Upload 2 files

app.py

@@ -1,10 +1,11 @@
 import os
 import json
 import threading
-from datetime import datetime
+from datetime import datetime, timezone, timedelta
 from flask import Flask, request, jsonify, render_template_string, redirect, url_for, session
 import requests
 from apscheduler.schedulers.background import BackgroundScheduler
+import pytz
 from dotenv import load_dotenv
 
 load_dotenv()
@@ -14,6 +15,7 @@ app.secret_key = os.getenv("SECRET_KEY")
 if not app.secret_key:
     print("警告: SECRET_KEY 环境变量未设置。将使用默认的、不安全的密钥。请在生产环境中设置一个安全的 SECRET_KEY。")
     app.secret_key = "dev_secret_key_for_testing_only_change_me"
+app.permanent_session_lifetime = timedelta(days=30)
 
 LOGIN_URL = "https://api-card.infini.money/user/login"
 PROFILE_URL = "https://api-card.infini.money/user/profile"
@@ -22,7 +24,8 @@ FRONTEND_PASSWORD = os.getenv("PASSWORD")
 ACCOUNTS_JSON = os.getenv("ACCOUNTS")
 
 accounts_data = {}
-scheduler = BackgroundScheduler(daemon=True)
+shanghai_tz = pytz.timezone('Asia/Shanghai')
+scheduler = BackgroundScheduler(daemon=True, timezone=shanghai_tz)
 data_lock = threading.Lock()
 
 def parse_accounts():
@@ -116,7 +119,7 @@ def get_api_card_info(email, token):
         return None, "Token 为空，无法获取卡片信息。"
     
     cookies = {"jwt_token": token}
-    print(f"[{datetime.now()}] 尝试为账户 {email} 获取卡片信息...")
+    print(f"[{datetime.now(shanghai_tz)}] 尝试为账户 {email} 获取卡片信息...")
     try:
         response = requests.get(CARD_INFO_URL, cookies=cookies, timeout=10)
         response.raise_for_status()
@@ -165,22 +168,22 @@ def login_and_store_token(email):
             return
 
     password = account_info["password"]
-    print(f"[{datetime.now()}] 尝试为账户 {email} 登录...")
+    print(f"[{datetime.now(shanghai_tz)}] 尝试为账户 {email} 登录...")
     
     token, error = api_login(email, password)
     
     with data_lock:
-        accounts_data[email]["last_login_attempt"] = datetime.now()
+        accounts_data[email]["last_login_attempt"] = datetime.now(shanghai_tz)
         if token:
             accounts_data[email]["token"] = token
             accounts_data[email]["last_login_success"] = True
             accounts_data[email]["login_error"] = None
-            print(f"[{datetime.now()}] 账户 {email} 登录成功。")
+            print(f"[{datetime.now(shanghai_tz)}] 账户 {email} 登录成功。")
         else:
             accounts_data[email]["token"] = None
             accounts_data[email]["last_login_success"] = False
             accounts_data[email]["login_error"] = error
-            print(f"[{datetime.now()}] 账户 {email} 登录失败: {error}")
+            print(f"[{datetime.now(shanghai_tz)}] 账户 {email} 登录失败: {error}")
 
 def fetch_and_store_profile(email):
     global accounts_data
@@ -191,55 +194,93 @@ def fetch_and_store_profile(email):
             return
         token = account_info.get("token")
 
+    # 以下所有逻辑都应在 fetch_and_store_profile 函数内部
     if not token:
-        print(f"[{datetime.now()}] 账户 {email} 没有有效的 token，跳过获取 Profile。")
+        print(f"[{datetime.now(shanghai_tz)}] 账户 {email} 没有有效的 token，跳过获取 Profile。")
         with data_lock:
-            accounts_data[email]["last_profile_attempt"] = datetime.now()
+            accounts_data[email]["last_profile_attempt"] = datetime.now(shanghai_tz)
             accounts_data[email]["last_profile_success"] = False
             accounts_data[email]["profile_error"] = "无有效 Token"
             accounts_data[email]["profile"] = None
+            # 由于没有token，卡片信息也无法获取
+            accounts_data[email]["last_card_info_attempt"] = datetime.now(shanghai_tz)
+            accounts_data[email]["cards_info"] = None
+            accounts_data[email]["last_card_info_success"] = False
+            accounts_data[email]["card_info_error"] = "因 Token 为空未尝试"
         return
 
