skyle1995/NetworkAuth
1
0
Fork 0
mirror of https://github.com/skyle1995/NetworkAuth.git synced 2026-05-25 02:24:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix the authentication mechanism

Browse Source 
Fix filter search
This commit is contained in:
凌动科技
2025-10-26 01:51:25 +08:00
parent 8513cbce55
commit 3e170ad526
10 changed files with 697 additions and 243 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
web/template/admin/apis.html
View File

@@ -215,6 +215,7 @@ layui.use(['table', 'form', 'layer', 'dropdown'], function() {
cols: [[
{ field: 'id', title: 'ID', width: 80, sort: true },
{ field: 'app_name', title: '应用名称', minWidth: 150 },
{ field: 'uuid', title: 'UUID', minWidth: 335 },
{ field: 'api_type_name', title: '接口类型', minWidth: 120 },
{
field: 'status_name',

596
web/template/admin/user.html
View File

@@ -1,63 +1,251 @@
{{ define "user.html" }}
<div class="layui-card">
<div class="layui-card-header">个人资料</div>
<div class="layui-card-body">
<form class="layui-form" id="accountForm" lay-filter="accountForm" onsubmit="return false">
<!-- 按照要求纵向排序ID、角色、用户名、旧密码、新密码、确认新密码 -->
<div class="layui-form-item">
<label class="layui-form-label" style="cursor: pointer;" data-tips="user-id">ID</label>
<div class="layui-input-block">
<input type="text" name="id" disabled readonly class="layui-input" />
</div>
</div>
<style>
/* 基础模块样式 */
.user-module {
margin-bottom: 20px;
}
<div class="layui-form-item">
<label class="layui-form-label" style="cursor: pointer;" data-tips="user-role">角色</label>
<div class="layui-input-block">
<!-- 角色禁用与只读,仅作展示用途,显示中文标签"管理员/普通成员" -->
<input type="text" name="role" disabled readonly class="layui-input" />
</div>
</div>
.user-module .layui-card-header {
font-weight: 600;
transition: background-color 0.3s ease, color 0.3s ease;
}
<div class="layui-form-item">
<label class="layui-form-label" style="cursor: pointer;" data-tips="user-username">用户名</label>
<div class="layui-input-block">
<input type="text" name="username" placeholder="请输入用户名(不修改可留空或保持不变)" autocomplete="off" class="layui-input" />
</div>
</div>
.module-tabs {
margin-bottom: 20px;
}
<div class="layui-form-item">
<label class="layui-form-label" style="cursor: pointer;" data-tips="user-old-password">旧密码</label>
<div class="layui-input-block">
<!-- 不修改密码时可留空 -->
<input type="password" name="old_password" placeholder="不修改可留空" autocomplete="off" class="layui-input">
</div>
</div>
.module-tabs .layui-tab-title li {
font-weight: 500;
}
<div class="layui-form-item">
<label class="layui-form-label" style="cursor: pointer;" data-tips="user-new-password">新密码</label>
<div class="layui-input-block">
<!-- 不修改密码时可留空 -->
<input type="password" name="new_password" placeholder="不修改可留空至少6位" autocomplete="off" class="layui-input">
</div>
</div>
.readonly-field {
cursor: not-allowed !important;
transition: background-color 0.3s ease, color 0.3s ease;
}
<div class="layui-form-item">
<label class="layui-form-label" style="cursor: pointer;" data-tips="user-confirm-password">确认密码</label>
<div class="layui-input-block">
<!-- 不修改密码时可留空 -->
<input type="password" name="confirm_password" placeholder="不修改可留空" autocomplete="off" class="layui-input">
</div>
</div>
/* 浅色模式样式 */
:root {
--user-card-header-bg: #f8f9fa;
--user-card-header-color: #333;
--user-readonly-bg: #f5f5f5;
--user-readonly-color: #666;
--user-card-bg: #ffffff;
--user-card-border: #e6e6e6;
--user-input-bg: #ffffff;
--user-input-border: #d9d9d9;
--user-input-color: #333;
}
<div class="layui-form-item">
<div class="layui-input-block">
<button class="layui-btn" lay-submit lay-filter="submitAccount">保存更改</button>
<!-- 将原先 type="reset" 改为自定义按钮,避免浏览器重置成初始空值 -->
<button type="button" id="btnReset" class="layui-btn layui-btn-primary">重置</button>
/* 深色模式样式 */
@media (prefers-color-scheme: dark) {
:root {
--user-card-header-bg: #2f2f2f;
--user-card-header-color: #e6e6e6;
