liuwei_x_x/abot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

后台账号体系改造:接入t_admin_数据库账号与前端改密

Browse Source 
变更项:
1. 新增 db/admin_account_db.py,提供 t_admin_accounts 表初始化、PBKDF2口令哈希、登录校验、登录信息回写与密码更新能力。
2. DashboardServer 启动时接入账号数据层,自动建表并把旧配置默认账号迁移为数据库账号种子。
3. 重构 auth 登录逻辑:优先走数据库账号鉴权,保留旧配置账号回退;新增 /api/auth/change_password 接口支持在线修改密码。
4. base.html 增加顶部修改密码入口与弹窗表单,前端可直接提交旧密码与新密码完成改密。
5. login.html 增强小屏适配:允许纵向滚动、768以下隐藏展示侧栏并优化输入区间距与字号,修复移动端登录体验。
6. 新增迁移脚本 db/scripts/migrations/20260423_add_admin_account_table.sql,便于独立数据库升级。
This commit is contained in:
liuwei
2026-04-23 09:09:19 +08:00
parent 0995c8b03f
commit f438f0f955
6 changed files with 445 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
admin/dashboard/blueprints/auth.py
View File

@@ -1,4 +1,4 @@
from flask import Blueprint, render_template, request, redirect, url_for, session, current_app
from flask import Blueprint, render_template, request, redirect, url_for, session, current_app, jsonify
from functools import wraps
from loguru import logger
@@ -22,13 +22,29 @@ def login_required(f):
def login():
error = None
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
# 使用 strip 规避用户误输入首尾空格导致的误判。
username = str(request.form.get('username', '') or '').strip()
password = str(request.form.get('password', '') or '')
# 从应用上下文获取服务器实例,而不是从蓝图对象
server = current_app.dashboard_server
admin_db = getattr(server, "admin_account_db", None)
if username == server.username and password == server.password:
# 优先使用数据库账号体系鉴权;若不可用则回退旧配置模式,保证兼容存量部署。
login_ok = False
if admin_db:
try:
login_ok = admin_db.verify_admin_password(username, password)
if login_ok:
admin_db.mark_login_success(username, request.remote_addr or "")
except Exception as e:
logger.error(f"数据库账号登录校验异常,回退配置模式: {e}")
login_ok = False
if not login_ok:
login_ok = (username == server.username and password == server.password)
if login_ok:
session['logged_in'] = True
session['username'] = username # 存储用户名到session
logger.debug(f"Login successful. Session after login: {dict(session)}")
@@ -45,3 +61,56 @@ def logout():
session.pop('logged_in', None)
session.pop('username', None) # 同时删除username
return redirect(url_for('auth.login'))
@auth_bp.route('/api/auth/change_password', methods=['POST'])
@login_required
def change_password():
"""修改当前登录管理员密码。
前端请求参数:
{
"old_password": "旧密码",
"new_password": "新密码",
"confirm_password": "确认新密码"
}
"""
server = current_app.dashboard_server
admin_db = getattr(server, "admin_account_db", None)
if not admin_db:
return jsonify({"success": False, "error": "账号数据库未初始化,无法修改密码"}), 500
payload = request.get_json(silent=True) or {}
old_password = str(payload.get("old_password", "") or "")
new_password = str(payload.get("new_password", "") or "")
confirm_password = str(payload.get("confirm_password", "") or "")
username = str(session.get("username", "") or "").strip()
if not username:
return jsonify({"success": False, "error": "会话失效,请重新登录"}), 401
if not old_password or not new_password or not confirm_password:
return jsonify({"success": False, "error": "请完整填写旧密码与新密码"}), 400
if new_password != confirm_password:
return jsonify({"success": False, "error": "两次输入的新密码不一致"}), 400
# 密码长度做基础约束,避免过弱口令。
if len(new_password) < 6:
return jsonify({"success": False, "error": "新密码长度不能少于6位"}), 400
if new_password == old_password:
return jsonify({"success": False, "error": "新密码不能与旧密码相同"}), 400
try:
if not admin_db.verify_admin_password(username, old_password):
return jsonify({"success": False, "error": "旧密码错误"}), 400
updated = admin_db.update_password(username, new_password)
if not updated:
return jsonify({"success": False, "error": "密码更新失败,请稍后重试"}), 500
return jsonify({"success": True, "message": "密码修改成功"})
except Exception as e:
logger.error(f"修改后台密码失败: username={username}, error={e}")
return jsonify({"success": False, "error": "密码修改失败,请检查日志"}), 500

