Spaces:

CatPtain
/

VvvebJs

Paused

App Files Files Community

CatPtain commited on Jun 12, 2025

Commit

0c4efc3

verified ·

1 Parent(s): 85bc0da

Upload 7 files

Browse files

Files changed (7) hide show

.env.example +43 -0
README.md +71 -17
config.php +200 -132
github-user-test.html +185 -0
save.php +28 -3
storage.php +300 -1
user-manager.php +37 -109

.env.example ADDED Viewed

	@@ -0,0 +1,43 @@

+# VvvebJs Environment Configuration Template
+# Copy this file and configure your values in Hugging Face Space Settings
+# Authentication - REQUIRED
+USER_1_NAME=admin
+USER_1_PASSWORD=your_secure_password
+# Optional additional users (increment number for more users)
+USER_2_NAME=editor
+USER_2_PASSWORD=another_password
+# Storage Configuration
+STORAGE_TYPE=github
+# Options: 'github', 'kv', 'both'
+# GitHub Storage - RECOMMENDED
+GITHUB_TOKEN=ghp_your_github_personal_access_token
+GITHUB_OWNER=your_github_username
+GITHUB_REPO=your_repository_name
+GITHUB_BRANCH=main
+GITHUB_PATH=pages/
+# 🔄 NEW: GitHub User Management
+# With these GitHub settings configured, the system will:
+# 1. Store user registration data in: github.com/YOUR_OWNER/YOUR_REPO/system/users.json
+# 2. Load fresh user data from GitHub on every login
+# 3. Sync user data across multiple deployment instances
+# 4. Support user registration, login, password changes
+# 5. Maintain backward compatibility with environment variable users
+# EdgeOne KV Storage - OPTIONAL
+EDGEONE_KV_API_KEY=your_tencent_api_key
+EDGEONE_KV_SECRET_KEY=your_tencent_secret_key
+EDGEONE_KV_ZONE_ID=your_zone_id
+EDGEONE_KV_NAMESPACE=vvvebjs
+EDGEONE_KV_ENDPOINT=https://edgeone.tencentcloudapi.com
+# GitHub User Management Benefits:
+# ✅ Real-time data sync between instances
+# ✅ User data never lost (stored in Git)
+# ✅ Support for user registration and login
+# ✅ Encrypted password storage
+# ✅ Automatic user session management

README.md CHANGED Viewed

@@ -10,16 +10,29 @@ license: apache-2.0
 # VvvebJs - Visual Website Builder
-A drag & drop website builder with external storage support.
 ## Features
 - 🎨 Visual drag & drop interface
 - 📱 Bootstrap 5 components
 - 💾 GitHub & EdgeOne KV storage
-- 👥 Multi-user authentication
 - 🔄 Undo/Redo functionality
 ## Configuration
 Set these environment variables in Space Settings:
@@ -53,23 +66,64 @@ EDGEONE_KV_SECRET_KEY=your_secret_key
 EDGEONE_KV_ZONE_ID=your_zone_id
 ```
 ## Usage
-1. Access your Space URL
-2. Enter username/password (configured in environment variables)
-3. Create and edit pages using the visual editor
-4. Pages are automatically saved to external storage
-## Deployment
-This Space runs on Docker and includes:
-- PHP 8.3 with Apache
-- External storage support (GitHub/EdgeOne KV)
-- Multi-user authentication
-- Automatic fallback to local storage
-## Support
-- View configuration status at `/config.php`
-- Check deployment guide in `README-DEPLOY.md`
-- Report issues on GitHub

 # VvvebJs - Visual Website Builder
 ## Features
 - 🎨 Visual drag & drop interface
 - 📱 Bootstrap 5 components
 - 💾 GitHub & EdgeOne KV storage
+- 👥 GitHub-based user management with real-time sync
 - 🔄 Undo/Redo functionality
+## 🔄 New: GitHub User Management System
+**重要更新：** 系统现在支持基于GitHub的用户管理，确保用户数据在多个实例间实时同步。
+### 主要特性
+- ✅ **实时同步：** 每次登录都从GitHub仓库加载最新用户数据
+- ✅ **数据持久化：** 用户数据存储在GitHub仓库的 `system/users.json` 文件中
+- ✅ **多实例同步：** 多个部署实例间自动共享用户数据
+- ✅ **安全性：** 密码使用 PHP password_hash() 加密存储
+- ✅ **向下兼容：** 保持与原有环境变量用户系统的兼容性
+### 用户数据存储位置
+- **GitHub模式：** `https://github.com/YOUR_OWNER/YOUR_REPO/blob/main/system/users.json`
+- **环境变量模式：** 通过 `USER_1_NAME`、`USER_1_PASSWORD` 等环境变量配置
 ## Configuration
 Set these environment variables in Space Settings:
 EDGEONE_KV_ZONE_ID=your_zone_id
 ```
+## User Management Modes
+### 1. GitHub User Management (推荐)
+- 支持用户注册、登录、密码修改
+- 用户数据存储在GitHub仓库中
+- 多实例间自动同步
+- 访问 `login.html` 进行注册/登录
+### 2. Environment Variable Mode (基础模式)
+- 通过环境变量预配置用户
+- 使用Basic Authentication
+- 适合简单部署场景
 ## Usage
+1. Access the Space URL
+2. Choose login method:
+   - **GitHub Mode:** Visit `login.html` to register/login
+   - **Env Mode:** Use configured username/password
+3. Build your website visually
+4. Pages are saved to external storage automatically
+## Testing
+- Visit `github-user-test.html` to test GitHub user management features
+- Visit `config.php` to check system configuration and status
+- Visit `github-advanced-test.php` for advanced diagnostics
+## File Structure
+```
+system/
+└── users.json          # GitHub-managed user data
+users/
+├── username1/
+│   ├── page1.html
+│   └── page2.html
+└── username2/
+    ├── index.html
+    └── about.html
+```
+## Migration from Local User Data
+If you have existing local user data in `user-data/users.json`, the system will:
+1. Automatically detect the old format
+2. Continue to work with environment variables as fallback
+3. New registrations will use GitHub storage
+4. Contact administrator for data migration assistance
+## Development
+The system uses a hybrid approach:
+- **Priority 1:** GitHub user management for new features
+- **Fallback:** Environment variable authentication for compatibility
+- **Storage:** All user files stored with user isolation
+## License
+Apache License 2.0

