@adversity/coding-tool-x 2.4.2 → 2.5.1

package/dist/web/assets/{vendors-Bd5vxA1-.js → vendors-CzcvkTIS.js}

@@ -1,4 +1,4 @@
-import{S as t}from"./vue-vendor-hRp8vsrL.js";"undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self&&self;function e(t){return t&&t.__esModule&&Object.prototype.hasOwnProperty.call(t,"default")?t.default:t}function n(t){if(t.__esModule)return t;var e=t.default;if("function"==typeof e){var n=function t(){return this instanceof t?Reflect.construct(e,arguments,this.constructor):e.apply(this,arguments)};n.prototype=e.prototype}else n={};return Object.defineProperty(n,"__esModule",{value:!0}),Object.keys(t).forEach(function(e){var r=Object.getOwnPropertyDescriptor(t,e);Object.defineProperty(n,e,r.get?r:{enumerable:!0,get:function(){return t[e]}})}),n}var r={exports:{}};const o=n(t);
+import{S as t}from"./vue-vendor-CEeI-Azr.js";"undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self&&self;function e(t){return t&&t.__esModule&&Object.prototype.hasOwnProperty.call(t,"default")?t.default:t}function n(t){if(t.__esModule)return t;var e=t.default;if("function"==typeof e){var n=function t(){return this instanceof t?Reflect.construct(e,arguments,this.constructor):e.apply(this,arguments)};n.prototype=e.prototype}else n={};return Object.defineProperty(n,"__esModule",{value:!0}),Object.keys(t).forEach(function(e){var r=Object.getOwnPropertyDescriptor(t,e);Object.defineProperty(n,e,r.get?r:{enumerable:!0,get:function(){return t[e]}})}),n}var r={exports:{}};const o=n(t);
 /**!
  * Sortable 1.14.0
  * @author	RubaXa   <trash@rubaxa.org>

