Files
X-Financial/web/src/views/scripts/SettingsView.js

718 lines
21 KiB
JavaScript
Raw Normal View History

import { computed, onMounted, ref } from 'vue'
import { useSystemState } from '../../composables/useSystemState.js'
import { fetchSettings, saveSettings, testModelConnectivity } from '../../services/settings.js'
import { useToast } from '../../composables/useToast.js'
const SETTINGS_STORAGE_KEY = 'x-financial-settings-draft'
const CURRENT_YEAR = new Date().getFullYear()
const CUSTOM_OPENAI_PROVIDER = 'Custom OpenAI Compatible'
feat: 重构模型配置存储与 API Key 加密管理 主要修改点: 1. 遗留密码格式兼容 (server/src/app/core/admin_secret.py) - 新增 legacy_admin_secret_to_password_hash(): 将旧版 admin secret 记录转换为标准 scrypt 哈希格式 2. Scrypt 密码验证增强 (server/src/app/core/security.py) - verify_password(): 新增 scrypt$ 前缀检测,分流到专用验证函数 - 新增 verify_scrypt_password(): 解析 scrypt$ 格式哈希并验证 3. 模型配置存储重构 (server/src/app/models/system_model_setting.py) - 新增 SystemModelSetting 模型(slot 为 PK) - 字段: slot, provider, model_name, endpoint, capability, priority, enabled, api_key_encrypted, created_at, updated_at 4. Settings Repository 扩展 (server/src/app/repositories/settings.py) - 新增 get_model_settings(): 获取所有模型配置 - 新增 get_model_setting(slot): 按 slot 获取单个模型配置 5. Settings Service 重构 (server/src/app/services/settings.py) - 新增 ModelSlotConfig dataclass: 封装单个模型槽位的配置属性 - 新增 MODEL_SLOT_CONFIGS 字典: main/backup/vlm/embedding 四个槽位配置 - 重构 save_model_settings(): 批量保存模型配置到 SystemModelSetting 表 - 新增 load_model_settings(): 从 SystemModelSetting 表加载所有模型配置 - read_settings(): 整合 legacy secrets 与新的 SystemModelSetting 表数据 - write_settings(): 拆分 model secrets 到 SystemModelSetting 表 - decrypt_model_secret(): 新增从数据库读取加密的 API Key 6. 数据库模型注册 (server/src/app/db/base.py) - 注册 SystemModelSetting 模型 7. 前端 API URL 智能解析 (web/src/services/api.js) - 新增 isLoopbackHost(): 判断是否为回环地址 - 新增 resolveBrowserReachableApiBaseUrl(): 当后端配置为回环地址但浏览器非回环时,自动替换为浏览器 host - 改进错误信息: "无法连接 FastAPI 后端服务,请确认后端已启动且浏览器可访问后端端口。" 8. 前端 Session 导航增强 (web/src/composables/useSystemState.js) - installSessionNavigation(): 调用 fetchBootstrapState 后设置运行时 API Base URL 9. Settings 视图增强 (web/src/views/SettingsView.vue) - API Key 输入框: 新增 @focus="clearModelSecretMask('xxx')" 清除遮罩 - 新增 .secret-bound-state 提示: 显示"已从数据库加密加载,测试会使用已保存密钥" 10. Settings 脚本增强 (web/src/views/scripts/SettingsView.js) - 新增 clearModelSecretMask(slot): 清除指定槽位的 API Key 遮罩状态 11. CSS 样式 (web/src/assets/styles/views/settings-view.css) - 新增 .secret-bound-state 样式: 显示数据库已加载密钥的提示样式
2026-05-08 11:14:04 +08:00
const MODEL_SECRET_MASK = '********'
const SECTION_DEFINITIONS = [
{
id: 'profile',
label: '企业信息',
title: '系统基本信息',
desc: '公司名称、品牌与版权',
longDesc: '统一维护企业名称、系统显示名称和版权信息,保存后会同步更新当前系统品牌展示。',
actionLabel: '保存企业信息'
},
{
id: 'admin',
label: '管理员安全',
title: '管理员账号与安全策略',
desc: '账号、密码与登录安全',
longDesc: '集中管理管理员账号、邮箱和登录安全策略。密码仅在当前输入时可见,不会写入浏览器草稿。',
actionLabel: '保存安全设置'
},
{
id: 'llm',
label: '大语言模型',
title: '模型接入配置',
desc: '主模型、备份模型与多模态模型',
longDesc: '集中维护主模型、备份模型、VLM 模型和 Embedding 模型的接入参数,供 AI 助手和识别链路调用。',
actionLabel: '保存模型配置'
},
{
id: 'logs',
label: '日志策略',
title: '日志与审计策略',
desc: '日志级别、留存与脱敏',
longDesc: '定义系统日志级别、留存周期和审计策略,保证问题排查和合规审计可追溯。',
actionLabel: '保存日志策略'
},
{
id: 'mail',
label: '邮箱设置',
title: '邮箱通知配置',
desc: 'SMTP 与通知投递策略',
longDesc: '维护系统邮件发送配置和通知投递策略,审批、告警和摘要邮件都会依赖这里的设置。',
actionLabel: '保存邮箱配置'
}
]
const LOG_LEVELS = ['DEBUG', 'INFO', 'WARN', 'ERROR']
const PROVIDER_OPTIONS = [
'MiniMax',
'GLM',
'Kimi',
'Ali',
'Codex',
'Claude',
'Gemini',
CUSTOM_OPENAI_PROVIDER
]
const PROVIDER_ENDPOINTS = {
MiniMax: 'https://api.minimaxi.com/v1',
GLM: 'https://open.bigmodel.cn/api/paas/v4/',
Kimi: 'https://api.moonshot.ai/v1',
Ali: 'https://dashscope.aliyuncs.com/compatible-mode/v1',
Codex: 'https://api.openai.com/v1',
Claude: 'https://api.anthropic.com/v1/',
Gemini: 'https://generativelanguage.googleapis.com/v1beta/openai/',
[CUSTOM_OPENAI_PROVIDER]: ''
}
const LEGACY_PROVIDER_MAP = {
'OpenAI Compatible': 'Codex',
'Azure OpenAI': CUSTOM_OPENAI_PROVIDER,
Ollama: CUSTOM_OPENAI_PROVIDER,
'自定义网关': CUSTOM_OPENAI_PROVIDER
}
const MODEL_TEST_CONFIGS = {
main: {
label: '主模型',
providerKey: 'mainProvider',
modelKey: 'mainModel',
endpointKey: 'mainEndpoint',
apiKeyKey: 'mainApiKey',
capability: 'chat'
},
backup: {
label: '备份模型',
providerKey: 'backupProvider',
modelKey: 'backupModel',
endpointKey: 'backupEndpoint',
apiKeyKey: 'backupApiKey',
capability: 'chat'
},
vlm: {