17
admin/dashboard/server.py
View File

@@ -11,6 +11,7 @@ from flask import Flask, send_from_directory
from loguru import logger
from db.contacts_db import ContactsDBOperator
from db.admin_account_db import AdminAccountDBOperator
from db.member_context_db import MemberContextDBOperator
from db.message_storage import MessageStorageDB
from db.stats_db import StatsDBOperator
@@ -46,6 +47,8 @@ class DashboardServer:
self.contact_db: ContactsDBOperator = ContactsDBOperator(self.db_manager)
self.member_context_db = MemberContextDBOperator(self.db_manager)
self.task_db: TaskDBOperator = TaskDBOperator(self.db_manager)
# 后台管理员账号数据层:用于登录鉴权与修改密码。
self.admin_account_db = AdminAccountDBOperator(self.db_manager)
self.system_job_db = robot_instance.system_job_db
self.system_job_loader = robot_instance.system_job_loader
self.plugin_schedule_db = robot_instance.plugin_schedule_db
@@ -63,6 +66,20 @@ class DashboardServer:
self.member_context_service = getattr(self.member_context_plugin, "service", None)
self.LOG.info("使用Robot实例的对象进行初始化")
# 初始化后台管理员账号表,并将旧配置中的默认账号平滑迁移进数据库。
try:
table_ok = self.admin_account_db.init_tables()
if not table_ok:
self.LOG.warning("初始化后台账号表失败,将回退旧配置账号模式")
else:
seed_ok = self.admin_account_db.ensure_default_admin(self.username, self.password, "系统管理员")
if seed_ok:
self.LOG.info("后台账号体系初始化完成(数据库账号模式已可用)")
else:
self.LOG.warning("后台账号种子初始化失败,请检查配置中的默认账号信息")
except Exception as e:
self.LOG.error(f"初始化后台账号体系失败,将回退旧配置账号模式: {e}")
else:
self.LOG.error("未提供Robot实例Dashboard无法正常工作")
raise ValueError("必须提供Robot实例")

