update

.clinerules

@@ -0,0 +1,146 @@
+# 自定义指令
+CUSTOM_INSTRUCTIONS = """
+# 自动激活conda环境
+# 在每次会话开始时，自动检查当前conda环境。如果不是 'airs'，则激活它。
+# 这确保了所有后续的Python相关命令都在正确的环境中执行。
+if [ -z "$CONDA_DEFAULT_ENV" ] || [ "$CONDA_DEFAULT_ENV" != "airs" ]; then
+    conda activate airs
+fi
+# ~/airs/superproxy/solutions目录用于存储项目下所有解决方案，其中 ~ 表示当前系统用户的主目录。
+"""
+
+
+---
+description: Describes Cline's Memory Bank system, its structure, and workflows for maintaining project knowledge across sessions.
+author: https://github.com/nickbaumann98
+version: 1.0
+tags: ["memory-bank", "knowledge-base", "core-behavior", "documentation-protocol"]
+globs: ["memory-bank/**/*.md", "*"]
+---
+# Cline's Memory Bank
+
+My memory resets completely between sessions. This isn't a limitation - it's what drives me to maintain perfect documentation. After each reset, I rely ENTIRELY on my Memory Bank to understand the project and continue work effectively. I MUST read ALL memory bank files at the start of EVERY task - this is not optional.
+
+## Memory Bank Structure
+
+The Memory Bank consists of core files and optional context files, all in Markdown format. Files build upon each other in a clear hierarchy:
+
+```mermaid
+flowchart TD
+    PB[projectBrief.md] --> PC[productContext.md]
+    PB --> SP[systemPatterns.md]
+    PB --> TC[techContext.md]
+    
+    PC --> AC[activeContext.md]
+    SP --> AC
+    TC --> AC
+    
+    AC --> P[progress.md]
+```
+
+### Core Files (Required)
+1. `projectBrief.md`
+   - Foundation document that shapes all other files
+   - Created at project start if it doesn't exist
+   - Defines core requirements and goals
+   - Source of truth for project scope
+
+2. `productContext.md`
+   - Why this project exists
+   - Problems it solves
+   - How it should work
+   - User experience goals
+
+3. `activeContext.md`
+   - Current work focus
+   - Recent changes
+   - Next steps
+   - Active decisions and considerations
+   - Important patterns and preferences
+   - Learnings and project insights
+
+4. `systemPatterns.md`
+   - System architecture
+   - Key technical decisions
+   - Design patterns in use
+   - Component relationships
+   - Critical implementation paths
+
+5. `techContext.md`
+   - Technologies used
+   - Development setup
+   - Technical constraints
+   - Dependencies
+   - Tool usage patterns
+
+6. `progress.md`
+   - What works
+   - What's left to build
+   - Current status
+   - Known issues
+   - Evolution of project decisions
+
+### Additional Context
+Create additional files/folders within memory-bank/ when they help organize:
+- Complex feature documentation
+- Integration specifications
+- API documentation
+- Testing strategies
+- Deployment procedures
+
+## Core Workflows
+
+### Plan Mode
+```mermaid
+flowchart TD
+    Start[Start] --> ReadFiles[Read Memory Bank]
+    ReadFiles --> CheckFiles{Files Complete?}
+    
+    CheckFiles -->|No| Plan[Create Plan]
+    Plan --> Document[Document in Chat]
+    
+    CheckFiles -->|Yes| Verify[Verify Context]
+    Verify --> Strategy[Develop Strategy]
+    Strategy --> Present[Present Approach]
+```
+
+### Act Mode
+```mermaid
+flowchart TD
+    Start[Start] --> Context[Check Memory Bank]
+    Context --> Update[Update Documentation]
+    Update --> Execute[Execute Task]
+    Execute --> Document[Document Changes]
+```
+
+## Documentation Updates
+
+Memory Bank updates occur when:
+1. Discovering new project patterns
+2. After implementing significant changes
+3. When user requests with **update memory bank** (MUST review ALL files)
+4. When context needs clarification
+
+```mermaid
+flowchart TD
+    Start[Update Process]
+    
+    subgraph Process
+        P1[Review ALL Files]
+        P2[Document Current State]
+        P3[Clarify Next Steps]
+        P4[Document Insights & Patterns]
+        
+        P1 --> P2 --> P3 --> P4
+    end
+    
+    Start --> Process
+```
+
+Note: When triggered by **update memory bank**, I MUST review every memory bank file, even if some don't require updates. Focus particularly on activeContext.md and progress.md as they track current state.
+
+REMEMBER: After every memory reset, I begin completely fresh. The Memory Bank is my only link to previous work. It must be maintained with precision and clarity, as my effectiveness depends entirely on its accuracy.
+
+
+# 自动批准规则
+AUTO_APPROVE = true

.env

@@ -0,0 +1,12 @@
+SUPABASE_URL="https://fmipexqcxsopbffjdfur.supabase.co"
+SUPABASE_ANON_KEY="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImZtaXBleHFjeHNvcGJmZmpkZnVyIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NDcyMzczNjQsImV4cCI6MjA2MjgxMzM2NH0.2RthX7FX6BnU90N3GOlvIR94dFViwqFo27kKeTO7NBc"
+SUPABASE_SERVICE_ROLE_KEY="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImZtaXBleHFjeHNvcGJmZmpkZnVyIiwicm9sZSI6InNlcnZpY2Vfcm9sZSIsImlhdCI6MTc0NzIzNzM2NCwiZXhwIjoyMDYyODEzMzY0fQ.AHj-C3YH4jQytRd1-ikLOeSrDZErvqMZPYLCHfyUGS4"
+
+
+JWT_SECRET_KEY="asdlfjnljflasdjf8796dfad8c7a9dsc"
+SMTP_SERVER="smtp.qq.com"
+SMTP_PORT=465 # 或 465，取决于您的SMTP服务
+SMTP_USERNAME="airs.ltd@qq.com"
+SMTP_PASSWORD="wxrowbdsaqyebhcd"
+SENDER_EMAIL="airs.ltd@qq.com"
+SENDER_NAME="SuperProxy Support" # 可选，发件人名称

.gitignore

@@ -0,0 +1,3 @@
+**/__pycache__/
+**/__images__/
+.DS_Store

Dockerfile

@@ -0,0 +1,16 @@
+# Read the doc: https://huggingface.co/docs/hub/spaces-sdks-docker
+# you will also find guides on how best to write your Dockerfile
+
+FROM python:3.12
+
+RUN useradd -m -u 1000 user
+USER user
+ENV PATH="/home/user/.local/bin:$PATH"
+
+WORKDIR /app
+
+COPY --chown=user ./requirements.txt requirements.txt
+RUN pip install --no-cache-dir --upgrade -r requirements.txt
+
+COPY --chown=user . /app
+CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "7860"]

app.py

@@ -0,0 +1,67 @@
+# uvicorn app:app --host 0.0.0.0 --port 7860 --reload
+
+import os
+import sys # Import sys
+from fastapi import FastAPI
+from fastapi.responses import HTMLResponse
+from fastapi.staticfiles import StaticFiles
+
+# Optional: Import python-multipart to ensure it's loaded
+try:
+    import python_multipart
+except ImportError:
+    print("Warning: python-multipart is not installed. File uploads may fail.")
+
+from routes import auth, api_keys, proxies, admin # Import admin router
+
+# Environment check: Ensure we are running in the correct Conda environment
+# This helps catch issues where uvicorn might be using a different python interpreter
+conda_prefix = os.environ.get("CONDA_PREFIX")
+if conda_prefix:
+    expected_python_path = os.path.join(conda_prefix, "bin", "python")
+    if sys.executable != expected_python_path:
+        print(f"Warning: Python interpreter is not from the expected Conda environment 'airs'.")
+        print(f"Expected: {expected_python_path}")
+        print(f"Actual: {sys.executable}")
+        # Optionally, you could raise an exception here to prevent startup in wrong environment
+        # raise RuntimeError("Incorrect Python environment detected. Please activate 'airs' conda environment.")
+else:
+    print("Warning: CONDA_PREFIX environment variable not set. Cannot verify Conda environment.")
+
+# Initialize FastAPI app
+app = FastAPI()
+
+# Mount static files
+app.mount("/static", StaticFiles(directory="static"), name="static")
+
+# Include routers
+app.include_router(auth.router, prefix="/api/auth", tags=["auth"])
+app.include_router(api_keys.router, prefix="/api/user", tags=["api_keys"])
+app.include_router(proxies.router, prefix="/api/proxies", tags=["proxies"])
+app.include_router(admin.router, prefix="/api/admin", tags=["admin"]) # Include admin router
+
+# Root and HTML routes
+@app.get("/", response_class=HTMLResponse)
+async def read_root():
+    with open("static/index.html", "r") as f:
+        return f.read()
+
+@app.get("/login", response_class=HTMLResponse)
+async def read_login():
+    with open("static/login.html", "r") as f:
+        return f.read()
+
+@app.get("/reset-password", response_class=HTMLResponse)
+async def read_reset_password():
+    with open("static/reset-password.html", "r") as f:
+        return f.read()
+
+@app.get("/signup", response_class=HTMLResponse)
+async def read_signup():
+    with open("static/signup.html", "r") as f:
+        return f.read()
+
+@app.get("/admin", response_class=HTMLResponse)
+async def read_admin():
+    with open("static/admin.html", "r") as f:
+        return f.read()

core/config.py

@@ -0,0 +1,30 @@
+import os
+import secrets
+from dotenv import load_dotenv
+
+load_dotenv() # 加载 .env 文件中的环境变量
+
+# Supabase Configuration
+SUPABASE_URL = os.environ.get("SUPABASE_URL")
+SUPABASE_ANON_KEY = os.environ.get("SUPABASE_ANON_KEY")
+SUPABASE_SERVICE_ROLE_KEY = os.environ.get("SUPABASE_SERVICE_ROLE_KEY")
+
+if not SUPABASE_URL or not SUPABASE_ANON_KEY:
+    raise ValueError("Supabase URL and Anon Key must be set as environment variables.")
+
+# JWT Configuration
+SECRET_KEY = os.environ.get("JWT_SECRET_KEY", secrets.token_urlsafe(32))
+ALGORITHM = "HS256"
+ACCESS_TOKEN_EXPIRE_MINUTES = 30
+VERIFICATION_CODE_EXPIRE_MINUTES = 5 # 邮箱验证码有效期，单位：分钟
+
+# Email Configuration (for custom password reset)
+SMTP_SERVER = os.environ.get("SMTP_SERVER")
+SMTP_PORT = int(os.environ.get("SMTP_PORT", 465)) # Changed default to 465 for SMTP_SSL
+SMTP_USERNAME = os.environ.get("SMTP_USERNAME")
+SMTP_PASSWORD = os.environ.get("SMTP_PASSWORD")
+SENDER_EMAIL = os.environ.get("SENDER_EMAIL")
+SENDER_NAME = os.environ.get("SENDER_NAME", "SuperProxy Support")
+
+if not all([SMTP_SERVER, SMTP_USERNAME, SMTP_PASSWORD, SENDER_EMAIL]):
+    print("Warning: SMTP server details not fully configured. Password reset emails may not work.")

core/dependencies.py

@@ -0,0 +1,141 @@
+from typing import Optional
+from fastapi import HTTPException, Depends, status
+from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials, APIKeyHeader
+from supabase import create_client, Client
+import jwt
+
+from typing import Optional
+from fastapi import HTTPException, Depends, status
+from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials, APIKeyHeader
+from supabase import create_client, Client
+import jwt
+
+from core.config import SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY, SECRET_KEY, ALGORITHM
+from core.models import User, TokenData # Import TokenData
+
+# Dependency to get Supabase client
+def get_supabase_client() -> Client:
+    try:
+        return create_client(SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY)
+    except Exception as e:
+        print(f"Error initializing Supabase client: {e}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="Failed to connect to Supabase. Please check server configuration."
+        )
+
+# Authentication schemes
+oauth2_scheme = HTTPBearer(auto_error=False)
+api_key_header = APIKeyHeader(name="X-API-Key", auto_error=False)
+
+# Dependency to get current user from JWT token
+async def get_current_user_from_token(
+    credentials: Optional[HTTPAuthorizationCredentials] = Depends(oauth2_scheme),
+    supabase_client: Client = Depends(get_supabase_client)
+) -> Optional[User]:
+    if not credentials:
+        return None
+
+    token = credentials.credentials
+    try:
+        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+        user_id: str = payload.get("sub")
+        if user_id is None:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Invalid authentication credentials (token payload)",
+                headers={"WWW-Authenticate": "Bearer"},
+            )
+        
+        # Fetch user from sp_users table, including is_admin
+        res = supabase_client.table('sp_users').select('id, email, is_admin, email_verified').eq('id', user_id).single().execute()
+        if res.data:
+            return User(
+                id=res.data['id'], 
+                email=res.data['email'], 
+                is_admin=res.data.get('is_admin', False), # Default to False if not present
+                email_verified=res.data.get('email_verified', False)
+            )
+        else:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Invalid authentication credentials (user not found)",
+                headers={"WWW-Authenticate": "Bearer"},
+            )
+    except jwt.PyJWTError:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid authentication credentials (token invalid)",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    except Exception as e:
+        print(f"Error in get_current_user_from_token: {e}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Internal server error during token authentication: {e}",
+        )
+
+# Dependency to get current user from API Key
+async def get_current_user_from_api_key(
+    api_key: Optional[str] = Depends(api_key_header),
+    supabase_client: Client = Depends(get_supabase_client)
+) -> Optional[User]:
+    if not api_key:
+        return None
+
+    try:
+        res = supabase_client.table('sp_user_api_keys').select('user_id').eq('api_key', api_key).single().execute()
+        if res.data and res.data['user_id']:
+            user_id = res.data['user_id']
+            # Fetch user details from sp_users table, including is_admin
+            user_res = supabase_client.table('sp_users').select('id, email, is_admin, email_verified').eq('id', user_id).single().execute()
+            if user_res.data:
+                return User(
+                    id=user_res.data['id'], 
+                    email=user_res.data['email'], 
+                    is_admin=user_res.data.get('is_admin', False), # Default to False if not present
+                    email_verified=user_res.data.get('email_verified', False)
+                )
+            else:
+                raise HTTPException(
+                    status_code=status.HTTP_401_UNAUTHORIZED,
+                    detail="Invalid API Key or user not found",
+                    headers={"X-API-Key": "Invalid"},
+                )
+        else:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Invalid API Key",
+                headers={"X-API-Key": "Invalid"},
+            )
+    except Exception as e:
+        print(f"Error in get_current_user_from_api_key: {e}")
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail=f"Internal server error during API Key authentication: {e}",
+        )
+
+# Combined dependency for authentication
+async def get_current_active_user(
+    user_from_token: Optional[User] = Depends(get_current_user_from_token),
+    user_from_api_key: Optional[User] = Depends(get_current_user_from_api_key)
+) -> User:
+    if user_from_token:
+        return user_from_token
+    if user_from_api_key:
+        return user_from_api_key
+    
+    raise HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Not authenticated",
+        headers={"WWW-Authenticate": "Bearer or X-API-Key"},
+    )
+
+# New dependency to check for admin user
+async def get_current_admin_user(current_user: User = Depends(get_current_active_user)) -> User:
+    if not current_user.is_admin:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Operation forbidden: Not an administrator."
+        )
+    return current_user

core/models.py

@@ -0,0 +1,64 @@
+from datetime import datetime
+from typing import Optional
+from pydantic import BaseModel, Field
+
+class UserCredentials(BaseModel):
+    email: str
+    password: str
+    verification_code: Optional[str] = Field(None, alias="verificationCode") # Make verification code optional
+
+    class Config:
+        allow_population_by_field_name = True
+        populate_by_name = True
+
+class ForgotPasswordRequest(BaseModel):
+    email: str
+
+class Token(BaseModel):
+    access_token: str
+    token_type: str = "bearer"
+
+class TokenData(BaseModel): # New model for JWT payload
+    user_id: Optional[str] = None
+
+class User(BaseModel):
+    id: str
+    email: str
+    email_verified: bool = False
+    is_admin: bool = False
+    disabled: bool = True # Add disabled field, default to True
+
+class ApiKeyCreateResponse(BaseModel):
+    api_key: str
+
+class ApiKeyItem(BaseModel):
+    api_key: str
+    created_at: datetime
+
+class ChangePasswordRequest(BaseModel):
+    new_password: str
+    reset_token: Optional[str] = None # For password reset flow
+
+class ResetPasswordWithCodeRequest(BaseModel):
+    email: str
+    verification_code: str = Field(..., alias="verificationCode")
+    new_password: str
+
+    class Config:
+        allow_population_by_field_name = True
+        populate_by_name = True
+
+class AdminUser(BaseModel): # New model for admin view
+    id: str
+    email: str
+    email_verified: bool = False
+    created_at: datetime
+    is_admin: bool = False
+    disabled: bool = True # Add disabled field
+
+class UserUpdate(BaseModel): # New model for updating user info
+    email: Optional[str] = None
+    password: Optional[str] = None
+    email_verified: Optional[bool] = None
+    is_admin: Optional[bool] = None
+    disabled: Optional[bool] = None # Add optional disabled field