label: 'VLM 模型',
providerKey: 'vlmProvider',
modelKey: 'vlmModel',
endpointKey: 'vlmEndpoint',
apiKeyKey: 'vlmApiKey',
capability: 'chat'
},
embedding: {
label: 'Embedding 模型',
providerKey: 'embeddingProvider',
modelKey: 'embeddingModel',
endpointKey: 'embeddingEndpoint',
apiKeyKey: 'embeddingApiKey',
capability: 'embedding'
}
}
feat: 重构模型配置存储与 API Key 加密管理 主要修改点: 1. 遗留密码格式兼容 (server/src/app/core/admin_secret.py) - 新增 legacy_admin_secret_to_password_hash(): 将旧版 admin secret 记录转换为标准 scrypt 哈希格式 2. Scrypt 密码验证增强 (server/src/app/core/security.py) - verify_password(): 新增 scrypt$ 前缀检测,分流到专用验证函数 - 新增 verify_scrypt_password(): 解析 scrypt$ 格式哈希并验证 3. 模型配置存储重构 (server/src/app/models/system_model_setting.py) - 新增 SystemModelSetting 模型(slot 为 PK) - 字段: slot, provider, model_name, endpoint, capability, priority, enabled, api_key_encrypted, created_at, updated_at 4. Settings Repository 扩展 (server/src/app/repositories/settings.py) - 新增 get_model_settings(): 获取所有模型配置 - 新增 get_model_setting(slot): 按 slot 获取单个模型配置 5. Settings Service 重构 (server/src/app/services/settings.py) - 新增 ModelSlotConfig dataclass: 封装单个模型槽位的配置属性 - 新增 MODEL_SLOT_CONFIGS 字典: main/backup/vlm/embedding 四个槽位配置 - 重构 save_model_settings(): 批量保存模型配置到 SystemModelSetting 表 - 新增 load_model_settings(): 从 SystemModelSetting 表加载所有模型配置 - read_settings(): 整合 legacy secrets 与新的 SystemModelSetting 表数据 - write_settings(): 拆分 model secrets 到 SystemModelSetting 表 - decrypt_model_secret(): 新增从数据库读取加密的 API Key 6. 数据库模型注册 (server/src/app/db/base.py) - 注册 SystemModelSetting 模型 7. 前端 API URL 智能解析 (web/src/services/api.js) - 新增 isLoopbackHost(): 判断是否为回环地址 - 新增 resolveBrowserReachableApiBaseUrl(): 当后端配置为回环地址但浏览器非回环时,自动替换为浏览器 host - 改进错误信息: "无法连接 FastAPI 后端服务,请确认后端已启动且浏览器可访问后端端口。" 8. 前端 Session 导航增强 (web/src/composables/useSystemState.js) - installSessionNavigation(): 调用 fetchBootstrapState 后设置运行时 API Base URL 9. Settings 视图增强 (web/src/views/SettingsView.vue) - API Key 输入框: 新增 @focus="clearModelSecretMask('xxx')" 清除遮罩 - 新增 .secret-bound-state 提示: 显示"已从数据库加密加载,测试会使用已保存密钥" 10. Settings 脚本增强 (web/src/views/scripts/SettingsView.js) - 新增 clearModelSecretMask(slot): 清除指定槽位的 API Key 遮罩状态 11. CSS 样式 (web/src/assets/styles/views/settings-view.css) - 新增 .secret-bound-state 样式: 显示数据库已加载密钥的提示样式
2026-05-08 11:14:04 +08:00
const MODEL_API_KEY_CONFIGS = Object.values(MODEL_TEST_CONFIGS)
function normalizeValue(value) {
return String(value ?? '').trim()
}
function normalizeProviderValue(value, fallback = 'Codex') {
const normalized = normalizeValue(value)
if (PROVIDER_OPTIONS.includes(normalized)) {
return normalized
}
if (LEGACY_PROVIDER_MAP[normalized]) {
return LEGACY_PROVIDER_MAP[normalized]
}
return fallback
}
function getProviderEndpoint(provider) {
return PROVIDER_ENDPOINTS[provider] ?? ''
}
function buildDefaultState(companyProfile, currentUser) {
const companyName = normalizeValue(companyProfile?.name) || 'X-Financial'
const companyCode = normalizeValue(companyProfile?.code) || 'XF-001'
const adminEmail =
normalizeValue(companyProfile?.adminEmail) ||
normalizeValue(currentUser?.email) ||
'admin@example.com'
const adminAccount = normalizeValue(currentUser?.username) || 'superadmin'
return {
companyForm: {
companyName,
displayName: companyName,
companyCode,
recordNumber: '',
copyright: `Copyright © 2024-${CURRENT_YEAR} ${companyName}. All Rights Reserved.`
},
adminForm: {
adminAccount,
adminEmail,
newPassword: '',
confirmPassword: '',
sessionTimeout: Number(import.meta.env.VITE_AUTH_IDLE_TIMEOUT_MINUTES || 30),
noticeEmail: adminEmail,
mfaEnabled: true,
strongPassword: true,
loginAlertEnabled: true,
adminPasswordConfigured: false
},
llmForm: {
mainProvider: 'Codex',
mainModel: 'codex-mini-latest',
mainEndpoint: getProviderEndpoint('Codex'),
mainApiKey: '',
mainApiKeyConfigured: false,
backupProvider: 'GLM',
backupModel: 'glm-5.1',
backupEndpoint: getProviderEndpoint('GLM'),
backupApiKey: '',
backupApiKeyConfigured: false,
vlmProvider: 'Gemini',
vlmModel: 'gemini-2.5-flash',
vlmEndpoint: getProviderEndpoint('Gemini'),
vlmApiKey: '',
vlmApiKeyConfigured: false,
embeddingProvider: 'GLM',
embeddingModel: 'Embedding-3',
embeddingEndpoint: getProviderEndpoint('GLM'),
embeddingApiKey: '',
embeddingApiKeyConfigured: false
},
logForm: {
level: 'INFO',
retentionDays: 180,
archiveCycle: 'weekly',
logPath: 'server/logs/app.log',
alertEmail: adminEmail,
operationAudit: true,
