安全性修复

KiroProxy/kiro_proxy/core/admin_auth.py

@@ -32,34 +32,16 @@ class AdminAuth:
 
         return secret_key
 
-    def get_admin_password(self) -> str:
-        """获取管理员密码"""
-        # 1. 优先使用环境变量
+    def is_auth_required(self) -> bool:
+        """检查是否需要认证（仅当设置了 ADMIN_PASSWORD 环境变量时才需要）"""
+        return bool(os.getenv("ADMIN_PASSWORD"))
+
+    def get_admin_password(self) -> Optional[str]:
+        """获取管理员密码，未设置环境变量时返回 None"""
         env_password = os.getenv("ADMIN_PASSWORD")
         if env_password:
-            logger.info("使用环境变量中的管理员密码")
             return env_password
-
-        # 2. 从配置文件获取
-        admin_config = load_admin_config()
-        stored_password = admin_config.get("password")
-
-        if stored_password:
-            logger.info("使用配置文件中的管理员密码")
-            return stored_password
-
-        # 3. 生成随机密码
-        random_password = secrets.token_urlsafe(12)
-        admin_config["password"] = random_password
-        save_admin_config(admin_config)
-
-        logger.warning("=" * 60)
-        logger.warning("🔐 管理员密码已自动生成")
-        logger.warning(f"密码: {random_password}")
-        logger.warning("请妥善保存此密码，或设置环境变量 ADMIN_PASSWORD")
-        logger.warning("=" * 60)
-
-        return random_password
+        return None
 
     def hash_password(self, password: str) -> str:
         """哈希密码"""
@@ -80,6 +62,8 @@ class AdminAuth:
     def authenticate(self, password: str) -> bool:
         """验证管理员密码"""
         admin_password = self.get_admin_password()
+        if admin_password is None:
+            return True
         return hmac.compare_digest(password, admin_password)
 
     def create_session(self, user_id: str = "admin") -> str:
@@ -186,6 +170,11 @@ def revoke_admin_session(session_id: str) -> bool:
     """撤销管理员会话"""
     return get_admin_auth().revoke_session(session_id)
 
-def get_admin_password() -> str:
+def get_admin_password() -> Optional[str]:
     """获取管理员密码"""
-    return get_admin_auth().get_admin_password()
+    return get_admin_auth().get_admin_password()
+
+
+def is_auth_required() -> bool:
+    """检查是否需要认证"""
+    return get_admin_auth().is_auth_required()

KiroProxy/kiro_proxy/core/auth_middleware.py

@@ -1,12 +1,74 @@
 """管理员认证中间件和装饰器"""
+import os
+import hmac
 from functools import wraps
 from typing import Optional
 from fastapi import HTTPException, Request, Depends
 from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
-from .admin_auth import get_admin_auth, validate_admin_session
+from .admin_auth import get_admin_auth, validate_admin_session, is_auth_required
 
 security = HTTPBearer(auto_error=False)
 
+
+def get_api_key() -> Optional[str]:
+    """获取 API 密钥环境变量"""
+    return os.getenv("API_KEY")
+
+
+def is_api_auth_required() -> bool:
+    """检查是否需要 API 认证"""
+    return bool(get_api_key())
+
+
+def verify_api_key(provided_key: str) -> bool:
+    """验证 API 密钥"""
+    expected_key = get_api_key()
+    if not expected_key:
+        return True
+    return hmac.compare_digest(provided_key, expected_key)
+
+
+def extract_api_key_from_request(request: Request) -> Optional[str]:
+    """从请求中提取 API 密钥"""
+    auth_header = request.headers.get("Authorization")
+    if auth_header:
+        if auth_header.startswith("Bearer "):
+            return auth_header[7:]
+        return auth_header
+    
+    api_key = request.headers.get("X-API-Key")
+    if api_key:
+        return api_key
+    
+    api_key = request.query_params.get("api_key")
+    if api_key:
+        return api_key
+    
+    return None
+
+
+async def require_api_auth(request: Request) -> bool:
+    """要求 API 认证的依赖项"""
+    if not is_api_auth_required():
+        return True
+    
+    api_key = extract_api_key_from_request(request)
+    if not api_key:
+        raise HTTPException(
+            status_code=401,
+            detail="Missing API key. Please provide via Authorization header (Bearer <key>), X-API-Key header, or api_key query parameter.",
+            headers={"WWW-Authenticate": "Bearer"}
+        )
+    
+    if not verify_api_key(api_key):
+        raise HTTPException(
+            status_code=401,
+            detail="Invalid API key",
+            headers={"WWW-Authenticate": "Bearer"}
+        )
+    
+    return True
+
 class AdminAuthMiddleware:
     """管理员认证中间件"""
 
@@ -34,6 +96,9 @@ class AdminAuthMiddleware:
 
     async def authenticate_request(self, request: Request) -> bool:
         """验证请求是否已认证"""
+        if not is_auth_required():
+            return True
+        
         session_id = self.get_session_from_request(request)
         if not session_id:
             return False
@@ -56,8 +121,11 @@ def get_auth_middleware() -> AdminAuthMiddleware:
 async def require_admin_auth(
     request: Request,
     credentials: Optional[HTTPAuthorizationCredentials] = Depends(security)
-) -> str:
+) -> Optional[str]:
     """要求管理员认证的依赖项"""
+    if not is_auth_required():
+        return "no_auth_required"
+    
     middleware = get_auth_middleware()
 
