg) return;
const url = String(imageUrl.value || '').trim();
if (url) {
previewImg.src = url;
previewWrap.style.display = 'block';
} else {
previewImg.removeAttribute('src');
previewWrap.style.display = 'none';
}
}
function viewAnnouncement(id) {
const announcement = announcements.find(a => a.id === id);
if (!announcement) return;
alert(`标题:${announcement.title || ''}\n\n内容:\n${announcement.content || ''}`);
const imageLine = announcement.image_url ? `\n图片:${announcement.image_url}` : '';
alert(`标题:${announcement.title || ''}${imageLine}\n\n内容:\n${announcement.content || ''}`);
}
async function createAnnouncement(isActive) {
const title = (document.getElementById('announcementTitle')?.value || '').trim();
const content = (document.getElementById('announcementContent')?.value || '').trim();
const image_url = (document.getElementById('announcementImageUrl')?.value || '').trim();
if (!title || !content) {
showNotification('标题和内容不能为空', 'error');
return;
@@ -1684,7 +1769,7 @@
const response = await fetch('/yuyx/api/announcements', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ title, content, is_active: !!isActive })
body: JSON.stringify({ title, content, image_url, is_active: !!isActive })
});
const data = await response.json();
if (!response.ok) {
@@ -2048,8 +2133,13 @@
return;
}
if (newPassword.length < 6) {
showNotification('密码至少6个字符', 'error');
if (newPassword.length < 8) {
showNotification('密码长度至少8位', 'error');
return;
}
if (!/[a-zA-Z]/.test(newPassword) || !/\d/.test(newPassword)) {
showNotification('密码必须包含字母和数字', 'error');
return;
}
@@ -2107,6 +2197,8 @@
document.getElementById('scheduleEnabled').checked = config.schedule_enabled === 1;
document.getElementById('scheduleTime').value = config.schedule_time || '02:00';
document.getElementById('scheduleBrowseType').value = config.schedule_browse_type || '应读';
var enableScreenshot = config.enable_screenshot;
document.getElementById('enableScreenshot').checked = enableScreenshot === 1 || enableScreenshot === true || enableScreenshot === undefined;
// 加载星期选择
const weekdays = config.schedule_weekdays || '1,2,3,4,5,6,7';
@@ -2132,15 +2224,18 @@
const timeGroup = document.getElementById('scheduleTimeGroup');
const browseTypeGroup = document.getElementById('scheduleBrowseTypeGroup');
const weekdaysGroup = document.getElementById('scheduleWeekdaysGroup');
const screenshotGroup = document.getElementById('scheduleScreenshotGroup');
if (enabled) {
timeGroup.style.display = 'block';
browseTypeGroup.style.display = 'block';
weekdaysGroup.style.display = 'block';
screenshotGroup.style.display = 'block';
} else {
timeGroup.style.display = 'none';
browseTypeGroup.style.display = 'none';
weekdaysGroup.style.display = 'none';
screenshotGroup.style.display = 'none';
}
// 保存按钮始终显示,无论是开启还是关闭定时任务
}
@@ -2313,6 +2408,7 @@
const enabled = document.getElementById('scheduleEnabled').checked;
const time = document.getElementById('scheduleTime').value;
const browseType = document.getElementById('scheduleBrowseType').value;
const enableScreenshot = document.getElementById('enableScreenshot').checked;
// 获取选中的星期
const selectedWeekdays = [];
@@ -2330,7 +2426,7 @@
const weekdayDisplay = selectedWeekdays.map(d => weekdayNames[parseInt(d)]).join('、');
const message = enabled
? `确定启用定时任务吗?\n\n执行时间: 每天 ${time}\n执行日期: ${weekdayDisplay}\n浏览类型: ${browseType}\n\n系统将自动执行所有账号的浏览任务(不包含截图)`
? `确定启用定时任务吗?\n\n执行时间: 每天 ${time}\n执行日期: ${weekdayDisplay}\n浏览类型: ${browseType}\n截图: ${enableScreenshot ? '截图' : '不截图'}\n\n系统将自动执行所有账号的浏览任务`
: `确定关闭定时任务吗?`;
if (!confirm(message)) return;
@@ -2343,7 +2439,8 @@
schedule_enabled: enabled ? 1 : 0,
schedule_time: time,
schedule_browse_type: browseType,
schedule_weekdays: weekdaysStr
schedule_weekdays: weekdaysStr,
enable_screenshot: enableScreenshot ? 1 : 0
})
});
@@ -2771,119 +2868,21 @@
} else if (tabName === 'logs') {
loadLogUserOptions();
loadTaskLogs();
} else if (tabName === 'pending') {
loadPasswordResets();
}
};
// ==================== 密码重置功能 ====================
// 管理员直接重置用户密码
async function resetUserPassword(userId) {
const newPassword = prompt('请输入新密码至少8位且包含字母和数字:');
if (!newPassword) return;
let passwordResets = [];
// 加载密码重置申请列表
async function loadPasswordResets() {
try {
const response = await fetch('/yuyx/api/password_resets');
if (response.ok) {
passwordResets = await response.json();
renderPasswordResets();
}
} catch (error) {
console.error('加载密码重置申请失败:', error);
}
}
// 渲染密码重置申请列表
function renderPasswordResets() {
const container = document.getElementById('passwordResetsList');
if (passwordResets.length === 0) {
container.innerHTML = '<div class="empty-message">暂无密码重置申请</div>';
if (newPassword.length < 8) {
showNotification('密码长度至少8位', 'error');
return;
}
container.innerHTML = `
<div class="table-container">
<table>
<thead>
<tr>
<th>申请ID</th>
<th>用户名</th>
<th>邮箱</th>
<th>申请时间</th>
<th>操作</th>
</tr>
</thead>
<tbody>
${passwordResets.map(reset => `
<tr>
<td>${reset.id}</td>
