199 changed files with 6292 additions and 16508 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -1,15 +0,0 @@
-node_modules
-!.gitkeep
-dist
-easynode-server.zip
-server/app/static/*
-server/app/socket/sftp-cache/*
-!server/app/socket/sftp-cache/.gitkeep
-server/app/logs/*
-server/app/db/*
-!server/app/db/README.md
-plan.md
-.env
-.env.local
-.git
-doc_images
--- a/client/.eslintrc.js
+++ b/client/.eslintrc.js
@ -1,9 +1,6 @@
 // 规则参见：https://cn.eslint.org/docs/rules/
 module.exports = {
  root: true, // 当前配置文件不能往父级查找
-  'globals': {
-    'consola': true
-  },
  env: {
    node: true,
    es6: true
@ -23,7 +20,6 @@ module.exports = {
    'no-debugger': process.env.NODE_ENV === 'production' ? 'error' : 'off',
    'template-curly-spacing': ['error', 'always'], // 模板字符串空格
    'default-case': 0,
-    'no-empty': 0,
    'object-curly-spacing': ['error', 'always'],
    'no-multi-spaces': ['error'],
    indent: ['error', 2, { 'SwitchCase': 1 }], // 缩进：2
@ -62,6 +58,7 @@ module.exports = {
    'no-dupe-args': 2, // 禁止function重复参数
    'no-dupe-keys': 2, // 禁止object重复key
    'no-duplicate-case': 2,
+    'no-empty': 2, // 禁止空语句块
    'no-func-assign': 2, // 禁止重复声明函数
    'no-inner-declarations': 2, // 禁止在嵌套的语句块中出现变量或 function 声明
    'no-sparse-arrays': 2, // 禁止稀缺数组
--- a/.github/workflows/client-builder.yml
+++ b/.github/workflows/client-builder.yml
@ -1,79 +0,0 @@
-name: Build Client to Release
-
-on:
-  push:
-    branches:
-      - main
-    paths:
-      - 'client/**'
-  workflow_dispatch:
-
-jobs:
-  build:
-    runs-on: ubuntu-22.04
-    steps:
-      - name: Checkout Repository
-        uses: actions/checkout@v3
-
-      - name: Set up Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: '20'
-
-      - name: Install dependencies
-        run: npm install
-        working-directory: client
-
-      - name: Build for Linux x64
-        run: npm run pkglinux:x64
-        working-directory: client
-
-      - name: Install QEMU # 设置qemu 支持arm的虚拟环境
-        run: sudo apt-get update && sudo apt-get install -y qemu qemu-user-static binfmt-support
-
-      - name: Setup QEMU ARM64
-        run: |
-          sudo update-binfmts --enable qemu-aarch64
-          sudo cp /usr/bin/qemu-aarch64-static /usr/local/bin
-          uname -a
-
-      - name: Build for Linux arm64
-        run: npm run pkglinux:arm64
-        working-directory: client
-
-      - name: Set tag name
-        id: tag_name
-        run: echo "TAG_NAME=client-$(date +'%Y-%m-%d')" >> $GITHUB_ENV
-
-      - name: Create Release
-        id: create_release
-        uses: actions/create-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          tag_name: ${{ env.TAG_NAME }}
-          release_name: ${{ env.TAG_NAME }}
-          draft: false
-          prerelease: false
-
-      - name: Upload Release Asset
-        id: upload-release-asset
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
-          asset_path: client/dist/easynode-client-x64
-          asset_name: easynode-client-x64
-          asset_content_type: application/octet-stream
-
-
-      - name: Upload Linux ARM64 Binary to Release
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create_release.outputs.upload_url }}
-          asset_path: client/dist/easynode-client-arm64
-          asset_name: easynode-client-arm64
-          asset_content_type: application/octet-stream
--- a/.github/workflows/docker-builder.yml
+++ b/.github/workflows/docker-builder.yml
@ -1,40 +0,0 @@
-name: Build Server to DockerHub
-
-on:
-  release:
-    types: [published]
-  workflow_dispatch:
-    inputs:
-      tag_name:
-        description: 'Tag Name (leave empty for default latest)'
-        required: false
-        default: 'latest'
-jobs:
-  build-and-push:
-    runs-on: ubuntu-latest
-    steps:
-    - name: Check out the repository
-      uses: actions/checkout@v3
-
-    - name: Log in to Docker Hub
-      uses: docker/login-action@v2
-      with:
-        username: ${{ secrets.DOCKER_USERNAME }}
-        password: ${{ secrets.DOCKER_PASSWORD }}
-
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v2
-
-    - name: Build and push Docker image
-      uses: docker/build-push-action@v3
-      with:
-        context: .
-        file: ./Dockerfile
-        push: true
-        platforms: linux/amd64,linux/arm64
-        tags: |
-          chaoszhu/easynode:${{ github.event.release.tag_name || inputs.tag_name }}
-          chaoszhu/easynode:latest
-
-    # - name: Clean up post-build
-    #   run: docker system prune -af
--- a/.gitignore
+++ b/.gitignore
@ -2,16 +2,6 @@ node_modules
 !.gitkeep
 dist
 easynode-server.zip
-server/app/static/*
-server/app/socket/sftp-cache/*
-!server/app/socket/sftp-cache/.gitkeep
-server/app/logs/*
-server/app/db/*
-!server/app/db/README.md
-plan.md
-.env
-.env.local
-.env-encrypt-key
-*clear.js
-local-script
-版本发布.md
+server/app/static/upload/*
+server/app/socket/temp/*
+server/app/logs/*
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -1,5 +0,0 @@
-{
-  "cSpell.ignoreWords": [
-    "Onekey"
-  ]
-}
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,219 +1,3 @@
-## [3.0.3](https://github.com/chaos-zhu/easynode/releases) (2024-12-22)
-
-* 支持keyboard-interactive服务器验证(serv00验证通过)
-* 支持TG Bot通知方式
-* 添加web端Plus授权功能
-* 修复一些UI问题
-* 修复MFA2登录验证码为0开头无法输入的bug
-
-## [3.0.2](https://github.com/chaos-zhu/easynode/releases) (2024-11-20)
-
-* 修复添加实例错误禁用的bug
-
-
-## [3.0.1](https://github.com/chaos-zhu/easynode/releases) (2024-11-18)
-
-* 修复同IP实例SFTP连接到其他的实例的bug
-* 修复一些UI问题
-
-
-## [3.0.0](https://github.com/chaos-zhu/easynode/releases) (2024-11-09)
-
-* 新增跳板机功能,支持选择多台机器跳转
-* 脚本库批量导出导入
-* 本地socket断开自动重连,无需手动重新连接
-* 支持脚本库模糊搜索功能
-* 分组添加实例数量标识
-* 优化登录逻辑
-* 默认登录有效期更改为当天有效
-* 优化脚本库新增脚本时序号自动累加
-* 修复一些小bug
-
-## [2.3.0](https://github.com/chaos-zhu/easynode/releases) (2024-10-24)
-
-* 重构本地数据库存储方式(性能提升一个level~)
-* 支持MFA2二次登录验证
-* 优化了一些页面在移动端的展示
-* 修复偶现刷新页面需重新登录的bug
-
-
-## [2.2.8](https://github.com/chaos-zhu/easynode/releases) (2024-10-20)
-
-### Features
-
-* 兼容移动端UI
-* 新增移动端虚拟功能按键映射
-* 调整终端功能菜单
-* 登录日志本地化储存
-* 修复终端选中文本无法复制的bug
-* 修复无法展示服务端ping客户端延迟ms的bug
-* 修复暗黑模式下的一些样式问题
-
-## [2.2.7](https://github.com/chaos-zhu/easynode/releases) (2024-10-17)
-
-### Features
-
-* 终端连接页新增展示服务端ping客户端延迟ms
-* 修复自定义客户端端口默认字符串的bug
-* 终端支持快捷设置开关: 快捷复制、快捷粘贴、选中脚本自动执行
-
-## [2.2.6](https://github.com/chaos-zhu/easynode/releases) (2024-10-14)
-
-### Features
-
-* 支持自定义客户端端口,方便穿透内网机器
-* 修复监控数据意外注入bug
-
-## [2.2.5](https://github.com/chaos-zhu/easynode/releases) (2024-10-11)
-
-### Features
-
-* 不再对同IP:PORT的实例进行校验
-* 支持同IP任意端口的服务器录入
-* 支持关闭所有终端连接
-* 修复第三方git代理地址
-
-## [2.2.4](https://github.com/chaos-zhu/easynode/releases) (2024-08-31)
-
-### Features
-
-* SFTP支持输入路径跳转
-
-## [2.2.3](https://github.com/chaos-zhu/easynode/releases) (2024-08-20)
-
-### Features
-
-* 添加环境变量 ✔
-* 支持IP访问白名单设置 ✔
-* 修复一些小bug ✔
-* 优化Eslint规则 ✔
-
-## [2.2.2](https://github.com/chaos-zhu/easynode/releases) (2024-08-19)
-
-### Features
-
-* 支持菜单栏的折叠与展开 ✔
-* 优化终端回显 ✔
-* 优化暗黑模式下滚动条样式 ✔
-
-## [2.2.1](https://github.com/chaos-zhu/easynode/releases) (2024-08-18)
-
-### Features
-
-* 支持暗黑主题切换 ✔
-* 批量脚本下发执行结果通知重复的bug ✔
-* 修复交换内存占比的bug ✔
-* 优化服务端代码引用 ✔
-* 修复Code scanning提到的依赖风险 ✔
-
-## [2.2.0](https://github.com/chaos-zhu/easynode/releases) (2024-08-17)
-
-### Features
-
-* 重构通知模块 ✔
-* 支持大多数邮箱SMTP配置通知 ✔
-* 支持Server酱通知 ✔
-* 新增批量指令执行结果提醒 ✔
-* 新增终端登录与登录状态提醒 ✔
-* 新增服务器到期提醒 ✔
-* 修复上传同一个文件无法选择的bug ✔
-* 修复终端连接失败抛出异常的bug ✔
-* 调整客户端安装脚本 ✔
-
-## [2.1.9](https://github.com/chaos-zhu/easynode/releases) (2024-08-16)
-
-### Features
-
-* 过滤客户端检测更新 ✔
-
-## [2.1.8](https://github.com/chaos-zhu/easynode/releases) (2024-08-15)
-
-### Features
-
-* 终端连接逻辑重写,断线自动重连 ✔
-* 终端连接状态展示 ✔
-* 终端支持选中复制&右键粘贴 ✔
-* 终端设置支持字体大小 ✔
-* 终端默认字体样式更改为`Cascadia Code` ✔
-
-## [2.1.7](https://github.com/chaos-zhu/easynode/releases) (2024-08-14)
-
-### Features
-
-* 客户端监控服务支持swap内存交换回传 ✔
-* 面板支持展示swap内存交换状态展示 ✔
-* 添加初始账户登录警告 ✔
-
-## [2.1.6](https://github.com/chaos-zhu/easynode/releases) (2024-08-13)
-
-### Features
-
-* SFTP支持上传嵌套文件夹 ✔
-* 修复面板服务缓存文件夹偶尔不存在的bug  ✔
-
-## [2.1.5](https://github.com/chaos-zhu/easynode/releases) (2024-08-12)
-
-### Features
-
-* 新增终端设置 ✔
-* 支持更多终端主题 ✔
-* 支持终端背景图片(当前版本只缓存在前端且只可以使用内置背景图片) ✔
-
-## [2.1.4](https://github.com/chaos-zhu/easynode/releases) (2024-08-12)
-
-### Features
-
-* 新增cd全路径命令联动SFTP面板 ✔
-* 修复SFTP文件编辑文件名称显示错误的bug ✔
-
-## [2.1.3](https://github.com/chaos-zhu/easynode/releases) (2024-08-11)
-
-### Features
-
-* 修复开启or关闭SFTP功能开关时，终端光标位置错误的bug ✔
-
-## [2.1.2](https://github.com/chaos-zhu/easynode/releases) (2024-08-09)
-
-### Features
-
-* 新增导入导出功能(EasyNode JSON) ✔
-* 新增服务器列表排序与排序缓存 ✔
-* 优化客户端连接状态展示 ✔
-* 优化版本更新提示 ✔
-
-## [2.1.1](https://github.com/chaos-zhu/easynode/releases) (2024-08-05)
-
-### Features
-
-* 支持批量操作：批量修改实例通用信息(ssh配置等)、批量删除、批量安装客户端监控应用 ✔
-* 自动化构建镜像 ✔
-* 调整&优化面板UI ✔
-* 内置常用脚本(逐渐添加中...) ✔
-
-## [2.1.0](https://github.com/chaos-zhu/easynode/releases) (2024-08-02)
-
-### Features
-
-* 支持脚本库功能 ✔
-* 支持批量指令下发功能 ✔
-* 支持多会话同步指令 ✔
-* 重写Dockerfile,大幅减少镜像体积 ✔
-* 调整优化面板UI ✔
-
-## [2.0.0](https://github.com/chaos-zhu/easynode/releases) (2024-07-29)
-
-### Features
-
-* 重构前端UI ✔
-* 新增多个功能菜单 ✔
-* 重构文件储存方式 ✔
-* 升级前后端依赖 ✔
-* 优化前端工程 ✔
-* 修复不同ssh密钥算法登录失败的bug ✔
-* 移除上一次IP登录校验的判断 ✔
-* 前端工程迁移至项目根目录 ✔
-* 添加ssh密钥or密码保存至本地功能 ✔
-
 ## [1.2.1](https://github.com/chaos-zhu/easynode/releases) (2022-12-12)

 ### Features
--- a/21
+++ b/21
@ -1,21 +0,0 @@
-FROM node:20.16-alpine3.20 AS builder_web
-WORKDIR /easynode/web
-COPY ./web .
-COPY yarn.lock .
-RUN yarn
-RUN yarn build
-
-FROM node:20.16-alpine3.20 AS builder_server
-WORKDIR /easynode/server
-COPY ./server .
-COPY yarn.lock .
-COPY --from=builder_web /easynode/web/dist ./app/static
-RUN yarn
-
-FROM node:20.16-alpine3.20
-RUN apk add --no-cache iputils
-WORKDIR /easynode
-COPY --from=builder_server /easynode/server .
-ENV HOST=0.0.0.0
-EXPOSE 8082
-CMD ["npm", "start"]
--- a/Q&A.md
+++ b/Q&A.md
@ -1,23 +1,5 @@
 # Q&A

-## ssh连接失败
-
-首先确定用户名/密码/密钥没错，接着排查服务端ssh登录日志，例如Debian12 `journalctl -u ssh -f`
-
-如果出现类似以下日志:
-```shell
-Jul 10 12:29:11 iZ2ze5f4ne9xf8n3h5Z sshd[8020]: userauth_pubkey: signature algorithm ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]
-```
-
-说明客户端 `ssh-rsa` 签名算法不在 `PubkeyAcceptedAlgorithms` 列表中，目标服务器不接受 ssh-rsa 签名算法的公钥认证。
-
-**解决： **
-编辑 /etc/ssh/sshd_config 文件，添加或修改以下配置
-```shell
-PubkeyAcceptedAlgorithms +ssh-rsa
-```
-重新启动 SSH 服务： `sudo systemctl restart sshd`
-
 ## CentOS7/8启动服务失败

 > 先关闭SELinux
@ -25,7 +7,7 @@ PubkeyAcceptedAlgorithms +ssh-rsa
 ```shell
 vi /etc/selinux/config
 SELINUX=enforcing
-# 修改为禁用
+// 修改为禁用
 SELINUX=disabled
 ```

@ -35,6 +17,4 @@ SELINUX=disabled

 ## 客户端服务启动成功，无法连接？

-> 1. 检查防火墙配置
-
-> 2. iptables端口未开放：`iptables -I INPUT -s 0.0.0.0/0 -p tcp --dport 22022 -j ACCEPT` 或者 `rm -rf /etc/iptables && reboot`
+> 端口未开放：`iptables -I INPUT -s 0.0.0.0/0 -p tcp --dport 22022 -j ACCEPT` 或者 `rm -rf /etc/iptables && reboot`
--- a/README.md
+++ b/README.md
@ -1,123 +1,173 @@
-<div align="center">
+# EasyNode v1.2

-# EasyNode
+> 一个简易的个人Linux服务器管理面板(基于Node.js).

-_✨ 一个多功能Linux服务器WEB终端面板(webSSH&webSFTP) ✨_
+> 前端仓库地址：https://github.com/chaos-zhu/easynode_web

-</div>
+<!-- - [EasyNode](#easynode) -->
+  - [功能简介](#功能简介)
+  - [安装指南](#安装指南)
+    - [服务端安装](#服务端安装)
+      - [Docker镜像](#docker镜像)
+      - [一键脚本](#一键脚本)
+      - [手动部署](#手动部署)
+    - [客户端安装](#客户端安装)
+      - [X86架构](#x86架构)
+      - [ARM架构](#arm架构)
+  - [升级指南](#升级指南)
+    - [服务端](#服务端)
+    - [客户端](#客户端)
+    - [版本日志](#版本日志)
+  - [安全与说明](#安全与说明)
+  - [Q&A](#qa)
+  - [感谢Star](#感谢star)
+  - [License](#license)

-<p align="center">
-  <a href="https://github.com/chaos-zhu/easynode/releases/latest">
-    <img src="https://img.shields.io/github/v/release/chaos-zhu/easynode?color=brightgreen" alt="release">
-  </a>
-  <a href="https://github.com/chaos-zhu/easynode/actions">
-    <img src="https://img.shields.io/github/actions/workflow/status/chaos-zhu/easynode/docker-builder.yml?branch=main" alt="deployment status">
-  </a>
-  <a href="https://hub.docker.com/repository/docker/chaoszhu/easynode">
-    <img src="https://img.shields.io/docker/pulls/chaoszhu/easynode?color=brightgreen" alt="docker pull">
-  </a>
-  <a href="https://github.com/chaos-zhu/easynode/releases/latest">
-    <img src="https://img.shields.io/github/downloads/chaos-zhu/easynode/total?color=brightgreen&include_prereleases" alt="release">
-  </a>
-  <a href="https://raw.githubusercontent.com/chaos-zhu/easynode/main/LICENSE">
-    <img src="https://img.shields.io/github/license/chaos-zhu/easynode?color=brightgreen" alt="license">
-  </a>
-</p>
+## 功能简介

-<p align="center">
-  <a href="#功能">功能</a>
-  ·
-  <a href="#面板展示">面板展示</a>
-  ·
-  <a href="#项目部署">项目部署</a>
-  ·
-  <a href="#监控服务安装">监控服务安装</a>
-  ·
-  <a href="#安全与建议">安全与建议</a>
-  ·
-  <a href="#常见问题">常见问题</a>
-  <!-- ·
-  <a href="#Plus功能">Plus版功能</a> -->
-</p>
+> 多服务器管理; 通过`websocket实时更新`服务器基本信息: **系统、公网IP、CPU、内存、硬盘、网卡**等

-## 功能
+![服务器面板](./images/v1.2-1.png)

-+ [x] 功能完善的**SSH终端**&**SFTP**
-+ [x] 批量导入、导出、编辑服务器配置、脚本等
-+ [x] 脚本库
-+ [x] 实例分组
-+ [x] 凭据托管
-+ [x] 多渠道通知
-+ [x] 批量下发指令
-+ [x] 自定义终端主题
+> 基于浏览器解决`SSH&SFTP跨端`烦恼——**Web SSH**&**Web SFTP**

-## 面板展示

-![面板展示](./doc_images/merge.gif)
+![websftp功能](./images/v1.2-2.png)

-## 项目部署
+> 在线编辑文件

- 默认账户密码 `admin/admin`
- web端口：8082
+![edit](./images/v1.2-3.png)