     # 检查认证

KiroProxy/kiro_proxy/core/database.py

@@ -1,14 +1,17 @@
-"""数据库抽象层 - 支持文件系统和远程SQL数据库"""
+"""数据库抽象层 - 支持文件系统和远程SQL数据库，以及双向同步"""
 import os
 import json
 import asyncio
+import hashlib
 from abc import ABC, abstractmethod
-from typing import List, Dict, Any, Optional
+from typing import List, Dict, Any, Optional, Callable
 from pathlib import Path
 import logging
+import time
 
 logger = logging.getLogger(__name__)
 
+
 class DatabaseInterface(ABC):
     """数据库接口抽象类"""
 
@@ -47,6 +50,11 @@ class DatabaseInterface(ABC):
         """初始化数据库"""
         pass
 
+    @abstractmethod
+    async def get_config_hash(self) -> str:
+        """获取配置哈希值用于变更检测"""
+        pass
+
 
 class FileSystemDatabase(DatabaseInterface):
     """文件系统数据库实现（原有逻辑）"""
@@ -127,6 +135,16 @@ class FileSystemDatabase(DatabaseInterface):
             logger.error(f"加载管理员配置失败: {e}")
         return {}
 
+    async def get_config_hash(self) -> str:
+        """获取配置文件的哈希值"""
+        try:
+            if self.config_file.exists():
+                content = self.config_file.read_bytes()
+                return hashlib.md5(content).hexdigest()
+        except Exception as e:
+            logger.error(f"获取配置哈希失败: {e}")
+        return ""
+
 
 class SQLDatabase(DatabaseInterface):
     """SQL数据库实现"""
@@ -370,6 +388,48 @@ class SQLDatabase(DatabaseInterface):
         config = await self._get_config_value("kiro_admin", "main")
         return config or {}
 
+    async def get_config_hash(self) -> str:
+        """获取配置的哈希值"""
+        try:
+            config = await self.load_config()
+            content = json.dumps(config, sort_keys=True)
+            return hashlib.md5(content.encode()).hexdigest()
+        except Exception as e:
+            logger.error(f"获取配置哈希失败: {e}")
+            return ""
+
+
+def _get_account_key(account: Dict[str, Any]) -> str:
+    """获取账号唯一标识用于去重"""
+    if account.get("email"):
+        return f"email:{account['email']}"
+    elif account.get("token"):
+        return f"token:{account['token'][:32]}"
+    elif account.get("id"):
+        return f"id:{account['id']}"
+    return f"hash:{hash(json.dumps(account, sort_keys=True))}"
+
+
+def _merge_accounts(local_accounts: List[Dict[str, Any]], remote_accounts: List[Dict[str, Any]]) -> List[Dict[str, Any]]:
+    """合并本地和远程账号并去重，远程优先"""
+    seen_keys = set()
+    merged = []
+    
+    for account in remote_accounts:
+        key = _get_account_key(account)
+        if key not in seen_keys:
+            seen_keys.add(key)
+            merged.append(account)
+    
+    for account in local_accounts:
+        key = _get_account_key(account)
+        if key not in seen_keys:
+            seen_keys.add(key)
+            merged.append(account)
+            logger.info(f"从本地合并账号: {key}")
+    
+    return merged
+
 