<td><strong>${escapeHtml(reset.username)}</strong></td>
<td>${escapeHtml(reset.email || '-')}</td>
<td>${escapeHtml(reset.created_at)}</td>
<td>
<div class="action-buttons">
<button class="btn btn-small btn-success" onclick="approvePasswordReset(${reset.id})">批准</button>
<button class="btn btn-small btn-danger" onclick="rejectPasswordReset(${reset.id})">拒绝</button>
</div>
</td>
</tr>
`).join('')}
</tbody>
</table>
</div>
`;
}
// 批准密码重置申请
async function approvePasswordReset(requestId) {
if (!confirm('确定批准该密码重置申请吗?')) return;
try {
const response = await fetch(`/yuyx/api/password_resets/${requestId}/approve`, {
method: 'POST'
});
const data = await response.json();
if (response.ok) {
showNotification('密码重置申请已批准', 'success');
loadPasswordResets();
} else {
showNotification('批准失败: ' + data.error, 'error');
}
} catch (error) {
showNotification('批准失败: ' + error.message, 'error');
}
}
// 拒绝密码重置申请
async function rejectPasswordReset(requestId) {
if (!confirm('确定拒绝该密码重置申请吗?')) return;
try {
const response = await fetch(`/yuyx/api/password_resets/${requestId}/reject`, {
method: 'POST'
});
const data = await response.json();
if (response.ok) {
showNotification('密码重置申请已拒绝', 'success');
loadPasswordResets();
} else {
showNotification('拒绝失败: ' + data.error, 'error');
}
} catch (error) {
showNotification('拒绝失败: ' + error.message, 'error');
}
}
// 管理员直接重置用户密码
async function resetUserPassword(userId) {
const newPassword = prompt('请输入新密码至少6位:');
if (!newPassword) return;
if (newPassword.length < 6) {
showNotification('密码长度至少6位', 'error');
if (!/[a-zA-Z]/.test(newPassword) || !/\d/.test(newPassword)) {
showNotification('密码必须包含字母和数字', 'error');
return;
}

8
templates/app.html
View File

@@ -5,7 +5,11 @@
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0" />
<title>知识管理平台</title>
{% for css_file in app_spa_css_files %}
{% if app_spa_build_id %}
<link rel="stylesheet" href="{{ url_for('serve_static', filename=css_file, v=app_spa_build_id) }}" />
{% else %}
<link rel="stylesheet" href="{{ url_for('serve_static', filename=css_file) }}" />
{% endif %}
{% endfor %}
</head>
<body>
@@ -16,6 +20,10 @@
window.__APP_INITIAL_STATE__ = {{ app_spa_initial_state | tojson }};
</script>
{% endif %}
{% if app_spa_build_id %}
<script type="module" src="{{ url_for('serve_static', filename=app_spa_js_file, v=app_spa_build_id) }}"></script>
{% else %}
<script type="module" src="{{ url_for('serve_static', filename=app_spa_js_file) }}"></script>
{% endif %}
</body>
</html>

2394
templates/index.html
View File

File diff suppressed because it is too large Load Diff

449
templates/login.html
View File

@@ -1,449 +0,0 @@
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>登录 - 知识管理平台</title>
<style>
:root {
--md-primary: #1976D2;
--md-primary-dark: #1565C0;
--md-primary-light: #BBDEFB;
--md-background: #FAFAFA;
--md-surface: #FFFFFF;
--md-error: #B00020;
--md-success: #4CAF50;
--md-on-primary: #FFFFFF;
--md-on-surface: #212121;
--md-on-surface-medium: #666666;
--md-shadow-lg: 0 8px 30px rgba(0,0,0,0.12);
}
* { margin: 0; padding: 0; box-sizing: border-box; }
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
min-height: 100vh;
display: flex;
justify-content: center;
align-items: center;
padding: 20px;
}
.login-card {
background: var(--md-surface);
border-radius: 16px;
box-shadow: var(--md-shadow-lg);
width: 100%;
max-width: 400px;
overflow: hidden;
}
.login-header {
background: var(--md-primary);
color: var(--md-on-primary);
padding: 32px 24px;
text-align: center;
}
.login-header .logo { font-size: 48px; margin-bottom: 12px; }
.login-header h1 { font-size: 24px; font-weight: 500; margin-bottom: 4px; }
.login-header p { font-size: 14px; opacity: 0.9; }
.login-body { padding: 32px 24px; }
.form-group { margin-bottom: 24px; }
.form-group label { display: block; font-size: 14px; font-weight: 500; color: var(--md-on-surface-medium); margin-bottom: 8px; }
.form-group input {
width: 100%;
padding: 14px 16px;
border: 2px solid #E0E0E0;
border-radius: 8px;
font-size: 16px;
transition: all 0.2s;
background: #FAFAFA;
}
.form-group input:focus {
outline: none;
border-color: var(--md-primary);
background: var(--md-surface);
box-shadow: 0 0 0 3px var(--md-primary-light);
}
.captcha-row { display: flex; gap: 12px; align-items: center; }
.captcha-row input { flex: 1; }
.captcha-code {
font-size: 20px;
font-weight: bold;
letter-spacing: 4px;
color: var(--md-primary);
padding: 10px 16px;
background: var(--md-primary-light);
border-radius: 8px;
user-select: none;
}
.captcha-refresh {
padding: 10px 16px;
background: #F5F5F5;
border: none;
border-radius: 8px;
cursor: pointer;
font-size: 18px;
}
.captcha-refresh:hover { background: #EEEEEE; }
.forgot-link { text-align: right; margin-top: -16px; margin-bottom: 24px; }
.forgot-link a { color: var(--md-primary); text-decoration: none; font-size: 14px; font-weight: 500; }
.forgot-link a:hover { text-decoration: underline; }
.btn-login {
width: 100%;
padding: 16px;