core/utils.py

@@ -0,0 +1,123 @@
+import jwt
+import smtplib
+import secrets
+import ssl # Import ssl
+import random # Import random for verification code generation
+import time # Import time for verification code expiration
+from datetime import datetime, timedelta
+from email.mime.text import MIMEText
+from email.header import Header
+from passlib.context import CryptContext
+from typing import Optional # Import Optional
+
+from core.config import SECRET_KEY, ALGORITHM, ACCESS_TOKEN_EXPIRE_MINUTES, \
+    SMTP_SERVER, SMTP_PORT, SMTP_USERNAME, SMTP_PASSWORD, SENDER_EMAIL, SENDER_NAME, \
+    VERIFICATION_CODE_EXPIRE_MINUTES
+
+# In-memory storage for verification codes (for demonstration purposes)
+# In a production environment, consider using Redis or a database for persistence and scalability
+verification_codes = {} # {email: {"code": "123456", "expires_at": timestamp}}
+
+# Password hashing context
+pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+
+# Helper functions for password hashing
+def verify_password(plain_password, hashed_password):
+    return pwd_context.verify(plain_password, hashed_password)
+
+def get_password_hash(password):
+    # Truncate password to 72 bytes as bcrypt has a limit
+    # This handles cases where users might input very long passwords
+    truncated_password = password.encode('utf-8')[:72].decode('utf-8', 'ignore')
+    return pwd_context.hash(truncated_password)
+
+# Helper function for JWT
+def create_access_token(data: dict, expires_delta: Optional[timedelta] = None):
+    to_encode = data.copy()
+    if expires_delta:
+        expire = datetime.utcnow() + expires_delta
+    else:
+        expire = datetime.utcnow() + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
+    to_encode.update({"exp": expire})
+    encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
+    return encoded_jwt
+
+def generate_verification_code():
+    """Generates a 6-digit numeric verification code."""
+    return str(random.randint(100000, 999999))
+
+def store_verification_code(email: str, code: str, prefix: str = ""):
+    """Stores the verification code with an expiration time, using an optional prefix for the key."""
+    key = prefix + email
+    expires_at = time.time() + VERIFICATION_CODE_EXPIRE_MINUTES * 60
+    verification_codes[key] = {"code": code, "expires_at": expires_at}
+    print(f"Stored verification code for {key}: {code}, expires at {datetime.fromtimestamp(expires_at)}")
+
+def verify_stored_code(email: str, code: str, prefix: str = "") -> bool:
+    """Verifies the provided code against the stored one and checks for expiration, using an optional prefix for the key."""
+    key = prefix + email
+    stored_data = verification_codes.get(key)
+    if not stored_data:
+        return False # No code stored for this email
+
+    if time.time() > stored_data["expires_at"]:
+        del verification_codes[key] # Remove expired code
+        return False # Code expired
+
+    return stored_data["code"] == code
+
+# Helper function for sending emails
+def send_email(to_email: str, subject: str, body: str):
+    if not all([SMTP_SERVER, SMTP_USERNAME, SMTP_PASSWORD, SENDER_EMAIL]):
+        print(f"错误: SMTP配置不完整。邮件未发送至 {to_email}。请检查 .env 文件中的 SMTP_SERVER, SMTP_USERNAME, SMTP_PASSWORD, SENDER_EMAIL。")
+        return False
+
+    msg = MIMEText(body, 'plain', 'utf-8')
+    msg['From'] = f"{SENDER_NAME} <{SENDER_EMAIL}>" # 调整From头部构建方式
+    msg['To'] = Header(to_email, 'utf-8')
+    msg['Subject'] = Header(subject, 'utf-8')
+
+    email_sent_successfully = False # 新增标志变量
+
+    try:
+        if SMTP_PORT == 587:
+            with smtplib.SMTP(SMTP_SERVER, SMTP_PORT, timeout=10) as server:
+                # server.set_debuglevel(1) # 生产环境不启用调试级别
+                server.starttls(context=ssl.create_default_context())
+                server.login(SMTP_USERNAME, SMTP_PASSWORD)
+                server.sendmail(SENDER_EMAIL, to_email, msg.as_string())
+                print(f"邮件发送成功至 {to_email} (端口: {SMTP_PORT})。")
+                email_sent_successfully = True
+        
+        elif SMTP_PORT == 465:
+            context = ssl.create_default_context()
+            context.check_hostname = False
+            context.verify_mode = ssl.CERT_NONE
+            with smtplib.SMTP_SSL(SMTP_SERVER, SMTP_PORT, context=context, timeout=10) as server:
+                # server.set_debuglevel(1) # 生产环境不启用调试级别
+                server.login(SMTP_USERNAME, SMTP_PASSWORD)
+                server.sendmail(SENDER_EMAIL, to_email, msg.as_string())
+                server.quit() # 明确关闭连接
+                print(f"邮件发送成功至 {to_email} (端口: {SMTP_PORT})。")
+                email_sent_successfully = True
+        else:
+            print(f"错误：不支持的端口 {SMTP_PORT}。邮件未发送至 {to_email}。目前只支持 465 (SSL) 和 587 (STARTTLS)。")
+
+    except smtplib.SMTPAuthenticationError:
+        print(f"认证失败：��件未发送至 {to_email}。请检查 .env 文件中的 SMTP_USERNAME 和 SMTP_PASSWORD。对于 QQ 邮箱，请确保使用的是授权码而非登录密码。")
+    except smtplib.SMTPConnectError as e:
+        print(f"连接失败：邮件未发送至 {to_email}。请检查 SMTP_SERVER 地址、SMTP_PORT 端口是否正确，以及网络防火墙设置。错误详情: {e}")
+    except smtplib.SMTPServerDisconnected as e:
+        print(f"SMTP 服务器意外断开连接：邮件未发送至 {to_email}。错误详情: {e}")
+    except smtplib.SMTPRecipientsRefused as e: # 添加更具体的异常捕获
+        print(f"收件人被拒绝：邮件未发送至 {to_email}。错误详情: {e}")
+    except smtplib.SMTPSenderRefused as e: # 添加更具体的异常捕获
+        print(f"发件人被拒绝：邮件未发送至 {to_email}。错误详情: {e}")
+    except smtplib.SMTPDataError as e: # 添加更具体的异常捕获
+        print(f"SMTP 数据错误：邮件未发送至 {to_email}。错误详情: {e}")
+    except smtplib.SMTPException as e:
+        print(f"SMTP 协议错误：邮件未发送至 {to_email}。错误详情: {e}")
+    except Exception as e:
+        print(f"发生未知错误：邮件未发送至 {to_email}。错误详情: {e}")
+    
+    return email_sent_successfully

memory-bank/activeContext.md

@@ -0,0 +1,62 @@
+# 活跃上下文 (Active Context)
+
+## 当前工作重点
+将 Vue.js/Bootstrap 前端和 Python/FastAPI/Supabase 后端集成到现有的 Docker 化 `spwebsite` 项目中，并确保其可运行。
+
+## 最近的更改
+1.  **`requirements.txt`**: 添加了 `supabase` 和 `python-dotenv` 依赖。
+2.  **`static/` 目录**: 创建了 `static` 目录，用于存放前端静态文件。
+3.  **`static/index.html`**: 更新了前端入口文件，添加了用户注册和登录表单，并修正了静态文件引用路径。
+4.  **`static/style.css`**: 创建了自定义样式文件。
+5.  **`static/app.js`**: 更新了 Vue.js 应用逻辑文件，添加了用户认证状态管理、注册/登录/退出方法，以及在认证后获取代理数据的方法。在成功登录后，将用户认证凭证（API Key）存储在本地存储中。
+6.  **`app.py`**:
+    *   配置了 FastAPI 以提供静态文件服务。
+    *   集成了 `python-dotenv` 来加载 `.env` 文件中的环境变量。
+    *   集成了 Supabase 客户端初始化逻辑。
+    *   添加了 `/api/auth/signup` 和 `/api/auth/login` API 端点，用于用户注册和登录。
+    *   添加了 `/api/user/generate-api-key` 端点，用于已登录用户生成持久的 API Key。
+    *   添加了 `/api/user/api-keys` 端点，用于获取用户已生成的 API Key 列表。
+    *   添加了 `/api/user/me` 端点，用于获取当前登录用户的电子邮件。
+    *   添加了 `/api/auth/change-password` 端点，用于用户修改密码。
+    *   修改了 `/api/proxies` 示例 API 端点，使其需要用户认证，并将表名修改为 `sp_proxies`。
+    *   添加了 `/api/auth/forgot-password` 端点，用于处理忘记密码请求。
+    *   修改了根路由 `/` 以返回 `index.html`。
+    *   添加了 `/login` 路由，用于返回 `static/login.html`。
+7.  **`README.md`**: 更新了项目概述、技术栈、本地运行指南（包括 `conda` 和 `uvicorn` 命令、`python-dotenv` 安装、`.env` 文件创建说明和 Supabase 用户信息）和部署说明。
+8.  **`app.py`**: 恢复了 `signup` 端点，使其使用 `supabase.auth.sign_up` 进行用户注册，而不是管理员创建用户。
+9.  **`.env` 文件**: 生成了包含 Supabase 凭证占位符的 `.env` 文件。
+10. **`../solutions/supabase_solution.md`**: 更新了数据表命名规范和示例代码中的表名，并添加了 `python-dotenv` 的使用说明。
+11. **前端 DOM 警告修复**: 解决了 `static/login.html` 和 `static/reset-password.html` 页面中所有 `autocomplete` 属性相关的 DOM 警告。
+12. **重置密码流程更新**:
+    *   修改了 `static/reset-password.html` 的前端逻辑，使其不再依赖 `reset_token`，而是通过邮箱和验证码重置密码。
+    *   在 `static/js/auth.js` 中添加了 `sendResetVerificationCode` 和 `resetPasswordWithCode` 方法，并更新了 `authMounted` 逻辑。
+    *   在后端 `routes/auth.py` 中实现了 `/api/auth/send-reset-password-code` 和 `/api/auth/reset-password-with-code` 两个新接口。
+    *   在 `core/models.py` 中定义了 `ResetPasswordWithCodeRequest` 模型。
+    *   修复了 `routes/auth.py` 中重复的 `signup` 路由定义。
+    *   修改了 `core/utils.py` 中的 `store_verification_code` 和 `verify_stored_code` 函数，使其支持 `prefix` 参数，解决了后端报错。
+
+## 下一步计划
+1.  在 Supabase 控制台中创建 `airsltd` 项目，并设计 `sp_proxies` 表和 `sp_user_api_keys` 表（表名前缀为 `sp_`）。
+2.  确保 `.env` 文件中的 Supabase 凭证已正确配置。
+3.  在 Supabase 控制台中启用邮件认证，并根据需要配置其他认证提供商。
+4.  测试用户注册、登录、API Key 生成、代理数据获取、密码修改和忘记密码功能。
+5.  根据实际需求，扩展前端界面和后端 API，实现更多功能。
+
+## 下一步计划
+1.  在 Supabase 控制台中创建 `airsltd` 项目，并设计 `sp_proxies` 表和 `sp_user_api_keys` 表（表名前缀为 `sp_`）。
+2.  确保 `.env` 文件中的 Supabase 凭证已正确配置。
+3.  在 Supabase 控制台中启用邮件认证，并根据需要配置其他认证提供商。
+4.  测试用户注册、登录、API Key 生成、代理数据获取、密码修改和忘记密码功能。
+5.  根据实际需求，扩展前端界面和后端 API，实现更多功能。
+
+## 活跃的决策和考虑事项
+*   **前后端一体**: 项目被确认为前后端一体的 Docker 化应用。
+*   **部署环境**: Hugging Face Spaces 通过 `Dockerfile` 自动生成镜像，无需手动 `docker build`。
+*   **本地运行**: 使用 `conda activate airs && uvicorn app:app --host 0.0.0.0 --port 7860 --reload` 命令在本地运行。
+*   **Supabase 凭证**: 需通过环境变量安全配置。
+
+## 学习和项目洞察
+*   理解了 Hugging Face Spaces 的 Docker 部署机制。
+*   确认了 `spwebsite` 项目的集成方式和运行环境。
+*   调试了 Supabase 邮件验证问题，并确认了后端 API 的功能。
+*   成功将认证逻辑分离到独立的登录页面。

memory-bank/productContext.md

@@ -0,0 +1,15 @@
+# 产品背景 (Product Context)
+
+## 项目存在的目的
+`spwebsite` 项目旨在为 `superproxy` 服务提供一个用户友好的管理界面和展示平台。它将允许用户查看代理信息、管理数据，并可能在未来扩展更多功能。
+
+## 解决的问题
+1.  **缺乏统一界面**: 为 `superproxy` 后端服务提供一个集中的、可视化的管理界面，方便用户操作和监控。
+2.  **数据展示**: 能够清晰地展示 Supabase 中存储的代理数据，提高数据可读性。
+3.  **简化交互**: 简化用户与后端服务的交互过程，无需直接操作 API 或数据库。
+
+## 用户体验目标
+1.  **直观易用**: 界面设计应简洁直观，用户能够轻松理解和操作。
+2.  **响应迅速**: 前端应用应具有良好的响应性，提供流畅的用户体验。
+3.  **信息清晰**: 关键信息（如代理状态、数据）应清晰地呈现给用户。
+4.  **可靠稳定**: 确保前后端集成稳定可靠，数据交互准确无误。

memory-bank/progress.md

@@ -0,0 +1,45 @@
+# 进度 (Progress)
+
+## 已完成的工作
+1.  **项目初始化**: 根据 `sp_website_solution.md` 和 `supabase_solution.md` 进行了项目结构调整。
+2.  **前端集成**:
+    *   创建了 `static/` 目录。
+    *   更新了 `static/index.html`，添加了用户注册和登录表单，并修正了静态文件引用路径。
+    *   创建了 `static/style.css`。
+    *   更新了 `static/app.js`，添加了用户认证状态管理、注册/登录/退出方法，以及在认证后获取代理数据的方法。在成功登录后，将用户认证凭证（API Key）存储在本地存储中。同时，添加了获取用户电子邮件和修改密码的逻辑。
+    *   解决了 `static/login.html` 和 `static/reset-password.html` 页面中所有 `autocomplete` 属性相关的 DOM 警告。
+    *   修改了 `static/reset-password.html` 的前端逻辑，使其不再依赖 `reset_token`，而是通过邮箱和验证码重置密码。
+    *   在 `static/js/auth.js` 中添加了 `sendResetVerificationCode` 和 `resetPasswordWithCode` 方法，并更新了 `authMounted` 逻辑。
+3.  **后端集成**:
+    *   更新了 `requirements.txt`，添加了 `supabase` 和 `python-dotenv` 依赖。
+    *   修改了 `app.py`，使其能够提供静态文件服务，集成了 `python-dotenv` 来加载环境变量，集成了 Supabase 客户端初始化，添加了 `/api/auth/signup` 和 `/api/auth/login` API 端点，用于用户注册和登录，添加了 `/api/user/generate-api-key` 端点用于生成 API Key，添加了 `/api/user/api-keys` 端点用于获取 API Key 列表，添加了 `/api/user/me` 端点用于获取当前登录用户的电子邮件，添加了 `/api/auth/change-password` 端点用于用户修改密码，并修改了 `/api/proxies` 示例 API 端点使其需要用户认证，并将表名修改为 `sp_proxies`。
+    *   恢复了 `app.py` 中的 `signup` 端点，使其使用 `supabase.auth.sign_up` 进行用户注册，而不是管理员创建用户。
+    *   创建了 `static/login.html`，用于独立的登录/注册页面。
+    *   修改了 `static/index.html`，移除了认证表单，并添加了指向 `/login` 的链接。
+    *   修改了 `static/app.js`，调整了 Vue.js 逻辑，使其在 `index.html` 和 `login.html` 中都能正确工作，并添加了重定向逻辑。
+    *   修改了 `app.py`，添加了 `/login` 路由，用于返回 `static/login.html`。
+    *   在 `routes/auth.py` 中实现了 `/api/auth/send-reset-password-code` 和 `/api/auth/reset-password-with-code` 两个新接口。
+    *   在 `core/models.py` 中定义了 `ResetPasswordWithCodeRequest` 模型。
+    *   修复了 `routes/auth.py` 中重复的 `signup` 路由定义。
+    *   修改了 `core/utils.py` 中的 `store_verification_code` 和 `verify_stored_code` 函数，使其支持 `prefix` 参数，解决了后端报错。
+4.  **文档更新**: 更新了 `README.md`，反映了项目的新功能、技术栈和正确的本地运行指南。
+5.  **Memory Bank 更新**: 更新了所有核心 Memory Bank 文件以反映项目最新状态。
+6.  **Supabase 解决方案文件更新**: 更新了 `../solutions/supabase_solution.md`。
+7.  **`.env` 文件生成**: 生成了包含 Supabase 凭证占位符的 `.env` 文件。
+
+## 剩余的工作
+1.  **Supabase 数据库设置**: 在 Supabase 控制台中创建 `airsltd` 项目，并设计 `sp_proxies` 表和 `sp_user_api_keys` 表（表名前缀为 `sp_`）。
+2.  **前端数据展示**: 在 `static/app.js` 中实现 `fetchProxies` 方法，使其能够调用后端 `/api/proxies` 端点并显示从 Supabase 获取的数据。
+3.  **功能扩展**: 根据实际需求，进一步开发前端界面和后端 API，实现更多功能。
+4.  **Supabase 认证配置**: 在 Supabase 控制台中启用邮件认证，并根据需要配置其他认证提供商。
+5.  **测试**: 测试用户注册、登录、API Key 生成、代理数据获取、密码修改和忘记密码功能。
+
+## 当前状态
+项目已完成前后端一体框架的搭建，前端和后端的基本集成已完成，并实现了用户注册、登录、API Key 申请、获取用户电子邮件、修改密码和忘记密码功能。认证逻辑已分离到独立的登录页面。项目现在可以在本地通过 `conda` 和 `uvicorn` 命令运行，并准备好与 Supabase 数据库进行实际的数据交互。
+
+## 已知问题
+*   `static/app.js` 中的 `fetchProxies` 方法目前是注释掉的，需要手动启用并根据 Supabase 实际数据结构进行调整。
+*   Supabase 数据库的 `sp_proxies` 表和 `sp_user_api_keys` 表尚未创建，需要手动在 Supabase 控制台完成。
+*   环境变量 `SUPABASE_URL` 和 `SUPABASE_ANON_KEY` 需要在本地 `.env` 文件或部署环境中配置。
+*   `SUPABASE_SERVICE_ROLE_KEY` 需要在 `.env` 文件中配置，以便后端能够修改用户密码。
+*   Supabase 的邮件认证可能需要额外配置，否则用户注册后需要手动确认邮件。