config.php CHANGED Viewed

@@ -1,144 +1,212 @@
-<!DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1">
-    <title>VvvebJs - Configuration Status</title>
-    <link href="css/editor.css" rel="stylesheet">
     <style>
-        .config-panel { max-width: 800px; margin: 50px auto; padding: 20px; }
-        .status-item { padding: 10px; margin: 5px 0; border-radius: 5px; }
-        .status-ok { background: #d4edda; border: 1px solid #c3e6cb; color: #155724; }
-        .status-warning { background: #fff3cd; border: 1px solid #ffeaa7; color: #856404; }
-        .status-error { background: #f8d7da; border: 1px solid #f5c6cb; color: #721c24; }
-        /* Auto-redirect styles */
-        .auto-redirect {
-            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
-            color: white;
-            text-align: center;
-            padding: 20px;
-            margin: 20px 0;
-            border-radius: 10px;
-        }
-        .countdown { font-size: 2em; font-weight: bold; }
     </style>
 </head>
 <body>
-    <div class="config-panel">
-        <h1>VvvebJs Configuration Status</h1>
-        <?php
-        // Include the storage configuration classes
-        require_once __DIR__ . '/storage.php';
-        // Check configuration status
-        $configOk = true;
-        $errors = [];
-        echo '<h3>Authentication</h3>';
-        $users = StorageConfig::getUsers();
-        if (empty($users)) {
-            echo '<div class="status-item status-error">❌ No users configured. Please set USER_1_NAME and USER_1_PASSWORD environment variables.</div>';
-            $configOk = false;
-            $errors[] = 'No users configured';
-        } else {
-            echo '<div class="status-item status-ok">✅ ' . count($users) . ' user(s) configured</div>';
-            foreach ($users as $username => $password) {
-                echo '<div class="status-item status-ok">👤 User: ' . htmlspecialchars($username) . '</div>';
-            }
-        }
-        echo '<h3>Storage Configuration</h3>';
-        $storageType = StorageConfig::getStorageType();
-        echo '<div class="status-item status-ok">📁 Storage Type: ' . htmlspecialchars($storageType) . '</div>';
-        if (in_array($storageType, ['github', 'both'])) {
-            echo '<h4>GitHub Storage</h4>';
-            $github = StorageConfig::getGitHubConfig();
-            if (empty($github['token'])) {
-                echo '<div class="status-item status-error">❌ GitHub token not configured</div>';
-                $configOk = false;
-                $errors[] = 'GitHub token missing';
-            } else {
-                echo '<div class="status-item status-ok">✅ GitHub token configured</div>';
-            }
-            if (empty($github['owner']) || empty($github['repo'])) {
-                echo '<div class="status-item status-error">❌ GitHub owner/repo not configured</div>';
-                $configOk = false;
-                $errors[] = 'GitHub repository not configured';
-            } else {
-                echo '<div class="status-item status-ok">✅ Repository: ' . htmlspecialchars($github['owner']) . '/' . htmlspecialchars($github['repo']) . '</div>';
-                echo '<div class="status-item status-ok">🌿 Branch: ' . htmlspecialchars($github['branch']) . '</div>';
-                echo '<div class="status-item status-ok">��� Path: ' . htmlspecialchars($github['path']) . '</div>';
-            }
-        }
-        if (in_array($storageType, ['kv', 'both'])) {
-            echo '<h4>EdgeOne KV Storage</h4>';
-            $kv = StorageConfig::getKVConfig();
-            if (empty($kv['api_key'])) {
-                echo '<div class="status-item status-warning">⚠️ EdgeOne KV API key not configured</div>';
-            } else {
-                echo '<div class="status-item status-ok">✅ EdgeOne KV API key configured</div>';
-            }
-            if (empty($kv['zone_id'])) {
-                echo '<div class="status-item status-warning">⚠️ EdgeOne Zone ID not configured</div>';
-            } else {
-                echo '<div class="status-item status-ok">✅ Zone ID: ' . htmlspecialchars($kv['zone_id']) . '</div>';
-            }
-        }
-        // Auto-redirect if configuration is OK
-        if ($configOk) {
-            echo '<div class="auto-redirect">';
-            echo '<h3>🎉 配置完成！</h3>';
-            echo '<p>所有配置项检查通过，正在自动跳转到编辑器...</p>';
-            echo '<div class="countdown" id="countdown">3</div>';
-            echo '<p><a href="editor.html" style="color: white; text-decoration: underline;">立即进入编辑器</a></p>';
-            echo '</div>';
-            echo '<script>';
-            echo 'let count = 3;';
-            echo 'const countdown = document.getElementById("countdown");';
-            echo 'const timer = setInterval(() => {';
-            echo '  count--;';
-            echo '  countdown.textContent = count;';
-            echo '  if (count <= 0) {';
-            echo '    clearInterval(timer);';
-            echo '    window.location.href = "editor.html";';
-            echo '  }';
-            echo '}, 1000);';
-            echo '</script>';
-        } else {
-            echo '<h3>Environment Variables Reference</h3>';
-            echo '<div class="status-item status-warning">';
-            echo '<strong>Required for Authentication:</strong><br>';
-            echo 'USER_1_NAME, USER_1_PASSWORD<br>';
-            echo 'USER_2_NAME, USER_2_PASSWORD (optional)<br><br>';
-            echo '<strong>Required for GitHub Storage:</strong><br>';
-            echo 'GITHUB_TOKEN, GITHUB_OWNER, GITHUB_REPO<br><br>';
-            echo '<strong>Optional for EdgeOne KV:</strong><br>';
-            echo 'EDGEONE_KV_API_KEY, EDGEONE_KV_ZONE_ID<br>';
-            echo '</div>';
-            echo '<div style="margin-top: 30px;">';
-            echo '<a href="README-DEPLOY.md" class="btn btn-primary">📖 Deployment Guide</a>';
-            echo '</div>';
-        }
-        ?>
-        <?php if ($configOk): ?>
-        <div style="margin-top: 30px;">
-            <a href="editor.html" class="btn btn-primary">🚀 Launch Editor</a>
-            <a href="README-DEPLOY.md" class="btn btn-secondary">📖 Deployment Guide</a>
         </div>
-        <?php endif; ?>
     </div>
 </body>
 </html>