-### docker镜像
+## 安装指南

+### 服务端安装
+
+- 依赖Node.js环境
+
+- 占用端口：8082(http端口)、22022(客户端端口)
+
+- 建议使用**境外服务器**(最好延迟低)安装服务端，客户端信息监控与webssh功能都将以`该服务器作为跳板机`
+
+#### Docker镜像
+
+> 注意：网速统计功能可能受限，docker网络将使用host模式(与宿主机共享端口，占用: 8082、22022)
+
+- 如果你是第一次运行，先创建一个volume用于保存数据
 ```shell
-docker run -d -p 8082:8082 --restart=always -v /root/easynode/db:/easynode/app/db chaoszhu/easynode
+docker volume create --name easynode-server
 ```
-环境变量：
- `DEBUG`: 启动debug日志 0：关闭 1：开启, 默认关闭
- `ALLOWED_IPS`: 可以访问服务的IP白名单, 多个使用逗号分隔, 支持填写部分ip前缀, 例如: `-e ALLOWED_IPS=127.0.0.1,196.168`
-
-## 监控服务安装
-
- 监控服务用于实时向服务端&web端推送**系统、公网IP、CPU、内存、硬盘、网卡**等基础信息
-
- 默认端口：**22022**
-
-> 安装

 ```shell
-# 使用默认端口22022安装
-curl -o- https://git.221022.xyz/https://raw.githubusercontent.com/chaos-zhu/easynode/main/client/easynode-client-install.sh | bash
+docker run -d --net=host --name=easynode-server -v easynode-server:/easynode-server/app/storage/ chaoszhu/easynode:v1.2.1
+```

-# 使用自定义端口安装, 例如54321
-curl -o- https://git.221022.xyz/https://raw.githubusercontent.com/chaos-zhu/easynode/main/client/easynode-client-install.sh | bash -s -- 54321
+- 如果你想清除容器与数据
+```shell
+docker rm -f easynode-server && docker volume remove easynode-server
+```
+
+访问：http://yourip:8082
+
+#### 一键脚本
+
+- **依赖Linux基础命令工具：curl wget git zip tar；如未安装请先安装：**
+
+> ubuntu/debian: `apt install curl wget git zip tar -y`
+>
+> centos: `yum install curl wget git zip tar -y`
+
+- 运行环境：[Node.js](https://nodejs.org/en/download/) **v14+**
+
+```shell
+wget -qO- --no-check-certificate https://ghproxy.com/https://raw.githubusercontent.com/chaos-zhu/easynode/v1.2/easynode-server-install.sh | bash
+```
+
+访问：http://yourip:8082
+
+- 查看日志：`pm2 log easynode-server`
+- 启动服务：`pm2 start easynode-server`
+- 停止服务：`pm2 stop easynode-server`
+- 删除服务：`pm2 delete easynode-server`
+
+#### 手动部署
+
+1. 安装Node.js
+2. 安装pm2、安装yarn
+3. 拉取代码：git clone https://github.com/chaos-zhu/easynode.git
+4. 安装依赖：yarn
+5. 启动服务：pm2 start server/app/main.js --name easynode-server
+6. 访问：http://yourip:8082
+
+- 默认登录密码：admin(首次部署完成后请及时修改).
+
+---
+
+### 客户端安装
+
+- 占用端口：22022
+
+#### X86架构
+
+```shell
+wget -qO- --no-check-certificate https://ghproxy.com/https://raw.githubusercontent.com/chaos-zhu/easynode/v1.2/easynode-client-install-x86.sh | bash
+```
+
+#### ARM架构
+
+```shell
+wget -qO- --no-check-certificate https://ghproxy.com/https://raw.githubusercontent.com/chaos-zhu/easynode/v1.1/easynode-client-install-arm.sh | bash
 ```

 > 卸载

 ```shell
-curl -o- https://git.221022.xyz/https://raw.githubusercontent.com/chaos-zhu/easynode/main/client/easynode-client-uninstall.sh | bash
+wget -qO- --no-check-certificate https://ghproxy.com/https://raw.githubusercontent.com/chaos-zhu/easynode/v1.2/easynode-client-uninstall.sh | bash
 ```

-> 查看监控服务状态：`systemctl status easynode-client`
+> 查看客户端状态：`systemctl status easynode-client`
 >
-> 查看监控服务日志: `journalctl --follow -u easynode-client`
+> 查看客户端日志: `journalctl --follow -u easynode-client`
 >
 > 查看详细日志：journalctl -xe

 ---

+## 升级指南

-## 安全与建议
+- **v1.1 to v1.2**

-首先声明，任何系统无法保障没有bug的存在，EasyNode也一样。
+### 服务端

-面板提供MFA2功能，并且可配置访问此服务的IP白名单, 如需加强可以使用**iptables**进一步限制IP访问。
-如果需要更高级别的安全性，建议面板服务不要暴露到公网。
+> v1.1对所有的敏感信息全部加密，所有的v1.0为加密的信息全部失效. 主要影响已存储的ssh密钥.
+>
+> **还原客户端列表：** 先备份`app\config\storage\host-list.json`, 使用一键脚本或者手动部署的同志安装好使用备份文件覆盖`\app\storage`下的同名文件即可。
+>
+> 由于加密文件调整，使用docker镜像的v1.1一键脚本自己从镜像里把备份抠出来再重新构建镜像.

-webssh与监控服务都将以`该服务器作为中转`。中国大陆用户建议使用香港、新加坡、日本、韩国等地区的低延迟服务器来安装服务端面板
+### 客户端

-## 常见问题
+> v1.2未对客户端包进行改动，客户端无需重复安装. 不会备份的在面板重新添加客户端机器即可.

- [QA](./Q%26A.md)
+### 版本日志

-<!-- ## Plus版功能
+- [CHANGELOG](./CHANGELOG.md)

- 跳板机功能,拯救被墙实例与龟速终端输入
- 本地socket断开自动重连,无需手动重新连接
- 批量修改实例配置(优化版)
- 脚本库批量导出导入
- 凭据管理支持解密带密码保护的密钥
- 提出的功能需求享有更高的开发优先级 -->
+## 安全与说明
+
+> 本人非专业后端，此服务全凭兴趣开发. 由于知识受限，并不能保证没有漏洞的存在，重要生产服务器最好不要使用此服务!!!
+
+> 所有服务器信息相关接口已做`jwt鉴权`, 安全信息均使用加密传输与储存!
+
+> webssh功能需要的密钥信息全部保存在服务端服务器的`app\storage\ssh-record.json`中. 在保存ssh密钥信息到服务器储存与传输过程皆已加密，`不过最好还是套https使用`
+
+## Q&A
+
+- [Q&A](./Q%26A.md)
+
+## 感谢Star
+
+- 你的Star是我更新的动力，感谢~
+
+## License
+
+[MIT](LICENSE). Copyright (c).
--- a/client/app/config/index.js
+++ b/client/app/config/index.js
@ -1,3 +1,3 @@
 module.exports = {
-  defaultPort: 22022
+  httpPort: 22022
 }
--- a/client/app/lib/swap.js
+++ b/client/app/lib/swap.js
@ -1,59 +0,0 @@
-let exec = require('child_process').exec
-let os = require('os')
-
-function getSwapMemory() {
-  return new Promise((resolve, reject) => {
-    if (os.platform() === 'win32') {
-      // Windows-specific command
-      const command = 'powershell -command "Get-CimInstance Win32_OperatingSystem | Select-Object TotalVirtualMemorySize, FreeVirtualMemory"'
-      exec(command, { encoding: 'utf8' }, (error, stdout, stderr) => {
-        if (error) {
-          console.error('exec error:', error)
-          return reject(error)
-        }
-        if (stderr) {
-          console.error('stderr:', stderr)
-          return reject(stderr)
-        }
-
-        const lines = stdout.trim().split('\n')
-        const values = lines[lines.length - 1].trim().split(/\s+/)
-        const totalVirtualMemory = parseInt(values[0], 10) / 1024
-        const freeVirtualMemory = parseInt(values[1], 10) / 1024
-        const usedVirtualMemory = totalVirtualMemory - freeVirtualMemory
-
-        resolve({
-          swapTotal: totalVirtualMemory,
-          swapFree: freeVirtualMemory,
-          swapUsed: usedVirtualMemory,
-          swapPercentage: ((usedVirtualMemory / totalVirtualMemory) * 100).toFixed(1)
-        })
-      })
-    } else {
-      exec('free -m | grep Swap', (error, stdout, stderr) => {
-        if (error) {
-          console.error('exec error:', error)
-          return reject(error)
-        }
-        if (stderr) {
-          console.error('stderr:', stderr)
-          return reject(stderr)
-        }
-
-        const swapInfo = stdout.trim().split(/\s+/)
-        const swapTotal = parseInt(swapInfo[1], 10)
-        const swapUsed = parseInt(swapInfo[2], 10)
-        const swapFree = parseInt(swapInfo[3], 10)
-
-        resolve({
-          swapTotal,
-          swapUsed,
-          swapFree,
-          swapPercentage: ((swapUsed / swapTotal) * 100).toFixed(1)
-        })
-      })
-    }
-  })
-}
-
-module.exports = getSwapMemory
--- a/client/app/server.js
+++ b/client/app/server.js
@ -1,15 +1,14 @@
 const http = require('http')
 const Koa = require('koa')
-const { defaultPort } = require('./config')
+const { httpPort } = require('./config')
 const wsOsInfo = require('./socket/monitor')

 const httpServer = () => {
  const app = new Koa()
  const server = http.createServer(app.callback())
  serverHandler(app, server)
-  const port = process.env.clientPort || defaultPort
-  server.listen(port, () => {
-    console.log(`Server(http) is running on port:${ port }`)
+  server.listen(httpPort, () => {
+    console.log(`Server(http) is running on port:${ httpPort }`)
  })
 }

--- a/client/app/socket/monitor.js
+++ b/client/app/socket/monitor.js
@ -25,13 +25,13 @@ function ipSchedule() {
    getIpInfo()
  })

-  // 每日凌晨两点整,刷新ip信息
+  // 每日凌晨两点整,刷新ip信息(兼容动态ip服务器)
  let rule2 = new schedule.RecurrenceRule()
  rule2.hour = 2
  rule2.minute = 0
  rule2.second = 0
  schedule.scheduleJob(rule2, () => {
-    console.log('Task: refresh ip info: ', new Date())
+    console.log('Task: refresh ip info', new Date())
    getIpInfo()
  })
 }
--- a/client/app/utils/os-data.js
+++ b/client/app/utils/os-data.js
@ -1,5 +1,4 @@
 const osu = require('node-os-utils')
-const osSwap = require('../lib/swap')
 const os = require('os')

 let cpu = osu.cpu
@ -10,7 +9,7 @@ let osuOs = osu.os
 let users = osu.users

 async function cpuInfo() {
-  let cpuUsage = await cpu.usage(500)
+  let cpuUsage = await cpu.usage(200)
  let cpuCount = cpu.count()
  let cpuModel = cpu.model()
  return {
@ -27,13 +26,6 @@ async function memInfo() {
  }
 }

-async function swapInfo() {
-  let swapInfo = await osSwap()
-  return {
-    ...swapInfo
-  }
-}
-
 async function driveInfo() {
  let driveInfo = {}
  try {
@ -79,7 +71,6 @@ module.exports = async () => {
    data = {
      cpuInfo: await cpuInfo(),
      memInfo: await memInfo(),
-      swapInfo: await swapInfo(),
      driveInfo: await driveInfo(),
      netstatInfo: await netstatInfo(),
      osInfo: await osInfo(),
--- a/client/easynode-client.service
+++ b/client/easynode-client.service
@ -1,8 +1,7 @@
 [Unit]
-Description=easynode client server
+Description=easynode client server port_22022

 [Service]
-Environment="clientPort=22022"
 ExecStart=/root/local/easynode-client/easynode-client
 WorkingDirectory=/root/local/easynode-client
 Restart=always
--- a/client/package.json
+++ b/client/package.json
@ -1,6 +1,6 @@
 {
  "name": "easynode-client",
-  "version": "1.0.1",
+  "version": "1.0.0",
  "description": "easynode-client",
  "bin": "./bin/www",
  "pkg": {
@ -9,8 +9,8 @@
  "scripts": {
    "client": "nodemon ./app/main.js",
    "pkgwin": "pkg . -t node16-win-x64",
-    "pkglinux:x64": "pkg . -t node16-linux-x64 -o  dist/easynode-client-x64",
-    "pkglinux:arm64": "pkg . -t node16-linux-arm64 -o dist/easynode-client-arm64"
+    "pkglinux:x86": "pkg . -t node16-linux-x64",
+    "pkglinux:arm": "pkg . -t node16-linux-arm64"
  },
  "keywords": [],
  "author": "",
@ -21,15 +21,15 @@
    ]
  },
  "dependencies": {
-    "axios": "0.27.2",
-    "eslint": "8.56.0",
-    "koa": "2.15.3",
-    "node-os-utils": "1.3.7",
-    "node-schedule": "2.1.1",
-    "socket.io": "4.7.5"
+    "axios": "^0.21.4",
+    "koa": "^2.13.1",
+    "node-os-utils": "^1.3.6",
+    "node-schedule": "^2.1.0",
+    "socket.io": "^4.4.1"
  },
  "devDependencies": {
-    "nodemon": "^3.1.4",
-    "pkg": "5.8"
+    "eslint": "^7.32.0",
+    "nodemon": "^2.0.15",
+    "pkg": "5.6"
  }
 }
--- a/doc_images/1.jpg
+++ b/doc_images/1.jpg
--- a/doc_images/2.jpg
+++ b/doc_images/2.jpg
--- a/doc_images/3.jpg
+++ b/doc_images/3.jpg
--- a/doc_images/4.jpg
+++ b/doc_images/4.jpg
--- a/doc_images/5.jpg
+++ b/doc_images/5.jpg
--- a/doc_images/6.jpg
+++ b/doc_images/6.jpg
--- a/doc_images/7.jpg
+++ b/doc_images/7.jpg
--- a/doc_images/merge.gif
+++ b/doc_images/merge.gif
--- a/doc_images/wx.jpg
+++ b/doc_images/wx.jpg
--- a/client/easynode-client-install.sh
+++ b/client/easynode-client-install.sh
@ -5,18 +5,12 @@ if [ "$(id -u)" != "0" ] ; then
 	exit 1
 fi

-clientPort=${clientPort:-22022}
 SERVER_NAME=easynode-client
 FILE_PATH=/root/local/easynode-client
 SERVICE_PATH=/etc/systemd/system
-CLIENT_VERSION=client-2024-10-13 # 目前监控客户端版本发布需手动更改为最新版本号
-SERVER_PROXY="https://git.221022.xyz/"
+SERVER_VERSION=v1.0

-if [ ! -z "$1" ]; then
-  clientPort=$1
-fi
-
-echo "***********************开始安装EasyNode监控客户端端,当前版本号: ${CLIENT_VERSION}, 端口: ${clientPort}***********************"
+echo "***********************开始安装 easynode-client_${SERVER_VERSION}***********************"

 systemctl status ${SERVER_NAME} > /dev/null 2>&1
 if [ $? != 4 ]
@ -48,18 +42,8 @@ echo "***********************创建文件PATH***********************"
 mkdir -p ${FILE_PATH}

 echo "***********************下载开始***********************"
-
-ARCH=$(uname -m)
-
-echo "***********************系统架构: $ARCH***********************"
-if [ "$ARCH" = "x86_64" ] ; then
-  DOWNLOAD_FILE_URL="${SERVER_PROXY}https://github.com/chaos-zhu/easynode/releases/download/${CLIENT_VERSION}/easynode-client-x64"
-elif [ "$ARCH" = "aarch64" ] ; then
-  DOWNLOAD_FILE_URL="${SERVER_PROXY}https://github.com/chaos-zhu/easynode/releases/download/${CLIENT_VERSION}/easynode-client-arm64"
-else
-  echo "不支持的架构：$ARCH. 只支持x86_64和aarch64，其他架构请自行构建"
-  exit 1
-fi
+DOWNLOAD_FILE_URL="https://ghproxy.com/https://github.com/chaos-zhu/easynode/releases/download/v1.1/easynode-client-arm"
+DOWNLOAD_SERVICE_URL="https://ghproxy.com/https://raw.githubusercontent.com/chaos-zhu/easynode/v1.1/client/easynode-client.service"

 # -O 指定路径和文件名(这里是二进制文件, 不需要扩展名)
 wget -O ${FILE_PATH}/${SERVER_NAME} --no-check-certificate --no-cache ${DOWNLOAD_FILE_URL}
@ -69,8 +53,6 @@ then
  exit 1
 fi

-DOWNLOAD_SERVICE_URL="${SERVER_PROXY}https://raw.githubusercontent.com/chaos-zhu/easynode/main/client/easynode-client.service"
-
 wget -O ${FILE_PATH}/${SERVER_NAME}.service --no-check-certificate --no-cache ${DOWNLOAD_SERVICE_URL}

 if [ $? != 0 ]
@ -85,8 +67,6 @@ echo "***********************下载成功***********************"
 chmod +x ${FILE_PATH}/${SERVER_NAME}
 chmod 777 ${FILE_PATH}/${SERVER_NAME}.service

-sed -i "s/clientPort=22022/clientPort=${clientPort}/g" ${FILE_PATH}/${SERVER_NAME}.service
-
 # echo "***********************移动service&reload***********************"
 mv ${FILE_PATH}/${SERVER_NAME}.service ${SERVICE_PATH}

@ -96,6 +76,7 @@ systemctl daemon-reload
 echo "***********************启动服务***********************"
 systemctl start ${SERVER_NAME}

+
 # echo "***********************设置开机启动***********************"
 systemctl enable ${SERVER_NAME}