memory-bank/projectBrief.md

@@ -0,0 +1,17 @@
+# 项目简报 (Project Brief)
+
+## 项目名称
+SP Website
+
+## 项目目标
+构建一个前后端一体的 Docker 化 Web 应用，提供基于 Vue.js 和 Bootstrap 的前端界面，并与使用 Python (FastAPI) 和 Supabase 数据库的后端服务进行交互。
+
+## 核心需求
+1.  **前端界面**: 基于 Vue.js (CDN) 和 Bootstrap 5.3 (CDN) 的响应式用户界面。
+2.  **后端服务**: 使用 Python (FastAPI) 提供 RESTful API，处理业务逻辑。
+3.  **数据存储**: 集成 Supabase (PostgreSQL) 作为主要数据库。
+4.  **容器化**: 项目应完全 Docker 化，支持在 Docker 环境中构建、运行和部署。
+5.  **部署**: 兼容 Hugging Face Spaces 的 Docker 部署流程。
+
+## 范围
+本项目涵盖前端界面开发、后端 API 实现、Supabase 数据库集成和 Docker 化部署。

memory-bank/systemPatterns.md

@@ -0,0 +1,39 @@
+# 系统模式 (System Patterns)
+
+## 系统架构
+`spwebsite` 采用前后端一体的单体应用架构，通过 Docker 进行容器化部署。
+
+*   **前端**: 静态文件 (HTML, CSS, JavaScript) 由后端 FastAPI 应用提供服务。
+*   **后端**: Python FastAPI 应用处理业务逻辑、API 请求，并与 Supabase 数据库交互。
+*   **数据库**: 外部托管的 Supabase (PostgreSQL) 数据库。
+
+```mermaid
+graph TD
+    Browser --> FastAPI_App[FastAPI 应用 (Python)]
+    FastAPI_App --> StaticFiles[提供静态文件 (Vue.js/Bootstrap)]
+    FastAPI_App --> Supabase_DB[Supabase 数据库 (PostgreSQL)]
+    StaticFiles --> Browser
+```
+
+## 关键技术决策
+1.  **前后端一体**: 简化部署和开发流程，尤其适用于 Hugging Face Spaces 的 Docker 部署。
+2.  **FastAPI**: 选择 FastAPI 作为后端框架，因为它性能高、易于使用，并内置 OpenAPI/Swagger 文档。
+3.  **Vue.js (CDN)**: 采用 CDN 方式引入 Vue.js，避免了复杂的构建工具链，简化了前端开发和部署。
+4.  **Bootstrap 5.3 (CDN)**: 同样通过 CDN 引入，提供快速响应式 UI 开发能力。
+5.  **Supabase**: 作为后端即服务 (BaaS) 解决方案，提供托管的 PostgreSQL 数据库、认证和 API，大大减少了后端基础设施的维护工作。
+6.  **Docker**: 容器化确保了开发、测试和生产环境的一致性。
+
+## 设计模式
+*   **MVC/MVVM (前端)**: Vue.js 自然地支持 MVVM 模式，通过数据绑定和组件化管理 UI 状态和行为。
+*   **RESTful API (后端)**: 后端通过 RESTful 风格的 API 端点与前端通信。
+*   **依赖注入 (后端)**: FastAPI 通过其依赖注入系统简化了请求处理和资源管理。
+
+## 组件关系
+*   **`index.html`**: 前端应用的入口，加载所有静态资源和 Vue 应用。
+*   **`style.css`**: 定义全局和组件级样式。
+*   **`app.js`**: 包含 Vue 根实例，管理应用状态和行为，通过 `fetch` API 调用后端。
+*   **`app.py`**:
+    *   使用 `StaticFiles` 挂载 `static/` 目录，提供前端文件。
+    *   定义 API 路由 (`/api/proxies`)，处理前端请求。
+    *   通过 `supabase` 客户端与 Supabase 数据库进行 CRUD 操作。
+*   **Supabase 数据库**: 存储 `sp_proxies` 等应用数据（表名前缀为 `sp_`），并通过 RLS 提供数据安全。

memory-bank/techContext.md

@@ -0,0 +1,35 @@
+# 技术背景 (Tech Context)
+
+## 使用的技术
+*   **前端**:
+    *   HTML5, CSS3, JavaScript
+    *   Vue.js 3 (通过 CDN 引入)
+    *   Bootstrap 5.3 (通过 CDN 引入)
+*   **后端**:
+    *   Python 3.x
+    *   FastAPI (Web 框架)
+    *   Uvicorn (ASGI 服务器)
+    *   Supabase Python SDK (数据库客户端)
+*   **数据库**: Supabase (托管 PostgreSQL)
+*   **容器化**: Docker
+
+## 开发设置
+*   **Python 环境**: 建议使用 Conda 管理 Python 环境，并激活 `airs` 环境。
+*   **依赖管理**: `requirements.txt` 文件用于管理 Python 依赖。
+*   **环境变量**: Supabase 凭证 (`SUPABASE_URL`, `SUPABASE_ANON_KEY`) 通过环境变量配置。
+*   **本地运行**: 使用 `conda activate airs && uvicorn app:app --host 0.0.0.0 --port 7860 --reload` 命令。
+
+## 技术约束
+*   **CDN 依赖**: 前端 Vue.js 和 Bootstrap 依赖于 CDN，需要网络连接才能加载。
+*   **Supabase 外部依赖**: 数据库服务由 Supabase 托管，需要稳定的网络连接。
+*   **Hugging Face Spaces 限制**: 部署到 Hugging Face Spaces 时，需要遵循其平台规范和资源限制。
+
+## 依赖
+*   **Python 依赖**: `fastapi`, `uvicorn[standard]`, `supabase` (列于 `requirements.txt`)。
+*   **前端依赖**: Vue.js 3, Bootstrap 5.3 (通过 CDN 引入)。
+
+## 工具使用模式
+*   **Git**: 用于版本控制和代码部署到 Hugging Face Spaces。
+*   **Docker**: 用于容器化应用，确保环境一致性。
+*   **Conda**: 用于管理 Python 虚拟环境。
+*   **uvicorn**: 用于在本地运行 FastAPI 应用。

push.sh

@@ -0,0 +1,3 @@
+git add .
+git commit -m "update"
+git push

requirements.txt

@@ -0,0 +1,10 @@
+fastapi
+uvicorn[standard]
+supabase
+python-dotenv
+passlib==1.7.4
+bcrypt==4.0.1
+PyJWT
+gotrue
+pytest
+httpx

routes/admin.py

@@ -0,0 +1,125 @@
+from fastapi import APIRouter, File, UploadFile, HTTPException, status, Depends, Query
+from typing import List, Optional
+import os
+from supabase import create_client, Client
+from gotrue.errors import AuthApiError
+from pydantic import BaseModel # Import BaseModel for UserListResponse
+
+from core.config import SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY
+from core.dependencies import get_current_admin_user, get_supabase_client
+from core.models import User, AdminUser, UserUpdate
+from core.utils import get_password_hash
+
+router = APIRouter()
+
+UPLOAD_DIRECTORY = "static/images"
+
+@router.post("/upload-image")
+async def upload_image(file: UploadFile = File(...), current_user: User = Depends(get_current_admin_user)):
+    """
+    上传图片到 /static/images 目录。
+    """
+    if not os.path.exists(UPLOAD_DIRECTORY):
+        os.makedirs(UPLOAD_DIRECTORY)
+
+    file_location = os.path.join(UPLOAD_DIRECTORY, file.filename)
+    try:
+        with open(file_location, "wb+") as file_object:
+            file_object.write(await file.read())
+        return {"filename": file.filename, "path": f"/{UPLOAD_DIRECTORY}/{file.filename}", "message": "图片上传成功"}
+    except Exception as e:
+        raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=f"图片上传失败: {e}")
+
+class UserListResponse(BaseModel):
+    users: List[AdminUser]
+    total_count: int
+
+@router.get("/users", response_model=UserListResponse) # Update response_model
+async def get_all_users(
+    current_user: User = Depends(get_current_admin_user),
+    supabase_client: Client = Depends(get_supabase_client),
+    page: int = Query(1, ge=1),
+    page_size: int = Query(10, ge=1, le=100),
+    search: Optional[str] = Query(None)
+):
+    """
+    获取所有用户列表（仅限管理员）。
+    """
+    offset = (page - 1) * page_size
+    query = supabase_client.table('sp_users').select('id, email, email_verified, created_at, is_admin, disabled', count='exact') # Include disabled field
+    
+    if search:
+        query = query.ilike('email', f"%{search}%") # Case-insensitive search by email
+
+    res = query.order('created_at', desc=True).range(offset, offset + page_size - 1).execute()
+    
+    users = [AdminUser(**user) for user in res.data]
+    total_count = res.count
+    
+    return {"users": users, "total_count": total_count}
+
+@router.get("/users/{user_id}", response_model=AdminUser)
+async def get_user_by_id(
+    user_id: str,
+    current_user: User = Depends(get_current_admin_user),
+    supabase_client: Client = Depends(get_supabase_client)
+):
+    """
+    根据用户ID获取单个用户信息（仅限管理员）。
+    """
+    res = supabase_client.table('sp_users').select('id, email, email_verified, created_at, is_admin, disabled').eq('id', user_id).single().execute() # Include disabled field
+    if not res.data:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="用户未找到")
+    return AdminUser(**res.data)
+
+@router.put("/users/{user_id}", response_model=AdminUser)
+async def update_user(
+    user_id: str,
+    user_update: UserUpdate,
+    current_user: User = Depends(get_current_admin_user),
+    supabase_client: Client = Depends(get_supabase_client)
+):
+    """
+    更新用户信息（仅限管理员）。
+    """
+    update_data = user_update.dict(exclude_unset=True)
+    
+    if 'password' in update_data and update_data['password']:
+        update_data['password_hash'] = get_password_hash(update_data['password'])
+        del update_data['password'] # Remove plain password from update_data
+
+    # Handle disabled field update
+    if 'disabled' in update_data and update_data['disabled'] is not None:
+        # Supabase update for 'disabled' field
+        pass # The update_data dictionary already contains 'disabled' if it was set
+
+    if not update_data:
+        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="没有提供更新数据")
+
+    res = supabase_client.table('sp_users').update(update_data).eq('id', user_id).execute()
+    
+    if not res.data:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="用户未找到或更新失败")
+    
+    # Fetch the updated user to return
+    updated_user_res = supabase_client.table('sp_users').select('id, email, email_verified, created_at, is_admin, disabled').eq('id', user_id).single().execute() # Include disabled field
+    return AdminUser(**updated_user_res.data)
+
+@router.delete("/users/{user_id}", status_code=status.HTTP_204_NO_CONTENT)
+async def delete_user(
+    user_id: str,
+    current_user: User = Depends(get_current_admin_user),
+    supabase_client: Client = Depends(get_supabase_client)
+):
+    """
+    删除用户（仅限管理员）。
+    """
+    # First, delete associated API keys
+    supabase_client.table('sp_user_api_keys').delete().eq('user_id', user_id).execute()
+
+    # Then delete the user from sp_users table
+    res = supabase_client.table('sp_users').delete().eq('id', user_id).execute()
+    
+    if not res.data:
+        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="用户未找到或删除失败")
+    return

routes/api_keys.py

@@ -0,0 +1,56 @@
+import secrets
+from datetime import datetime
+import secrets
+from datetime import datetime
+from fastapi import APIRouter, HTTPException, Depends, status
+from supabase import Client
+
+from core.config import SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY
+from core.models import User, ApiKeyCreateResponse, ApiKeyItem
+from core.dependencies import get_current_active_user, get_supabase_client # Import get_supabase_client
+
+router = APIRouter()
+
+@router.post("/generate-api-key", response_model=ApiKeyCreateResponse)
+async def generate_api_key(
+    current_user: User = Depends(get_current_active_user),
+    supabase_client: Client = Depends(get_supabase_client) # Inject Supabase client
+):
+    try:
+        # Generate a secure random API Key
+        new_api_key = secrets.token_urlsafe(32) # 32 bytes = 43 characters
+
+        # Store the API Key in the database
+        data, count = supabase_client.table('sp_user_api_keys').insert({
+            "user_id": current_user.id,
+            "api_key": new_api_key,
+            "created_at": datetime.now().isoformat() # Store creation time
+        }).execute()
+
+        if data:
+            return ApiKeyCreateResponse(api_key=new_api_key)
+        else:
+            raise HTTPException(
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                detail="Failed to store API Key."
+            )
+    except Exception as e:
+        raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=str(e))
+
+@router.get("/api-keys", response_model=list[ApiKeyItem])
+async def get_user_api_keys(
+    current_user: User = Depends(get_current_active_user),
+    supabase_client: Client = Depends(get_supabase_client) # Inject Supabase client
+):
+    try:
+        res = supabase_client.table('sp_user_api_keys').select('api_key, created_at').eq('user_id', current_user.id).execute()
+        return [ApiKeyItem(**item) for item in res.data]
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
+@router.get("/me", response_model=User)
+async def get_me(current_user: User = Depends(get_current_active_user)):
+    """
+    获取当前登录用户的详细信息。
+    """
+    return current_user

