fix: Repair the new password verification matching logic in hubcmdui.

2026-01-12 16:25:42 +08:00 · 2024-07-30 18:34:34 +08:00
parent 495f63ec37
commit 8c7be10187
6 changed files with 46 additions and 31 deletions
--- a/hubcmdui/README.md
+++ b/hubcmdui/README.md
@@ -91,7 +91,7 @@ docker logs -f [容器ID或名称]

 <table>
    <tr>
-        <td width="50%" align="center"><img src="https://github.com/user-attachments/assets/142ac19b-933f-46e8-85f9-5cb60a14c5cd"?raw=true"></td>
+        <td width="50%" align="center"><img src="https://github.com/user-attachments/assets/80b347b6-cfb4-43ec-b473-7e38943fe517"?raw=true"></td>
    </tr>
 </table>

@@ -101,7 +101,7 @@ docker logs -f [容器ID或名称]
    </tr>
 </table>

-> 浏览器输入 `服务器地址/admin:30080` 访问后端页面，默认登入账号密码: root/admin
+> 浏览器输入 `服务器地址/admin:30080` 访问后端页面，默认登入账号密码: root/admin@123

 <table>
    <tr>
--- a/hubcmdui/config.json
+++ b/hubcmdui/config.json
@@ -8,14 +8,14 @@
    },
    {
      "text": "GitHub",
-      "link": "",
-      "newTab": false
+      "link": "https://github.com/dqzboy/Docker-Proxy",
+      "newTab": true
    }
  ],
  "adImages": [
    {
      "url": "https://cdn.jsdelivr.net/gh/dqzboy/Blog-Image/BlogCourse/guanggao.png",
-      "link": "https://www.dqzboy.com"
+      "link": "https://github.com/dqzboy/Docker-Proxy"
    }
  ],
  "proxyDomain": "dqzboy.github.io"
--- a/hubcmdui/server.js
+++ b/hubcmdui/server.js
@@ -121,8 +121,9 @@ app.post('/api/change-password', async (req, res) => {
    return res.status(401).json({ error: 'Not logged in' });
  }
  const { currentPassword, newPassword } = req.body;
-  if (!/^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d]{8,16}$/.test(newPassword)) {
-    return res.status(400).json({ error: 'Password must be 8-16 characters long and contain at least one letter and one number' });
+  const passwordRegex = /^(?=.*[A-Za-z])(?=.*\d)(?=.*[.,\-_+=()[\]{}|\\;:'"<>?/@$!%*#?&])[A-Za-z\d.,\-_+=()[\]{}|\\;:'"<>?/@$!%*#?&]{8,16}$/;
+  if (!passwordRegex.test(newPassword)) {
+    return res.status(400).json({ error: 'Password must be 8-16 characters long and contain at least one letter, one number, and one special character' });
  }
  const users = await readUsers();
  const user = users.users.find(u => u.username === req.session.user.username);
--- a/hubcmdui/users.json
+++ b/hubcmdui/users.json
@@ -2,7 +2,7 @@
  "users": [
    {
      "username": "root",
-      "password": "$2b$10$wKdemJNjB1I6IpOycHWjwO2MgDFj3QC6KLSMxZE6rHIofuSf.BX/m"
+      "password": "$2b$10$tu.ceN0qpkl.RSR3fi/uy.9FfJGazUdWJCEPaJCDAhh6mPFbP0GxC"
    }
  ]
 }
--- a/hubcmdui/web/admin.html
+++ b/hubcmdui/web/admin.html
@@ -392,13 +392,14 @@
        }

        function renderAdItems() {
+            console.log('Rendering ad items:', adImages);
            const tbody = document.getElementById('adTableBody');
            tbody.innerHTML = '';
            adImages.forEach((ad, index) => {
                const row = `
                    <tr data-index="${index}">
                        <td><input type="url" class="ad-url" value="${ad.url}" disabled></td>
-                        <td><input type="url" class="ad-link" value="${ad.link}" disabled></td>
+                        <td><input type="url" class="ad-link" value="${ad.link || ''}" disabled></td>
                        <td>
                            <button type="button" class="action-btn edit-btn">编辑</button>
                            <button type="button" class="action-btn delete-btn">删除</button>
@@ -424,6 +425,7 @@
                        linkInput.disabled = false;
                        button.textContent = '保存';
                        editingIndex = row.getAttribute('data-index');
+                        console.log(`Editing ad at index ${editingIndex}:`, { url: urlInput.value, link: linkInput.value });
                    } else {
                        const url = urlInput.value || '';
                        const link = linkInput.value || '';
@@ -546,6 +548,7 @@
        }