+<?php
+require_once __DIR__ . '/storage.php';
+// Try GitHub user management first
+$githubUserManager = new GitHubUserManager();
+$useGitHubAuth = true;
+// Check authentication - prioritize GitHub user management
+$authenticated = false;
+if ($githubUserManager->isLoggedIn()) {
+    $authenticated = true;
+} else {
+    // Fallback to environment variable authentication
+    if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
+        $users = StorageConfig::getUsers();
+        $username = $_SERVER['PHP_AUTH_USER'];
+        $password = $_SERVER['PHP_AUTH_PW'];
+        if (isset($users[$username]) && $users[$username] === $password) {
+            $authenticated = true;
+            $useGitHubAuth = false;
+        }
+    }
+}
+if (!$authenticated) {
+    header('WWW-Authenticate: Basic realm="VvvebJs Configuration"');
+    header('HTTP/1.0 401 Unauthorized');
+    die('Authentication required');
+}
+?><!DOCTYPE html>
 <html lang="en">
 <head>
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>VvvebJs Configuration</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
     <style>
+        .status-item { padding: 5px 10px; margin: 2px 0; border-radius: 3px; }
+        .status-ok { background-color: #d4edda; color: #155724; }
+        .status-error { background-color: #f8d7da; color: #721c24; }
+        .status-warning { background-color: #fff3cd; color: #856404; }
+        .config-section { margin-bottom: 30px; }
     </style>
 </head>
 <body>
+    <div class="container mt-4">
+        <div class="row">
+            <div class="col-md-12">
+                <h1>🔧 VvvebJs 配置状态</h1>
+                <!-- User Management Section -->
+                <div class="config-section">
+                    <h2>👥 用户管理系统</h2>
+                    <?php if ($useGitHubAuth): ?>
+                        <div class="status-item status-ok">✅ 使用 GitHub 用户管理 (推荐)</div>
+                        <div class="status-item status-ok">👤 当前用户: <?= htmlspecialchars($githubUserManager->getCurrentUser()) ?></div>
+                        <?php
+                        // Test GitHub user data loading
+                        try {
+                            $userList = $githubUserManager->getUserList();
+                            echo '<div class="status-item status-ok">📊 GitHub 用户数据: ' . count($userList) . ' 个用户</div>';
+                            foreach ($userList as $user) {
+                                echo '<div class="status-item status-ok">　└ ' . htmlspecialchars($user['username']) . ' (注册: ' . $user['created'] . ')</div>';
+                            }
+                        } catch (Exception $e) {
+                            echo '<div class="status-item status-error">❌ GitHub 用户数据加载失败: ' . htmlspecialchars($e->getMessage()) . '</div>';
+                        }
+                        ?>
+                        <div class="mt-3">
+                            <h4>💡 GitHub 用户管理优势</h4>
+                            <ul>
+                                <li>✅ 用户数据存储在 GitHub 仓库中，永不丢失</li>
+                                <li>✅ 多实例间自动同步用户数据</li>
+                                <li>✅ 每次登录都从 GitHub 加载最新数据</li>
+                                <li>✅ 支持用户注册、登录、密码修改等完整功能</li>
+                            </ul>
+                        </div>
+                    <?php else: ?>
+                        <div class="status-item status-warning">⚠️ 使用环境变量用户管理 (基础模式)</div>
+                        <?php
+                        $envUsers = StorageConfig::getUsers();
+                        if (!empty($envUsers)) {
+                            echo '<div class="status-item status-ok">✅ ' . count($envUsers) . ' 个环境变量用户</div>';
+                            foreach ($envUsers as $username => $password) {
+                                echo '<div class="status-item status-ok">👤 User: ' . htmlspecialchars($username) . '</div>';
+                            }
+                        } else {
+                            echo '<div class="status-item status-error">❌ 未找到用户配置</div>';
+                        }
+                        ?>
+                    <?php endif; ?>
+                </div>
+                <!-- Storage Configuration -->
+                <div class="config-section">
+                    <h2>💾 存储配置</h2>
+                    <?php
+                    $configOk = true;
+                    $errors = [];
+                    $storageType = StorageConfig::getStorageType();
+                    echo '<div class="status-item status-ok">📁 Storage Type: ' . htmlspecialchars($storageType) . '</div>';
+                    if (in_array($storageType, ['github', 'both'])) {
+                        echo '<h4>GitHub Storage</h4>';
+                        $github = StorageConfig::getGitHubConfig();
+                        if (empty($github['token'])) {
+                            echo '<div class="status-item status-error">❌ GitHub token not configured</div>';
+                            $configOk = false;
+                            $errors[] = 'GitHub token missing';
+                        } else {
+                            echo '<div class="status-item status-ok">✅ GitHub token configured</div>';
+                        }
+                        if (empty($github['owner']) || empty($github['repo'])) {
+                            echo '<div class="status-item status-error">❌ GitHub owner/repo not configured</div>';
+                            $configOk = false;
+                            $errors[] = 'GitHub repository not configured';
+                        } else {
+                            echo '<div class="status-item status-ok">✅ Repository: ' . htmlspecialchars($github['owner']) . '/' . htmlspecialchars($github['repo']) . '</div>';
+                            echo '<div class="status-item status-ok">🌿 Branch: ' . htmlspecialchars($github['branch']) . '</div>';
+                            echo '<div class="status-item status-ok">📂 Path: ' . htmlspecialchars($github['path']) . '</div>';
+                        }
+                    }
+                    if (in_array($storageType, ['kv', 'both'])) {
+                        echo '<h4>EdgeOne KV Storage</h4>';
+                        $kv = StorageConfig::getKVConfig();
+                        if (empty($kv['api_key'])) {
+                            echo '<div class="status-item status-warning">⚠️ EdgeOne KV API key not configured</div>';
+                        } else {
+                            echo '<div class="status-item status-ok">✅ EdgeOne KV configured</div>';
+                        }
+                    }
+                    ?>
+                </div>
+                <!-- System Status -->
+                <div class="config-section">
+                    <h2>⚙️ 系统状态</h2>
+                    <?php
+                    if ($configOk) {
+                        echo '<div class="status-item status-ok">✅ 系统配置正常</div>';
+                    } else {
+                        echo '<div class="status-item status-error">❌ 系统配置有问题</div>';
+                        foreach ($errors as $error) {
+                            echo '<div class="status-item status-error">　- ' . htmlspecialchars($error) . '</div>';
+                        }
+                    }
+                    // Test GitHub connectivity if configured
+                    if (!empty($github['token']) && !empty($github['owner']) && !empty($github['repo'])) {
+                        echo '<h4>🔗 GitHub 连接测试</h4>';
+                        try {
+                            $branchCheck = StorageConfig::checkGitHubBranch();
+                            if ($branchCheck['success']) {
+                                echo '<div class="status-item status-ok">✅ GitHub 连接正常</div>';
+                                echo '<div class="status-item status-ok">🌿 分支检查: ' . htmlspecialchars($branchCheck['message']) . '</div>';
+                            } else {
+                                echo '<div class="status-item status-error">❌ GitHub 连接失败: ' . htmlspecialchars($branchCheck['message']) . '</div>';
+                            }
+                        } catch (Exception $e) {
+                            echo '<div class="status-item status-error">❌ GitHub 测试异常: ' . htmlspecialchars($e->getMessage()) . '</div>';
+                        }
+                    }
+                    ?>
+                </div>
+                <!-- Quick Actions -->
+                <div class="config-section">
+                    <h2>🚀 快速操作</h2>
+                    <div class="row">
+                        <div class="col-md-4">
+                            <a href="editor.html" class="btn btn-primary btn-lg w-100">
+                                📝 启动编辑器
+                            </a>
+                        </div>
+                        <div class="col-md-4">
+                            <a href="login.html" class="btn btn-success btn-lg w-100">
+                                🔐 用户登录/注册
+                            </a>
+                        </div>
+                        <div class="col-md-4">
+                            <a href="github-advanced-test.php" class="btn btn-warning btn-lg w-100">
+                                🧪 高级诊断
+                            </a>
+                        </div>
+                    </div>
+                </div>
+                <!-- User Data Migration Notice -->
+                <?php if (file_exists(__DIR__ . '/user-data/users.json')): ?>
+                <div class="config-section">
+                    <div class="alert alert-info">
+                        <h4>📋 数据迁移提示</h4>
+                        <p>检测到本地用户数据文件 <code>user-data/users.json</code>。</p>
+                        <p>现在系统已升级为从 GitHub 仓库加载用户数据，确保多实例间数据同步。</p>
+                        <p>如需迁移现有用户数据，请联系管理员。</p>
+                    </div>
+                </div>
+                <?php endif; ?>
+            </div>
         </div>
     </div>
 </body>
 </html>