--user-readonly-bg: #3a3a3a;
--user-readonly-color: #999;
--user-card-bg: #1f1f1f;
--user-card-border: #404040;
--user-input-bg: #2a2a2a;
--user-input-border: #404040;
--user-input-color: #e6e6e6;
}
}
/* 手动深色模式类 */
.dark {
--user-card-header-bg: #2f2f2f;
--user-card-header-color: #e6e6e6;
--user-readonly-bg: #3a3a3a;
--user-readonly-color: #999;
--user-card-bg: #1f1f1f;
--user-card-border: #404040;
--user-input-bg: #2a2a2a;
--user-input-border: #404040;
--user-input-color: #e6e6e6;
}
/* 应用CSS变量到元素 */
.user-module .layui-card-header {
background-color: var(--user-card-header-bg) !important;
color: var(--user-card-header-color) !important;
}
.readonly-field {
background-color: var(--user-readonly-bg) !important;
color: var(--user-readonly-color) !important;
}
.user-module .layui-card {
background-color: var(--user-card-bg);
border-color: var(--user-card-border);
}
.user-module .layui-input {
background-color: var(--user-input-bg);
border-color: var(--user-input-border);
color: var(--user-input-color);
}
/* 确保表单元素在深色模式下的可读性 */
.user-module .layui-form-label {
color: var(--user-card-header-color);
}
/* 按钮在深色模式下的样式调整 */
.user-module .layui-btn-primary {
background-color: var(--user-input-bg);
border-color: var(--user-input-border);
color: var(--user-input-color);
}
.user-module .layui-btn-primary:hover {
background-color: var(--user-readonly-bg);
}
/* 标签页在深色模式下的样式 */
.module-tabs .layui-tab-title {
border-bottom-color: var(--user-card-border);
}
.module-tabs .layui-tab-title li {
color: var(--user-input-color);
}
.module-tabs .layui-tab-title .layui-this {
color: var(--lay-color-primary, #1e9fff);
}
/* 图标颜色适配 */
.user-module .layui-icon {
color: var(--user-card-header-color);
}
</style>
<div class="layui-tab layui-tab-brief module-tabs" lay-filter="userTabs">
<ul class="layui-tab-title">
<li class="layui-this">个人资料</li>
<li>修改密码</li>
<li>修改用户名</li>
</ul>
<div class="layui-tab-content">
<!-- 个人资料模块 -->
<div class="layui-tab-item layui-show">
<div class="layui-card user-module">
<div class="layui-card-header">
<i class="layui-icon layui-icon-user"></i> 个人资料
</div>
<div class="layui-card-body">
<form class="layui-form" id="profileForm" lay-filter="profileForm">
<div class="layui-form-item">
<label class="layui-form-label">UUID</label>
<div class="layui-input-block">
<input type="text" name="uuid" disabled readonly class="layui-input readonly-field" style="font-family: monospace; font-size: 12px;" />
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">用户组</label>
<div class="layui-input-block">
<input type="text" name="role" disabled readonly class="layui-input readonly-field" />
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">用户名</label>
<div class="layui-input-block">
<input type="text" name="username" disabled readonly class="layui-input readonly-field" />
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">创建时间</label>
<div class="layui-input-block">
<input type="text" name="created_at" disabled readonly class="layui-input readonly-field" />
</div>
</div>
</form>
</div>
</div>
</form>
</div>
<!-- 修改密码模块 -->
<div class="layui-tab-item">
<div class="layui-card user-module">
<div class="layui-card-header">
<i class="layui-icon layui-icon-password"></i> 修改密码
</div>
<div class="layui-card-body">
<form class="layui-form" id="passwordForm" lay-filter="passwordForm" onsubmit="return false">
<div class="layui-form-item">
<label class="layui-form-label">当前密码</label>
<div class="layui-input-block">
<input type="password" name="old_password" placeholder="请输入当前密码" autocomplete="off" class="layui-input" lay-verify="required" />
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">新密码</label>
<div class="layui-input-block">
<input type="password" name="new_password" placeholder="请输入新密码至少6位" autocomplete="off" class="layui-input" lay-verify="required" />
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">确认密码</label>
