zsglpt

Author	SHA1	Message	Date
yuyx	6bd00021b8	Fix KDocs login detection	2026-01-07 16:53:44 +08:00
yuyx	f2652af8fb	Fix kdocs upload status restore	2026-01-07 15:16:04 +08:00
yuyx	950af0efda	Improve KDocs search matching	2026-01-07 15:03:51 +08:00
yuyx	45cbdc51b4	Show upload status and log KDocs skips	2026-01-07 14:28:58 +08:00
yuyx	703a62b6ad	Increase KDocs QR timeout	2026-01-07 14:17:01 +08:00
yuyx	ad847888f8	Avoid live KDocs status on page load	2026-01-07 14:12:54 +08:00
yuyx	8c150dcb7c	Auto poll KDocs login status	2026-01-07 14:04:09 +08:00
yuyx	ec90404194	Validate and log QR capture	2026-01-07 13:56:16 +08:00
yuyx	6af8f46129	Log and save KDocs QR screenshot	2026-01-07 13:49:37 +08:00
yuyx	19f083df7b	Auto click KDocs login and confirm	2026-01-07 13:44:15 +08:00
yuyx	a04cbfa55f	Broaden KDocs login click and modal capture	2026-01-07 13:33:26 +08:00
yuyx	b78bc7935f	Trigger KDocs WeChat login flow	2026-01-07 13:26:31 +08:00
yuyx	d8897f893a	Expand KDocs QR detection	2026-01-07 13:21:19 +08:00
yuyx	95d7cbc825	Improve KDocs QR capture	2026-01-07 13:14:02 +08:00
yuyx	6b416dc5f1	Force KDocs QR fetch and improve login detection	2026-01-07 13:07:57 +08:00
yuyx	28e86b1147	Fix kdocs login status detection	2026-01-07 12:57:03 +08:00
yuyx	1e216ea356	Fix kdocs runtime logger call	2026-01-07 12:49:54 +08:00
yuyx	3bae759afc	Integrate KDocs auto-upload	2026-01-07 12:32:41 +08:00
yuyx	5137addacc	Optimize scheduler status lookups	2026-01-06 15:58:23 +08:00
yuyx	4c492122dd	feat: support announcement image upload # Conflicts: # database.py # db/migrations.py # routes/admin_api/core.py # static/admin/.vite/manifest.json # static/admin/assets/AnnouncementsPage-Btl9JP7M.js # static/admin/assets/EmailPage-CwqlBGU2.js # static/admin/assets/FeedbacksPage-B_qDNL3q.js # static/admin/assets/LogsPage-DzdymdrQ.js # static/admin/assets/ReportPage-Bp26gOA-.js # static/admin/assets/SettingsPage-__r25pN8.js # static/admin/assets/SystemPage-C1OfxrU-.js # static/admin/assets/UsersPage-DhnABKcY.js # static/admin/assets/email-By53DCWv.js # static/admin/assets/email-ByiJ74rd.js # static/admin/assets/email-DkWacopQ.js # static/admin/assets/index-D5wU2pVd.js # static/admin/assets/tasks-1acmkoIX.js # static/admin/assets/update-DdQLVpC3.js # static/admin/assets/users-B1w166uc.js # static/admin/assets/users-CPJP5r-B.js # static/admin/assets/users-CnIyvFWm.js # static/admin/index.html # static/app/.vite/manifest.json # static/app/assets/AccountsPage-C48gJL8c.js # static/app/assets/AccountsPage-D387XNsv.js # static/app/assets/AccountsPage-DBJCAsJz.js # static/app/assets/LoginPage-BgK_Vl6X.js # static/app/assets/RegisterPage-CwADxWfe.js # static/app/assets/ResetPasswordPage-CVfZX_5z.js # static/app/assets/SchedulesPage-CWuZpJ5h.js # static/app/assets/SchedulesPage-Dw-mXbG5.js # static/app/assets/SchedulesPage-DwzGOBuc.js # static/app/assets/ScreenshotsPage-C6vX2U3V.js # static/app/assets/ScreenshotsPage-CreOSjVc.js # static/app/assets/ScreenshotsPage-DuTeRzLR.js # static/app/assets/VerifyResultPage-BzGlCgtE.js # static/app/assets/VerifyResultPage-CN_nr4V6.js # static/app/assets/VerifyResultPage-CNbQc83z.js # static/app/assets/accounts-BFaVMUve.js # static/app/assets/accounts-BYq3lLev.js # static/app/assets/accounts-Bc9j2moH.js # static/app/assets/auth-Dk_ApO4B.js # static/app/assets/index-BIng7uZJ.css # static/app/assets/index-CDxVo_1Z.js # static/app/index.html	2026-01-06 12:15:16 +08:00