--- a/easynode-client-install-x86.sh
+++ b/easynode-client-install-x86.sh
@ -0,0 +1,90 @@
+#!/bin/bash
+
+if [ "$(id -u)" != "0" ] ; then
+  echo "***********************请切换到root再尝试执行***********************"
+	exit 1
+fi
+
+SERVER_NAME=easynode-client
+FILE_PATH=/root/local/easynode-client
+SERVICE_PATH=/etc/systemd/system
+SERVER_VERSION=v1.0
+
+echo "***********************开始安装 easynode-client_${SERVER_VERSION}***********************"
+
+systemctl status ${SERVER_NAME} > /dev/null 2>&1
+if [ $? != 4 ]
+then
+  echo "***********************停用旧服务***********************"
+	systemctl stop ${SERVER_NAME}
+	systemctl disable ${SERVER_NAME}
+	systemctl daemon-reload
+fi
+
+if [ -f "${SERVICE_PATH}/${SERVER_NAME}.service" ]
+then
+  echo "***********************移除旧服务***********************"
+  chmod 777 ${SERVICE_PATH}/${SERVER_NAME}.service
+	rm -Rf ${SERVICE_PATH}/${SERVER_NAME}.service
+	systemctl daemon-reload
+fi
+
+if [ -d ${FILE_PATH} ]
+then
+  echo "***********************移除旧文件***********************"
+  chmod 777 ${FILE_PATH}
+	rm -Rf ${FILE_PATH}
+fi
+
+# 开始安装
+
+echo "***********************创建文件PATH***********************"
+mkdir -p ${FILE_PATH}
+
+echo "***********************下载开始***********************"
+DOWNLOAD_FILE_URL="https://ghproxy.com/https://github.com/chaos-zhu/easynode/releases/download/v1.1/easynode-client-x86"
+DOWNLOAD_SERVICE_URL="https://ghproxy.com/https://raw.githubusercontent.com/chaos-zhu/easynode/v1.1/client/easynode-client.service"
+
+# -O 指定路径和文件名(这里是二进制文件, 不需要扩展名)
+wget -O ${FILE_PATH}/${SERVER_NAME} --no-check-certificate --no-cache ${DOWNLOAD_FILE_URL}
+if [ $? != 0 ]
+then
+  echo "***********************下载${SERVER_NAME}失败***********************"
+  exit 1
+fi
+
+wget -O ${FILE_PATH}/${SERVER_NAME}.service --no-check-certificate --no-cache ${DOWNLOAD_SERVICE_URL}
+
+if [ $? != 0 ]
+then
+  echo "***********************下载${SERVER_NAME}.service失败***********************"
+  exit 1
+fi
+
+echo "***********************下载成功***********************"
+
+# echo "***********************设置权限***********************"
+chmod +x ${FILE_PATH}/${SERVER_NAME}
+chmod 777 ${FILE_PATH}/${SERVER_NAME}.service
+
+# echo "***********************移动service&reload***********************"
+mv ${FILE_PATH}/${SERVER_NAME}.service ${SERVICE_PATH}
+
+# echo "***********************daemon-reload***********************"
+systemctl daemon-reload
+
+echo "***********************准备启动服务***********************"
+systemctl start ${SERVER_NAME}
+
+if [ $? != 0 ]
+then
+  echo "***********************${SERVER_NAME}.service启动失败***********************"
+  echo "***********************可能是服务器开启了SELinux, 参见Q&A***********************"
+  exit 1
+fi
+echo "***********************服务启动成功***********************"
+
+# echo "***********************设置开机启动***********************"
+systemctl enable ${SERVER_NAME}
+
+echo "***********************安装成功***********************"
--- a/client/easynode-client-uninstall.sh
+++ b/client/easynode-client-uninstall.sh
--- a/easynode-server-install.sh
+++ b/easynode-server-install.sh
@ -0,0 +1,74 @@
+#!/bin/bash
+
+if [ "$(id -u)" != "0" ] ; then
+  echo "***********************请切换到root再尝试执行***********************"
+	exit 1
+fi
+
+echo "***********************检测node环境***********************"
+node -v
+if [ $? != 0 ]
+then
+  echo "未安装node运行环境"
+  exit 1
+fi
+echo "已安装"
+
+
+echo "***********************检测pm2守护进程***********************"
+pm2 list
+if [ $? != 0 ]
+then
+  echo "未安装pm2,正在安装..."
+  npm i -g pm2
+fi
+echo "已安装"
+
+echo "***********************开始下载EasyNode***********************"
+
+DOWNLOAD_FILE_URL="https://ghproxy.com/https://github.com/chaos-zhu/easynode/releases/download/v1.2.1/easynode-server.zip"
+SERVER_NAME=easynode-server
+SERVER_ZIP=easynode-server.zip
+FILE_PATH=/root
+wget -O ${FILE_PATH}/${SERVER_ZIP} --no-check-certificate --no-cache ${DOWNLOAD_FILE_URL}
+
+if [ $? != 0 ]
+then
+  echo "下载EasyNode.zip失败,请检查网络环境或稍后再试"
+  exit 1
+fi
+echo "下载成功"
+
+echo '***********************开始解压***********************'
+
+unzip -o -d ${FILE_PATH}/${SERVER_NAME} ${SERVER_ZIP}
+if [ $? != 0 ]
+then
+  echo "解压失败, 请确保已安装zip、tar基础工具"
+  exit 1
+fi
+echo "解压成功"
+
+cd ${FILE_PATH}/${SERVER_NAME} || exit
+
+echo '***********************开始安装依赖***********************'
+yarn -v
+if [ $? != 0 ]
+then
+  echo "未安装yarn管理工具,正在安装..."
+  npm i -g yarn
+fi
+yarn
+
+if [ $? != 0 ]
+then
+  echo "yarn安装失败，请检测网络环境. 使用大陆vps请执行以下命令设置镜像源，再重新运行该脚本：npm config set registry https://registry.npm.taobao.org
+"
+fi
+echo "依赖安装成功"
+
+echo '启动服务'
+
+pm2 start ${FILE_PATH}/${SERVER_NAME}/app/main.js --name easynode-server
+
+echo '查看日志请输入: pm2 log easynode-server'
--- a/images/v1.2-1.png
+++ b/images/v1.2-1.png
--- a/images/v1.2-2.png
+++ b/images/v1.2-2.png
--- a/images/v1.2-3.png
+++ b/images/v1.2-3.png
--- a/package.json
+++ b/package.json
@ -1,12 +1,9 @@
 {
  "name": "easynode",
-  "description": "web ssh",
+  "version": "1.0.0",
+  "description": "easy to manage the server",
  "private": true,
-  "workspaces": [
-    "server",
-    "web",
-    "client"
-  ],
+  "workspaces": ["server", "client"],
  "repository": {
    "type": "git",
    "url": "git+https://github.com/chaos-zhu/easynode.git"
@ -20,17 +17,8 @@
  ],
  "author": "chaoszhu",
  "license": "ISC",
-  "scripts": {
-    "dev": "concurrently \"yarn workspace web run dev\" \"yarn workspace server run local\"",
-    "clean": "rimraf web/node_modules server/node_modules client/node_modules node_modules",
-    "encrypt": "node ./local-script/encrypt-file.js"
-  },
  "bugs": {
    "url": "https://github.com/chaos-zhu/easynode/issues"
  },
-  "homepage": "https://github.com/chaos-zhu/easynode#readme",
-  "devDependencies": {
-    "concurrently": "^8.2.2",
-    "rimraf": "^6.0.1"
-  }
+  "homepage": "https://github.com/chaos-zhu/easynode#readme"
 }
--- a/server/.env.template
+++ b/server/.env.template
@ -1,8 +0,0 @@
-# 启动debug日志 0：关闭 1：开启
-DEBUG=1
-
-# 访问IP限制
-allowedIPs=['127.0.0.1']
-
-# 激活PLUS功能的授权码
-PLUS_KEY=
--- a/server/.eslintrc.js
+++ b/server/.eslintrc.js
@ -1,7 +1,9 @@
 // 规则参见：https://cn.eslint.org/docs/rules/
 module.exports = {
  root: true, // 当前配置文件不能往父级查找
-  'globals': { 'consola': true },
+  'globals': {
+    'consola': true
+  },
  env: {
    node: true,
    es6: true
@ -28,15 +30,10 @@ module.exports = {
    quotes: ['error', 'single'], // 引号：single单引 double双引
    semi: ['error', 'never'], // 结尾分号：never禁止 always必须
    'comma-dangle': ['error', 'never'], // 对象拖尾逗号
-    'space-before-blocks': ['error', 'always'],
-    'space-in-parens': ['error', 'never'],
-    'keyword-spacing': ['error', { 'before': true, 'after': true }],
    'no-redeclare': ['error', { builtinGlobals: true }], // 禁止重复对象声明
    'no-multi-assign': 0,
    'no-restricted-globals': 0,
-    'no-case-declarations': 0,
    'space-before-function-paren': 0, // 函数定义时括号前面空格
-    'no-async-promise-executor': 0, // 允许在回调中使用async函数
    'one-var': 0, // 允许连续声明
    // 'no-undef': 0, // 允许未定义的变量【会使env配置无效】
    'linebreak-style': 0, // 检测CRLF/LF检测【默认LF】
--- a/server/.gitignore
+++ b/server/.gitignore
@ -0,0 +1,7 @@
+node_modules
+app/static/upload/*
+app/socket/temp/*
+app/socket/.sftp-cache/*
+app/logs/*
+!.gitkeep
+dist
--- a/server/Dockerfile
+++ b/server/Dockerfile
@ -0,0 +1,13 @@
+FROM node:16.15.0-alpine3.14
+ARG TARGET_DIR=/easynode-server
+WORKDIR ${TARGET_DIR}
+RUN yarn config set registry https://registry.npm.taobao.org
+COPY package.json ${TARGET_DIR}
+COPY yarn.lock ${TARGET_DIR}
+RUN yarn
+COPY . ${TARGET_DIR}
+ENV HOST 0.0.0.0
+EXPOSE 8082
+EXPOSE 8083
+EXPOSE 22022
+CMD ["npm", "run", "server"]
--- a/server/README.md
+++ b/server/README.md
@ -2,6 +2,15 @@

 - 基于Koa

+## docker
+
+<!-- 修改版本号 -->
+- 构建镜像：docker build -t chaoszhu/easynode:v1.1 .
+- 推送镜像：docker push chaoszhu/easynode:v1.1
+
+> `docker run -d --net=host easynode-server`
+<!-- > `docker run -d -p 8888:8082 -p 22022:22022 easynode-server` -->
+
 ## 遇到的问题

 > MaxListenersExceededWarning: Possible EventEmitter memory leak detected. 11 input listeners added to [Socket]. Use emitter.setMaxListeners() to increase limit
--- a/server/app/config/index.js
+++ b/server/app/config/index.js
@ -1,26 +1,20 @@
 const path = require('path')

-consola.info('debug日志：', process.env.DEBUG === '1' ? '开启' : '关闭')
-
 module.exports = {
  httpPort: 8082,
-  defaultClientPort: 22022,
-  uploadDir: path.join(process.cwd(),'app/db'),
+  clientPort: 22022, // 勿更改
+  uploadDir: path.join(process.cwd(),'app/static/upload'),
  staticDir: path.join(process.cwd(),'app/static'),
  sftpCacheDir: path.join(process.cwd(),'app/socket/sftp-cache'),
-  credentialsDBPath: path.join(process.cwd(),'app/db/credentials.db'),
-  keyDBPath: path.join(process.cwd(),'app/db/key.db'),
-  hostListDBPath: path.join(process.cwd(),'app/db/host.db'),
-  groupConfDBPath: path.join(process.cwd(),'app/db/group.db'),
-  scriptsDBPath: path.join(process.cwd(),'app/db/scripts.db'),
-  notifyDBPath: path.join(process.cwd(),'app/db/notify.db'),
-  notifyConfigDBPath: path.join(process.cwd(),'app/db/notify-config.db'),
-  onekeyDBPath: path.join(process.cwd(),'app/db/onekey.db'),
-  logDBPath: path.join(process.cwd(),'app/db/log.db'),
-  plusDBPath: path.join(process.cwd(),'app/db/plus.db'),
+  sshRecordPath: path.join(process.cwd(),'app/storage/ssh-record.json'),
+  keyPath: path.join(process.cwd(),'app/storage/key.json'),
+  hostListPath: path.join(process.cwd(),'app/storage/host-list.json'),
+  emailPath: path.join(process.cwd(),'app/storage/email.json'),
+  notifyPath: path.join(process.cwd(),'app/storage/notify.json'),
+  groupPath: path.join(process.cwd(),'app/storage/group.json'),
  apiPrefix: '/api/v1',
  logConfig: {
    outDir: path.join(process.cwd(),'./app/logs'),
-    recordLog: process.env.DEBUG === '1' // 是否记录日志
+    recordLog: false // 是否记录日志
  }
 }
--- a/server/app/config/shell.json
+++ b/server/app/config/shell.json
@ -1,22 +0,0 @@
-[
-  {
-    "name": "easynode监控服务安装",
-    "command": "curl -o- https://git.221022.xyz/https://raw.githubusercontent.com/chaos-zhu/easynode/main/client/easynode-client-install.sh | bash",
-    "description": "easynode-监控服务-安装脚本"
-  },
-  {
-    "name": "easynode监控服务卸载",
-    "command": "curl -o- https://git.221022.xyz/https://raw.githubusercontent.com/chaos-zhu/easynode/main/client/easynode-client-uninstall.sh | bash",
-    "description": "easynode-监控服务-卸载脚本"
-  },
-  {
-    "name": "查询本机公网IP",
-    "command": "curl ifconfig.me",
-    "description": "查询本机公网IP"
-  },
-  {
-    "name": "生成ssh密钥对",
-    "command": "ssh-keygen -t rsa -b 2048",
-    "description": "生成ssh密钥对"
-  }
-]
--- a/server/app/controller/group.js
+++ b/server/app/controller/group.js
@ -1,47 +1,53 @@
-const { HostListDB, GroupDB } = require('../utils/db-class')
+const { readGroupList, writeGroupList, readHostList, writeHostList,randomStr } = require('../utils')

-const hostListDB = new HostListDB().getInstance()
-const groupDB = new GroupDB().getInstance()
-
-async function getGroupList({ res }) {
-  let data = await groupDB.findAsync({})
-  data = data.map(item => ({ ...item, id: item._id }))
-  data?.sort((a, b) => Number(b.index || 0) - Number(a.index || 0))
+function getGroupList({ res }) {
+  const data = readGroupList()
  res.success({ data })
 }

 const addGroupList = async ({ res, request }) => {
  let { body: { name, index } } = request
-  if (!name) return res.fail({ data: false, msg: '参数错误' })
-  let group = { name, index }
-  await groupDB.insertAsync(group)
-  res.success({ data: '添加成功' })
+  if(!name) return res.fail({ data: false, msg: '参数错误' })
+  let groupList = readGroupList()
+  let group = { id: randomStr(), name, index }
+  groupList.push(group)
+  groupList.sort((a, b) => a.index - b.index)
+  writeGroupList(groupList)
+  res.success({ data: '新增成功' })
 }

 const updateGroupList = async ({ res, request }) => {
  let { params: { id } } = request
  let { body: { name, index } } = request
-  if (!id || !name) return res.fail({ data: false, msg: '参数错误' })
-  let target = await groupDB.findOneAsync({ _id: id })
-  if (!target) return res.fail({ data: false, msg: `分组ID${ id }不存在` })
-  await groupDB.updateAsync({ _id: id }, { name, index: Number(index) || 0 })
+  if(!id || !name) return res.fail({ data: false, msg: '参数错误' })
+  let groupList = readGroupList()
+  let idx = groupList.findIndex(item => item.id === id)
+  let group = { id, name, index }
+  if(idx === -1) return res.fail({ data: false, msg: `分组ID${ id }不存在` })
+  groupList.splice(idx, 1, group)
+  groupList.sort((a, b) => a.index - b.index)
+  writeGroupList(groupList)
  res.success({ data: '修改成功' })
 }

 const removeGroup = async ({ res, request }) => {
  let { params: { id } } = request
-  if (id === 'default') return res.fail({ data: false, msg: '保留分组, 禁止删除' })
+  if(id ==='default') return res.fail({ data: false, msg: '保留分组, 禁止删除' })
+  let groupList = readGroupList()
+  let idx = groupList.findIndex(item => item.id === id)
+  if(idx === -1) return res.fail({ msg: '分组不存在' })
+
  // 移除分组将所有该分组下host分配到default中去
-  let hostList = await hostListDB.findAsync({})
-  if (Array.isArray(hostList) && hostList.length > 0) {
-    for (let item of hostList) {
-      if (item.group === id) {
-        item.group = 'default'
-        await hostListDB.updateAsync({ _id: item._id }, item)
-      }
-    }
-  }
-  await groupDB.removeAsync({ _id: id })
+  let hostList = readHostList()
+  hostList = hostList.map((item) => {
+    if(item.group === groupList[idx].id) item.group = 'default'
+    return item
+  })
+  writeHostList(hostList)
+
+  groupList.splice(idx, 1)
+  writeGroupList(groupList)
+
  res.success({ data: '移除成功' })
 }

--- a/server/app/controller/host.js
+++ b/server/app/controller/host.js
@ -1,116 +1,68 @@
-const path = require('path')
-const decryptAndExecuteAsync = require('../utils/decrypt-file')
-const { RSADecryptAsync, AESEncryptAsync, AESDecryptAsync } = require('../utils/encrypt')
-const { HostListDB } = require('../utils/db-class')
-const hostListDB = new HostListDB().getInstance()
+const { readHostList, writeHostList, readSSHRecord, writeSSHRecord } = require('../utils')

-async function getHostList({ res }) {
-  let data = await hostListDB.findAsync({})
-  data?.sort((a, b) => Number(b.index || 0) - Number(a.index || 0))
-  for (const item of data) {
-    try {
-      let { authType, _id: id, credential } = item
-      if (credential) credential = await AESDecryptAsync(credential)
-      const isConfig = Boolean(authType && item[authType])
-      Object.assign(item, { id, isConfig, password: '', privateKey: '', credential })
-    } catch (error) {
-      consola.error('getHostList error: ', error.message)
-    }
-  }
+function getHostList({ res }) {
+  const data = readHostList()
  res.success({ data })
 }

-async function addHost({ res, request }) {
-  let { body } = request
-  if (!body.name || !body.host) return res.fail({ msg: 'missing params: name or host' })
-  let newRecord = { ...body }
-  const { authType, tempKey } = newRecord
-  if (newRecord[authType] && tempKey) {
-    const clearTempKey = await RSADecryptAsync(tempKey)
-    const clearSSHKey = await AESDecryptAsync(newRecord[authType], clearTempKey)
-    newRecord[authType] = await AESEncryptAsync(clearSSHKey)
-  }
-  await hostListDB.insertAsync(newRecord)
+function saveHost({ res, request }) {
+  let { body: { host: newHost, name, expired, expiredNotify, group, consoleUrl, remark } } = request
+  if(!newHost || !name) return res.fail({ msg: 'missing params: name or host' })
+  let hostList = readHostList()
+  if(hostList.some(({ host }) => host === newHost)) return res.fail({ msg: `主机${ newHost }已存在` })
+  hostList.push({ host: newHost, name, expired, expiredNotify, group, consoleUrl, remark })
+  writeHostList(hostList)
  res.success()
 }

-async function updateHost({ res, request }) {
-  let {
-    body
-  } = request
-  if (typeof body !== 'object') return res.fail({ msg: '参数错误' })
-  const updateFiled = { ...body }
-  const { id, authType, tempKey } = updateFiled
-  if (authType && updateFiled[authType]) {
-    const clearTempKey = await RSADecryptAsync(tempKey)
-    const clearSSHKey = await AESDecryptAsync(updateFiled[authType], clearTempKey)
-    updateFiled[authType] = await AESEncryptAsync(clearSSHKey)
-    delete updateFiled.tempKey
-  } else {
-    delete updateFiled.authType
-    delete updateFiled.password
-    delete updateFiled.privateKey
-    delete updateFiled.credential
-  }
-  console.log('updateFiled: ', updateFiled)
-  await hostListDB.updateAsync({ _id: id }, { $set: { ...updateFiled } })
-  res.success({ msg: '修改成功' })
+function updateHost({ res, request }) {
+  let { body: { host: newHost, name: newName, oldHost, expired, expiredNotify, group, consoleUrl, remark } } = request
+  if(!newHost || !newName || !oldHost) return res.fail({ msg: '参数错误' })
+  let hostList = readHostList()
+  if(!hostList.some(({ host }) => host === oldHost)) return res.fail({ msg: `主机${ newHost }不存在` })
+  let targetIdx = hostList.findIndex(({ host }) => host === oldHost)
+  hostList.splice(targetIdx, 1, { name: newName, host: newHost, expired, expiredNotify, group, consoleUrl, remark })
+  writeHostList(hostList)
+  res.success()
 }

-async function batchUpdateHost({ res, request }) {
-  let { updateHosts } = (await decryptAndExecuteAsync(path.join(__dirname, 'plus.js'))) || {}
-  if (updateHosts) {
-    await updateHosts({ res, request })
-  } else {
-    return res.fail({ data: false, msg: 'Plus专属功能!' })
-  }
+function removeHost({ res, request }) {
+  let { body: { host } } = request
+  let hostList = readHostList()
+  let hostIdx = hostList.findIndex(item => item.host === host)
+  if(hostIdx === -1) return res.fail({ msg: `${ host }不存在` })
+  hostList.splice(hostIdx, 1)
+  writeHostList(hostList)
+  // 查询是否存在ssh记录
+  let sshRecord = readSSHRecord()
+  let sshIdx = sshRecord.findIndex(item => item.host === host)
+  let flag = sshIdx !== -1
+  if(flag) sshRecord.splice(sshIdx, 1)
+  writeSSHRecord(sshRecord)
+
+  res.success({ data: `${ host }已移除, ${ flag ? '并移除ssh记录' : '' }` })
 }

-async function removeHost({ res, request }) {
-  let { body: { ids } } = request
-  if (!Array.isArray(ids)) return res.fail({ msg: '参数错误' })
-  const numRemoved = await hostListDB.removeAsync({ _id: { $in: ids } }, { multi: true })
-  res.success({ data: `已移除,数量: ${ numRemoved }` })
-}
-
-async function importHost({ res, request }) {
-  let { body: { importHost, isEasyNodeJson = false } } = request
-  if (!Array.isArray(importHost)) return res.fail({ msg: '参数错误' })
-  let hostList = await hostListDB.findAsync({})
-  // 考虑到批量导入可能会重复太多,先过滤已存在的host:port
-  let hostListSet = new Set(hostList.map(({ host, port }) => `${ host }:${ port }`))
-  let newHostList = importHost.filter(({ host, port }) => !hostListSet.has(`${ host }:${ port }`))
-  let newHostListLen = newHostList.length
-  if (newHostListLen === 0) return res.fail({ msg: '导入的实例已存在' })
-
-  if (isEasyNodeJson) {
-    newHostList = newHostList.map((item) => {
-      item.credential = ''
-      item.isConfig = false
-      delete item.id
-      delete item.isConfig
-      return item
-    })
-  } else {
-    let extraFiels = {
-      expired: null, expiredNotify: false, group: 'default', consoleUrl: '', remark: '',
-      authType: 'privateKey', password: '', privateKey: '', credential: '', command: ''
-    }
-    newHostList = newHostList.map((item, index) => {
-      item.port = Number(item.port) || 0
-      item.index = newHostListLen - index
-      return Object.assign(item, { ...extraFiels })
-    })
+function updateHostSort({ res, request }) {
+  let { body: { list } } = request
+  if(!list) return res.fail({ msg: '参数错误' })
+  let hostList = readHostList()
+  if(hostList.length !== list.length) return res.fail({ msg: '失败: host数量不匹配' })
+  let sortResult = []
+  for (let i = 0; i < list.length; i++) {
+    const curHost = list[i]
+    let temp = hostList.find(({ host }) => curHost.host === host)
+    if(!temp) return res.fail({ msg: `查找失败: ${ curHost.name }` })
+    sortResult.push(temp)
  }
-  await hostListDB.insertAsync(newHostList)
-  res.success({ data: { len: newHostList.length } })
+  writeHostList(sortResult)
+  res.success({ msg: 'success' })
 }

 module.exports = {
  getHostList,
-  addHost,
+  saveHost,
  updateHost,
  removeHost,
-  importHost,
-  batchUpdateHost
+  updateHostSort
 }
--- a/server/app/controller/log.js
+++ b/server/app/controller/log.js
@ -1,17 +0,0 @@
-const { LogDB } = require('../utils/db-class')
-const logDB = new LogDB().getInstance()
-
-let whiteList = process.env.ALLOWED_IPS ? process.env.ALLOWED_IPS.split(',') : []
-
-async function getLog({ res }) {
-  let list = await logDB.findAsync({})
-  list = list.map(item => {
-    return { ...item, id: item._id }
-  })
-  list?.sort((a, b) => Number(b.date) - Number(a.date))
-  res.success({ data: { list, whiteList } })
-}
-
-module.exports = {
-  getLog
-}
--- a/server/app/controller/notify.js
+++ b/server/app/controller/notify.js
@ -1,56 +1,89 @@
-const path = require('path')
-const decryptAndExecuteAsync = require('../utils/decrypt-file')
-const { sendServerChan, sendEmail } = require('../utils/notify')
-const { NotifyConfigDB, NotifyDB } = require('../utils/db-class')
-const notifyDB = new NotifyDB().getInstance()
-const notifyConfigDB = new NotifyConfigDB().getInstance()
+const {
+  readSupportEmailList,
+  readUserEmailList,
+  writeUserEmailList,
+  emailTransporter,
+  readNotifyList,
+  writeNotifyList } = require('../utils')
+const commonTemp = require('../template/commonTemp')

