Update server.js

server.js

@@ -419,1415 +419,4 @@ app.listen(port, () => {
   console.log(`Server running on port ${port}`);
   console.log(`User configurations:`, usernames.map(user => `${user}: ${userTokenMapping[user] ? 'Token Configured' : 'No Token'}`).join(', ') || 'None');
   console.log(`Admin login enabled: Username=${ADMIN_USERNAME}, Password=${ADMIN_PASSWORD ? 'Configured' : 'Not Configured'}`);
-});
-
-// 提供静态文件（前端文件）
-app.use(express.static(path.join(__dirname, 'public')));
-
-// 提供配置信息的 API 接口
-app.get('/api/config', (req, res) => {
-  res.json({ usernames: usernames.join(',') });
-});
-
-// 登录 API 接口
-app.post('/api/login', (req, res) => {
-  const { username, password } = req.body;
-  if (username === ADMIN_USERNAME && password === ADMIN_PASSWORD) {
-    // 生成一个随机 token 作为会话标识
-    const token = crypto.randomBytes(16).toString('hex');
-    const expiresAt = Date.now() + SESSION_TIMEOUT;
-    sessions.set(token, { username, expiresAt });
-    console.log(`用户 ${username} 登录成功，生成 token: ${token.slice(0, 8)}...`);
-    res.json({ success: true, token });
-  } else {
-    console.log(`用户 ${username} 登录失败，凭据无效`);
-    res.status(401).json({ success: false, message: '用户名或密码错误' });
-  }
-});
-
-// 验证登录状态 API 接口
-app.post('/api/verify-token', (req, res) => {
-  const { token } = req.body;
-  const session = sessions.get(token);
-  if (session && session.expiresAt > Date.now()) {
-    res.json({ success: true, message: 'Token 有效' });
-  } else {
-    if (session) {
-      sessions.delete(token); // 删除过期的 token
-      console.log(`Token ${token.slice(0, 8)}... 已过期，已删除`);
-    }
-    res.status(401).json({ success: false, message: 'Token 无效或已过期' });
-  }
-});
-
-// 登出 API 接口
-app.post('/api/logout', (req, res) => {
-  const { token } = req.body;
-  sessions.delete(token);
-  console.log(`Token ${token.slice(0, 8)}... 已手动登出`);
-  res.json({ success: true, message: '登出成功' });
-});
-
-// 中间件：验证请求中的 token
-const authenticateToken = (req, res, next) => {
-  const authHeader = req.headers['authorization'];
-  if (!authHeader || !authHeader.startsWith('Bearer ')) {
-    return res.status(401).json({ error: '未提供有效的认证令牌' });
-  }
-  const token = authHeader.split(' ')[1];
-  const session = sessions.get(token);
-  if (session && session.expiresAt > Date.now()) {
-    req.session = session;
-    next();
-  } else {
-    if (session) {
-      sessions.delete(token); // 删除过期的 token
-      console.log(`Token ${token.slice(0, 8)}... 已过期，拒绝访问`);
-    }
-    return res.status(401).json({ error: '认证令牌无效或已过期' });
-  }
-};
-
-// 获取所有 spaces 列表（包括私有）
-app.get('/api/proxy/spaces', async (req, res) => {
-  try {
-    if (!spaceCache.isExpired()) {
-      console.log('从缓存获取 Spaces 数据');
-      return res.json(spaceCache.getAll());
-    }
-
-    const allSpaces = [];
-    for (const username of usernames) {
-      const token = userTokenMapping[username];
-      if (!token) {
-        console.warn(`用户 ${username} 没有配置 API Token，将尝试无认证访问公开数据`);
-      }
-
-      try {
-        // 调用 HuggingFace API 获取 Spaces 列表
-        const headers = token ? { 'Authorization': `Bearer ${token}` } : {};
-        const response = await axios.get(`https://huggingface.co/api/spaces?author=${username}`, { headers });
-        const spaces = response.data;
-        console.log(`获取到 ${spaces.length} 个 Spaces for ${username}`);
-
-        for (const space of spaces) {
-          try {
-            // 获取 Space 详细信息
-            const spaceInfoResponse = await axios.get(`https://huggingface.co/api/spaces/${space.id}`, { headers });
-            const spaceInfo = spaceInfoResponse.data;
-            const spaceRuntime = spaceInfo.runtime || {};
-
-            allSpaces.push({
-              repo_id: spaceInfo.id,
-              name: spaceInfo.cardData?.title || spaceInfo.id.split('/')[1],
-              owner: spaceInfo.author,
-              username: username,
-              token: token || '',
-              url: `https://${spaceInfo.author}-${spaceInfo.id.split('/')[1]}.hf.space`,
-              status: spaceRuntime.stage || 'unknown',
-              last_modified: spaceInfo.lastModified || 'unknown',
-              created_at: spaceInfo.createdAt || 'unknown',
-              sdk: spaceInfo.sdk || 'unknown',
-              tags: spaceInfo.tags || [],
-              private: spaceInfo.private || false,
-              app_port: spaceInfo.cardData?.app_port || 'unknown'
-            });
-          } catch (error) {
-            console.error(`处理 Space ${space.id} 失败:`, error.message);
-          }
-        }
-      } catch (error) {
-        console.error(`获取 Spaces 列表失败 for ${username}:`, error.message);
-      }
-    }
-
-    allSpaces.sort((a, b) => a.name.localeCompare(b.name));
-    spaceCache.updateAll(allSpaces);
-    console.log(`总共获取到 ${allSpaces.length} 个 Spaces`);
-    res.json(allSpaces);
-  } catch (error) {
-    console.error(`代理获取 spaces 列表失败:`, error.message);
-    res.status(500).json({ error: '获取 spaces 列表失败', details: error.message });
-  }
-});
-
-// 代理重启 Space（需要认证）
-app.post('/api/proxy/restart/:repoId(*)', authenticateToken, async (req, res) => {
-  try {
-    const { repoId } = req.params;
-    console.log(`尝试重启 Space: ${repoId}`);
-    const spaces = spaceCache.getAll();
-    const space = spaces.find(s => s.repo_id === repoId);
-    if (!space || !space.token) {
-      console.error(`Space ${repoId} 未找到或无 Token 配置`);
-      return res.status(404).json({ error: 'Space 未找到或无 Token 配置' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${space.token}`, 'Content-Type': 'application/json' };
-    const response = await axios.post(`https://huggingface.co/api/spaces/${repoId}/restart`, {}, { headers });
-    console.log(`重启 Space ${repoId} 成功，状态码: ${response.status}`);
-    res.json({ success: true, message: `Space ${repoId} 重启成功` });
-  } catch (error) {
-    console.error(`重启 space 失败 (${req.params.repoId}):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data);
-      res.status(error.response.status || 500).json({ error: '重启 space 失败', details: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ error: '重启 space 失败', details: error.message });
-    }
-  }
-});
-
-// 代理重建 Space（需要认证）
-app.post('/api/proxy/rebuild/:repoId(*)', authenticateToken, async (req, res) => {