<div class="layui-input-block">
<input type="password" name="confirm_password" placeholder="请再次输入新密码" autocomplete="off" class="layui-input" lay-verify="required" />
</div>
</div>
<div class="layui-form-item">
<div class="layui-input-block">
<button class="layui-btn" lay-submit lay-filter="submitPassword">
<i class="layui-icon layui-icon-ok"></i> 修改密码
</button>
<button type="button" id="resetPasswordBtn" class="layui-btn layui-btn-primary">
<i class="layui-icon layui-icon-refresh"></i> 重置
</button>
</div>
</div>
</form>
</div>
</div>
</div>
<!-- 修改用户名模块 -->
<div class="layui-tab-item">
<div class="layui-card user-module">
<div class="layui-card-header">
<i class="layui-icon layui-icon-edit"></i> 修改用户名
</div>
<div class="layui-card-body">
<form class="layui-form" id="usernameForm" lay-filter="usernameForm" onsubmit="return false">
<div class="layui-form-item">
<label class="layui-form-label">当前用户名</label>
<div class="layui-input-block">
<input type="text" name="current_username" disabled readonly class="layui-input readonly-field" />
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">新用户名</label>
<div class="layui-input-block">
<input type="text" name="new_username" placeholder="请输入新用户名" autocomplete="off" class="layui-input" lay-verify="required" />
</div>
</div>
<div class="layui-form-item">
<label class="layui-form-label">当前密码</label>
<div class="layui-input-block">
<input type="password" name="password" placeholder="请输入当前密码以确认身份" autocomplete="off" class="layui-input" lay-verify="required" />
</div>
</div>
<div class="layui-form-item">
<div class="layui-input-block">
<button class="layui-btn" lay-submit lay-filter="submitUsername">
<i class="layui-icon layui-icon-ok"></i> 修改用户名
</button>
<button type="button" id="resetUsernameBtn" class="layui-btn layui-btn-primary">
<i class="layui-icon layui-icon-refresh"></i> 重置
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@@ -65,15 +253,19 @@
// 使用自执行函数创建局部作用域,避免与其他页面脚本发生全局命名冲突
(() => {
// 工具方法:将数值角色转为中文标签
// 0 => 管理员1 => 普通成员
const roleToText = (role) => {
// 将可能的字符串数值转为数字
const r = typeof role === 'string' ? parseInt(role, 10) : role
return r === 0 ? '管理员' : '普通成员'
}
// 如果未加载 layui则按需加载兼容用户直接访问片段页 /admin/user
// 说明:当 window.layui 不存在时,动态引入 Layui 的 CSS 和 JS加载完成后再执行页面逻辑
// 格式化时间
const formatTime = (timeStr) => {
if (!timeStr) return ''
const date = new Date(timeStr)
return date.toLocaleString('zh-CN')
}
// 如果未加载 layui则按需加载
const ensureLayui = () => new Promise((resolve) => {
if (window.layui) return resolve(window.layui)
const css = document.createElement('link')
@@ -88,166 +280,190 @@
// 在确保 Layui 可用后再执行页面逻辑
ensureLayui().then(() => {
layui.use(['form', 'layer'], () => {
layui.use(['form', 'layer', 'element'], () => {
const form = layui.form
const layer = layui.layer
const element = layui.element
// 记录初始用户名,用于判断是否需要更新
let initialUsername = ''
// 缓存最近一次加载到表单中的资料,用于“重置”恢复
let lastProfile = null
// 全局变量
let userProfile = null
// 加载个人资料填充ID/用户名/角色(角色显示中文标签并禁用)
// 返回:无;副作用:设置 initialUsername、lastProfile 与表单值
// 加载个人资料
const loadProfile = async () => {
try {
const res = await fetch('/admin/api/user/profile')
const data = await res.json()
const ok = (data.success === true) || (data.code === 0)
if (!ok) throw new Error(data.message || data.msg || '加载失败')
const payload = data.data || {}
initialUsername = payload.username || ''
// 将角色转换为中文展示,并缓存为最近一次加载的“默认值”
const display = { ...payload, role: roleToText(payload.role) }
lastProfile = display
form.val('accountForm', display)
userProfile = data.data || {}
// 填充个人资料表单
const profileData = {
...userProfile,
role: roleToText(userProfile.role),
created_at: formatTime(userProfile.created_at)
}
form.val('profileForm', profileData)
// 填充用户名修改表单的当前用户名
form.val('usernameForm', { current_username: userProfile.username })
} catch (e) {
layer.msg(e.message || '加载个人资料失败', { icon: 2 })
}
}