-async function getNotifyConfig({ res }) {
-  const data = await notifyConfigDB.findOneAsync({})
-  return res.success({ data })
-}
-
-async function updateNotifyConfig({ res, request }) {
-  let { body: { noticeConfig } } = request
-  let { type } = noticeConfig
-  try {
-    // console.log('noticeConfig: ', noticeConfig[type])
-    switch (type) {
-      case 'sct':
-        await sendServerChan(noticeConfig[type]['sendKey'], 'EasyNode通知测试', '这是一条测试通知')
-        break
-      case 'email':
-        await sendEmail(noticeConfig[type], 'EasyNode通知测试', '这是一条测试通知')
-        break
-      case 'tg':
-        let { sendTg } = await decryptAndExecuteAsync(path.join(__dirname, '../utils/plus.js')) || {}
-        console.log('sendTg: ', sendTg)
-        if (!sendTg) return res.fail({ msg: 'Plus专属功能点，请激活Plus' })
-        await sendTg(noticeConfig[type], 'EasyNode通知测试', '这是一条测试通知')
-        break
-    }
-    await notifyConfigDB.update({}, { $set: noticeConfig }, { upsert: true })
-    return res.success({ msg: '测试通过 | 保存成功' })
-  } catch (error) {
-    return res.fail({ msg: error.message })
-  }
-}
-
-async function getNotifyList({ res }) {
-  const data = await notifyDB.findAsync({})
+function getSupportEmailList({ res }) {
+  const data = readSupportEmailList()
  res.success({ data })
 }

-async function updateNotifyList({ res, request }) {
+function getUserEmailList({ res }) {
+  const userEmailList = readUserEmailList().map(({ target, auth: { user } }) => ({ target, user }))
+  const supportEmailList = readSupportEmailList()
+  const data = userEmailList.map(({ target: userTarget, user: email }) => {
+    let name = supportEmailList.find(({ target: supportTarget }) => supportTarget === userTarget).name
+    return { name, email }
+  })
+  res.success({ data })
+}
+
+async function pushEmail({ res, request }) {
+  let { body: { toEmail, isTest } } = request
+  if(!isTest) return res.fail({ msg: '此接口暂时只做测试邮件使用, 需传递参数isTest: true' })
+  consola.info('发送测试邮件：', toEmail)
+  let { code, msg } = await emailTransporter({ toEmail, title: '测试邮件', html: commonTemp('邮件通知测试邮件') })
+  msg = msg && msg.message || msg
+  if(code === 0) return res.success({ msg })
+  return res.fail({ msg })
+}
+
+function updateUserEmailList({ res, request }) {
+  let { body: { target, auth } } = request
+  const supportList = readSupportEmailList()
+  let flag = supportList.some((item) => item.target === target)
+  if(!flag) return res.fail({ msg: `不支持的邮箱类型：${ target }` })
+  if(!auth.user || !auth.pass) return res.fail({ msg: 'missing params: auth.' })
+
+  let newUserEmail = { target, auth }
+  let userEmailList = readUserEmailList()
+  let idx = userEmailList.findIndex(({ auth: { user } }) => auth.user === user)
+  if(idx !== -1) userEmailList.splice(idx, 1, newUserEmail)
+  else userEmailList.unshift(newUserEmail)
+
+  const { code, msg } = writeUserEmailList(userEmailList)
+  if(code === 0) return res.success()
+  return res.fail({ msg })
+}
+
+function removeUserEmail({ res, request }) {
+  let { params: { email } } = request
+  const userEmailList = readUserEmailList()
+  let idx = userEmailList.findIndex(({ auth: { user } }) => user === email)
+  if(idx === -1) return res.fail({ msg: `删除失败, 不存在该邮箱：${ email }` })
+  userEmailList.splice(idx, 1)
+  const { code, msg } = writeUserEmailList(userEmailList)
+  if(code === 0) return res.success()
+  return res.fail({ msg })
+}
+
+function getNotifyList({ res }) {
+  const data = readNotifyList()
+  res.success({ data })
+}
+
+function updateNotifyList({ res, request }) {
  let { body: { type, sw } } = request
-  if (!([true, false].includes(sw))) return res.fail({ msg: `Error type for sw：${ sw }, must be Boolean` })
-  await notifyDB.updateAsync({ type }, { $set: { sw } })
+  if(!([true, false].includes(sw))) return res.fail({ msg: `Error type for sw：${ sw }, must be Boolean` })
+  const notifyList = readNotifyList()
+  let target = notifyList.find((item) => item.type === type)
+  if(!target) return res.fail({ msg: `更新失败, 不存在该通知类型：${ type }` })
+  target.sw = sw
+  console.log(notifyList)
+  writeNotifyList(notifyList)
  res.success()
 }

 module.exports = {
-  getNotifyConfig,
-  updateNotifyConfig,
+  pushEmail,
+  getSupportEmailList,
+  getUserEmailList,
+  updateUserEmailList,
+  removeUserEmail,
  getNotifyList,
  updateNotifyList
 }
--- a/server/app/controller/onekey.js
+++ b/server/app/controller/onekey.js
@ -1,27 +0,0 @@
-const { OnekeyDB } = require('../utils/db-class')
-const onekeyDB = new OnekeyDB().getInstance()
-
-async function getOnekeyRecord({ res }) {
-  let data = await onekeyDB.findAsync({})
-  data = data.map(item => {
-    return { ...item, id: item._id }
-  })
-  data?.sort((a, b) => Number(b.date) - Number(a.date))
-  res.success({ data })
-}
-
-const removeOnekeyRecord = async ({ res, request }) => {
-  let { body: { ids } } = request
-  if (ids === 'ALL') {
-    await onekeyDB.removeAsync({}, { multi: true })
-    res.success({ data: '移除全部成功' })
-  } else {
-    await onekeyDB.removeAsync({ _id: { $in: ids } })
-    res.success({ data: '移除成功' })
-  }
-}
-
-module.exports = {
-  getOnekeyRecord,
-  removeOnekeyRecord
-}
--- a/server/app/controller/plus.js
+++ b/server/app/controller/plus.js
@ -1 +0,0 @@
-U2FsdGVkX18Hh5ifqReKzxVcNwA8NC2cGnvuPCHW9V4+sVMxFFE7NxliY3R9Pyu2jZvnRb80+VpkEinfaZX0H1xx+I5PU2/mqIUU+1yxKrmWQtwJm6EwNwyDFrj3Epbl1zkfTUXLhk1a5lff+s1Qic02SbnLMtThV9Pg2m6w7HeJJiYOdaRFGlHvgGL4m7O9Ps135wdsdLU9y5aRiXF+1fi35Y6ZlDwPJGEMfZyIQKF87QksAW6LOP/Y1+mgIfLS6WwJnf8kW4l0KQktfvmsWtn00neZRQJc9I6WVMEN2jq4vbeE0KqtoOV0B/+Y/nLFnJjSYs5VE4qQ3gTFzuHe/dPoWXcBX5J5RhAxeY1qVQUtgKxUVwnBeGyjCmM7scX001AoxMcZFnpl+rx1ccOHYF2wB8GsuhsRlAAgWiyPXVJFSMYW3mFm61wvy1dWFad+kNYNFJo+SW8YUSkUCs3sXHXHn8eFsy75ChgHqMp1hvvyug8eFVPwp3IgtLK1D1Et096h8EhhvCvR7VecWwFi4AeMvuZWSmn+gkgGinx9zKUjkA5Bi65tyXmCa4ozyoi+TtuWKqJZyRQ8K2Kw0fc1AUCN8Cp/89Omb9thA10lvVtEJ+k1anao1llY9tPJsYlb0lNGYUlff29cDQnKIbV8P9mHXAyjRJatypWfLPfvqBT81iEDdB5dMASgm3gZqQPrSE50hBsCjzeNaCQF32TPfEFeOWRS1M1tOFpjanJZwfUreMLR77lANkSjiPYOgUvSzgAu0JVIehjXW2vYhC3+Sg7ETbdeV74pAx+Tc8qNWPyZtbNvdg+5wegr5ICgvXObf/btDUL9Jl7x+x7SY7dDrDj6AJRQROcUCdtNisG8HBKnvWS8nqNaUmR7d2E8pQ6qEFKX1ISvkxUp5RTD+9Vos0BfL4+mUB9iovxhDTfSXCIdJa69obTvvLD9xOJvNDrd72zLTQZSI74i/cFeNlersYiQAgL26oyqkv1eFL7Xd3bzq24EbZjP3hrBEqktW5qFeUAe8cPuA3bwDQwGI5BGkQ2hsS7G8xvx0dwllUOE3XVjxEuH8hkGO/GfFdqPRHfkizoNu1yNQEQeY6s9cMp5ovY20YIPRl8bhakjcUtUjMqee5kDdmScELKzoam8TwNiTBrBiuCwA2DcaC6dWDgOjhRs1Y4LEiQ8KZptuO/zTbJc5qcoKA6CUiVTN7vD4u5DHN60mGU9hoS46hfCe++U6L5FR4lafjRdUR0qkCEtf2SKnXyWqLUTgS2kNLQr4ZZbLMi7Mm+5+Q1JIIjzqqfjOlzeO9T4F9lknUkFXD5bc0Q5g+it89KG8xDbISUznv/UTXSxh485VKecT9Cjgd7I438N6xeL1CcJZiluLOvZ0Z3FDxkrW4Tmwbi852Z7tghFAamMW7GPL8LJRt5q2fhe0/U5oKBuGglRvga2tju3wBfzQdpavyNVyRjN2pywO4fk3qhez0suF9wVOc6GU9PUU2jCRm/gEF/qrj32tUjpDbxS9D1nCs441La7bYV8eCtb+2pEjgvjtIp+BM0lz+aHnseKT/iUGHlubKhrTMJQ7jEAPKtcl2OpS4fXiVIiy0qK4rI8S/vkdcRd07H77FfPDqEHTxTMQhHMGqi+d+YpFgrXSin4vcn8KXS87MEILjn5kmUDOsXAWZCqlD3oQ5ADVt91R+Ty5DcIZgaiQkB1aq6feIfSx4rsioNCOgFqmx4mcCds4Ar6gzsRdXN4Kcw8plrrePttZLyNOleoIX5Diy3GAiq6ENCkbYtsaic5EqCQ6AV5qBzEDu0DKZkdqxUWd0wf5+gJwEFQAMj+lD/UhlHuD8ArSI56jYQUbrcfdLnXutfrNA2Ogte9RltQxiUb6N90uNW1rT/2vlUgmQgbvZriKqpm+K3CZ9+6zsCDSUgr/cJmkSvu5gIpvC81IAQX6K8sUqtc9l3vn5vEvqqIp2yb5N25xs0NB0/yglyAHgXLXbG/sE73TrRMj4W+3HGlF35YSQnsLcyzvqEIoAhjngDf/6HXCkNpUQjyc8+uzIsKTh73WV9rh1/7xoY0lxHGabI+c8j5+WlWD1K0Xec83Sodqf+XStr90w1ceK73/DZGdgJIbdKfgO4Xn9ZY8AlzbeJq0W2/WWi/nPE9UZtVK6EEuOcmG2L5/gv2hTMjko6KG+ygrn0+bSvClXL51Brq7IvfO9mMlAGV8zK8vp82RM0KH38xPaJGTHbdawB1gaatkXywzXw0YTmzfaswt46WcWlLZ8vgr01zMp7pfp6A4GAT952rSprlfE014osCZj2oe+j2FQ0QOIYPSj3IatoqlDGfMOxPAbId8sx3anls9Zbk4feeVEvy0+VEmeZVIyDSzjZWuQYQ7VQLEcyaARRtOnfDYt2STIXy61ScWepdj1tmuhw/Kc0Aov61tEZ1apHHxrugzmN96A/2FST2KkbCtsYvbBqE9bZ3F4dLAfVazWidSQv4wPKgkZHFY94jlXxkN0dkA0yildyiQC5k3Iiw3zSwZO9a91K8uSQbbL54C4Y7aCW1HG//OabzNSg9Qty5a1hoiovpCiziAc3xoxuT+75ICozxKLG8+UN3vEZ2QXMv3b/qlXhRr7t8LtlFiA9nmUMfCAieovrZSB4OzrKHe37mg17USWsF1by73YTriFRTiE7JO5E6GMFz3bloppT64svf0SHgFELOuc4xclZfJTYAhLLxkiwDzmKWWheEz5TOOL/8p+5n7+/AuffGykVu6NlmSXH1uIg9JYNUy6UFnd2vOhx+8DxSVFd+1VdW+u2zpPAgiFAiNZJGx+6BVS05kO2mQ++0BHlmbXTw2tdt/BF1N07J5kIY0yRqrMtlwAb6cNbb+yWHkYX/C+3MDLBd
--- a/server/app/controller/scripts.js
+++ b/server/app/controller/scripts.js
@ -1,73 +0,0 @@
-const path = require('path')
-const decryptAndExecuteAsync = require('../utils/decrypt-file')
-const { randomStr } = require('../utils/tools')
-const { ScriptsDB } = require('../utils/db-class')
-const localShellJson = require('../config/shell.json')
-const scriptsDB = new ScriptsDB().getInstance()
-
-let localShell = JSON.parse(JSON.stringify(localShellJson)).map((item) => {
-  return { ...item, id: randomStr(10), index: '--', description: item.description + '|内置脚本' }
-})
-
-async function getScriptList({ res }) {
-  let data = await scriptsDB.findAsync({})
-  data = data.map(item => {
-    return { ...item, id: item._id }
-  })
-  data?.sort((a, b) => Number(b.index || 0) - Number(a.index || 0))
-  data.push(...localShell)
-  res.success({ data })
-}
-
-async function getLocalScriptList({ res }) {
-  res.success({ data: localShell })
-}
-
-const addScript = async ({ res, request }) => {
-  let { body: { name, description, command, index } } = request
-  if (!name || !command) return res.fail({ data: false, msg: '参数错误' })
-  index = Number(index) || 0
-  let record = { name, description, command, index }
-  await scriptsDB.insertAsync(record)
-  res.success({ data: '添加成功' })
-}
-
-const updateScriptList = async ({ res, request }) => {
-  let { params: { id } } = request
-  let { body: { name, description, command, index } } = request
-  if (!name || !command) return res.fail({ data: false, msg: '参数错误' })
-  await scriptsDB.updateAsync({ _id: id }, { name, description, command, index })
-  res.success({ data: '修改成功' })
-}
-
-const removeScript = async ({ res, request }) => {
-  let { params: { id } } = request
-  await scriptsDB.removeAsync({ _id: id })
-  res.success({ data: '移除成功' })
-}
-
-const batchRemoveScript = async ({ res, request }) => {
-  let { body: { ids } } = request
-  if (!Array.isArray(ids)) return res.fail({ msg: '参数错误' })
-  const numRemoved = await scriptsDB.removeAsync({ _id: { $in: ids } }, { multi: true })
-  res.success({ data: `批量移除成功,数量: ${ numRemoved }` })
-}
-
-const importScript = async ({ res, request }) => {
-  let { impScript } = (await decryptAndExecuteAsync(path.join(__dirname, 'plus.js'))) || {}
-  if (impScript) {
-    await impScript({ res, request })
-  } else {
-    return res.fail({ data: false, msg: 'Plus专属功能!' })
-  }
-}
-
-module.exports = {
-  addScript,
-  getScriptList,
-  getLocalScriptList,
-  updateScriptList,
-  removeScript,
-  batchRemoveScript,
-  importScript
-}
--- a/server/app/controller/ssh.js
+++ b/server/app/controller/ssh.js
@ -1,109 +1,57 @@
-const path = require('path')
-const { RSADecryptAsync, AESEncryptAsync, AESDecryptAsync } = require('../utils/encrypt')
-const { HostListDB, CredentialsDB } = require('../utils/db-class')
-const decryptAndExecuteAsync = require('../utils/decrypt-file')
-const hostListDB = new HostListDB().getInstance()
-const credentialsDB = new CredentialsDB().getInstance()
-
-async function getSSHList({ res }) {
-  let data = await credentialsDB.findAsync({})
-  data = data?.map(item => {
-    const { name, authType, _id: id, date } = item
-    return { id, name, authType, privateKey: '', password: '', date }
-  }) || []
-  data.sort((a, b) => b.date - a.date)
-  res.success({ data })
-}
-
-const addSSH = async ({ res, request }) => {
-  let { body: { name, authType, password, privateKey, tempKey } } = request
-  let record = { name, authType, password, privateKey }
-  if (!name || !record[authType]) return res.fail({ data: false, msg: '参数错误' })
-  let count = await credentialsDB.countAsync({ name })
-  if (count > 0) return res.fail({ data: false, msg: '已存在同名凭证' })
-
-  const clearTempKey = await RSADecryptAsync(tempKey)
-  console.log('clearTempKey:', clearTempKey)
-  const clearSSHKey = await AESDecryptAsync(record[authType], clearTempKey)
-  // console.log(`${ authType }原密文: `, clearSSHKey)
-  record[authType] = await AESEncryptAsync(clearSSHKey)
-  // console.log(`${ authType }__commonKey加密存储: `, record[authType])
-  await credentialsDB.insertAsync({ ...record, date: Date.now() })
-  consola.info('添加凭证：', name)
-  res.success({ data: '保存成功' })
-}
+const { readSSHRecord, writeSSHRecord, AESEncrypt } = require('../utils')

 const updateSSH = async ({ res, request }) => {
-  let { body: { id, name, authType, password, privateKey, date, tempKey } } = request
-  let record = { name, authType, password, privateKey, date }
-  if (!id || !name) return res.fail({ data: false, msg: '请输入凭据名称' })
-  let oldRecord = await credentialsDB.findOneAsync({ _id: id })
-  if (!oldRecord) return res.fail({ data: false, msg: '凭证不存在' })
-  // 判断原记录是否存在当前更新记录的认证方式
-  if (!oldRecord[authType] && !record[authType]) return res.fail({ data: false, msg: `请输入${ authType === 'password' ? '密码' : '密钥' }` })
-  if (!record[authType] && oldRecord[authType]) {
-    record[authType] = oldRecord[authType]
-  } else {
-    const clearTempKey = await RSADecryptAsync(tempKey)
-    console.log('clearTempKey:', clearTempKey)
-    const clearSSHKey = await AESDecryptAsync(record[authType], clearTempKey)
-    // console.log(`${ authType }原密文: `, clearSSHKey)
-    record[authType] = await AESEncryptAsync(clearSSHKey)
-    // console.log(`${ authType }__commonKey加密存储: `, record[authType])
-  }
-  await credentialsDB.updateAsync({ _id: id }, record)
-  consola.info('修改凭证：', name)
+  let { body: { host, port, username, type, password, privateKey, randomKey, command } } = request
+  let record = { host, port, username, type, password, privateKey, randomKey, command }
+  if(!host || !port || !username || !type || !randomKey) return res.fail({ data: false, msg: '参数错误' })
+  // 再做一次对称加密(方便ssh连接时解密)
+  record.randomKey = AESEncrypt(randomKey)
+  let sshRecord = readSSHRecord()
+  let idx = sshRecord.findIndex(item => item.host === host)
+  if(idx === -1)
+    sshRecord.push(record)
+  else
+    sshRecord.splice(idx, 1, record)
+  writeSSHRecord(sshRecord)
+  consola.info('新增凭证：', host)
  res.success({ data: '保存成功' })
 }

 const removeSSH = async ({ res, request }) => {
-  let { params: { id } } = request
-  let count = await credentialsDB.countAsync({ _id: id })
-  if (count === 0) return res.fail({ msg: '凭证不存在' })
-  // 将删除的凭证id从host中删除
-  let hostList = await hostListDB.findAsync({})
-  if (Array.isArray(hostList) && hostList.length > 0) {
-    for (let host of hostList) {
-      let { credential } = host
-      credential = await AESDecryptAsync(credential)
-      if (credential === id) {
-        host.credential = ''
-        await hostListDB.updateAsync({ _id: host._id }, host)
-      }
-    }
-  }
-  await hostListDB.compactDatafileAsync()
-  consola.info('移除凭证：', id)
-  await credentialsDB.removeAsync({ _id: id })
+  let { body: { host } } = request
+  let sshRecord = readSSHRecord()
+  let idx = sshRecord.findIndex(item => item.host === host)
+  if(idx === -1) return res.fail({ msg: '凭证不存在' })
+  sshRecord.splice(idx, 1)
+  consola.info('移除凭证：', host)
+  writeSSHRecord(sshRecord)
  res.success({ data: '移除成功' })
 }

