From 6f626398f7a399427e2b67be313ac9a110a68dbe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=8E=8B=E5=BF=97=E7=8F=8F?= Date: Sat, 5 Jul 2025 23:26:05 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E9=AA=8C=E8=AF=81=E7=A0=81?= =?UTF-8?q?=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app.py | 48 ++++++++++++++++++++++++++++++++++------------ data/settings.json | 2 +- 2 files changed, 37 insertions(+), 13 deletions(-) diff --git a/app.py b/app.py index f2c1317..e809ed8 100644 --- a/app.py +++ b/app.py @@ -29,6 +29,8 @@ os.makedirs(BACKGROUND_FOLDER, exist_ok=True) VIDEO_FOLDER = os.path.join(UPLOAD_FOLDER, 'video') os.makedirs(VIDEO_FOLDER, exist_ok=True) +FONT_PATH = os.path.join(BASE_DIR, 'static', 'webfonts', 'arial.ttf') + # 允许的文件扩展名 ALLOWED_EXTENSIONS = {'png', 'jpg', 'jpeg', 'gif', 'ico', 'svg', 'mp4'} @@ -41,12 +43,18 @@ SETTINGS_FILE = os.path.join(DATA_DIR, 'settings.json') def migrate_settings(settings): """迁移旧版设置到新版格式""" if 'admin_password' in settings: - # 如果存在旧版明文密码,转换为哈希 - settings['admin_password_hash'] = generate_password_hash(settings['admin_password']) + # 如果存在旧版明文密码,转换为哈希(使用pbkdf2:sha256方法) + settings['admin_password_hash'] = generate_password_hash( + settings['admin_password'], + method='pbkdf2:sha256' + ) del settings['admin_password'] elif 'admin_password_hash' not in settings: # 如果既没有旧版密码也没有哈希,生成默认密码哈希 - settings['admin_password_hash'] = generate_password_hash('123456') + settings['admin_password_hash'] = generate_password_hash( + '123456', + method='pbkdf2:sha256' + ) return settings @@ -235,11 +243,22 @@ def login(): settings = load_settings() if username == 'admin' and 'admin_password_hash' in settings: - if check_password_hash(settings['admin_password_hash'], password): - session['username'] = username - next_url = request.args.get('next', url_for('index')) - flash('登录成功', 'success') - return redirect(next_url) + try: + if check_password_hash(settings['admin_password_hash'], password): + session['username'] = username + next_url = request.args.get('next', url_for('index')) + flash('登录成功', 'success') + return redirect(next_url) + except ValueError as e: + print(f"密码验证错误: {e}") + # 如果哈希验证失败,尝试重置密码 + settings['admin_password_hash'] = generate_password_hash( + '123456', + method='pbkdf2:sha256' + ) + save_settings(settings) + flash('系统检测到密码配置问题,已重置为默认密码123456,请重新登录', 'warning') + return redirect(url_for('login')) flash('用户名或密码错误', 'danger') return render_template('login.html') @@ -261,11 +280,16 @@ def captcha(): image = Image.new('RGB', (120, 40), color=(255, 255, 255)) draw = ImageDraw.Draw(image) - # 使用默认字体或指定字体路径 + # 使用指定字体路径 try: - font = ImageFont.truetype("arial.ttf", 24) + font = ImageFont.truetype(FONT_PATH, 24) except: - font = ImageFont.load_default() + try: + # 如果指定字体不存在,尝试系统默认字体 + font = ImageFont.truetype("arial.ttf", 24) + except: + # 最后使用默认字体 + font = ImageFont.load_default() # 绘制验证码文本 draw.text((10, 5), captcha_text, font=font, fill=(0, 0, 0)) @@ -831,4 +855,4 @@ def api_categories(): return jsonify(sorted_categories) if __name__ == '__main__': - app.run(debug=True) \ No newline at end of file + app.run(debug=True, port='8094', host='0.0.0.0') \ No newline at end of file diff --git a/data/settings.json b/data/settings.json index 2643fdc..5ab8e46 100644 --- a/data/settings.json +++ b/data/settings.json @@ -1,7 +1,7 @@ { "card_style": "compact", "search_history": [], - "theme": "light", + "theme": "dark", "bg_image": "/upload/background/5dd4f5d3cd7b48eca9967fa063ea5cd9.png", "dark_bg_image": "/static/background_dark.jpg", "site_title": "应用导航",