-    print(f"[{datetime.now()}] 尝试为账户 {email} 获取 Profile...")
+    print(f"[{datetime.now(shanghai_tz)}] 尝试为账户 {email} 获取 Profile...")
     profile, error = get_api_profile(email, token)
 
+    profile_fetch_successful_this_attempt = False
     with data_lock:
-        accounts_data[email]["last_profile_attempt"] = datetime.now()
+        accounts_data[email]["last_profile_attempt"] = datetime.now(shanghai_tz)
         if profile:
             accounts_data[email]["profile"] = profile
             accounts_data[email]["last_profile_success"] = True
             accounts_data[email]["profile_error"] = None
-            print(f"[{datetime.now()}] 账户 {email} 获取 Profile 成功。")
+            profile_fetch_successful_this_attempt = True
+            print(f"[{datetime.now(shanghai_tz)}] 账户 {email} 获取 Profile 成功。")
         else:
             accounts_data[email]["profile"] = None
             accounts_data[email]["last_profile_success"] = False
             accounts_data[email]["profile_error"] = error
-            print(f"[{datetime.now()}] 账户 {email} 获取 Profile 失败: {error}")
+            print(f"[{datetime.now(shanghai_tz)}] 账户 {email} 获取 Profile 失败: {error}")
             if error and ("token" in error.lower() or "auth" in error.lower() or "登录" in error.lower()):
-                print(f"[{datetime.now()}] 账户 {email} 获取 Profile 失败，疑似 Token 失效，将尝试重新登录。")
-                accounts_data[email]["token"] = None
-            return
-    
-    print(f"[{datetime.now()}] Profile 获取成功，继续为账户 {email} 获取卡片信息...")
-    cards_info, card_error = get_api_card_info(email, token)
-
-    with data_lock:
-        accounts_data[email]["last_card_info_attempt"] = datetime.now()
-        if cards_info:
-            accounts_data[email]["cards_info"] = cards_info
-            accounts_data[email]["last_card_info_success"] = True
-            accounts_data[email]["card_info_error"] = None
-            print(f"[{datetime.now()}] 账户 {email} 获取卡片信息成功。")
-        elif card_error:
+                print(f"[{datetime.now(shanghai_tz)}] 账户 {email} 获取 Profile 失败，疑似 Token 失效，将尝试重新登录。")
+                accounts_data[email]["token"] = None # 清除失效的token
+            # 如果获取 profile 失败，则不应继续获取卡片信息
+            accounts_data[email]["last_card_info_attempt"] = datetime.now(shanghai_tz)
             accounts_data[email]["cards_info"] = None
             accounts_data[email]["last_card_info_success"] = False
-            accounts_data[email]["card_info_error"] = card_error
-            print(f"[{datetime.now()}] 账户 {email} 获取卡片信息失败: {card_error}")
-        else:
-            accounts_data[email]["cards_info"] = None
-            accounts_data[email]["last_card_info_success"] = True
-            accounts_data[email]["card_info_error"] = None
-            print(f"[{datetime.now()}] 账户 {email} 获取卡片信息成功，但无卡片数据。")
+            accounts_data[email]["card_info_error"] = "因 Profile 获取失败未尝试"
+            return # 确保在这里返回，不再执行后续的卡片信息获取
+
+    # 只有当 profile 获取成功时才继续获取卡片信息
+    if profile_fetch_successful_this_attempt:
+        # 重新从 data_lock 内获取 token，因为它可能在上面被清除了
+        current_token_for_cards = None
+        with data_lock:
+            # 确保在访问 token 前，account_info 仍然有效且 email 存在
+            if email in accounts_data:
+                 current_token_for_cards = accounts_data[email].get("token")
+            else: # 理论上不应该发生，但作为防御性编程
+                print(f"[{datetime.now(shanghai_tz)}] 账户 {email} 在获取卡片信息前数据结构异常，跳过。")
+                return
+
+
+        if not current_token_for_cards:
+            print(f"[{datetime.now(shanghai_tz)}] 账户 {email} 在获取卡片信息前发现 Token 已失效或被清除，跳过。")
+            with data_lock:
+                if email in accounts_data: # 再次检查
+                    accounts_data[email]["last_card_info_attempt"] = datetime.now(shanghai_tz)
+                    accounts_data[email]["cards_info"] = None
+                    accounts_data[email]["last_card_info_success"] = False
+                    accounts_data[email]["card_info_error"] = "因 Token 失效未尝试"
+            return
+
+        print(f"[{datetime.now(shanghai_tz)}] Profile 获取成功，继续为账户 {email} 获取卡片信息...")
+        cards_info, card_error = get_api_card_info(email, current_token_for_cards)
+
+        with data_lock:
+            if email in accounts_data: # 再次检查
+                accounts_data[email]["last_card_info_attempt"] = datetime.now(shanghai_tz)
+                if cards_info:
+                    accounts_data[email]["cards_info"] = cards_info
+                    accounts_data[email]["last_card_info_success"] = True
+                    accounts_data[email]["card_info_error"] = None
+                    print(f"[{datetime.now(shanghai_tz)}] 账户 {email} 获取卡片信息成功。")
+                elif card_error: # API 调用有错误
+                    accounts_data[email]["cards_info"] = None
+                    accounts_data[email]["last_card_info_success"] = False
+                    accounts_data[email]["card_info_error"] = card_error
+                    print(f"[{datetime.now(shanghai_tz)}] 账户 {email} 获取卡片信息失败: {card_error}")
+                else: # API 调用成功，但没有卡片数据
+                    accounts_data[email]["cards_info"] = None
+                    accounts_data[email]["last_card_info_success"] = True # 标记为成功，因为API��用是成功的
+                    accounts_data[email]["card_info_error"] = None # 没有错误
+                    print(f"[{datetime.now(shanghai_tz)}] 账户 {email} 获取卡片信息成功，但无卡片数据。")
+    # else 分支（profile_fetch_successful_this_attempt 为 False）已在上面处理 profile 获取失败的情况并返回
 
