diff --git a/.gitignore b/.gitignore index 55c9015..d7ca6a2 100644 --- a/.gitignore +++ b/.gitignore @@ -27,3 +27,6 @@ coverage/ .env.* .env.local .env.*.local + +# Local runtime data (contains secrets/user data) +sproutgate-backend/data/ diff --git a/sproutgate-backend/API_DOCS.md b/sproutgate-backend/API_DOCS.md index 276269a..779d5e2 100644 --- a/sproutgate-backend/API_DOCS.md +++ b/sproutgate-backend/API_DOCS.md @@ -214,11 +214,11 @@ ## 管理端接口(需要管理员 Token) -管理员 Token 存放在 `data/config/admin.json` 中,默认值为 `shumengya520`。 +管理员 Token 存放在 `data/config/admin.json` 中;如果文件不存在,后端启动时会自动生成并写入该文件。 请求时可使用以下任一方式携带: -- Query:`?token=shumengya520` -- Header:`X-Admin-Token: shumengya520` -- Header:`Authorization: Bearer shumengya520` +- Query:`?token=` +- Header:`X-Admin-Token: ` +- Header:`Authorization: Bearer ` ### 获取用户列表 `GET /api/admin/users` diff --git a/sproutgate-backend/data/config/admin.json b/sproutgate-backend/data/config/admin.json deleted file mode 100644 index 277cd24..0000000 --- a/sproutgate-backend/data/config/admin.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "token": "shumengya520" -} diff --git a/sproutgate-backend/data/config/auth.json b/sproutgate-backend/data/config/auth.json deleted file mode 100644 index 9a8c075..0000000 --- a/sproutgate-backend/data/config/auth.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "jwtSecret": "c3Byb3V0Z2F0ZS1zZWNyZXQ=", - "issuer": "sproutgate" -} diff --git a/sproutgate-backend/data/config/email.json b/sproutgate-backend/data/config/email.json deleted file mode 100644 index f20c1b8..0000000 --- a/sproutgate-backend/data/config/email.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "fromName": "萌芽账户认证中心", - "fromAddress": "notice@smyhub.com", - "username": "notice@smyhub.com", - "password": "tyh@19900420", - "smtpHost": "smtp.qiye.aliyun.com", - "smtpPort": 465, - "encryption": "SSL" -} \ No newline at end of file diff --git a/sproutgate-backend/data/users/YWRtaW4.json b/sproutgate-backend/data/users/YWRtaW4.json deleted file mode 100644 index 6484fbe..0000000 --- a/sproutgate-backend/data/users/YWRtaW4.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "account": "admin", - "passwordHash": "$2a$10$T3XCFYOldB7b3RLuu.oxJeXTIdifjXIRyZdf/nHFIEwWAFRedysHi", - "username": "管理员", - "email": "admin@smyhub.com", - "level": 0, - "sproutCoins": 0, - "secondaryEmails": [ - "mail@smyhub.com" - ], - "phone": "74074091740", - "avatarUrl": "https://img.shumengya.top/i/2025/11/02/69073c02060d3.webp", - "bio": "我是管理员", - "createdAt": "2026-03-14T18:38:07+08:00", - "updatedAt": "2026-03-14T19:26:11+08:00" -} \ No newline at end of file diff --git a/sproutgate-backend/data/users/c2h1bWVuZ3lh.json b/sproutgate-backend/data/users/c2h1bWVuZ3lh.json deleted file mode 100644 index 070c181..0000000 --- a/sproutgate-backend/data/users/c2h1bWVuZ3lh.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "account": "shumengya", - "passwordHash": "$2a$10$f6JZ6S26BdfK8dxHQ/eeb.q9adTbkBmyprta8WlMCR3v5gMpERlgO", - "username": "树萌芽", - "email": "mail@smyhub.com", - "level": 0, - "sproutCoins": 100, - "secondaryEmails": [], - "avatarUrl": "https://img.shumengya.top/i/2025/11/02/69073c018174e.webp", - "bio": "(=^・ω・^=) 喵~", - "createdAt": "2026-03-14T18:12:20+08:00", - "updatedAt": "2026-03-14T18:12:20+08:00" -} diff --git a/sproutgate-backend/internal/storage/storage.go b/sproutgate-backend/internal/storage/storage.go index 2779903..5b10302 100644 --- a/sproutgate-backend/internal/storage/storage.go +++ b/sproutgate-backend/internal/storage/storage.go @@ -119,9 +119,12 @@ func (s *Store) EmailConfig() EmailConfig { } func (s *Store) loadOrCreateAdminConfig() error { - defaultToken := "shumengya520" if _, err := os.Stat(s.adminConfigPath); errors.Is(err, os.ErrNotExist) { - cfg := AdminConfig{Token: defaultToken} + token, err := generateToken() + if err != nil { + return err + } + cfg := AdminConfig{Token: token} if err := writeJSONFile(s.adminConfigPath, cfg); err != nil { return err } @@ -133,7 +136,11 @@ func (s *Store) loadOrCreateAdminConfig() error { return err } if strings.TrimSpace(cfg.Token) == "" { - cfg.Token = defaultToken + token, err := generateToken() + if err != nil { + return err + } + cfg.Token = token if err := writeJSONFile(s.adminConfigPath, cfg); err != nil { return err } @@ -194,7 +201,7 @@ func (s *Store) loadOrCreateEmailConfig() error { FromName: "萌芽账户认证中心", FromAddress: "notice@smyhub.com", Username: "", - Password: "tyh@19900420", + Password: "", SMTPHost: "smtp.qiye.aliyun.com", SMTPPort: 465, Encryption: "SSL", @@ -243,6 +250,14 @@ func generateSecret() ([]byte, error) { return secret, err } +func generateToken() (string, error) { + secret, err := generateSecret() + if err != nil { + return "", err + } + return base64.RawURLEncoding.EncodeToString(secret), nil +} + func (s *Store) ListUsers() ([]models.UserRecord, error) { s.mu.Lock() defer s.mu.Unlock()