background: var(--md-primary);
color: var(--md-on-primary);
border: none;
border-radius: 8px;
font-size: 16px;
font-weight: 600;
cursor: pointer;
transition: all 0.2s;
text-transform: uppercase;
letter-spacing: 1px;
}
.btn-login:hover { background: var(--md-primary-dark); box-shadow: 0 4px 12px rgba(25, 118, 210, 0.4); }
.register-link {
text-align: center;
margin-top: 24px;
padding-top: 24px;
border-top: 1px solid #E0E0E0;
color: var(--md-on-surface-medium);
font-size: 14px;
}
.register-link a { color: var(--md-primary); text-decoration: none; font-weight: 600; }
.register-link a:hover { text-decoration: underline; }
.message { padding: 12px 16px; border-radius: 8px; margin-bottom: 20px; font-size: 14px; display: none; }
.message.error { background: #FFEBEE; color: var(--md-error); border: 1px solid #FFCDD2; }
.message.success { background: #E8F5E9; color: var(--md-success); border: 1px solid #C8E6C9; }
.modal-overlay {
position: fixed; top: 0; left: 0; right: 0; bottom: 0;
background: rgba(0,0,0,0.5);
display: flex; justify-content: center; align-items: center;
opacity: 0; visibility: hidden; transition: all 0.3s; z-index: 1000; padding: 20px;
}
.modal-overlay.active { opacity: 1; visibility: visible; }
.modal {
background: var(--md-surface);
border-radius: 16px;
width: 100%; max-width: 400px;
box-shadow: var(--md-shadow-lg);
transform: translateY(-20px); transition: transform 0.3s;
}
.modal-overlay.active .modal { transform: translateY(0); }
.modal-header { padding: 24px; border-bottom: 1px solid #E0E0E0; }
.modal-header h2 { font-size: 20px; font-weight: 500; margin-bottom: 4px; }
.modal-header p { font-size: 14px; color: var(--md-on-surface-medium); }
.modal-body { padding: 24px; }
.modal-footer { padding: 16px 24px; border-top: 1px solid #E0E0E0; display: flex; gap: 12px; justify-content: flex-end; }
.btn-secondary { padding: 12px 24px; background: #F5F5F5; color: var(--md-on-surface); border: none; border-radius: 8px; font-size: 14px; font-weight: 600; cursor: pointer; }
.btn-secondary:hover { background: #EEEEEE; }
.btn-primary { padding: 12px 24px; background: var(--md-primary); color: var(--md-on-primary); border: none; border-radius: 8px; font-size: 14px; font-weight: 600; cursor: pointer; }
.btn-primary:hover { background: var(--md-primary-dark); }
@media (max-width: 480px) {
body { padding: 12px; }
.login-card { max-width: 100%; }
.login-header { padding: 24px 20px; }
.login-header .logo { font-size: 40px; margin-bottom: 10px; }
.login-header h1 { font-size: 20px; }
.login-header p { font-size: 13px; }
.login-body { padding: 24px 20px; }
.form-group { margin-bottom: 20px; }
.form-group label { font-size: 13px; }
.form-group input { padding: 12px 14px; font-size: 16px; } /* iOS防止自动缩放 */
.captcha-code { padding: 8px 12px; font-size: 18px; letter-spacing: 3px; }
.captcha-refresh { padding: 8px 12px; font-size: 16px; }
.btn-login { padding: 14px; font-size: 15px; }
.modal { max-width: 100%; }
.modal-header, .modal-body { padding: 20px; }
.modal-header h2 { font-size: 18px; }
.modal-footer { padding: 14px 20px; flex-direction: column; }
.modal-footer button { width: 100%; }
}
</style>
</head>
<body>
<div class="login-card">
<div class="login-header">
<div class="logo">📚</div>
<h1>知识管理平台</h1>
<p>自动化浏览学习内容</p>
</div>
<div class="login-body">
<div id="errorMessage" class="message error"></div>
<div id="successMessage" class="message success"></div>
<form id="loginForm" onsubmit="handleLogin(event)">
<div class="form-group">
<label for="username">用户名</label>
<input type="text" id="username" name="username" placeholder="请输入用户名" required>
</div>
<div class="form-group">
<label for="password">密码</label>
<input type="password" id="password" name="password" placeholder="请输入密码" required>
</div>
<div id="captchaGroup" class="form-group" style="display: none;">
<label for="captcha">验证码</label>
<div class="captcha-row">
<input type="text" id="captcha" name="captcha" placeholder="请输入验证码">
<img id="captchaImage" src="" alt="验证码" style="height: 50px; border: 1px solid #ddd; border-radius: 4px; cursor: pointer;" onclick="refreshCaptcha()" title="点击刷新">
<button type="button" class="captcha-refresh" onclick="refreshCaptcha()">🔄</button>
</div>
</div>
<div class="forgot-link">
<a href="#" onclick="showForgotPassword(event)">忘记密码?</a>
<span id="resendVerifyLink" style="display: none; margin-left: 16px;"><a href="#" onclick="showResendVerify(event)">重发验证邮件</a></span>
</div>
<button type="submit" class="btn-login">登 录</button>
</form>
<div class="register-link">还没有账号? <a href="/register">立即注册</a></div>
</div>
</div>
<div id="forgotPasswordModal" class="modal-overlay" onclick="if(event.target===this)closeForgotPassword()">
<div class="modal">
<div class="modal-header"><h2>重置密码</h2><p id="resetModalDesc">填写信息后等待管理员审核</p></div>
<div class="modal-body">
<div id="modalErrorMessage" class="message error"></div>
<div id="modalSuccessMessage" class="message success"></div>
