LiuMangMang/SmartUp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
14 Commits 1 Branch 0 Tags
08c855677a669dd5dcdfbdd5f400b1360e58008e
Commit Graph

9 Commits

Author SHA1 Message Date
SmartUp Developer 08c855677a feat: auth capture — interactive browser, CDP header capture, cookie auth 
- AuthCaptureDialog: full WS screenshot stream + mouse/keyboard/scroll events
- Backend auth_capture: CDP Network.requestWillBeSent for Authorization headers
- Candidate scoring: confidence 0-95%, preview (masked), auth_headers section
- Upstream form: add 'Cookie' auth type, handle cookie selection
- UpstreamClient: support auth_type=cookie with Cookie header
- No secrets logged at DEBUG or higher
 2026-05-18 11:44:10 +08:00
SmartUp Developer 4d1237c58f feat: auth capture — remote browser credential extraction 
- BrowserSessionService: add create_ephemeral() for temp sessions
- New auth_capture_service.py: extract cookies, localStorage, sessionStorage from page
- New auth_capture router: POST /sessions, GET /sessions/{id}/extract, DELETE /sessions/{id}
- Frontend AuthCaptureDialog: URL input → browser view → extract → pick candidate
- Upstreams.vue: '提取' button next to Bearer Token field
- No sensitive values logged
 2026-05-17 21:04:36 +08:00
SmartUp Developer 84b714ced3 fix: sync admin password from .env on startup, add host.docker.internal for local sub2api 
- _init_admin now re-hashes password if .env password differs from DB
- docker-compose: add extra_hosts host.docker.internal:host-gateway
  so containers can reach host services via host.docker.internal
 2026-05-17 12:52:09 +08:00
SmartUp Developer 5c60627fb6 fix: Vite type declaration, non-idempotent retry, hardcoded test IP 
- Add frontend/src/vite-env.d.ts (reference vite/client) to fix vue-tsc build
- Restrict axios-retry to GET/HEAD/OPTIONS only (avoid replaying mutations)
- Convert test_upstream.py to accept URL via CLI args instead of hardcoded IP
 2026-05-17 11:56:49 +08:00
SmartUp Developer 2934473770 fix: remove stale _decimal_str ref, add context manager to HTTP clients 
- UpstreamClient & Sub2ApiWebsiteClient: add __enter__/__exit__
- Convert all call sites to `with Client(...) as c:` pattern
- Remove unused `upstream_name`/`upstream_base_url` locals in scheduler
- Fix stale _decimal_str→decimal_string in _rate_from_group
 2026-05-17 11:29:51 +08:00
SmartUp Developer 8a6ed249be fix: complete remaining 8 optimization items 
- HTTP connection pooling: UpstreamClient & WebsiteClient reuse httpx.Client
- Deduplicate decimal_string into shared app/utils/number.py
- Split scheduler transaction: snapshot write → webhook/website sync in separate sessions
- Remove hardcoded 170.106.100.210 migration from database.py
- Reset consecutive_failures on upstream update
- Healthcheck: install curl, replace python -c with curl -f
- Add .dockerignore to reduce build context
- Frontend: add axios-retry with exponential backoff (5xx/network errors only)
 2026-05-17 11:09:35 +08:00
SmartUp Developer ad16618406 fix: address multiple code audit findings 
- CORS: replace wildcard with explicit origin list from CORS_ORIGINS env
- Auth: enforce strong defaults, JWT blacklist (RevokedToken model), login rate limiting
- Auth: validate password length before bcrypt (72-byte limit)
- Scheduler: single-threaded worker to mitigate SQLite write contention
- Scheduler: graceful shutdown (wait=True)
- Snapshots: add prune_snapshots() with configurable retention count
- Storage: isolate localStorage keys via VITE_APP_KEY prefix
- Config: add cors_origins, login_rate_limit, snapshot_retention_count settings
 2026-05-17 10:52:18 +08:00
liumangmang 7adc7c00ab Add remote browser pages and website sync 
Enable managed remote browser custom pages with login autofill and add website sync workflows so external admin surfaces can be handled inside SmartUp.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-15 15:43:58 +08:00
liumangmang b564ca4797 Initial commit 2026-05-12 17:51:53 +08:00