zsglpt

Author	SHA1	Message	Date
yuyx	7007f5f6f5	feat: 完成 Passkey 能力与前后台加载优化更新说明：\n1. 新增用户端与管理员端 Passkey 登录/注册/设备管理（最多3台，支持设备备注、删除设备）。\n2. 修复 Passkey 注册与登录流程中的浏览器/证书/CSRF相关问题，增强错误提示。\n3. 前台登录页改为独立入口，首屏仅加载必要资源，其他页面按需加载。\n4. 系统配置页改为静默获取金山文档状态，避免首屏阻塞，并优化状态展示为“检测中/已登录/未登录/异常”。\n5. 补充后端接口与页面渲染适配，修复多入口下样式依赖注入问题。\n6. 同步更新前后台构建产物与相关静态资源。	2026-02-15 23:51:46 +08:00
yuyx	f645a0f8ea	perf(front): reduce login page preload and split frontend vendor chunks	2026-02-07 21:45:26 +08:00
yuyx	08864e51ba	security: harden admin password change and production session headers	2026-02-07 21:37:55 +08:00
yuyx	ed0b74eae3	perf(report): avoid duplicate initial stats sync in dashboard loop	2026-02-07 18:39:11 +08:00
yuyx	4874aa37f6	perf(frontend): add api cache layer and reduce report polling pressure	2026-02-07 18:36:55 +08:00
yuyx	c285d1e348	fix(frontend): restore stable element-plus bootstrap to resolve admin crash	2026-02-07 18:11:23 +08:00
yuyx	06fe7f6f68	perf(frontend): on-demand element plus imports and dedupe stats requests	2026-02-07 17:43:18 +08:00
yuyx	43f1867033	perf(runtime): switch socketio to eventlet and optimize asset chunk caching	2026-02-07 16:09:21 +08:00
yuyx	9d1d4d701e	feat(report): show live slow-sql threshold in header	2026-02-07 14:55:15 +08:00
yuyx	b84a5abb8a	feat(config): add live slow-sql threshold setting	2026-02-07 14:31:24 +08:00
yuyx	6a9858cdec	feat(report): add 24h slow-sql dashboard and metrics api	2026-02-07 14:07:07 +08:00
yuyx	d77e439712	fix(build): stabilize vendor chunking to avoid element-plus init error	2026-02-07 12:30:13 +08:00
yuyx	e93db6fbf1	feat(report): add drilldown dialog for slow API details	2026-02-07 12:24:44 +08:00
yuyx	592d48dde0	feat(report): add slow API ranking module for admin	2026-02-07 12:19:53 +08:00
yuyx	a50294933b	perf(stability): add request metrics and resilient API retries	2026-02-07 11:58:21 +08:00
yuyx	04b94d7fb2	perf: optimize polling, stats cache, and frontend chunk splitting	2026-02-07 11:41:49 +08:00
yuyx	21c537da10	feat(screenshots): serve thumbnails while keeping original for preview and copy	2026-02-07 11:02:16 +08:00
yuyx	2d5be0feb2	refactor(report): remove duplicated detail section and keep compact cards	2026-02-07 10:16:35 +08:00
yuyx	462e12ca0d	feat(admin): align desktop report to compact module layout	2026-02-07 10:06:40 +08:00
yuyx	ce96b17392	fix(admin): include overview metrics in mobile report cards	2026-02-07 09:57:04 +08:00
yuyx	69e3e4c45c	feat(admin): compact mobile cards for report center	2026-02-07 09:54:11 +08:00
yuyx	12e07962c7	chore(admin): remove manual refresh buttons across pages	2026-02-07 09:47:17 +08:00
yuyx	dd9cc5a76d	fix: open mobile admin drawer from left side	2026-02-07 09:40:53 +08:00
yuyx	d097571f62	fix: prevent report flicker on auto refresh	2026-02-07 09:06:52 +08:00
yuyx	121251a1f2	feat: smooth report refresh and redesign system settings mobile UI	2026-02-07 08:57:25 +08:00
yuyx	6eb0651e23	feat: redesign admin layout and stats dashboards	2026-02-07 01:59:29 +08:00
yuyx	9991834ccd	feat: unify login UI and improve kdocs defaults	2026-02-07 01:27:00 +08:00
237899745	f46f325518	fix(frontend): 修复登录失败时通知弹两次的问题 - 在登录页面不再由 http.js 拦截器弹出 401 通知 - 让 LoginPage.vue 自己处理登录错误的显示 - 避免同一错误消息重复弹出	2026-01-21 19:45:43 +08:00