128
admin/dashboard/templates/base.html
View File

@@ -224,6 +224,18 @@
transition: all .18s ease !important;
}
.account-btn {
color: var(--text-soft) !important;
padding: 10px 14px !important;
border-radius: 999px !important;
transition: all .18s ease !important;
}
.account-btn:hover {
color: var(--primary) !important;
background: var(--primary-soft) !important;
}
.logout-btn:hover {
color: var(--primary) !important;
background: var(--primary-soft) !important;
@@ -699,6 +711,13 @@
display: none;
}
}
.password-dialog-tip {
margin-top: 8px;
color: var(--text-faint);
font-size: 12px;
line-height: 1.7;
}
</style>
<link rel="stylesheet" href="/static/css/element-ui/theme-chalk/index.min.css">
@@ -741,7 +760,10 @@
</div>
<div class="user-pill">
<span class="user-dot"></span>
<span>管理员已登录</span>
<span>{{ session.get('username', '管理员') }} 已登录</span>
</div>
<el-button type="text" class="account-btn" @click="openPasswordDialog">
<i class="el-icon-lock"></i> 修改密码
</div>
<el-button type="text" class="logout-btn" @click="logout">
<i class="el-icon-switch-button"></i> 退出
@@ -785,6 +807,35 @@
</div>
</main>
</div>
<el-dialog
title="修改后台登录密码"
:visible.sync="passwordDialogVisible"
width="460px"
:close-on-click-modal="false">
<el-form
ref="passwordFormRef"
:model="passwordForm"
:rules="passwordRules"
label-width="96px">
<el-form-item label="旧密码" prop="old_password">
<el-input v-model="passwordForm.old_password" type="password" show-password autocomplete="off" placeholder="请输入当前密码"></el-input>
</el-form-item>
<el-form-item label="新密码" prop="new_password">
<el-input v-model="passwordForm.new_password" type="password" show-password autocomplete="off" placeholder="至少6位"></el-input>
</el-form-item>
<el-form-item label="确认新密码" prop="confirm_password">
<el-input v-model="passwordForm.confirm_password" type="password" show-password autocomplete="off" placeholder="请再次输入新密码"></el-input>
</el-form-item>
</el-form>
<div class="password-dialog-tip">
提示:修改成功后将立即生效,建议使用强密码(字母、数字、符号组合)。
</div>
<span slot="footer" class="dialog-footer">
<el-button @click="passwordDialogVisible = false">取消</el-button>
<el-button type="primary" :loading="passwordSubmitting" @click="submitPasswordChange">确认修改</el-button>
</span>
</el-dialog>
</div>
<script>
@@ -870,7 +921,37 @@
currentView: '1',
timeRange: '7',
showTimeRangeSelector: false,
navGroups: NAV_GROUPS
navGroups: NAV_GROUPS,
// 账号密码修改弹窗状态。
passwordDialogVisible: false,
passwordSubmitting: false,
passwordForm: {
old_password: '',
new_password: '',
confirm_password: ''
},
passwordRules: {
old_password: [
{ required: true, message: '请输入旧密码', trigger: 'blur' }
],
new_password: [
{ required: true, message: '请输入新密码', trigger: 'blur' },
{ min: 6, message: '新密码长度至少6位', trigger: 'blur' }
],
confirm_password: [
{ required: true, message: '请再次输入新密码', trigger: 'blur' },
{
validator: (rule, value, callback) => {
if (value !== this.passwordForm.new_password) {
callback(new Error('两次输入的新密码不一致'));
return;
}
callback();
},
trigger: 'blur'
}
]
}
}
},
computed: {
@@ -948,6 +1029,49 @@
}).then(() => {
window.location.href = '/logout';
});
},
openPasswordDialog() {
// 打开弹窗前重置表单,避免上次输入残留。
this.passwordDialogVisible = true;
this.passwordSubmitting = false;
this.passwordForm = {
old_password: '',
new_password: '',
confirm_password: ''
};
this.$nextTick(() => {
if (this.$refs.passwordFormRef) {
this.$refs.passwordFormRef.clearValidate();
}
});
},
submitPasswordChange() {
if (!this.$refs.passwordFormRef) {
return;
}
this.$refs.passwordFormRef.validate((valid) => {
if (!valid) {
return;
}
this.passwordSubmitting = true;
axios.post('/api/auth/change_password', this.passwordForm)
.then((response) => {
const data = response.data || {};
if (!data.success) {
this.$message.error(data.error || '修改密码失败');
return;
}
this.$message.success(data.message || '密码修改成功');
this.passwordDialogVisible = false;
})
.catch((error) => {
const errorMsg = error?.response?.data?.error || '修改密码失败,请稍后重试';
this.$message.error(errorMsg);
})
.finally(() => {
this.passwordSubmitting = false;
});
});
}
}
};

46
admin/dashboard/templates/login.html
View File

@@ -36,7 +36,8 @@
display: flex;
align-items: center;
justify-content: center;
overflow: hidden;
overflow-x: hidden;
overflow-y: auto;
}
.login-shell {
width: min(1120px, calc(100vw - 48px));
@@ -200,12 +201,53 @@
width: 8px; height: 8px; border-radius: 50%; background: #10b981; box-shadow: 0 0 0 4px rgba(16,185,129,0.12);
}
@media (max-width: 960px) {
.login-shell { grid-template-columns: 1fr; min-height: auto; }
body { align-items: flex-start; padding: 18px 14px; }
.login-shell { grid-template-columns: 1fr; min-height: auto; width: 100%; border-radius: 24px; }
.login-showcase { padding: 34px 28px; }
.hero-title { font-size: 34px; }
.showcase-metrics { grid-template-columns: 1fr; }
.login-panel { padding: 32px 24px; }
}
@media (max-width: 768px) {
.login-shell {
box-shadow: 0 16px 32px rgba(15, 23, 42, 0.12);
border-radius: 18px;
min-height: 0;
}
.login-showcase {
display: none;
}
.login-panel {
padding: 22px 16px;
}
.login-card {
max-width: none;
}
.panel-title {
font-size: 24px;
}
.panel-desc {
font-size: 13px;
margin-bottom: 18px;
}
.el-input__inner,
.login-button {
height: 44px;
border-radius: 12px;
}
.panel-footer {
flex-direction: column;
align-items: flex-start;
gap: 6px;
}
}
@media (max-width: 420px) {
body { padding: 12px; }
.login-shell { width: 100%; }
.login-panel { padding: 16px 12px; }
.panel-eyebrow { margin-bottom: 12px; }
.panel-title { font-size: 22px; }
}
</style>
</head>
<body>