yuyx	82acc3470f	Ensure menu expanded in screenshots	2025-12-31 21:28:28 +08:00
yuyx	2e44afde30	Capture full-page wkhtmltoimage shots	2025-12-31 20:50:02 +08:00
yuyx	28f4e807a9	Fix wkhtmltoimage viewport crop	2025-12-31 20:23:31 +08:00
yuyx	3b04f04a31	feat: 全屏截图改用管理后台框架	2025-12-31 20:12:39 +08:00
yuyx	ea1c7e8a00	feat: wkhtmltoimage支持自定义高度	2025-12-31 20:05:39 +08:00
yuyx	d269a99d3c	fix: wkhtmltoimage使用安全cookie	2025-12-31 19:41:34 +08:00
yuyx	7c3d0a0947	fix: wkhtmltoimage兼容UA参数	2025-12-31 19:13:20 +08:00
yuyx	7cf39f80bc	fix: 兼容旧浏览器后台与截图开关	2025-12-31 19:04:42 +08:00
yuyx	d108f3b51d	bust spa asset cache by build id	2025-12-31 18:22:03 +08:00
yuyx	41ead4bead	replace screenshot pipeline and update admin	2025-12-31 16:50:35 +08:00
yuyx	2d98ab66a3	fix: 修复公告关闭功能 - 当次关闭与永久关闭区分问题：不管选择"当次关闭"还是"永久关闭"，都会永久关闭公告修复： - 当次关闭：使用 sessionStorage + pageToken - pageToken 基于 performance.timeOrigin 生成 - 刷新页面后 token 变化，公告重新显示 - 永久关闭：使用 localStorage - 持久化存储，刷新/重开后不再显示修改文件： - app-frontend/src/layouts/AppLayout.vue - templates/index.html 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 21:51:28 +08:00
yuyx	70e09c83a8	fix: 修复浏览器池任务丢失和统计错误 bug 问题: 1. 当浏览器创建失败时，failed_tasks 增加但 total_tasks 不增加导致统计显示 "0/5" 这种不合理数据 2. 浏览器创建失败时任务直接丢失，没有重新分配给其他 Worker 修复: - 添加本地浏览器创建重试（最多2次） - 失败任务根据 retry_count 决定是否重新入队 - retry_count < 1 时重新入队让其他 Worker 处理 - retry_count >= 1 时才真正失败并计入统计 - 任务字典新增 retry_count 字段初始化为 0 - 添加回归测试用例 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 21:26:56 +08:00
yuyx	01ffaf96a3	fix: CPU显示修复 + 报表面板添加浏览器池状态 1. CPU 显示修复: - routes/admin_api/core.py: 新增 _get_server_cpu_percent() - 首次调用使用 interval=0.1 避免返回 0.0 - 后续调用使用缓存，TTL 1秒 2. 报表面板浏览器池状态: - admin-frontend/src/api/browser_pool.js: 新增 API 调用 - ReportPage.vue: 添加浏览器池状态卡片 - 显示总/活跃/空闲 Worker 数和队列等待数 - Worker 表格带状态颜色标签（活跃/空闲/异常） 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 20:15:48 +08:00
yuyx	1b20478a08	feat: 风险分定时衰减 + 密码提示修复 + 浏览器池API + next回跳 1. 风险分衰减定时任务: - services/scheduler.py: 每天 CST 04:00 自动执行 decay_scores() - 支持 RISK_SCORE_DECAY_TIME_CST 环境变量覆盖 2. 密码长度提示统一为8位: - app-frontend/src/pages/RegisterPage.vue - app-frontend/src/layouts/AppLayout.vue - admin-frontend/src/pages/SettingsPage.vue - templates/register.html 3. 浏览器池统计API: - GET /yuyx/api/browser_pool/stats - 返回 worker 状态、队列等待数等信息 - browser_pool_worker.py: 增强 get_stats() 方法 4. 登录后支持 next 参数回跳: - app-frontend/src/pages/LoginPage.vue: 检查 ?next= 参数 - 仅允许站内路径（防止开放重定向） 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 18:28:21 +08:00
yuyx	3d9dba272e	refactor: 删除版本更新功能 + 报表页自动刷新删除版本与更新功能: - routes/admin_api/update.py: 删除整个文件 - routes/admin_api/__init__.py: 移除 update 模块注册 - admin-frontend/src/pages/SystemPage.vue: 移除版本更新UI区块 - admin-frontend/src/api/update.js: 删除整个文件 - 删除 static/admin/assets/update-*.js 报表页自动刷新: - admin-frontend/src/pages/ReportPage.vue: 添加 setInterval 每1秒刷新 - 在 onMounted 启动定时器，onUnmounted 清除 - 覆盖统计数据、运行中任务、系统信息等所有动态数据 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 12:41:26 +08:00
yuyx	89f3fd9759	feat: 安全增强 + 删除密码重置申请功能 + 登录提醒开关安全增强: - 新增 SSRF、XXE、模板注入、敏感路径探测检测规则 - security/constants.py: 添加新的威胁类型和检测模式 - security/threat_detector.py: 实现新检测逻辑删除密码重置申请功能: - 移除 /api/password_resets 相关API - 删除 password_reset_requests 数据库表 - 前端移除密码重置申请页面和菜单 - 用户只能通过邮��找回密码，未绑定邮箱需联系管理员登录提醒全局开关: - email_service.py: 添加 login_alert_enabled 字段 - routes/api_auth.py: 检查开关状态再发送登录提醒 - EmailPage.vue: 添加新设备登录提醒开关 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 12:08:36 +08:00