 # 数据库工厂
 def create_database() -> DatabaseInterface:
@@ -387,11 +447,307 @@ def create_database() -> DatabaseInterface:
 
 # 全局数据库实例
 _db_instance: Optional[DatabaseInterface] = None
+_merge_completed: bool = False
 
 async def get_database() -> DatabaseInterface:
-    """获取数据库实例（单例模式）"""
-    global _db_instance
+    """获取数据库实例（单例模式），首次启动时自动合并本地账号到远程"""
+    global _db_instance, _merge_completed
+    
     if _db_instance is None:
         _db_instance = create_database()
         await _db_instance.initialize()
-    return _db_instance
+        
+        database_url = os.getenv("DATABASE_URL")
+        if database_url and not _merge_completed:
+            await _auto_merge_local_to_remote()
+            _merge_completed = True
+    
+    return _db_instance
+
+
+async def _auto_merge_local_to_remote():
+    """自动将本地账号合并到远程数据库"""
+    global _db_instance
+    
+    try:
+        from ..config import DATA_DIR
+        local_db = FileSystemDatabase(DATA_DIR)
+        await local_db.initialize()
+        
+        local_accounts = await local_db.load_accounts()
+        if not local_accounts:
+            logger.info("本地无账号，跳过合并")
+            return
+        
+        remote_accounts = await _db_instance.load_accounts()
+        
+        merged = _merge_accounts(local_accounts, remote_accounts)
+        
+        if len(merged) > len(remote_accounts):
+            await _db_instance.save_accounts(merged)
+            new_count = len(merged) - len(remote_accounts)
+            logger.info(f"已将 {new_count} 个本地账号合并到远程数据库，共 {len(merged)} 个账号")
+        else:
+            logger.info(f"所有本地账号已存在于远程，无需合并")
+            
+    except Exception as e:
+        logger.error(f"自动合并账号失败: {e}")
+
+
+class SyncManager:
+    """���向数据同步管理器"""
+    
+    def __init__(self, local_db: FileSystemDatabase, remote_db: SQLDatabase):
+        self.local_db = local_db
+        self.remote_db = remote_db
+        self._local_hash: str = ""
+        self._remote_hash: str = ""
+        self._sync_lock = asyncio.Lock()
+        self._running = False
+        self._sync_task: Optional[asyncio.Task] = None
+        self._sync_interval = int(os.getenv("SYNC_INTERVAL", "30"))
+        self._callbacks: List[Callable] = []
+    
+    def register_callback(self, callback: Callable):
+        """注册同步完成回调"""
+        self._callbacks.append(callback)
+    
+    async def _notify_callbacks(self):
+        """通知所有回调"""
+        for callback in self._callbacks:
+            try:
+                if asyncio.iscoroutinefunction(callback):
+                    await callback()
+                else:
+                    callback()
+            except Exception as e:
+                logger.error(f"同步回调执行失败: {e}")
+    
+    async def start(self):
+        """启动同步"""
+        if self._running:
+            return
+        
+        self._running = True
+        await self._initial_sync()
+        
+        self._sync_task = asyncio.create_task(self._sync_loop())
+        logger.info(f"双向同步已启动，间隔 {self._sync_interval} 秒")
+    
+    async def stop(self):
+        """停止同步"""
+        self._running = False
+        if self._sync_task:
+            self._sync_task.cancel()
+            try:
+                await self._sync_task
+            except asyncio.CancelledError:
+                pass
+        logger.info("双向同步已停止")
+    
+    async def _initial_sync(self):
+        """初始同步：合并两端数据"""
+        async with self._sync_lock:
+            try:
+                local_accounts = await self.local_db.load_accounts()
+                remote_accounts = await self.remote_db.load_accounts()
+                
+                merged = _merge_accounts_bidirectional(local_accounts, remote_accounts)
+                
+                await self.local_db.save_accounts(merged)
+                await self.remote_db.save_accounts(merged)
+                
+                self._local_hash = await self.local_db.get_config_hash()
+                self._remote_hash = await self.remote_db.get_config_hash()
+                
+                logger.info(f"初始同步完成，共 {len(merged)} 个账号")
+                await self._notify_callbacks()
+                
+            except Exception as e:
+                logger.error(f"初始同步失败: {e}")
+    
+    async def _sync_loop(self):
+        """同步循环"""
+        while self._running:
+            try:
+                await asyncio.sleep(self._sync_interval)
+                await self._check_and_sync()
+            except asyncio.CancelledError:
+                break
+            except Exception as e:
+                logger.error(f"同步循环异常: {e}")
+    
+    async def _check_and_sync(self):
+        """检查并同步变更"""
+        async with self._sync_lock:
+            try:
+                current_local_hash = await self.local_db.get_config_hash()
+                current_remote_hash = await self.remote_db.get_config_hash()
+                
+                local_changed = current_local_hash != self._local_hash
+                remote_changed = current_remote_hash != self._remote_hash
+                
+                if not local_changed and not remote_changed:
+                    return
+                
+                local_accounts = await self.local_db.load_accounts()
+                remote_accounts = await self.remote_db.load_accounts()
+                
+                if local_changed and remote_changed:
+                    logger.info("检测到本地和远程都有变更，执行合并")
+                    merged = _merge_accounts_bidirectional(local_accounts, remote_accounts)
+                    await self.local_db.save_accounts(merged)
+                    await self.remote_db.save_accounts(merged)
+                    
+                elif local_changed:
+                    logger.info("检测到本地变更，同步到远程")
+                    merged = _merge_accounts_bidirectional(local_accounts, remote_accounts)
+                    await self.remote_db.save_accounts(merged)
+                    await self.local_db.save_accounts(merged)
+                    
+                elif remote_changed:
+                    logger.info("检测到远程变更，同步到本地")
+                    merged = _merge_accounts_bidirectional(local_accounts, remote_accounts)
+                    await self.local_db.save_accounts(merged)
+                    await self.remote_db.save_accounts(merged)
+                
+                self._local_hash = await self.local_db.get_config_hash()
+                self._remote_hash = await self.remote_db.get_config_hash()
+                
+                await self._notify_callbacks()
+                
+            except Exception as e:
+                logger.error(f"同步检查失败: {e}")
+    
+    async def force_sync(self, source: str = "merge"):
+        """强制同步
+        
+        Args:
+            source: 同步源 - "local" (本地覆盖远程), "remote" (远程覆盖本地), "merge" (合并)
+        """
+        async with self._sync_lock:
+            try:
+                if source == "local":
+                    accounts = await self.local_db.load_accounts()
+                    await self.remote_db.save_accounts(accounts)
+                    logger.info(f"强制同步：本地 -> 远程，{len(accounts)} 个账号")
+                    
+                elif source == "remote":
+                    accounts = await self.remote_db.load_accounts()
+                    await self.local_db.save_accounts(accounts)
+                    logger.info(f"强制同步：远程 -> 本地，{len(accounts)} 个账号")
+                    
+                else:
+                    local_accounts = await self.local_db.load_accounts()
+                    remote_accounts = await self.remote_db.load_accounts()
+                    merged = _merge_accounts_bidirectional(local_accounts, remote_accounts)
+                    await self.local_db.save_accounts(merged)
+                    await self.remote_db.save_accounts(merged)
+                    logger.info(f"强制同步：双向合并，{len(merged)} 个账号")
+                
+                self._local_hash = await self.local_db.get_config_hash()
+                self._remote_hash = await self.remote_db.get_config_hash()
+                
+                await self._notify_callbacks()
+                return True
+                
+            except Exception as e:
+                logger.error(f"强制同步失败: {e}")
+                return False
+    
+    async def get_sync_status(self) -> Dict[str, Any]:
+        """获取同步状态"""
+        try:
+            local_accounts = await self.local_db.load_accounts()
+            remote_accounts = await self.remote_db.load_accounts()
+            
+            current_local_hash = await self.local_db.get_config_hash()
+            current_remote_hash = await self.remote_db.get_config_hash()
+            
+            return {
+                "enabled": True,
+                "running": self._running,
+                "sync_interval": self._sync_interval,
+                "local_accounts": len(local_accounts),
+                "remote_accounts": len(remote_accounts),
+                "local_changed": current_local_hash != self._local_hash,
+                "remote_changed": current_remote_hash != self._remote_hash,
+                "in_sync": current_local_hash == current_remote_hash,
+            }
+        except Exception as e:
+            return {
+                "enabled": True,
+                "running": self._running,
+                "error": str(e),
+            }
+
+
+def _merge_accounts_bidirectional(
+    local_accounts: List[Dict[str, Any]], 
+    remote_accounts: List[Dict[str, Any]]
+) -> List[Dict[str, Any]]:
+    """双向合并账号，基于更新时间或合并策略"""
+    accounts_map: Dict[str, Dict[str, Any]] = {}
+    
+    for account in local_accounts:
+        key = _get_account_key(account)
+        account["_source"] = "local"
+        accounts_map[key] = account
+    
+    for account in remote_accounts:
+        key = _get_account_key(account)
+        if key in accounts_map:
+            local_acc = accounts_map[key]
+            local_updated = local_acc.get("updated_at", 0)
+            remote_updated = account.get("updated_at", 0)
+            
+            if remote_updated > local_updated:
+                account["_source"] = "remote"
+                accounts_map[key] = account
+        else:
+            account["_source"] = "remote"
+            accounts_map[key] = account
+    
+    merged = []
+    for account in accounts_map.values():
+        clean_account = {k: v for k, v in account.items() if not k.startswith("_")}
+        merged.append(clean_account)
+    
+    return merged
+
+
+_sync_manager: Optional[SyncManager] = None
+
+
+async def get_sync_manager() -> Optional[SyncManager]:
+    """获取同步管理器实例"""
+    return _sync_manager
+
+
+async def start_sync_manager():
+    """启动同步管理器"""
+    global _sync_manager
+    
+    database_url = os.getenv("DATABASE_URL")
+    if not database_url:
+        logger.info("未配置 DATABASE_URL，跳过同步管理器")
+        return
+    
+    from ..config import DATA_DIR
+    
+    local_db = FileSystemDatabase(DATA_DIR)
+    await local_db.initialize()
+    
+    remote_db = SQLDatabase(database_url)
+    await remote_db.initialize()
+    
+    _sync_manager = SyncManager(local_db, remote_db)
+    await _sync_manager.start()
+
+
+async def stop_sync_manager():
+    """停止同步管理器"""
+    global _sync_manager
+    if _sync_manager:
+        await _sync_manager.stop()
+        _sync_manager = None