<!-- 邮件重置方式(启用邮件功能时显示) -->
<form id="emailResetForm" onsubmit="handleEmailReset(event)" style="display: none;">
<div class="form-group"><label>邮箱</label><input type="email" id="emailResetEmail" placeholder="请输入注册邮箱" required></div>
<div class="form-group">
<label>验证码</label>
<div class="captcha-row">
<input type="text" id="emailResetCaptcha" placeholder="请输入验证码" required>
<img id="emailResetCaptchaImage" src="" alt="验证码" style="height: 50px; border: 1px solid #ddd; border-radius: 4px; cursor: pointer;" onclick="refreshEmailResetCaptcha()" title="点击刷新">
<button type="button" class="captcha-refresh" onclick="refreshEmailResetCaptcha()">🔄</button>
</div>
</div>
</form>
<!-- 管理员审核方式(未启用邮件功能时显示) -->
<form id="resetPasswordForm" onsubmit="handleResetPassword(event)">
<div class="form-group"><label>用户名</label><input type="text" id="resetUsername" placeholder="请输入用户名" required></div>
<div class="form-group"><label>邮箱(可选)</label><input type="email" id="resetEmail" placeholder="用于验证身份"></div>
<div class="form-group"><label>新密码</label><input type="password" id="resetNewPassword" placeholder="至少8位包含字母和数字" required></div>
</form>
</div>
<div class="modal-footer">
<button type="button" class="btn-secondary" onclick="closeForgotPassword()">取消</button>
<button type="button" class="btn-primary" id="resetSubmitBtn" onclick="submitResetForm()">提交申请</button>
</div>
</div>
</div>
<!-- 重发验证邮件弹窗 -->
<div id="resendVerifyModal" class="modal-overlay" onclick="if(event.target===this)closeResendVerify()">
<div class="modal">
<div class="modal-header"><h2>重发验证邮件</h2><p>输入注册时使用的邮箱</p></div>
<div class="modal-body">
<div id="resendErrorMessage" class="message error"></div>
<div id="resendSuccessMessage" class="message success"></div>
<form id="resendVerifyForm" onsubmit="handleResendVerify(event)">
<div class="form-group"><label>邮箱</label><input type="email" id="resendEmail" placeholder="请输入注册邮箱" required></div>
<div class="form-group">
<label>验证码</label>
<div class="captcha-row">
<input type="text" id="resendCaptcha" placeholder="请输入验证码" required>
<img id="resendCaptchaImage" src="" alt="验证码" style="height: 50px; border: 1px solid #ddd; border-radius: 4px; cursor: pointer;" onclick="refreshResendCaptcha()" title="点击刷新">
<button type="button" class="captcha-refresh" onclick="refreshResendCaptcha()">🔄</button>
</div>
</div>
</form>
</div>
<div class="modal-footer">
<button type="button" class="btn-secondary" onclick="closeResendVerify()">取消</button>
<button type="button" class="btn-primary" onclick="document.getElementById('resendVerifyForm').dispatchEvent(new Event('submit'))">发送验证邮件</button>
</div>
</div>
</div>
<script>
let captchaSession = '';
let resendCaptchaSession = '';
let emailResetCaptchaSession = '';
let needCaptcha = false;
let emailEnabled = false;
// 页面加载时检查邮箱验证是否启用
window.onload = async function() {
try {
const resp = await fetch('/api/email/verify-status');
const data = await resp.json();
emailEnabled = data.email_enabled;
if (data.register_verify_enabled) {
document.getElementById('resendVerifyLink').style.display = 'inline';
}
} catch (e) {
console.log('获取邮箱验证状态失败', e);
}
};
async function handleLogin(event) {
event.preventDefault();
const username = document.getElementById('username').value.trim();
const password = document.getElementById('password').value.trim();
const captcha = document.getElementById('captcha') ? document.getElementById('captcha').value.trim() : '';
const errorDiv = document.getElementById('errorMessage');
const successDiv = document.getElementById('successMessage');
errorDiv.style.display = 'none';
successDiv.style.display = 'none';
if (!username || !password) { errorDiv.textContent = '用户名和密码不能为空'; errorDiv.style.display = 'block'; return; }
if (needCaptcha && !captcha) { errorDiv.textContent = '请输入验证码'; errorDiv.style.display = 'block'; return; }
try {
const response = await fetch('/api/login', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ username, password, captcha_session: captchaSession, captcha, need_captcha: needCaptcha }) });
const data = await response.json();
if (response.ok) { successDiv.textContent = '登录成功,正在跳转...'; successDiv.style.display = 'block'; setTimeout(() => { window.location.href = '/app'; }, 500); }
else { errorDiv.textContent = data.error || '登录失败'; errorDiv.style.display = 'block'; if (data.need_captcha) { needCaptcha = true; document.getElementById('captchaGroup').style.display = 'block'; await generateCaptcha(); } }
} catch (error) { errorDiv.textContent = '网络错误'; errorDiv.style.display = 'block'; }
}
async function showForgotPassword(event) {
event.preventDefault();
document.getElementById('forgotPasswordModal').classList.add('active');
document.getElementById('modalErrorMessage').style.display = 'none';
document.getElementById('modalSuccessMessage').style.display = 'none';
// 根据邮件功能状态切换显示
if (emailEnabled) {
document.getElementById('emailResetForm').style.display = 'block';
