feat: 完善登录认证系统

- 首次使用强制设置密码(至少6位) - 密码存数据库(SHA256哈希),前端可修改 - 登录失败5次锁定5分钟,防爆破 - 导航栏添加修改密码入口 - 移除硬编码默认密码
2026-04-02 12:11:09 +08:00
parent 6ab6666cac
commit c293f3d4ac
8 changed files with 278 additions and 46 deletions
--- a/server/database.py
+++ b/server/database.py
@@ -54,6 +54,15 @@ def init_db():
            FOREIGN KEY (task_id) REFERENCES tasks(id),
            FOREIGN KEY (account_id) REFERENCES accounts(id)
        );
+
+        CREATE TABLE IF NOT EXISTS admin (
+            id INTEGER PRIMARY KEY CHECK (id = 1),
+            password_hash TEXT NOT NULL,
+            fail_count INTEGER DEFAULT 0,
+            locked_until TEXT DEFAULT '',
+            created_at TEXT DEFAULT (datetime('now', 'localtime')),
+            updated_at TEXT DEFAULT (datetime('now', 'localtime'))
+        );
    ''')
    conn.commit()
    conn.close()