优化安全策略

public/js/app.js

@@ -52,6 +52,7 @@
     siteTitleInput: document.getElementById('siteTitleInput'),
     logoUrlInput: document.getElementById('logoUrlInput'),
     btnSaveSiteSettings: document.getElementById('btnSaveSiteSettings'),
+    btnSaveSecuritySettings: document.getElementById('btnSaveSecuritySettings'),
     siteSettingsMessage: document.getElementById('siteSettingsMessage'),
     logoText: document.getElementById('logoText'),
     logoIconContainer: document.getElementById('logoIconContainer'),
@@ -541,11 +542,23 @@
       if (dom.logoUrlDarkInput) dom.logoUrlDarkInput.value = window.SITE_SETTINGS.logo_url_dark || '';
       if (dom.faviconUrlInput) dom.faviconUrlInput.value = window.SITE_SETTINGS.favicon_url || '';
       if (dom.showServerIpInput) dom.showServerIpInput.value = window.SITE_SETTINGS.show_server_ip ? "1" : "0";
-      // Latency routes loaded separately in openSettings or on startup
+      
+      // Apply security dependency
+      updateSecurityDependency();
     }
 
     loadSiteSettings();
 
+    // Bind save button for security tab
+    if (dom.btnSaveSecuritySettings) {
+      dom.btnSaveSecuritySettings.addEventListener('click', saveSiteSettings);
+    }
+    
+    // Security dependency listener
+    if (dom.requireLoginForServerDetailsInput) {
+      dom.requireLoginForServerDetailsInput.addEventListener('change', updateSecurityDependency);
+    }
+
     // Track intervals for resource management
     initWebSocket();
     backgroundIntervals.push(setInterval(fetchNetworkHistory, NETWORK_HISTORY_INTERVAL));
@@ -1978,6 +1991,12 @@
         }
       };
       siteThemeQuery.addEventListener('change', siteThemeHandler);
+      
+      // Update IP visibility input
+      if (dom.showServerIpInput) dom.showServerIpInput.value = settings.show_server_ip ? "1" : "0";
+      
+      // Sync security tab dependency
+      updateSecurityDependency();
     } catch (err) {
       console.error('Error loading site settings:', err);
     }
@@ -2096,8 +2115,13 @@
       show_server_ip: dom.showServerIpInput ? (dom.showServerIpInput.value === "1") : false
     };
 
-    dom.btnSaveSiteSettings.disabled = true;
-    dom.btnSaveSiteSettings.textContent = '保存中...';
+    // UI Feedback for both potential save buttons
+    const saveButtons = [dom.btnSaveSiteSettings, dom.btnSaveSecuritySettings].filter(b => b);
+    saveButtons.forEach(btn => {
+      btn.disabled = true;
+      btn.originalText = btn.textContent;
+      btn.textContent = '保存中...';
+    });
 
     try {
       const response = await fetch('/api/settings', {
@@ -2134,8 +2158,28 @@
       showSiteMessage(`保存失败: ${err.message}`, 'error');
       console.error('Save settings error:', err);
     } finally {
-      dom.btnSaveSiteSettings.disabled = false;
-      dom.btnSaveSiteSettings.textContent = '保存设置';
+      saveButtons.forEach(btn => {
+        btn.disabled = false;
+        btn.textContent = btn.originalText || '保存设置';
+      });
+    }
+  }
+
+  function updateSecurityDependency() {
+    if (!dom.requireLoginForServerDetailsInput || !dom.showServerIpInput) return;
+    
+    const requireLogin = dom.requireLoginForServerDetailsInput.value === "1";
+    if (!requireLogin) {
+      // If public access is allowed, force hide IP and disable the toggle
+      dom.showServerIpInput.value = "0";
+      dom.showServerIpInput.disabled = true;
+      dom.showServerIpInput.style.opacity = "0.6";
+      dom.showServerIpInput.parentElement.style.opacity = "0.7";
+    } else {
+      // Re-enable when login is required
+      dom.showServerIpInput.disabled = false;
+      dom.showServerIpInput.style.opacity = "1";
+      dom.showServerIpInput.parentElement.style.opacity = "1";
     }
   }