document.getElementById('resetPasswordForm').style.display = 'none';
document.getElementById('resetModalDesc').textContent = '输入注册邮箱,我们将发送重置链接';
document.getElementById('resetSubmitBtn').textContent = '发送重置邮件';
await generateEmailResetCaptcha();
} else {
document.getElementById('emailResetForm').style.display = 'none';
document.getElementById('resetPasswordForm').style.display = 'block';
document.getElementById('resetModalDesc').textContent = '填写信息后等待管理员审核';
document.getElementById('resetSubmitBtn').textContent = '提交申请';
}
}
function closeForgotPassword() {
document.getElementById('forgotPasswordModal').classList.remove('active');
document.getElementById('resetPasswordForm').reset();
document.getElementById('emailResetForm').reset();
document.getElementById('modalErrorMessage').style.display = 'none';
document.getElementById('modalSuccessMessage').style.display = 'none';
}
function submitResetForm() {
if (emailEnabled) {
document.getElementById('emailResetForm').dispatchEvent(new Event('submit'));
} else {
document.getElementById('resetPasswordForm').dispatchEvent(new Event('submit'));
}
}
async function handleResetPassword(event) {
event.preventDefault();
const username = document.getElementById('resetUsername').value.trim();
const email = document.getElementById('resetEmail').value.trim();
const newPassword = document.getElementById('resetNewPassword').value.trim();
const errorDiv = document.getElementById('modalErrorMessage');
const successDiv = document.getElementById('modalSuccessMessage');
errorDiv.style.display = 'none'; successDiv.style.display = 'none';
if (!username || !newPassword) { errorDiv.textContent = '用户名和新密码不能为空'; errorDiv.style.display = 'block'; return; }
if (newPassword.length < 8) { errorDiv.textContent = '密码长度至少8位'; errorDiv.style.display = 'block'; return; }
if (!/[a-zA-Z]/.test(newPassword) || !/\d/.test(newPassword)) { errorDiv.textContent = '密码必须包含字母和数字'; errorDiv.style.display = 'block'; return; }
try {
const response = await fetch('/api/reset_password_request', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ username, email, new_password: newPassword }) });
const data = await response.json();
if (response.ok) { successDiv.textContent = '申请已提交,请等待审核'; successDiv.style.display = 'block'; setTimeout(closeForgotPassword, 2000); }
else { errorDiv.textContent = data.error || '申请失败'; errorDiv.style.display = 'block'; }
} catch (error) { errorDiv.textContent = '网络错误'; errorDiv.style.display = 'block'; }
}
async function generateCaptcha() { try { const response = await fetch('/api/generate_captcha', { method: 'POST', headers: { 'Content-Type': 'application/json' } }); const data = await response.json(); if (data.session_id && data.captcha_image) { captchaSession = data.session_id; document.getElementById('captchaImage').src = data.captcha_image; } } catch (error) { console.error('生成验证码失败:', error); } }
async function refreshCaptcha() { await generateCaptcha(); document.getElementById('captcha').value = ''; }
// 邮件方式重置密码相关函数
async function generateEmailResetCaptcha() {
try {
const response = await fetch('/api/generate_captcha', { method: 'POST', headers: { 'Content-Type': 'application/json' } });
const data = await response.json();
if (data.session_id && data.captcha_image) {
emailResetCaptchaSession = data.session_id;
document.getElementById('emailResetCaptchaImage').src = data.captcha_image;
}
} catch (error) { console.error('生成验证码失败:', error); }
}
async function refreshEmailResetCaptcha() { await generateEmailResetCaptcha(); document.getElementById('emailResetCaptcha').value = ''; }
async function handleEmailReset(event) {
event.preventDefault();
const email = document.getElementById('emailResetEmail').value.trim();
const captcha = document.getElementById('emailResetCaptcha').value.trim();
const errorDiv = document.getElementById('modalErrorMessage');
const successDiv = document.getElementById('modalSuccessMessage');
errorDiv.style.display = 'none'; successDiv.style.display = 'none';
if (!email) { errorDiv.textContent = '请输入邮箱'; errorDiv.style.display = 'block'; return; }
if (!captcha) { errorDiv.textContent = '请输入验证码'; errorDiv.style.display = 'block'; return; }
try {
const response = await fetch('/api/forgot-password', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ email, captcha_session: emailResetCaptchaSession, captcha })
});
const data = await response.json();
if (response.ok) {
successDiv.innerHTML = data.message + '<br><small style="color: #666;">请检查您的邮箱(包括垃圾邮件文件夹)</small>';
successDiv.style.display = 'block';
setTimeout(closeForgotPassword, 3000);
} else {
errorDiv.textContent = data.error || '发送失败';
errorDiv.style.display = 'block';
await refreshEmailResetCaptcha();
}
} catch (error) { errorDiv.textContent = '网络错误'; errorDiv.style.display = 'block'; }
}
// 重发验证邮件相关函数
async function showResendVerify(event) {
event.preventDefault();
document.getElementById('resendVerifyModal').classList.add('active');
await generateResendCaptcha();
