LiuMangMang/SmartUp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36 Commits 1 Branch 0 Tags
bea4344bb35638b7807c86adbbdee61488eba384
Commit Graph

21 Commits

Author SHA1 Message Date
liumangmang bea4344bb3 fix: reconcile upstream keys on list/generate/import to prevent stale key imports 
- Extract reconcile_upstream_keys() to website_sync.py (shared scheduler + on-demand)
- Add reconcile_upstream_keys_full() for on-demand reconciliation at three entry points:
  list_generated_keys, generate_keys_by_groups, import_upstream_keys_as_accounts
- Safe on failure: active_group_ids=None / remote_key_ids=None skip cleanup
- Support custom managed_prefix via _fetch_remote_managed_key_ids() helper
- Exclude orphaned keys from frontend importable list
- Remove hardcoded search='SmartUp' from scheduler path
 2026-06-01 11:29:37 +08:00
liumangmang 5268f1119b fix: multi-tab concurrency and metadata sync improvements 2026-05-30 10:08:55 +08:00
liumangmang 3ab3a5e26f feat: add multi-tab support to remote browser 2026-05-30 09:51:51 +08:00
liumangmang 5c20ddc8e6 feat: sync account priorities after rate changes 2026-05-29 17:51:12 +08:00
liumangmang c5778bb3e7 feat: persist browser sessions and update admin workflows 2026-05-29 16:00:43 +08:00
SmartUp Developer 42d8731ff7 perf: website_sync 批量查询 + custom_pages origin TTL 缓存 2026-05-25 00:52:38 +08:00
SmartUp Developer 41a439d830 perf: SQLite WAL + 复合索引 + GZip + scheduler jitter + 构建缓存 2026-05-25 00:08:10 +08:00
SmartUp Developer 3a31d185a4 fix: reuse upstream keys for account import 2026-05-24 23:18:40 +08:00
liumangmang 6044b00685 feat: 上游 Key 唯一化、分组导入跳过、账号导入平台识别&远端校验&base_url 注入 
- 上游 Key 命名改为 {prefix}-{upstream.id}-{safe_group_name}-{group_id}
- 唯一约束 (upstream_id, group_id, managed_prefix) 加 managed_prefix 列
- 上游检测成功时同步 Key 状态,远端已删/分组已删自动清理
- 重复分组导入跳过,目标网站已存在同名分组返回 exists
- 账号导入平台自动识别(auto/manual 模式)
- 全选可导入 Key 按钮 + 目标分组自动匹配
- 导入幂等:已导入过的 Key 校验远端账号,不存在则重建
- 新增同步接口 POST /sync-imported-upstream-keys
- account_exists() 通过拉取账号列表判断,避免 404 误判
- credentials.base_url 注入来源上游地址,避免 401
- 前端导入弹窗自动同步+刷新按钮+并发/优先级设置
- 新增 12 个测试覆盖同步、幂等、远端删除、校验失败路径
 2026-05-21 01:16:39 +08:00
liumangmang 0a27bba296 fix: 修复远程浏览器登录态保留 & 剪贴板同步问题 2026-05-20 10:13:13 +08:00
liumangmang 6cc797f915 feat: remote browser login persistence + balance display + UI consistency 
- Retain login state in remote browser profiles (don't delete on disconnect)
- Add GET /api/browser-sessions/{id}/clipboard for clipboard sync
- Add POST /api/browser-sessions/{id}/autofill-login for manual credential fill
- Add DELETE /api/browser-sessions/profiles/{custom_page_id} for login clear
- Add balance tracking with configurable divisor (balance_divisor)
- Health check on session reuse, idle TTL eviction, background cleanup
- Add first-frame watchdog (10s timeout) to prevent infinite loading
- Reconnect browser on active=true when session was closed
- UI: uniform text-only inline buttons (websites + upstreams pages)
- Fix page switch race with closingRemoteSessionPromise
 2026-05-20 09:44:20 +08:00
SmartUp Developer 4c71148ff9 feat: one-click upstream auth refresh from custom page viewer 
- Add linked_upstream_id to CustomPage model with DB migration
- New POST /api/custom-pages/{pid}/refresh-auth endpoint extracts
  credentials from active remote browser and updates linked upstream
- PageViewer toolbar shows key icon button when page has linked upstream
- CustomPages form adds upstream dropdown for remote_browser pages
- Auth capture extracts New-Api-User from localStorage uid/user/self API
- Upstream client sends New-Api-User header in cookie auth mode
- Fix auth capture dialog: transparent background, field persistence,
  login URL defaults to base_url/login, focus on click for keyboard input
- Fix upstream test ASCII encoding with non-header characters validation