github-user-test.html ADDED Viewed

	@@ -0,0 +1,185 @@

+<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>GitHub 用户管理系统测试</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+    <style>
+        .test-result { margin: 10px 0; padding: 10px; border-radius: 5px; }
+        .test-success { background-color: #d4edda; color: #155724; border: 1px solid #c3e6cb; }
+        .test-error { background-color: #f8d7da; color: #721c24; border: 1px solid #f5c6cb; }
+        .test-info { background-color: #d1ecf1; color: #0c5460; border: 1px solid #bee5eb; }
+    </style>
+</head>
+<body>
+    <div class="container mt-4">
+        <h1>🧪 GitHub 用户管理系统测试</h1>
+        <p class="text-muted">此页面测试新的基于GitHub的用户数据同步功能</p>
+        <div id="test-results"></div>
+        <div class="mt-4">
+            <h3>🔧 测试操作</h3>
+            <div class="row">
+                <div class="col-md-6">
+                    <div class="card">
+                        <div class="card-header">
+                            <h5>📊 加载GitHub用户数据</h5>
+                        </div>
+                        <div class="card-body">
+                            <button class="btn btn-primary" onclick="testLoadUsers()">测试从GitHub加载用户</button>
+                            <div id="load-users-result" class="mt-2"></div>
+                        </div>
+                    </div>
+                </div>
+                <div class="col-md-6">
+                    <div class="card">
+                        <div class="card-header">
+                            <h5>✅ 登录状态检查</h5>
+                        </div>
+                        <div class="card-body">
+                            <button class="btn btn-success" onclick="checkLoginStatus()">检查当前登录状态</button>
+                            <div id="login-status-result" class="mt-2"></div>
+                        </div>
+                    </div>
+                </div>
+            </div>
+            <div class="row mt-3">
+                <div class="col-md-12">
+                    <div class="card">
+                        <div class="card-header">
+                            <h5>🔐 测试用户注册功能</h5>
+                        </div>
+                        <div class="card-body">
+                            <div class="row">
+                                <div class="col-md-4">
+                                    <input type="text" class="form-control" id="test-username" placeholder="测试用户名">
+                                </div>
+                                <div class="col-md-4">
+                                    <input type="password" class="form-control" id="test-password" placeholder="测试密码">
+                                </div>
+                                <div class="col-md-4">
+                                    <button class="btn btn-warning" onclick="testRegister()">测试注册</button>
+                                </div>
+                            </div>
+                            <div id="register-result" class="mt-2"></div>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+        <div class="mt-4">
+            <h3>📋 系统说明</h3>
+            <div class="alert alert-info">
+                <h5>🔄 新的GitHub用户管理特性：</h5>
+                <ul>
+                    <li><strong>实时同步：</strong> 每次登录都从GitHub仓库加载最新用户数据</li>
+                    <li><strong>数据持久化：</strong> 用户数据存储在 <code>system/users.json</code> 文件中</li>
+                    <li><strong>多实例同步：</strong> 多个部署实例间自动共享用户数据</li>
+                    <li><strong>安全性：</strong> 密码使用 PHP password_hash() 加密存储</li>
+                    <li><strong>无缝迁移：</strong> 保持与原有环境变量用户系统的兼容性</li>
+                </ul>
+            </div>
+        </div>
+    </div>
+    <script>
+        function showResult(elementId, message, type = 'info') {
+            const element = document.getElementById(elementId);
+            element.innerHTML = `<div class="test-result test-${type}">${message}</div>`;
+        }
+        async function testLoadUsers() {
+            showResult('load-users-result', '正在测试从GitHub加载用户数据...', 'info');
+            try {
+                const response = await fetch('user-manager.php', {
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'application/x-www-form-urlencoded',
+                    },
+                    body: 'action=get_user_list'
+                });
+                const result = await response.json();
+                if (result.success) {
+                    let message = `✅ 成功从GitHub加载 ${result.users.length} 个用户<br>`;
+                    result.users.forEach(user => {
+                        message += `　- ${user.username} (${user.created})<br>`;
+                    });
+                    showResult('load-users-result', message, 'success');
+                } else {
+                    showResult('load-users-result', `❌ 加载失败: ${result.message}`, 'error');
+                }
+            } catch (error) {
+                showResult('load-users-result', `❌ 网络错误: ${error.message}`, 'error');
+            }
+        }
+        async function checkLoginStatus() {
+            showResult('login-status-result', '正在检查登录状态...', 'info');
+            try {
+                const response = await fetch('user-manager.php', {
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'application/x-www-form-urlencoded',
+                    },
+                    body: 'action=check_login'
+                });
+                const result = await response.json();
+                if (result.logged_in) {
+                    showResult('login-status-result', `✅ 已登录用户: ${result.username}`, 'success');
+                } else {
+                    showResult('login-status-result', '❌ 当前未登录', 'info');
+                }
+            } catch (error) {
+                showResult('login-status-result', `❌ 检查失败: ${error.message}`, 'error');
+            }
+        }
+        async function testRegister() {
+            const username = document.getElementById('test-username').value;
+            const password = document.getElementById('test-password').value;
+            if (!username || !password) {
+                showResult('register-result', '❌ 请填写用户名和密码', 'error');
+                return;
+            }
+            showResult('register-result', '正在测试注册功能...', 'info');
+            try {
+                const response = await fetch('user-manager.php', {
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'application/x-www-form-urlencoded',
+                    },
+                    body: `action=register&username=${encodeURIComponent(username)}&password=${encodeURIComponent(password)}&email=test@example.com`
+                });
+                const result = await response.json();
+                if (result.success) {
+                    showResult('register-result', `✅ 注册成功: ${result.message}`, 'success');
+                } else {
+                    showResult('register-result', `❌ 注册失败: ${result.message}`, 'error');
+                }
+            } catch (error) {
+                showResult('register-result', `❌ 网络错误: ${error.message}`, 'error');
+            }
+        }
+        // 页面加载时自动检查登录状态
+        window.onload = function() {
+            checkLoginStatus();
+        };
+    </script>
+</body>
+</html>

save.php CHANGED Viewed

@@ -8,8 +8,7 @@ You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
@@ -20,8 +19,17 @@ https://github.com/givanz/VvvebJs
 // Include storage classes
 require_once __DIR__ . '/storage.php';
-// Authentication check
 function checkAuth() {
     if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
         header('WWW-Authenticate: Basic realm="VvvebJs"');
         header('HTTP/1.0 401 Unauthorized');
@@ -36,9 +44,26 @@ function checkAuth() {
         header('HTTP/1.0 401 Unauthorized');
         die('Invalid credentials');
     }
 }
 // Check authentication
 checkAuth();
 // Initialize storage manager