-const getCommand = async ({ res, request }) => {
-  let { hostId } = request.query
-  if (!hostId) return res.fail({ data: false, msg: '参数错误' })
-  let hostInfo = await hostListDB.findAsync({})
-  let record = hostInfo?.find(item => item._id === hostId)
-  consola.info('查询登录后执行的指令：', hostId)
-  if (!record) return res.fail({ data: false, msg: 'host not found' })
-  const { command } = record
-  if (!command) return res.success({ data: false })
-  res.success({ data: command })
+const existSSH = async ({ res, request }) => {
+  let { body: { host } } = request
+  let sshRecord = readSSHRecord()
+  let idx = sshRecord.findIndex(item => item.host === host)
+  consola.info('查询凭证：', host)
+  if(idx === -1) return res.success({ data: false }) // host不存在
+  res.success({ data: true }) // 存在
 }

-const decryptPrivateKey = async ({ res, request }) => {
-  let { dePrivateKey } = (await decryptAndExecuteAsync(path.join(__dirname, 'plus.js'))) || {}
-  if (dePrivateKey) {
-    await dePrivateKey({ res, request })
-  } else {
-    return res.fail({ data: false, msg: 'Plus专属功能，无法解密私钥!' })
-  }
+const getCommand = async ({ res, request }) => {
+  let { host } = request.query
+  if(!host) return res.fail({ data: false, msg: '参数错误' })
+  let sshRecord = readSSHRecord()
+  let record = sshRecord.find(item => item.host === host)
+  consola.info('查询登录后执行的指令：', host)
+  if(!record) return res.fail({ data: false, msg: 'host not found' }) // host不存在
+  const { command } = record
+  if(!command) return res.success({ data: false }) // command不存在
+  res.success({ data: command }) // 存在
 }

 module.exports = {
-  getSSHList,
-  addSSH,
  updateSSH,
  removeSSH,
-  getCommand,
-  decryptPrivateKey
+  existSSH,
+  getCommand
 }
--- a/server/app/controller/user.js
+++ b/server/app/controller/user.js
@ -1,22 +1,9 @@
 const jwt = require('jsonwebtoken')
-const axios = require('axios')
-const speakeasy = require('speakeasy')
-const QRCode = require('qrcode')
-const version = require('../../package.json').version
-const getLicenseInfo = require('../utils/get-plus')
-const { plusServer1, plusServer2 } = require('../utils/plus-server')
-const { sendNoticeAsync } = require('../utils/notify')
-const { RSADecryptAsync, AESEncryptAsync, SHA1Encrypt } = require('../utils/encrypt')
-const { getNetIPInfo } = require('../utils/tools')
-const { KeyDB, LogDB, PlusDB } = require('../utils/db-class')
+const { getNetIPInfo, readKey, writeKey, RSADecrypt, AESEncrypt, SHA1Encrypt, sendEmailToConfList, getNotifySwByType } = require('../utils')

-const keyDB = new KeyDB().getInstance()
-const logDB = new LogDB().getInstance()
-const plusDB = new PlusDB().getInstance()
-
-const getpublicKey = async ({ res }) => {
-  let { publicKey: data } = await keyDB.findOneAsync({})
-  if (!data) return res.fail({ msg: 'publicKey not found, Try to restart the server', status: 500 })
+const getpublicKey = ({ res }) => {
+  let { publicKey: data } = readKey()
+  if(!data) return res.fail({ msg: 'publicKey not found, Try to restart the server', status: 500 })
  res.success({ data })
 }

@ -29,15 +16,18 @@ let loginCountDown = forbidTimer
 let forbidLogin = false

 const login = async ({ res, request }) => {
-  let { body: { loginName, ciphertext, jwtExpires, mfa2Token }, ip: clientIp } = request
-  if (!loginName && !ciphertext) return res.fail({ msg: '请求非法!' })
-  if (forbidLogin) return res.fail({ msg: `禁止登录! 倒计时[${ loginCountDown }s]后尝试登录或重启面板服务` })
+  let { body: { ciphertext, jwtExpires }, ip: clientIp } = request
+  if(!ciphertext) return res.fail({ msg: '参数错误' })
+
+  if(forbidLogin) return res.fail({ msg: `禁止登录! 倒计时[${ loginCountDown }s]后尝试登录或重启面板服务` })
+
  loginErrCount++
  loginErrTotal++
-  if (loginErrCount >= allowErrCount) {
+  if(loginErrCount >= allowErrCount) {
    const { ip, country, city } = await getNetIPInfo(clientIp)
-    // 异步发送通知&禁止登录
-    sendNoticeAsync('err_login', '登录错误提醒', `错误登录次数: ${ loginErrTotal }\n地点：${ country + city }\nIP: ${ ip }`)
+    // 发送通知&禁止登录
+    let sw = getNotifySwByType('err_login')
+    if(sw) sendEmailToConfList('登录错误提醒', `重新登录次数: ${ loginErrTotal }<br/>地点：${ country + city }<br/>IP: ${ ip }`)
    forbidLogin = true
    loginErrCount = 0

@ -48,9 +38,8 @@ const login = async ({ res, request }) => {

    // 计算登录倒计时
    timer = setInterval(() => {
-      if (loginCountDown <= 0) {
+      if(loginCountDown <= 0){
        clearInterval(timer)
-        timer = null
        loginCountDown = forbidTimer
        return
      }
@ -60,24 +49,21 @@ const login = async ({ res, request }) => {

  // 登录流程
  try {
-    let loginPwd = await RSADecryptAsync(ciphertext)
-    let { user, pwd, enableMFA2, secret } = await keyDB.findOneAsync({})
-    if (enableMFA2) {
-      const isValid = speakeasy.totp.verify({ secret, encoding: 'base32', token: mfa2Token, window: 1 })
-      console.log('MFA2 verfify:', isValid)
-      if (!isValid) return res.fail({ msg: '验证失败' })
-    }
-    if (loginName === user && loginPwd === 'admin' && pwd === 'admin') {
+    // console.log('ciphertext', ciphertext)
+    let password = RSADecrypt(ciphertext)
+    // console.log('Decrypt解密password:', password)
+    let { pwd } = readKey()
+    if(password === 'admin' && pwd === 'admin') {
      const token = await beforeLoginHandler(clientIp, jwtExpires)
-      return res.success({ data: { token, jwtExpires }, msg: '登录成功，请及时修改默认用户名和密码' })
+      return res.success({ data: { token, jwtExpires }, msg: '登录成功，请及时修改默认密码' })
    }
-    loginPwd = SHA1Encrypt(loginPwd)
-    if (loginName !== user || loginPwd !== pwd) return res.fail({ msg: `用户名或密码错误 ${ loginErrTotal }/${ allowErrCount }` })
+    password = SHA1Encrypt(password)
+    if(password !== pwd) return res.fail({ msg: '密码错误' })
    const token = await beforeLoginHandler(clientIp, jwtExpires)
    return res.success({ data: { token, jwtExpires }, msg: '登录成功' })
  } catch (error) {
-    console.log('登录失败：', error.message)
-    res.fail({ msg: '登录失败, 请查看服务端日志' })
+    console.log('解密失败：', error)
+    res.fail({ msg: '解密失败, 请查看服务端日志' })
  }
 }

@ -86,141 +72,47 @@ const beforeLoginHandler = async (clientIp, jwtExpires) => {

  // consola.success('登录成功, 准备生成token', new Date())
  // 生产token
-  let { commonKey } = await keyDB.findOneAsync({})
+  let { commonKey } = readKey()
  let token = jwt.sign({ date: Date.now() }, commonKey, { expiresIn: jwtExpires }) // 生成token
-  token = await AESEncryptAsync(token) // 对称加密token后再传输给前端
+  token = AESEncrypt(token) // 对称加密token后再传输给前端

-  // 记录客户端登录IP(用于判断是否异地且只保留最近10<EFBFBD><EFBFBD>)
+  // 记录客户端登录IP(用于判断是否异地且只保留最近10条)
  const clientIPInfo = await getNetIPInfo(clientIp)
  const { ip, country, city } = clientIPInfo || {}
-  consola.info('登录成功:', new Date(), { ip, country, city })

-  // 登录通知
-  sendNoticeAsync('login', '登录提醒', `地点：${ country + city }\nIP: ${ ip }`)
+  // 邮件登录通知
+  let sw = getNotifySwByType('login')
+  if(sw) sendEmailToConfList('登录提醒', `地点：${ country + city }<br/>IP: ${ ip }`)

-  await logDB.insertAsync({ ip, country, city, date: Date.now(), type: 'login' })
+  global.loginRecord.unshift(clientIPInfo)
+  if(global.loginRecord.length > 10) global.loginRecord = global.loginRecord.slice(0, 10)
  return token
 }

 const updatePwd = async ({ res, request }) => {
-  let { body: { oldLoginName, oldPwd, newLoginName, newPwd } } = request
-  let rsaOldPwd = await RSADecryptAsync(oldPwd)
+  let { body: { oldPwd, newPwd } } = request
+  let rsaOldPwd = RSADecrypt(oldPwd)
  oldPwd = rsaOldPwd === 'admin' ? 'admin' : SHA1Encrypt(rsaOldPwd)
-  let keyObj = await keyDB.findOneAsync({})
-  let { user, pwd } = keyObj
-  if (oldLoginName !== user || oldPwd !== pwd) return res.fail({ data: false, msg: '原用户名或密码校验失败' })
+  let keyObj = readKey()
+  if(oldPwd !== keyObj.pwd) return res.fail({ data: false, msg: '旧密码校验失败' })
  // 旧密钥校验通过，加密保存新密码
-  newPwd = await RSADecryptAsync(newPwd) === 'admin' ? 'admin' : SHA1Encrypt(await RSADecryptAsync(newPwd))
-  keyObj.user = newLoginName
+  newPwd = RSADecrypt(newPwd) === 'admin' ? 'admin' : SHA1Encrypt(RSADecrypt(newPwd))
  keyObj.pwd = newPwd
-  await keyDB.updateAsync({}, keyObj)
-  sendNoticeAsync('updatePwd', '用户密码修改提醒', `原用户名：${ user }\n更新用户名: ${ newLoginName }`)
+  writeKey(keyObj)
+
+  let sw = getNotifySwByType('updatePwd')
+  if(sw) sendEmailToConfList('密码修改提醒', '面板登录密码已更改')
+
  res.success({ data: true, msg: 'success' })
 }

-const getEasynodeVersion = async ({ res }) => {
-  try {
-    // const { data } = await axios.get('https://api.github.com/repos/chaos-zhu/easynode/releases/latest')
-    const { data } = await axios.get('https://get-easynode-latest-version.chaoszhu.workers.dev/version')
-    res.success({ data, msg: 'success' })
-  } catch (error) {
-    consola.error('Failed to fetch Easynode latest version:', error)
-    res.fail({ msg: 'Failed to fetch Easynode latest version' })
-  }
-}
-
-let tempSecret = null
-const getMFA2Status = async ({ res }) => {
-  const { enableMFA2 = false } = await keyDB.findOneAsync({})
-  res.success({ data: enableMFA2, msg: 'success' })
-}
-const getMFA2Code = async ({ res }) => {
-  const { user } = await keyDB.findOneAsync({})
-  let { otpauth_url, base32 } = speakeasy.generateSecret({ name: `EasyNode-${ user }`, length: 20 })
-  tempSecret = base32
-  const qrImage = await QRCode.toDataURL(otpauth_url)
-  const data = { qrImage, secret: tempSecret }
-  res.success({ data, msg: 'success' })
-}
-
-const enableMFA2 = async ({ res, request }) => {
-  const { body: { token } } = request
-  if (!token) return res.fail({ data: false, msg: '参数错误' })
-  try {
-    // const isValid = authenticator.verify({ token, secret: tempSecret })
-    const isValid = speakeasy.totp.verify({ secret: tempSecret, encoding: 'base32', token, window: 1 })
-    if (!isValid) return res.fail({ msg: '验证失败' })
-    const keyConfig = await keyDB.findOneAsync({})
-    keyConfig.enableMFA2 = true
-    keyConfig.secret = tempSecret
-    tempSecret = null
-    await keyDB.updateAsync({}, keyConfig)
-    res.success({ msg: '验证成功' })
-  } catch (error) {
-    res.fail({ msg: `验证失败: ${ error.message }` })
-  }
-}
-
-const disableMFA2 = async ({ res }) => {
-  const keyConfig = await keyDB.findOneAsync({})
-  keyConfig.enableMFA2 = false
-  keyConfig.secret = null
-  await keyDB.updateAsync({}, keyConfig)
-  res.success({ msg: 'success' })
-}
-
-const getPlusInfo = async ({ res }) => {
-  let data = await plusDB.findOneAsync({})
-  delete data?._id
-  delete data?.decryptKey
-  res.success({ data, msg: 'success' })
-}
-
-const getPlusDiscount = async ({ res } = {}) => {
-  if (process.env.EXEC_ENV === 'local') return res.success({ discount: false })
-  const servers = [plusServer1, plusServer2]
-  for (const server of servers) {
-    try {
-      const url = `${ server }/api/announcement/public?version=${ version }`
-      const response = await fetch(url)
-      if (!response.ok) {
-        throw new Error(`HTTP error! status: ${ response.status }`)
-      }
-      const data = await response.json()
-      return res.success({ data, msg: 'success' })
-    } catch (error) {
-      if (server === servers[servers.length - 1]) {
-        consola.error('All servers failed:', error.message)
-        return res.success({ discount: false })
-      }
-      continue
-    }
-  }
-}
-
-const getPlusConf = async ({ res }) => {
-  const { key } = await plusDB.findOneAsync({}) || {}
-  res.success({ data: key || '', msg: 'success' })
-}
-
-const updatePlusKey = async ({ res, request }) => {
-  const { body: { key } } = request
-  const { success, msg } = await getLicenseInfo(key)
-  if (!success) return res.fail({ msg })
-  res.success({ msg: 'success' })
+const getLoginRecord = async ({ res }) => {
+  res.success({ data: global.loginRecord, msg: 'success' })
 }

 module.exports = {
  login,
  getpublicKey,
  updatePwd,
-  getEasynodeVersion,
-  getMFA2Status,
-  getMFA2Code,
-  enableMFA2,
-  disableMFA2,
-  getPlusInfo,
-  getPlusDiscount,
-  getPlusConf,
-  updatePlusKey
+  getLoginRecord
 }
--- a/server/app/db.js
+++ b/server/app/db.js
@ -1,104 +0,0 @@
-const NodeRSA = require('node-rsa')
-const { randomStr } = require('./utils/tools')
-const { AESEncryptAsync } = require('./utils/encrypt')
-const { KeyDB, GroupDB, NotifyDB, NotifyConfigDB } = require('./utils/db-class')
-
-async function initKeyDB() {
-  const keyDB = new KeyDB().getInstance()
-  let count = await keyDB.countAsync({})
-  if (count !== 0) return consola.info('公私钥已存在[重新生成会导致已保存的ssh密钥信息失效]')
-  let newConfig = {
-    user: 'admin',
-    pwd: 'admin',
-    commonKey: randomStr(16),
-    publicKey: '',
-    privateKey: ''
-  }
-  await keyDB.insertAsync(newConfig)
-  let key = new NodeRSA({ b: 1024 })
-  key.setOptions({ encryptionScheme: 'pkcs1', environment: 'browser' })
-  let privateKey = key.exportKey('pkcs1-private-pem')
-  let publicKey = key.exportKey('pkcs8-public-pem')
-  newConfig.privateKey = await AESEncryptAsync(privateKey, newConfig.commonKey) // 加密私钥
-  newConfig.publicKey = publicKey // 公开公钥
-  await keyDB.updateAsync({}, { $set: newConfig }, { upsert: true })
-  consola.info('Task: 已生成新的非对称加密公私钥')
-}
-
-async function initGroupDB() {
-  const groupDB = new GroupDB().getInstance()
-  let count = await groupDB.countAsync({})
-  if (count === 0) {
-    consola.log('初始化groupDB✔')
-    const defaultData = [{ '_id': 'default', 'name': '默认分组', 'index': 0 }]
-    return groupDB.insertAsync(defaultData)
-  }
-  return Promise.resolve()
-}
-
-async function initNotifyDB() {
-  const notifyDB = new NotifyDB().getInstance()
-  let count = await notifyDB.countAsync({})
-  if (count !== 0) return
-  consola.log('初始化notifyDB✔')
-  let defaultData = [{
-    'type': 'login',
-    'desc': '登录面板提醒',
-    'sw': false
-  }, {
-    'type': 'err_login',
-    'desc': '登录错误提醒(连续5次)',
-    'sw': false
-  }, {
-    'type': 'updatePwd',
-    'desc': '修改密码提醒',
-    'sw': false
-  }, {
-    'type': 'host_login',
-    'desc': '服务器登录提醒',
-    'sw': false
-  }, {
-    'type': 'onekey_complete',
-    'desc': '批量指令执行完成提醒',
-    'sw': false
-  }, {
-    'type': 'host_expired',
-    'desc': '服务器到期提醒',
-    'sw': false
-  }]
-  return notifyDB.insertAsync(defaultData)
-}
-
-async function initNotifyConfigDB() {
-  const notifyConfigDB = new NotifyConfigDB().getInstance()
-  let notifyConfig = await notifyConfigDB.findOneAsync({})
-  consola.log('初始化NotifyConfigDB✔')
-  const defaultData = {
-    type: 'sct',
-    sct: {
-      sendKey: ''
-    },
-    email: {
-      service: 'QQ',
-      user: '',
-      pass: ''
-    },
-    tg: {
-      token: '',
-      chatId: ''
-    }
-  }
-  if (notifyConfig) {
-    await notifyConfigDB.removeAsync({ _id: notifyConfig._id })
-    delete notifyConfig._id
-    return notifyConfigDB.insertAsync(Object.assign({}, defaultData, notifyConfig))
-  }
-  return notifyConfigDB.insertAsync(defaultData)
-}
-
-module.exports = async () => {
-  await initKeyDB()
-  await initNotifyDB()
-  await initGroupDB()
-  await initNotifyConfigDB()
-}
--- a/server/app/init.js
+++ b/server/app/init.js
@ -0,0 +1,49 @@
+const NodeRSA = require('node-rsa')
+const { getNetIPInfo, readHostList, writeHostList, readKey, writeKey, randomStr, isProd, AESEncrypt } = require('./utils')
+
+const isDev = !isProd()
+
+// 存储本机IP, 供host列表接口调用
+async function initLocalIp() {
+  if(isDev) return consola.info('非生产环境不初始化保存本地IP')
+  const localNetIPInfo = await getNetIPInfo()
+  let vpsList = readHostList()
+  let { ip: localNetIP } = localNetIPInfo
+  if(vpsList.some(({ host }) => host === localNetIP)) return consola.info('本机IP已储存: ', localNetIP)
+  vpsList.unshift({ name: 'server-side-host', host: localNetIP, group: 'default' })
+  writeHostList(vpsList)
+  consola.info('Task: 生产环境首次启动储存本机IP: ', localNetIP)
+}
+
+// 初始化公私钥, 供登录、保存ssh密钥/密码等加解密
+async function initRsa() {
+  let keyObj = readKey()
+  if(keyObj.privateKey && keyObj.publicKey) return consola.info('公私钥已存在[重新生成会导致已保存的ssh密钥信息失效]')
+
+  let key = new NodeRSA({ b: 1024 })
+  key.setOptions({ encryptionScheme: 'pkcs1' })
+  let privateKey = key.exportKey('pkcs1-private-pem')
+  let publicKey = key.exportKey('pkcs8-public-pem')
+  keyObj.privateKey = AESEncrypt(privateKey) // 加密私钥
+  keyObj.publicKey = publicKey // 公开公钥
+  writeKey(keyObj)
+  consola.info('Task: 已生成新的非对称加密公私钥')
+}
+
+// 随机的commonKey secret
+function randomJWTSecret() {
+  let keyObj = readKey()
+  if(keyObj.commonKey) return consola.info('commonKey密钥已存在')
+
+  keyObj.commonKey = randomStr(16)
+  writeKey(keyObj)
+  consola.info('Task: 已生成新的随机commonKey密钥')
+}
+
+module.exports = () => {
+  randomJWTSecret() // 先生成全局唯一密钥
+  initLocalIp()
+  initRsa()
+  // 用于记录客户端登录IP的列表
+  global.loginRecord = []
+}
--- a/server/app/main.js
+++ b/server/app/main.js
@ -1,13 +1,13 @@
-const { httpServer } = require('./server')
-const initDB = require('./db')
+const consola = require('consola')
+global.consola = consola
+const { httpServer, clientHttpServer } = require('./server')
+const initLocal = require('./init')
 const scheduleJob = require('./schedule')
-const getLicenseInfo = require('./utils/get-plus')