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-19 09:27:14 +08:00
SmartUp Developer 7cb0ff1608 fix: object URL leak, CDP before goto, limit raw secrets in extract 
- AuthCaptureDialog: revokeObjectURL on each frame to prevent memory leak
- CDP Network capture starts before initial page.goto, not after
- /extract defaults to candidates-only; pass ?include_raw=true for full data
 2026-05-18 14:25:56 +08:00
SmartUp Developer c7b33983d6 feat: auth-capture — WS frame stream, drag events, continuous CDP, profile cleanup 
- AuthCaptureDialog: real WebSocket for binary JPEG frame stream (no polling)
- Pointer drag: mousedown/mousemove/mouseup events for slider-captcha
- CDP capture starts at session creation, caches headers in session.captured_headers
- Ephemeral profile dir deleted on session close (shutil.rmtree)
- Candidate types unified: bearer_token / cookie / api_key / credential
- Frontend handleAuthCaptureSelect maps all 4 types to correct form fields
 2026-05-18 14:14:33 +08:00
SmartUp Developer 08c855677a feat: auth capture — interactive browser, CDP header capture, cookie auth 
- AuthCaptureDialog: full WS screenshot stream + mouse/keyboard/scroll events
- Backend auth_capture: CDP Network.requestWillBeSent for Authorization headers
- Candidate scoring: confidence 0-95%, preview (masked), auth_headers section
- Upstream form: add 'Cookie' auth type, handle cookie selection
- UpstreamClient: support auth_type=cookie with Cookie header
- No secrets logged at DEBUG or higher
 2026-05-18 11:44:10 +08:00
SmartUp Developer 4d1237c58f feat: auth capture — remote browser credential extraction 
- BrowserSessionService: add create_ephemeral() for temp sessions
- New auth_capture_service.py: extract cookies, localStorage, sessionStorage from page
- New auth_capture router: POST /sessions, GET /sessions/{id}/extract, DELETE /sessions/{id}
- Frontend AuthCaptureDialog: URL input → browser view → extract → pick candidate
- Upstreams.vue: '提取' button next to Bearer Token field
- No sensitive values logged
 2026-05-17 21:04:36 +08:00
SmartUp Developer 2934473770 fix: remove stale _decimal_str ref, add context manager to HTTP clients 
- UpstreamClient & Sub2ApiWebsiteClient: add __enter__/__exit__
- Convert all call sites to `with Client(...) as c:` pattern
- Remove unused `upstream_name`/`upstream_base_url` locals in scheduler
- Fix stale _decimal_str→decimal_string in _rate_from_group
 2026-05-17 11:29:51 +08:00
SmartUp Developer 8a6ed249be fix: complete remaining 8 optimization items 
- HTTP connection pooling: UpstreamClient & WebsiteClient reuse httpx.Client
- Deduplicate decimal_string into shared app/utils/number.py
- Split scheduler transaction: snapshot write → webhook/website sync in separate sessions
- Remove hardcoded 170.106.100.210 migration from database.py
- Reset consecutive_failures on upstream update
- Healthcheck: install curl, replace python -c with curl -f
- Add .dockerignore to reduce build context
- Frontend: add axios-retry with exponential backoff (5xx/network errors only)
 2026-05-17 11:09:35 +08:00
SmartUp Developer ad16618406 fix: address multiple code audit findings 
- CORS: replace wildcard with explicit origin list from CORS_ORIGINS env
- Auth: enforce strong defaults, JWT blacklist (RevokedToken model), login rate limiting
- Auth: validate password length before bcrypt (72-byte limit)
- Scheduler: single-threaded worker to mitigate SQLite write contention
- Scheduler: graceful shutdown (wait=True)
- Snapshots: add prune_snapshots() with configurable retention count
- Storage: isolate localStorage keys via VITE_APP_KEY prefix
- Config: add cors_origins, login_rate_limit, snapshot_retention_count settings
 2026-05-17 10:52:18 +08:00
liumangmang 7adc7c00ab Add remote browser pages and website sync 
Enable managed remote browser custom pages with login autofill and add website sync workflows so external admin surfaces can be handled inside SmartUp.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-15 15:43:58 +08:00
liumangmang b564ca4797 Initial commit 2026-05-12 17:51:53 +08:00