loginAudit: true,
maskSensitive: true
},
mailForm: {
smtpHost: 'smtp.exmail.qq.com',
port: 465,
encryption: 'SSL/TLS',
senderName: companyName,
senderAddress: adminEmail,
username: adminEmail,
password: '',
passwordConfigured: false,
alertEnabled: true,
digestEnabled: false,
digestTime: '09:00',
defaultReceiver: adminEmail
}
}
}
function readStoredSettings() {
if (typeof window === 'undefined') {
return null
}
const raw = window.sessionStorage.getItem(SETTINGS_STORAGE_KEY)
if (!raw) {
return null
}
try {
return JSON.parse(raw)
} catch {
return null
}
}
function mergeState(baseState, overrideState) {
const mergedLlmForm = { ...baseState.llmForm, ...(overrideState?.llmForm || {}) }
mergedLlmForm.mainProvider = normalizeProviderValue(mergedLlmForm.mainProvider, baseState.llmForm.mainProvider)
mergedLlmForm.backupProvider = normalizeProviderValue(mergedLlmForm.backupProvider, baseState.llmForm.backupProvider)
mergedLlmForm.vlmProvider = normalizeProviderValue(mergedLlmForm.vlmProvider, baseState.llmForm.vlmProvider)
mergedLlmForm.embeddingProvider = normalizeProviderValue(
mergedLlmForm.embeddingProvider,
baseState.llmForm.embeddingProvider
)
return {
companyForm: { ...baseState.companyForm, ...(overrideState?.companyForm || {}) },
adminForm: { ...baseState.adminForm, ...(overrideState?.adminForm || {}) },
llmForm: mergedLlmForm,
logForm: { ...baseState.logForm, ...(overrideState?.logForm || {}) },
mailForm: { ...baseState.mailForm, ...(overrideState?.mailForm || {}) }
}
}
function sanitizeForStorage(state) {
return {
companyForm: { ...state.companyForm },
adminForm: {
...state.adminForm,
newPassword: '',
confirmPassword: ''
},
llmForm: {
...state.llmForm,
mainApiKey: '',
backupApiKey: '',
vlmApiKey: '',
embeddingApiKey: ''
},
logForm: { ...state.logForm },
mailForm: {
...state.mailForm,
password: ''
}
}
}
feat: 重构模型配置存储与 API Key 加密管理 主要修改点: 1. 遗留密码格式兼容 (server/src/app/core/admin_secret.py) - 新增 legacy_admin_secret_to_password_hash(): 将旧版 admin secret 记录转换为标准 scrypt 哈希格式 2. Scrypt 密码验证增强 (server/src/app/core/security.py) - verify_password(): 新增 scrypt$ 前缀检测,分流到专用验证函数 - 新增 verify_scrypt_password(): 解析 scrypt$ 格式哈希并验证 3. 模型配置存储重构 (server/src/app/models/system_model_setting.py) - 新增 SystemModelSetting 模型(slot 为 PK) - 字段: slot, provider, model_name, endpoint, capability, priority, enabled, api_key_encrypted, created_at, updated_at 4. Settings Repository 扩展 (server/src/app/repositories/settings.py) - 新增 get_model_settings(): 获取所有模型配置 - 新增 get_model_setting(slot): 按 slot 获取单个模型配置 5. Settings Service 重构 (server/src/app/services/settings.py) - 新增 ModelSlotConfig dataclass: 封装单个模型槽位的配置属性 - 新增 MODEL_SLOT_CONFIGS 字典: main/backup/vlm/embedding 四个槽位配置 - 重构 save_model_settings(): 批量保存模型配置到 SystemModelSetting 表 - 新增 load_model_settings(): 从 SystemModelSetting 表加载所有模型配置 - read_settings(): 整合 legacy secrets 与新的 SystemModelSetting 表数据 - write_settings(): 拆分 model secrets 到 SystemModelSetting 表 - decrypt_model_secret(): 新增从数据库读取加密的 API Key 6. 数据库模型注册 (server/src/app/db/base.py) - 注册 SystemModelSetting 模型 7. 前端 API URL 智能解析 (web/src/services/api.js) - 新增 isLoopbackHost(): 判断是否为回环地址 - 新增 resolveBrowserReachableApiBaseUrl(): 当后端配置为回环地址但浏览器非回环时,自动替换为浏览器 host - 改进错误信息: "无法连接 FastAPI 后端服务,请确认后端已启动且浏览器可访问后端端口。" 8. 前端 Session 导航增强 (web/src/composables/useSystemState.js) - installSessionNavigation(): 调用 fetchBootstrapState 后设置运行时 API Base URL 9. Settings 视图增强 (web/src/views/SettingsView.vue) - API Key 输入框: 新增 @focus="clearModelSecretMask('xxx')" 清除遮罩 - 新增 .secret-bound-state 提示: 显示"已从数据库加密加载,测试会使用已保存密钥" 10. Settings 脚本增强 (web/src/views/scripts/SettingsView.js) - 新增 clearModelSecretMask(slot): 清除指定槽位的 API Key 遮罩状态 11. CSS 样式 (web/src/assets/styles/views/settings-view.css) - 新增 .secret-bound-state 样式: 显示数据库已加载密钥的提示样式
2026-05-08 11:14:04 +08:00
function getModelConfiguredKey(apiKeyKey) {
return `${apiKeyKey}Configured`
}
function isModelSecretMask(value) {
return value === MODEL_SECRET_MASK
}
function maskConfiguredModelSecrets(state) {
for (const config of MODEL_API_KEY_CONFIGS) {
const configuredKey = getModelConfiguredKey(config.apiKeyKey)
if (state.llmForm[configuredKey] && !normalizeValue(state.llmForm[config.apiKeyKey])) {
state.llmForm[config.apiKeyKey] = MODEL_SECRET_MASK
}
}
return state
}
function buildLlmPayload(llmForm) {
const payload = { ...llmForm }
for (const config of MODEL_API_KEY_CONFIGS) {
