feat: Implement temporary API key based on system UUID for UI access

This commit introduces a new authentication mechanism for the web UI. Instead of requiring a pre-configured API key, a temporary API key is generated based on the system's UUID. This key is passed to the UI as a URL parameter and used for API requests. Changes: - Added a new utility to get the system UUID and generate a temporary API key. - Modified the `ccr ui` command to generate and pass the temporary API key. - Updated the authentication middleware to validate the temporary API key. - Adjusted the frontend to use the temporary API key from the URL. - Added a dedicated endpoint to test API access without modifying data. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-08-07 15:00:42 +08:00
parent 4334f40926
commit 9cd5587f52
10 changed files with 288 additions and 17 deletions
--- a/ui/src/components/Login.tsx
+++ b/ui/src/components/Login.tsx
@@ -61,18 +61,23 @@ export function Login() {
        url: window.location.href
      }));
      
-      // Test the API key by fetching config (skip if apiKey is empty)
-      if (apiKey) {
-        await api.getConfig();
-      }
+      // Test the API key by fetching config
+      await api.getConfig();
      
      // Navigate to dashboard
      // The ConfigProvider will handle fetching the config
      navigate('/dashboard');
-    } catch {
+    } catch (error: any) {
      // Clear the API key on failure
      api.setApiKey('');
-      setError(t('login.invalidApiKey'));
+      
+      // Check if it's an unauthorized error
+      if (error.message && error.message.includes('401')) {
+        setError(t('login.invalidApiKey'));
+      } else {
+        // For other errors, still allow access (restricted mode)
+        navigate('/dashboard');
+      }
    }
  };