-async function main() {
-  await initDB()
-  httpServer()
-  scheduleJob()
-  getLicenseInfo()
-}
+scheduleJob()

-main()
+initLocal()
+
+httpServer()
+
+clientHttpServer()
--- a/server/app/middlewares/auth.js
+++ b/server/app/middlewares/auth.js
@ -1,5 +1,5 @@
+const { verifyAuth } = require('../utils')
 const { apiPrefix } = require('../config')
-const { verifyAuthSync } = require('../utils/verify-auth')

 let whitePath = [
  '/login',
@ -10,11 +10,11 @@ consola.info('路由白名单：', whitePath)
 const useAuth = async ({ request, res }, next) => {
  const { path, headers: { token } } = request
  consola.info('verify path: ', path)
-  if (whitePath.includes(path)) return next()
-  if (!token) return res.fail({ msg: '未登录', status: 403 })
+  if(whitePath.includes(path)) return next()
+  if(!token) return res.fail({ msg: '未登录', status: 403 })
  // 验证token
-  const { code, msg } = await verifyAuthSync(token, request.ip)
-  switch (code) {
+  const { code, msg } = verifyAuth(token, request.ip)
+  switch(code) {
    case 1:
      return await next()
    case -1:
--- a/server/app/middlewares/body.js
+++ b/server/app/middlewares/body.js
@ -1,4 +1,4 @@
-const { koaBody } = require('koa-body')
+const koaBody = require('koa-body')
 const { uploadDir } = require('../config')

 module.exports = koaBody({
--- a/server/app/middlewares/compress.js
+++ b/server/app/middlewares/compress.js
@ -1,4 +1,3 @@
-// 响应压缩模块，自适应头部压缩方式
 const compress = require('koa-compress')

 const options = { threshold: 2048 }
--- a/server/app/middlewares/index.js
+++ b/server/app/middlewares/index.js
@ -1,4 +1,3 @@
-const ipFilter = require('./ipFilter') // IP过滤
 const responseHandler = require('./response') // 统一返回格式, 错误捕获
 const useAuth = require('./auth') // 鉴权
 // const useCors = require('./cors') // 处理跨域[暂时禁止]
@ -9,8 +8,8 @@ const useStatic = require('./static') // 静态目录
 const compress = require('./compress') // br/gzip压缩
 const history = require('./history') // vue-router的history模式

+// 注意注册顺序
 module.exports = [
-  ipFilter,
  compress,
  history,
  useStatic, // staic先注册，不然会被jwt拦截
--- a/server/app/middlewares/ipFilter.js
+++ b/server/app/middlewares/ipFilter.js
@ -1,16 +0,0 @@
-// 白名单IP
-const fs = require('fs')
-const path = require('path')
-const { isAllowedIp } = require('../utils/tools')
-
-const htmlPath = path.join(__dirname, '../template/ipForbidden.html')
-const ipForbiddenHtml = fs.readFileSync(htmlPath, 'utf8')
-
-const ipFilter = async (ctx, next) => {
-  // console.log('requestIP:', ctx.request.ip)
-  if (isAllowedIp(ctx.request.ip)) return await next()
-  ctx.status = 403
-  ctx.body = ipForbiddenHtml
-}
-
-module.exports = ipFilter
--- a/server/app/middlewares/log4.js
+++ b/server/app/middlewares/log4.js
@ -3,28 +3,27 @@ const { outDir, recordLog } = require('../config').logConfig

 log4js.configure({
  appenders: {
-    console: {
+    // 控制台输出
+    out: {
      type: 'stdout',
      layout: {
-        type: 'pattern',
-        pattern: '%[%d{yyyy-MM-dd hh:mm:ss.SSS} [%p] -%] %m'
+        type: 'colored'
      }
    },
+    // 保存日志文件
    cheese: {
      type: 'file',
-      maxLogSize: 10 * 1024 * 1024, // unit: bytes     1KB = 1024bytes
-      filename: `${ outDir }/receive.log`,
-      backups: 10,
-      compress: true,
-      keepFileExt: true
+      maxLogSize: 512*1024, // unit: bytes     1KB = 1024bytes
+      filename: `${ outDir }/receive.log`
    }
  },
  categories: {
    default: {
-      appenders: ['console', 'cheese'],
-      level: 'debug'
+      appenders: [ 'out', 'cheese' ], // 配置
+      level: 'info' // 只输出info以上级别的日志
    }
  }
+  // pm2: true
 })

 const logger = log4js.getLogger()
@ -56,7 +55,4 @@ const useLog = () => {
  }
 }

-module.exports = useLog()
-
-// 可以先测试一下日志是否正常工作
-logger.info('日志系统启动')
+module.exports = useLog()
--- a/server/app/middlewares/response.js
+++ b/server/app/middlewares/response.js
@ -22,7 +22,6 @@ const responseHandler = async (ctx, next) => {
  try {
    await next() // 每个中间件都需等待next完成调用，不然会返回404给前端!!!
  } catch (err) {
-    console.dir(err)
    consola.error('中间件错误：', err)
    if (err.status)
      ctx.res.fail({ status: err.status, msg: err.message }) // 自己主动抛出的错误 throwError
--- a/server/app/middlewares/static.js
+++ b/server/app/middlewares/static.js
@ -5,7 +5,7 @@ const useStatic = koaStatic(staticDir, {
  maxage: 1000 * 60 * 60 * 24 * 30,
  gzip: true,
  setHeaders: (res, path) => {
-    if (path && path.endsWith('.html')) {
+    if(path && path.endsWith('.html')) {
      res.setHeader('Cache-Control', 'max-age=0')
    }
  }
--- a/server/app/router/routes.js
+++ b/server/app/router/routes.js
@ -1,42 +1,29 @@
-const { getSSHList, addSSH, updateSSH, removeSSH, getCommand, decryptPrivateKey } = require('../controller/ssh')
-const { getHostList, addHost, updateHost, batchUpdateHost, removeHost, importHost } = require('../controller/host')
-const { login, getpublicKey, updatePwd, getEasynodeVersion, getMFA2Status, getMFA2Code, enableMFA2, disableMFA2, getPlusInfo, getPlusDiscount, getPlusConf, updatePlusKey } = require('../controller/user')
-const { getNotifyConfig, updateNotifyConfig, getNotifyList, updateNotifyList } = require('../controller/notify')
+const { updateSSH, removeSSH, existSSH, getCommand } = require('../controller/ssh')
+const { getHostList, saveHost, updateHost, removeHost, updateHostSort } = require('../controller/host')
+const { login, getpublicKey, updatePwd, getLoginRecord } = require('../controller/user')
+const { getSupportEmailList, getUserEmailList, updateUserEmailList, removeUserEmail, pushEmail, getNotifyList, updateNotifyList } = require('../controller/notify')
 const { getGroupList, addGroupList, updateGroupList, removeGroup } = require('../controller/group')
-const { getScriptList, getLocalScriptList, addScript, updateScriptList, removeScript, batchRemoveScript, importScript } = require('../controller/scripts')
-const { getOnekeyRecord, removeOnekeyRecord } = require('../controller/onekey')
-const { getLog } = require('../controller/log')

 const ssh = [
-  {
-    method: 'get',
-    path: '/get-ssh-list',
-    controller: getSSHList
-  },
-  {
-    method: 'post',
-    path: '/add-ssh',
-    controller: addSSH
-  },
  {
    method: 'post',
    path: '/update-ssh',
    controller: updateSSH
  },
  {
-    method: 'delete',
-    path: '/remove-ssh/:id',
+    method: 'post',
+    path: '/remove-ssh',
    controller: removeSSH
  },
+  {
+    method: 'post',
+    path: '/exist-ssh',
+    controller: existSSH
+  },
  {
    method: 'get',
    path: '/command',
    controller: getCommand
-  },
-  {
-    method: 'post',
-    path: '/decrypt-private-key',
-    controller: decryptPrivateKey
  }
 ]
 const host = [
@ -48,27 +35,22 @@ const host = [
  {
    method: 'post',
    path: '/host-save',
-    controller: addHost
+    controller: saveHost
  },
  {
    method: 'put',
    path: '/host-save',
    controller: updateHost
  },
-  {
-    method: 'put',
-    path: '/batch-update-host',
-    controller: batchUpdateHost
-  },
  {
    method: 'post',
    path: '/host-remove',
    controller: removeHost
  },
  {
-    method: 'post',
-    path: '/import-host',
-    controller: importHost
+    method: 'put',
+    path: '/host-sort',
+    controller: updateHostSort
  }
 ]
 const user = [
@ -89,60 +71,35 @@ const user = [
  },
  {
    method: 'get',
-    path: '/version',
-    controller: getEasynodeVersion
-  },
-  {
-    method: 'get',
-    path: '/mfa2-status',
-    controller: getMFA2Status
-  },
-  {
-    method: 'post',
-    path: '/mfa2-code',
-    controller: getMFA2Code
-  },
-  {
-    method: 'post',
-    path: '/mfa2-enable',
-    controller: enableMFA2
-  },
-  {
-    method: 'post',
-    path: '/mfa2-disable',
-    controller: disableMFA2
-  },
-  {
-    method: 'get',
-    path: '/plus-info',
-    controller: getPlusInfo
-  },
-  {
-    method: 'get',
-    path: '/plus-discount',
-    controller: getPlusDiscount
-  },
-  {
-    method: 'get',
-    path: '/plus-conf',
-    controller: getPlusConf
-  },
-  {
-    method: 'post',
-    path: '/plus-conf',
-    controller: updatePlusKey
+    path: '/get-login-record',
+    controller: getLoginRecord
  }
 ]
 const notify = [
  {
    method: 'get',
-    path: '/notify-config',
-    controller: getNotifyConfig
+    path: '/support-email',
+    controller: getSupportEmailList
  },
  {
-    method: 'put',
-    path: '/notify-config',
-    controller: updateNotifyConfig
+    method: 'get',
+    path: '/user-email',
+    controller: getUserEmailList
+  },
+  {
+    method: 'post',
+    path: '/push-email',
+    controller: pushEmail
+  },
+  {
+    method: 'post',
+    path: '/user-email',
+    controller: updateUserEmailList
+  },
+  {
+    method: 'delete',
+    path: '/user-email/:email',
+    controller: removeUserEmail
  },
  {
    method: 'get',
@ -179,62 +136,4 @@ const group = [
  }
 ]

-const scripts = [
-  {
-    method: 'get',
-    path: '/script',
-    controller: getScriptList
-  },
-  {
-    method: 'get',
-    path: '/local-script',
-    controller: getLocalScriptList
-  },
-  {
-    method: 'post',
-    path: '/script',
-    controller: addScript
-  },
-  {
-    method: 'delete',
-    path: '/script/:id',
-    controller: removeScript
-  },
-  {
-    method: 'post',
-    path: '/batch-remove-script',
-    controller: batchRemoveScript
-  },
-  {
-    method: 'put',
-    path: '/script/:id',
-    controller: updateScriptList
-  },
-  {
-    method: 'post',
-    path: '/import-script',
-    controller: importScript
-  }
-]
-
-const onekey = [
-  {
-    method: 'get',
-    path: '/onekey',
-    controller: getOnekeyRecord
-  },
-  {
-    method: 'post',
-    path: '/onekey',
-    controller: removeOnekeyRecord
-  }
-]
-
-const log = [
-  {
-    method: 'get',
-    path: '/log',
-    controller: getLog
-  }
-]
-module.exports = [].concat(ssh, host, user, notify, group, scripts, onekey, log)
+module.exports = [].concat(ssh, host, user, notify, group)
--- a/server/app/schedule/expired-notify.js
+++ b/server/app/schedule/expired-notify.js
@ -0,0 +1,29 @@
+const schedule = require('node-schedule')
+const { readHostList, sendEmailToConfList, formatTimestamp } = require('../utils')
+
+const expiredNotifyJob = () => {
+  consola.info('=====开始检测服务器到期时间=====', new Date())
+  const hostList = readHostList()
+  for (const item of hostList) {
+    if(!item.expiredNotify) continue
+    const { host, name, expired, consoleUrl } = item
+    const restDay = Number(((expired - Date.now()) / (1000 * 60 * 60 * 24)).toFixed(1))
+    console.log(Date.now(), restDay)
+    let title = '服务器到期提醒'
+    let content = `别名: ${ name }<br/>IP: ${ host }<br/>到期时间：${ formatTimestamp(expired, 'week') }<br/>控制台: ${ consoleUrl || '未填写' }`
+    if(0 <= restDay && restDay <= 1) {
+      let temp = '有服务器将在一天后到期，请关注<br/>'
+      sendEmailToConfList(title, temp + content)
+    }else if(3 <= restDay && restDay < 4) {
+      let temp = '有服务器将在三天后到期，请关注<br/>'
+      sendEmailToConfList(title, temp + content)
+    }else if(7 <= restDay && restDay < 8) {
+      let temp = '有服务器将在七天后到期，请关注<br/>'
+      sendEmailToConfList(title, temp + content)
+    }
+  }
+}
+
+module.exports = () => {
+  schedule.scheduleJob('0 0 12 1/1 * ?', expiredNotifyJob)
+}
--- a/server/app/schedule/index.js
+++ b/server/app/schedule/index.js
@ -1,32 +1,7 @@
-const schedule = require('node-schedule')
-const { sendNoticeAsync } = require('../utils/notify')
-const { formatTimestamp } = require('../utils/tools')
-const { HostListDB } = require('../utils/db-class')
-const hostListDB = new HostListDB().getInstance()
-
-const expiredNotifyJob = async () => {
-  consola.info('=====开始检测服务器到期时间=====', new Date())
-  const hostList = await hostListDB.findAsync({})
-  for (const item of hostList) {
-    if (!item.expiredNotify) continue
-    const { host, name, expired, consoleUrl } = item
-    const restDay = Number(((expired - Date.now()) / (1000 * 60 * 60 * 24)).toFixed(1))
-    console.log(Date.now(), restDay)
-    let title = '服务器到期提醒'
-    let content = `别名: ${ name }\nIP: ${ host }\n到期时间：${ formatTimestamp(expired, 'week') }\n控制台: ${ consoleUrl || '未填写' }`
-    if (0 <= restDay && restDay <= 1) {
-      let temp = '有服务器将在一天后到期，请关注\n'
-      sendNoticeAsync('host_expired', title, temp + content)
-    } else if (3 <= restDay && restDay < 4) {
-      let temp = '有服务器将在三天后到期，请关注\n'
-      sendNoticeAsync('host_expired', title, temp + content)
-    } else if (7 <= restDay && restDay < 8) {
-      let temp = '有服务器将在七天后到期，请关注\n'
-      sendNoticeAsync('host_expired', title, temp + content)
-    }
-  }
-}
+const offlineInspect = require('./offline-inspect')
+const expiredNotify = require('./expired-notify')

 module.exports = () => {
-  schedule.scheduleJob('0 0 12 1/1 * ?', expiredNotifyJob)
+  offlineInspect()
+  expiredNotify()
 }
--- a/server/app/schedule/offline-inspect.js
+++ b/server/app/schedule/offline-inspect.js
@ -0,0 +1,39 @@
+const schedule = require('node-schedule')
+const { clientPort } = require('../config')
+const { readHostList, sendEmailToConfList, getNotifySwByType, formatTimestamp, isProd } = require('../utils')
+const testConnectAsync = require('../utils/test-connect')
+
+let sendNotifyRecord = new Map()
+const offlineJob = () => {
+  let sw = getNotifySwByType('host_offline')
+  if(!sw) return
+  consola.info('=====开始检测服务器状态=====', new Date())
+  for (const item of readHostList()) {
+    const { host, name } = item
+    // consola.info('start inpect:', host, name )
+    testConnectAsync({
+      port: clientPort ,
+      host: `http://${ host }`,
+      timeout: 3000,
+      retryTimes: 20 // 尝试重连次数
+    })
+      .then(() => {
+        // consola.success('测试连接成功:', host, name)
+      })
+      .catch((error) => {
+        consola.error('测试连接失败: ', host, name)
+        // 当前小时是否发送过通知
+        let curHourIsSend = sendNotifyRecord.has(host) && (sendNotifyRecord.get(host).sendTime === formatTimestamp(Date.now(), 'hour'))
+        if(curHourIsSend) return consola.info('当前小时已发送过通知: ', sendNotifyRecord.get(host).sendTime)
+        sendEmailToConfList('服务器离线提醒', `别名: ${ name }<br/>IP: ${ host }<br/>错误信息：${ error.message }`)
+          .then(() => {
+            sendNotifyRecord.set(host, { 'sendTime': formatTimestamp(Date.now(), 'hour') })
+          })
+      })
+  }
+}
+
+module.exports = () => {
+  if(!isProd()) return consola.info('本地开发不检测服务器离线状态')
+  schedule.scheduleJob('0 0/5 12 1/1 * ?', offlineJob)
+}
--- a/server/app/server.js
+++ b/server/app/server.js
@ -1,13 +1,15 @@
 const Koa = require('koa')
 const compose = require('koa-compose') // 组合中间件，简化写法
 const http = require('http')
+const { clientPort } = require('./config')
 const { httpPort } = require('./config')
 const middlewares = require('./middlewares')
+const wsMonitorOsInfo = require('./socket/monitor')
 const wsTerminal = require('./socket/terminal')
 const wsSftp = require('./socket/sftp')
+const wsHostStatus = require('./socket/host-status')
 const wsClientInfo = require('./socket/clients')
-const wsOnekey = require('./socket/onekey')
-const { throwError } = require('./utils/tools')
+const { throwError } = require('./utils')

 const httpServer = () => {
  const app = new Koa()
@ -19,12 +21,21 @@ const httpServer = () => {
  })
 }

+const clientHttpServer = () => {
+  const app = new Koa()
+  const server = http.createServer(app.callback())
+  wsMonitorOsInfo(server) // 监控本机信息
+  server.listen(clientPort, () => {
+    consola.success(`Client(http) is running on: http://localhost:${ clientPort }`)
+  })
+}
+
 // 服务
 function serverHandler(app, server) {
  app.proxy = true // 用于nginx反代时获取真实客户端ip
  wsTerminal(server) // 终端
  wsSftp(server) // sftp
-  wsOnekey(server) // 一键指令
+  wsHostStatus(server) // 终端侧边栏host信息
  wsClientInfo(server) // 客户端信息
  app.context.throwError = throwError // 常用方法挂载全局ctx上
  app.use(compose(middlewares))
@ -39,5 +50,6 @@ function serverHandler(app, server) {
 }

 module.exports = {
-  httpServer
+  httpServer,
+  clientHttpServer
 }
--- a/server/app/socket/clients.js
+++ b/server/app/socket/clients.js
@ -1,62 +1,48 @@
 const { Server: ServerIO } = require('socket.io')
 const { io: ClientIO } = require('socket.io-client')
-const { defaultClientPort } = require('../config')
-const { verifyAuthSync } = require('../utils/verify-auth')
-const { isAllowedIp } = require('../utils/tools')
-const { HostListDB } = require('../utils/db-class')
-const hostListDB = new HostListDB().getInstance()
+const { readHostList } = require('../utils')
+const { clientPort } = require('../config')
+const { verifyAuth } = require('../utils')

-let clientSockets = []
-let clientsData = {}
+let clientSockets = {}, clientsData = {}