routes/auth.py

@@ -0,0 +1,369 @@
+from datetime import datetime, timedelta
+from typing import Optional
+from fastapi import APIRouter, HTTPException, Depends, status, Request
+from pydantic import BaseModel # Import BaseModel for EmailRequest
+from supabase import create_client, Client # Import create_client
+from gotrue.errors import AuthApiError
+
+from core.config import SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY, SECRET_KEY, ALGORITHM, VERIFICATION_CODE_EXPIRE_MINUTES
+from core.models import UserCredentials, ForgotPasswordRequest, Token, User, ChangePasswordRequest, ResetPasswordWithCodeRequest # Import new model
+from core.utils import verify_password, get_password_hash, create_access_token, send_email, \
+    generate_verification_code, store_verification_code, verify_stored_code # Import verification code utilities
+from core.dependencies import get_current_active_user, get_current_user_from_token
+import jwt # Import jwt for change_password
+
+class EmailRequest(BaseModel):
+    email: str
+
+router = APIRouter()
+
+# Supabase Client (service role for custom user management)
+service_supabase: Client = create_client(SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY)
+
+@router.post("/send-verification-code")
+async def send_verification_code(email_request: EmailRequest):
+    """
+    生成并发送邮箱验证码。
+    """
+    try:
+        # Check if user already exists
+        res = service_supabase.table('sp_users').select('id').eq('email', email_request.email).execute()
+        if res.data and len(res.data) > 0:
+            # 如果邮箱已注册，返回一个不同的消息，而不是抛出错误
+            return {"message": "此邮箱已被注册，请直接登录或尝试找回密码。"}
+
+        code = generate_verification_code()
+        store_verification_code(email_request.email, code)
+
+        email_body = f"您好，\n\n您的验证码是：{code}\n\n此验证码将在 {VERIFICATION_CODE_EXPIRE_MINUTES} 分钟后失效。\n\n如果您没有请求此验证码，请忽略此邮件。\n\n此致，\nSuperProxy Support"
+
+        try:
+            print(f"Attempting to send verification email to {email_request.email}...")
+            email_sent = send_email(email_request.email, "您的验证码", email_body)
+            if email_sent:
+                print(f"Verification email successfully sent to {email_request.email}.")
+                return {"message": "验证码已发送，请检查您的邮箱。"}
+            else:
+                print(f"Failed to send verification email to {email_request.email}. send_email returned False.")
+                raise HTTPException(
+                    status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                    detail="发送验证码失败。请联系管理员或检查邮箱配置。"
+                )
+        except Exception as email_error:
+            print(f"Error sending verification email to {email_request.email}: {email_error}")
+            raise HTTPException(
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                detail="发送验证码失败。请检查邮箱配置或联系管理员。"
+            )
+    except HTTPException:
+        raise
+    except Exception as e:
+        print(f"Error in send_verification_code: {e}")
+        raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=str(e))
+
+@router.post("/send-reset-password-code")
+async def send_reset_password_code(email_request: EmailRequest):
+    """
+    生成并发送用于重置密码的邮箱验证码。
+    """
+    try:
+        # Check if user exists
+        res = service_supabase.table('sp_users').select('id').eq('email', email_request.email).execute()
+        if not res.data or len(res.data) == 0:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail="此邮箱未注册。"
+            )
+
+        code = generate_verification_code()
+        store_verification_code(email_request.email, code, prefix="reset_") # Use a different prefix for reset codes
+
+        email_body = f"您好，\n\n您请求重置密码。您的验证码是：{code}\n\n此验证码将在 {VERIFICATION_CODE_EXPIRE_MINUTES} 分钟后失效。\n\n如果您没有请求此操作，请忽略此邮件。\n\n此致，\nSuperProxy Support"
+
+        try:
+            print(f"Attempting to send reset password verification email to {email_request.email}...")
+            email_sent = send_email(email_request.email, "您的重置密码验证码", email_body)
+            if email_sent:
+                print(f"Reset password verification email successfully sent to {email_request.email}.")
+                return {"message": "重置密码验证码已发送，请检查您的邮箱。"}
+            else:
+                print(f"Failed to send reset password verification email to {email_request.email}. send_email returned False.")
+                raise HTTPException(
+                    status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                    detail="发送重置密码验证码��败。请联系管理员或检查邮箱配置。"
+                )
+        except Exception as email_error:
+            print(f"Error sending reset password verification email to {email_request.email}: {email_error}")
+            raise HTTPException(
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                detail="发送重置密码验证码失败。请检查邮箱配置或联系管理员。"
+            )
+    except HTTPException:
+        raise
+    except Exception as e:
+        print(f"Error in send_reset_password_code: {e}")
+        raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=str(e))
+
+
+@router.post("/signup")
+async def signup(user_credentials: UserCredentials, request: Request):
+    try:
+        # Check if user already exists in sp_users table
+        res = service_supabase.table('sp_users').select('id').eq('email', user_credentials.email).execute()
+        if res.data and len(res.data) > 0:
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="此邮箱已被注册。"
+            )
+        
+        # Verify the provided verification code
+        if not verify_stored_code(user_credentials.email, user_credentials.verification_code):
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="验证码不正确或已过期。"
+            )
+
+        hashed_password = get_password_hash(user_credentials.password)
+        
+        # Insert user into sp_users table after successful email verification
+        data, count = service_supabase.table('sp_users').insert({
+            "email": user_credentials.email,
+            "password_hash": hashed_password,
+            "created_at": datetime.now().isoformat(),
+            "email_verified": True, # Mark email as verified
+            "is_admin": False # New users are not admins by default
+        }).execute()
+
+        if data:
+            return {"message": "注册成功！您现在可以登录。"}
+        else:
+            raise HTTPException(
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                detail="注册失败，无法创建用户。请联系管理员。"
+            )
+    except HTTPException:
+        raise
+    except Exception as e:
+        print(f"Error in signup: {e}")
+        raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=str(e))
+
+@router.get("/verify-email")
+async def verify_email(token: str):
+    try:
+        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+        email: str = payload.get("sub")
+        token_type: str = payload.get("type")
+        password_hash: str = payload.get("password_hash")
+
+        if email is None or token_type != "email_verification" or password_hash is None:
+            raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Invalid or expired verification token.")
+
+        # Check if user already exists (e.g., if verification link was clicked multiple times)
+        res = service_supabase.table('sp_users').select('id').eq('email', email).execute()
+        if res.data and len(res.data) > 0:
+            return {"message": "邮箱已验证，您现在可以登录。"}
+
+        # Insert user into sp_users table after successful email verification
+        data, count = service_supabase.table('sp_users').insert({
+            "email": email,
+            "password_hash": password_hash,
+            "created_at": datetime.now().isoformat(),
+            "email_verified": True, # Mark email as verified
+            "is_admin": False # New users are not admins by default
+        }).execute()
+
+        if data:
+            return {"message": "邮箱验证成功！您现在可以登录。"}
+        else:
+            raise HTTPException(
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                detail="邮箱验证失败，无法创建用户。请联系管理员。"
+            )
+    except jwt.PyJWTError:
+        raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Invalid or expired verification token.")
+    except Exception as e:
+        print(f"Error in verify_email: {e}")
+        raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=str(e))
+
+@router.post("/login", response_model=Token)
+async def login(user_credentials: UserCredentials):
+    try:
+        try:
+            res = service_supabase.table('sp_users').select('id, email, password_hash').eq('email', user_credentials.email).single().execute()
+            user_data = res.data
+        except AuthApiError as e: # Catch Supabase specific errors
+            if "The result contains 0 rows" in e.message:
+                raise HTTPException(
+                    status_code=status.HTTP_404_NOT_FOUND, # 404 for user not found
+                    detail="用户名不存在。"
+                )
+            else:
+                print(f"AuthApiError fetching user in login: {e}")
+                raise HTTPException(
+                    status_code=status.HTTP_401_UNAUTHORIZED,
+                    detail="用户名或密码不正确，请重新输入。"
+                )
+        except Exception as e:
+            print(f"Unexpected error fetching user in login: {e}")
+            raise HTTPException(
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                detail="邮箱或密码错误。请重新输入！"
+            )
+        
+        if not verify_password(user_credentials.password, user_data['password_hash']):
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="用户名或密码不正确，请重新输入。"
+            )
+        
+        access_token_expires = timedelta(minutes=30) # ACCESS_TOKEN_EXPIRE_MINUTES from config
+        access_token = create_access_token(
+            data={"sub": user_data['id']}, expires_delta=access_token_expires
+        )
+        return Token(access_token=access_token)
+    except HTTPException:
+        raise
+    except Exception as e:
+        print(f"Unexpected error in login: {e}")
+        raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail="邮箱或密码错误。请重新输入！")
+
+@router.post("/forgot-password")
+async def forgot_password(request: Request, forgot_password_request: ForgotPasswordRequest):
+    """
+    发送密码重置邮件。
+    """
+    try:
+        try:
+            res = service_supabase.table('sp_users').select('id').eq('email', forgot_password_request.email).single().execute()
+            user_data = res.data
+        except AuthApiError as e:
+            if "The result contains 0 rows" in e.message:
+                raise HTTPException(
+                    status_code=status.HTTP_404_NOT_FOUND,
+                    detail="邮箱不存在！"
+                )
+            else:
+                print(f"AuthApiError fetching user in forgot_password: {e}")
+                raise HTTPException(
+                    status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                    detail="发送密码重置邮件失败，请稍后再试。"
+                )
+        except Exception as e:
+            print(f"Unexpected error fetching user in forgot_password: {e}")
+            raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail="邮箱不存在！")
+        
+        user_id = user_data['id']
+        
+        # Generate a password reset token
+        reset_token_expires = timedelta(hours=1) # Token valid for 1 hour
+        reset_token = create_access_token(
+            data={"sub": user_id, "type": "password_reset"}, expires_delta=reset_token_expires
+        )
+        
+        # Construct reset link
+        # Assuming the frontend reset-password page is at /reset-password
+        # And it expects a 'token' query parameter
+        reset_link = f"{request.url.scheme}://{request.url.netloc}/reset-password?token={reset_token}"
+        
+        email_body = f"您好，\n\n您请求重置密码。请点击以下链接重置您的密码：\n\n{reset_link}\n\n此链接将在1小时后失效。\n\n如果您没有请求此操作，请忽略此邮件。\n\n此致，\nSuperProxy Support"
+        
+        print(f"Attempting to send password reset email to {forgot_password_request.email}...")
+        email_sent = send_email(forgot_password_request.email, "密码重置请求", email_body)
+        if email_sent:
+            print(f"Password reset email successfully sent to {forgot_password_request.email}.")
+            return {"message": "密码重置邮件已发送，请检查您的邮箱。"}
+        else:
+            print(f"Failed to send password reset email to {forgot_password_request.email}. send_email returned False.")
+            raise HTTPException(
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                detail="发送密码重置邮件失败，请检查服务器日志或邮箱配置。"
+            )
+    except HTTPException:
+        raise
+    except Exception as e:
+        print(f"Unexpected error in forgot_password: {e}")
+        raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail="邮箱不存在！")
+
+@router.post("/change-password")
+async def change_password(
+    password_request: ChangePasswordRequest,
+    current_user: Optional[User] = Depends(get_current_user_from_token) # Only allow token auth for this
+):
+    """
+    允许已登录用户修改其密码，或通过重置令牌修改密码。
+    """
+    try:
+        user_id_to_update = None
+        if password_request.reset_token:
+            # Verify reset token
+            try:
+                payload = jwt.decode(password_request.reset_token, SECRET_KEY, algorithms=[ALGORITHM])
+                token_type = payload.get("type")
+                user_id_to_update = payload.get("sub")
+                if token_type != "password_reset" or user_id_to_update is None:
+                    raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Invalid reset token type.")
+            except jwt.PyJWTError:
+                raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Invalid or expired reset token.")
+        elif current_user:
+            user_id_to_update = current_user.id
+        else:
+            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Not authenticated or no reset token provided.")
+
+        if not user_id_to_update:
+            raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST, detail="Could not determine user to update.")
+
+        hashed_password = get_password_hash(password_request.new_password)
+        
+        data, count = service_supabase.table('sp_users').update({'password_hash': hashed_password}).eq('id', user_id_to_update).execute()
+
+        if data:
+            return {"message": "Password updated successfully. Please log in again with your new password."}
+        else:
+            raise HTTPException(
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                detail="Failed to update password."
+            )
+    except Exception as e:
+        print(f"Error in change_password: {e}")
+        raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=str(e))
+
+@router.post("/reset-password-with-code")
+async def reset_password_with_code(reset_request: ResetPasswordWithCodeRequest):
+    """
+    通过邮箱、验证码和新密码重置用户密码。
+    """
+    try:
+        # 1. Check if user exists
+        res = service_supabase.table('sp_users').select('id').eq('email', reset_request.email).execute()
+        if not res.data or len(res.data) == 0:
+            raise HTTPException(
+                status_code=status.HTTP_404_NOT_FOUND,
+                detail="此邮箱未注册。"
+            )
+        user_id = res.data[0]['id']
+
+        # 2. Verify the provided verification code
+        if not verify_stored_code(reset_request.email, reset_request.verification_code, prefix="reset_"):
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="验证码不正确或已过期。"
+            )
+
+        # 3. Hash the new password
+        hashed_password = get_password_hash(reset_request.new_password)
+        
+        # 4. Update user's password in sp_users table
+        data, count = service_supabase.table('sp_users').update({'password_hash': hashed_password}).eq('id', user_id).execute()
+
+        if data:
+            return {"message": "密码重置成功！请使用新密码登录。"}
+        else:
+            raise HTTPException(
+                status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+                detail="密码重置失败，无法更新密码。请联系管理员。"
+            )
+    except HTTPException:
+        raise
+    except Exception as e:
+        print(f"Error in reset_password_with_code: {e}")
+        raise HTTPException(status_code=status.HTTP_500_INTERNAL_SERVER_ERROR, detail=str(e))

routes/proxies.py

@@ -0,0 +1,21 @@
+from fastapi import APIRouter, HTTPException, Depends, status
+from supabase import Client
+
+from core.config import SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY
+from core.models import User
+from core.dependencies import get_current_active_user, get_supabase_client # Import get_supabase_client
+
+router = APIRouter()
+
+@router.get("/")
+async def get_proxies(
+    current_user: User = Depends(get_current_active_user),
+    supabase_client: Client = Depends(get_supabase_client) # Inject Supabase client
+):
+    try:
+        # Example: Fetch active proxies from Supabase for the authenticated user
+        # You might filter by user_id if your 'sp_proxies' table has a user_id column
+        res = supabase_client.table('sp_proxies').select('*').eq('is_active', True).execute()
+        return res.data
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))

static/admin.html

@@ -0,0 +1,224 @@
+<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>SP Website - 后台管理</title>
+    <!-- Bootstrap 5.3 CSS CDN -->
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+    <!-- Font Awesome CDN for icons -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
+    <!-- Custom CSS -->
+    <link rel="stylesheet" href="/static/style.css">
+</head>
+<body>
+    <div id="app">
+        <nav class="navbar navbar-expand-lg navbar-light bg-light fixed-top">
+            <div class="container-fluid">
+                <a class="navbar-brand d-flex align-items-center" href="/">
+                    <img src="/static/images/ShareAPI.png" alt="API Router Logo" width="30" height="30" class="d-inline-block align-text-top me-2">
+                    <span class="fw-bold fs-5">API Router</span>
+                </a>
+                <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
+                    <span class="navbar-toggler-icon"></span>
+                </button>
+                <div class="collapse navbar-collapse" id="navbarNav">
+                    <ul class="navbar-nav me-auto mb-2 mb-lg-0">
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-comment-dots me-1"></i> 聊天
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-key me-1"></i> 令牌
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-shopping-cart me-1"></i> 充值
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-chart-bar me-1"></i> 总览
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-file-alt me-1"></i> 日志
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-cog me-1"></i> 设置
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#" @click="showUserManagement = true; showImageUpload = false;">
+                                <i class="fas fa-users-cog me-1"></i> 用户管理
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-info-circle me-1"></i> 关于
+                            </a>
+                        </li>
+                    </ul>
+                    <ul class="navbar-nav ms-auto mb-2 mb-lg-0">
+                        <li class="nav-item dropdown">
+                            <a class="nav-link dropdown-toggle d-flex align-items-center me-3" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
+                                <i class="fas fa-font me-1"></i> A|文
+                            </a>
+                            <ul class="dropdown-menu" aria-labelledby="navbarDropdown">
+                                <li><a class="dropdown-item" href="#">中文</a></li>
+                                <li><a class="dropdown-item" href="#">English</a></li>
+                            </ul>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center" href="/login">
+                                <i class="fas fa-user me-1"></i> 登录
+                            </a>
+                        </li>
+                    </ul>
+                </div>
+            </div>
+        </nav>
+
+        <div class="container mt-5 pt-5">
+            <h2 class="mb-4">后台管理</h2>
+
+            <div class="card shadow-sm p-4 mb-4" v-if="showImageUpload">
+                <h4 class="mb-3">图片上传</h4>
+                <form @submit.prevent="uploadImage" enctype="multipart/form-data">
+                    <div class="mb-3">
+                        <label for="imageUpload" class="form-label">选择图片文件</label>
+                        <input class="form-control" type="file" id="imageUpload" @change="handleFileUpload" required>
+                    </div>
+                    <button type="submit" class="btn btn-primary" :disabled="isUploading">
+                        <span v-if="isUploading" class="spinner-border spinner-border-sm" role="status" aria-hidden="true"></span>
+                        {{ isUploading ? '上传中...' : '上传图片' }}
+                    </button>
+                </form>
+                <p v-if="uploadMessage" class="mt-3 text-info">{{ uploadMessage }}</p>
+                <div v-if="uploadedImageUrl" class="mt-3">
+                    <h5>上传的图片:</h5>
+                    <img :src="uploadedImageUrl" alt="Uploaded Image" class="img-fluid" style="max-width: 300px;">
+                    <p class="mt-2">URL: <a :href="uploadedImageUrl" target="_blank">{{ uploadedImageUrl }}</a></p>
+                </div>
+            </div>
+
+            <!-- 用户管理模块 -->
+            <div class="card shadow-sm p-4 mb-4" v-if="showUserManagement">
+                <h4 class="mb-3">用户管理</h4>
+                <div class="input-group mb-3">
+                    <input type="text" class="form-control" placeholder="按邮箱搜索用户" v-model="userSearchQuery" @keyup.enter="fetchUsers">
+                    <button class="btn btn-outline-secondary" type="button" @click="fetchUsers">搜索</button>
+                </div>
+                <div class="table-responsive">
+                    <table class="table table-striped table-hover">
+                        <thead>
+                            <tr>
+                                <th>ID</th>
+                                <th>邮箱</th>
+                                <th>已验证</th>
+                                <th>管理员</th>
+                                <th>禁用</th> <!-- Add new column header -->
+                                <th>创建时间</th>
+                                <th>操作</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            <tr v-for="user in users" :key="user.id">
+                                <td>{{ user.id }}</td>
+                                <td>{{ user.email }}</td>
+                                <td>
+                                    <span v-if="user.email_verified" class="badge bg-success">是</span>
+                                    <span v-else class="badge bg-danger">否</span>
+                                </td>
+                                <td>
+                                    <span v-if="user.is_admin" class="badge bg-primary">是</span>
+                                    <span v-else class="badge bg-secondary">否</span>
+                                </td>
+                                <td>
+                                    <span v-if="user.disabled" class="badge bg-warning">是</span> <!-- Display disabled status -->
+                                    <span v-else class="badge bg-success">否</span>
+                                </td>
+                                <td>{{ new Date(user.created_at).toLocaleString() }}</td>
+                                <td>
+                                    <button class="btn btn-sm btn-info me-2" @click="editUser(user)">编辑</button>
+                                    <button class="btn btn-sm btn-danger" @click="deleteUser(user.id)">删除</button>
+                                </td>
+                            </tr>
+                        </tbody>
+                    </table>
+                </div>
+                <nav aria-label="User pagination" v-if="totalPages > 1">
+                    <ul class="pagination justify-content-center">
+                        <li class="page-item" :class="{ disabled: currentPage === 1 }">
+                            <a class="page-link" href="#" @click.prevent="changePage(currentPage - 1)">上一页</a>
+                        </li>
+                        <li class="page-item" v-for="pageNumber in totalPages" :key="pageNumber" :class="{ active: pageNumber === currentPage }">
+                            <a class="page-link" href="#" @click.prevent="changePage(pageNumber)">{{ pageNumber }}</a>
+                        </li>
+                        <li class="page-item" :class="{ disabled: currentPage === totalPages }">
+                            <a class="page-link" href="#" @click.prevent="changePage(currentPage + 1)">下一页</a>
+                        </li>
+                    </ul>
+                </nav>
+                <p v-if="userMessage" class="mt-3 text-info">{{ userMessage }}</p>
+            </div>
+
+            <!-- 编辑用户模态框 -->
+            <div class="modal fade" id="editUserModal" tabindex="-1" aria-labelledby="editUserModalLabel" aria-hidden="true">
+                <div class="modal-dialog">
+                    <div class="modal-content">
+                        <div class="modal-header">
+                            <h5 class="modal-title" id="editUserModalLabel">编辑用户</h5>
+                            <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+                        </div>
+                        <div class="modal-body">
+                            <form @submit.prevent="saveUserChanges">
+                                <div class="mb-3">
+                                    <label for="editUserEmail" class="form-label">邮箱</label>
+                                    <input type="email" class="form-control" id="editUserEmail" v-model="editingUser.email" required>
+                                </div>
+                                <div class="mb-3">
+                                    <label for="editUserPassword" class="form-label">新密码 (留空则不修改)</label>
+                                    <input type="password" class="form-control" id="editUserPassword" v-model="editingUser.password">
+                                </div>
+                                <div class="mb-3 form-check">
+                                    <input type="checkbox" class="form-check-input" id="editEmailVerified" v-model="editingUser.email_verified">
+                                    <label class="form-check-label" for="editEmailVerified">邮箱已验证</label>
+                                </div>
+                                <div class="mb-3 form-check">
+                                    <input type="checkbox" class="form-check-input" id="editIsAdmin" v-model="editingUser.is_admin">
+                                    <label class="form-check-label" for="editIsAdmin">管理员</label>
+                                </div>
+                                <div class="mb-3 form-check">
+                                    <input type="checkbox" class="form-check-input" id="editIsDisabled" v-model="editingUser.disabled">
+                                    <label class="form-check-label" for="editIsDisabled">禁用</label>
+                                </div>
+                                <button type="submit" class="btn btn-primary" :disabled="isSavingUser">
+                                    <span v-if="isSavingUser" class="spinner-border spinner-border-sm" role="status" aria-hidden="true"></span>
+                                    {{ isSavingUser ? '保存中...' : '保存更改' }}
+                                </button>
+                            </form>
+                        </div>
+                    </div>
+                </div>
+            </div>
+
+        </div>
+
+        <footer class="footer text-center py-3 mt-auto">
+            <p class="mb-0 text-muted">API Router v0.6.11-preview.6 由 JustSong 构建，源代码遵循 <a href="#" class="text-decoration-none">MIT 协议</a></p>
+        </footer>
+    </div>
+
+    <!-- Vue 3 CDN -->
+    <script src="https://cdn.jsdelivr.net/npm/vue@3/dist/vue.global.prod.js"></script>
+    <!-- Bootstrap 5.3 JS CDN -->
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
+    <!-- Custom Vue.js App Logic -->
+    <script type="module" src="/static/js/admin.js"></script>