if (isModelSecretMask(payload[config.apiKeyKey])) {
payload[config.apiKeyKey] = ''
}
}
return payload
}
function persistSettings(state) {
if (typeof window === 'undefined') {
return
}
window.sessionStorage.setItem(SETTINGS_STORAGE_KEY, JSON.stringify(sanitizeForStorage(state)))
}
function isModelConfigReady(provider, model, endpoint) {
return Boolean(normalizeValue(provider) && normalizeValue(model) && normalizeValue(endpoint))
}
function computeSectionStatus(state) {
return {
profile: Boolean(
normalizeValue(state.companyForm.companyName) &&
normalizeValue(state.companyForm.displayName) &&
normalizeValue(state.companyForm.copyright)
),
admin: Boolean(
normalizeValue(state.adminForm.adminAccount) &&
normalizeValue(state.adminForm.adminEmail) &&
Number(state.adminForm.sessionTimeout) >= 5
),
llm: Boolean(
isModelConfigReady(state.llmForm.mainProvider, state.llmForm.mainModel, state.llmForm.mainEndpoint) &&
isModelConfigReady(state.llmForm.backupProvider, state.llmForm.backupModel, state.llmForm.backupEndpoint) &&
isModelConfigReady(state.llmForm.vlmProvider, state.llmForm.vlmModel, state.llmForm.vlmEndpoint) &&
isModelConfigReady(
state.llmForm.embeddingProvider,
state.llmForm.embeddingModel,
state.llmForm.embeddingEndpoint
)
),
logs: Boolean(
normalizeValue(state.logForm.level) &&
Number(state.logForm.retentionDays) > 0 &&
normalizeValue(state.logForm.logPath)
),
mail: Boolean(
normalizeValue(state.mailForm.smtpHost) &&
Number(state.mailForm.port) > 0 &&
normalizeValue(state.mailForm.senderAddress) &&
normalizeValue(state.mailForm.username)
)
}
}
export default {
name: 'SettingsView',
setup() {
const { toast } = useToast()
const { companyProfile, currentUser, updateCompanyProfilePreview } = useSystemState()
const buildResolvedDefaults = () => buildDefaultState(companyProfile.value, currentUser.value)
const pageState = ref(mergeState(buildResolvedDefaults(), readStoredSettings()))
const activeSection = ref('profile')
const modelTestState = ref({
main: { status: 'idle', message: '' },
backup: { status: 'idle', message: '' },
vlm: { status: 'idle', message: '' },
embedding: { status: 'idle', message: '' }
})
const sections = SECTION_DEFINITIONS
const logLevels = LOG_LEVELS
const providerOptions = PROVIDER_OPTIONS
const sectionStatus = computed(() => computeSectionStatus(pageState.value))
const completedSectionCount = computed(() => Object.values(sectionStatus.value).filter(Boolean).length)
const activeSectionConfig = computed(
() => sections.find((section) => section.id === activeSection.value) || sections[0]
)
function updateBrandPreviewFromState(state) {
updateCompanyProfilePreview({
name: normalizeValue(state.companyForm.displayName),
code: normalizeValue(state.companyForm.companyCode),
adminEmail: normalizeValue(state.adminForm.adminEmail)
})
}
function applyLoadedSnapshot(snapshot, options = {}) {
const {
mergeDraft = false,
preserveModelApiKeys = false,
preserveAdminPasswords = false,
preserveMailPassword = false
} = options
const currentState = pageState.value
let nextState = mergeState(buildResolvedDefaults(), snapshot)
if (mergeDraft) {
nextState = mergeState(nextState, readStoredSettings())
}
if (preserveModelApiKeys) {
nextState.llmForm.mainApiKey = currentState.llmForm.mainApiKey
nextState.llmForm.backupApiKey = currentState.llmForm.backupApiKey
nextState.llmForm.vlmApiKey = currentState.llmForm.vlmApiKey
nextState.llmForm.embeddingApiKey = currentState.llmForm.embeddingApiKey
}
if (preserveAdminPasswords) {
nextState.adminForm.newPassword = currentState.adminForm.newPassword
nextState.adminForm.confirmPassword = currentState.adminForm.confirmPassword
}
if (preserveMailPassword) {
nextState.mailForm.password = currentState.mailForm.password
}
feat: 重构模型配置存储与 API Key 加密管理 主要修改点: 1. 遗留密码格式兼容 (server/src/app/core/admin_secret.py) - 新增 legacy_admin_secret_to_password_hash(): 将旧版 admin secret 记录转换为标准 scrypt 哈希格式 2. Scrypt 密码验证增强 (server/src/app/core/security.py) - verify_password(): 新增 scrypt$ 前缀检测,分流到专用验证函数 - 新增 verify_scrypt_password(): 解析 scrypt$ 格式哈希并验证 3. 