    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 // Include storage classes
 require_once __DIR__ . '/storage.php';
+// Authentication check using GitHub-based user management
 function checkAuth() {
+    // Try GitHub user management first
+    $githubUserManager = new GitHubUserManager();
+    // Check if user is logged in via session
+    if ($githubUserManager->isLoggedIn()) {
+        return true;
+    }
+    // Fallback to Basic Auth for environment variables
     if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
         header('WWW-Authenticate: Basic realm="VvvebJs"');
         header('HTTP/1.0 401 Unauthorized');
         header('HTTP/1.0 401 Unauthorized');
         die('Invalid credentials');
     }
+    return true;
 }
 // Check authentication
+$action = $_GET['action'] ?? $_POST['action'] ?? '';
+// Special handling for auth check
+if ($action === 'checkAuth') {
+    $githubUserManager = new GitHubUserManager();
+    if ($githubUserManager->isLoggedIn()) {
+        http_response_code(200);
+        echo json_encode(['authenticated' => true, 'user' => $githubUserManager->getCurrentUser()]);
+    } else {
+        http_response_code(401);
+        echo json_encode(['authenticated' => false]);
+    }
+    exit;
+}
 checkAuth();
 // Initialize storage manager

storage.php CHANGED Viewed

@@ -54,7 +54,7 @@ class StorageConfig {
         $safeUsername = preg_replace('/[^a-zA-Z0-9_-]/', '_', $username);
         return "users/{$safeUsername}/";
     }
     private static function makeGitHubRequest($url, $method = 'GET', $data = null) {
         $config = self::getGitHubConfig();
@@ -301,6 +301,305 @@ class StorageConfig {
     }
 }
 // External storage handlers
 class KVStorage {
     private $config;