}
function closeResendVerify() {
document.getElementById('resendVerifyModal').classList.remove('active');
document.getElementById('resendVerifyForm').reset();
document.getElementById('resendErrorMessage').style.display = 'none';
document.getElementById('resendSuccessMessage').style.display = 'none';
}
async function generateResendCaptcha() {
try {
const response = await fetch('/api/generate_captcha', { method: 'POST', headers: { 'Content-Type': 'application/json' } });
const data = await response.json();
if (data.session_id && data.captcha_image) {
resendCaptchaSession = data.session_id;
document.getElementById('resendCaptchaImage').src = data.captcha_image;
}
} catch (error) { console.error('生成验证码失败:', error); }
}
async function refreshResendCaptcha() { await generateResendCaptcha(); document.getElementById('resendCaptcha').value = ''; }
async function handleResendVerify(event) {
event.preventDefault();
const email = document.getElementById('resendEmail').value.trim();
const captcha = document.getElementById('resendCaptcha').value.trim();
const errorDiv = document.getElementById('resendErrorMessage');
const successDiv = document.getElementById('resendSuccessMessage');
errorDiv.style.display = 'none'; successDiv.style.display = 'none';
if (!email) { errorDiv.textContent = '请输入邮箱'; errorDiv.style.display = 'block'; return; }
if (!captcha) { errorDiv.textContent = '请输入验证码'; errorDiv.style.display = 'block'; return; }
try {
const response = await fetch('/api/resend-verify-email', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ email, captcha_session: resendCaptchaSession, captcha })
});
const data = await response.json();
if (response.ok) {
successDiv.textContent = data.message || '验证邮件已发送,请查收';
successDiv.style.display = 'block';
setTimeout(closeResendVerify, 2000);
} else {
errorDiv.textContent = data.error || '发送失败';
errorDiv.style.display = 'block';
await refreshResendCaptcha();
}
} catch (error) { errorDiv.textContent = '网络错误'; errorDiv.style.display = 'block'; }
}
document.addEventListener('keydown', (e) => { if (e.key === 'Escape') { closeForgotPassword(); closeResendVerify(); } });
</script>
</body>
</html>

318
templates/register.html
View File

@@ -1,318 +0,0 @@
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>用户注册 - 知识管理平台</title>
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
font-family: 'Microsoft YaHei', Arial, sans-serif;
background: linear-gradient(135deg, #56CCF2 0%, #2F80ED 100%);
min-height: 100vh;
display: flex;
justify-content: center;
align-items: center;
}
.register-container {
background: white;
border-radius: 10px;
box-shadow: 0 10px 40px rgba(0,0,0,0.2);
width: 400px;
padding: 40px;
}
.register-header {
text-align: center;
margin-bottom: 30px;
}
.register-header h1 {
font-size: 28px;
color: #333;
margin-bottom: 10px;
}
.register-header p {
color: #666;
font-size: 14px;
}
.form-group {
margin-bottom: 20px;
}
.form-group label {
display: block;
margin-bottom: 8px;
color: #333;
font-weight: bold;
}
.form-group input {
width: 100%;
padding: 12px;
border: 1px solid #ddd;
border-radius: 5px;
font-size: 14px;
transition: border-color 0.3s;
}
.form-group input:focus {
outline: none;
border-color: #2F80ED;
}
.form-group small {
color: #888;
font-size: 12px;
display: block;
margin-top: 5px;
}
.btn-register {
width: 100%;
padding: 12px;
background: linear-gradient(135deg, #56CCF2 0%, #2F80ED 100%);
color: white;
border: none;
border-radius: 5px;
font-size: 16px;
font-weight: bold;
cursor: pointer;
transition: transform 0.2s;
}
.btn-register:hover {
transform: translateY(-2px);
}
.btn-register:active {
transform: translateY(0);
}
.login-link {
text-align: center;
margin-top: 20px;
color: #666;
}
.login-link a {
color: #2F80ED;
text-decoration: none;
font-weight: bold;
}
.login-link a:hover {
text-decoration: underline;
}
.error-message {
background: #ffe6e6;
color: #d63031;
padding: 10px;
border-radius: 5px;
margin-bottom: 20px;
display: none;
}
.success-message {
background: #e6ffe6;
color: #27ae60;
padding: 10px;
border-radius: 5px;
margin-bottom: 20px;
display: none;
}
@media (max-width: 480px) {
body { padding: 12px; align-items: flex-start; padding-top: 20px; }
.register-container { width: 100%; max-width: 100%; padding: 24px 20px; }
.register-header h1 { font-size: 24px; }
.register-header p { font-size: 13px; }
.form-group { margin-bottom: 18px; }
.form-group label { font-size: 13px; }
.form-group input { padding: 11px; font-size: 16px; } /* iOS防止自动缩放 */
.form-group small { font-size: 11px; }
.btn-register { padding: 13px; font-size: 15px; }
.login-link { margin-top: 16px; font-size: 14px; }
}
</style>
</head>
<body>
<div class="register-container">
<div class="register-header">
<h1>用户注册</h1>
</div>
<div id="errorMessage" class="error-message"></div>
<div id="successMessage" class="success-message"></div>
<form id="registerForm" onsubmit="handleRegister(event)">
<div class="form-group">