// 校验密码表单:当任一密码字段填写时,要求三个字段均填写且有效
// 返回:{ ok: boolean, msg?: string }
const validatePassword = (fields) => {
const oldPwd = (fields.old_password || '').trim()
const newPwd = (fields.new_password || '').trim()
const confirmPwd = (fields.confirm_password || '').trim()
const anyFilled = !!(oldPwd || newPwd || confirmPwd)
if (!anyFilled) return { ok: true }
if (!oldPwd || !newPwd || !confirmPwd) return { ok: false, msg: '请完整填写旧密码/新密码/确认新密码' }
if (newPwd.length < 6) return { ok: false, msg: '新密码长度不能少于6位' }
if (newPwd !== confirmPwd) return { ok: false, msg: '两次输入的新密码不一致' }
if (oldPwd === newPwd) return { ok: false, msg: '新密码不能与旧密码相同' }
return { ok: true }
}
// 修改密码模块
const PasswordModule = {
validate: (fields) => {
const { old_password, new_password, confirm_password } = fields
if (!old_password || !new_password || !confirm_password) {
return { ok: false, msg: '请填写完整的密码信息' }
}
if (new_password.length < 6) {
return { ok: false, msg: '新密码长度不能少于6位' }
}
if (new_password !== confirm_password) {
return { ok: false, msg: '两次输入的新密码不一致' }
}
if (old_password === new_password) {
return { ok: false, msg: '新密码不能与当前密码相同' }
}
return { ok: true }
},
// 更新用户名:传输 username 与 old_password当仅修改用户名时必须提供当前密码同时修改密码时沿用同一 old_password
// 返回Promise<void>
const updateUsername = async (username, oldPassword) => {
const payload = { username }
if (oldPassword) payload.old_password = oldPassword
const res = await fetch('/admin/api/user/profile/update', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(payload)
})
const data = await res.json()
const ok = (data.success === true) || (data.code === 0)
if (!ok) throw new Error(data.message || data.msg || '保存资料失败')
}
// 更新密码:仅传输旧/新/确认三个字段
// 返回Promise<any> 后端响应数据,用于可能的重定向处理
const updatePassword = async (fields) => {
const payload = {
old_password: fields.old_password,
new_password: fields.new_password,
confirm_password: fields.confirm_password
}
const res = await fetch('/admin/api/user/password', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify(payload)
})
const data = await res.json()
const ok = (data.success === true) || (data.code === 0)
if (!ok) throw new Error(data.message || data.msg || '修改密码失败')
return data
}
// 提交综合更新:
// 规则:
// - 用户名:仅当与 initialUsername 不同且非空时更新
// - 密码:当任一密码字段填写时,要求完整校验并更新;若均未填则不更新
// - 若两者均无改动,则提示“未修改任何内容”
form.on('submit(submitAccount)', async (obj) => {
const fields = obj.field
const desiredUsername = (fields.username || '').trim()
const needUpdateUsername = desiredUsername && desiredUsername !== initialUsername
// 判定密码相关输入:
// - wantChangePassword输入了新密码或确认密码视为尝试修改密码将要求三个字段都填写
// - onlyOldProvided仅输入了旧密码用于支持“仅修改用户名需要当前密码”的场景
const hasOld = !!(fields.old_password && fields.old_password.trim())
const hasNewOrConfirm = !!((fields.new_password && fields.new_password.trim()) || (fields.confirm_password && fields.confirm_password.trim()))
const wantChangePassword = hasNewOrConfirm
const onlyOldProvided = hasOld && !hasNewOrConfirm
if (!needUpdateUsername && !wantChangePassword) {
layer.msg('未修改任何内容', { icon: 0 })
return false
}
// 修改密码场景:需进行严格校验(旧/新/确认均必填)
if (wantChangePassword) {
const pwdCheck = validatePassword(fields)
if (!pwdCheck.ok) {
layer.msg(pwdCheck.msg, { icon: 2 })
submit: async (fields) => {
const validation = PasswordModule.validate(fields)
if (!validation.ok) {
layer.msg(validation.msg, { icon: 2 })
return false
}
}
// 仅修改用户名:要求输入当前密码
if (needUpdateUsername && !wantChangePassword && !hasOld) {
layer.msg('修改用户名需要输入当前密码', { icon: 2 })
return false
}
try {
// 始终先更新用户名,再更新密码(避免改密后跳转导致无法继续)
if (needUpdateUsername) {
await updateUsername(desiredUsername, hasOld ? fields.old_password : '')
initialUsername = desiredUsername
}
if (wantChangePassword) {
const pwdResp = await updatePassword(fields)
// 修改密码后通常需要重新登录,优先使用后端返回的 redirect否则默认登录页
const redirect = pwdResp && pwdResp.data && pwdResp.data.redirect ? pwdResp.data.redirect : '/admin/login'