package/dist/web/assets/{vue-vendor-hRp8vsrL.js → vue-vendor-CEeI-Azr.js}

@@ -41,4 +41,4 @@ let ic;const lc=e=>ic=e,cc=Symbol();function ac(e){return e&&"object"==typeof e&
  * vue-router v4.6.4
  * (c) 2025 Eduardo San Martin Morote
  * @license MIT
- */(e,t);n=Na(o.reverse(),"beforeRouteLeave",e,t);for(const s of o)s.leaveGuards.forEach(o=>{n.push(Ra(o,e,t))});const c=y.bind(null,e,t);return n.push(c),M(n).then(()=>{n=[];for(const o of s.list())n.push(Ra(o,e,t));return n.push(c),M(n)}).then(()=>{n=Na(r,"beforeRouteUpdate",e,t);for(const o of r)o.updateGuards.forEach(o=>{n.push(Ra(o,e,t))});return n.push(c),M(n)}).then(()=>{n=[];for(const o of l)if(o.beforeEnter)if(Pc(o.beforeEnter))for(const r of o.beforeEnter)n.push(Ra(r,e,t));else n.push(Ra(o.beforeEnter,e,t));return n.push(c),M(n)}).then(()=>(e.matched.forEach(e=>e.enterCallbacks={}),n=Na(l,"beforeRouteEnter",e,t,b),n.push(c),M(n))).then(()=>{n=[];for(const o of i.list())n.push(Ra(o,e,t));return n.push(c),M(n)}).catch(e=>ba(e,va.NAVIGATION_CANCELLED)?e:Promise.reject(e))}function S(e,t,n){l.list().forEach(o=>b(()=>o(e,t,n)))}function C(e,t,n,o,s){const i=g(e,t);if(i)return i;const l=t===ia,a=Tc?history.state:{};n&&(o||l?r.replace(e.fullPath,Oc({scroll:l&&a&&a.scroll},s)):r.push(e.fullPath,s)),c.value=e,N(e,t,n,l),R()}let x;function w(){x||(x=r.listen((e,t,n)=>{if(!L.listening)return;const o=d(e),s=v(o,L.currentRoute.value);if(s)return void _(Oc(s,{replace:!0,force:!0}),o).catch(Nc);a=o;const i=c.value;var l,u;Tc&&(l=ha(i.fullPath,n.delta),u=pa(),ga.set(l,u)),E(o,i).catch(e=>ba(e,va.NAVIGATION_ABORTED|va.NAVIGATION_CANCELLED)?e:ba(e,va.NAVIGATION_GUARD_REDIRECT)?(_(Oc(h(e.to),{force:!0}),o).then(e=>{ba(e,va.NAVIGATION_ABORTED|va.NAVIGATION_DUPLICATED)&&!n.delta&&n.type===la.pop&&r.go(-1,!1)}).catch(Nc),Promise.reject()):(n.delta&&r.go(-n.delta,!1),O(e,o,i))).then(e=>{(e=e||C(o,i,!1))&&(n.delta&&!ba(e,va.NAVIGATION_CANCELLED)?r.go(-n.delta,!1):n.type===la.pop&&ba(e,va.NAVIGATION_ABORTED|va.NAVIGATION_DUPLICATED)&&r.go(-1,!1)),S(o,i,e)}).catch(Nc)}))}let A,T=Oa(),k=Oa();function O(e,t,n){R(e);const o=k.list();return o.length&&o.forEach(o=>o(e,t,n)),Promise.reject(e)}function R(e){return A||(A=!e,w(),T.list().forEach(([t,n])=>e?n(e):t()),T.reset()),e}function N(t,n,o,r){const{scrollBehavior:s}=e;if(!Tc||!s)return Promise.resolve();const i=!o&&function(e){const t=ga.get(e);return ga.delete(e),t}(ha(t.fullPath,0))||(r||!o)&&history.state&&history.state.scroll||null;return an().then(()=>s(t,n,i)).then(e=>e&&da(e)).catch(e=>O(e,t,n))}const P=e=>r.go(e);let I;const D=new Set,L={currentRoute:c,listening:!0,addRoute:function(e,n){let o,r;return ma(e)?(o=t.getRecordMatcher(e),r=n):r=e,t.addRoute(r,o)},removeRoute:function(e){const n=t.getRecordMatcher(e);n&&t.removeRoute(n)},clearRoutes:t.clearRoutes,hasRoute:function(e){return!!t.getRecordMatcher(e)},getRoutes:function(){return t.getRoutes().map(e=>e.record)},resolve:d,options:e,push:m,replace:function(e){return m(Oc(h(e),{replace:!0}))},go:P,back:()=>P(-1),forward:()=>P(1),beforeEach:s.add,beforeResolve:i.add,afterEach:l.add,onError:k.add,isReady:function(){return A&&c.value!==ia?Promise.resolve():new Promise((e,t)=>{T.add([e,t])})},install(e){e.component("RouterLink",ou),e.component("RouterView",lu),e.config.globalProperties.$router=L,Object.defineProperty(e.config.globalProperties,"$route",{enumerable:!0,get:()=>Dt(c)}),Tc&&!I&&c.value===ia&&(I=!0,m(r.location).catch(e=>{}));const t={};for(const o in ia)Object.defineProperty(t,o,{get:()=>c.value[o],enumerable:!0});e.provide(Aa,L),e.provide(Ta,vt(t)),e.provide(ka,c);const n=e.unmount;D.add(e),e.unmount=function(){D.delete(e),D.size<1&&(a=ia,x&&x(),x=null,c.value=ia,I=!1,A=!1),n()}}};function M(e){return e.reduce((e,t)=>e.then(()=>b(t)),Promise.resolve())}return L}function au(){return An(Aa)}function uu(e){return An(Ta)}export{Qo as $,Ki as A,Ls as B,vs as C,ms as D,At as E,gs as F,$o as G,W as H,ec as I,Dt as J,xt as K,wt as L,jt as M,U as N,As as O,Ps as P,Es as Q,Fs as R,sc as S,Wn as T,wc as U,Ac as V,Is as W,Sn as X,Vs as Y,Ts as Z,X as _,_t as a,au as a0,Jo as a1,Wl as a2,uu as a3,ql as a4,cu as a5,La as a6,er as a7,zo as a8,To as a9,pc as aa,Bo as b,ui as c,Fo as d,mt as e,Oo as f,zs as g,Ro as h,An as i,Ms as j,co as k,Cn as l,fi as m,an as n,Vo as o,wn as p,tr as q,Rt as r,$s as s,$t as t,ks as u,Nt as v,Pn as w,Rn as x,Ri as y,Cl as z};