KiroProxy/kiro_proxy/main.py

@@ -7,6 +7,7 @@ from fastapi.middleware.cors import CORSMiddleware
 
 from . import __version__
 from .core import get_quota_scheduler, get_refresh_manager, scheduler, state
+from .core.database import start_sync_manager, stop_sync_manager
 from .routers import admin, protocols, web
 
 
@@ -54,6 +55,8 @@ async def _background_initial_token_check(refresh_manager, accounts):
 @asynccontextmanager
 async def lifespan(app: FastAPI):
     await scheduler.start()
+    
+    await start_sync_manager()
 
     refresh_manager = get_refresh_manager()
     refresh_manager.set_accounts_getter(lambda: state.accounts)
@@ -76,6 +79,7 @@ async def lifespan(app: FastAPI):
 
     await refresh_manager.stop_auto_refresh()
     await quota_scheduler.stop()
+    await stop_sync_manager()
     await scheduler.stop()
 
 

KiroProxy/kiro_proxy/routers/admin.py

@@ -3,7 +3,7 @@ from fastapi.responses import JSONResponse
 
 from ..core import get_history_config, get_rate_limiter, update_history_config
 from ..core.auth_middleware import require_admin_auth, optional_admin_auth
-from ..core.admin_auth import get_admin_auth, authenticate_admin, create_admin_session, revoke_admin_session
+from ..core.admin_auth import get_admin_auth, authenticate_admin, create_admin_session, revoke_admin_session, is_auth_required
 from ..handlers import admin as admin_handler
 from ..resources import get_resource_path
 
@@ -112,8 +112,10 @@ async def api_admin_sessions(session_id: str = Depends(require_admin_auth)):
 @router.post("/auth/check")
 async def api_admin_auth_check(session_id: str = Depends(optional_admin_auth)):
     """检查认证状态"""
+    auth_required = is_auth_required()
     return {
-        "authenticated": session_id is not None,
+        "auth_required": auth_required,
+        "authenticated": not auth_required or session_id is not None,
         "session_id": session_id
     }
 
@@ -169,12 +171,12 @@ async def api_refresh_all(session_id: str = Depends(require_admin_auth)):
 
 
 @router.get("/accounts/status")
-async def api_accounts_status_enhanced():
+async def api_accounts_status_enhanced(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_accounts_status_enhanced()
 
 
 @router.get("/accounts/summary")
-async def api_accounts_summary():
+async def api_accounts_summary(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_accounts_summary()
 
 
@@ -184,7 +186,7 @@ async def api_refresh_all_quotas(session_id: str = Depends(require_admin_auth)):
 
 
 @router.get("/refresh/progress")
-async def api_refresh_progress():
+async def api_refresh_progress(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_refresh_progress()
 
 
@@ -194,7 +196,7 @@ async def api_refresh_all_with_progress(session_id: str = Depends(require_admin_
 
 
 @router.get("/refresh/config")
-async def api_get_refresh_config():
+async def api_get_refresh_config(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_refresh_config()
 
 
@@ -204,12 +206,12 @@ async def api_update_refresh_config(request: Request, session_id: str = Depends(
 
 
 @router.get("/refresh/status")
-async def api_refresh_status():
+async def api_refresh_status(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_refresh_manager_status()
 
 
 @router.get("/accounts")
-async def api_accounts():
+async def api_accounts(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_accounts()
 
 
@@ -234,167 +236,167 @@ async def api_toggle_account(account_id: str, session_id: str = Depends(require_
 