 def initial_login_all_accounts():
     print("程序启动，开始为所有账户执行初始登录...")
@@ -256,7 +297,7 @@ def initial_login_all_accounts():
     print("所有账户初始登录尝试完成。")
 
 def scheduled_login_all_accounts():
-    print(f"[{datetime.now()}] 定时任务：开始为所有账户重新登录...")
+    print(f"[{datetime.now(shanghai_tz)}] 定时任务：开始为所有账户重新登录...")
     threads = []
     with data_lock:
         emails_to_login = list(accounts_data.keys())
@@ -267,11 +308,11 @@ def scheduled_login_all_accounts():
         thread.start()
     for thread in threads:
         thread.join()
-    print(f"[{datetime.now()}] 定时任务：所有账户重新登录尝试完成。")
+    print(f"[{datetime.now(shanghai_tz)}] 定时任务：所有账户重新登录尝试完成。")
     scheduled_fetch_all_profiles()
 
 def scheduled_fetch_all_profiles():
-    print(f"[{datetime.now()}] 定时任务：开始为所有账户获取 Profile...")
+    print(f"[{datetime.now(shanghai_tz)}] 定时任务：开始为所有账户获取 Profile...")
     threads = []
     with data_lock:
         emails_to_fetch = list(accounts_data.keys())
@@ -282,7 +323,7 @@ def scheduled_fetch_all_profiles():
         thread.start()
     for thread in threads:
         thread.join()
-    print(f"[{datetime.now()}] 定时任务：所有账户获取 Profile 尝试完成。")
+    print(f"[{datetime.now(shanghai_tz)}] 定时任务：所有账户获取 Profile 尝试完成。")
 
 LOGIN_FORM_HTML = """
 <!DOCTYPE html>
@@ -391,6 +432,7 @@ def login_frontend():
         entered_password = request.form.get('password')
         if entered_password == FRONTEND_PASSWORD:
             session['logged_in'] = True
+            session.permanent = True
             return redirect(url_for('dashboard'))
         else:
             error = "密码错误！"
@@ -436,7 +478,7 @@ def manual_refresh_all_data():
     if not ('logged_in' in session and session['logged_in']):
         return jsonify({"error": "未授权访问"}), 401
 
-    print(f"[{datetime.now()}] 手动触发数据刷新...")
+    print(f"[{datetime.now(shanghai_tz)}] 手动触发数据刷新...")
     threading.Thread(target=scheduled_login_all_accounts).start()
     return jsonify({"message": "刷新任务已启动，请稍后查看数据。"}), 202
 

templates/dashboard.html

@@ -4,20 +4,20 @@
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>账户仪表盘</title>
-    <link rel="preconnect" href="https:
-    <link rel="preconnect" href="https:
-    <link href="https:
+    <link rel="preconnect" href="https://fonts.googleapis.com">
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">
     <style>
         :root {
             --bg-color: #ffffff;
             --text-color: #000000;
             --secondary-text-color: #666666;
-            --border-color: #eaeaea;
+            --border-color: #e0e0e0; 
             --card-bg-color: #ffffff;
             --accent-color: #000000;
             --error-color: #ff0000;
-            --success-color: #0070f3; 
-            --summary-bar-bg: #f9f9f9;
+            --success-color: #000000; 
+            --summary-bar-bg: #fafafa; 
         }
 