模型配置存储重构 (server/src/app/models/system_model_setting.py) - 新增 SystemModelSetting 模型(slot 为 PK) - 字段: slot, provider, model_name, endpoint, capability, priority, enabled, api_key_encrypted, created_at, updated_at 4. Settings Repository 扩展 (server/src/app/repositories/settings.py) - 新增 get_model_settings(): 获取所有模型配置 - 新增 get_model_setting(slot): 按 slot 获取单个模型配置 5. Settings Service 重构 (server/src/app/services/settings.py) - 新增 ModelSlotConfig dataclass: 封装单个模型槽位的配置属性 - 新增 MODEL_SLOT_CONFIGS 字典: main/backup/vlm/embedding 四个槽位配置 - 重构 save_model_settings(): 批量保存模型配置到 SystemModelSetting 表 - 新增 load_model_settings(): 从 SystemModelSetting 表加载所有模型配置 - read_settings(): 整合 legacy secrets 与新的 SystemModelSetting 表数据 - write_settings(): 拆分 model secrets 到 SystemModelSetting 表 - decrypt_model_secret(): 新增从数据库读取加密的 API Key 6. 数据库模型注册 (server/src/app/db/base.py) - 注册 SystemModelSetting 模型 7. 前端 API URL 智能解析 (web/src/services/api.js) - 新增 isLoopbackHost(): 判断是否为回环地址 - 新增 resolveBrowserReachableApiBaseUrl(): 当后端配置为回环地址但浏览器非回环时,自动替换为浏览器 host - 改进错误信息: "无法连接 FastAPI 后端服务,请确认后端已启动且浏览器可访问后端端口。" 8. 前端 Session 导航增强 (web/src/composables/useSystemState.js) - installSessionNavigation(): 调用 fetchBootstrapState 后设置运行时 API Base URL 9. Settings 视图增强 (web/src/views/SettingsView.vue) - API Key 输入框: 新增 @focus="clearModelSecretMask('xxx')" 清除遮罩 - 新增 .secret-bound-state 提示: 显示"已从数据库加密加载,测试会使用已保存密钥" 10. Settings 脚本增强 (web/src/views/scripts/SettingsView.js) - 新增 clearModelSecretMask(slot): 清除指定槽位的 API Key 遮罩状态 11. CSS 样式 (web/src/assets/styles/views/settings-view.css) - 新增 .secret-bound-state 样式: 显示数据库已加载密钥的提示样式
2026-05-08 11:14:04 +08:00
pageState.value = maskConfiguredModelSecrets(nextState)
persistSettings(pageState.value)
updateBrandPreviewFromState(pageState.value)
}
async function loadSettingsSnapshot() {
try {
const snapshot = await fetchSettings()
applyLoadedSnapshot(snapshot, { mergeDraft: true })
} catch (error) {
persistSettings(pageState.value)
updateBrandPreviewFromState(pageState.value)
toast(error.message || '无法加载已保存设置,继续使用当前会话草稿。')
}
}
function buildSettingsPayload() {
return {
companyForm: { ...pageState.value.companyForm },
adminForm: { ...pageState.value.adminForm },
feat: 重构模型配置存储与 API Key 加密管理 主要修改点: 1. 遗留密码格式兼容 (server/src/app/core/admin_secret.py) - 新增 legacy_admin_secret_to_password_hash(): 将旧版 admin secret 记录转换为标准 scrypt 哈希格式 2. Scrypt 密码验证增强 (server/src/app/core/security.py) - verify_password(): 新增 scrypt$ 前缀检测,分流到专用验证函数 - 新增 verify_scrypt_password(): 解析 scrypt$ 格式哈希并验证 3. 模型配置存储重构 (server/src/app/models/system_model_setting.py) - 新增 SystemModelSetting 模型(slot 为 PK) - 字段: slot, provider, model_name, endpoint, capability, priority, enabled, api_key_encrypted, created_at, updated_at 4. Settings Repository 扩展 (server/src/app/repositories/settings.py) - 新增 get_model_settings(): 获取所有模型配置 - 新增 get_model_setting(slot): 按 slot 获取单个模型配置 5. Settings Service 重构 (server/src/app/services/settings.py) - 新增 ModelSlotConfig dataclass: 封装单个模型槽位的配置属性 - 新增 MODEL_SLOT_CONFIGS 字典: main/backup/vlm/embedding 四个槽位配置 - 重构 save_model_settings(): 批量保存模型配置到 SystemModelSetting 表 - 新增 load_model_settings(): 从 SystemModelSetting 表加载所有模型配置 - read_settings(): 整合 legacy secrets 与新的 SystemModelSetting 表数据 - write_settings(): 拆分 model secrets 到 SystemModelSetting 表 - decrypt_model_secret(): 新增从数据库读取加密的 API Key 6. 数据库模型注册 (server/src/app/db/base.py) - 注册 SystemModelSetting 模型 7. 前端 API URL 智能解析 (web/src/services/api.js) - 新增 isLoopbackHost(): 判断是否为回环地址 - 新增 resolveBrowserReachableApiBaseUrl(): 当后端配置为回环地址但浏览器非回环时,自动替换为浏览器 host - 改进错误信息: "无法连接 FastAPI 后端服务,请确认后端已启动且浏览器可访问后端端口。" 8. 前端 Session 导航增强 (web/src/composables/useSystemState.js) - installSessionNavigation(): 调用 fetchBootstrapState 后设置运行时 API Base URL 9. Settings 视图增强 (web/src/views/SettingsView.vue) - API Key 输入框: 新增 @focus="clearModelSecretMask('xxx')" 清除遮罩 - 新增 .secret-bound-state 提示: 显示"已从数据库加密加载,测试会使用已保存密钥" 10. Settings 脚本增强 (web/src/views/scripts/SettingsView.js) - 新增 clearModelSecretMask(slot): 清除指定槽位的 API Key 遮罩状态 11. CSS 样式 (web/src/assets/styles/views/settings-view.css) - 新增 .secret-bound-state 样式: 显示数据库已加载密钥的提示样式
2026-05-08 11:14:04 +08:00
llmForm: buildLlmPayload(pageState.value.llmForm),
logForm: { ...pageState.value.logForm },
mailForm: { ...pageState.value.mailForm }
}
}
async function persistRemoteSettings(successMessage, options = {}) {
try {
const snapshot = await saveSettings(buildSettingsPayload())
applyLoadedSnapshot(snapshot, options)
toast(successMessage)
return true
} catch (error) {
toast(error.message || '设置保存失败,请稍后重试。')
return false
}
}
function activateSection(sectionId) {
activeSection.value = sectionId
}
function toggleBoolean(formKey, field) {
pageState.value[formKey][field] = !pageState.value[formKey][field]