+ */(e,t);n=Na(o.reverse(),"beforeRouteLeave",e,t);for(const s of o)s.leaveGuards.forEach(o=>{n.push(Ra(o,e,t))});const c=y.bind(null,e,t);return n.push(c),M(n).then(()=>{n=[];for(const o of s.list())n.push(Ra(o,e,t));return n.push(c),M(n)}).then(()=>{n=Na(r,"beforeRouteUpdate",e,t);for(const o of r)o.updateGuards.forEach(o=>{n.push(Ra(o,e,t))});return n.push(c),M(n)}).then(()=>{n=[];for(const o of l)if(o.beforeEnter)if(Pc(o.beforeEnter))for(const r of o.beforeEnter)n.push(Ra(r,e,t));else n.push(Ra(o.beforeEnter,e,t));return n.push(c),M(n)}).then(()=>(e.matched.forEach(e=>e.enterCallbacks={}),n=Na(l,"beforeRouteEnter",e,t,b),n.push(c),M(n))).then(()=>{n=[];for(const o of i.list())n.push(Ra(o,e,t));return n.push(c),M(n)}).catch(e=>ba(e,va.NAVIGATION_CANCELLED)?e:Promise.reject(e))}function S(e,t,n){l.list().forEach(o=>b(()=>o(e,t,n)))}function C(e,t,n,o,s){const i=g(e,t);if(i)return i;const l=t===ia,a=Tc?history.state:{};n&&(o||l?r.replace(e.fullPath,Oc({scroll:l&&a&&a.scroll},s)):r.push(e.fullPath,s)),c.value=e,N(e,t,n,l),R()}let x;function w(){x||(x=r.listen((e,t,n)=>{if(!L.listening)return;const o=d(e),s=v(o,L.currentRoute.value);if(s)return void _(Oc(s,{replace:!0,force:!0}),o).catch(Nc);a=o;const i=c.value;var l,u;Tc&&(l=ha(i.fullPath,n.delta),u=pa(),ga.set(l,u)),E(o,i).catch(e=>ba(e,va.NAVIGATION_ABORTED|va.NAVIGATION_CANCELLED)?e:ba(e,va.NAVIGATION_GUARD_REDIRECT)?(_(Oc(h(e.to),{force:!0}),o).then(e=>{ba(e,va.NAVIGATION_ABORTED|va.NAVIGATION_DUPLICATED)&&!n.delta&&n.type===la.pop&&r.go(-1,!1)}).catch(Nc),Promise.reject()):(n.delta&&r.go(-n.delta,!1),O(e,o,i))).then(e=>{(e=e||C(o,i,!1))&&(n.delta&&!ba(e,va.NAVIGATION_CANCELLED)?r.go(-n.delta,!1):n.type===la.pop&&ba(e,va.NAVIGATION_ABORTED|va.NAVIGATION_DUPLICATED)&&r.go(-1,!1)),S(o,i,e)}).catch(Nc)}))}let A,T=Oa(),k=Oa();function O(e,t,n){R(e);const o=k.list();return o.length&&o.forEach(o=>o(e,t,n)),Promise.reject(e)}function R(e){return A||(A=!e,w(),T.list().forEach(([t,n])=>e?n(e):t()),T.reset()),e}function N(t,n,o,r){const{scrollBehavior:s}=e;if(!Tc||!s)return Promise.resolve();const i=!o&&function(e){const t=ga.get(e);return ga.delete(e),t}(ha(t.fullPath,0))||(r||!o)&&history.state&&history.state.scroll||null;return an().then(()=>s(t,n,i)).then(e=>e&&da(e)).catch(e=>O(e,t,n))}const P=e=>r.go(e);let I;const D=new Set,L={currentRoute:c,listening:!0,addRoute:function(e,n){let o,r;return ma(e)?(o=t.getRecordMatcher(e),r=n):r=e,t.addRoute(r,o)},removeRoute:function(e){const n=t.getRecordMatcher(e);n&&t.removeRoute(n)},clearRoutes:t.clearRoutes,hasRoute:function(e){return!!t.getRecordMatcher(e)},getRoutes:function(){return t.getRoutes().map(e=>e.record)},resolve:d,options:e,push:m,replace:function(e){return m(Oc(h(e),{replace:!0}))},go:P,back:()=>P(-1),forward:()=>P(1),beforeEach:s.add,beforeResolve:i.add,afterEach:l.add,onError:k.add,isReady:function(){return A&&c.value!==ia?Promise.resolve():new Promise((e,t)=>{T.add([e,t])})},install(e){e.component("RouterLink",ou),e.component("RouterView",lu),e.config.globalProperties.$router=L,Object.defineProperty(e.config.globalProperties,"$route",{enumerable:!0,get:()=>Dt(c)}),Tc&&!I&&c.value===ia&&(I=!0,m(r.location).catch(e=>{}));const t={};for(const o in ia)Object.defineProperty(t,o,{get:()=>c.value[o],enumerable:!0});e.provide(Aa,L),e.provide(Ta,vt(t)),e.provide(ka,c);const n=e.unmount;D.add(e),e.unmount=function(){D.delete(e),D.size<1&&(a=ia,x&&x(),x=null,c.value=ia,I=!1,A=!1),n()}}};function M(e){return e.reduce((e,t)=>e.then(()=>b(t)),Promise.resolve())}return L}function au(){return An(Aa)}function uu(e){return An(Ta)}export{au as $,Ki as A,Ls as B,vs as C,ms as D,At as E,gs as F,$o as G,W as H,ec as I,Dt as J,xt as K,wt as L,jt as M,U as N,As as O,Ps as P,Es as Q,Fs as R,sc as S,Wn as T,wc as U,Ac as V,Is as W,Sn as X,Vs as Y,Ts as Z,X as _,_t as a,Qo as a0,Jo as a1,Wl as a2,uu as a3,ql as a4,cu as a5,La as a6,er as a7,zo as a8,To as a9,pc as aa,Bo as b,ui as c,Fo as d,mt as e,Oo as f,zs as g,Ro as h,An as i,Ms as j,co as k,Cn as l,fi as m,an as n,Vo as o,wn as p,tr as q,Rt as r,$s as s,$t as t,ks as u,Nt as v,Pn as w,Rn as x,Ri as y,Cl as z};