         $safeUsername = preg_replace('/[^a-zA-Z0-9_-]/', '_', $username);
         return "users/{$safeUsername}/";
     }
     private static function makeGitHubRequest($url, $method = 'GET', $data = null) {
         $config = self::getGitHubConfig();
     }
 }
+// GitHub-based User Manager
+class GitHubUserManager {
+    private $config;
+    private $usersFilePath = 'system/users.json';
+    public function __construct() {
+        $this->config = StorageConfig::getGitHubConfig();
+        session_start();
+    }
+    /**
+     * Load user data from GitHub repository
+     */
+    private function loadUsersFromGitHub() {
+        if (empty($this->config['token']) || empty($this->config['owner']) || empty($this->config['repo'])) {
+            error_log("GitHub User Manager: Configuration incomplete");
+            return [];
+        }
+        $url = "https://api.github.com/repos/{$this->config['owner']}/{$this->config['repo']}/contents/{$this->usersFilePath}";
+        $result = $this->makeGitHubRequest($url, 'GET');
+        if ($result['http_code'] === 200) {
+            $fileData = json_decode($result['body'], true);
+            if (isset($fileData['content'])) {
+                $usersJson = base64_decode($fileData['content']);
+                $users = json_decode($usersJson, true);
+                if (json_last_error() === JSON_ERROR_NONE) {
+                    error_log("GitHub User Manager: Successfully loaded " . count($users) . " users from GitHub");
+                    return $users;
+                }
+            }
+        } elseif ($result['http_code'] === 404) {
+            // Users file doesn't exist yet, create empty structure
+            error_log("GitHub User Manager: Users file not found, will create on first registration");
+            return [];
+        }
+        error_log("GitHub User Manager: Failed to load users from GitHub. HTTP Code: " . $result['http_code']);
+        return [];
+    }
+    /**
+     * Save user data to GitHub repository
+     */
+    private function saveUsersToGitHub($users) {
+        if (empty($this->config['token']) || empty($this->config['owner']) || empty($this->config['repo'])) {
+            return false;
+        }
+        $url = "https://api.github.com/repos/{$this->config['owner']}/{$this->config['repo']}/contents/{$this->usersFilePath}";
+        // Get current file SHA if exists
+        $fileResult = $this->makeGitHubRequest($url, 'GET');
+        $sha = null;
+        $isUpdate = false;
+        if ($fileResult['http_code'] === 200) {
+            $fileData = json_decode($fileResult['body'], true);
+            $sha = $fileData['sha'] ?? null;
+            $isUpdate = true;
+        }
+        $usersJson = json_encode($users, JSON_PRETTY_PRINT);
+        $commitData = [
+            'message' => $isUpdate ? 'Update user data' : 'Create user data file',
+            'content' => base64_encode($usersJson),
+            'branch' => $this->config['branch']
+        ];
+        if ($sha) {
+            $commitData['sha'] = $sha;
+        }
+        $result = $this->makeGitHubRequest($url, 'PUT', $commitData);
+        if (in_array($result['http_code'], [200, 201])) {
+            error_log("GitHub User Manager: Successfully saved users to GitHub");
+            return true;
+        } else {
+            error_log("GitHub User Manager: Failed to save users to GitHub. HTTP Code: " . $result['http_code']);
+            return false;
+        }
+    }
+    /**
+     * Register a new user
+     */
+    public function registerUser($username, $password, $email = '') {
+        // Load current users from GitHub
+        $users = $this->loadUsersFromGitHub();
+        // Check if user already exists
+        if (isset($users[$username])) {
+            return ['success' => false, 'message' => 'User already exists'];
+        }
+        // Validate username
+        if (!preg_match('/^[a-zA-Z0-9_-]+$/', $username) || strlen($username) < 3) {
+            return ['success' => false, 'message' => 'Username must be at least 3 characters and contain only letters, numbers, underscore, and dash'];
+        }
+        // Hash password
+        $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
+        // Add user
+        $users[$username] = [
+            'password' => $hashedPassword,
+            'email' => $email,
+            'created' => date('Y-m-d H:i:s'),
+            'last_login' => null
+        ];
+        // Save to GitHub
+        if ($this->saveUsersToGitHub($users)) {
+            return ['success' => true, 'message' => 'User registered successfully'];
+        } else {
+            return ['success' => false, 'message' => 'Failed to save user data to GitHub'];
+        }
+    }
+    /**
+     * Login user
+     */
+    public function loginUser($username, $password) {
+        // Always load fresh user data from GitHub on login
+        $users = $this->loadUsersFromGitHub();
+        if (!isset($users[$username])) {
+            return ['success' => false, 'message' => 'User not found'];
+        }