        async function saveAd(index, ad) {
+            console.log(`Saving ad at index ${index}:`, ad);
            const config = { adImages: adImages };
            config.adImages[index] = ad;
            await saveConfig(config);
@@ -629,7 +632,7 @@
        async function changePassword() {
            const currentPassword = document.getElementById('currentPassword').value;
            const newPassword = document.getElementById('newPassword').value;
-            const passwordRegex = /^(?=.*[A-Za-z])(?=.*\d)(?=.*[@$!%*#?&])[A-Za-z\d@$!%*#?&]{8,16}$/;
+            const passwordRegex = /^(?=.*[A-Za-z])(?=.*\d)(?=.*[.,\-_+=()[\]{}|\\;:'"<>?/@$!%*#?&])[A-Za-z\d.,\-_+=()[\]{}|\\;:'"<>?/@$!%*#?&]{8,16}$/;

            if (!currentPassword || !newPassword) {
                alert('请填写当前密码和新密码');
@@ -647,6 +650,17 @@
                });
                if (response.ok) {
                    alert('密码已修改');
+                    // 清除当前会话并显示登录模态框
+                    localStorage.removeItem('isLoggedIn');
+                    isLoggedIn = false;
+                    document.getElementById('loginModal').style.display = 'block';
+                    document.getElementById('adminContainer').classList.add('hidden');
+                    refreshCaptcha();
+
+                    // 清除登录表单中的输入数据
+                    document.getElementById('username').value = '';
+                    document.getElementById('password').value = '';
+                    document.getElementById('captcha').value = '';
                } else {
                    alert('修改密码失败');
                }
@@ -659,7 +673,7 @@
            const newPassword = document.getElementById('newPassword').value;
            const passwordHint = document.getElementById('passwordHint');

-            const passwordRegex = /^(?=.*[A-Za-z])(?=.*\d)(?=.*[@$!%*#?&])[A-Za-z\d@$!%*#?&]{8,16}$/;
+            const passwordRegex = /^(?=.*[A-Za-z])(?=.*\d)(?=.*[.,\-_+=()[\]{}|\\;:'"<>?/@$!%*#?&])[A-Za-z\d.,\-_+=()[\]{}|\\;:'"<>?/@$!%*#?&]{8,16}$/;

            if (!passwordRegex.test(newPassword)) {
                passwordHint.style.display = 'block';
@@ -670,28 +684,28 @@

        // 页面加载时检查登录状态
        window.onload = async function() {
-        try {
-            const response = await fetch('/api/check-session');
-            if (response.ok) {
-            isLoggedIn = localStorage.getItem('isLoggedIn') === 'true';
-            if (isLoggedIn) {
-                document.getElementById('loginModal').style.display = 'none';
-                document.getElementById('adminContainer').classList.remove('hidden');
-                loadConfig();
-            } else {
+            try {
+                const response = await fetch('/api/check-session');
+                if (response.ok) {
+                    isLoggedIn = localStorage.getItem('isLoggedIn') === 'true';
+                    if (isLoggedIn) {
+                        document.getElementById('loginModal').style.display = 'none';
+                        document.getElementById('adminContainer').classList.remove('hidden');
+                        loadConfig();
+                    } else {
+                        document.getElementById('loginModal').style.display = 'block';
+                        refreshCaptcha();
+                    }
+                } else {
+                    localStorage.removeItem('isLoggedIn');
+                    document.getElementById('loginModal').style.display = 'block';
+                    refreshCaptcha();
+                }
+            } catch (error) {
+                localStorage.removeItem('isLoggedIn');
                document.getElementById('loginModal').style.display = 'block';
                refreshCaptcha();
            }
-            } else {
-            localStorage.removeItem('isLoggedIn');
-            document.getElementById('loginModal').style.display = 'block';
-            refreshCaptcha();
-            }
-          } catch (error) {
-            localStorage.removeItem('isLoggedIn');
-            document.getElementById('loginModal').style.display = 'block';
-            refreshCaptcha();
-          }
        };

        function updateAdImage(adImages) {