package/dist/web/index.html

@@ -5,12 +5,12 @@
     <link rel="icon" href="/favicon.ico">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>CC-TOOL - ClaudeCode增强工作助手</title>
-    <script type="module" crossorigin src="/assets/index-DOsR4qc6.js"></script>
-    <link rel="modulepreload" crossorigin href="/assets/vue-vendor-hRp8vsrL.js">
-    <link rel="modulepreload" crossorigin href="/assets/vendors-Bd5vxA1-.js">
-    <link rel="modulepreload" crossorigin href="/assets/icons-BkBtk3H1.js">
-    <link rel="modulepreload" crossorigin href="/assets/naive-ui-D-gb0WfN.js">
-    <link rel="stylesheet" crossorigin href="/assets/index-Cgq2DyzS.css">
+    <script type="module" crossorigin src="/assets/index-DZjidyED.js"></script>
+    <link rel="modulepreload" crossorigin href="/assets/vue-vendor-CEeI-Azr.js">
+    <link rel="modulepreload" crossorigin href="/assets/vendors-CzcvkTIS.js">
+    <link rel="modulepreload" crossorigin href="/assets/icons-BALJo7bE.js">
+    <link rel="modulepreload" crossorigin href="/assets/naive-ui-sh0u_0bf.js">
+    <link rel="stylesheet" crossorigin href="/assets/index-CvHZsWbE.css">
   </head>
   <body>
     <div id="app"></div>