-  try {
-    const { repoId } = req.params;
-    console.log(`尝试重建 Space: ${repoId}`);
-    const spaces = spaceCache.getAll();
-    const space = spaces.find(s => s.repo_id === repoId);
-    if (!space || !space.token) {
-      console.error(`Space ${repoId} 未找到或无 Token 配置`);
-      return res.status(404).json({ error: 'Space 未找到或无 Token 配置' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${space.token}`, 'Content-Type': 'application/json' };
-    const payload = { factoryReboot: true };
-    console.log(`发送重建请求，payload: ${JSON.stringify(payload)}`);
-    const response = await axios.post(`https://huggingface.co/api/spaces/${repoId}/restart`, payload, { headers });
-    console.log(`重建 Space ${repoId} 成功，状态码: ${response.status}`);
-    res.json({ success: true, message: `Space ${repoId} 重建成功` });
-  } catch (error) {
-    console.error(`重建 space 失败 (${req.params.repoId}):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data);
-      res.status(error.response.status || 500).json({ error: '重建 space 失败', details: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ error: '重建 space 失败', details: error.message });
-    }
-  }
-});
-
-// 外部 API 服务（类似于 Flask 的 /api/v1）
-app.get('/api/v1/info/:token', async (req, res) => {
-  try {
-    const { token } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}` };
-    const userInfoResponse = await axios.get('https://huggingface.co/api/whoami-v2', { headers });
-    const username = userInfoResponse.data.name;
-    const spacesResponse = await axios.get(`https://huggingface.co/api/spaces?author=${username}`, { headers });
-    const spaces = spacesResponse.data;
-    const spaceList = [];
-
-    for (const space of spaces) {
-      try {
-        const spaceInfoResponse = await axios.get(`https://huggingface.co/api/spaces/${space.id}`, { headers });
-        spaceList.push(spaceInfoResponse.data.id);
-      } catch (error) {
-        console.error(`获取 Space 信息失败 (${space.id}):`, error.message);
-      }
-    }
-
-    res.json({ spaces: spaceList, total: spaceList.length });
-  } catch (error) {
-    console.error(`获取 spaces 列表失败 (外部 API):`, error.message);
-    res.status(500).json({ error: error.message });
-  }
-});
-
-app.get('/api/v1/info/:token/:spaceId(*)', async (req, res) => {
-  try {
-    const { token, spaceId } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}` };
-    const spaceInfoResponse = await axios.get(`https://huggingface.co/api/spaces/${spaceId}`, { headers });
-    const spaceInfo = spaceInfoResponse.data;
-    const spaceRuntime = spaceInfo.runtime || {};
-
-    res.json({
-      id: spaceInfo.id,
-      status: spaceRuntime.stage || 'unknown',
-      last_modified: spaceInfo.lastModified || null,
-      created_at: spaceInfo.createdAt || null,
-      sdk: spaceInfo.sdk || 'unknown',
-      tags: spaceInfo.tags || [],
-      private: spaceInfo.private || false
-    });
-  } catch (error) {
-    console.error(`获取 space 信息失败 (外部 API):`, error.message);
-    res.status(error.response?.status || 404).json({ error: error.message });
-  }
-});
-
-app.post('/api/v1/action/:token/:spaceId(*)/restart', async (req, res) => {
-  try {
-    const { token, spaceId } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' };
-    await axios.post(`https://huggingface.co/api/spaces/${spaceId}/restart`, {}, { headers });
-    res.json({ success: true, message: `Space ${spaceId} 重启成功` });
-  } catch (error) {
-    console.error(`重启 space 失败 (外部 API):`, error.message);
-    res.status(error.response?.status || 500).json({ success: false, error: error.message });
-  }
-});
-
-app.post('/api/v1/action/:token/:spaceId(*)/rebuild', async (req, res) => {
-  try {
-    const { token, spaceId } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' };
-    const payload = { factoryReboot: true };
-    console.log(`外部 API 发送重建请求，spaceId: ${spaceId}`);
-    const response = await axios.post(`https://huggingface.co/api/spaces/${spaceId}/restart`, payload, { headers });
-    console.log(`外部 API 重建 Space ${spaceId} 成功，状态码: ${response.status}`);
-    res.json({ success: true, message: `Space ${spaceId} 重建成功` });
-  } catch (error) {
-    console.error(`重建 space 失败 (外部 API):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data);
-      res.status(error.response.status || 500).json({ success: false, error: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ success: false, error: error.message });
-    }
-  }
-});
-
-// 代理 HuggingFace API：获取实时监控数据（SSE）
-app.get('/api/proxy/live-metrics/:username/:instanceId', async (req, res) => {
-  try {
-    const { username, instanceId } = req.params;
-    const url = `https://api.hf.space/v1/${username}/${instanceId}/live-metrics/sse`;
-
-    // 检查实例状态，决定是否继续请求
-    const spaces = spaceCache.getAll();
-    const space = spaces.find(s => s.repo_id === `${username}/${instanceId}`);
-    if (!space) {
-      console.log(`实例 ${username}/${instanceId} 未找到，不尝试获取监控数据`);
-      return res.status(404).json({ error: '实例未找到，无法获取监控数据' });
-    }
-    if (space.status.toLowerCase() !== 'running') {
-      console.log(`实例 ${username}/${instanceId} 状态为 ${space.status}，不尝试获取监控数据`);
-      return res.status(400).json({ error: '实例未运行，无法获取监控数据' });
-    }
-
-    const token = userTokenMapping[username];
-    let headers = {
-      'Accept': 'text/event-stream',
-      'Cache-Control': 'no-cache',
-      'Connection': 'keep-alive'
-    };
-    if (token) {
-      headers['Authorization'] = `Bearer ${token}`;
-    }
-
-    const response = await axios({
-      method: 'get',
-      url,
-      headers,
-      responseType: 'stream',
-      timeout: 10000
-    });
-
-    res.set({
-      'Content-Type': 'text/event-stream',
-      'Cache-Control': 'no-cache',
-      'Connection': 'keep-alive'
-    });
-    response.data.pipe(res);
-
-    req.on('close', () => {
-      response.data.destroy();
-    });
-  } catch (error) {
-    console.error(`代理获取直播监控数据失败 (${req.params.username}/${req.params.instanceId}):`, error.message);
-    res.status(error.response?.status || 500).json({ error: '获取监控数据失败', details: error.message });
-  }
-});
-
-// 处理其他请求，重定向到 index.html
-app.get('*', (req, res) => {
-  res.sendFile(path.join(__dirname, 'public', 'index.html'));
-});
-
-// 定期清理过期的会话