-async function getClientsInfo(clientSockets) {
-  let hostList = await hostListDB.findAsync({})
-  clientSockets.forEach((clientItem) => {
-    // 被删除的客户端断开连接
-    if (!hostList.some(item => item.host === clientItem.host)) clientItem.close && clientItem.close()
-  })
+function getClientsInfo(socketId) {
+  let hostList = readHostList()
  hostList
-    .map(({ host, name, clientPort }) => {
-      // 已经建立io连接(无论是否连接成功)的host不再重复建立连接,因为存在多次(reconnectionAttempts)的重试机制
-      if (clientSockets.some(item => `${ item.host }:${ item.clientPort || defaultClientPort }` === `${ host }:${ clientPort || defaultClientPort }`)) return { name, isIo: true }
-      // console.log(name, 'clientPort:', clientPort)
-      let clientSocket = ClientIO(`http://${ host }:${ clientPort || defaultClientPort }`, {
+    .map(({ host, name }) => {
+      let clientSocket = ClientIO(`http://${ host }:${ clientPort }`, {
        path: '/client/os-info',
        forceNew: true,
        timeout: 5000,
-        reconnectionDelay: 5000,
-        reconnectionAttempts: 1000
+        reconnectionDelay: 3000,
+        reconnectionAttempts: 100
      })
      // 将与客户端连接的socket实例保存起来，web端断开时关闭这些连接
-      clientSockets.push({ host, name, clientPort, clientSocket })
+      clientSockets[socketId].push(clientSocket)
      return {
        host,
        name,
-        clientPort,
        clientSocket
      }
    })
-    .forEach((item) => {
-      if (item.isIo) return // console.log('已经建立io连接的host不再重复建立连接', item.name)
-      const { host, name, clientPort, clientSocket } = item
-      // eslint-disable-next-line no-unused-vars
+    .map(({ host, name, clientSocket }) => {
      clientSocket
        .on('connect', () => {
          consola.success('client connect success:', host, name)
          clientSocket.on('client_data', (osData) => {
-            clientsData[`${ host }:${ clientPort || defaultClientPort }`] = { connect: true, ...osData }
+            clientsData[host] = osData
          })
          clientSocket.on('client_error', (error) => {
-            clientsData[`${ host }:${ clientPort || defaultClientPort }`] = { connect: true, error: `client_error: ${ error }` }
+            clientsData[host] = error
          })
        })
-        .on('connect_error', (error) => { // 连接失败
-          // consola.error('client connect fail:', host, name, error.message)
-          clientsData[`${ host }:${ clientPort || defaultClientPort }`] = { connect: false, error: `client_connect_error: ${ error }` }
+        .on('connect_error', (error) => {
+          consola.error('client connect fail:', host, name, error.message)
+          clientsData[host] = null
        })
-        .on('disconnect', (error) => { // 一方主动断开连接
-          // consola.info('client connect disconnect:', host, name)
-          clientsData[`${ host }:${ clientPort || defaultClientPort }`] = { connect: false, error: `client_disconnect: ${ error }` }
+        .on('disconnect', () => {
+          consola.info('client connect disconnect:', host, name)
+          clientsData[host] = null
        })
    })
 }
@ -71,38 +57,40 @@ module.exports = (httpServer) => {

  serverIo.on('connection', (socket) => {
    // 前者兼容nginx反代, 后者兼容nodejs自身服务
-    let requestIP = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
-    if (!isAllowedIp(requestIP)) {
-      socket.emit('ip_forbidden', 'IP地址不在白名单中')
-      socket.disconnect()
-      return
-    }
-    socket.on('init_clients_data', async ({ token }) => {
-      const { code, msg } = await verifyAuthSync(token, requestIP)
-      if (code !== 1) {
+    let clientIp = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
+    socket.on('init_clients_data', ({ token }) => {
+      // 校验登录态
+      const { code, msg } = verifyAuth(token, clientIp)
+      if(code !== 1) {
        socket.emit('token_verify_fail', msg || '鉴权失败')
        socket.disconnect()
        return
      }

-      getClientsInfo(clientSockets)
+      // 收集web端连接的id
+      clientSockets[socket.id] = []
+      consola.info('client连接socketId: ', socket.id, 'clients-socket已连接数: ', Object.keys(clientSockets).length)

-      socket.on('refresh_clients_data', async () => {
-        consola.info('refresh clients-socket')
-        getClientsInfo(clientSockets)
-      })
+      // 获取客户端数据
+      getClientsInfo(socket.id)

+      // 立即推送一次
+      socket.emit('clients_data', clientsData)
+
+      // 向web端推送数据
      let timer = null
      timer = setInterval(() => {
        socket.emit('clients_data', clientsData)
      }, 1000)

+      // 关闭连接
      socket.on('disconnect', () => {
-        if (timer) clearInterval(timer)
-        clientSockets.forEach(item => item.clientSocket.close && item.clientSocket.close())
-        clientSockets = []
-        clientsData = {}
-        consola.info('clients-socket 连接断开: ', socket.id)
+        // 防止内存泄漏
+        if(timer) clearInterval(timer)
+        // 当web端与服务端断开连接时, 服务端与每个客户端的socket也应该断开连接
+        clientSockets[socket.id].forEach(socket => socket.close && socket.close())
+        delete clientSockets[socket.id]
+        consola.info('断开socketId: ', socket.id, 'clients-socket剩余连接数: ', Object.keys(clientSockets).length)
      })
    })
  })
--- a/server/app/socket/host-status.js
+++ b/server/app/socket/host-status.js
@ -0,0 +1,74 @@
+const { Server: ServerIO } = require('socket.io')
+const { io: ClientIO } = require('socket.io-client')
+const { clientPort } = require('../config')
+const { verifyAuth } = require('../utils')
+
+let hostSockets = {}
+
+function getHostInfo(serverSocket, host) {
+  let hostSocket = ClientIO(`http://${ host }:${ clientPort }`, {
+    path: '/client/os-info',
+    forceNew: false,
+    timeout: 5000,
+    reconnectionDelay: 3000,
+    reconnectionAttempts: 100
+  })
+  // 将与客户端连接的socket实例保存起来，web端断开时关闭与客户端的连接
+  hostSockets[serverSocket.id] = hostSocket
+
+  hostSocket
+    .on('connect', () => {
+      consola.success('host-status-socket连接成功:', host)
+      hostSocket.on('client_data', (data) => {
+        serverSocket.emit('host_data', data)
+      })
+      hostSocket.on('client_error', () => {
+        serverSocket.emit('host_data', null)
+      })
+    })
+    .on('connect_error', (error) => {
+      consola.error('host-status-socket连接[失败]:', host, error.message)
+      serverSocket.emit('host_data', null)
+    })
+    .on('disconnect', () => {
+      consola.info('host-status-socket连接[断开]:', host)
+      serverSocket.emit('host_data', null)
+    })
+}
+
+module.exports = (httpServer) => {
+  const serverIo = new ServerIO(httpServer, {
+    path: '/host-status',
+    cors: {
+      origin: '*' // 需配置跨域
+    }
+  })
+
+  serverIo.on('connection', (serverSocket) => {
+    // 前者兼容nginx反代, 后者兼容nodejs自身服务
+    let clientIp = serverSocket.handshake.headers['x-forwarded-for'] || serverSocket.handshake.address
+    serverSocket.on('init_host_data', ({ token, host }) => {
+      // 校验登录态
+      const { code, msg } = verifyAuth(token, clientIp)
+      if(code !== 1) {
+        serverSocket.emit('token_verify_fail', msg || '鉴权失败')
+        serverSocket.disconnect()
+        return
+      }
+
+      // 获取客户端数据
+      getHostInfo(serverSocket, host)
+
+      consola.info('host-status-socket连接socketId: ', serverSocket.id, 'host-status-socket已连接数: ', Object.keys(hostSockets).length)
+
+      // 关闭连接
+      serverSocket.on('disconnect', () => {
+        // 当web端与服务端断开连接时, 服务端与每个客户端的socket也应该断开连接
+        let socket = hostSockets[serverSocket.id]
+        socket.close && socket.close()
+        delete hostSockets[serverSocket.id]
+        consola.info('host-status-socket剩余连接数: ', Object.keys(hostSockets).length)
+      })
+    })
+  })
+}
--- a/server/app/socket/monitor.js
+++ b/server/app/socket/monitor.js
@ -0,0 +1,71 @@
+const { Server } = require('socket.io')
+const schedule = require('node-schedule')
+const axios = require('axios')
+let getOsData = require('../utils/os-data')
+const consola = require('consola')
+
+let serverSockets = {}, ipInfo = {}, osData = {}
+
+async function getIpInfo() {
+  try {
+    let { data } = await axios.get('http://ip-api.com/json?lang=zh-CN')
+    consola.success('getIpInfo Success: ', new Date())
+    ipInfo = data
+  } catch (error) {
+    consola.error('getIpInfo Error: ', new Date(), error)
+  }
+}
+
+function ipSchedule() {
+  let rule1 = new schedule.RecurrenceRule()
+  rule1.second = [0, 30]
+  schedule.scheduleJob(rule1, () => {
+    let { query, country, city } = ipInfo || {}
+    if(query && country && city) return
+    consola.success('Task: start getIpInfo', new Date())
+    getIpInfo()
+  })
+
+  // 每日凌晨两点整,刷新ip信息(兼容动态ip服务器)
+  let rule2 = new schedule.RecurrenceRule()
+  rule2.hour = 2
+  rule2.minute = 0
+  rule2.second = 0
+  schedule.scheduleJob(rule2, () => {
+    consola.info('Task: refresh ip info', new Date())
+    getIpInfo()
+  })
+}
+
+ipSchedule()
+
+module.exports = (httpServer) => {
+  const serverIo = new Server(httpServer, {
+    path: '/client/os-info',
+    cors: {
+      origin: '*'
+    }
+  })
+
+  serverIo.on('connection', (socket) => {
+    // 存储对应websocket连接的定时器
+    serverSockets[socket.id] = setInterval(async () => {
+      try {
+        osData = await getOsData()
+        socket && socket.emit('client_data', Object.assign(osData, { ipInfo }))
+      } catch (error) {
+        consola.error('客户端错误：', error)
+        socket && socket.emit('client_error', { error })
+      }
+    }, 1000)
+
+    socket.on('disconnect', () => {
+      // 断开时清楚对应的websocket连接
+      if(serverSockets[socket.id]) clearInterval(serverSockets[socket.id])
+      delete serverSockets[socket.id]
+      socket.close && socket.close()
+      socket = null
+      // console.log('断开socketId: ', socket.id, '剩余链接数: ', Object.keys(serverSockets).length)
+    })
+  })
+}
--- a/server/app/socket/onekey.js
+++ b/server/app/socket/onekey.js
@ -1,217 +0,0 @@
-const { Server } = require('socket.io')
-const { Client: SSHClient } = require('ssh2')
-const { sendNoticeAsync } = require('../utils/notify')
-const { verifyAuthSync } = require('../utils/verify-auth')
-const { shellThrottle } = require('../utils/tools')
-const { AESDecryptAsync } = require('../utils/encrypt')
-const { isAllowedIp } = require('../utils/tools')
-const { HostListDB, CredentialsDB, OnekeyDB } = require('../utils/db-class')
-const hostListDB = new HostListDB().getInstance()
-const credentialsDB = new CredentialsDB().getInstance()
-const onekeyDB = new OnekeyDB().getInstance()
-
-const execStatusEnum = {
-  connecting: '连接中',
-  connectFail: '连接失败',
-  executing: '执行中',
-  execSuccess: '执行成功',
-  execFail: '执行失败',
-  execTimeout: '执行超时',
-  socketInterrupt: '执行中断'
-}
-
-let isExecuting = false
-let execResult = []
-let execClient = []
-
-function disconnectAllExecClient() {
-  execClient.forEach((sshClient) => {
-    if (sshClient) {
-      sshClient.end()
-      sshClient.destroy()
-      sshClient = null
-    }
-  })
-}
-
-function execShell(socket, sshClient, curRes, resolve) {
-  const throttledDataHandler = shellThrottle(() => {
-    socket.emit('output', execResult)
-    // const memoryUsage = process.memoryUsage()
-    // const formattedMemoryUsage = {
-    //   rss: (memoryUsage.rss / 1024 / 1024).toFixed(2) + ' MB', // Resident Set Size: total memory allocated for the process execution
-    //   heapTotal: (memoryUsage.heapTotal / 1024 / 1024).toFixed(2) + ' MB', // Total size of the allocated heap
-    //   heapUsed: (memoryUsage.heapUsed / 1024 / 1024).toFixed(2) + ' MB', // Actual memory used during the execution
-    //   external: (memoryUsage.external / 1024 / 1024).toFixed(2) + ' MB', // Memory used by "external" components like V8 external memory
-    //   arrayBuffers: (memoryUsage.arrayBuffers / 1024 / 1024).toFixed(2) + ' MB' // Memory allocated for ArrayBuffer and SharedArrayBuffer, including all Node.js Buffers
-    // }
-    // console.log(formattedMemoryUsage)
-  }, 500) // 防止内存爆破
-  sshClient.exec(curRes.command, function(err, stream) {
-    if (err) {
-      console.log(curRes.host, '命令执行失败:', err)
-      curRes.status = execStatusEnum.execFail
-      curRes.result += err.toString()
-      socket.emit('output', execResult)
-      return
-    }
-    stream
-      .on('close', async () => {
-        // shell关闭后，再执行一次输出，防止最后一次节流函数发生在延迟时间内导致终端的输出数据丢失
-        await throttledDataHandler.last() // 等待最后一次节流函数执行完成，再执行一次数据输出
-        // console.log('onekey终端执行完成, 关闭连接: ', curRes.host)
-        if (curRes.status === execStatusEnum.executing) {
-          curRes.status = execStatusEnum.execSuccess
-        }
-        socket.emit('output', execResult)
-        resolve(curRes)
-        sshClient.end()
-      })
-      .on('data', (data) => {
-        // console.log(curRes.host, '执行中: \n' + data)
-        curRes.status = execStatusEnum.executing
-        curRes.result += data.toString()
-        // socket.emit('output', execResult)
-        throttledDataHandler(data)
-      })
-      .stderr
-      .on('data', (data) => {
-        // console.log(curRes.host, '命令执行过程中产生错误: ' + data)
-        curRes.status = execStatusEnum.executing
-        curRes.result += data.toString()
-        // socket.emit('output', execResult)
-        throttledDataHandler(data)
-      })
-  })
-}
-
-module.exports = (httpServer) => {
-  const serverIo = new Server(httpServer, {
-    path: '/onekey',
-    cors: {
-      origin: '*'
-    }
-  })
-  serverIo.on('connection', (socket) => {
-    // 前者兼容nginx反代, 后者兼容nodejs自身服务
-    let requestIP = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
-    if (!isAllowedIp(requestIP)) {
-      socket.emit('ip_forbidden', 'IP地址不在白名单中')
-      socket.disconnect()
-      return
-    }
-    consola.success('onekey-terminal websocket 已连接')
-    if (isExecuting) {
-      socket.emit('create_fail', '正在执行中, 请稍后再试')
-      socket.disconnect()
-      return
-    }
-    isExecuting = true
-    socket.on('create', async ({ hostIds, token, command, timeout }) => {
-      const { code } = await verifyAuthSync(token, requestIP)
-      if (code !== 1) {
-        socket.emit('token_verify_fail')
-        socket.disconnect()
-        return
-      }
-      setTimeout(() => {
-        // 超时未执行完成，强制断开连接
-        const { connecting, executing } = execStatusEnum
-        execResult.forEach(item => {
-          // 连接中和执行中的状态设定为超时
-          if ([connecting, executing].includes(item.status)) {
-            item.status = execStatusEnum.execTimeout
-          }
-        })
-        let reason = `执行超时,已强制终止执行 - 超时时间${ timeout }秒`
-        sendNoticeAsync('onekey_complete', '批量指令执行超时', reason)
-        socket.emit('timeout', { reason, result: execResult })
-        socket.disconnect()
-        disconnectAllExecClient()
-      }, timeout * 1000)
-      console.log('hostIds:', hostIds)
-      // console.log('token:', token)
-      console.log('command:', command)
-      const hostList = await hostListDB.findAsync({})
-      const targetHostsInfo = hostList.filter(item => hostIds.some(id => item._id === id)) || {}
-      // console.log('targetHostsInfo:', targetHostsInfo)
-      if (!targetHostsInfo.length) return socket.emit('create_fail', `未找到【${ hostIds }】服务器信息`)
-      // 查找 hostInfo -> 并发执行
-      socket.emit('ready')
-      let execPromise = targetHostsInfo.map((hostInfo, index) => {
-        // eslint-disable-next-line no-async-promise-executor
-        return new Promise(async (resolve, reject) => {
-          setTimeout(() => reject('执行超时'), timeout * 1000)
-          let { authType, host, port, username } = hostInfo
-          let authInfo = { host, port, username }
-          let curRes = { command, host, port, name: hostInfo.name, result: '', status: execStatusEnum.connecting, date: Date.now() - (targetHostsInfo.length - index) } // , execStatusEnum
-          execResult.push(curRes)
-          try {
-            if (authType === 'credential') {
-              let credentialId = await AESDecryptAsync(hostInfo['credential'])
-              const sshRecordList = await credentialsDB.findAsync({})
-              const sshRecord = sshRecordList.find(item => item._id === credentialId)
-              authInfo.authType = sshRecord.authType
-              authInfo[authInfo.authType] = await AESDecryptAsync(sshRecord[authInfo.authType])
-            } else {
-              authInfo[authType] = await AESDecryptAsync(hostInfo[authType])
-            }
-            consola.info('准备连接终端执行一次性指令：', host)
-            consola.log('连接信息', { username, port, authType })
-            let sshClient = new SSHClient()
-            execClient.push(sshClient)
-            sshClient
-              .on('ready', () => {
-                consola.success('连接终端成功：', host)
-                // socket.emit('connect_success', `已连接到终端：${ host }`)
-                execShell(socket, sshClient, curRes, resolve)
-              })
-              .on('error', (err) => {
-                console.log(err)
-                consola.error('onekey终端连接失败:', err.level)
-                curRes.status = execStatusEnum.connectFail
-                curRes.result += err.message
-                socket.emit('output', execResult)
-                resolve(curRes)
-              })
-              .connect({
-                ...authInfo
-              // debug: (info) => console.log(info)
-              })
-          } catch (err) {
-            consola.error('创建终端错误:', err.message)
-            curRes.status = execStatusEnum.connectFail
-            curRes.result += err.message
-            socket.emit('output', execResult)
-            resolve(curRes)
-          }
-        })
-      })
-      try {
-        await Promise.all(execPromise)
-        consola.success('onekey执行完成')
-        socket.emit('exec_complete')
-        sendNoticeAsync('onekey_complete', '批量指令执行完成', '请登录面板查看执行结果')
-        socket.disconnect()
-      } catch (error) {
-        consola.error('onekey执行失败', error)
-      }
-    })
-
-    socket.on('disconnect', async (reason) => {
-      consola.info('onekey终端连接断开:', reason)
-      disconnectAllExecClient()
-      const { execSuccess, connectFail, execFail, execTimeout } = execStatusEnum
-      execResult.forEach(item => {
-        // 非服务端手动断开连接且命令执行状态为非完成\失败\超时, 判定为客户端主动中断
-        if (reason !== 'server namespace disconnect' && ![execSuccess, execFail, execTimeout, connectFail].includes(item.status)) {
-          item.status = execStatusEnum.socketInterrupt
-        }
-      })
-      await onekeyDB.insertAsync(execResult)
-      isExecuting = false
-      execResult = []
-      execClient = []
-    })
-  })
-}
--- a/server/app/socket/plus.js
+++ b/server/app/socket/plus.js
@ -1 +0,0 @@
-U2FsdGVkX1+P63MsIfF2N9/XM16sWy0/pZMWy+0Ptf+FhySv/AiawI4Pcf/HQU7Auxde+GszGb7+t+i1Ckngo6VK9PkwALR87GbqCJtGeMazZTkEGkmNuePdpej0O3oAuwITI1FOKPW4Xe4RIFAkJfghqCgUD0Ps0Y6sPwIxOX7fTi4TopNksRMQ5X+UvezrGnPsF5EC2CAPmKwtRFWVqx5csAFhifvMxwEA+WCA7l9KLLvcybGtY4RZf0uSLb6qGxrJBN/zbQ1MMxVw9JbUML09uQ3VKLvQMJZmjctIpZDr4YEMMMdDD/qDk64feV8Tc5VPENsyl2i9kxZ4Z3s5pUu6oDm+/GE2ag0OMITgg7Wc6QpeqlWJwgAeGuqxz2nnuQfGbhHv4g800Hwc7C6ylYgHHeSY+gx39PyDQy1tE7vtW/83ZQUSgWRXxMYTMHUgYKh6P3XG+HxJz6vRjpZqwjPIc3jd253EQnHVG4YZ7VxjBFwpcmidnkvKMa+dvQSZypOL3XLKlMSGdMWFbtVuw4MMYnTBadWkS3eekdVFtvpG5NRqga0TBxPeoISLsn717u9BYcROHvPzvX/MKG7S9CGClZb4mYbOPxKmENPT6AvQbCrzOlK6X/kHTLOxivc2O5uzL4CRXBKFDeaAUJqs/PLZuCfvdmMBKPiMQpCLtFBYCXoxDarggu2D8EZYcoxFPJ/YE7sy/bFa52hQ0V1wYXkhwez1Q4Q3PH1dqdzOESOI30KEOk9TwkEhdV69ymZ6rb6cXWy1KOph2Vo8dQhgNItgvNCCyEuojR54eXnh8x7R1FHmITrobfRZZOYmpFFRZntirTpkEDvt8sPR7G+STcfKc+OgNVoCSV2Ca79Ex0BVACRxWTrafC+VX80mQGldt3wwTk2P+7mcTl0NqH6F7hfzaDjHLy/pbd/78lJLToMz7K1/PaPfOAlVsD5MTh2hefAmqTDZRKfBHyQQjwgh2hNqpmzP2tcQqO5qeigk3fzvZjyXAX2Zqu85hc6QI0Quc4zRS1hb0uY93mnOLnOksTgCNPZHDCTmzT7N0v4D/oABq2VyFFDIvMlzy1kD1WnpmhPldfm+J268QnGfMoR7ob6quZB660xc3V/9zN16ZeVKAhFfzwVHApubxTOYtIIQWLzGj9Q2eqYCXf2p3n8CYF8YV3L1LT6FxEK//MOBXZZbf7JC7tkSWb0EdRf2wuxlDocrxXzSTuIFlpBuG4Dcjf9wVCn3NuQJhqVAdxSX98K/sJpKYPELyYwTvSwG8v2MApAAgv7v+NfgSswXGCVlYpeildrVM4AafoZjBVb4OJK5YvDgmhyhzKP8copwAwi2/tGK8x/fiT0oTQhR60c7wZBuaj3/D0uDxNCcRct5/DYvb3dU1qMDmPfw0BNE7xhHouVLM12tdSnZxxFWgq5747aOpD+yYfgQBxToXsAbfEZLZLfRXPqcNjJWdnY1ZlqARyrzFKbBlGu/HhdEpldDxhdOFLkjytrA7NzvKJKfWvxbtv+jkVYL6SNdLfRoaUe0ecPJH/Gq12FhRXXudPRQT/xqQ5TXCJZ41gkmd7B9oMuVrmpDhaSKkX1loSj/Mhezzq5vIrZPd3+qK7wMeFrxvY7E4wIlK1gZdyQXBzUh8VPQzY6KFEDV4fekqkxkdKm4oX8Ij3IJfuX52+lIJdhL3t3p/j7mLLc1L9hvRudgWnujLEOi8syJv8EkKARC9OmO0S1okf1R805fenbS6MiM7zoFqza6iNn/9uJwgzCjxoTqpLoPwU2OYQyN3h4LnRoV5qsCo/RUunrdkAAQp85iTMSTWm0ux9R/jy+IHe62zwfrCq9xsdqMZ/0MZPRAyGIh5Cr0JbhXwT5s8meI5MgjJ107+hfSdo0ufSqGnceTfvfNVGUt8KO2PWFwgb7fyAiirnIL53lgKOo8dD4tDVZjfClGdIG7KJFty5M3rzyCyPl5ZeQJRD6YZVZG3HPFt4BDPDecPMK63zvrX9zSK3FV5GyBgZQQVMQbou+gpnGdSGw3NI0agN47hRYjFsbvGPrVjBKiPrfnBKkd2lyqKvd2cns/yYmgGXtehYasnPLU01dvRHicQ+TduvMR4NYMCytiDbiKqwBaYI+yt7cKNSf4cQQT9b3DD8pl9dQhzrnAY0tHxSLCVZzl7LCbYzaITQRLzBoIzCmPrFGLj6j2HuGc+gQ3Hd2/HisVAYxbW6Fu0SXQa9nnGW7k+3AJFRs5EvF++QffNW2rMYaBqr+c1jfwURzc7dGD8PNtDJkx3T6eSKx9l4iWR5/LDW+SXrk2OCzMdznsBNCJJbaKzUqs1HlIEuwQ/hHMjk4M+f4/SmbECE3cQXd+nseEoUnKbn/MiWi2lNyjacXuLTtrjDITK9jIZD0Ixfci5Eer2fuPJw7RXr1rb8bjlZWttpjN45NORLB8usjiiEdklPjQMUmTjXgALATorkWt6vc76zB4Fbk5jOwJ53+W1RqvUxt5S+WIhH55jOxYHqrEppguVMw1w4RIceaL/CYunwHxiD5w58hjJ4bR5fXjwARwM/EDGHgPvfV0dDxhBxbBtKrcemUYlBI40wwbOuDgfdnfcJNVCxaVX0Hto/VuqXvfP3eoQT2Vasz96y2/GbSS0rBGtNn9EzPwGZvBrumbl4ezQJp+HjSN65GLXjDNY+ZajGaOs+pK1O8ooAqODnfAhPd3LkMxQxlkqNy8l4KFUPA1lqd8ohK+4UThmfRCQDKPLTdFV/oTvEdBo0d/oN3xJM9ValH+0e3w86b+cmXnLzUxUzeIhmXWW8ctGtNmzV2fewh8ChPl75MCU5d88uzC03YbfZHOOtokTqkhLYhz4il7KSnA+EFEWB7GOvVqnkM/LAwDcJ/1qvqBah+WnDs9uQXTF+QXn/N1q/+83lu9JQWK0crV2mTJHk8efTHBn6oEN8P9pXf2BCJQzbukA/q50QvQU33p8P2VOqL/bHwsaolIhWrys5lyM4pwpMqxvnP5YIFjEhGhcCHLtqL5jvETh3X78HHiEhjmNzwtj3wa/NrgvzJhepqWWGGBK1DEYoMj21cFPpUeB/+2
--- a/server/app/socket/sftp.js
+++ b/server/app/socket/sftp.js
@ -1,18 +1,29 @@
-const rawPath = require('path')
-const fs = require('fs-extra')
-const SFTPClient = require('ssh2-sftp-client')
-const CryptoJS = require('crypto-js')
 const { Server } = require('socket.io')
+const SFTPClient = require('ssh2-sftp-client')
+const rawPath = require('path')
+const fs = require('fs')
+const { readSSHRecord, verifyAuth, RSADecrypt, AESDecrypt } = require('../utils')
 const { sftpCacheDir } = require('../config')
-const { verifyAuthSync } = require('../utils/verify-auth')
-const { AESDecryptAsync } = require('../utils/encrypt')
-const { isAllowedIp } = require('../utils/tools')
-const { HostListDB, CredentialsDB } = require('../utils/db-class')
-const hostListDB = new HostListDB().getInstance()
-const credentialsDB = new CredentialsDB().getInstance()
+const CryptoJS = require('crypto-js')

