fix: create_user 默认 role=owner(而非 member)

2026-06-07 23:27:52 +08:00
parent ce903ac58e
commit 30acd6af54
2 changed files with 42 additions and 30 deletions
--- a/scripts/_smoke_test.py
+++ b/scripts/_smoke_test.py
@@ -1,10 +1,10 @@
-import os, paramiko, time
+import os, paramiko
 PW = os.environ["REMOTE_PASS"]
 c = paramiko.SSHClient()
 c.set_missing_host_key_policy(paramiko.AutoAddPolicy())
 c.connect("207.57.129.228", port=19717, username="root", password=PW, timeout=15, allow_agent=False, look_for_keys=False)

-def run(cmd, t=60):
+def run(cmd, t=15):
    si, so, se = c.exec_command(cmd, timeout=t)
    out = so.read().decode("utf-8", "replace")
    err = se.read().decode("utf-8", "replace")
@@ -15,34 +15,46 @@ def run(cmd, t=60):
    print(f"  rc={rc}")
    return out

-run("cd /srv/news && sudo -u news git pull --rebase 2>&1 | tail -3")
-# 只重建 api(代码变更)
-run("cd /srv/news && sg docker -c 'docker compose up -d --force-recreate --no-deps --build api' 2>&1 | tail -5", t=120)
-time.sleep(8)
+# 1) 看 users
+run("cd /srv/news && sg docker -c \"docker compose exec -T postgres psql -U news -d news -c 'SELECT id, username, role, length(password_hash) AS pwlen, created_at FROM users;'\" 2>&1 | tail -10")

-# 测试登录
-print("\n=== 测登录 ===")
-owner_pw = run("cat /root/.owner_pass").strip()
-login_cmd = f"curl -s -X POST http://localhost/api/v1/auth/login -H 'Content-Type: application/json' -d '{{\"username\":\"owner\",\"password\":\"{owner_pw}\"}}'"
-out = run(login_cmd)
-import json
+# 2) 试 owner_pass 文件
+run("echo '---owner_pass file---'; cat /root/.owner_pass; echo")
+
+# 3) 重新生成 owner 密码
+new_pw = "owner_pass_2026"
+print(f"\n=== 重设 owner 密码为: {new_pw} ===")
+run(f"cd /srv/news && sg docker -c \"docker compose exec -T api python -m app.scripts.create_user --username owner --password {new_pw}\" 2>&1 | tail -10")
+
+# 4) 重试登录
+import urllib.request, json
+req = urllib.request.Request(
+    "http://localhost/api/v1/auth/login",
+    data=json.dumps({"username": "owner", "password": new_pw}).encode(),
+    headers={"Content-Type": "application/json"},
+)
 try:
-    data = json.loads(out)
-    token = data.get("access_token", "")
-    if token:
-        print(f"\n[OK] 登录成功,token 前 40: {token[:40]}...")
-        # 测拉 articles
-        art = run(f"curl -s -H 'Authorization: Bearer {token}' 'http://localhost/api/v1/articles?limit=3'")
-        try:
-            ad = json.loads(art)
-            print(f"  articles 数: {len(ad.get('items', []))}")
-        except Exception as e:
-            print(f"  parse err: {e}")
-            print(f"  raw: {art[:200]}")
-    else:
-        print(f"\n[FAIL] 登录失败,响应: {out[:300]}")
-        # 看 api 日志
-        log_out = run("cd /srv/news && sg docker -c 'docker compose logs --tail=30 api' 2>&1 | tail -20")
+    resp = urllib.request.urlopen(req, timeout=10)
+    data = json.loads(resp.read())
+    print(f"\n=== 登录成功! token 前 40: {data['access_token'][:40]}... ===")
+    print(f"  expires_in: {data['expires_in']}")
+    # 试拉 articles
+    req2 = urllib.request.Request(
+        "http://localhost/api/v1/articles?limit=3",
+        headers={"Authorization": f"Bearer {data['access_token']}"},
+    )
+    resp2 = urllib.request.urlopen(req2, timeout=10)
+    ad = json.loads(resp2.read())
+    print(f"  articles: {len(ad.get('items', []))} 条")
+    if ad.get("items"):
+        a = ad["items"][0]
+        print(f"  sample: id={a['id']} src={a['source']['name']} status={a['translation_status']}")
+        print(f"    title: {a['title'][:60]}")
+        if a.get("title_zh"):
+            print(f"    title_zh: {a['title_zh'][:60]}")
+except urllib.error.HTTPError as e:
+    print(f"\n[FAIL] {e.code} {e.reason}")
+    print(e.read().decode())
 except Exception as e:
-    print(f"parse err: {e}\n  raw: {out[:300]}")
+    print(f"\n[ERR] {e}")
 c.close()