3.4 KiB
3.4 KiB
Web 后台二维码登录与账号状态面板(2026-05)
Trigger
BOSS 反馈 Cookie JSON/外部截图仍不够方便,希望登录流程直接植入 xianyu-hunter Web 后台:点击登录即可获取真实登录二维码,并在后台看到当前账号基础状态。
Implemented pattern
Files in local clone /Users/chick/.Hermes/workspace/research/xianyu-hunter:
lib/login.mjs- Add
getLoginQr(emitLog). - It opens
https://www.goofish.com/through the persistent Playwright profile, clicks the visible login entry when present, tries QR-login selectors, and returns adata:image/png;base64,...screenshot asqrImagewhen not logged in. - It reuses
getLoginStatus(page)so already-logged-in accounts return status and no QR image. getLoginStatus()now also returns account basics:accountName,nickCandidates,avatarUrl.
- Add
server.mjs- Import
getLoginQrand exposePOST /api/login/qr.
- Import
public/index.html- In the login modal, add account row (
login-account-row) and QR panel (login-qr-panel). - Primary action is now 获取登录二维码; 打开闲鱼登录窗口 remains a fallback for captcha/expired QR/manual verification.
- In the login modal, add account row (
public/app.js- Add
fetchLoginQr(),renderLoginQr(),clearLoginQr(). - Extend
renderLoginStatus()to show nickname/avatar/cookie count/account state.
- Add
public/style.css- Add
.login-qr-panel,.login-qr-img,.login-account-row,.login-avatarstyles.
- Add
Important workflow corrections learned
- Do not manually fabricate a Taobao login URL and send it to BOSS as “闲鱼二维码”. Goofish may use Taobao/Alibaba unified login under the hood, but the user experience must start from the Goofish Web login entry to avoid confusion.
- Prefer an in-dashboard QR panel over sending QR screenshots through chat. BOSS explicitly wants the backend page to own login, QR display, and account status.
- Keep visible Chromium login as fallback only. QR/captcha/verification may still require the desktop browser.
- Avoid concurrent Playwright profiles. Temporary QR scripts and the main service can conflict on
browser-data/SingletonLock; close/kill temporary QR browser processes before running tasks or status probes. - If
POST /api/login/qris called when already logged in, return status and no QR image; frontend should clear/hide the QR panel and show account info instead.
Verification recipe
cd /Users/chick/.Hermes/workspace/research/xianyu-hunter
node --check lib/login.mjs
node --check server.mjs
node --check public/app.js
# restart exact listener if needed
for p in $(lsof -tiTCP:3000 -sTCP:LISTEN 2>/dev/null); do kill "$p" 2>/dev/null || true; done
PORT=3000 node server.mjs
API checks:
curl -sS -m 60 http://127.0.0.1:3000/api/login/status | python3 -m json.tool
curl -sS -m 90 -X POST http://127.0.0.1:3000/api/login/qr \
-H 'Content-Type: application/json' -d '{}' > /tmp/xianyu_qr_api.json
python3 - <<'PY'
import json
j=json.load(open('/tmp/xianyu_qr_api.json'))
print(j.get('ok'), j.get('loggedIn'), j.get('cookieCount'), j.get('accountName'), bool(j.get('qrImage')))
PY
curl -sS -m 10 http://127.0.0.1:3000/ | grep -E '获取登录二维码|扫码登录|login-qr-panel'
Expected logged-in example from the session:
loggedIn: truecookieCount: 27accountName: 札幌打滚的风筝鱼qrImage: falsebecause QR is unnecessary while logged in.