 
 @router.post("/speedtest")
-async def api_speedtest():
+async def api_speedtest(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.speedtest()
 
 
 @router.get("/accounts/{account_id}/test")
-async def api_test_account_token(account_id: str):
+async def api_test_account_token(account_id: str, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.test_account_token(account_id)
 
 
 @router.get("/token/scan")
-async def api_scan_tokens():
+async def api_scan_tokens(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.scan_tokens()
 
 
 @router.post("/token/add-from-scan")
-async def api_add_from_scan(request: Request):
+async def api_add_from_scan(request: Request, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.add_from_scan(request)
 
 
 @router.get("/config/export")
-async def api_export_config():
+async def api_export_config(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.export_config()
 
 
 @router.post("/config/import")
-async def api_import_config(request: Request):
+async def api_import_config(request: Request, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.import_config(request)
 
 
 @router.post("/token/refresh-check")
-async def api_refresh_check():
+async def api_refresh_check(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.refresh_token_check()
 
 
 @router.post("/accounts/{account_id}/refresh")
-async def api_refresh_account(account_id: str):
+async def api_refresh_account(account_id: str, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.refresh_account_token_with_manager(account_id)
 
 
 @router.post("/accounts/{account_id}/restore")
-async def api_restore_account(account_id: str):
+async def api_restore_account(account_id: str, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.restore_account(account_id)
 
 
 @router.get("/accounts/{account_id}/usage")
-async def api_account_usage(account_id: str):
+async def api_account_usage(account_id: str, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_account_usage_info(account_id)
 
 
 @router.get("/accounts/{account_id}")
-async def api_account_detail(account_id: str):
+async def api_account_detail(account_id: str, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_account_detail(account_id)
 
 
 @router.post("/accounts/{account_id}/refresh-quota")
-async def api_refresh_account_quota(account_id: str):
+async def api_refresh_account_quota(account_id: str, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.refresh_account_quota_with_token(account_id)
 
 
 @router.get("/priority")
-async def api_get_priority_accounts():
+async def api_get_priority_accounts(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_priority_accounts()
 
 
 @router.post("/priority/{account_id}")
-async def api_set_priority_account(account_id: str, request: Request):
+async def api_set_priority_account(account_id: str, request: Request, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.set_priority_account(account_id, request)
 
 
 @router.delete("/priority/{account_id}")
-async def api_remove_priority_account(account_id: str):
+async def api_remove_priority_account(account_id: str, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.remove_priority_account(account_id)
 
 
 @router.put("/priority/reorder")
-async def api_reorder_priority_accounts(request: Request):
+async def api_reorder_priority_accounts(request: Request, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.reorder_priority_accounts(request)
 
 
 @router.get("/quota")
-async def api_quota_status():
+async def api_quota_status(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_quota_status()
 
 
 @router.get("/kiro/login-url")
-async def api_login_url():
+async def api_login_url(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_kiro_login_url()
 
 
 @router.get("/stats/detailed")
-async def api_detailed_stats():
+async def api_detailed_stats(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_detailed_stats()
 
 
 @router.post("/health-check")
-async def api_health_check():
+async def api_health_check(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.run_health_check()
 
 
 @router.get("/browsers")
-async def api_browsers():
+async def api_browsers(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_browsers()
 
 
 @router.post("/kiro/login/start")
-async def api_kiro_login_start(request: Request):
+async def api_kiro_login_start(request: Request, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.start_kiro_login(request)
 
 
 @router.get("/kiro/login/poll")
-async def api_kiro_login_poll():
+async def api_kiro_login_poll(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.poll_kiro_login()
 
 
 @router.post("/kiro/login/cancel")
-async def api_kiro_login_cancel():
+async def api_kiro_login_cancel(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.cancel_kiro_login()
 
 
 @router.get("/kiro/login/status")
-async def api_kiro_login_status():
+async def api_kiro_login_status(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_kiro_login_status()
 
 
 @router.post("/kiro/social/start")
-async def api_social_login_start(request: Request):
+async def api_social_login_start(request: Request, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.start_social_login(request)
 
 
 @router.post("/kiro/social/exchange")
-async def api_social_token_exchange(request: Request):
+async def api_social_token_exchange(request: Request, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.exchange_social_token(request)
 
 
 @router.post("/kiro/social/cancel")
-async def api_social_login_cancel():
+async def api_social_login_cancel(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.cancel_social_login()
 
 
 @router.get("/kiro/social/status")
-async def api_social_login_status():
+async def api_social_login_status(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_social_login_status()
 
 
 @router.post("/protocol/register")
-async def api_register_protocol():
+async def api_register_protocol(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.register_kiro_protocol()
 
 
 @router.post("/protocol/unregister")
-async def api_unregister_protocol():
+async def api_unregister_protocol(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.unregister_kiro_protocol()
 
 
 @router.get("/protocol/status")
-async def api_protocol_status():
+async def api_protocol_status(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_protocol_status()
 
 
 @router.get("/protocol/callback")
-async def api_protocol_callback():
+async def api_protocol_callback(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_callback_result()
 
 
@@ -409,6 +411,7 @@ async def api_flows(
     search: str = None,
     limit: int = 50,
     offset: int = 0,
+    session_id: str = Depends(require_admin_auth),
 ):
     return await admin_handler.get_flows(
         protocol=protocol,
@@ -424,50 +427,50 @@ async def api_flows(
 
 
 @router.get("/flows/stats")
-async def api_flow_stats():
+async def api_flow_stats(session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_flow_stats()
 
 
 @router.get("/flows/{flow_id}")
-async def api_flow_detail(flow_id: str):
+async def api_flow_detail(flow_id: str, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.get_flow_detail(flow_id)
 
