From 3eba15838790b8c1533e84499e5b314cad5e500b Mon Sep 17 00:00:00 2001
From: shaw <shaw-wei@foxmail.com>
Date: Fri, 25 Jul 2025 15:30:50 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E7=AE=A1=E7=90=86?=
 =?UTF-8?q?=E5=91=98=E7=99=BB=E5=BD=95=E5=9C=A8Redis=E7=BC=93=E5=AD=98?=
 =?UTF-8?q?=E5=A4=B1=E6=95=88=E5=90=8E=E6=97=A0=E6=B3=95=E7=99=BB=E5=BD=95?=
 =?UTF-8?q?=E7=9A=84=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 在登录时如果Redis中没有管理员凭据，自动从init.json重新加载
- 重新加载时不设置过期时间，避免24小时后再次失效
- 保持init.json作为唯一真实数据源的设计原则

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 src/routes/web.js | 40 +++++++++++++++++++++++++++++++++++-----
 1 file changed, 35 insertions(+), 5 deletions(-)

diff --git a/src/routes/web.js b/src/routes/web.js
index eac589b2..8e229363 100644
--- a/src/routes/web.js
+++ b/src/routes/web.js
@@ -72,13 +72,43 @@ router.post('/auth/login', async (req, res) => {
     }
 
     // 从Redis获取管理员信息
-    const adminData = await redis.getSession('admin_credentials');
+    let adminData = await redis.getSession('admin_credentials');
     
+    // 如果Redis中没有管理员凭据，尝试从init.json重新加载
     if (!adminData || Object.keys(adminData).length === 0) {
-      return res.status(401).json({
-        error: 'Invalid credentials',
-        message: 'Invalid username or password'
-      });
+      const initFilePath = path.join(__dirname, '../../data/init.json');
+      
+      if (fs.existsSync(initFilePath)) {
+        try {
+          const initData = JSON.parse(fs.readFileSync(initFilePath, 'utf8'));
+          const saltRounds = 10;
+          const passwordHash = await bcrypt.hash(initData.adminPassword, saltRounds);
+          
+          adminData = {
+            username: initData.adminUsername,
+            passwordHash: passwordHash,
+            createdAt: initData.initializedAt || new Date().toISOString(),
+            lastLogin: null,
+            updatedAt: initData.updatedAt || null
+          };
+          
+          // 重新存储到Redis，不设置过期时间
+          await redis.getClient().hset('session:admin_credentials', adminData);
+          
+          logger.info('✅ Admin credentials reloaded from init.json');
+        } catch (error) {
+          logger.error('❌ Failed to reload admin credentials:', error);
+          return res.status(401).json({
+            error: 'Invalid credentials',
+            message: 'Invalid username or password'
+          });
+        }
+      } else {
+        return res.status(401).json({
+          error: 'Invalid credentials',
+          message: 'Invalid username or password'
+        });
+      }
     }
 
     // 验证用户名和密码