-setInterval(() => {
-  const now = Date.now();
-  for (const [token, session] of sessions.entries()) {
-    if (session.expiresAt < now) {
-      sessions.delete(token);
-      console.log(`Token ${token.slice(0, 8)}... 已过期，自动清理`);
-    }
-  }
-}, 60 * 60 * 1000); // 每小时清理一次
-
-app.listen(port, () => {
-  console.log(`Server running on port ${port}`);
-  console.log(`User configurations:`, usernames.map(user => `${user}: ${userTokenMapping[user] ? 'Token Configured' : 'No Token'}`).join(', ') || 'None');
-  console.log(`Admin login enabled: Username=${ADMIN_USERNAME}, Password=${ADMIN_PASSWORD ? 'Configured' : 'Not Configured'}`);
-});
-
-// 提供静态文件（前端文件）
-app.use(express.static(path.join(__dirname, 'public')));
-
-// 提供配置信息的 API 接口
-app.get('/api/config', (req, res) => {
-  res.json({ usernames: usernames.join(',') });
-});
-
-// 登录 API 接口
-app.post('/api/login', (req, res) => {
-  const { username, password } = req.body;
-  if (username === ADMIN_USERNAME && password === ADMIN_PASSWORD) {
-    // 生成一个随机 token 作为会话标识
-    const token = crypto.randomBytes(16).toString('hex');
-    const expiresAt = Date.now() + SESSION_TIMEOUT;
-    sessions.set(token, { username, expiresAt });
-    console.log(`用户 ${username} 登录成功，生成 token: ${token.slice(0, 8)}...`);
-    res.json({ success: true, token });
-  } else {
-    console.log(`用户 ${username} 登录失败，凭据无效`);
-    res.status(401).json({ success: false, message: '用户名或密码错误' });
-  }
-});
-
-// 验证登录状态 API 接口
-app.post('/api/verify-token', (req, res) => {
-  const { token } = req.body;
-  const session = sessions.get(token);
-  if (session && session.expiresAt > Date.now()) {
-    res.json({ success: true, message: 'Token 有效' });
-  } else {
-    if (session) {
-      sessions.delete(token); // 删除过期的 token
-      console.log(`Token ${token.slice(0, 8)}... 已过期，已删除`);
-    }
-    res.status(401).json({ success: false, message: 'Token 无效或已过期' });
-  }
-});
-
-// 登出 API 接口
-app.post('/api/logout', (req, res) => {
-  const { token } = req.body;
-  sessions.delete(token);
-  console.log(`Token ${token.slice(0, 8)}... 已手动登出`);
-  res.json({ success: true, message: '登出成功' });
-});
-
-// 中间件：验证请求中的 token
-const authenticateToken = (req, res, next) => {
-  const authHeader = req.headers['authorization'];
-  if (!authHeader || !authHeader.startsWith('Bearer ')) {
-    return res.status(401).json({ error: '未提供有效的认证令牌' });
-  }
-  const token = authHeader.split(' ')[1];
-  const session = sessions.get(token);
-  if (session && session.expiresAt > Date.now()) {
-    req.session = session;
-    next();
-  } else {
-    if (session) {
-      sessions.delete(token); // 删除过期的 token
-      console.log(`Token ${token.slice(0, 8)}... 已过期，拒绝访问`);
-    }
-    return res.status(401).json({ error: '认证令牌无效或已过期' });
-  }
-};
-
-// 获取所有 spaces 列表（包括私有）
-app.get('/api/proxy/spaces', async (req, res) => {
-  try {
-    if (!spaceCache.isExpired()) {
-      console.log('从缓存获取 Spaces 数据');
-      return res.json(spaceCache.getAll());
-    }
-
-    const allSpaces = [];
-    for (const username of usernames) {
-      const token = userTokenMapping[username];
-      if (!token) {
-        console.warn(`用户 ${username} 没有配置 API Token，将尝试无认证访问公开数据`);
-      }
-
-      try {
-        // 调用 HuggingFace API 获取 Spaces 列表
-        const headers = token ? { 'Authorization': `Bearer ${token}` } : {};
-        const response = await axios.get(`https://huggingface.co/api/spaces?author=${username}`, { headers });
-        const spaces = response.data;
-        console.log(`获取到 ${spaces.length} 个 Spaces for ${username}`);
-
-        for (const space of spaces) {
-          try {
-            // 获取 Space 详细信息
-            const spaceInfoResponse = await axios.get(`https://huggingface.co/api/spaces/${space.id}`, { headers });
-            const spaceInfo = spaceInfoResponse.data;
-            const spaceRuntime = spaceInfo.runtime || {};
-
-            allSpaces.push({
-              repo_id: spaceInfo.id,
-              name: spaceInfo.cardData?.title || spaceInfo.id.split('/')[1],
-              owner: spaceInfo.author,
-              username: username,
-              token: token || '',
-              url: `https://${spaceInfo.author}-${spaceInfo.id.split('/')[1]}.hf.space`,
-              status: spaceRuntime.stage || 'unknown',
-              last_modified: spaceInfo.lastModified || 'unknown',
-              created_at: spaceInfo.createdAt || 'unknown',
-              sdk: spaceInfo.sdk || 'unknown',
-              tags: spaceInfo.tags || [],
-              private: spaceInfo.private || false,
-              app_port: spaceInfo.cardData?.app_port || 'unknown'
-            });
-          } catch (error) {
-            console.error(`处理 Space ${space.id} 失败:`, error.message);
-          }
-        }
-      } catch (error) {
-        console.error(`获取 Spaces 列表失败 for ${username}:`, error.message);
-      }
-    }
-
-    allSpaces.sort((a, b) => a.name.localeCompare(b.name));
-    spaceCache.updateAll(allSpaces);
-    console.log(`总共获取到 ${allSpaces.length} 个 Spaces`);
-    res.json(allSpaces);
-  } catch (error) {
-    console.error(`代理获取 spaces 列表失败:`, error.message);
-    res.status(500).json({ error: '获取 spaces 列表失败', details: error.message });
-  }
-});
-
-// 代理重启 Space（需要认证）
-app.post('/api/proxy/restart/:repoId(*)', authenticateToken, async (req, res) => {
-  try {
-    const { repoId } = req.params;
-    console.log(`尝试重启 Space: ${repoId}`);
-    const spaces = spaceCache.getAll();
-    const space = spaces.find(s => s.repo_id === repoId);
-    if (!space || !space.token) {
-      console.error(`Space ${repoId} 未找到或无 Token 配置`);
-      return res.status(404).json({ error: 'Space 未找到或无 Token 配置' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${space.token}`, 'Content-Type': 'application/json' };
-    const response = await axios.post(`https://huggingface.co/api/spaces/${repoId}/restart`, {}, { headers });
-    console.log(`重启 Space ${repoId} 成功，状态码: ${response.status}`);
-    res.json({ success: true, message: `Space ${repoId} 重启成功` });
-  } catch (error) {
-    console.error(`重启 space 失败 (${req.params.repoId}):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data);
