3.0 KiB
3.0 KiB
Web Login + Cookie Persistence Panel (2026-05)
Context: BOSS wanted the xianyu-hunter Web UI to support login like the original project, saving cookies for reuse. A plain “open login window” button was not enough; the Web UI needed a visible login/cookie panel with status detection.
Implemented shape
Files in /Users/chick/.Hermes/workspace/research/xianyu-hunter:
lib/browser.mjs- Added
getOpenPagesInfo()to report whether the persistent Playwright browser context is open and list page title/URL.
- Added
lib/login.mjs- Added
openLoginPage(emitLog). - Added
getLoginStatus(existingPage = null). checkLogin()now uses stronger login status detection and logs cookie count +browser-data/persistence.
- Added
server.mjs- Imports
checkLogin,getLoginStatus,openLoginPage,closeBrowser,getOpenPagesInfo. - Added APIs:
GET /api/login/statusPOST /api/login/openPOST /api/login/waitPOST /api/login/close-browser
- Imports
public/index.html- Header button:
账号登录 / Cookie. - Login modal: status card, actions, help text, log panel.
- Header button:
public/app.js- Added
showLoginModal,hideLoginModal,renderLoginStatus,appendLoginLog,checkLoginStatus,openLoginWindow,waitLoginStatus,closeLoginBrowser.
- Added
public/style.css- Added login modal styles (
.login-modal,.login-status-card,.login-actions,.login-help,.login-log).
- Added login modal styles (
Login detection rule
Do not trust homepage-only checks. In this session, CLI login said OK while the real search page still showed:
登录后可以更懂你,推荐你喜欢的商品!立即登录
Use a real search probe such as:
https://www.goofish.com/search?q=e3%201245%20v3
Treat status as logged in only if:
- login wall text is absent, and
- either product cards load or enough Goofish/Taobao/Alibaba cookies exist.
nick-- and avatar elements alone are false-positive prone on login-wall pages.
Verification commands
cd /Users/chick/.Hermes/workspace/research/xianyu-hunter
node --check server.mjs
node --check lib/browser.mjs
node --check lib/login.mjs
node --check public/app.js
# Restart if needed
lsof -tiTCP:3000 -sTCP:LISTEN | xargs -r kill
PORT=3000 node server.mjs
# Verify UI markers and API
curl -sS http://127.0.0.1:3000/ | grep -E '账号登录 / Cookie|闲鱼账号登录 / Cookie'
curl -sS http://127.0.0.1:3000/api/login/status | python3 -m json.tool
lsof -nP -iTCP:3000 -sTCP:LISTEN
Expected LAN URL for BOSS’s Mac in this environment:
http://192.168.2.69:3000
Operational notes
- Cookies are stored in
browser-data/via Playwright persistent context. Do not print raw cookies. POST /api/login/openopens a visible Chromium window on the Mac desktop. BOSS must use remote control/screen sharing to scan QR or complete captcha there.POST /api/login/close-browsershould not delete cookies; it only closes the context.- If a stale server process keeps old routes, kill the listener on port 3000 before starting the new server.