static/app.js

@@ -0,0 +1,28 @@
+// static/app.js
+import { authData, authMethods, authMounted } from './js/auth.js';
+import { proxyData, proxyMethods } from './js/proxy.js';
+import { appData, appComputed, appMethods, appMounted } from './js/store.js';
+
+const app = Vue.createApp({
+    data() {
+        return {
+            ...appData(),
+            ...authData(),
+            ...proxyData(),
+        };
+    },
+    computed: {
+        ...appComputed,
+    },
+    methods: {
+        ...appMethods(),
+        ...authMethods(this), // Pass 'this' (app instance) if methods need access to other parts of the app
+        ...proxyMethods(),
+    },
+    mounted() {
+        appMounted(this); // Pass 'this' (app instance) to mounted logic
+        authMounted(this); // Pass 'this' (app instance) to auth mounted logic
+    }
+});
+
+app.mount('#app');

static/index.html

@@ -0,0 +1,125 @@
+<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>API Router</title>
+    <!-- Bootstrap 5.3 CSS CDN -->
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+    <!-- Font Awesome for icons -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
+    <!-- Custom CSS -->
+    <link rel="stylesheet" href="/static/style.css">
+</head>
+<body>
+    <div id="app">
+        <nav class="navbar navbar-expand-lg navbar-light bg-light fixed-top">
+            <div class="container-fluid">
+                <a class="navbar-brand d-flex align-items-center" href="/">
+                    <img src="/static/images/ShareAPI.png" alt="API Router Logo" width="30" height="30" class="d-inline-block align-text-top me-2">
+                    <span class="fw-bold fs-5"></span>API Router</span>
+                </a>
+                <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
+                    <span class="navbar-toggler-icon"></span>
+                </button>
+                <div class="collapse navbar-collapse" id="navbarNav">
+                    <ul class="navbar-nav me-auto mb-2 mb-lg-0">
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-comment-dots me-1"></i> 聊天
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-key me-1"></i> 令牌
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-shopping-cart me-1"></i> 充值
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-chart-bar me-1"></i> 总览
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-file-alt me-1"></i> 日志
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-cog me-1"></i> 设置
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-info-circle me-1"></i> 关于
+                            </a>
+                        </li>
+                    </ul>
+                    <ul class="navbar-nav ms-auto mb-2 mb-lg-0">
+                        <li class="nav-item dropdown">
+                            <a class="nav-link dropdown-toggle d-flex align-items-center me-3" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
+                                <i class="fas fa-font me-1"></i> A|文
+                            </a>
+                            <ul class="dropdown-menu" aria-labelledby="navbarDropdown">
+                                <li><a class="dropdown-item" href="#">中文</a></li>
+                                <li><a class="dropdown-item" href="#">English</a></li>
+                            </ul>
+                        </li>
+                        <li class="nav-item dropdown" v-if="isLoggedIn">
+                            <a class="nav-link dropdown-toggle d-flex align-items-center me-3" href="#" id="userDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
+                                <i class="fas fa-user me-1"></i> {{ userEmail }}
+                            </a>
+                            <ul class="dropdown-menu" aria-labelledby="userDropdown">
+                                <li><a class="dropdown-item" href="#" @click="showChangePasswordModal = true">修改密码</a></li>
+                                <li><hr class="dropdown-divider"></li>
+                                <li><a class="dropdown-item" href="#" @click="logout">登出</a></li>
+                            </ul>
+                        </li>
+                        <li class="nav-item" v-else>
+                            <a class="nav-link d-flex align-items-center" href="/login">
+                                <i class="fas fa-user me-1"></i> 登录
+                            </a>
+                        </li>
+                    </ul>
+                </div>
+            </div>
+        </nav>
+
+        <div class="container-fluid hero-section text-center d-flex align-items-center justify-content-center">
+            <div class="row justify-content-center">
+                <div class="col-lg-8 col-md-10">
+                    <h1 class="display-3 fw-bold mb-4 hero-title">API Router</h1>
+                    <p class="lead mb-5 hero-description">
+                        一个 LLM API 接口管理和分发系统，可以帮助您更好地管理和使用各大厂商的 LLM API。
+                    </p>
+                    <div class="d-grid gap-3 d-sm-flex justify-content-sm-center">
+                        <template v-if="!isLoggedIn">
+                            <a class="btn btn-primary btn-lg px-4 me-sm-3" href="/login">登录</a>
+                            <a class="btn btn-outline-secondary btn-lg px-4" href="/signup">注册</a>
+                        </template>
+                        <template v-else>
+                            <a class="btn btn-primary btn-lg px-4 me-sm-3" href="#">开始使用</a>
+                        </template>
+                    </div>
+                </div>
+            </div>
+        </div>
+
+        <footer class="footer text-center py-3 mt-auto">
+            <p class="mb-0 text-muted">API Router v0.6.11-preview.6 由 JustSong 构建，源代码遵循 <a href="#" class="text-decoration-none">MIT 协议</a></p>
+        </footer>
+    </div>
+
+    <!-- Vue 3 CDN -->
+    <script src="https://cdn.jsdelivr.net/npm/vue@3/dist/vue.global.prod.js"></script>
+    <!-- Bootstrap 5.3 JS CDN -->
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
+    <!-- Custom Vue.js App Logic -->
+    <script type="module" src="/static/app.js"></script>
+</body>
+</html>

static/js/admin.js

@@ -0,0 +1,218 @@
+// static/js/admin.js
+// static/js/admin.js
+// Vue 3 CDN 版本将 createApp 暴露在全局 Vue 对象下
+const { createApp } = Vue; 
+
+import { authData, authMethods, authMounted } from './auth.js';
+import { proxyData, proxyMethods } from './proxy.js';
+import { appData, appMethods, appMounted } from './store.js'; // Corrected import names
+
+const app = createApp({
+    data() {
+        return {
+            ...authData(),
+            ...proxyData(),
+            ...appData(), // Corrected data spread
+            selectedFile: null,
+            isUploading: false,
+            uploadMessage: '',
+            uploadedImageUrl: '',
+            showImageUpload: true, // 控制图片上传模块的显示
+            showUserManagement: false, // 控制用户管理模块的显示
+
+            // 用户管理相关数据
+            users: [],
+            userSearchQuery: '',
+            currentPage: 1,
+            pageSize: 10,
+            totalUsers: 0,
+            totalPages: 0,
+            userMessage: '',
+            editingUser: {
+                id: null,
+                email: '',
+                password: '',
+                email_verified: false,
+                is_admin: false
+            },
+            isSavingUser: false,
+            editUserModal: null // Bootstrap Modal instance
+        };
+    },
+    methods: {
+        ...authMethods(this),
+        ...proxyMethods(),
+        ...appMethods(this), // Corrected methods spread
+        handleFileUpload(event) {
+            this.selectedFile = event.target.files[0];
+        },
+        async uploadImage() {
+            if (!this.selectedFile) {
+                this.uploadMessage = '请选择一个文件。';
+                return;
+            }
+
+            this.isUploading = true;
+            this.uploadMessage = '';
+            this.uploadedImageUrl = '';
+
+            const formData = new FormData();
+            formData.append('file', this.selectedFile);
+
+            try {
+                const token = localStorage.getItem('access_token');
+                const response = await fetch('/api/admin/upload-image', {
+                    method: 'POST',
+                    headers: {
+                        'Authorization': `Bearer ${token}`
+                    },
+                    body: formData
+                });
+                const data = await response.json();
+
+                if (response.ok) {
+                    this.uploadMessage = data.message || '图片上传成功！';
+                    this.uploadedImageUrl = data.path;
+                    // 清空文件输入框
+                    document.getElementById('imageUpload').value = '';
+                    this.selectedFile = null;
+                } else {
+                    this.uploadMessage = data.detail || '图片上传失败。';
+                }
+            } catch (error) {
+                this.uploadMessage = '网络错误或服务器无响应。';
+                console.error('图片上传错误:', error);
+            } finally {
+                this.isUploading = false;
+            }
+        },
+        async fetchUsers() {
+            this.userMessage = '加载用户中...';
+            try {
+                const token = localStorage.getItem('access_token');
+                let url = `/api/admin/users?page=${this.currentPage}&page_size=${this.pageSize}`;
+                if (this.userSearchQuery) {
+                    url += `&search=${encodeURIComponent(this.userSearchQuery)}`;
+                }
+                const response = await fetch(url, {
+                    headers: {
+                        'Authorization': `Bearer ${token}`
+                    }
+                });
+                const responseData = await response.json();
+
+                if (response.ok) {
+                    this.users = responseData.users;
+                    this.totalUsers = responseData.total_count;
+                    this.totalPages = Math.ceil(this.totalUsers / this.pageSize);
+                    this.userMessage = '';
+                    console.log('Fetched users successfully. totalUsers:', this.totalUsers, 'totalPages:', this.totalPages); // Add log
+                } else {
+                    this.userMessage = responseData.detail || '获取用户失败。';
+                }
+            } catch (error) {
+                this.userMessage = '网络错误或服务器无响应。';
+                console.error('获取用户错误:', error);
+            }
+        },
+        changePage(pageNumber) {
+            if (pageNumber > 0 && pageNumber <= this.totalPages) {
+                this.currentPage = pageNumber;
+                this.fetchUsers();
+            }
+        },
+        editUser(user) {
+            this.editingUser = { ...user, password: '' }; // Clear password field for security
+            this.editUserModal.show();
+        },
+        async saveUserChanges() {
+            this.isSavingUser = true;
+            this.userMessage = '';
+            try {
+                const token = localStorage.getItem('access_token');
+                const updatePayload = {
+                    email: this.editingUser.email,
+                    email_verified: this.editingUser.email_verified,
+                    is_admin: this.editingUser.is_admin
+                };
+                if (this.editingUser.password) {
+                    updatePayload.password = this.editingUser.password;
+                }
+
+                const response = await fetch(`/api/admin/users/${this.editingUser.id}`, {
+                    method: 'PUT',
+                    headers: {
+                        'Content-Type': 'application/json',
+                        'Authorization': `Bearer ${token}`
+                    },
+                    body: JSON.stringify(updatePayload)
+                });
+                const data = await response.json();
+
+                if (response.ok) {
+                    this.userMessage = '用户更新成功！';
+                    this.fetchUsers(); // Refresh user list
+                    this.editUserModal.hide();
+                } else {
+                    this.userMessage = data.detail || '用户更新失败。';
+                }
+            } catch (error) {
+                this.userMessage = '网络错误或服务器无响应。';
+                console.error('更新用户错误:', error);
+            } finally {
+                this.isSavingUser = false;
+            }
+        },
+        async deleteUser(userId) {
+            if (!confirm('确定要删除此用户吗？此操作不可逆！')) {
+                return;
+            }
+            this.userMessage = '删除用户中...';
+            try {
+                const token = localStorage.getItem('access_token');
+                const response = await fetch(`/api/admin/users/${userId}`, {
+                    method: 'DELETE',
+                    headers: {
+                        'Authorization': `Bearer ${token}`
+                    }
+                });
+
+                if (response.ok) {
+                    this.userMessage = '用户删除成功！';
+                    this.fetchUsers(); // Refresh user list
+                } else {
+                    const data = await response.json();
+                    this.userMessage = data.detail || '用户删除失败。';
+                }
+            } catch (error) {
+                this.userMessage = '网络错误或服务器无响应。';
+                console.error('删除用户错误:', error);
+            }
+        }
+    },
+    mounted() {
+        authMounted(this);
+        // proxyMounted(this); // Removed proxyMounted call
+        appMounted(this); // Corrected mounted call
+        console.log('Admin app mounted!');
+        console.log('Initial totalPages:', this.totalPages); // Add log
+
+        // Initialize Bootstrap Modal
+        this.editUserModal = new bootstrap.Modal(document.getElementById('editUserModal'));
+
+        // Fetch users when the user management tab is active
+        if (this.showUserManagement) {
+            this.fetchUsers();
+        }
+    },
+    watch: {
+        showUserManagement(newValue) {
+            if (newValue) {
+                this.fetchUsers();
+            }
+        }
+    }
+});
+
+app.mount('#app');
+console.log('Vue app successfully mounted to #app element.'); // Add this log