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@adversity/coding-tool-x",
-  "version": "2.4.2",
+  "version": "2.5.1",
   "description": "Vibe Coding 增强工作助手 - 智能会话管理、动态渠道切换、全局搜索、实时监控",
   "main": "src/index.js",
   "bin": {
@@ -47,6 +47,7 @@
   "dependencies": {
     "@iarna/toml": "^2.2.5",
     "@lydell/node-pty": "^1.1.0",
+    "@xterm/headless": "^6.0.0",
     "adm-zip": "^0.5.16",
     "cc-tool-web": "file:src/web",
     "chalk": "^4.1.2",

package/src/commands/security.js

@@ -0,0 +1,36 @@
+const chalk = require('chalk');
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+const SECURITY_FILE = path.join(os.homedir(), '.claude', 'cc-tool', 'security.json');
+
+function showSecurityHelp() {
+  console.log(chalk.yellow('\n🔐 安全设置命令:'));
+  console.log('  ctx security reset       关闭访问密码（删除安全配置文件）');
+  console.log('');
+}
+
+async function handleSecurityReset() {
+  console.log(chalk.cyan('\n🔐 安全设置 - 关闭访问密码\n'));
+
+  if (!fs.existsSync(SECURITY_FILE)) {
+    console.log(chalk.yellow('⚠️  未检测到安全配置文件'));
+    console.log(chalk.gray(`路径: ${SECURITY_FILE}\n`));
+    return;
+  }
+
+  try {
+    fs.unlinkSync(SECURITY_FILE);
+    console.log(chalk.green('✅ 访问密码已关闭'));
+    console.log(chalk.gray(`已删除: ${SECURITY_FILE}\n`));
+  } catch (error) {
+    console.error(chalk.red('❌ 关闭密码失败:'), error.message);
+    console.log(chalk.gray(`路径: ${SECURITY_FILE}\n`));
+  }
+}
+
+module.exports = {
+  showSecurityHelp,
+  handleSecurityReset
+};

package/src/index.js

@@ -10,8 +10,6 @@ const { showMainMenu } = require('./ui/menu');
 const { handleList } = require('./commands/list');
 const { handleSearch } = require('./commands/search');
 const { switchProject } = require('./commands/switch');
-const { handleUI } = require('./commands/ui');
-const { handleProxyStart, handleProxyStop, handleProxyStatus } = require('./commands/proxy');
 const { resetConfig } = require('./reset-config');
 const { handleChannelManagement, handleAddChannel, handleChannelStatus } = require('./commands/channels');
 const { handleToggleProxy } = require('./commands/toggle-proxy');
@@ -77,6 +75,7 @@ function showHelp() {
   console.log(chalk.yellow('🛠️  其他命令:'));
   console.log('  ctx doctor              系统诊断');
   console.log('  ctx reset               重置配置');
+  console.log('  ctx security reset      关闭访问密码');
   console.log('  ctx --version, -v       显示版本');
   console.log('  ctx --help, -h          显示帮助\n');
 
@@ -136,6 +135,19 @@ async function main() {
     return;
   }
 
+  // security 命令 - 安全设置
+  if (args[0] === 'security') {
+    const { showSecurityHelp, handleSecurityReset } = require('./commands/security');
+    const subCommand = args[1] || 'help';
+
+    if (subCommand === 'reset' || subCommand === 'disable' || subCommand === 'off') {
+      await handleSecurityReset();
+    } else {
+      showSecurityHelp();
+    }
+    return;
+  }
+
   // start 命令 - 启动服务（后台）
   if (args[0] === 'start') {
     await handleStart();
@@ -171,6 +183,7 @@ async function main() {
       await handleRestart();
     } else {
       // 默认前台运行
+      const { handleUI } = require('./commands/ui');
       await handleUI();
     }
     return;
@@ -252,6 +265,7 @@ async function main() {
 
   // 代理命令
   if (args[0] === 'proxy') {
+    const { handleProxyStart, handleProxyStop, handleProxyStatus } = require('./commands/proxy');
     const subCommand = args[1] || 'start';
 
     switch (subCommand) {
@@ -342,9 +356,11 @@ async function main() {
         await handleAddChannel();
         break;
 
-      case 'ui':
+      case 'ui': {
+        const { handleUI } = require('./commands/ui');
         await handleUI();
         break;
+      }
 
       case 'port-config':
         await handlePortConfig();

package/src/server/api/config-export.js

@@ -4,23 +4,74 @@
 
 const express = require('express');
 const configExportService = require('../services/config-export-service');
+const AdmZip = require('adm-zip');
 
 const router = express.Router();
 