-      res.status(error.response.status || 500).json({ error: '重启 space 失败', details: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ error: '重启 space 失败', details: error.message });
-    }
-  }
-});
-
-// 代理重建 Space（需要认证）
-app.post('/api/proxy/rebuild/:repoId(*)', authenticateToken, async (req, res) => {
-  try {
-    const { repoId } = req.params;
-    console.log(`尝试重建 Space: ${repoId}`);
-    const spaces = spaceCache.getAll();
-    const space = spaces.find(s => s.repo_id === repoId);
-    if (!space || !space.token) {
-      console.error(`Space ${repoId} 未找到或无 Token 配置`);
-      return res.status(404).json({ error: 'Space 未找到或无 Token 配置' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${space.token}`, 'Content-Type': 'application/json' };
-    const payload = { factoryReboot: true };
-    console.log(`发送重建请求，payload: ${JSON.stringify(payload)}`);
-    const response = await axios.post(`https://huggingface.co/api/spaces/${repoId}/restart`, payload, { headers });
-    console.log(`重建 Space ${repoId} 成功，状态码: ${response.status}`);
-    res.json({ success: true, message: `Space ${repoId} 重建成功` });
-  } catch (error) {
-    console.error(`重建 space 失败 (${req.params.repoId}):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data);
-      res.status(error.response.status || 500).json({ error: '重建 space 失败', details: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ error: '重建 space 失败', details: error.message });
-    }
-  }
-});
-
-// 外部 API 服务（类似于 Flask 的 /api/v1）
-app.get('/api/v1/info/:token', async (req, res) => {
-  try {
-    const { token } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}` };
-    const userInfoResponse = await axios.get('https://huggingface.co/api/whoami-v2', { headers });
-    const username = userInfoResponse.data.name;
-    const spacesResponse = await axios.get(`https://huggingface.co/api/spaces?author=${username}`, { headers });
-    const spaces = spacesResponse.data;
-    const spaceList = [];
-
-    for (const space of spaces) {
-      try {
-        const spaceInfoResponse = await axios.get(`https://huggingface.co/api/spaces/${space.id}`, { headers });
-        spaceList.push(spaceInfoResponse.data.id);
-      } catch (error) {
-        console.error(`获取 Space 信息失败 (${space.id}):`, error.message);
-      }
-    }
-
-    res.json({ spaces: spaceList, total: spaceList.length });
-  } catch (error) {
-    console.error(`获取 spaces 列表失败 (外部 API):`, error.message);
-    res.status(500).json({ error: error.message });
-  }
-});
-
-app.get('/api/v1/info/:token/:spaceId(*)', async (req, res) => {
-  try {
-    const { token, spaceId } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}` };
-    const spaceInfoResponse = await axios.get(`https://huggingface.co/api/spaces/${spaceId}`, { headers });
-    const spaceInfo = spaceInfoResponse.data;
-    const spaceRuntime = spaceInfo.runtime || {};
-
-    res.json({
-      id: spaceInfo.id,
-      status: spaceRuntime.stage || 'unknown',
-      last_modified: spaceInfo.lastModified || null,
-      created_at: spaceInfo.createdAt || null,
-      sdk: spaceInfo.sdk || 'unknown',
-      tags: spaceInfo.tags || [],
-      private: spaceInfo.private || false
-    });
-  } catch (error) {
-    console.error(`获取 space 信息失败 (外部 API):`, error.message);
-    res.status(error.response?.status || 404).json({ error: error.message });
-  }
-});
-
-app.post('/api/v1/action/:token/:spaceId(*)/restart', async (req, res) => {
-  try {
-    const { token, spaceId } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' };
-    await axios.post(`https://huggingface.co/api/spaces/${spaceId}/restart`, {}, { headers });
-    res.json({ success: true, message: `Space ${spaceId} 重启成功` });
-  } catch (error) {
-    console.error(`重启 space 失败 (外部 API):`, error.message);
-    res.status(error.response?.status || 500).json({ success: false, error: error.message });
-  }
-});
-
-app.post('/api/v1/action/:token/:spaceId(*)/rebuild', async (req, res) => {
-  try {
-    const { token, spaceId } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' };
-    const payload = { factoryReboot: true };
-    console.log(`外部 API 发送重建请求，spaceId: ${spaceId}`);
-    const response = await axios.post(`https://huggingface.co/api/spaces/${spaceId}/restart`, payload, { headers });
-    console.log(`外部 API 重建 Space ${spaceId} 成功，状态码: ${response.status}`);
-    res.json({ success: true, message: `Space ${spaceId} 重建成功` });
-  } catch (error) {
-    console.error(`重建 space 失败 (外部 API):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data);
-      res.status(error.response.status || 500).json({ success: false, error: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ success: false, error: error.message });
-    }
-  }
-});
-
-// 代理 HuggingFace API：获取实时监控数据（SSE）
-app.get('/api/proxy/live-metrics/:username/:instanceId', async (req, res) => {
-  try {
-    const { username, instanceId } = req.params;
-    const url = `https://api.hf.space/v1/${username}/${instanceId}/live-metrics/sse`;
-
-    // 检查实例状态，决定是否继续请求
-    const spaces = spaceCache.getAll();
-    const space = spaces.find(s => s.repo_id === `${username}/${instanceId}`);
-    if (!space) {
-      console.log(`实例 ${username}/${instanceId} 未找到，不尝试获取监控数据`);
-      return res.status(404).json({ error: '实例未找到，无法获取监控数据' });
-    }
-    if (space.status.toLowerCase() !== 'running') {
-      console.log(`实例 ${username}/${instanceId} 状态为 ${space.status}，不尝试获取监控数据`);
-      return res.status(400).json({ error: '实例未运行，无法获取监控数据' });
-    }
-
-    const token = userTokenMapping[username];
-    let headers = {
-      'Accept': 'text/event-stream',
-      'Cache-Control': 'no-cache',
-      'Connection': 'keep-alive'
-    };
-    if (token) {
-      headers['Authorization'] = `Bearer ${token}`;
-    }
-
-    const response = await axios({
-      method: 'get',
-      url,
-      headers,
-      responseType: 'stream',
-      timeout: 10000
-    });
-
-    res.set({
-      'Content-Type': 'text/event-stream',
-      'Cache-Control': 'no-cache',
-      'Connection': 'keep-alive'
-    });
-    response.data.pipe(res);
-
-    req.on('close', () => {
-      response.data.destroy();
-    });
-  } catch (error) {
-    console.error(`代理获取直播监控数据失败 (${req.params.username}/${req.params.instanceId}):`, error.message);
