feat: v2.6.1 - 简化验证码方案，所有手动请求都需验证

核心改进： - 移除复杂的IP限流逻辑，改为每次请求都需验证码 - 添加简单图片验证码生成（4位字母+数字） - 添加验证码弹窗UI，用户体验友好 - 支持回车键提交验证码，点击刷新验证码 - 验证码5分钟有效期技术实现： - 使用Pillow生成验证码图片，带干扰线和噪点 - Session存储验证码，一次性验证后自动清除 - 前端模态框设计，支持点击外部关闭 - 代码更简洁，维护成本更低安全性： - 每次请求都需要人工验证 - 有效防止API滥用和批量调用 - 不依赖第三方服务，稳定可靠 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-06 17:19:29 +08:00
parent 6b71fa4351
commit 34cd05b01c
2 changed files with 311 additions and 49 deletions
--- a/templates/detail_new.html
+++ b/templates/detail_new.html
@@ -794,7 +794,7 @@
                        <span>📰</span>
                        相关新闻
                    </h2>
-                    <button id="refreshNewsBtn" class="refresh-news-btn" onclick="loadNews('{{ site.code }}', false)">
+                    <button id="refreshNewsBtn" class="refresh-news-btn" onclick="showCaptchaModal('{{ site.code }}')">
                        <span class="refresh-icon">↻</span> <span class="btn-text">{% if has_news %}获取最新资讯{% else %}加载资讯{% endif %}</span>
                    </button>
                </div>
@@ -852,6 +852,31 @@
            </div>
        </div>

+        <!-- 验证码弹窗 -->
+        <div id="captchaModal" class="captcha-modal" style="display: none;">
+            <div class="captcha-modal-content">
+                <div class="captcha-modal-header">
+                    <h3>安全验证</h3>
+                    <button class="captcha-close-btn" onclick="closeCaptchaModal()">&times;</button>
+                </div>
+                <div class="captcha-modal-body">
+                    <p style="color: var(--text-secondary); margin-bottom: 20px; font-size: 14px;">为防止API滥用，请完成验证</p>
+                    <div class="captcha-image-container">
+                        <img id="captchaImage" src="" alt="验证码" style="width: 120px; height: 40px; border: 1px solid var(--border-color); border-radius: 4px; cursor: pointer;" onclick="refreshCaptcha()">
+                        <button type="button" onclick="refreshCaptcha()" style="margin-left: 10px; padding: 8px 12px; border: 1px solid var(--border-color); background: white; border-radius: 4px; cursor: pointer;">
+                            <span style="font-size: 16px;">↻</span>
+                        </button>
+                    </div>
+                    <input type="text" id="captchaInput" placeholder="请输入验证码" maxlength="4" style="width: 100%; padding: 10px; margin-top: 15px; border: 1px solid var(--border-color); border-radius: 6px; font-size: 14px;">
+                    <div id="captchaError" style="color: #ef4444; font-size: 12px; margin-top: 8px; display: none;"></div>
+                </div>
+                <div class="captcha-modal-footer">
+                    <button onclick="closeCaptchaModal()" class="captcha-btn captcha-btn-cancel">取消</button>
+                    <button onclick="submitCaptcha()" class="captcha-btn captcha-btn-submit">确定</button>
+                </div>
+            </div>
+        </div>
+
        <!-- 侧边栏 -->
        <div class="sidebar-column">
            <!-- Similar Recommendations -->
@@ -938,8 +963,59 @@
 </style>

 <script>
-// v2.6优化：按需加载新闻，避免自动调用API
-function loadNews(siteCode, isRefresh = false) {
+// v2.6.1优化：所有手动请求都需要验证码
+let currentSiteCode = '';
+
+function showCaptchaModal(siteCode) {
+    currentSiteCode = siteCode;
+    const modal = document.getElementById('captchaModal');
+    const input = document.getElementById('captchaInput');
+    const error = document.getElementById('captchaError');
+
+    modal.style.display = 'flex';
+    input.value = '';
+    error.style.display = 'none';
+
+    // 加载验证码
+    refreshCaptcha();
+}
+
+function closeCaptchaModal() {
+    document.getElementById('captchaModal').style.display = 'none';
+    currentSiteCode = '';
+}
+
+function refreshCaptcha() {
+    const img = document.getElementById('captchaImage');
+    img.src = '/api/captcha?' + new Date().getTime();
+}
+
+function submitCaptcha() {
+    const input = document.getElementById('captchaInput');
+    const captcha = input.value.trim();
+
+    if (!captcha) {
+        showCaptchaError('请输入验证码');
+        return;
+    }
+
+    if (captcha.length !== 4) {
+        showCaptchaError('验证码为4位');
+        return;
+    }
+
+    // 关闭弹窗，开始加载新闻
+    closeCaptchaModal();
+    loadNewsWithCaptcha(currentSiteCode, captcha);
+}
+
+function showCaptchaError(message) {
+    const error = document.getElementById('captchaError');
+    error.textContent = message;
+    error.style.display = 'block';
+}
+
+function loadNewsWithCaptcha(siteCode, captcha) {
    const btn = document.getElementById('refreshNewsBtn');
    const newsContainer = document.getElementById('newsContainer');