Yu Yon	b1484e9c03	fix: 修复多任务上传状态显示问题 1. 后端: 上传完成后恢复为"未开始"状态，不再保持"等待上传" 2. 前端: 调整状态颜色 - 上传截图(上传中): 红色 - 等待上传: 黄色 - 已完成: 绿色	2026-01-09 09:21:30 +08:00
yuyx	a3060e4cd9	feat: Vue SPA 添加 KDocs 在线状态显示 + 清理废弃模板功能更新： - AccountsPage.vue: 工具栏显示 KDocs 在线状态（就绪/离线） - settings.js: 添加 fetchKdocsStatus API 函数 - 每60秒自动刷新状态代码清理： - 删除废弃的 legacy 模板文件（约170KB） - templates/index.html - templates/login.html - templates/register.html - templates/reset_password.html 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-08 00:31:42 +08:00
yuyx	b0fe325154	feat: KDocs 上传增强 + 离线监控 + Bug修复 KDocs 上传功能增强: - 搜索优化：只用姓名搜索 + C列验证，避免匹配到错误单元格 - 有效行范围：支持配置起始行/结束行，限制上传区域 - 图片覆盖：支持覆盖单元格已有图片（Escape + Delete） - 配置持久化：kdocs_row_start/row_end 保存到数据库（v18迁移）二次登录功能: - 登录后立即再次登录，让"上次登录时间"显示为刚刚 KDocs 离线监控: - 每5分钟检测金山文档登录状态 - 离线时发送邮件通知管理员（每次掉线只通知一次） - 恢复在线后重置通知状态 Bug 修复: - 任务日志搜索账号关键词报错500：添加异常处理 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-07 23:40:46 +08:00
yuyx	3841358bc2	Add KDocs action feedback	2026-01-07 17:03:03 +08:00
yuyx	ad847888f8	Avoid live KDocs status on page load	2026-01-07 14:12:54 +08:00
yuyx	8c150dcb7c	Auto poll KDocs login status	2026-01-07 14:04:09 +08:00
yuyx	6b416dc5f1	Force KDocs QR fetch and improve login detection	2026-01-07 13:07:57 +08:00
yuyx	3bae759afc	Integrate KDocs auto-upload	2026-01-07 12:32:41 +08:00
yuyx	4c492122dd	feat: support announcement image upload # Conflicts: # database.py # db/migrations.py # routes/admin_api/core.py # static/admin/.vite/manifest.json # static/admin/assets/AnnouncementsPage-Btl9JP7M.js # static/admin/assets/EmailPage-CwqlBGU2.js # static/admin/assets/FeedbacksPage-B_qDNL3q.js # static/admin/assets/LogsPage-DzdymdrQ.js # static/admin/assets/ReportPage-Bp26gOA-.js # static/admin/assets/SettingsPage-__r25pN8.js # static/admin/assets/SystemPage-C1OfxrU-.js # static/admin/assets/UsersPage-DhnABKcY.js # static/admin/assets/email-By53DCWv.js # static/admin/assets/email-ByiJ74rd.js # static/admin/assets/email-DkWacopQ.js # static/admin/assets/index-D5wU2pVd.js # static/admin/assets/tasks-1acmkoIX.js # static/admin/assets/update-DdQLVpC3.js # static/admin/assets/users-B1w166uc.js # static/admin/assets/users-CPJP5r-B.js # static/admin/assets/users-CnIyvFWm.js # static/admin/index.html # static/app/.vite/manifest.json # static/app/assets/AccountsPage-C48gJL8c.js # static/app/assets/AccountsPage-D387XNsv.js # static/app/assets/AccountsPage-DBJCAsJz.js # static/app/assets/LoginPage-BgK_Vl6X.js # static/app/assets/RegisterPage-CwADxWfe.js # static/app/assets/ResetPasswordPage-CVfZX_5z.js # static/app/assets/SchedulesPage-CWuZpJ5h.js # static/app/assets/SchedulesPage-Dw-mXbG5.js # static/app/assets/SchedulesPage-DwzGOBuc.js # static/app/assets/ScreenshotsPage-C6vX2U3V.js # static/app/assets/ScreenshotsPage-CreOSjVc.js # static/app/assets/ScreenshotsPage-DuTeRzLR.js # static/app/assets/VerifyResultPage-BzGlCgtE.js # static/app/assets/VerifyResultPage-CN_nr4V6.js # static/app/assets/VerifyResultPage-CNbQc83z.js # static/app/assets/accounts-BFaVMUve.js # static/app/assets/accounts-BYq3lLev.js # static/app/assets/accounts-Bc9j2moH.js # static/app/assets/auth-Dk_ApO4B.js # static/app/assets/index-BIng7uZJ.css # static/app/assets/index-CDxVo_1Z.js # static/app/index.html	2026-01-06 12:15:16 +08:00