+        if (password_verify($password, $users[$username]['password'])) {
+            $_SESSION['username'] = $username;
+            $_SESSION['logged_in'] = true;
+            // Update last login time
+            $users[$username]['last_login'] = date('Y-m-d H:i:s');
+            $this->saveUsersToGitHub($users);
+            return ['success' => true, 'message' => 'Login successful'];
+        } else {
+            return ['success' => false, 'message' => 'Invalid password'];
+        }
+    }
+    /**
+     * Logout user
+     */
+    public function logoutUser() {
+        session_destroy();
+        return ['success' => true, 'message' => 'Logged out successfully'];
+    }
+    /**
+     * Check if user is logged in
+     */
+    public function isLoggedIn() {
+        return isset($_SESSION['logged_in']) && $_SESSION['logged_in'] === true;
+    }
+    /**
+     * Get current logged in user
+     */
+    public function getCurrentUser() {
+        if ($this->isLoggedIn()) {
+            return $_SESSION['username'];
+        }
+        return null;
+    }
+    /**
+     * Require login
+     */
+    public function requireLogin() {
+        if (!$this->isLoggedIn()) {
+            header('Location: login.html');
+            exit;
+        }
+    }
+    /**
+     * Get user list (fresh from GitHub)
+     */
+    public function getUserList() {
+        $users = $this->loadUsersFromGitHub();
+        $userList = [];
+        foreach ($users as $username => $data) {
+            $userList[] = [
+                'username' => $username,
+                'email' => $data['email'],
+                'created' => $data['created'],
+                'last_login' => $data['last_login']
+            ];
+        }
+        return $userList;
+    }
+    /**
+     * Update user profile
+     */
+    public function updateUserProfile($username, $updates) {
+        $users = $this->loadUsersFromGitHub();
+        if (!isset($users[$username])) {
+            return ['success' => false, 'message' => 'User not found'];
+        }
+        // Update allowed fields
+        $allowedFields = ['email'];
+        foreach ($allowedFields as $field) {
+            if (isset($updates[$field])) {
+                $users[$username][$field] = $updates[$field];
+            }
+        }
+        // Update modified timestamp
+        $users[$username]['modified'] = date('Y-m-d H:i:s');
+        if ($this->saveUsersToGitHub($users)) {
+            return ['success' => true, 'message' => 'Profile updated successfully'];
+        } else {
+            return ['success' => false, 'message' => 'Failed to update profile'];
+        }
+    }
+    /**
+     * Change user password
+     */
+    public function changePassword($username, $oldPassword, $newPassword) {
+        $users = $this->loadUsersFromGitHub();
+        if (!isset($users[$username])) {
+            return ['success' => false, 'message' => 'User not found'];
+        }
+        // Verify old password
+        if (!password_verify($oldPassword, $users[$username]['password'])) {
+            return ['success' => false, 'message' => 'Invalid current password'];
+        }
+        // Update password
+        $users[$username]['password'] = password_hash($newPassword, PASSWORD_DEFAULT);
+        $users[$username]['modified'] = date('Y-m-d H:i:s');
+        if ($this->saveUsersToGitHub($users)) {
+            return ['success' => true, 'message' => 'Password changed successfully'];
+        } else {
+            return ['success' => false, 'message' => 'Failed to change password'];
+        }
+    }
+    /**
+     * Make GitHub API request
+     */
+    private function makeGitHubRequest($url, $method = 'GET', $data = null) {
+        $headers = [
+            'Authorization: token ' . $this->config['token'],
+            'Accept: application/vnd.github.v3+json',
+            'User-Agent: VvvebJs-UserManager/1.0',
+            'Content-Type: application/json'
+        ];
+        $contextOptions = [
+            'http' => [
+                'method' => $method,
+                'header' => implode("\r\n", $headers),
+                'ignore_errors' => true,
+                'timeout' => 30
+            ]
+        ];
+        if ($data && in_array($method, ['POST', 'PUT', 'PATCH'])) {
+            $contextOptions['http']['content'] = json_encode($data);
+        }
+        $context = stream_context_create($contextOptions);
+        $response = @file_get_contents($url, false, $context);
+        $httpCode = 0;
+        if (isset($http_response_header)) {
+            foreach ($http_response_header as $header) {
+                if (preg_match('/HTTP\/\d\.\d\s+(\d+)/', $header, $matches)) {
+                    $httpCode = (int)$matches[1];
+                    break;
+                }
+            }
+        }
+        return [
+            'body' => $response,
+            'http_code' => $httpCode,
+            'headers' => $http_response_header ?? [],
+            'error' => $response === false ? 'Request failed' : null
+        ];
+    }
+}
 // External storage handlers
 class KVStorage {
     private $config;