-    res.status(error.response?.status || 500).json({ error: '获取监控数据失败', details: error.message });
-  }
-});
-
-// 处理其他请求，重定向到 index.html
-app.get('*', (req, res) => {
-  res.sendFile(path.join(__dirname, 'public', 'index.html'));
-});
-
-// 定期清理过期的会话
-setInterval(() => {
-  const now = Date.now();
-  for (const [token, session] of sessions.entries()) {
-    if (session.expiresAt < now) {
-      sessions.delete(token);
-      console.log(`Token ${token.slice(0, 8)}... 已过期，自动清理`);
-    }
-  }
-}, 60 * 60 * 1000); // 每小时清理一次
-
-app.listen(port, () => {
-  console.log(`Server running on port ${port}`);
-  console.log(`User configurations:`, usernames.map(user => `${user}: ${userTokenMapping[user] ? 'Token Configured' : 'No Token'}`).join(', ') || 'None');
-  console.log(`Admin login enabled: Username=${ADMIN_USERNAME}, Password=${ADMIN_PASSWORD ? 'Configured' : 'Not Configured'}`);
-});
-
-// 提供静态文件（前端文件）
-app.use(express.static(path.join(__dirname, 'public')));
-
-// 提供配置信息的 API 接口
-app.get('/api/config', (req, res) => {
-  res.json({ usernames: usernames.join(',') });
-});
-
-// 登录 API 接口
-app.post('/api/login', (req, res) => {
-  const { username, password } = req.body;
-  if (username === ADMIN_USERNAME && password === ADMIN_PASSWORD) {
-    // 生成一个随机 token 作为会话标识
-    const token = crypto.randomBytes(16).toString('hex');
-    const expiresAt = Date.now() + SESSION_TIMEOUT;
-    sessions.set(token, { username, expiresAt });
-    console.log(`用户 ${username} 登录成功，生成 token: ${token.slice(0, 8)}...`);
-    res.json({ success: true, token });
-  } else {
-    console.log(`用户 ${username} 登录失败，凭据无效`);
-    res.status(401).json({ success: false, message: '用户名或密码错误' });
-  }
-});
-
-// 验证登录状态 API 接口
-app.post('/api/verify-token', (req, res) => {
-  const { token } = req.body;
-  const session = sessions.get(token);
-  if (session && session.expiresAt > Date.now()) {
-    res.json({ success: true, message: 'Token 有效' });
-  } else {
-    if (session) {
-      sessions.delete(token); // 删除过期的 token
-      console.log(`Token ${token.slice(0, 8)}... 已过期，已删除`);
-    }
-    res.status(401).json({ success: false, message: 'Token 无效或已过期' });
-  }
-});
-
-// 登出 API 接口
-app.post('/api/logout', (req, res) => {
-  const { token } = req.body;
-  sessions.delete(token);
-  console.log(`Token ${token.slice(0, 8)}... 已手动登出`);
-  res.json({ success: true, message: '登出成功' });
-});
-
-// 中间件：验证请求中的 token
-const authenticateToken = (req, res, next) => {
-  const authHeader = req.headers['authorization'];
-  if (!authHeader || !authHeader.startsWith('Bearer ')) {
-    return res.status(401).json({ error: '未提供有效的认证令牌' });
-  }
-  const token = authHeader.split(' ')[1];
-  const session = sessions.get(token);
-  if (session && session.expiresAt > Date.now()) {
-    req.session = session;
-    next();
-  } else {
-    if (session) {
-      sessions.delete(token); // 删除过期的 token
-      console.log(`Token ${token.slice(0, 8)}... 已过期，拒绝访问`);
-    }
-    return res.status(401).json({ error: '认证令牌无效或已过期' });
-  }
-};
-
-// 获取所有 spaces 列表（包括私有）
-app.get('/api/proxy/spaces', async (req, res) => {
-  try {
-    if (!spaceCache.isExpired()) {
-      console.log('从缓存获取 Spaces 数据');
-      return res.json(spaceCache.getAll());
-    }
-
-    const allSpaces = [];
-    for (const username of usernames) {
-      const token = userTokenMapping[username];
-      if (!token) {
-        console.warn(`用户 ${username} 没有配置 API Token，将尝试无认证访问公开数据`);
-      }
-
-      try {
-        // 调用 HuggingFace API 获取 Spaces 列表
-        const headers = token ? { 'Authorization': `Bearer ${token}` } : {};
-        const response = await axios.get(`https://huggingface.co/api/spaces?author=${username}`, { headers });
-        const spaces = response.data;
-        console.log(`获取到 ${spaces.length} 个 Spaces for ${username}`);
-
-        for (const space of spaces) {
-          try {
-            // 获取 Space 详细信息
-            const spaceInfoResponse = await axios.get(`https://huggingface.co/api/spaces/${space.id}`, { headers });
-            const spaceInfo = spaceInfoResponse.data;
-            const spaceRuntime = spaceInfo.runtime || {};
-
-            allSpaces.push({
-              repo_id: spaceInfo.id,
-              name: spaceInfo.cardData?.title || spaceInfo.id.split('/')[1],
-              owner: spaceInfo.author,
-              username: username,
-              token: token || '',
-              url: `https://${spaceInfo.author}-${spaceInfo.id.split('/')[1]}.hf.space`,
-              status: spaceRuntime.stage || 'unknown',
-              last_modified: spaceInfo.lastModified || 'unknown',
-              created_at: spaceInfo.createdAt || 'unknown',
-              sdk: spaceInfo.sdk || 'unknown',
-              tags: spaceInfo.tags || [],
-              private: spaceInfo.private || false,
-              app_port: spaceInfo.cardData?.app_port || 'unknown'
-            });
-          } catch (error) {
-            console.error(`处理 Space ${space.id} 失败:`, error.message);
-          }
-        }
-      } catch (error) {
-        console.error(`获取 Spaces 列表失败 for ${username}:`, error.message);
-      }
-    }
-
-    allSpaces.sort((a, b) => a.name.localeCompare(b.name));
-    spaceCache.updateAll(allSpaces);
-    console.log(`总共获取到 ${allSpaces.length} 个 Spaces`);
-    res.json(allSpaces);
-  } catch (error) {
-    console.error(`代理获取 spaces 列表失败:`, error.message);
-    res.status(500).json({ error: '获取 spaces 列表失败', details: error.message });
-  }
-});
-
-// 代理重启 Space（需要认证）
-app.post('/api/proxy/restart/:repoId(*)', authenticateToken, async (req, res) => {
-  try {
-    const { repoId } = req.params;
-    console.log(`尝试重启 Space: ${repoId}`);
-    const spaces = spaceCache.getAll();
-    const space = spaces.find(s => s.repo_id === repoId);
-    if (!space || !space.token) {
-      console.error(`Space ${repoId} 未找到或无 Token 配置`);
-      return res.status(404).json({ error: 'Space 未找到或无 Token 配置' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${space.token}`, 'Content-Type': 'application/json' };
-    const response = await axios.post(`https://huggingface.co/api/spaces/${repoId}/restart`, {}, { headers });
-    console.log(`重启 Space ${repoId} 成功，状态码: ${response.status}`);
-    res.json({ success: true, message: `Space ${repoId} 重启成功` });