 
 @router.post("/flows/{flow_id}/bookmark")
-async def api_bookmark_flow(flow_id: str, request: Request):
+async def api_bookmark_flow(flow_id: str, request: Request, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.bookmark_flow(flow_id, request)
 
 
 @router.post("/flows/{flow_id}/note")
-async def api_add_flow_note(flow_id: str, request: Request):
+async def api_add_flow_note(flow_id: str, request: Request, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.add_flow_note(flow_id, request)
 
 
 @router.post("/flows/{flow_id}/tag")
-async def api_add_flow_tag(flow_id: str, request: Request):
+async def api_add_flow_tag(flow_id: str, request: Request, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.add_flow_tag(flow_id, request)
 
 
 @router.post("/flows/export")
-async def api_export_flows(request: Request):
+async def api_export_flows(request: Request, session_id: str = Depends(require_admin_auth)):
     return await admin_handler.export_flows(request)
 
 
 @router.get("/settings/history")
-async def api_get_history_config():
+async def api_get_history_config(session_id: str = Depends(require_admin_auth)):
     config = get_history_config()
     return config.to_dict()
 
 
 @router.post("/settings/history")
-async def api_update_history_config(request: Request):
+async def api_update_history_config(request: Request, session_id: str = Depends(require_admin_auth)):
     data = await request.json()
     update_history_config(data)
     return {"ok": True, "config": get_history_config().to_dict()}
 
 
 @router.get("/settings/rate-limit")
-async def api_get_rate_limit_config():
+async def api_get_rate_limit_config(session_id: str = Depends(require_admin_auth)):
     limiter = get_rate_limiter()
     return {
         "enabled": limiter.config.enabled,
@@ -479,7 +482,7 @@ async def api_get_rate_limit_config():
 
 
 @router.post("/settings/rate-limit")
-async def api_update_rate_limit_config(request: Request):
+async def api_update_rate_limit_config(request: Request, session_id: str = Depends(require_admin_auth)):
     data = await request.json()
     limiter = get_rate_limiter()
     limiter.update_config(**data)
@@ -524,3 +527,42 @@ async def api_docs_content(doc_id: str):
     content = doc_file.read_text(encoding="utf-8")
     title = DOC_TITLES.get(doc_id, doc_id)
     return {"id": doc_id, "title": title, "content": content}
+
+
+# ==================== 数据同步相关端点 ====================
+
+@router.get("/sync/status")
+async def api_sync_status(session_id: str = Depends(require_admin_auth)):
+    """获取同步状态"""
+    from ..core.database import get_sync_manager
+    
+    sync_manager = await get_sync_manager()
+    if not sync_manager:
+        return {
+            "enabled": False,
+            "message": "未配置 DATABASE_URL，同步未启用"
+        }
+    
+    return await sync_manager.get_sync_status()
+
+
+@router.post("/sync/force")
+async def api_force_sync(request: Request, session_id: str = Depends(require_admin_auth)):
+    """强制同步"""
+    from ..core.database import get_sync_manager
+    
+    sync_manager = await get_sync_manager()
+    if not sync_manager:
+        raise HTTPException(status_code=400, detail="同步未启用")
+    
+    data = await request.json()
+    source = data.get("source", "merge")
+    
+    if source not in ["local", "remote", "merge"]:
+        raise HTTPException(status_code=400, detail="无效的同步源，可选: local, remote, merge")
+    
+    success = await sync_manager.force_sync(source)
+    if success:
+        return {"ok": True, "message": f"同步完成 ({source})"}
+    else:
+        raise HTTPException(status_code=500, detail="同步失败")

KiroProxy/kiro_proxy/routers/protocols.py

@@ -1,11 +1,12 @@
 import uuid
 
 import httpx
-from fastapi import APIRouter, Request
+from fastapi import APIRouter, Request, Depends
 from fastapi.responses import JSONResponse
 
 from ..config import MODELS_URL
 from ..core import state
+from ..core.auth_middleware import require_api_auth
 from ..credential import get_kiro_version
 from ..handlers import anthropic, gemini, openai
 from ..handlers import responses as responses_handler
@@ -14,7 +15,7 @@ router = APIRouter()
 
 
 @router.get("/v1/models")
-async def models():
+async def models(_: bool = Depends(require_api_auth)):
     try:
         account = state.get_available_account()
         if not account:
@@ -71,18 +72,18 @@ async def models():
 
 
 @router.post("/v1/messages")
-async def anthropic_messages(request: Request):
+async def anthropic_messages(request: Request, _: bool = Depends(require_api_auth)):
     print(f"[Main] Received /v1/messages request from {request.client.host}")
     return await anthropic.handle_messages(request)
 
 
 @router.post("/v1/messages/count_tokens")
-async def anthropic_count_tokens(request: Request):
+async def anthropic_count_tokens(request: Request, _: bool = Depends(require_api_auth)):
     return await anthropic.handle_count_tokens(request)
 
 
 @router.post("/v1/complete")
-async def anthropic_complete(request: Request):
+async def anthropic_complete(request: Request, _: bool = Depends(require_api_auth)):
     print(f"[Main] Received /v1/complete request from {request.client.host}")
     return JSONResponse(
         status_code=400,
@@ -96,16 +97,16 @@ async def anthropic_complete(request: Request):
 
 
 @router.post("/v1/chat/completions")
-async def openai_chat(request: Request):
+async def openai_chat(request: Request, _: bool = Depends(require_api_auth)):
     return await openai.handle_chat_completions(request)
 
 
 @router.post("/v1/responses")
-async def openai_responses(request: Request):
+async def openai_responses(request: Request, _: bool = Depends(require_api_auth)):
     return await responses_handler.handle_responses(request)
 