<label for="username">用户名 *</label>
<input type="text" id="username" name="username" required minlength="3">
<small>至少3个字符</small>
</div>
<div class="form-group">
<label for="password">密码 *</label>
<input type="password" id="password" name="password" required minlength="6">
<small>至少6个字符</small>
</div>
<div class="form-group">
<label for="confirm_password">确认密码 *</label>
<input type="password" id="confirm_password" name="confirm_password" required>
</div>
<div class="form-group">
<label for="email">邮箱 <span id="emailRequired" style="color: #d63031; display: none;">*</span></label>
<input type="email" id="email" name="email">
<small id="emailHint">选填,用于接收审核通知</small>
</div>
<div class="form-group">
<label for="captcha">验证码</label>
<div style="display: flex; gap: 10px; align-items: center;">
<input type="text" id="captcha" placeholder="请输入验证码" required style="flex: 1;">
<img id="captchaImage" src="" alt="验证码" style="height: 50px; border: 1px solid #ddd; border-radius: 4px; cursor: pointer;" onclick="refreshCaptcha()" title="点击刷新">
<button type="button" onclick="refreshCaptcha()" style="padding: 8px 15px; background: #f0f0f0; border: 1px solid #ddd; border-radius: 4px; cursor: pointer;">刷新</button>
</div>
</div>
<button type="submit" class="btn-register">注册</button>
</form>
<div class="login-link">
已有账号? <a href="/login">立即登录</a>
</div>
</div>
<script>
let captchaSession = '';
let emailVerifyEnabled = false;
window.onload = async function() {
await generateCaptcha();
await checkEmailVerifyStatus();
};
async function checkEmailVerifyStatus() {
try {
const resp = await fetch('/api/email/verify-status');
const data = await resp.json();
emailVerifyEnabled = data.register_verify_enabled;
if (emailVerifyEnabled) {
document.getElementById('emailRequired').style.display = 'inline';
document.getElementById('email').required = true;
document.getElementById('emailHint').textContent = '必填,用于账号验证';
}
} catch (e) {
console.log('获取邮箱验证状态失败', e);
}
}
async function handleRegister(event) {
event.preventDefault();
const username = document.getElementById('username').value.trim();
const password = document.getElementById('password').value.trim();
const confirmPassword = document.getElementById('confirm_password').value.trim();
const email = document.getElementById('email').value.trim();
const errorDiv = document.getElementById('errorMessage');
const successDiv = document.getElementById('successMessage');
errorDiv.style.display = 'none';
successDiv.style.display = 'none';
// 验证
if (username.length < 3) {
errorDiv.textContent = '用户名至少3个字符';
errorDiv.style.display = 'block';
return;
}
if (password.length < 6) {
errorDiv.textContent = '密码至少6个字符';
errorDiv.style.display = 'block';
return;
}
if (password !== confirmPassword) {
errorDiv.textContent = '两次输入的密码不一致';
errorDiv.style.display = 'block';
return;
}
// 邮箱验证启用时必填
if (emailVerifyEnabled && !email) {
errorDiv.textContent = '请填写邮箱地址用于账号验证';
errorDiv.style.display = 'block';
return;
}
// 邮箱格式验证
if (email && !email.includes('@')) {
errorDiv.textContent = '邮箱格式不正确';
errorDiv.style.display = 'block';
return;
}
try {
const response = await fetch('/api/register', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({ username, password, email, captcha_session: captchaSession, captcha: document.getElementById('captcha').value.trim() })
});
const data = await response.json();
if (response.ok) {
// 根据是否需要邮箱验证显示不同的消息
if (data.need_verify) {
successDiv.innerHTML = data.message + '<br><small style="color: #666;">请检查您的邮箱(包括垃圾邮件文件夹)</small>';
} else {
successDiv.textContent = data.message || '注册成功,请等待管理员审核';
}
successDiv.style.display = 'block';
// 清空表单
document.getElementById('registerForm').reset();
// 3秒后跳转到登录页
setTimeout(() => {
window.location.href = '/login';
}, 3000);
} else {
errorDiv.textContent = data.error || '注册失败';
errorDiv.style.display = 'block';
refreshCaptcha();
}
} catch (error) {
errorDiv.textContent = '网络错误,请稍后重试';
errorDiv.style.display = 'block';
}
}
async function generateCaptcha() {
const resp = await fetch('/api/generate_captcha', {method: 'POST', headers: {'Content-Type': 'application/json'}});
const data = await resp.json();
if (data.session_id && data.captcha_image) {
captchaSession = data.session_id;
document.getElementById('captchaImage').src = data.captcha_image;
}
}
async function refreshCaptcha() { await generateCaptcha(); document.getElementById('captcha').value = ''; }
</script>
</body>
</html>

266
templates/reset_password.html
View File

@@ -1,266 +0,0 @@
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>重置密码 - 知识管理平台</title>
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
font-family: 'Microsoft YaHei', Arial, sans-serif;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
padding: 20px;
}
.card {
background: white;
border-radius: 15px;
box-shadow: 0 10px 40px rgba(0,0,0,0.2);
padding: 40px;
text-align: center;
max-width: 450px;
width: 100%;
}
.icon {
width: 80px;
height: 80px;