-  } catch (error) {
-    console.error(`重启 space 失败 (${req.params.repoId}):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data);
-      res.status(error.response.status || 500).json({ error: '重启 space 失败', details: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ error: '重启 space 失败', details: error.message });
-    }
-  }
-});
-
-// 代理重建 Space（需要认证）
-app.post('/api/proxy/rebuild/:repoId(*)', authenticateToken, async (req, res) => {
-  try {
-    const { repoId } = req.params;
-    console.log(`尝试重建 Space: ${repoId}`);
-    const spaces = spaceCache.getAll();
-    const space = spaces.find(s => s.repo_id === repoId);
-    if (!space || !space.token) {
-      console.error(`Space ${repoId} 未找到或无 Token 配置`);
-      return res.status(404).json({ error: 'Space 未找到或无 Token 配置' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${space.token}`, 'Content-Type': 'application/json' };
-    const payload = { factory_reboot: true };
-    console.log(`发送重建请求，payload: ${JSON.stringify(payload)}`);
-    const response = await axios.post(`https://huggingface.co/api/spaces/${repoId}/restart`, payload, { headers });
-    console.log(`重建 Space ${repoId} 成功，状态码: ${response.status}`);
-    res.json({ success: true, message: `Space ${repoId} 重建成功` });
-  } catch (error) {
-    console.error(`重建 space 失败 (${req.params.repoId}):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data);
-      res.status(error.response.status || 500).json({ error: '重建 space 失败', details: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ error: '重建 space 失败', details: error.message });
-    }
-  }
-});
-
-// 外部 API 服务（类似于 Flask 的 /api/v1）
-app.get('/api/v1/info/:token', async (req, res) => {
-  try {
-    const { token } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}` };
-    const userInfoResponse = await axios.get('https://huggingface.co/api/whoami-v2', { headers });
-    const username = userInfoResponse.data.name;
-    const spacesResponse = await axios.get(`https://huggingface.co/api/spaces?author=${username}`, { headers });
-    const spaces = spacesResponse.data;
-    const spaceList = [];
-
-    for (const space of spaces) {
-      try {
-        const spaceInfoResponse = await axios.get(`https://huggingface.co/api/spaces/${space.id}`, { headers });
-        spaceList.push(spaceInfoResponse.data.id);
-      } catch (error) {
-        console.error(`获取 Space 信息失败 (${space.id}):`, error.message);
-      }
-    }
-
-    res.json({ spaces: spaceList, total: spaceList.length });
-  } catch (error) {
-    console.error(`获取 spaces 列表失败 (外部 API):`, error.message);
-    res.status(500).json({ error: error.message });
-  }
-});
-
-app.get('/api/v1/info/:token/:spaceId(*)', async (req, res) => {
-  try {
-    const { token, spaceId } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}` };
-    const spaceInfoResponse = await axios.get(`https://huggingface.co/api/spaces/${spaceId}`, { headers });
-    const spaceInfo = spaceInfoResponse.data;
-    const spaceRuntime = spaceInfo.runtime || {};
-
-    res.json({
-      id: spaceInfo.id,
-      status: spaceRuntime.stage || 'unknown',
-      last_modified: spaceInfo.lastModified || null,
-      created_at: spaceInfo.createdAt || null,
-      sdk: spaceInfo.sdk || 'unknown',
-      tags: spaceInfo.tags || [],
-      private: spaceInfo.private || false
-    });
-  } catch (error) {
-    console.error(`获取 space 信息失败 (外部 API):`, error.message);
-    res.status(error.response?.status || 404).json({ error: error.message });
-  }
-});
-
-app.post('/api/v1/action/:token/:spaceId(*)/restart', async (req, res) => {
-  try {
-    const { token, spaceId } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' };
-    await axios.post(`https://huggingface.co/api/spaces/${spaceId}/restart`, {}, { headers });
-    res.json({ success: true, message: `Space ${spaceId} 重启成功` });
-  } catch (error) {
-    console.error(`重启 space 失败 (外部 API):`, error.message);
-    res.status(error.response?.status || 500).json({ success: false, error: error.message });
-  }
-});
-
-app.post('/api/v1/action/:token/:spaceId(*)/rebuild', async (req, res) => {
-  try {
-    const { token, spaceId } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' };
-    const payload = { factory_reboot: true };
-    console.log(`外部 API 发送重建请求，spaceId: ${spaceId}`);
-    const response = await axios.post(`https://huggingface.co/api/spaces/${spaceId}/restart`, payload, { headers });
-    console.log(`外部 API 重建 Space ${spaceId} 成功，状态码: ${response.status}`);
-    res.json({ success: true, message: `Space ${spaceId} 重建成功` });
-  } catch (error) {
-    console.error(`重建 space 失败 (外部 API):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data);
-      res.status(error.response.status || 500).json({ success: false, error: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ success: false, error: error.message });
-    }
-  }
-});
-
-// 代理 HuggingFace API：获取实时监控数据（SSE）
-app.get('/api/proxy/live-metrics/:username/:instanceId', async (req, res) => {
-  try {
-    const { username, instanceId } = req.params;
-    const url = `https://api.hf.space/v1/${username}/${instanceId}/live-metrics/sse`;
-
-    // 检查实例状态，决定是否继续请求
-    const spaces = spaceCache.getAll();
-    const space = spaces.find(s => s.repo_id === `${username}/${instanceId}`);
-    if (!space) {
-      console.log(`实例 ${username}/${instanceId} 未找到，不尝试获取监控数据`);
-      return res.status(404).json({ error: '实例未找到，无法获取监控数据' });
-    }
-    if (space.status.toLowerCase() !== 'running') {
-      console.log(`实例 ${username}/${instanceId} 状态为 ${space.status}，不尝试获取监控数据`);
-      return res.status(400).json({ error: '实例未运行，无法获取监控数据' });
-    }
-
-    const token = userTokenMapping[username];
-    let headers = {
-      'Accept': 'text/event-stream',
-      'Cache-Control': 'no-cache',
-      'Connection': 'keep-alive'
-    };
-    if (token) {
-      headers['Authorization'] = `Bearer ${token}`;
-    }
-
-    const response = await axios({
-      method: 'get',
-      url,
-      headers,
-      responseType: 'stream',
-      timeout: 10000
-    });
-
-    res.set({
-      'Content-Type': 'text/event-stream',
-      'Cache-Control': 'no-cache',
-      'Connection': 'keep-alive'
-    });