@@ -956,7 +1032,8 @@ function loadNews(siteCode, isRefresh = false) {
        method: 'POST',
        headers: {
            'Content-Type': 'application/json'
-        }
+        },
+        body: JSON.stringify({ captcha: captcha })
    })
    .then(response => response.json())
    .then(data => {
@@ -1054,6 +1131,28 @@ function showMessage(message, type = 'info') {
        setTimeout(() => messageDiv.remove(), 300);
    }, 3000);
 }
+
+// 支持回车键提交验证码
+document.addEventListener('DOMContentLoaded', function() {
+    const captchaInput = document.getElementById('captchaInput');
+    if (captchaInput) {
+        captchaInput.addEventListener('keypress', function(e) {
+            if (e.key === 'Enter') {
+                submitCaptcha();
+            }
+        });
+    }
+
+    // 点击模态框外部关闭
+    const modal = document.getElementById('captchaModal');
+    if (modal) {
+        modal.addEventListener('click', function(e) {
+            if (e.target === modal) {
+                closeCaptchaModal();
+            }
+        });
+    }
+});
 </script>

 <style>
@@ -1424,4 +1523,124 @@ function shareToplatform() {
 }
 </script>

+<style>
+/* 验证码弹窗样式 */
+.captcha-modal {
+    position: fixed;
+    top: 0;
+    left: 0;
+    right: 0;
+    bottom: 0;
+    background: rgba(0, 0, 0, 0.5);
+    z-index: 10000;
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    animation: fadeIn 0.2s ease;
+}
+
+.captcha-modal-content {
+    background: white;
+    border-radius: 12px;
+    width: 90%;
+    max-width: 400px;
+    box-shadow: 0 10px 40px rgba(0, 0, 0, 0.2);
+    animation: slideUp 0.3s ease;
+}
+
+.captcha-modal-header {
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    padding: 20px 24px;
+    border-bottom: 1px solid var(--border-color);
+}
+
+.captcha-modal-header h3 {
+    margin: 0;
+    font-size: 18px;
+    color: var(--text-primary);
+}
+
+.captcha-close-btn {
+    background: none;
+    border: none;
+    font-size: 28px;
+    color: var(--text-muted);
+    cursor: pointer;
+    padding: 0;
+    width: 30px;
+    height: 30px;
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    transition: color 0.2s;
+}
+
+.captcha-close-btn:hover {
+    color: var(--text-primary);
+}
+
+.captcha-modal-body {
+    padding: 24px;
+}
+
+.captcha-image-container {
+    display: flex;
+    align-items: center;
+    justify-content: center;
+}
+
+.captcha-modal-footer {
+    padding: 16px 24px;
+    border-top: 1px solid var(--border-color);
+    display: flex;
+    gap: 12px;
+    justify-content: flex-end;
+}
+
+.captcha-btn {
+    padding: 10px 24px;
+    border-radius: 6px;
+    border: none;
+    font-size: 14px;
+    cursor: pointer;
+    transition: all 0.2s;
+}
+
+.captcha-btn-cancel {
+    background: #f3f4f6;
+    color: #374151;
+}
+
+.captcha-btn-cancel:hover {
+    background: #e5e7eb;
+}
+
+.captcha-btn-submit {
+    background: #0ea5e9;
+    color: white;
+}
+
+.captcha-btn-submit:hover {
+    background: #0284c7;
+}
+
+@keyframes fadeIn {
+    from { opacity: 0; }
+    to { opacity: 1; }
+}
+
+@keyframes slideUp {
+    from {
+        transform: translateY(20px);
+        opacity: 0;
+    }
+    to {
+        transform: translateY(0);
+        opacity: 1;
+    }
+}
+</style>
+
 {% endblock %}