}
function applyProviderPreset(testKey) {
const config = MODEL_TEST_CONFIGS[testKey]
const llmForm = pageState.value.llmForm
const provider = normalizeProviderValue(llmForm[config.providerKey], CUSTOM_OPENAI_PROVIDER)
llmForm[config.providerKey] = provider
llmForm[config.endpointKey] = getProviderEndpoint(provider)
}
function getModelTestState(testKey) {
return modelTestState.value[testKey] || { status: 'idle', message: '' }
}
function isModelTesting(testKey) {
return getModelTestState(testKey).status === 'testing'
}
function buildModelTestPayload(testKey) {
const config = MODEL_TEST_CONFIGS[testKey]
const llmForm = pageState.value.llmForm
feat: 重构模型配置存储与 API Key 加密管理 主要修改点: 1. 遗留密码格式兼容 (server/src/app/core/admin_secret.py) - 新增 legacy_admin_secret_to_password_hash(): 将旧版 admin secret 记录转换为标准 scrypt 哈希格式 2. Scrypt 密码验证增强 (server/src/app/core/security.py) - verify_password(): 新增 scrypt$ 前缀检测,分流到专用验证函数 - 新增 verify_scrypt_password(): 解析 scrypt$ 格式哈希并验证 3. 模型配置存储重构 (server/src/app/models/system_model_setting.py) - 新增 SystemModelSetting 模型(slot 为 PK) - 字段: slot, provider, model_name, endpoint, capability, priority, enabled, api_key_encrypted, created_at, updated_at 4. Settings Repository 扩展 (server/src/app/repositories/settings.py) - 新增 get_model_settings(): 获取所有模型配置 - 新增 get_model_setting(slot): 按 slot 获取单个模型配置 5. Settings Service 重构 (server/src/app/services/settings.py) - 新增 ModelSlotConfig dataclass: 封装单个模型槽位的配置属性 - 新增 MODEL_SLOT_CONFIGS 字典: main/backup/vlm/embedding 四个槽位配置 - 重构 save_model_settings(): 批量保存模型配置到 SystemModelSetting 表 - 新增 load_model_settings(): 从 SystemModelSetting 表加载所有模型配置 - read_settings(): 整合 legacy secrets 与新的 SystemModelSetting 表数据 - write_settings(): 拆分 model secrets 到 SystemModelSetting 表 - decrypt_model_secret(): 新增从数据库读取加密的 API Key 6. 数据库模型注册 (server/src/app/db/base.py) - 注册 SystemModelSetting 模型 7. 前端 API URL 智能解析 (web/src/services/api.js) - 新增 isLoopbackHost(): 判断是否为回环地址 - 新增 resolveBrowserReachableApiBaseUrl(): 当后端配置为回环地址但浏览器非回环时,自动替换为浏览器 host - 改进错误信息: "无法连接 FastAPI 后端服务,请确认后端已启动且浏览器可访问后端端口。" 8. 前端 Session 导航增强 (web/src/composables/useSystemState.js) - installSessionNavigation(): 调用 fetchBootstrapState 后设置运行时 API Base URL 9. Settings 视图增强 (web/src/views/SettingsView.vue) - API Key 输入框: 新增 @focus="clearModelSecretMask('xxx')" 清除遮罩 - 新增 .secret-bound-state 提示: 显示"已从数据库加密加载,测试会使用已保存密钥" 10. Settings 脚本增强 (web/src/views/scripts/SettingsView.js) - 新增 clearModelSecretMask(slot): 清除指定槽位的 API Key 遮罩状态 11. CSS 样式 (web/src/assets/styles/views/settings-view.css) - 新增 .secret-bound-state 样式: 显示数据库已加载密钥的提示样式
2026-05-08 11:14:04 +08:00
const apiKey = llmForm[config.apiKeyKey]
return {
provider: llmForm[config.providerKey],
model: llmForm[config.modelKey],
endpoint: llmForm[config.endpointKey],
feat: 重构模型配置存储与 API Key 加密管理 主要修改点: 1. 遗留密码格式兼容 (server/src/app/core/admin_secret.py) - 新增 legacy_admin_secret_to_password_hash(): 将旧版 admin secret 记录转换为标准 scrypt 哈希格式 2. Scrypt 密码验证增强 (server/src/app/core/security.py) - verify_password(): 新增 scrypt$ 前缀检测,分流到专用验证函数 - 新增 verify_scrypt_password(): 解析 scrypt$ 格式哈希并验证 3. 模型配置存储重构 (server/src/app/models/system_model_setting.py) - 新增 SystemModelSetting 模型(slot 为 PK) - 字段: slot, provider, model_name, endpoint, capability, priority, enabled, api_key_encrypted, created_at, updated_at 4. Settings Repository 扩展 (server/src/app/repositories/settings.py) - 新增 get_model_settings(): 获取所有模型配置 - 新增 get_model_setting(slot): 按 slot 获取单个模型配置 5. Settings Service 重构 (server/src/app/services/settings.py) - 新增 ModelSlotConfig dataclass: 封装单个模型槽位的配置属性 - 新增 MODEL_SLOT_CONFIGS 字典: main/backup/vlm/embedding 四个槽位配置 - 重构 save_model_settings(): 批量保存模型配置到 SystemModelSetting 表 - 新增 load_model_settings(): 从 SystemModelSetting 表加载所有模型配置 - read_settings(): 整合 legacy secrets 与新的 SystemModelSetting 表数据 - write_settings(): 拆分 model secrets 到 SystemModelSetting 表 - decrypt_model_secret(): 新增从数据库读取加密的 API Key 6. 数据库模型注册 (server/src/app/db/base.py) - 注册 SystemModelSetting 模型 7. 前端 API URL 智能解析 (web/src/services/api.js) - 新增 isLoopbackHost(): 判断是否为回环地址 - 新增 resolveBrowserReachableApiBaseUrl(): 当后端配置为回环地址但浏览器非回环时,自动替换为浏览器 host - 改进错误信息: "无法连接 FastAPI 后端服务,请确认后端已启动且浏览器可访问后端端口。" 8. 前端 Session 导航增强 (web/src/composables/useSystemState.js) - installSessionNavigation(): 调用 fetchBootstrapState 后设置运行时 API Base URL 9. Settings 视图增强 (web/src/views/SettingsView.vue) - API Key 输入框: 新增 @focus="clearModelSecretMask('xxx')" 清除遮罩 - 新增 .secret-bound-state 提示: 显示"已从数据库加密加载,测试会使用已保存密钥" 10. Settings 脚本增强 (web/src/views/scripts/SettingsView.js) - 新增 clearModelSecretMask(slot): 清除指定槽位的 API Key 遮罩状态 11. CSS 样式 (web/src/assets/styles/views/settings-view.css) - 新增 .secret-bound-state 样式: 显示数据库已加载密钥的提示样式