static/js/auth.js

@@ -0,0 +1,409 @@
+// static/js/auth.js
+export const authData = () => ({
+    isLoggedIn: false,
+    userEmail: '',
+    signupForm: {
+        email: '',
+        password: '',
+        verificationCode: ''
+    },
+    isSendingCode: false,
+    countdown: 60,
+    verificationCodeMessage: '',
+    loginForm: {
+        email: '',
+        password: ''
+    },
+    signupMessage: '',
+    authMessage: '', // Combined message for login and forgot password
+    showChangePasswordModal: false,
+    changePasswordForm: {
+        newPassword: '',
+        confirmPassword: ''
+    },
+    changePasswordMessage: '',
+    resetPasswordForm: {
+        email: '',
+        verificationCode: '', // Add verification code field for reset password
+        newPassword: '',
+        confirmPassword: ''
+    },
+    resetPasswordMessage: ''
+});
+
+export const authMethods = (app) => ({
+    resetPasswordLink() {
+        const email = this.loginForm.email;
+        if (email) {
+            return `/reset-password?email=${encodeURIComponent(email)}`;
+        }
+        return '/reset-password';
+    },
+    async sendVerificationCode() {
+        console.log('sendVerificationCode method triggered.');
+        console.log('Current email:', this.signupForm.email);
+        this.verificationCodeMessage = '';
+        // 更严格的邮箱格式校验
+        const emailRegex = /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/;
+        if (!this.signupForm.email || !emailRegex.test(this.signupForm.email)) {
+            this.verificationCodeMessage = '请输入有效的邮箱地址。';
+            console.log('Invalid email format.');
+            return;
+        }
+
+        this.isSendingCode = true;
+        let timer = setInterval(() => {
+            if (this.countdown > 0) {
+                this.countdown--;
+            } else {
+                clearInterval(timer);
+                this.isSendingCode = false;
+                this.countdown = 60;
+            }
+        }, 1000);
+
+        try {
+            const response = await fetch('/api/auth/send-verification-code', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json'
+                },
+                body: JSON.stringify({ email: this.signupForm.email })
+            });
+            const data = await response.json();
+            if (response.ok) {
+                this.verificationCodeMessage = data.message || '验证码已发送，请检查您的邮箱。';
+            } else {
+                this.verificationCodeMessage = data.detail || data.message || '发送验证码失败。';
+                // 如果发送失败，立即停止倒计时并重置按钮
+                clearInterval(timer);
+                this.isSendingCode = false;
+                this.countdown = 60;
+            }
+        } catch (error) {
+            this.verificationCodeMessage = '网络错误或服务器无响应。';
+            console.error('Send verification code error:', error);
+            // 如果网络错误，立即停止倒计时并重置按钮
+            clearInterval(timer);
+            this.isSendingCode = false;
+            this.countdown = 60;
+        }
+    },
+    async sendResetVerificationCode() {
+        console.log('sendResetVerificationCode method triggered.');
+        console.log('Current email for reset:', this.resetPasswordForm.email);
+        this.resetPasswordMessage = ''; // Clear previous messages
+        const emailRegex = /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/;
+        if (!this.resetPasswordForm.email || !emailRegex.test(this.resetPasswordForm.email)) {
+            this.resetPasswordMessage = '请输入有效的邮箱地址。';
+            console.log('Invalid email format for reset.');
+            return;
+        }
+
+        this.isSendingCode = true;
+        let timer = setInterval(() => {
+            if (this.countdown > 0) {
+                this.countdown--;
+            } else {
+                clearInterval(timer);
+                this.isSendingCode = false;
+                this.countdown = 60;
+            }
+        }, 1000);
+
+        try {
+            const response = await fetch('/api/auth/send-reset-password-code', { // New API endpoint for reset password code
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json'
+                },
+                body: JSON.stringify({ email: this.resetPasswordForm.email })
+            });
+            const data = await response.json();
+            if (response.ok) {
+                this.resetPasswordMessage = data.message || '重置密码验证码已发送，请检查您的邮箱。';
+            } else {
+                this.resetPasswordMessage = data.detail || data.message || '发送重置密码验证码失败。';
+                clearInterval(timer);
+                this.isSendingCode = false;
+                this.countdown = 60;
+            }
+        } catch (error) {
+            this.resetPasswordMessage = '网络错误或服务器无响应。';
+            console.error('Send reset verification code error:', error);
+            clearInterval(timer);
+            this.isSendingCode = false;
+            this.countdown = 60;
+        }
+    },
+    async signup() {
+        this.signupMessage = '';
+        this.verificationCodeMessage = ''; // Clear verification code message on signup attempt
+        try {
+            const response = await fetch('/api/auth/signup', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json'
+                },
+                body: JSON.stringify({
+                    email: this.signupForm.email,
+                    password: this.signupForm.password,
+                    verification_code: this.signupForm.verificationCode || '' // Ensure verification_code is always sent
+                })
+            });
+            const data = await response.json();
+            if (response.ok) {
+                this.signupMessage = '注册成功！请登录。';
+                this.signupForm.email = '';
+                this.signupForm.password = '';
+                this.signupForm.verificationCode = ''; // Clear verification code
+            } else {
+                this.signupMessage = data.detail || '注册失败。';
+            }
+        } catch (error) {
+            this.signupMessage = '网络错误或服务器无响应。';
+            console.error('Signup error:', error);
+        }
+    },
+    async login() {
+        this.authMessage = ''; // Clear previous messages
+        try {
+            const response = await fetch('/api/auth/login', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json'
+                },
+                body: JSON.stringify(this.loginForm)
+            });
+            const data = await response.json();
+            if (response.ok) {
+                localStorage.setItem('access_token', data.access_token);
+                this.isLoggedIn = true;
+                this.loginForm.email = '';
+                this.loginForm.password = '';
+                this.authMessage = '登录成功！'; // Use authMessage
+                await this.fetchUserEmail(); // Fetch user email after successful login
+                this.fetchProxies();
+                if (window.location.pathname === '/login') {
+                    window.location.href = '/';
+                }
+            } else {
+                this.authMessage = data.detail || '登录失败。'; // Use authMessage
+            }
+        } catch (error) {
+            if (error instanceof TypeError && error.message === 'Failed to fetch') {
+                this.authMessage = '网络错误或服务器无响应。'; // Use authMessage
+            } else {
+                this.authMessage = '邮箱或密码错误。请重新输入！'; // Use authMessage
+            }
+            console.error('Login error:', error);
+        }
+    },
+    logout() {
+        localStorage.removeItem('access_token');
+        this.isLoggedIn = false;
+        this.userEmail = '';
+        this.proxies = [];
+        this.authMessage = '已退出登录。'; // Use authMessage
+        // 只有在非登录页面才重定向到登录页
+        if (window.location.pathname !== '/login') {
+            window.location.href = '/login';
+        }
+    },
+    async forgotPassword() {
+        const email = this.loginForm.email;
+        let redirectUrl = '/reset-password';
+        if (email) {
+            redirectUrl += `?email=${encodeURIComponent(email)}`;
+        }
+        window.location.href = redirectUrl;
+    },
+    async fetchUserEmail() {
+        const token = localStorage.getItem('access_token');
+        if (!token) {
+            this.userEmail = '';
+            return;
+        }
+        try {
+            const response = await fetch('/api/user/me', {
+                headers: {
+                    'Authorization': `Bearer ${token}`
+                }
+            });
+            const data = await response.json();
+            if (response.ok) {
+                this.userEmail = data.email;
+            } else {
+                console.error('Error fetching user email:', data.detail);
+                this.userEmail = '未知用户';
+                if (response.status === 401) {
+                    this.logout();
+                }
+            }
+        } catch (error) {
+            console.error('Error fetching user email:', error);
+            this.userEmail = '未知用户';
+        }
+    },
+    checkLoginStatus() {
+        const token = localStorage.getItem('access_token');
+        if (token) {
+            this.isLoggedIn = true;
+            this.fetchUserEmail();
+            // 只有在登录页面才重定向到首页
+            if (window.location.pathname === '/login') {
+                window.location.href = '/';
+            }
+        } else {
+            this.isLoggedIn = false;
+            this.userEmail = '';
+            // 如果在首页，不强制重定向到登录页
+            // 如果在需要登录的页面（如 /dashboard 或其他受保护路由），则重定向到登录页
+            // 目前只处理 /login 页面，其他页面需要后端或路由守卫处理
+        }
+    },
+    async changePassword() {
+        this.changePasswordMessage = '';
+        if (this.changePasswordForm.newPassword !== this.changePasswordForm.confirmPassword) {
+            this.changePasswordMessage = '两次输入的密码不一致。';
+            return;
+        }
+        const token = localStorage.getItem('access_token');
+        if (!token) {
+            this.changePasswordMessage = '未登录，请先登录。';
+            return;
+        }
+
+        try {
+            const response = await fetch('/api/auth/change-password', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    'Authorization': `Bearer ${token}`
+                },
+                body: JSON.stringify({ new_password: this.changePasswordForm.newPassword })
+            });
+            const data = await response.json();
+            if (response.ok) {
+                this.changePasswordMessage = '密码修改成功！请重新登录。';
+                this.showChangePasswordModal = false;
+                this.changePasswordForm.newPassword = '';
+                this.changePasswordForm.confirmPassword = '';
+                this.logout();
+            } else {
+                this.changePasswordMessage = data.detail || '密码修改失败。';
+            }
+        } catch (error) {
+            this.changePasswordMessage = '网络错误或服务器无响应。';
+            console.error('Change password error:', error);
+        }
+    },
+    async resetPassword() {
+        this.resetPasswordMessage = '';
+        if (this.resetPasswordForm.newPassword !== this.resetPasswordForm.confirmPassword) {
+            this.resetPasswordMessage = '两次输入的密码不一致。';
+            return;
+        }
+
+        const urlQueryParams = new URLSearchParams(window.location.search);
+        const resetToken = urlQueryParams.get('token');
+
+        if (!resetToken) {
+            this.resetPasswordMessage = '缺少重置密码所需的令牌。';
+            return;
+        }
+
+        // 清除URL中的token，避免泄露
+        const newUrl = window.location.pathname + window.location.hash;
+        history.replaceState(null, '', newUrl);
+
+        try {
+            const response = await fetch('/api/auth/change-password', {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json'
+                },
+                body: JSON.stringify({ 
+                    new_password: this.resetPasswordForm.newPassword,
+                    reset_token: resetToken 
+                })
+            });
+            const data = await response.json();
+            if (response.ok) {
+                this.resetPasswordMessage = '密码重置成功！请使用新密码登录。';
+                this.resetPasswordForm.newPassword = '';
+                this.resetPasswordForm.confirmPassword = '';
+                window.location.href = '/login';
+            } else {
+                this.resetPasswordMessage = data.detail || '密码重置失败。';
+            }
+        } catch (error) {
+            this.resetPasswordMessage = '网络错误或服务器无响应。';
+            console.error('Reset password error:', error);
+        }
+    },
+    async resetPasswordWithCode() {
+        this.resetPasswordMessage = '';
+        if (this.resetPasswordForm.newPassword !== this.resetPasswordForm.confirmPassword) {
+            this.resetPasswordMessage = '两次输入的密码不一致。';
+            return;
+        }
+        if (!this.resetPasswordForm.email || !this.resetPasswordForm.verificationCode) {
+            this.resetPasswordMessage = '邮箱和验证码不能为空。';
+            return;
+        }
+
+        try {
+            const response = await fetch('/api/auth/reset-password-with-code', { // New API endpoint
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json'
+                },
+                body: JSON.stringify({
+                    email: this.resetPasswordForm.email,
+                    verification_code: this.resetPasswordForm.verificationCode,
+                    new_password: this.resetPasswordForm.newPassword
+                })
+            });
+            const data = await response.json();
+            if (response.ok) {
+                this.resetPasswordMessage = '密码重置成功！请使用新密码登录。';
+                this.resetPasswordForm.email = '';
+                this.resetPasswordForm.verificationCode = '';
+                this.resetPasswordForm.newPassword = '';
+                this.resetPasswordForm.confirmPassword = '';
+                window.location.href = '/login';
+            } else {
+                this.resetPasswordMessage = data.detail || '密码重置失败。';
+            }
+        } catch (error) {
+            this.resetPasswordMessage = '网络错误或服务器无响应。';
+            console.error('Reset password with code error:', error);
+        }
+    }
+});
+
+export const authMounted = (app) => {
+    app.checkLoginStatus(); // 在应用挂载时检查登录状态
+    // Check if it's the reset-password page and handle token
+    if (window.location.pathname === '/reset-password') {
+        console.log('Current URL:', window.location.href);
+        const urlQueryParams = new URLSearchParams(window.location.search);
+        // const resetToken = urlQueryParams.get('token'); // Remove token check
+        const emailParam = urlQueryParams.get('email');
+
+        if (emailParam) {
+            app.resetPasswordForm.email = emailParam;
+            console.log('Mounted: Email param found and pre-filled:', emailParam);
+        }
+
+        // Remove token-related logic
+        // if (resetToken) {
+        //     console.log('Mounted: Valid reset token found. Clearing URL query param.');
+        //     const newUrl = window.location.pathname + (emailParam ? `?email=${encodeURIComponent(emailParam)}` : '') + window.location.hash;
+        //     history.replaceState(null, '', newUrl);
+        // } else {
+        //     console.warn('Mounted: No valid reset token found for reset password page.');
+        // }
+    }
+};

static/js/proxy.js

@@ -0,0 +1,35 @@
+// static/js/proxy.js
+export const proxyData = () => ({
+    proxies: [],
+});
+
+export const proxyMethods = () => ({
+    async fetchProxies() {
+        if (!this.isLoggedIn) { // Assuming isLoggedIn is available in the main app
+            this.proxies = [];
+            return;
+        }
+        const token = localStorage.getItem('access_token');
+        try {
+            const response = await fetch('/api/proxies', {
+                headers: {
+                    'Authorization': `Bearer ${token}`
+                }
+            });
+            const data = await response.json();
+            if (response.ok) {
+                this.proxies = data;
+                console.log('Fetched proxies:', data);
+            } else {
+                console.error('Error fetching proxies:', data.detail);
+                this.proxies = [];
+                if (response.status === 401) {
+                    this.logout(); // Assuming logout is available in the main app
+                }
+            }
+        } catch (error) {
+            console.error('Error fetching proxies:', error);
+            this.proxies = [];
+        }
+    }
+});

static/js/store.js

@@ -0,0 +1,23 @@
+// static/js/store.js
+export const appData = () => ({
+    message: 'Hello Vue 3!',
+    isLoggedIn: false,
+    userEmail: '',
+});
+
+export const appComputed = {
+    reversedMessage() {
+        return this.message.split('').reverse().join('');
+    }
+};
+
+export const appMethods = () => ({
+    reverseMessage() {
+        this.message = this.message.split('').reverse().join('');
+    },
+});
+
+export const appMounted = (app) => {
+    console.log('Vue app mounted!');
+    app.checkLoginStatus(); // Assuming checkLoginStatus is available in the main app
+};

static/login.html

@@ -0,0 +1,129 @@
+<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>登录</title>
+    <!-- Bootstrap 5.3 CSS CDN -->
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+    <!-- Font Awesome for icons -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
+    <!-- Custom CSS -->
+    <link rel="stylesheet" href="/static/style.css">
+</head>
+<body>
+    <div id="app">
+        <nav class="navbar navbar-expand-lg navbar-light bg-light fixed-top">
+            <div class="container-fluid">
+                <a class="navbar-brand d-flex align-items-center" href="/">
+                    <img src="/static/images/ShareAPI.png" alt="API Router Logo" width="30" height="30" class="d-inline-block align-text-top me-2">
+                    <span class="fw-bold fs-5">API Router</span>
+                </a>
+                <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
+                    <span class="navbar-toggler-icon"></span>
+                </button>
+                <div class="collapse navbar-collapse" id="navbarNav">
+                    <ul class="navbar-nav me-auto mb-2 mb-lg-0">
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-comment-dots me-1"></i> 聊天
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-key me-1"></i> 令牌
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-shopping-cart me-1"></i> 充值
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-chart-bar me-1"></i> 总览
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-file-alt me-1"></i> 日志
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-cog me-1"></i> 设置
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-info-circle me-1"></i> 关于
+                            </a>
+                        </li>
+                    </ul>
+                    <ul class="navbar-nav ms-auto mb-2 mb-lg-0">
+                        <li class="nav-item dropdown">
+                            <a class="nav-link dropdown-toggle d-flex align-items-center me-3" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
+                                <i class="fas fa-font me-1"></i> A|文
+                            </a>
+                            <ul class="dropdown-menu" aria-labelledby="navbarDropdown">
+                                <li><a class="dropdown-item" href="#">中文</a></li>
+                                <li><a class="dropdown-item" href="#">English</a></li>
+                            </ul>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center" href="/login">
+                                <i class="fas fa-user me-1"></i> 登录
+                            </a>
+                        </li>
+                    </ul>
+                </div>
+            </div>
+        </nav>
+
+        <div class="auth-container d-flex justify-content-center align-items-center">
+            <div class="login-card card shadow-sm p-4">
+                <div class="text-center mb-4 d-flex align-items-center justify-content-center">
+                    <img src="/static/images/ShareAPI.png" alt="API Router Logo" width="48" height="48" class="me-2">
+                    <h3 class="card-title mb-0">用户登录</h3>
+                </div>
+                <form @submit.prevent="login">
+                    <div class="mb-3 input-group">
+                        <span class="input-group-text"><i class="fas fa-user"></i></span>
+                        <input type="email" class="form-control" id="loginEmail" v-model="loginForm.email" placeholder="用户名 / 邮箱地址" required autocomplete="username">
+                    </div>
+                    <div class="mb-3 input-group">
+                        <span class="input-group-text"><i class="fas fa-lock"></i></span>
+                        <input type="password" class="form-control" id="loginPassword" v-model="loginForm.password" placeholder="密码" required autocomplete="current-password">
+                    </div>
+                    <button type="submit" class="btn btn-primary w-100 mb-3">登录</button>
+                    <div class="d-flex justify-content-between mb-3">
+                        <div class="text-decoration-none text-muted">忘记密码？<a href="/reset-password"><span class="text-primary">点击重置</span></a></div>
+                        <div class="text-decoration-none text-muted">没有账号？<a href="/signup"><span class="text-primary">点击注册</span></a></div>
+                    </div>
+                    <div class="divider my-4">
+                        <span class="divider-text">使用其他方式登录</span>
+                    </div>
+                    <div class="d-flex justify-content-center social-login-icons">
+                        <a href="#" class="btn btn-outline-secondary rounded-circle mx-2 github-icon"><i class="fab fa-github fa-lg"></i></a>
+                        <a href="#" class="btn btn-outline-secondary rounded-circle mx-2 wechat-icon"><i class="fab fa-weixin fa-lg"></i></a>
+                    </div>
+                </form>
+                <p v-if="authMessage" class="mt-3 text-center text-info">
+                    {{ authMessage }}
+                </p>
+            </div>
+        </div>
+
+        <footer class="footer text-center py-3 mt-auto">
+            <p class="mb-0 text-muted">API Router v0.6.11-preview.6 由 JustSong 构建，源代码遵循 <a href="#" class="text-decoration-none">MIT 协议</a></p>
+        </footer>
+    </div>
+
+    <!-- Vue 3 CDN -->
+    <script src="https://cdn.jsdelivr.net/npm/vue@3/dist/vue.global.prod.js"></script>
+    <!-- Bootstrap 5.3 JS CDN -->
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
+    <!-- Custom Vue.js App Logic -->
+    <script type="module" src="/static/app.js"></script>
+</body>
+</html>