user-manager.php CHANGED Viewed

@@ -1,119 +1,13 @@
 <?php
-session_start();
-class UserManager {
-    private $usersFile = 'users.json';
-    public function __construct() {
-        if (!file_exists($this->usersFile)) {
-            file_put_contents($this->usersFile, json_encode([]));
-        }
-    }
-    public function registerUser($username, $password, $email = '') {
-        $users = $this->getUsers();
-        // Check if user already exists
-        if (isset($users[$username])) {
-            return ['success' => false, 'message' => 'User already exists'];
-        }
-        // Validate username
-        if (!preg_match('/^[a-zA-Z0-9_-]+$/', $username) || strlen($username) < 3) {
-            return ['success' => false, 'message' => 'Username must be at least 3 characters and contain only letters, numbers, underscore, and dash'];
-        }
-        // Hash password
-        $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
-        // Add user
-        $users[$username] = [
-            'password' => $hashedPassword,
-            'email' => $email,
-            'created' => date('Y-m-d H:i:s'),
-            'last_login' => null
-        ];
-        if ($this->saveUsers($users)) {
-            return ['success' => true, 'message' => 'User registered successfully'];
-        } else {
-            return ['success' => false, 'message' => 'Failed to save user data'];
-        }
-    }
-    public function loginUser($username, $password) {
-        $users = $this->getUsers();
-        if (!isset($users[$username])) {
-            return ['success' => false, 'message' => 'User not found'];
-        }
-        if (password_verify($password, $users[$username]['password'])) {
-            $_SESSION['username'] = $username;
-            $_SESSION['logged_in'] = true;
-            // Update last login
-            $users[$username]['last_login'] = date('Y-m-d H:i:s');
-            $this->saveUsers($users);
-            return ['success' => true, 'message' => 'Login successful'];
-        } else {
-            return ['success' => false, 'message' => 'Invalid password'];
-        }
-    }
-    public function logoutUser() {
-        session_destroy();
-        return ['success' => true, 'message' => 'Logged out successfully'];
-    }
-    public function isLoggedIn() {
-        return isset($_SESSION['logged_in']) && $_SESSION['logged_in'] === true;
-    }
-    public function getCurrentUser() {
-        if ($this->isLoggedIn()) {
-            return $_SESSION['username'];
-        }
-        return null;
-    }
-    public function requireLogin() {
-        if (!$this->isLoggedIn()) {
-            header('Location: login.html');
-            exit;
-        }
-    }
-    private function getUsers() {
-        $content = file_get_contents($this->usersFile);
-        return json_decode($content, true) ?: [];
-    }
-    private function saveUsers($users) {
-        return file_put_contents($this->usersFile, json_encode($users, JSON_PRETTY_PRINT)) !== false;
-    }
-    public function getUserList() {
-        $users = $this->getUsers();
-        $userList = [];
-        foreach ($users as $username => $data) {
-            $userList[] = [
-                'username' => $username,
-                'email' => $data['email'],
-                'created' => $data['created'],
-                'last_login' => $data['last_login']
-            ];
-        }
-        return $userList;
-    }
-}
 // Handle AJAX requests
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     header('Content-Type: application/json');
-    $userManager = new UserManager();
     $action = $_POST['action'] ?? '';
     switch ($action) {
@@ -141,6 +35,40 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
             ]);
             break;
         default:
             echo json_encode(['success' => false, 'message' => 'Invalid action']);
     }

 <?php
+require_once __DIR__ . '/storage.php';
+// Use GitHub-based user management
+$userManager = new GitHubUserManager();
 // Handle AJAX requests
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     header('Content-Type: application/json');
     $action = $_POST['action'] ?? '';
     switch ($action) {
             ]);
             break;
+        case 'update_profile':
+            if (!$userManager->isLoggedIn()) {
+                echo json_encode(['success' => false, 'message' => 'Not logged in']);
+                break;
+            }
+            $username = $userManager->getCurrentUser();
+            $updates = [
+                'email' => $_POST['email'] ?? ''
+            ];
+            echo json_encode($userManager->updateUserProfile($username, $updates));
+            break;
+        case 'change_password':
+            if (!$userManager->isLoggedIn()) {
+                echo json_encode(['success' => false, 'message' => 'Not logged in']);
+                break;
+            }
+            $username = $userManager->getCurrentUser();
+            $oldPassword = $_POST['old_password'] ?? '';
+            $newPassword = $_POST['new_password'] ?? '';
+            echo json_encode($userManager->changePassword($username, $oldPassword, $newPassword));
+            break;
+        case 'get_user_list':
+            if (!$userManager->isLoggedIn()) {
+                echo json_encode(['success' => false, 'message' => 'Not logged in']);
+                break;
+            }
+            echo json_encode([
+                'success' => true,
+                'users' => $userManager->getUserList()
+            ]);
+            break;
         default:
             echo json_encode(['success' => false, 'message' => 'Invalid action']);
     }