2026-05-08 11:14:04 +08:00
api_key: isModelSecretMask(apiKey) ? '' : apiKey,
capability: config.capability,
slot: testKey
}
}
feat: 重构模型配置存储与 API Key 加密管理 主要修改点: 1. 遗留密码格式兼容 (server/src/app/core/admin_secret.py) - 新增 legacy_admin_secret_to_password_hash(): 将旧版 admin secret 记录转换为标准 scrypt 哈希格式 2. Scrypt 密码验证增强 (server/src/app/core/security.py) - verify_password(): 新增 scrypt$ 前缀检测,分流到专用验证函数 - 新增 verify_scrypt_password(): 解析 scrypt$ 格式哈希并验证 3. 模型配置存储重构 (server/src/app/models/system_model_setting.py) - 新增 SystemModelSetting 模型(slot 为 PK) - 字段: slot, provider, model_name, endpoint, capability, priority, enabled, api_key_encrypted, created_at, updated_at 4. Settings Repository 扩展 (server/src/app/repositories/settings.py) - 新增 get_model_settings(): 获取所有模型配置 - 新增 get_model_setting(slot): 按 slot 获取单个模型配置 5. Settings Service 重构 (server/src/app/services/settings.py) - 新增 ModelSlotConfig dataclass: 封装单个模型槽位的配置属性 - 新增 MODEL_SLOT_CONFIGS 字典: main/backup/vlm/embedding 四个槽位配置 - 重构 save_model_settings(): 批量保存模型配置到 SystemModelSetting 表 - 新增 load_model_settings(): 从 SystemModelSetting 表加载所有模型配置 - read_settings(): 整合 legacy secrets 与新的 SystemModelSetting 表数据 - write_settings(): 拆分 model secrets 到 SystemModelSetting 表 - decrypt_model_secret(): 新增从数据库读取加密的 API Key 6. 数据库模型注册 (server/src/app/db/base.py) - 注册 SystemModelSetting 模型 7. 前端 API URL 智能解析 (web/src/services/api.js) - 新增 isLoopbackHost(): 判断是否为回环地址 - 新增 resolveBrowserReachableApiBaseUrl(): 当后端配置为回环地址但浏览器非回环时,自动替换为浏览器 host - 改进错误信息: "无法连接 FastAPI 后端服务,请确认后端已启动且浏览器可访问后端端口。" 8. 前端 Session 导航增强 (web/src/composables/useSystemState.js) - installSessionNavigation(): 调用 fetchBootstrapState 后设置运行时 API Base URL 9. Settings 视图增强 (web/src/views/SettingsView.vue) - API Key 输入框: 新增 @focus="clearModelSecretMask('xxx')" 清除遮罩 - 新增 .secret-bound-state 提示: 显示"已从数据库加密加载,测试会使用已保存密钥" 10. Settings 脚本增强 (web/src/views/scripts/SettingsView.js) - 新增 clearModelSecretMask(slot): 清除指定槽位的 API Key 遮罩状态 11. CSS 样式 (web/src/assets/styles/views/settings-view.css) - 新增 .secret-bound-state 样式: 显示数据库已加载密钥的提示样式
2026-05-08 11:14:04 +08:00
function clearModelSecretMask(testKey) {
const config = MODEL_TEST_CONFIGS[testKey]
if (isModelSecretMask(pageState.value.llmForm[config.apiKeyKey])) {
pageState.value.llmForm[config.apiKeyKey] = ''
}
}
async function testModelConnection(testKey) {
const config = MODEL_TEST_CONFIGS[testKey]
const payload = buildModelTestPayload(testKey)
if (!isModelConfigReady(payload.provider, payload.model, payload.endpoint)) {
const message = `请先完整填写${config.label}的供应商、模型名称和接口地址。`
modelTestState.value[testKey] = { status: 'error', message }
toast(message)
return
}
modelTestState.value[testKey] = { status: 'testing', message: '正在测试模型连通性...' }
try {
const result = await testModelConnectivity(payload)
modelTestState.value[testKey] = {
status: result.ok ? 'success' : 'error',
message: result.detail || (result.ok ? '模型连接成功。' : '模型连接失败。')
}
toast(modelTestState.value[testKey].message)
} catch (error) {
const message = error.message || '模型测试请求失败,请确认 FastAPI 已启动。'
modelTestState.value[testKey] = { status: 'error', message }
toast(message)
}
}
async function saveProfileSection() {
const companyForm = pageState.value.companyForm
if (!normalizeValue(companyForm.companyName)) {
toast('请输入企业名称。')
return
}
if (!normalizeValue(companyForm.displayName)) {
toast('请输入系统显示名称。')
return
}
if (!normalizeValue(companyForm.copyright)) {
toast('请输入版权信息。')
return
}
pageState.value.mailForm.senderName = normalizeValue(companyForm.displayName)
await persistRemoteSettings('企业信息已保存并应用到当前系统。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveMailPassword: true
})
}
async function saveAdminSection() {
const adminForm = pageState.value.adminForm
if (!normalizeValue(adminForm.adminAccount)) {
toast('请输入管理员账号。')
return
}
if (!normalizeValue(adminForm.adminEmail)) {
toast('请输入管理员邮箱。')
return
}
if (Number(adminForm.sessionTimeout) < 5) {
toast('会话超时时间不能少于 5 分钟。')
return
}
if (adminForm.newPassword) {
if (adminForm.newPassword.length < 5) {
toast('管理员密码至少需要 5 位。')
return