 
 @router.post("/v1beta/models/{model_name}:generateContent")
 @router.post("/v1/models/{model_name}:generateContent")
-async def gemini_generate(model_name: str, request: Request):
+async def gemini_generate(model_name: str, request: Request, _: bool = Depends(require_api_auth)):
     return await gemini.handle_generate_content(model_name, request)

KiroProxy/kiro_proxy/web/html.py

@@ -644,10 +644,62 @@ CSS_UI_COMPONENTS = '''
 .summary-actions { margin-top: 1rem; display: flex; gap: 0.5rem; }
 '''
 
-CSS_STYLES = CSS_BASE + CSS_LAYOUT + CSS_COMPONENTS + CSS_FORMS + CSS_ACCOUNTS + CSS_API + CSS_DOCS + CSS_UI_COMPONENTS
+CSS_AUTH = '''
+/* 登录模态框 */
+.auth-overlay {
+  position: fixed;
+  top: 0;
+  left: 0;
+  right: 0;
+  bottom: 0;
+  background: var(--bg);
+  z-index: 2000;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+}
+.auth-modal {
+  background: var(--card);
+  border: 1px solid var(--border);
+  border-radius: 16px;
+  padding: 2rem;
+  max-width: 400px;
+  width: 90%;
+  text-align: center;
+}
+.auth-modal h2 {
+  margin-bottom: 1rem;
+  background: linear-gradient(135deg, var(--primary), var(--secondary));
+  -webkit-background-clip: text;
+  -webkit-text-fill-color: transparent;
+}
+.auth-modal input {
+  margin: 1rem 0;
+}
+.auth-modal .auth-error {
+  color: var(--error);
+  font-size: 0.875rem;
+  margin-top: 0.5rem;
+}
+'''
+
+CSS_STYLES = CSS_BASE + CSS_LAYOUT + CSS_COMPONENTS + CSS_FORMS + CSS_ACCOUNTS + CSS_API + CSS_DOCS + CSS_UI_COMPONENTS + CSS_AUTH
 
 
 # ==================== HTML 模板 ====================
+# 登录模态框
+HTML_AUTH_MODAL = '''
+<div class="auth-overlay" id="authOverlay" style="display:none">
+  <div class="auth-modal">
+    <h2>🔐 管理员登录</h2>
+    <p style="color:var(--muted);margin-bottom:1rem">请输入管理员密码访问管理面板</p>
+    <input type="password" id="authPassword" placeholder="输入密码" onkeydown="if(event.key==='Enter')adminLogin()">
+    <button onclick="adminLogin()" style="width:100%">登录</button>
+    <div class="auth-error" id="authError"></div>
+  </div>
+</div>
+'''
+
 # 全局进度条容器 - 显示在页面顶部
 HTML_GLOBAL_PROGRESS = '''
 <!-- 全局进度条 - 批量刷新操作进度显示 -->
@@ -1099,7 +1151,7 @@ HTML_SETTINGS = '''
           <span style="background:var(--success);color:white;padding:0.125rem 0.5rem;border-radius:4px;font-size:0.75rem">自动</span>
         </div>
         <p style="font-size:0.875rem;color:var(--muted);margin:0">
-          上下文超限时自动压缩，智能生成摘要保留关键信息
+          上下文超限时默认自动压缩并重试，也可在下方设置为超限直接报错
         </p>
       </div>
       <div style="padding:1rem;background:linear-gradient(135deg,rgba(34,197,94,0.1),rgba(59,130,246,0.1));border-radius:8px">
@@ -1200,14 +1252,14 @@ HTML_SETTINGS = '''
     <div id="rateLimitStats" style="padding:0.75rem;background:var(--bg);border-radius:6px;font-size:0.875rem"></div>
   </div>
 
-  <!-- 历史消息管理面板 - 已隐藏，自动化管理 -->
-  <div class="card" style="display:none">
+  <!-- 历史消息管理面板 -->
+  <div class="card">
     <h3>历史消息管理
       <button class="secondary small" onclick="loadHistoryConfig()">刷新</button>
       <button class="secondary small" onclick="resetHistoryConfig()">还原默认</button>
     </h3>
     <p style="color:var(--muted);font-size:0.875rem;margin-bottom:1rem">
-      自动处理 Kiro API 的输入长度限制，收到超限错误时智能压缩而非强硬截断
+      控制「上下文超限」时的行为：自动压缩重试，或直接报错
     </p>
     
     <div style="padding:1rem;background:linear-gradient(135deg,rgba(34,197,94,0.1),rgba(59,130,246,0.1));border-radius:8px;margin-bottom:1rem">
@@ -1221,6 +1273,11 @@ HTML_SETTINGS = '''
       </p>
     </div>
     
+    <label style="display:flex;align-items:center;gap:0.5rem;margin-bottom:1rem;cursor:pointer">
+      <input type="checkbox" id="historyErrorRetryEnabled" checked onchange="updateHistoryConfig()">
+      <span><strong>超限自动压缩并重试</strong>（关闭则直接报错）</span>
+    </label>
+    
     <div style="display:grid;grid-template-columns:repeat(auto-fit,minmax(200px,1fr));gap:1rem;margin-bottom:1rem">
       <div>
         <label style="display:block;font-size:0.875rem;color:var(--muted);margin-bottom:0.25rem">最大重试次数</label>
@@ -1246,6 +1303,7 @@ HTML_SETTINGS = '''
         2. 收到 CONTENT_LENGTH_EXCEEDS_THRESHOLD 错误时触发压缩<br>
         3. 用 AI 生成早期对话摘要，保留最近 6-20 条消息<br>
         4. 压缩目标: 20K-50K 字符，自动重试<br>
+        5. 关闭“超限自动压缩并重试”后：超限直接报错，不进行压缩/重试<br>
         <br>
         <span style="color:var(--success)">✓ 最大化利用上下文</span> &nbsp;
         <span style="color:var(--success)">✓ 错误触发无需预估</span> &nbsp;
@@ -1256,10 +1314,98 @@ HTML_SETTINGS = '''
 </div>
 '''
 