layer.msg('密码修改成功,即将跳转到登录页', { icon: 1, time: 1200 }, () => {
window.location.href = redirect
try {
const res = await fetch('/admin/api/user/password', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
old_password: fields.old_password,
new_password: fields.new_password,
confirm_password: fields.confirm_password
})
})
} else {
// 未修改密码,仅修改资料
await loadProfile()
layer.msg('保存成功', { icon: 1 })
const data = await res.json()
const ok = (data.success === true) || (data.code === 0)
if (!ok) throw new Error(data.message || data.msg || '修改密码失败')
// 检查是否需要跳转
if (data.data?.redirect) {
layer.msg('密码修改成功,即将跳转到登录页', { icon: 1, time: 1500 }, () => {
window.location.href = data.data.redirect
})
} else {
// 密码修改成功,不跳转,重置表单
layer.msg('密码修改成功', { icon: 1 })
document.getElementById('passwordForm').reset()
}
} catch (e) {
layer.msg(e.message || '修改密码失败', { icon: 2 })
}
} catch (e) {
layer.msg(e.message || '保存失败', { icon: 2 })
}
return false
})
return false
},
// 绑定“重置”按钮:将表单恢复为最近一次加载到表单中的资料
// 逻辑:
// - 如有 lastProfile直接回填
// - 回填时同时清空三个密码字段;
// - 如暂无缓存(极小概率),则重新请求资料
const bindReset = () => {
const btn = document.getElementById('btnReset')
if (!btn) return
btn.addEventListener('click', () => {
if (lastProfile) {
form.val('accountForm', { ...lastProfile, old_password: '', new_password: '', confirm_password: '' })
layer.msg('已恢复为当前资料', { icon: 1 })
} else {
loadProfile()
}
})
reset: () => {
document.getElementById('passwordForm').reset()
layer.msg('表单已重置', { icon: 1 })
}
}
// 修改用户名模块
const UsernameModule = {
validate: (fields) => {
const { new_username, password } = fields
if (!new_username || !password) {
return { ok: false, msg: '请填写新用户名和当前密码' }
}
if (new_username === userProfile?.username) {
return { ok: false, msg: '新用户名不能与当前用户名相同' }
}
if (new_username.length < 3) {
return { ok: false, msg: '用户名长度不能少于3位' }
}
return { ok: true }
},
submit: async (fields) => {
const validation = UsernameModule.validate(fields)
if (!validation.ok) {
layer.msg(validation.msg, { icon: 2 })
return false
}
try {
const res = await fetch('/admin/api/user/profile/update', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
username: fields.new_username,
old_password: fields.password
})
})
const data = await res.json()
const ok = (data.success === true) || (data.code === 0)
if (!ok) throw new Error(data.message || data.msg || '修改用户名失败')
layer.msg('用户名修改成功', { icon: 1 })
// 重新加载个人资料
await loadProfile()
// 清空表单
UsernameModule.reset()
} catch (e) {
layer.msg(e.message || '修改用户名失败', { icon: 2 })
}
return false
},
reset: () => {
form.val('usernameForm', {
new_username: '',
password: '',
current_username: userProfile?.username || ''
})
layer.msg('表单已重置', { icon: 1 })
}
}
// 绑定表单提交事件
form.on('submit(submitPassword)', (obj) => {
return PasswordModule.submit(obj.field)
})
form.on('submit(submitUsername)', (obj) => {
return UsernameModule.submit(obj.field)
})
// 绑定重置按钮
document.getElementById('resetPasswordBtn')?.addEventListener('click', PasswordModule.reset)
document.getElementById('resetUsernameBtn')?.addEventListener('click', UsernameModule.reset)
// 初始化加载
bindReset()
loadProfile()
})
})

6
web/template/admin/variables.html
View File

@@ -22,7 +22,7 @@
<div class="layui-inline">
<label class="layui-form-label">搜索</label>
<div class="layui-input-inline">
<input type="text" name="search" placeholder="变量别名/数据" autocomplete="off" class="layui-input" />
<input type="text" name="search" placeholder="变量编号/别名/数据/备注" autocomplete="off" class="layui-input" />
</div>
</div>
<div class="layui-inline">
@@ -210,7 +210,7 @@
variablesTable.reload({
where: {
app_uuid: data.value,
alias: $('input[name="search"]').val()
search: $('input[name="search"]').val()
},
page: {
curr: 1
@@ -223,7 +223,7 @@
variablesTable.reload({
where: {
app_uuid: $('select[name="app_uuid"]').val(),
alias: $('input[name="search"]').val()
search: $('input[name="search"]').val()
},
page: {
curr: 1