+function parseConfigZip(buffer) {
+  const zip = new AdmZip(buffer);
+  const entry = zip.getEntry('config.json');
+  if (!entry) {
+    throw new Error('配置包缺少 config.json');
+  }
+  const content = entry.getData().toString('utf8');
+  return JSON.parse(content);
+}
+
+function buildPreviewSummary(data) {
+  return {
+    version: data.version,
+    exportedAt: data.exportedAt,
+    counts: {
+      permissionTemplates: (data.data.permissionTemplates || []).length,
+      configTemplates: (data.data.configTemplates || []).length,
+      channels: (data.data.channels || []).length
+    },
+    items: {
+      permissionTemplates: (data.data.permissionTemplates || []).map(t => ({
+        id: t.id,
+        name: t.name,
+        description: t.description
+      })),
+      configTemplates: (data.data.configTemplates || []).map(t => ({
+        id: t.id,
+        name: t.name,
+        description: t.description
+      })),
+      channels: (data.data.channels || []).map(c => ({
+        id: c.id,
+        name: c.name,
+        type: c.type
+      }))
+    }
+  };
+}
+
 /**
  * 导出所有配置
  * GET /api/config-export
  */
 router.get('/', (req, res) => {
   try {
-    const result = configExportService.exportAllConfigs();
+    const format = (req.query.format || 'json').toLowerCase();
+    const result = format === 'zip'
+      ? configExportService.exportAllConfigsZip()
+      : configExportService.exportAllConfigs();
 
     if (result.success) {
-      // 设置响应头，触发文件下载
-      const filename = `ctx-config-${new Date().toISOString().split('T')[0]}.json`;
-      res.setHeader('Content-Disposition', `attachment; filename="${filename}"`);
-      res.setHeader('Content-Type', 'application/json');
-      res.json(result.data);
+      if (format === 'zip') {
+        // 设置响应头，触发文件下载
+        const filename = result.filename || `ctx-config-${new Date().toISOString().split('T')[0]}.zip`;
+        res.setHeader('Content-Disposition', `attachment; filename="${filename}"`);
+        res.setHeader('Content-Type', 'application/zip');
+        res.send(result.data);
+      } else {
+        // 设置响应头，触发文件下载
+        const filename = `ctx-config-${new Date().toISOString().split('T')[0]}.json`;
+        res.setHeader('Content-Disposition', `attachment; filename="${filename}"`);
+        res.setHeader('Content-Type', 'application/json');
+        res.json(result.data);
+      }
     } else {
       res.status(500).json({
         success: false,
@@ -64,6 +115,34 @@ router.post('/import', (req, res) => {
   }
 });
 
+/**
+ * 导入 ZIP 配置
+ * POST /api/config-export/import-zip
+ */
+router.post('/import-zip', express.raw({ type: ['application/zip', 'application/octet-stream'], limit: '100mb' }), (req, res) => {
+  try {
+    const overwrite = req.query.overwrite === 'true';
+    const buffer = req.body;
+
+    if (!Buffer.isBuffer(buffer) || buffer.length === 0) {
+      return res.status(400).json({
+        success: false,
+        message: '缺少 ZIP 文件内容'
+      });
+    }
+
+    const data = parseConfigZip(buffer);
+    const result = configExportService.importConfigs(data, { overwrite });
+    res.json(result);
+  } catch (err) {
+    console.error('[ConfigExport API] 导入 ZIP 失败:', err);
+    res.status(500).json({
+      success: false,
+      message: err.message
+    });
+  }
+});
+
 /**
  * 预览导入配置（不实际导入）
  * POST /api/config-export/preview
@@ -79,32 +158,7 @@ router.post('/preview', (req, res) => {
       });
     }
 
-    const summary = {
-      version: data.version,
-      exportedAt: data.exportedAt,
-      counts: {
-        permissionTemplates: (data.data.permissionTemplates || []).length,
-        configTemplates: (data.data.configTemplates || []).length,
-        channels: (data.data.channels || []).length
-      },
-      items: {
-        permissionTemplates: (data.data.permissionTemplates || []).map(t => ({
-          id: t.id,
-          name: t.name,
-          description: t.description
-        })),
-        configTemplates: (data.data.configTemplates || []).map(t => ({
-          id: t.id,
-          name: t.name,
-          description: t.description
-        })),
-        channels: (data.data.channels || []).map(c => ({
-          id: c.id,
-          name: c.name,
-          type: c.type
-        }))
-      }
-    };
+    const summary = buildPreviewSummary(data);
 
     res.json({
       success: true,
@@ -119,4 +173,40 @@ router.post('/preview', (req, res) => {
   }
 });
 