-HTML_BODY = HTML_GLOBAL_PROGRESS + HTML_HEADER + HTML_HELP + HTML_MONITOR + HTML_ACCOUNTS + HTML_API + HTML_SETTINGS
+HTML_BODY = HTML_AUTH_MODAL + HTML_GLOBAL_PROGRESS + HTML_HEADER + HTML_HELP + HTML_MONITOR + HTML_ACCOUNTS + HTML_API + HTML_SETTINGS
 
 
 # ==================== JavaScript ====================
+JS_AUTH = '''
+// ==================== 认证检查 ====================
+let authToken = localStorage.getItem('admin_session');
+let authRequired = false;
+
+async function checkAuth() {
+  try {
+    const r = await fetch('/api/auth/check', {
+      method: 'POST',
+      headers: authToken ? {'Authorization': 'Bearer ' + authToken} : {}
+    });
+    const d = await r.json();
+    authRequired = d.auth_required;
+    
+    if (d.auth_required && !d.authenticated) {
+      showAuthModal();
+      return false;
+    } else {
+      hideAuthModal();
+      return true;
+    }
+  } catch(e) {
+    console.error('认证检查失败:', e);
+    return true;
+  }
+}
+
+function showAuthModal() {
+  const overlay = $('#authOverlay');
+  if (overlay) {
+    overlay.style.display = 'flex';
+    setTimeout(() => $('#authPassword')?.focus(), 100);
+  }
+}
+
+function hideAuthModal() {
+  const overlay = $('#authOverlay');
+  if (overlay) {
+    overlay.style.display = 'none';
+  }
+}
+
+async function adminLogin() {
+  const password = $('#authPassword').value;
+  const errorEl = $('#authError');
+  
+  if (!password) {
+    errorEl.textContent = '请输入密码';
+    return;
+  }
+  
+  try {
+    const r = await fetch('/api/auth/login', {
+      method: 'POST',
+      headers: {'Content-Type': 'application/json'},
+      body: JSON.stringify({password})
+    });
+    const d = await r.json();
+    
+    if (d.success && d.session_id) {
+      authToken = d.session_id;
+      localStorage.setItem('admin_session', authToken);
+      hideAuthModal();
+      errorEl.textContent = '';
+      $('#authPassword').value = '';
+      Toast.success('登录成功');
+      initializeDefaultTab();
+    } else {
+      errorEl.textContent = d.detail || '密码错误';
+    }
+  } catch(e) {
+    errorEl.textContent = '登录失败: ' + e.message;
+  }
+}
+
+function adminLogout() {
+  localStorage.removeItem('admin_session');
+  authToken = null;
+  if (authRequired) {
+    showAuthModal();
+  }
+  Toast.info('已登出');
+}
+
+// 页面加载时检查认证
+checkAuth();
+'''
+
 JS_UTILS = '''
 const $=s=>document.querySelector(s);
 const $$=s=>document.querySelectorAll(s);
@@ -2251,12 +2397,14 @@ async function exportFlows(){
 
 JS_SETTINGS = '''
 // 设置页面
-// 历史消息管理（简化版，自动管理）
+// 历史消息管理
 
 async function loadHistoryConfig(){
   try{
     const r=await fetch('/api/settings/history');
     const d=await r.json();
+    const strategies=Array.isArray(d.strategies)?d.strategies:[];
+    $('#historyErrorRetryEnabled').checked=strategies.includes('error_retry');
     $('#maxRetries').value=d.max_retries||3;
     $('#summaryCacheMaxAge').value=d.summary_cache_max_age_seconds||300;
     $('#addWarningHeader').checked=d.add_warning_header!==false;
@@ -2264,8 +2412,10 @@ async function loadHistoryConfig(){
 }
 
 async function updateHistoryConfig(){
+  const strategies=[];
+  if($('#historyErrorRetryEnabled').checked) strategies.push('error_retry');
   const config={
-    strategies:['error_retry'],  // 固定使用错误重试策略
+    strategies,
     max_retries:parseInt($('#maxRetries').value)||3,
     summary_cache_enabled:true,
     summary_cache_max_age_seconds:parseInt($('#summaryCacheMaxAge').value)||300,
@@ -3799,7 +3949,7 @@ async function pollRefreshProgress() {
 }
 '''
 
-JS_SCRIPTS = JS_UTILS + JS_TABS + JS_STATUS + JS_DOCS + JS_STATS + JS_LOGS + JS_ACCOUNTS + JS_LOGIN + JS_FLOWS + JS_SETTINGS + JS_UI_COMPONENTS
+JS_SCRIPTS = JS_UTILS + JS_TABS + JS_STATUS + JS_DOCS + JS_STATS + JS_LOGS + JS_ACCOUNTS + JS_LOGIN + JS_FLOWS + JS_SETTINGS + JS_UI_COMPONENTS + JS_AUTH
 
 
 # ==================== 组装最终 HTML ====================

run.bat

@@ -4,6 +4,14 @@ echo ========================================
 echo   启动 KiroProxy 服务...
 echo ========================================
 
+:: 设置数据库连接 (可选，留空则使用本地存储)
+:: 格式: postgresql://user:password@host:port/dbname
+set DATABASE_URL=
+
+:: 设置管理员密码 (可选，留空则不需要登录)
+:: 设置后访问管理面板需要输入密码
+set ADMIN_PASSWORD=
+
 cd KiroProxy
 
 echo [1/3] 正在启动服务...