static/reset-password.html

@@ -0,0 +1,130 @@
+<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>SP Website - 重置密码</title>
+    <!-- Bootstrap 5.3 CSS CDN -->
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+    <!-- Font Awesome CDN for icons -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
+    <!-- Custom CSS -->
+    <link rel="stylesheet" href="/static/style.css">
+</head>
+<body>
+    <div id="app">
+        <nav class="navbar navbar-expand-lg navbar-light bg-light fixed-top">
+            <div class="container-fluid">
+                <a class="navbar-brand d-flex align-items-center" href="/">
+                    <img src="/static/images/ShareAPI.png" alt="API Router Logo" width="30" height="30" class="d-inline-block align-text-top me-2">
+                    <span class="fw-bold fs-5">API Router</span>
+                </a>
+                <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
+                    <span class="navbar-toggler-icon"></span>
+                </button>
+                <div class="collapse navbar-collapse" id="navbarNav">
+                    <ul class="navbar-nav me-auto mb-2 mb-lg-0">
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-comment-dots me-1"></i> 聊天
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-key me-1"></i> 令牌
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-shopping-cart me-1"></i> 充值
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-chart-bar me-1"></i> 总览
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-file-alt me-1"></i> 日志
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-cog me-1"></i> 设置
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-info-circle me-1"></i> 关于
+                            </a>
+                        </li>
+                    </ul>
+                    <ul class="navbar-nav ms-auto mb-2 mb-lg-0">
+                        <li class="nav-item dropdown">
+                            <a class="nav-link dropdown-toggle d-flex align-items-center me-3" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
+                                <i class="fas fa-font me-1"></i> A|文
+                            </a>
+                            <ul class="dropdown-menu" aria-labelledby="navbarDropdown">
+                                <li><a class="dropdown-item" href="#">中文</a></li>
+                                <li><a class="dropdown-item" href="#">English</a></li>
+                            </ul>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center" href="/login">
+                                <i class="fas fa-user me-1"></i> 登录
+                            </a>
+                        </li>
+                    </ul>
+                </div>
+            </div>
+        </nav>
+
+        <div class="auth-container d-flex justify-content-center align-items-center flex-grow-1">
+            <div class="login-card p-4">
+                <div class="text-center mb-4 d-flex align-items-center justify-content-center">
+                    <img src="/static/images/ShareAPI.png" alt="API Router Logo" width="50" height="50" class="me-2">
+                    <h3 class="card-title mb-0">重置密码</h3>
+                </div>
+                <form @submit.prevent="resetPasswordWithCode">
+                    <div class="mb-3 input-group">
+                        <span class="input-group-text"><i class="fas fa-envelope"></i></span>
+                        <input type="email" class="form-control" id="resetEmail" v-model="resetPasswordForm.email" placeholder="输入邮箱地址" required autocomplete="username">
+                        <button type="button" class="btn btn-outline-secondary" @click="sendResetVerificationCode" :disabled="isSendingCode">{{ isSendingCode ? `${countdown}s` : '获取验证码' }}</button>
+                    </div>
+                    <div class="mb-3 input-group">
+                        <span class="input-group-text"><i class="fas fa-shield-alt"></i></span>
+                        <input type="text" class="form-control" id="resetVerificationCode" v-model="resetPasswordForm.verificationCode" placeholder="验证码" required autocomplete="one-time-code">
+                    </div>
+                    <div class="mb-3 input-group">
+                        <span class="input-group-text"><i class="fas fa-lock"></i></span>
+                        <input type="password" class="form-control" id="resetNewPassword" v-model="resetPasswordForm.newPassword" placeholder="新密码" required autocomplete="new-password">
+                    </div>
+                    <div class="mb-3 input-group">
+                        <span class="input-group-text"><i class="fas fa-lock"></i></span>
+                        <input type="password" class="form-control" id="resetConfirmPassword" v-model="resetPasswordForm.confirmPassword" placeholder="确认新密码" required autocomplete="new-password">
+                    </div>
+                    <button type="submit" class="btn btn-primary w-100 mb-3">重置密码</button>
+                </form>
+                <p v-if="resetPasswordMessage" class="mt-2 text-info text-center">{{ resetPasswordMessage }}</p>
+                <p class="text-center text-muted">
+                    已有账号？ <a href="/login" class="text-decoration-none">立即登录</a>
+                </p>
+            </div>
+        </div>
+
+        <footer class="footer text-center">
+            <div class="container">
+                <p class="text-muted mb-0">© 2024 API Router. All rights reserved.</p>
+            </div>
+        </footer>
+    </div>
+
+    <!-- Vue 3 CDN -->
+    <script src="https://cdn.jsdelivr.net/npm/vue@3/dist/vue.global.prod.js"></script>
+    <!-- Bootstrap 5.3 JS CDN -->
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
+    <!-- Custom Vue.js App Logic -->
+    <script type="module" src="/static/app.js"></script>
+</body>
+</html>

static/signup.html

@@ -0,0 +1,130 @@
+<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>SP Website - 注册</title>
+    <!-- Bootstrap 5.3 CSS CDN -->
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+    <!-- Font Awesome CDN for icons -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
+    <!-- Custom CSS -->
+    <link rel="stylesheet" href="/static/style.css">
+</head>
+<body>
+    <div id="app">
+        <nav class="navbar navbar-expand-lg navbar-light bg-light fixed-top">
+            <div class="container-fluid">
+                <a class="navbar-brand d-flex align-items-center" href="/">
+                    <img src="/static/images/ShareAPI.png" alt="API Router Logo" width="30" height="30" class="d-inline-block align-text-top me-2">
+                    <span class="fw-bold fs-5">API Router</span>
+                </a>
+                <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
+                    <span class="navbar-toggler-icon"></span>
+                </button>
+                <div class="collapse navbar-collapse" id="navbarNav">
+                    <ul class="navbar-nav me-auto mb-2 mb-lg-0">
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-comment-dots me-1"></i> 聊天
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-key me-1"></i> 令牌
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-shopping-cart me-1"></i> 充值
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-chart-bar me-1"></i> 总览
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-file-alt me-1"></i> 日志
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-cog me-1"></i> 设置
+                            </a>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center me-3" href="#">
+                                <i class="fas fa-info-circle me-1"></i> 关于
+                            </a>
+                        </li>
+                    </ul>
+                    <ul class="navbar-nav ms-auto mb-2 mb-lg-0">
+                        <li class="nav-item dropdown">
+                            <a class="nav-link dropdown-toggle d-flex align-items-center me-3" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
+                                <i class="fas fa-font me-1"></i> A|文
+                            </a>
+                            <ul class="dropdown-menu" aria-labelledby="navbarDropdown">
+                                <li><a class="dropdown-item" href="#">中文</a></li>
+                                <li><a class="dropdown-item" href="#">English</a></li>
+                            </ul>
+                        </li>
+                        <li class="nav-item">
+                            <a class="nav-link d-flex align-items-center" href="/login">
+                                <i class="fas fa-user me-1"></i> 登录
+                            </a>
+                        </li>
+                    </ul>
+                </div>
+            </div>
+        </nav>
+
+        <div class="auth-container d-flex justify-content-center align-items-center flex-grow-1">
+            <div class="login-card p-4">
+                <div class="text-center mb-4 d-flex align-items-center justify-content-center">
+                    <img src="/static/images/ShareAPI.png" alt="API Router Logo" width="50" height="50" class="me-2">
+                    <h3 class="card-title mb-0">新用户注册</h3>
+                </div>
+                <form @submit.prevent="signup">
+                    <div class="mb-3 input-group">
+                        <span class="input-group-text"><i class="fas fa-envelope"></i></span>
+                        <input type="email" class="form-control" id="signupEmail" v-model="signupForm.email" placeholder="输入邮箱地址" required>
+                        <button type="button" class="btn btn-outline-secondary" @click="sendVerificationCode" :disabled="isSendingCode">{{ isSendingCode ? `${countdown}s` : '获取验证码' }}</button>
+                    </div>
+                    <div class="mb-3 input-group">
+                        <span class="input-group-text"><i class="fas fa-shield-alt"></i></span>
+                        <input type="text" class="form-control" id="verificationCode" v-model="signupForm.verificationCode" placeholder="验证码" required>
+                    </div>
+                    <div class="mb-3 input-group">
+                        <span class="input-group-text"><i class="fas fa-lock"></i></span>
+                        <input type="password" class="form-control" id="signupPassword" v-model="signupForm.password" placeholder="密码" required>
+                    </div>
+                    <div class="mb-3 input-group">
+                        <span class="input-group-text"><i class="fas fa-lock"></i></span>
+                        <input type="password" class="form-control" id="confirmPassword" v-model="signupForm.confirmPassword" placeholder="确认密码" required>
+                    </div>
+                    <button type="submit" class="btn btn-primary w-100 mb-3">注册</button>
+                </form>
+                <p v-if="signupMessage" class="mt-2 text-info text-center">{{ signupMessage }}</p>
+                <p class="text-center text-muted">
+                    已有账号？ <a href="/login" class="text-decoration-none">立即登录</a>
+                </p>
+            </div>
+        </div>
+
+        <footer class="footer text-center">
+            <div class="container">
+                <p class="text-muted mb-0">© 2024 API Router. All rights reserved.</p>
+            </div>
+        </footer>
+    </div>
+
+    <!-- Vue 3 CDN -->
+    <script src="https://cdn.jsdelivr.net/npm/vue@3/dist/vue.global.prod.js"></script>
+    <!-- Bootstrap 5.3 JS CDN -->
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
+    <!-- Custom Vue.js App Logic -->
+    <script type="module" src="/static/app.js"></script>
+</body>
+</html>

static/style.css

@@ -0,0 +1,463 @@
+@import url(https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin);
+html, body, #app {
+    height: 100%;
+    margin: 0;
+}
+
+body {
+    -webkit-font-smoothing: antialiased;
+    -moz-osx-smoothing: grayscale;
+    font-family: 'PingFang SC', 'Helvetica Neue', Arial, 'Microsoft YaHei', sans-serif;
+    overflow-y: scroll;
+    padding-top: 56px; /* Adjust based on navbar height */
+    scrollbar-width: none;
+    background-color: #f8f9fa; /* Light gray background */
+    display: flex;
+    flex-direction: column;
+}
+
+body::-webkit-scrollbar {
+    display: none;
+}
+
+.main-content {
+    padding: 4px;
+}
+
+.small-icon .icon {
+    font-size: 1em !important;
+}
+
+.custom-footer {
+    font-size: 1.1em;
+}
+
+@media only screen and (max-width: 600px) {
+    .hide-on-mobile {
+        display: none !important;
+    }
+}
+
+@media screen and (max-width: 768px) {
+    .ui.container {
+        padding: 0 10px !important;
+        width: 100% !important;
+    }
+    .ui.card,
+    .ui.cards,
+    .ui.container,
+    .ui.segment {
+        margin-left: 0 !important;
+        margin-right: 0 !important;
+    }
+    .ui.table {
+        padding-left: 0 !important;
+        padding-right: 0 !important;
+    }
+}
+
+@media screen and (min-width: 769px) and (max-width: 1366px) {
+    .ui.container {
+        margin-left: auto !important;
+        margin-right: auto !important;
+        max-width: 100% !important;
+        padding: 0 24px !important;
+        width: auto !important;
+    }
+    .ui.table {
+        font-size: .9em;
+    }
+    .ui.cards {
+        margin-left: -.5em !important;
+        margin-right: -.5em !important;
+    }
+    .ui.cards>.card {
+        margin: .5em !important;
+        width: calc(50% - 1em) !important;
+    }
+}
+
+@media screen and (min-width: 1367px) {
+    .ui.container {
+        margin-left: auto !important;
+        margin-right: auto !important;
+        padding: 0 !important;
+        width: 1200px !important;
+    }
+}
+
+@media screen and (max-width: 1366px) {
+    .charts-grid {
+        margin: 0 -.5em !important;
+    }
+    .charts-grid .column {
+        padding: .5em !important;
+    }
+    .chart-card {
+        margin: 0 !important;
+    }
+    .ui.header {
+        font-size: 1.1em !important;
+    }
+    .stat-value {
+        font-size: .9em !important;
+    }
+}
+
+/* Custom styles for SP Website */
+.user-avatar {
+    width: 32px;
+    height: 32px;
+    object-fit: cover;
+}
+
+/* Login page specific styles */
+.auth-container {
+    min-height: calc(100vh - 56px - 60px); /* Full height minus navbar and footer */
+    padding-top: 50px;
+    padding-bottom: 50px;
+}
+
+.login-card {
+    max-width: 400px;
+    border: none;
+    border-radius: 10px;
+    background-color: #fff;
+    box-shadow: 0 4px 8px rgba(0, 0, 0, 0.05);
+}
+
+.login-card .card-title {
+    font-weight: bold;
+    color: #333;
+}
+
+.input-group-text {
+    background-color: #e9ecef;
+    border-right: none;
+    border-color: #ced4da;
+}
+
+.form-control {
+    border-left: none;
+}
+
+.form-control:focus {
+    box-shadow: none;
+    border-color: #80bdff;
+}
+
+.btn-primary {
+    background-color: #007bff;
+    border-color: #007bff;
+}
+
+.btn-primary:hover {
+    background-color: #0056b3;
+    border-color: #0056b3;
+}
+
+.divider {
+    position: relative;
+    text-align: center;
+    margin-top: 1.5rem;
+    margin-bottom: 1.5rem;
+}
+
+.divider::before {
+    content: '';
+    position: absolute;
+    top: 50%;
+    left: 0;
+    right: 0;
+    border-top: 1px solid #e0e0e0;
+    z-index: 1;
+}
+
+.divider-text {
+    background-color: #fff;
+    padding: 0 10px;
+    position: relative;
+    z-index: 2;
+    color: #6c757d;
+    font-size: 0.9rem;
+}
+
+.social-login-icons .btn {
+    width: 40px;
+    height: 40px;
+    display: flex;
+    justify-content: center;
+    align-items: center;
+    font-size: 1.2rem;
+    color: #6c757d;
+    border-color: #ced4da;
+}
+
+.social-login-icons .btn:hover {
+    color: #007bff;
+    border-color: #007bff;
+}
+
+.navbar {
+    background-color: #ffffff !important;
+    border-bottom: none; /* Remove border-bottom as per image */
+    box-shadow: 0 0px 2px 12px rgba(0, 0, 0, 0.04); /* Adjusted box-shadow as per image */
+}
+
+.navbar-brand {
+    color: #333 !important;
+    font-weight: 600;
+    padding-left: 20px; /* Add left padding for brand */
+}
+
+.navbar-brand .fw-bold {
+    color: #333 !important;
+}
+
+.navbar-nav .nav-item .nav-link {
+    color: #666 !important; /* Adjust nav-link color */
+    font-weight: 500;
+    padding: 0.5rem 1rem; /* Adjust padding */
+}
+
+.navbar-nav .nav-item .nav-link:hover {
+    color: #007bff !important; /* Hover effect */
+}
+
+.container-fluid {
+    padding-left: 20px; /* Adjust container padding for left/right */
+    padding-right: 20px;
+}
+
+/* Login page specific styles adjustments */
+.auth-container {
+    min-height: calc(100vh - 56px - 60px); /* Full height minus navbar and footer */
+    padding-top: 50px;
+    padding-bottom: 50px;
+    background-color: #f8f9fa; /* Match body background */
+}
+
+.login-card {
+    max-width: 550px; /* Increased width by 100px from previous 450px */
+    border: none;
+    border-radius: 10px;
+    background-color: #fff;
+    box-shadow: 0 4px 8px rgba(0, 0, 0, 0.05);
+    padding: 2.5rem !important; /* Increased padding */
+}
+
+.login-card .card-title {
+    font-weight: bold;
+    color: #333;
+    font-size: 1.8rem; /* Larger title */
+    /* margin-bottom: 2rem !important; */ /* Removed as it's now horizontal with logo */
+}
+
+.input-group-text {
+    background-color: #f8f9fa; /* Light gray background for input icon */
+    border-right: none;
+    border-color: #ced4da;
+    color: #6c757d; /* Icon color */
+}
+
+.form-control {
+    border-left: none;
+    border-color: #ced4da;
+}
+
+.form-control:focus {
+    box-shadow: none;
+    border-color: #007bff; /* Focus border color */
+}
+
+.btn-primary {
+    background-color: #007bff;
+    border-color: #007bff;
+    font-size: 1.1rem;
+    padding: 0.75rem 1.5rem;
+    border-radius: 0.3rem;
+}
+
+.btn-primary:hover {
+    background-color: #0056b3;
+    border-color: #0056b3;
+}
+
+.text-muted {
+    color: #6c757d !important; /* Ensure muted text color */
+}
+
+.divider {
+    position: relative;
+    text-align: center;
+    margin-top: 2rem !important;
+    margin-bottom: 2rem !important;
+}
+
+.divider::before {
+    content: '';
+    position: absolute;
+    top: 50%;
+    left: 0;
+    right: 0;
+    border-top: 1px solid #e0e0e0;
+    z-index: 1;
+}
+
+.divider-text {
+    background-color: #fff;
+    padding: 0 10px;
+    position: relative;
+    z-index: 2;
+    color: #6c757d;
+    font-size: 0.9rem;
+}
+
+.social-login-icons .btn {
+    width: 45px; /* Slightly larger icons */
+    height: 45px;
+    display: flex;
+    justify-content: center;
+    align-items: center;
+    font-size: 1.4rem; /* Larger icon size */
+    /* Remove border and border-radius */
+    border: none;
+    background-color: transparent;
+}
+
+.social-login-icons .btn:hover {
+    background-color: rgba(0, 0, 0, 0.05); /* Subtle hover effect */
+}
+
+.social-login-icons .github-icon {
+    color: #24292e; /* GitHub brand color */
+}
+
+.social-login-icons .wechat-icon {
+    color: #07c160; /* WeChat brand color */
+}
+
+.footer {
+    background-color: #f8f9fa;
+    border-top: 1px solid #e9ecef;
+    color: #6c757d;
+    font-size: 0.85rem;
+    padding: 15px 0;
+    width: 100%;
+}
+
+.footer .text-muted {
+    color: #6c757d !important;
+}
+
+.hero-section {
+    flex-grow: 1;
+    background-color: #ffffff;
+    padding: 80px 20px; /* Increased padding for top/bottom */
+    margin-top: -56px; /* Compensate for fixed navbar */
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    min-height: calc(100vh - 56px - 60px); /* Full height minus navbar and footer */
+}
+
+.hero-title {
+    font-size: 3.5rem; /* Larger font size */
+    color: #333;
+    line-height: 1.2;
+    margin-bottom: 1.5rem !important;
+}
+
+.hero-description {
+    font-size: 1.3rem; /* Slightly larger lead text */
+    color: #666;
+    line-height: 1.6;
+    max-width: 700px;
+    margin-left: auto;
+    margin-right: auto;
+    margin-bottom: 2.5rem !important;
+}
+
+.btn-primary {
+    background-color: #007bff;
+    border-color: #007bff;
+    font-size: 1.1rem;
+    padding: 0.75rem 1.5rem;
+    border-radius: 0.3rem;
+}
+
+.btn-primary:hover {
+    background-color: #0056b3;
+    border-color: #0056b3;
+}
+
+.btn-outline-secondary {
+    color: #6c757d;
+    background-color: #e9ecef; /* Light gray background */
+    border-color: #e9ecef; /* Light gray border */
+    font-size: 1.1rem;
+    padding: 0.75rem 1.5rem;
+    border-radius: 0.3rem;
+}
+
+.btn-outline-secondary:hover {
+    color: #fff;
+    background-color: #6c757d;
+    border-color: #6c757d;
+}
+
+.btn-outline-secondary:disabled {
+    color: #6c757d;
+    background-color: #e9ecef;
+    border-color: #e9ecef;
+    opacity: 0.65;
+}
+
+.footer {
+    background-color: #f8f9fa;
+    border-top: 1px solid #e9ecef;
+    color: #6c757d;
+    font-size: 0.85rem;
+    padding: 15px 0;
+    width: 100%;
+}
+
+.footer .text-muted {
+    color: #6c757d !important;
+}
+
+/* Remove dashboard specific styles as they are no longer needed for the unauthenticated homepage */
+
+/* User Dropdown specific styles */
+.navbar-nav .nav-item.dropdown .nav-link {
+    padding-right: 1rem !important; /* Ensure space for dropdown arrow */
+}
+
+.navbar-nav .nav-item.dropdown .dropdown-menu {
+    right: 0;
+    left: auto;
+    min-width: 10rem;
+}
+
+@media (max-width: 991.98px) {
+    .navbar-nav .nav-item.dropdown .dropdown-menu {
+        position: static;
+        float: none;
+        width: 100%;
+        margin-top: 0;
+        background-color: transparent;
+        border: none;
+        box-shadow: none;
+    }
+    .navbar-nav .nav-item.dropdown .dropdown-menu .dropdown-item {
+        padding-left: calc(1rem + 1.5rem); /* Indent dropdown items */
+        color: #666 !important;
+    }
+    .navbar-nav .nav-item.dropdown .dropdown-menu .dropdown-item:hover {
+        color: #007bff !important;
+        background-color: transparent;
+    }
+    .navbar-nav .nav-item.dropdown .dropdown-menu .dropdown-divider {
+        display: none; /* Hide divider in mobile view */
+    }
+}

