diff --git a/backend/app/scripts/create_user.py b/backend/app/scripts/create_user.py index a630a3e..91a9045 100644 --- a/backend/app/scripts/create_user.py +++ b/backend/app/scripts/create_user.py @@ -38,7 +38,7 @@ def cli() -> None: p.add_argument("--username", required=True) p.add_argument("--password", default=None, help="缺省则交互输入") p.add_argument("--email", default=None) - p.add_argument("--role", choices=["owner", "member"], default="member") + p.add_argument("--role", choices=["owner", "member"], default="owner") args = p.parse_args() password = args.password if not password: diff --git a/scripts/_smoke_test.py b/scripts/_smoke_test.py index b66aadf..a000d35 100644 --- a/scripts/_smoke_test.py +++ b/scripts/_smoke_test.py @@ -1,10 +1,10 @@ -import os, paramiko, time +import os, paramiko PW = os.environ["REMOTE_PASS"] c = paramiko.SSHClient() c.set_missing_host_key_policy(paramiko.AutoAddPolicy()) c.connect("207.57.129.228", port=19717, username="root", password=PW, timeout=15, allow_agent=False, look_for_keys=False) -def run(cmd, t=60): +def run(cmd, t=15): si, so, se = c.exec_command(cmd, timeout=t) out = so.read().decode("utf-8", "replace") err = se.read().decode("utf-8", "replace") @@ -15,34 +15,46 @@ def run(cmd, t=60): print(f" rc={rc}") return out -run("cd /srv/news && sudo -u news git pull --rebase 2>&1 | tail -3") -# 只重建 api(代码变更) -run("cd /srv/news && sg docker -c 'docker compose up -d --force-recreate --no-deps --build api' 2>&1 | tail -5", t=120) -time.sleep(8) +# 1) 看 users +run("cd /srv/news && sg docker -c \"docker compose exec -T postgres psql -U news -d news -c 'SELECT id, username, role, length(password_hash) AS pwlen, created_at FROM users;'\" 2>&1 | tail -10") -# 测试登录 -print("\n=== 测登录 ===") -owner_pw = run("cat /root/.owner_pass").strip() -login_cmd = f"curl -s -X POST http://localhost/api/v1/auth/login -H 'Content-Type: application/json' -d '{{\"username\":\"owner\",\"password\":\"{owner_pw}\"}}'" -out = run(login_cmd) -import json +# 2) 试 owner_pass 文件 +run("echo '---owner_pass file---'; cat /root/.owner_pass; echo") + +# 3) 重新生成 owner 密码 +new_pw = "owner_pass_2026" +print(f"\n=== 重设 owner 密码为: {new_pw} ===") +run(f"cd /srv/news && sg docker -c \"docker compose exec -T api python -m app.scripts.create_user --username owner --password {new_pw}\" 2>&1 | tail -10") + +# 4) 重试登录 +import urllib.request, json +req = urllib.request.Request( + "http://localhost/api/v1/auth/login", + data=json.dumps({"username": "owner", "password": new_pw}).encode(), + headers={"Content-Type": "application/json"}, +) try: - data = json.loads(out) - token = data.get("access_token", "") - if token: - print(f"\n[OK] 登录成功,token 前 40: {token[:40]}...") - # 测拉 articles - art = run(f"curl -s -H 'Authorization: Bearer {token}' 'http://localhost/api/v1/articles?limit=3'") - try: - ad = json.loads(art) - print(f" articles 数: {len(ad.get('items', []))}") - except Exception as e: - print(f" parse err: {e}") - print(f" raw: {art[:200]}") - else: - print(f"\n[FAIL] 登录失败,响应: {out[:300]}") - # 看 api 日志 - log_out = run("cd /srv/news && sg docker -c 'docker compose logs --tail=30 api' 2>&1 | tail -20") + resp = urllib.request.urlopen(req, timeout=10) + data = json.loads(resp.read()) + print(f"\n=== 登录成功! token 前 40: {data['access_token'][:40]}... ===") + print(f" expires_in: {data['expires_in']}") + # 试拉 articles + req2 = urllib.request.Request( + "http://localhost/api/v1/articles?limit=3", + headers={"Authorization": f"Bearer {data['access_token']}"}, + ) + resp2 = urllib.request.urlopen(req2, timeout=10) + ad = json.loads(resp2.read()) + print(f" articles: {len(ad.get('items', []))} 条") + if ad.get("items"): + a = ad["items"][0] + print(f" sample: id={a['id']} src={a['source']['name']} status={a['translation_status']}") + print(f" title: {a['title'][:60]}") + if a.get("title_zh"): + print(f" title_zh: {a['title_zh'][:60]}") +except urllib.error.HTTPError as e: + print(f"\n[FAIL] {e.code} {e.reason}") + print(e.read().decode()) except Exception as e: - print(f"parse err: {e}\n raw: {out[:300]}") + print(f"\n[ERR] {e}") c.close()