+/**
+ * 预览 ZIP 导入配置（不实际导入）
+ * POST /api/config-export/preview-zip
+ */
+router.post('/preview-zip', express.raw({ type: ['application/zip', 'application/octet-stream'], limit: '100mb' }), (req, res) => {
+  try {
+    const buffer = req.body;
+    if (!Buffer.isBuffer(buffer) || buffer.length === 0) {
+      return res.status(400).json({
+        success: false,
+        message: '缺少 ZIP 文件内容'
+      });
+    }
+
+    const data = parseConfigZip(buffer);
+    if (!data || !data.data) {
+      return res.status(400).json({
+        success: false,
+        message: '无效的导入数据格式'
+      });
+    }
+
+    const summary = buildPreviewSummary(data);
+    res.json({
+      success: true,
+      data: summary
+    });
+  } catch (err) {
+    console.error('[ConfigExport API] 预览 ZIP 失败:', err);
+    res.status(500).json({
+      success: false,
+      message: err.message
+    });
+  }
+});
+
 module.exports = router;

package/src/server/api/security.js

@@ -0,0 +1,53 @@
+const express = require('express');
+const router = express.Router();
+const {
+  getSecurityStatus,
+  verifySecurityPassword,
+  setSecurityPassword
+} = require('../services/security-config');
+
+router.get('/', (req, res) => {
+  try {
+    const status = getSecurityStatus();
+    res.json({ success: true, ...status });
+  } catch (error) {
+    console.error('Error getting security status:', error);
+    res.status(500).json({ error: error.message });
+  }
+});
+
+router.post('/verify', (req, res) => {
+  try {
+    const { password } = req.body;
+    if (typeof password !== 'string' || !password) {
+      return res.status(400).json({ error: '请输入密码' });
+    }
+
+    const result = verifySecurityPassword(password);
+    if (result.reason === 'not_set') {
+      return res.status(400).json({ error: '尚未设置访问密码' });
+    }
+    if (!result.ok) {
+      return res.status(401).json({ error: '密码错误' });
+    }
+
+    res.json({ success: true });
+  } catch (error) {
+    console.error('Error verifying security password:', error);
+    res.status(500).json({ error: error.message });
+  }
+});
+
+router.post('/password', (req, res) => {
+  try {
+    const { currentPassword, newPassword } = req.body || {};
+    const result = setSecurityPassword({ currentPassword, newPassword });
+    res.json({ success: true, ...result });
+  } catch (error) {
+    const status = error.code === 'INVALID_PASSWORD' ? 401 : 400;
+    console.error('Error setting security password:', error);
+    res.status(status).json({ error: error.message });
+  }
+});
+
+module.exports = router;

package/src/server/api/terminal.js

@@ -9,6 +9,7 @@ const path = require('path');
 const fs = require('fs');
 
 const { ptyManager } = require('../services/pty-manager');
+const { getWebTerminalShellConfig } = require('../services/terminal-config');
 const {
   loadTerminalCommands,
   saveTerminalCommands,
@@ -171,13 +172,16 @@ router.post('/create', (req, res) => {
     // 获取启动命令
     const startCommand = getCommandForChannel(channel, sessionId, workDir);
 
+    const shellConfig = getWebTerminalShellConfig();
+
     // 创建终端
     const terminal = ptyManager.create({
       cwd: workDir,
       channel,
       sessionId,
       projectName,
-      startCommand
+      startCommand,
+      ...shellConfig
     });
 
     res.json({

package/src/server/index.js

@@ -109,6 +109,7 @@ async function startServer(port) {
   app.use('/api/aliases', require('./api/aliases')());
   app.use('/api/favorites', require('./api/favorites'));
   app.use('/api/ui-config', require('./api/ui-config'));
+  app.use('/api/security', require('./api/security'));
   app.use('/api/channels', require('./api/channels'));
   app.use('/api/proxy', require('./api/proxy'));
   app.use('/api/codex/proxy', require('./api/codex-proxy'));