安全修复: 收敛认证与日志风险并补充基础测试

database.py

@@ -19,6 +19,7 @@ from typing import Optional
 
 import db_pool
 from app_config import get_config
+from app_logger import get_logger
 
 from db.schema import ensure_schema
 from db.migrations import migrate_database as _migrate_database
@@ -126,6 +127,7 @@ from db.users import (
 from db.security import record_login_context
 
 config = get_config()
+logger = get_logger(__name__)
 
 # 数据库文件路径
 DB_FILE = config.DB_FILE
@@ -140,9 +142,9 @@ _system_config_cache_lock = threading.Lock()
 _system_config_cache_value: Optional[dict] = None
 _system_config_cache_loaded_at = 0.0
 try:
-    _SYSTEM_CONFIG_CACHE_TTL_SECONDS = float(os.environ.get("SYSTEM_CONFIG_CACHE_TTL_SECONDS", "3"))
+    _SYSTEM_CONFIG_CACHE_TTL_SECONDS = float(os.environ.get("SYSTEM_CONFIG_CACHE_TTL_SECONDS", "30"))
 except Exception:
-    _SYSTEM_CONFIG_CACHE_TTL_SECONDS = 3.0
+    _SYSTEM_CONFIG_CACHE_TTL_SECONDS = 30.0
 _SYSTEM_CONFIG_CACHE_TTL_SECONDS = max(0.0, _SYSTEM_CONFIG_CACHE_TTL_SECONDS)
 
 
@@ -197,8 +199,8 @@ def init_database():
     try:
         config_value = get_system_config()
         db_pool.configure_slow_query_runtime(threshold_ms=config_value.get("db_slow_query_ms"))
-    except Exception:
-        pass
+    except Exception as e:
+        logger.warning(f"初始化慢查询阈值失败，使用默认值: {e}")
 
 
 def migrate_database():
@@ -293,6 +295,6 @@ def update_system_config(
         try:
             latest_config = get_system_config()
             db_pool.configure_slow_query_runtime(threshold_ms=latest_config.get("db_slow_query_ms"))
-        except Exception:
-            pass
+        except Exception as e:
+            logger.warning(f"更新慢查询阈值失败，保留当前配置: {e}")
     return ok