}
if (adminForm.newPassword !== adminForm.confirmPassword) {
toast('两次输入的管理员密码不一致。')
return
}
}
await persistRemoteSettings('管理员安全设置已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: false,
preserveMailPassword: true
})
}
async function saveLlmSection() {
const llmForm = pageState.value.llmForm
const modelConfigs = [
['主模型', llmForm.mainProvider, llmForm.mainModel, llmForm.mainEndpoint],
['备份模型', llmForm.backupProvider, llmForm.backupModel, llmForm.backupEndpoint],
['VLM 模型', llmForm.vlmProvider, llmForm.vlmModel, llmForm.vlmEndpoint],
['Embedding 模型', llmForm.embeddingProvider, llmForm.embeddingModel, llmForm.embeddingEndpoint]
]
for (const [label, provider, model, endpoint] of modelConfigs) {
if (!isModelConfigReady(provider, model, endpoint)) {
toast(`请完整填写${label}的供应商、模型名称和接口地址。`)
return
}
}
await persistRemoteSettings('模型配置已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveMailPassword: true
})
}
async function saveLogsSection() {
const logForm = pageState.value.logForm
if (!normalizeValue(logForm.level) || Number(logForm.retentionDays) <= 0) {
toast('请填写有效的日志级别和留存天数。')
return
}
if (!normalizeValue(logForm.logPath)) {
toast('请输入日志路径。')
return
}
await persistRemoteSettings('日志策略已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveMailPassword: true
})
}
async function saveMailSection() {
const mailForm = pageState.value.mailForm
if (!normalizeValue(mailForm.smtpHost) || Number(mailForm.port) <= 0) {
toast('请填写有效的 SMTP Host 和端口。')
return
}
if (!normalizeValue(mailForm.senderAddress) || !normalizeValue(mailForm.username)) {
toast('请填写发件人邮箱和 SMTP 登录账号。')
return
}
await persistRemoteSettings('邮箱配置已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveMailPassword: false
})
}
async function saveActiveSection() {
if (activeSection.value === 'profile') {
await saveProfileSection()
return
}
if (activeSection.value === 'admin') {
await saveAdminSection()
return
}
if (activeSection.value === 'llm') {
await saveLlmSection()
return
}
if (activeSection.value === 'logs') {
await saveLogsSection()
return
}
await saveMailSection()
}
onMounted(() => {
loadSettingsSnapshot()
})
return {
activeSection,
activeSectionConfig,
activateSection,
applyProviderPreset,
feat: 重构模型配置存储与 API Key 加密管理 主要修改点: 1. 遗留密码格式兼容 (server/src/app/core/admin_secret.py) - 新增 legacy_admin_secret_to_password_hash(): 将旧版 admin secret 记录转换为标准 scrypt 哈希格式 2. Scrypt 密码验证增强 (server/src/app/core/security.py) - verify_password(): 新增 scrypt$ 前缀检测,分流到专用验证函数 - 新增 verify_scrypt_password(): 解析 scrypt$ 格式哈希并验证 3. 模型配置存储重构 (server/src/app/models/system_model_setting.py) - 新增 SystemModelSetting 模型(slot 为 PK) - 字段: slot, provider, model_name, endpoint, capability, priority, enabled, api_key_encrypted, created_at, updated_at 4. Settings Repository 扩展 (server/src/app/repositories/settings.py) - 新增 get_model_settings(): 获取所有模型配置 - 新增 get_model_setting(slot): 按 slot 获取单个模型配置 5. Settings Service 重构 (server/src/app/services/settings.py) - 新增 ModelSlotConfig dataclass: 封装单个模型槽位的配置属性 - 新增 MODEL_SLOT_CONFIGS 字典: main/backup/vlm/embedding 四个槽位配置 - 重构 save_model_settings(): 批量保存模型配置到 SystemModelSetting 表 - 新增 load_model_settings(): 从 SystemModelSetting 表加载所有模型配置 - read_settings(): 整合 legacy secrets 与新的 SystemModelSetting 表数据 - write_settings(): 拆分 model secrets 到 SystemModelSetting 表 - decrypt_model_secret(): 新增从数据库读取加密的 API Key 6. 数据库模型注册 (server/src/app/db/base.py) - 注册 SystemModelSetting 模型 7. 前端 API URL 智能解析 (web/src/services/api.js) - 新增 isLoopbackHost(): 判断是否为回环地址 - 新增 resolveBrowserReachableApiBaseUrl(): 当后端配置为回环地址但浏览器非回环时,自动替换为浏览器 host - 改进错误信息: "无法连接 FastAPI 后端服务,请确认后端已启动且浏览器可访问后端端口。" 8. 前端 Session 导航增强 (web/src/composables/useSystemState.js) - installSessionNavigation(): 调用 fetchBootstrapState 后设置运行时 API Base URL 9. Settings 视图增强 (web/src/views/SettingsView.vue) - API Key 输入框: 新增 @focus="clearModelSecretMask('xxx')" 清除遮罩 - 新增 .secret-bound-state 提示: 显示"已从数据库加密加载,测试会使用已保存密钥" 10. Settings 脚本增强 (web/src/views/scripts/SettingsView.js) - 新增 clearModelSecretMask(slot): 清除指定槽位的 API Key 遮罩状态 11. CSS 样式 (web/src/assets/styles/views/settings-view.css) - 新增 .secret-bound-state 样式: 显示数据库已加载密钥的提示样式
2026-05-08 11:14:04 +08:00
clearModelSecretMask,
completedSectionCount,
getModelTestState,
isModelTesting,
logLevels,
modelTestState,
pageState,
providerOptions,
saveActiveSection,
sectionStatus,
sections,
testModelConnection,
toggleBoolean
}
}
}