-    response.data.pipe(res);
-
-    req.on('close', () => {
-      response.data.destroy();
-    });
-  } catch (error) {
-    console.error(`代理获取直播监控数据失败 (${req.params.username}/${req.params.instanceId}):`, error.message);
-    res.status(error.response?.status || 500).json({ error: '获取监控数据失败', details: error.message });
-  }
-});
-
-// 处理其他请求，重定向到 index.html
-app.get('*', (req, res) => {
-  res.sendFile(path.join(__dirname, 'public', 'index.html'));
-});
-
-// 定期清理过期的会话
-setInterval(() => {
-  const now = Date.now();
-  for (const [token, session] of sessions.entries()) {
-    if (session.expiresAt < now) {
-      sessions.delete(token);
-      console.log(`Token ${token.slice(0, 8)}... 已过期，自动清理`);
-    }
-  }
-}, 60 * 60 * 1000); // 每小时清理一次
-
-app.listen(port, () => {
-  console.log(`Server running on port ${port}`);
-  console.log(`User configurations:`, usernames.map(user => `${user}: ${userTokenMapping[user] ? 'Token Configured' : 'No Token'}`).join(', ') || 'None');
-  console.log(`Admin login enabled: Username=${ADMIN_USERNAME}, Password=${ADMIN_PASSWORD ? 'Configured' : 'Not Configured'}`);
-});    sessions[token] = { username, timestamp: Date.now() }; // 存储会话
-    console.log(`用户登录成功，生成 Token: ${token}`);
-    res.json({ success: true, token });
-  } else {
-    res.status(401).json({ success: false, error: '用户名或密码错误' });
-  }
-});
-
-// 检查登录状态 API
-app.get('/api/check-login', authenticateToken, (req, res) => {
-  res.json({ success: true, loggedIn: true });
-});
-
-// 缓存对象，用于存储空间信息
-const spaceCache = {
-  data: [],
-  lastUpdated: 0,
-  isUpdating: false,
-  getAll: function() {
-    return this.data;
-  },
-  update: function(spaces) {
-    this.data = spaces;
-    this.lastUpdated = Date.now();
-    this.isUpdating = false;
-  }
-};
-
-// 通过 HuggingFace API 获取所有用户的 Space 信息
-async function fetchSpacesFromAPI() {
-  const hfUsers = process.env.HF_USER ? process.env.HF_USER.split(',').map(u => u.trim()) : [];
-  if (hfUsers.length === 0) {
-    console.warn('未配置 HuggingFace 用户（HF_USER 环境变量为空）');
-    return [];
-  }
-
-  const allSpaces = [];
-  for (const userTokenPair of hfUsers) {
-    let username, token;
-    if (userTokenPair.includes(':')) {
-      [username, token] = userTokenPair.split(':').map(s => s.trim());
-    } else {
-      username = userTokenPair.trim();
-      token = '';
-    }
-    if (!username) continue;
-
-    try {
-      console.log(`正在获取用户 ${username} 的 Space 信息...`);
-      const headers = token ? { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' } : {};
-      const response = await axios.get(`https://huggingface.co/api/spaces?author=${username}&full=username`, { headers });
-      if (Array.isArray(response.data)) {
-        const spaces = response.data.map(space => ({
-          repo_id: space.id,
-          author: space.author || username,
-          title: space.title || space.id.split('/')[1],
-          token: token || '',
-          private: space.private || false
-        }));
-        console.log(`用户 ${username} 的 Space 获取成功，共找到 ${spaces.length} 个 Space`);
-        allSpaces.push(...spaces);
-      } else {
-        console.warn(`用户 ${username} 的 Space 列表获取失败，API 返回数据不是数组`);
-      }
-    } catch (error) {
-      console.error(`获取用户 ${username} 的 Space 列表时出错:`, error.message);
-    }
-  }
-  return allSpaces;
-}
-
-// 定时更新缓存
-async function updateSpaceCache() {
-  if (spaceCache.isUpdating) {
-    console.log('已有更新任务在运行，跳过本次更新');
-    return;
-  }
-  spaceCache.isUpdating = true;
-  console.log('开始更新 Space 信息...');
-  try {
-    const spaces = await fetchSpacesFromAPI();
-    spaceCache.update(spaces);
-    console.log(`Space 信息更新完成，总计 ${spaces.length} 个 Space`);
-  } catch (error) {
-    console.error('更新 Space 信息时出错:', error.message);
-    spaceCache.isUpdating = false;
-  }
-}
-
-// 初始更新
-updateSpaceCache();
-
-// 每 5 分钟更新一次
-setInterval(updateSpaceCache, 5 * 60 * 1000);
-
-// 获取 Space 监控数据
-async function fetchSpaceMetrics(repoId, token) {
-  try {
-    const headers = token ? { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' } : {};
-    const metricsUrl = `https://huggingface.co/api/spaces/${repoId}/metrics`;
-    console.log(`正在获取 Space 监控数据: ${repoId}, 使用 Token: ${token ? '已提供' : '未提供'}`);
-    const response = await axios.get(metricsUrl, { headers });
-    console.log(`Space ${repoId} 监控数据获取成功`);
-    return response.data;
-  } catch (error) {
-    console.error(`获取 Space 监控数据失败 (${repoId}):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data || '无额外数据');
-    }
-    return null;
-  }
-}
-
-// 实时监控数据 API（使用 EventSource）
-app.get('/api/monitor', async (req, res) => {
-  res.writeHead(200, {
-    'Content-Type': 'text/event-stream',
-    'Cache-Control': 'no-cache',
-    'Connection': 'keep-alive'
-  });
-
-  console.log('客户端已连接，开始实时监控数据传输...');
-
-  const sendEvent = (data) => {
-    res.write(`data: ${JSON.stringify(data)}\n\n`);
-  };
-
-  const intervalId = setInterval(async () => {
-    try {
-      const spaces = spaceCache.getAll();
-      if (spaces.length === 0) {
-        sendEvent({ spaces: [], message: '暂无 Space 信息，请配置 HF_USER 环境变量' });
-        return;
-      }
-
-      const updatedSpaces = [];
-      for (const space of spaces) {
-        const metrics = await fetchSpaceMetrics(space.repo_id, space.token);
-        updatedSpaces.push({ ...space, metrics });
-      }
-      sendEvent({ spaces: updatedSpaces });
-    } catch (error) {
-      console.error('监控数据处理出错:', error.message);
-      sendEvent({ error: '监控数据获取失败，请稍后再试' });
-    }
-  }, 10000);
-
-  req.on('close', () => {
-    console.log('客户端断开连接，停止数据传输');
-    clearInterval(intervalId);
-    res.end();
-  });
-});
-
-// 获取配置的用户名列表（隐藏 Token）
-app.get('/api/users', (req, res) => {
-  const hfUsers = process.env.HF_USER ? process.env.HF_USER.split(',').map(u => u.trim()) : [];
-  const usernames = hfUsers.map(userTokenPair => {
-    if (userTokenPair.includes(':')) {
-      return userTokenPair.split(':')[0].trim();
-    }
-    return userTokenPair.trim();
-  }).filter(username => username);
-  res.json({ users: usernames });
-});
-
-// 代理重启 Space
-app.post('/api/proxy/restart/:repoId(*)', authenticateToken, async (req, res) => {
-  try {
-    const { repoId } = req.params;
-    console.log(`尝试重启 Space: ${repoId}`);