yuyx	4ba933b001	feat: 添加安全仪表板前端页面 - 新增 SecurityPage.vue: 统计卡片、威胁事件表格、封禁管理、风险查询 - 新增 api/security.js: 安全相关API封装 - 路由添加 /security 页面 - 侧边栏添加"安全防护"菜单项 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 01:56:22 +08:00
yuyx	759d99e8af	fix: add security module to Dockerfile 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 01:31:51 +08:00
yuyx	46253337eb	feat: 实现完整安全防护系统 Phase 1 - 威胁检测引擎: - security/threat_detector.py: JNDI/SQL/XSS/路径遍历/命令注入检测 - security/constants.py: 威胁检测规则和评分常量 - 数据库表: threat_events, ip_risk_scores, user_risk_scores, ip_blacklist Phase 2 - 风险评分与黑名单: - security/risk_scorer.py: IP/用户风险评分引擎，支持分数衰减 - security/blacklist.py: 黑名单管理，自动封禁规则 Phase 3 - 响应策略: - security/honeypot.py: 蜜罐响应生成器 - security/response_handler.py: 渐进式响应策略 Phase 4 - 集成: - security/middleware.py: Flask安全中间件 - routes/admin_api/security.py: 管理后台安全仪表板API - 36个测试用例全部通过 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 01:28:38 +08:00
yuyx	e3b0c35da6	Harden auth risk controls and admin reauth	2025-12-26 21:07:47 +08:00
yuyx	f90b0a4f11	Harden auth, CSRF, and email log UX	2025-12-26 19:05:42 +08:00
Yu Yon	3214cbbd91	chore: ignore local data and compose backups	2025-12-25 00:39:14 +08:00
Yu Yon	c32f7b797d	chore: add API diagnostic request logging toggles	2025-12-24 19:26:50 +08:00
yuyx	ec84903745	fix: 启动后60秒内所有请求使用15秒超时问题：之前的 _first_request 只对第一个HTTP请求有效，但login() 需要两次请求（GET登录页+POST登录），导致实际的POST登录请求仍然只有5秒超时，在冷启动时容易失败。修复：改为基于模块启动时间的超时策略 - 启动后60秒内：所有请求使用15秒超时 - 60秒后：恢复正常的5秒超时 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-24 01:42:03 +08:00
yuyx	151fc3e09f	perf: 启动预热优化 - 解决容器重启后首批任务慢/失败问题：容器重启后前两批任务明显变慢或失败 - 第一批：代理/目标服务器连接冷启动导致超时 - 第二批：浏览器池冷启动需要创建浏览器解决方案： - browser_pool_worker.py: 添加 pre_warm 参数，启动时预创建1个浏览器 - api_browser.py: 添加 warmup_api_connection() 预热 TCP/TLS 连接 - api_browser.py: 首次请求使用更长超时(10s)，后续恢复正常 - app.py: 启动时后台调用 API 预热 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-24 01:18:18 +08:00
yuyx	1d44859857	perf: 优化任务执行速度 (40-70s → ~15s) 问题：容错机制引入了大量叠加的等待时间优化内容： - playwright_automation.py: - 登录超时 30s → 10s - 导航等待 2s → 0.5s - navigate_only 等待 1s → 0.3s - 首页轮询 8次×3s → networkidle + 2次×0.5s - services/tasks.py: - 删除截图前固定 sleep(2) - services/screenshots.py: - networkidle 超时 30s → 10s - selector 超时 20s → 5s 预计性能提升：从 40-70 秒降至约 15 秒 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-24 00:19:46 +08:00
yuyx	79a571e58d	fix: 容器重启后第一批任务失败问题：容器重启时账号对象的 is_running 状态未被重置，导致新任务提交时被拒绝（"任务已在运行中"）修复：在启动流程中添加遗留任务状态清理逻辑 - 重置所有账号的 is_running/should_stop/status - 清理活跃任务句柄 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-23 23:32:20 +08:00
yuyx	5f4fb50001	refactor: 统一日志管理 + 数据库索引优化 - db/schema.py: 添加 4 个复合索引优化查询性能 - idx_user_schedules_user_enabled - idx_schedule_execution_logs_schedule_id/user_id/status - db/users.py: print → logger，密码升级日志改为记录 user_id - crypto_utils.py: print → logger - password_utils.py: print → logger 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-23 22:57:03 +08:00
yuyx	c5f019be5a	chore: restore API request timeout 5s	2025-12-18 09:46:01 +08:00
yuyx	433a3cb806	fix: avoid blocking browser init	2025-12-18 09:38:02 +08:00

1 2 3 4

187 Commits