feat: 完善登录认证系统

- 首次使用强制设置密码(至少6位)
- 密码存数据库(SHA256哈希),前端可修改
- 登录失败5次锁定5分钟,防爆破
- 导航栏添加修改密码入口
- 移除硬编码默认密码

templates/change_password.html

@@ -0,0 +1,33 @@
+{% extends "base.html" %}
+{% block content %}
+<div class="row justify-content-center">
+    <div class="col-md-5">
+        <div class="card">
+            <div class="card-body p-4">
+                <h5 class="mb-3"><i class="bi bi-key"></i> 修改密码</h5>
+                {% if error %}
+                <div class="alert alert-danger py-2" style="border-radius:10px;font-size:.85rem">{{ error }}</div>
+                {% endif %}
+                {% if success %}
+                <div class="alert alert-success py-2" style="border-radius:10px;font-size:.85rem">{{ success }}</div>
+                {% endif %}
+                <form method="POST">
+                    <div class="mb-3">
+                        <label class="form-label">原密码</label>
+                        <input type="password" class="form-control" name="old_password" required>
+                    </div>
+                    <div class="mb-3">
+                        <label class="form-label">新密码（至少6位）</label>
+                        <input type="password" class="form-control" name="new_password" required minlength="6">
+                    </div>
+                    <div class="mb-3">
+                        <label class="form-label">确认新密码</label>
+                        <input type="password" class="form-control" name="new_password2" required minlength="6">
+                    </div>
+                    <button type="submit" class="btn btn-primary w-100">确认修改</button>
+                </form>
+            </div>
+        </div>
+    </div>
+</div>
+{% endblock %}