test_auth_proxy.py

@@ -0,0 +1,86 @@
+import pytest
+import httpx
+import os
+from dotenv import load_dotenv
+
+# Load environment variables from .env file
+load_dotenv()
+
+# Base URL for the FastAPI application
+BASE_URL = "http://localhost:7864"
+
+# Supabase credentials from .env
+SUPABASE_URL = os.getenv("SUPABASE_URL")
+SUPABASE_ANON_KEY = os.getenv("SUPABASE_ANON_KEY")
+SUPABASE_SERVICE_ROLE_KEY = os.getenv("SUPABASE_SERVICE_ROLE_KEY")
+
+# Test user credentials
+TEST_EMAIL = "test_user@example.com"
+TEST_PASSWORD = "test_password"
+
+# Ensure Supabase environment variables are set
+if not all([SUPABASE_URL, SUPABASE_ANON_KEY, SUPABASE_SERVICE_ROLE_KEY]):
+    pytest.skip("Supabase environment variables not set. Skipping tests.", allow_module_level=True)
+
+@pytest.fixture(scope="module")
+def client():
+    """Provides a test client for the FastAPI application."""
+    # In a real scenario, you might run the app in a separate process
+    # or use TestClient from fastapi.testclient.
+    # For this automated test, we assume the app is running at BASE_URL.
+    with httpx.Client(base_url=BASE_URL) as client:
+        yield client
+
+@pytest.fixture(scope="module")
+def auth_headers(client):
+    """Registers and logs in a test user, returning auth headers."""
+    # 1. Register user
+    signup_data = {"email": TEST_EMAIL, "password": TEST_PASSWORD}
+    response = client.post("/api/auth/signup", json=signup_data)
+    if response.status_code == 400 and "User already registered" in response.text:
+        print(f"User {TEST_EMAIL} already registered. Proceeding with login.")
+    elif response.status_code != 200:
+        response.raise_for_status() # Raise for other signup errors
+
+    # 2. Login user
+    login_data = {"email": TEST_EMAIL, "password": TEST_PASSWORD}
+    response = client.post("/api/auth/login", json=login_data)
+    response.raise_for_status()
+    token = response.json()["access_token"]
+    return {"Authorization": f"Bearer {token}"}
+
+def test_signup_and_login(client):
+    """Tests user registration and login."""
+    # Ensure a unique email for signup test if running independently
+    unique_email = f"test_user_{os.urandom(4).hex()}@example.com"
+    signup_data = {"email": unique_email, "password": TEST_PASSWORD}
+    response = client.post("/api/auth/signup", json=signup_data)
+    assert response.status_code == 200 or (response.status_code == 400 and "User already registered" in response.text)
+
+    login_data = {"email": unique_email, "password": TEST_PASSWORD}
+    response = client.post("/api/auth/login", json=login_data)
+    response.raise_for_status()
+    assert "access_token" in response.json()
+
+def test_generate_api_key(client, auth_headers):
+    """Tests API key generation."""
+    response = client.post("/api/user/generate-api-key", headers=auth_headers)
+    response.raise_for_status()
+    assert "api_key" in response.json()
+
+def test_get_api_keys(client, auth_headers):
+    """Tests fetching API keys."""
+    response = client.get("/api/user/api-keys", headers=auth_headers)
+    response.raise_for_status()
+    assert isinstance(response.json(), list)
+
+def test_get_proxy_data(client, auth_headers):
+    """Tests retrieval of proxy data."""
+    response = client.get("/api/proxies", headers=auth_headers)
+    response.raise_for_status()
+    assert isinstance(response.json(), list)
+    # Optionally, assert on the structure of the returned proxy data
+    # For example:
+    # if response.json():
+    #     assert "ip_address" in response.json()[0]
+    #     assert "port" in response.json()[0]

test_email.py

@@ -0,0 +1,95 @@
+import os
+import ssl
+import smtplib
+from email.mime.text import MIMEText
+from email.header import Header
+from dotenv import load_dotenv
+
+# Load environment variables from .env file
+load_dotenv()
+
+# Email Configuration
+SMTP_SERVER = os.environ.get("SMTP_SERVER")
+SMTP_PORT = int(os.environ.get("SMTP_PORT", 465)) # Default to 465 for SSL
+SMTP_USERNAME = os.environ.get("SMTP_USERNAME")
+SMTP_PASSWORD = os.environ.get("SMTP_PASSWORD")
+SENDER_EMAIL = os.environ.get("SENDER_EMAIL")
+SENDER_NAME = os.environ.get("SENDER_NAME", "Test Sender")
+
+def test_send_email(to_email: str, subject: str, body: str):
+    print("--- 开始邮件发送测试流程 ---")
+    print(f"加载环境变量: SMTP_SERVER={SMTP_SERVER}, SMTP_PORT={SMTP_PORT}, SENDER_EMAIL={SENDER_EMAIL}")
+
+    if not all([SMTP_SERVER, SMTP_USERNAME, SMTP_PASSWORD, SENDER_EMAIL]):
+        print("错误: SMTP配置不完整。请检查 .env 文件中的 SMTP_SERVER, SMTP_USERNAME, SMTP_PASSWORD, SENDER_EMAIL。")
+        return False
+
+    msg = MIMEText(body, 'plain', 'utf-8')
+    msg['From'] = f"{SENDER_NAME} <{SENDER_EMAIL}>"
+    msg['To'] = Header(to_email, 'utf-8')
+    msg['Subject'] = Header(subject, 'utf-8')
+    print("邮件内容构建完成。")
+    print(f"发件人: {msg['From']}, 收件人: {msg['To']}, 主题: {msg['Subject']}")
+
+    email_sent_successfully = False # 新增标志变量
+
+    try:
+        if SMTP_PORT == 587:
+            print(f"尝试通过端口 {SMTP_PORT} 连接到 SMTP 服务器: {SMTP_SERVER} (使用 STARTTLS)")
+            with smtplib.SMTP(SMTP_SERVER, SMTP_PORT, timeout=10) as server:
+                server.set_debuglevel(1) # 设置调试级别为1，打印SMTP交互日志
+                print("SMTP 服务器连接成功。")
+                print("尝试启动 TLS...")
+                server.starttls(context=ssl.create_default_context())
+                print("TLS 启动成功。")
+                print(f"尝试使用用户 {SMTP_USERNAME} 登录...")
+                server.login(SMTP_USERNAME, SMTP_PASSWORD)
+                print("SMTP 登录成功。")
+                print(f"尝试发送邮件从 {SENDER_EMAIL} 到 {to_email}...")
+                server.sendmail(SENDER_EMAIL, to_email, msg.as_string())
+                print(f"邮件发送成功至 {to_email}!")
+                email_sent_successfully = True # 设置标志为True
+        
+        elif SMTP_PORT == 465:
+            print(f"尝试通过端口 {SMTP_PORT} 连接到 SMTP 服务器: {SMTP_SERVER} (使用 SSL/TLS)")
+            context = ssl.create_default_context()
+            context.check_hostname = False
+            context.verify_mode = ssl.CERT_NONE
+            with smtplib.SMTP_SSL(SMTP_SERVER, SMTP_PORT, context=context, timeout=10) as server:
+                server.set_debuglevel(1) # 设置调试级别为1，打印SMTP交互日志
+                print("SMTP_SSL 服务器连接成功。")
+                print(f"尝试使用用户 {SMTP_USERNAME} 登录...")
+                server.login(SMTP_USERNAME, SMTP_PASSWORD)
+                print("SMTP 登录成功。")
+                print(f"尝试发送邮件从 {SENDER_EMAIL} 到 {to_email}...")
+                server.sendmail(SENDER_EMAIL, to_email, msg.as_string())
+                print(f"邮件发送成功至 {to_email}!")
+                email_sent_successfully = True # 设置标志为True
+        else:
+            print(f"错误：不支持的端口 {SMTP_PORT}。目前只支持 465 (SSL) 和 587 (STARTTLS)。")
+            # email_sent_successfully 保持为 False
+
+    except smtplib.SMTPAuthenticationError:
+        print("认证失败：请检查 .env 文件中的 SMTP_USERNAME 和 SMTP_PASSWORD。对于 QQ 邮箱，请确保使用的是授权码而非登录密码。")
+    except smtplib.SMTPConnectError as e:
+        print(f"连接失败：请检查 SMTP_SERVER 地址、SMTP_PORT 端口是否正确，以及网络防火墙设置。错误详情: {e}")
+    except smtplib.SMTPServerDisconnected as e:
+        print(f"SMTP 服务器意外断开连接。错误详情: {e}")
+    except smtplib.SMTPException as e:
+        print(f"SMTP 协议错误：{e}")
+    except Exception as e:
+        print(f"发生未知错误: {e}")
+    finally:
+        print("--- 邮件发送测试流程结束 ---")
+    
+    return email_sent_successfully # 根据标志变量返回最终结果
+
+if __name__ == "__main__":
+    test_to_email = "geqintan@qq.com"
+    test_subject = "SuperProxy 测试邮件"
+    test_body = "这是一封来自 SuperProxy 的测试邮件。"
+    success = test_send_email(test_to_email, test_subject, test_body)
+    if success:
+        print("测试邮件发送过程完成。请检查收件箱。")
+    else:
+        print("测试邮件发送过程失败。")

test_supabase.py

@@ -0,0 +1,87 @@
+import os
+from dotenv import load_dotenv
+from supabase import create_client, Client
+from supabase_auth.errors import AuthApiError
+
+# Load environment variables from .env file
+load_dotenv()
+
+# Supabase Configuration
+SUPABASE_URL = os.environ.get("SUPABASE_URL")
+SUPABASE_ANON_KEY = os.environ.get("SUPABASE_ANON_KEY")
+
+if not SUPABASE_URL or not SUPABASE_ANON_KEY:
+    print("Error: Supabase URL and Anon Key must be set as environment variables in .env file.")
+    exit(1)
+
+supabase_anon: Client = create_client(SUPABASE_URL, SUPABASE_ANON_KEY)
+
+SUPABASE_SERVICE_ROLE_KEY = os.environ.get("SUPABASE_SERVICE_ROLE_KEY")
+if not SUPABASE_SERVICE_ROLE_KEY:
+    print("Error: SUPABASE_SERVICE_ROLE_KEY must be set as an environment variable in .env file for admin operations.")
+    exit(1)
+supabase_admin: Client = create_client(SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY)
+
+async def test_db_connection():
+    """Tests a simple database connection by querying a non-existent table."""
+    print("\n--- Testing Database Connection ---")
+    try:
+        # Attempt a simple query to check connection.
+        # This will likely fail if the table doesn't exist, but confirms connection.
+        res = supabase_anon.table('non_existent_table').select('*').limit(1).execute()
+        print("Database connection successful (or query executed without connection error).")
+        print(f"Query result (expected empty or error): {res.data}")
+    except Exception as e:
+        print(f"Database connection test failed: {e}")
+        print("Please ensure SUPABASE_URL is correct and your network allows access to Supabase.")
+
+async def test_user_registration(email, password):
+    """Tests user registration with Supabase."""
+    print(f"\n--- Testing User Registration for {email} ---")
+    try:
+        res = supabase_anon.auth.sign_up({
+            "email": email,
+            "password": password
+        })
+        if res.user:
+            print(f"User registration successful for {res.user.email}! Please check your email for verification.")
+            print(f"User ID: {res.user.id}")
+        else:
+            print("User registration failed: No user returned.")
+            print(f"Supabase response: {res}")
+    except AuthApiError as e:
+        print(f"User registration failed (AuthApiError): {e.message}")
+    except Exception as e:
+        print(f"An unexpected error occurred during registration: {e}")
+        print("Please ensure Supabase URL and Anon Key are correct, and Email Signups are enabled in Supabase Auth settings.")
+
+async def list_supabase_users():
+    """Lists all users in Supabase."""
+    print("\n--- Listing Supabase Users ---")
+    try:
+        # Supabase admin client is required to list users
+        users_list = supabase_admin.auth.admin.list_users()
+        
+        if users_list: # Assuming it returns a list of user objects directly
+            print(f"Found {len(users_list)} users:")
+            for user in users_list:
+                print(f"  User ID: {user.id}, Email: {user.email}, Created At: {user.created_at}")
+        else:
+            print("No users found in Supabase.")
+    except Exception as e:
+        print(f"Failed to list Supabase users: {e}")
+        print("Please ensure your Supabase Anon Key has sufficient permissions or use a service role key if necessary.")
+
+async def main():
+    await test_db_connection()
+
+    # Replace with a test email and password
+    test_email = "test@example.com" # Using a more standard test email format
+    test_password = "testpassword"
+    await test_user_registration(test_email, test_password)
+    
+    await list_supabase_users()
+
+if __name__ == "__main__":
+    import asyncio
+    asyncio.run(main())