-    const spaces = spaceCache.getAll();
-    const space = spaces.find(s => s.repo_id === repoId);
-    if (!space || !space.token) {
-      console.error(`Space ${repoId} 未找到或无 Token 配置`);
-      return res.status(404).json({ error: 'Space 未找到或无 Token 配置' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${space.token}`, 'Content-Type': 'application/json' };
-    const payload = {}; // 普通重启不包含 factory_reboot 参数
-    console.log(`发送普通重启请求到 HuggingFace API，repoId: ${repoId}`);
-    const response = await axios.post(`https://huggingface.co/api/spaces/${repoId}/restart`, payload, { headers });
-    console.log(`重启 Space ${repoId} 请求完成，状态码: ${response.status}, 响应数据: ${JSON.stringify(response.data || {})}`);
-    res.json({ success: true, message: `Space ${repoId} 重启请求已发送` });
-  } catch (error) {
-    console.error(`重启 Space 失败 (${req.params.repoId}):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data || '无额外数据');
-      res.status(error.response.status || 500).json({ error: '重启 Space 失败', details: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ error: '重启 Space 失败', details: error.message });
-    }
-  }
-});
-
-// 代理重建 Space（使用正确的 factory_reboot 字段）
-app.post('/api/proxy/rebuild/:repoId(*)', authenticateToken, async (req, res) => {
-  try {
-    const { repoId } = req.params;
-    console.log(`尝试重建 Space: ${repoId}`);
-    const spaces = spaceCache.getAll();
-    const space = spaces.find(s => s.repo_id === repoId);
-    if (!space || !space.token) {
-      console.error(`Space ${repoId} 未找到或无 Token 配置`);
-      return res.status(404).json({ error: 'Space 未找到或无 Token 配置' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${space.token}`, 'Content-Type': 'application/json' };
-    const payload = { factory_reboot: true }; // 修正为 factory_reboot，确保符合 API 规范
-    console.log(`发送重建请求到 HuggingFace API，repoId: ${repoId}, payload: ${JSON.stringify(payload)}`);
-    const response = await axios.post(`https://huggingface.co/api/spaces/${repoId}/restart`, payload, { headers });
-    console.log(`重建 Space ${repoId} 请求完成，状态码: ${response.status}, 响应数据: ${JSON.stringify(response.data || {})}`);
-    res.json({ success: true, message: `Space ${repoId} 重建请求已发送` });
-  } catch (error) {
-    console.error(`重建 Space 失败 (${req.params.repoId}):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data || '无额外数据');
-      res.status(error.response.status || 500).json({ error: '重建 Space 失败', details: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ error: '重建 Space 失败', details: error.message });
-    }
-  }
-});
-
-// 外部 API：获取用户信息
-app.get('/api/v1/info/:token', async (req, res) => {
-  try {
-    const { token } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' };
-    const response = await axios.get('https://huggingface.co/api/whoami-v2', { headers });
-    const username = response.data.name;
-    const spacesResponse = await axios.get(`https://huggingface.co/api/spaces?author=${username}&full=username`, { headers });
-    res.json({ spaces: spacesResponse.data.map(s => s.id), total: spacesResponse.data.length });
-  } catch (error) {
-    console.error('外部 API 获取用户信息失败:', error.message);
-    if (error.response) {
-      res.status(error.response.status || 500).json({ error: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ error: error.message });
-    }
-  }
-});
-
-// 外部 API：获取 Space 信息
-app.get('/api/v1/info/:token/:spaceId(*)', async (req, res) => {
-  try {
-    const { token, spaceId } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' };
-    const response = await axios.get(`https://huggingface.co/api/spaces/${spaceId}`, { headers });
-    res.json(response.data);
-  } catch (error) {
-    console.error(`外部 API 获取 Space 信息失败 (${req.params.spaceId}):`, error.message);
-    if (error.response) {
-      res.status(error.response.status || 500).json({ error: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ error: error.message });
-    }
-  }
-});
-
-// 外部 API：重启 Space
-app.post('/api/v1/action/:token/:spaceId(*)/restart', async (req, res) => {
-  try {
-    const { token, spaceId } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' };
-    const payload = {}; // 普通重启
-    console.log(`外部 API 发送重启请求，spaceId: ${spaceId}`);
-    const response = await axios.post(`https://huggingface.co/api/spaces/${spaceId}/restart`, payload, { headers });
-    console.log(`外部 API 重启 Space ${spaceId} 请求完成，状态码: ${response.status}, 响应数据: ${JSON.stringify(response.data || {})}`);
-    res.json({ success: true, message: `Space ${spaceId} 重启成功` });
-  } catch (error) {
-    console.error(`重启 Space 失败 (外部 API):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data || '无额外数据');
-      res.status(error.response.status || 500).json({ success: false, error: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ success: false, error: error.message });
-    }
-  }
-});
-
-// 外部 API：重建 Space（使用 factory_reboot）
-app.post('/api/v1/action/:token/:spaceId(*)/rebuild', async (req, res) => {
-  try {
-    const { token, spaceId } = req.params;
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== process.env.API_KEY) {
-      return res.status(401).json({ error: '无效的 API 密钥' });
-    }
-
-    const headers = { 'Authorization': `Bearer ${token}`, 'Content-Type': 'application/json' };
-    const payload = { factory_reboot: true }; // 修正为 factory_reboot
-    console.log(`外部 API 发送重建请求，spaceId: ${spaceId}, payload: ${JSON.stringify(payload)}`);
-    const response = await axios.post(`https://huggingface.co/api/spaces/${spaceId}/restart`, payload, { headers });
-    console.log(`外部 API 重建 Space ${spaceId} 请求完成，状态码: ${response.status}, 响应数据: ${JSON.stringify(response.data || {})}`);
-    res.json({ success: true, message: `Space ${spaceId} 重建成功` });
-  } catch (error) {
-    console.error(`重建 Space 失败 (外部 API):`, error.message);
-    if (error.response) {
-      console.error(`状态码: ${error.response.status}, 响应数据:`, error.response.data || '无额外数据');
-      res.status(error.response.status || 500).json({ success: false, error: error.response.data?.message || error.message });
-    } else {
-      res.status(500).json({ success: false, error: error.message });
-    }
-  }
-});
-
-// 启动服务器
-app.listen(port, () => {
-  console.log(`服务器启动，监听端口: ${port}`);
 });