yuyx	7cf39f80bc	fix: 兼容旧浏览器后台与截图开关	2025-12-31 19:04:42 +08:00
yuyx	41ead4bead	replace screenshot pipeline and update admin	2025-12-31 16:50:35 +08:00
yuyx	2d98ab66a3	fix: 修复公告关闭功能 - 当次关闭与永久关闭区分问题：不管选择"当次关闭"还是"永久关闭"，都会永久关闭公告修复： - 当次关闭：使用 sessionStorage + pageToken - pageToken 基于 performance.timeOrigin 生成 - 刷新页面后 token 变化，公告重新显示 - 永久关闭：使用 localStorage - 持久化存储，刷新/重开后不再显示修改文件： - app-frontend/src/layouts/AppLayout.vue - templates/index.html 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 21:51:28 +08:00
yuyx	01ffaf96a3	fix: CPU显示修复 + 报表面板添加浏览器池状态 1. CPU 显示修复: - routes/admin_api/core.py: 新增 _get_server_cpu_percent() - 首次调用使用 interval=0.1 避免返回 0.0 - 后续调用使用缓存，TTL 1秒 2. 报表面板浏览器池状态: - admin-frontend/src/api/browser_pool.js: 新增 API 调用 - ReportPage.vue: 添加浏览器池状态卡片 - 显示总/活跃/空闲 Worker 数和队列等待数 - Worker 表格带状态颜色标签（活跃/空闲/异常） 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 20:15:48 +08:00
yuyx	1b20478a08	feat: 风险分定时衰减 + 密码提示修复 + 浏览器池API + next回跳 1. 风险分衰减定时任务: - services/scheduler.py: 每天 CST 04:00 自动执行 decay_scores() - 支持 RISK_SCORE_DECAY_TIME_CST 环境变量覆盖 2. 密码长度提示统一为8位: - app-frontend/src/pages/RegisterPage.vue - app-frontend/src/layouts/AppLayout.vue - admin-frontend/src/pages/SettingsPage.vue - templates/register.html 3. 浏览器池统计API: - GET /yuyx/api/browser_pool/stats - 返回 worker 状态、队列等待数等信息 - browser_pool_worker.py: 增强 get_stats() 方法 4. 登录后支持 next 参数回跳: - app-frontend/src/pages/LoginPage.vue: 检查 ?next= 参数 - 仅允许站内路径（防止开放重定向） 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 18:28:21 +08:00
yuyx	3d9dba272e	refactor: 删除版本更新功能 + 报表页自动刷新删除版本与更新功能: - routes/admin_api/update.py: 删除整个文件 - routes/admin_api/__init__.py: 移除 update 模块注册 - admin-frontend/src/pages/SystemPage.vue: 移除版本更新UI区块 - admin-frontend/src/api/update.js: 删除整个文件 - 删除 static/admin/assets/update-*.js 报表页自动刷新: - admin-frontend/src/pages/ReportPage.vue: 添加 setInterval 每1秒刷新 - 在 onMounted 启动定时器，onUnmounted 清除 - 覆盖统计数据、运行中任务、系统信息等所有动态数据 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 12:41:26 +08:00
yuyx	89f3fd9759	feat: 安全增强 + 删除密码重置申请功能 + 登录提醒开关安全增强: - 新增 SSRF、XXE、模板注入、敏感路径探测检测规则 - security/constants.py: 添加新的威胁类型和检测模式 - security/threat_detector.py: 实现新检测逻辑删除密码重置申请功能: - 移除 /api/password_resets 相关API - 删除 password_reset_requests 数据库表 - 前端移除密码重置申请页面和菜单 - 用户只能通过邮��找回密码，未绑定邮箱需联系管理员登录提醒全局开关: - email_service.py: 添加 login_alert_enabled 字段 - routes/api_auth.py: 检查开关状态再发送登录提醒 - EmailPage.vue: 添加新设备登录提醒开关 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 12:08:36 +08:00
yuyx	4ba933b001	feat: 添加安全仪表板前端页面 - 新增 SecurityPage.vue: 统计卡片、威胁事件表格、封禁管理、风险查询 - 新增 api/security.js: 安全相关API封装 - 路由添加 /security 页面 - 侧边栏添加"安全防护"菜单项 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2025-12-27 01:56:22 +08:00
yuyx	e3b0c35da6	Harden auth risk controls and admin reauth	2025-12-26 21:07:47 +08:00
yuyx	f90b0a4f11	Harden auth, CSRF, and email log UX	2025-12-26 19:05:42 +08:00
yuyx	9028f7e272	ui: 移除定时任务停用标签	2025-12-17 22:12:06 +08:00
yuyx	2ef0a10d6f	fix(ui): 开关可见与布局对齐	2025-12-17 22:03:15 +08:00
yuyx	2f5940d339	fix(ui): 开关可见与卡片不拉伸	2025-12-17 21:14:54 +08:00

1 2

79 Commits