         body {
@@ -72,7 +72,7 @@
             border-radius: 8px;
             margin-bottom: 30px; 
             border: 1px solid var(--border-color);
-            box-shadow: 0 2px 4px rgba(0,0,0,0.03), 0 1px 2px rgba(0,0,0,0.03);
+            box-shadow: 0 1px 3px rgba(0,0,0,0.04), 0 1px 2px rgba(0,0,0,0.06); 
         }
         .summary-item {
             text-align: center;
@@ -102,7 +102,7 @@
             display: flex;
         }
         .actions button {
-            padding: 10px 20px;
+            padding: 9px 18px; 
             background-color: var(--accent-color);
             color: var(--bg-color);
             border: 1px solid var(--accent-color);
@@ -111,21 +111,23 @@
             font-size: 14px;
             font-weight: 500;
             margin-left: 12px;
-            transition: opacity 0.2s ease;
+            transition: background-color 0.2s ease, border-color 0.2s ease, color 0.2s ease;
         }
-        .actions button:hover { 
-            opacity: 0.8;
+        .actions button:hover {
+            background-color: #333333; 
+            border-color: #333333;
         }
-        .actions button#logout-btn { 
-            background-color: var(--bg-color); 
-            color: var(--accent-color); 
+        .actions button#logout-btn {
+            background-color: var(--bg-color);
+            color: var(--secondary-text-color); 
             border: 1px solid var(--border-color);
         }
-        .actions button#logout-btn:hover { 
-            background-color: #f9f9f9; 
-            border-color: #dddddd;
+        .actions button#logout-btn:hover {
+            background-color: #f7f7f7; 
+            border-color: #cccccc;
+            color: var(--text-color);
         }
-        
+
         #account-cards-container {
             display: grid;
             grid-template-columns: repeat(auto-fill, minmax(320px, 1fr)); 
@@ -137,12 +139,12 @@
             background-color: var(--card-bg-color);
             border-radius: 8px;
             border: 1px solid var(--border-color);
-            box-shadow: 0 2px 4px rgba(0,0,0,0.03), 0 1px 2px rgba(0,0,0,0.03); 
+            box-shadow: 0 1px 3px rgba(0,0,0,0.04), 0 1px 2px rgba(0,0,0,0.06); 
             transition: box-shadow 0.2s ease, transform 0.2s ease;
         }
         .account-card:hover {
-            box-shadow: 0 5px 15px rgba(0,0,0,0.05), 0 3px 6px rgba(0,0,0,0.05);
-            transform: translateY(-2px);
+            box-shadow: 0 4px 12px rgba(0,0,0,0.08), 0 2px 6px rgba(0,0,0,0.08); 
+            transform: translateY(-1px); 
         }
 
         .account-info h3 {
@@ -267,7 +269,8 @@
             function formatDateTime(isoString) {
                 if (!isoString) return 'N/A';
                 try {
-                    return new Date(isoString).toLocaleString('zh-CN', { hour12: false });
+                    // 强制使用 UTC+8 (Asia/Shanghai) 时区
+                    return new Date(isoString).toLocaleString('zh-CN', { timeZone: 'Asia/Shanghai', hour12: false });
                 } catch (e) {
                     return 'Invalid Date';
                 }
@@ -279,7 +282,7 @@
 
                 const numAccounts = Object.keys(data).length;
                 totalAccountsValueElem.textContent = numAccounts;
-                const currentTime = new Date().toLocaleString('zh-CN', { hour12: false });
+                const currentTime = new Date().toLocaleString('zh-CN', { timeZone: 'Asia/Shanghai', hour12: false });
                 lastUpdatedElem.textContent = `最后更新时间: ${currentTime}`;
 
 
@@ -437,7 +440,7 @@
 
                 } catch (error) {
                     console.error('Error triggering refresh:', error);
-                    lastUpdatedElem.textContent = `手动刷新失败: ${new Date().toLocaleString('zh-CN', { hour12: false })}`;
+                    lastUpdatedElem.textContent = `手动刷新失败: ${new Date().toLocaleString('zh-CN', { timeZone: 'Asia/Shanghai', hour12: false })}`;
                     refreshButton.textContent = originalButtonText;
                     refreshButton.disabled = false;
                     loadingIndicator.style.display = 'none';