background: linear-gradient(135deg, #e74c3c, #c0392b);
border-radius: 50%;
display: flex;
align-items: center;
justify-content: center;
margin: 0 auto 25px;
}
.icon svg {
width: 40px;
height: 40px;
fill: white;
}
h1 {
color: #333;
font-size: 24px;
margin-bottom: 10px;
}
p {
color: #666;
font-size: 14px;
line-height: 1.6;
margin-bottom: 25px;
}
.form-group {
margin-bottom: 20px;
text-align: left;
}
.form-group label {
display: block;
margin-bottom: 8px;
color: #333;
font-weight: bold;
font-size: 14px;
}
.form-group input {
width: 100%;
padding: 12px 15px;
border: 2px solid #e0e0e0;
border-radius: 8px;
font-size: 14px;
transition: border-color 0.3s;
}
.form-group input:focus {
outline: none;
border-color: #667eea;
}
.form-group small {
color: #999;
font-size: 12px;
margin-top: 5px;
display: block;
}
.btn {
width: 100%;
padding: 14px;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
color: white;
border: none;
border-radius: 30px;
font-size: 16px;
font-weight: bold;
cursor: pointer;
transition: transform 0.2s, box-shadow 0.2s;
}
.btn:hover {
transform: translateY(-2px);
box-shadow: 0 5px 20px rgba(102, 126, 234, 0.4);
}
.btn:disabled {
background: #ccc;
cursor: not-allowed;
transform: none;
box-shadow: none;
}
.message {
padding: 12px 15px;
border-radius: 8px;
margin-bottom: 20px;
font-size: 14px;
display: none;
}
.message.error {
background: #ffe6e6;
color: #d63031;
border: 1px solid #ffcdd2;
}
.message.success {
background: #e6ffe6;
color: #27ae60;
border: 1px solid #c8e6c9;
}
.back-link {
margin-top: 20px;
}
.back-link a {
color: #667eea;
text-decoration: none;
font-size: 14px;
}
.back-link a:hover {
text-decoration: underline;
}
.expired {
display: none;
}
.expired .icon {
background: linear-gradient(135deg, #95a5a6, #7f8c8d);
}
@media (max-width: 480px) {
body { padding: 12px; }
.card { padding: 30px 20px; }
h1 { font-size: 20px; }
}
</style>
</head>
<body>
<div class="card" id="resetForm">
<div class="icon">
<svg viewBox="0 0 24 24">
<path d="M12.65 10C11.83 7.67 9.61 6 7 6c-3.31 0-6 2.69-6 6s2.69 6 6 6c2.61 0 4.83-1.67 5.65-4H17v4h4v-4h2v-4H12.65zM7 14c-1.1 0-2-.9-2-2s.9-2 2-2 2 .9 2 2-.9 2-2 2z"/>
</svg>
</div>
<h1>重置密码</h1>
<p>请输入您的新密码</p>
<div id="errorMessage" class="message error"></div>
<div id="successMessage" class="message success"></div>
<form onsubmit="handleResetPassword(event)">
<div class="form-group">
<label for="newPassword">新密码</label>
<input type="password" id="newPassword" placeholder="请输入新密码" required minlength="8">
<small>至少8位包含字母和数字</small>
</div>
<div class="form-group">
<label for="confirmPassword">确认密码</label>
<input type="password" id="confirmPassword" placeholder="请再次输入新密码" required>
</div>
<button type="submit" class="btn" id="submitBtn">确认重置</button>
</form>
<div class="back-link">
<a href="/login">返回登录</a>
</div>
</div>
<div class="card expired" id="expiredCard">
<div class="icon">
<svg viewBox="0 0 24 24">
<path d="M12 2C6.48 2 2 6.48 2 12s4.48 10 10 10 10-4.48 10-10S17.52 2 12 2zm1 15h-2v-2h2v2zm0-4h-2V7h2v6z"/>
</svg>
</div>
<h1>链接已失效</h1>
<p>{{ error_message }}</p>
<div class="back-link">
<a href="/login">返回登录</a>
</div>
</div>
<script>
const token = '{{ token }}';
const isValid = {{ 'true' if valid else 'false' }};
if (!isValid) {
document.getElementById('resetForm').style.display = 'none';
document.getElementById('expiredCard').style.display = 'block';
}
async function handleResetPassword(event) {
event.preventDefault();
const newPassword = document.getElementById('newPassword').value;
const confirmPassword = document.getElementById('confirmPassword').value;
const errorDiv = document.getElementById('errorMessage');
const successDiv = document.getElementById('successMessage');
const submitBtn = document.getElementById('submitBtn');
errorDiv.style.display = 'none';
successDiv.style.display = 'none';
// 验证密码
if (newPassword.length < 8) {
errorDiv.textContent = '密码长度至少8位';
errorDiv.style.display = 'block';
return;
}
if (!/[a-zA-Z]/.test(newPassword) || !/\d/.test(newPassword)) {
errorDiv.textContent = '密码必须包含字母和数字';
errorDiv.style.display = 'block';
return;
}
if (newPassword !== confirmPassword) {
errorDiv.textContent = '两次输入的密码不一致';
errorDiv.style.display = 'block';
return;
}
submitBtn.disabled = true;
submitBtn.textContent = '处理中...';
try {
const response = await fetch('/api/reset-password-confirm', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ token, new_password: newPassword })
});
const data = await response.json();
if (response.ok) {
successDiv.textContent = '密码重置成功3秒后跳转到登录页面...';
successDiv.style.display = 'block';
setTimeout(() => {
window.location.href = '/login';
}, 3000);
} else {
errorDiv.textContent = data.error || '重置失败';
errorDiv.style.display = 'block';
submitBtn.disabled = false;
submitBtn.textContent = '确认重置';
}
} catch (error) {
errorDiv.textContent = '网络错误,请稍后重试';
errorDiv.style.display = 'block';
submitBtn.disabled = false;
submitBtn.textContent = '确认重置';
}
}
</script>
</body>
</html>