-// 读取切片
+function clearDir(path, rmSelf = false) {
+  let files = []
+  if(!fs.existsSync(path)) return consola.info('clearDir: 目标文件夹不存在')
+  files = fs.readdirSync(path)
+  files.forEach((file) => {
+    let curPath = path + '/' + file
+    if(fs.statSync(curPath).isDirectory()){
+      clearDir(curPath) //递归删除文件夹
+      fs.rmdirSync(curPath) // 删除文件夹
+    } else {
+      fs.unlinkSync(curPath) //删除文件
+    }
+  })
+  if(rmSelf) fs.rmdirSync(path)
+  consola.success('clearDir: 已清空缓存文件')
+}
 const pipeStream = (path, writeStream) => {
+  // console.log('path', path)
  return new Promise(resolve => {
    const readStream = fs.createReadStream(path)
    readStream.on('end', () => {
@ -24,12 +35,12 @@ const pipeStream = (path, writeStream) => {
 }

 function listenInput(sftpClient, socket) {
-  socket.on('open_dir', async (path, tips = true) => {
+  socket.on('open_dir', async (path) => {
    const exists = await sftpClient.exists(path)
-    if (!exists) return socket.emit('not_exists_dir', tips ? '目录不存在或当前不可访问' : '')
+    if(!exists) return socket.emit('not_exists_dir', '目录不存在或当前不可访问')
    try {
      let dirLs = await sftpClient.list(path)
-      socket.emit('dir_ls', dirLs, path)
+      socket.emit('dir_ls', dirLs)
    } catch (error) {
      consola.error('open_dir Error', error.message)
      socket.emit('sftp_error', error.message)
@ -37,8 +48,7 @@ function listenInput(sftpClient, socket) {
  })
  socket.on('rm_dir', async (path) => {
    const exists = await sftpClient.exists(path)
-    if (!exists) return socket.emit('not_exists_dir', '目录不存在或当前不可访问')
-    consola.info('rm_dir: ', path)
+    if(!exists) return socket.emit('not_exists_dir', '目录不存在或当前不可访问')
    try {
      let res = await sftpClient.rmdir(path, true) // 递归删除
      socket.emit('rm_success', res)
@ -49,7 +59,7 @@ function listenInput(sftpClient, socket) {
  })
  socket.on('rm_file', async (path) => {
    const exists = await sftpClient.exists(path)
-    if (!exists) return socket.emit('not_exists_dir', '文件不存在或当前不可访问')
+    if(!exists) return socket.emit('not_exists_dir', '文件不存在或当前不可访问')
    try {
      let res = await sftpClient.delete(path)
      socket.emit('rm_success', res)
@ -60,34 +70,32 @@ function listenInput(sftpClient, socket) {
  })
  // socket.on('down_dir', async (path) => {
  //   const exists = await sftpClient.exists(path)
-  //   if(!exists) return socket.emit('not_exists_dir', '目录不存在或当前不可访问')
+  //   if(!exists) return socket.emit('not_exists_dir', '文件夹不存在或当前不可访问')
  //   let res = await sftpClient.downloadDir(path, sftpCacheDir)
  //   socket.emit('down_dir_success', res)
  // })
-
-  // 下载
  socket.on('down_file', async ({ path, name, size, target = 'down' }) => {
    // target: down or preview
    const exists = await sftpClient.exists(path)
-    if (!exists) return socket.emit('not_exists_dir', '文件不存在或当前不可访问')
+    if(!exists) return socket.emit('not_exists_dir', '文件不存在或当前不可访问')
    try {
      const localPath = rawPath.join(sftpCacheDir, name)
      let timer = null
      let res = await sftpClient.fastGet(path, localPath, {
        step: step => {
-          if (timer) return
+          if(timer) return
          timer = setTimeout(() => {
            const percent = Math.ceil((step / size) * 100) // 下载进度为服务器下载到服务端的进度，前端无需*2
            console.log(`从服务器下载进度：${ percent }%`)
            socket.emit('down_file_progress', percent)
            timer = null
-          }, 1500)
+          }, 200)
        }
      })
      consola.success('sftp下载成功: ', res)
      let buffer = fs.readFileSync(localPath)
      let data = { buffer, name }
-      switch (target) {
+      switch(target) {
        case 'down':
          socket.emit('down_file_success', data)
          break
@ -101,12 +109,10 @@ function listenInput(sftpClient, socket) {
      socket.emit('sftp_error', error.message)
    }
  })
-
-  // 上传
  socket.on('up_file', async ({ targetPath, fullPath, name, file }) => {
-    // console.log({ targetPath, fullPath, name, file })
+    console.log({ targetPath, fullPath, name, file })
    const exists = await sftpClient.exists(targetPath)
-    if (!exists) return socket.emit('not_exists_dir', '目录不存在或当前不可访问')
+    if(!exists) return socket.emit('not_exists_dir', '文件夹不存在或当前不可访问')
    try {
      const localPath = rawPath.join(sftpCacheDir, name)
      fs.writeFileSync(localPath, file)
@ -119,60 +125,43 @@ function listenInput(sftpClient, socket) {
    }
  })

-  // 上传目录先在目标sftp服务器创建目录
-  socket.on('create_remote_dir', async ({ targetDirPath, foldersName }) => {
-    let baseFolderPath = rawPath.posix.join(targetDirPath, foldersName[0].split('/')[0])
-    let baseFolderPathExists = await sftpClient.exists(baseFolderPath)
-    if (baseFolderPathExists) return socket.emit('create_remote_dir_exists', `远程目录已存在: ${ baseFolderPath }`)
-    consola.info('准备创建远程服务器目录:', foldersName)
-    for (const folderName of foldersName) {
-      const fullPath = rawPath.posix.join(targetDirPath, folderName)
-      const exists = await sftpClient.exists(fullPath)
-      if (exists) continue
-      await sftpClient.mkdir(fullPath, true)
-      socket.emit('create_remote_dir_progress', fullPath)
-      consola.info('创建目录:', fullPath)
-    }
-    socket.emit('create_remote_dir_success')
-  })
-
  /** 分片上传 */
-  // 1. 创建本地缓存目录
+  // 1. 创建本地缓存文件夹
  let md5List = []
-  socket.on('create_cache_dir', async ({ targetDirPath, name }) => {
-    // console.log({ targetDirPath, name })
-    const exists = await sftpClient.exists(targetDirPath)
-    if (!exists) return socket.emit('not_exists_dir', '目录不存在或当前不可访问')
+  socket.on('create_cache_dir', async ({ targetPath, name }) => {
+    // console.log({ targetPath, name })
+    const exists = await sftpClient.exists(targetPath)
+    if(!exists) return socket.emit('not_exists_dir', '文件夹不存在或当前不可访问')
    md5List = []
    const localPath = rawPath.join(sftpCacheDir, name)
-    fs.emptyDirSync(localPath) // 不存在会创建，存在则清空
+    if(fs.existsSync(localPath)) clearDir(localPath) // 清空目录
+    fs.mkdirSync(localPath, { recursive: true })
+    console.log('================create_cache_success================')
    socket.emit('create_cache_success')
  })
-  // 2. 上传分片到面板服务
  socket.on('up_file_slice', async ({ name, sliceFile, fileIndex }) => {
    // console.log('up_file_slice:', fileIndex, name)
    try {
      let md5 = `${ fileIndex }.${ CryptoJS.MD5(fileIndex+name).toString() }`
-      const md5LocalPath = rawPath.join(sftpCacheDir, name, md5)
-      md5List.push(md5LocalPath)
-      fs.writeFileSync(md5LocalPath, sliceFile)
+      const localPath = rawPath.join(sftpCacheDir, name, md5)
+      md5List.push(localPath)
+      fs.writeFileSync(localPath, sliceFile)
      socket.emit('up_file_slice_success', md5)
    } catch (error) {
      consola.error('up_file_slice Error', error.message)
      socket.emit('up_file_slice_fail', error.message)
    }
  })
-  // 3. 合并分片上传到服务器
-  socket.on('up_file_slice_over', async ({ name, targetFilePath, range, size }) => {
-    const md5CacheDirPath = rawPath.join(sftpCacheDir, name)
+  socket.on('up_file_slice_over', async ({ name, fullPath, range, size }) => {
+    const resultDirPath = rawPath.join(sftpCacheDir, name)
    const resultFilePath = rawPath.join(sftpCacheDir, name, name)
-    fs.ensureDirSync(md5CacheDirPath)
    try {
 	    console.log('md5List: ', md5List)
 	    const arr = md5List.map((chunkFilePath, index) => {
 	      return pipeStream(
 	        chunkFilePath,
-	        fs.createWriteStream(resultFilePath, { // 指定位置创建可写流
+	        // 指定位置创建可写流
+	        fs.createWriteStream(resultFilePath, {
 	          start: index * range,
 	          end: (index + 1) * range
 	        })
@ -181,9 +170,9 @@ function listenInput(sftpClient, socket) {
 	    md5List = []
 	    await Promise.all(arr)
 	    let timer = null
-	    let res = await sftpClient.fastPut(resultFilePath, targetFilePath, {
+	    let res = await sftpClient.fastPut(resultFilePath, fullPath, {
 	      step: step => {
-	        if (timer) return
+	        if(timer) return
 	        timer = setTimeout(() => {
 	          const percent = Math.ceil((step / size) * 100)
 	          console.log(`上传服务器进度：${ percent }%`)
@ -194,14 +183,11 @@ function listenInput(sftpClient, socket) {
 	    })
 	    consola.success('sftp上传成功: ', res)
 	    socket.emit('up_file_success', res)
+	    clearDir(resultDirPath, true) // 传服务器后移除文件夹及其文件
    } catch (error) {
 	    consola.error('sftp上传失败: ', error.message)
      socket.emit('up_file_fail', error.message)
-    } finally {
-      fs.remove(md5CacheDirPath)
-        .then(() => {
-          console.log('clean md5CacheDirPath:', md5CacheDirPath)
-        })
+	    clearDir(resultDirPath, true) // 传服务器后移除文件夹及其文件
    }
  })
 }
@ -215,52 +201,34 @@ module.exports = (httpServer) => {
  })
  serverIo.on('connection', (socket) => {
    // 前者兼容nginx反代, 后者兼容nodejs自身服务
-    let requestIP = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
-    if (!isAllowedIp(requestIP)) {
-      socket.emit('ip_forbidden', 'IP地址不在白名单中')
-      socket.disconnect()
-      return
-    }
+    let clientIp = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
    let sftpClient = new SFTPClient()
    consola.success('terminal websocket 已连接')

-    socket.on('create', async ({ hostId, token }) => {
-      const { code } = await verifyAuthSync(token, requestIP)
-      consola.log('code:', code)
-      if (code !== 1) {
+    socket.on('create', ({ host: ip, token }) => {
+      const { code } = verifyAuth(token, clientIp)
+      if(code !== 1) {
        socket.emit('token_verify_fail')
        socket.disconnect()
        return
      }
-      const targetHostInfo = await hostListDB.findOneAsync({ _id: hostId })
-      if (!targetHostInfo) throw new Error(`Host with ID ${ hostId } not found`)
-      let { authType, host, port, username } = targetHostInfo
-      if (!host) return socket.emit('create_fail', `查找id【${ hostId }】凭证信息失败`)
-      let authInfo = { host, port, username }
-
-      // 解密放到try里面，防止报错【commonKey必须配对, 否则需要重新添加服务器密钥】
-      if (authType === 'credential') {
-        let credentialId = await AESDecryptAsync(targetHostInfo[authType])
-        const sshRecordList = await credentialsDB.findAsync({})
-        const sshRecord = sshRecordList.find(item => item._id === credentialId)
-        authInfo.authType = sshRecord.authType
-        authInfo[authInfo.authType] = await AESDecryptAsync(sshRecord[authInfo.authType])
-      } else {
-        authInfo[authType] = await AESDecryptAsync(targetHostInfo[authType])
-      }
-      consola.info('准备连接Sftp面板：', host)
-      targetHostInfo[targetHostInfo.authType] = await AESDecryptAsync(targetHostInfo[targetHostInfo.authType])
-
-      consola.log('连接信息', { username, port, authType })
-      sftpClient
-        .connect(authInfo)
+      const sshRecord = readSSHRecord()
+      let loginInfo = sshRecord.find(item => item.host === ip)
+      if(!sshRecord.some(item => item.host === ip)) return socket.emit('create_fail', `未找到【${ ip }】凭证`)
+      let { type, host, port, username, randomKey } = loginInfo
+      // 解密放到try里面，防止报错【公私钥必须配对, 否则需要重新添加服务器密钥】
+      randomKey = AESDecrypt(randomKey) // 先对称解密key
+      randomKey = RSADecrypt(randomKey) // 再非对称解密key
+      loginInfo[type] = AESDecrypt(loginInfo[type], randomKey) // 对称解密ssh密钥
+      consola.info('准备连接Sftp：', host)
+      const authInfo = { host, port, username, [type]: loginInfo[type] }
+      sftpClient.connect(authInfo)
        .then(() => {
          consola.success('连接Sftp成功：', host)
-          fs.ensureDirSync(sftpCacheDir)
          return sftpClient.list('/')
        })
        .then((rootLs) => {
-          // 普通文件-、目录文件d、链接文件l
+        // 普通文件-、目录文件d、链接文件l
          socket.emit('root_ls', rootLs) // 先返回根目录
          listenInput(sftpClient, socket) // 监听前端请求
        })
@ -280,10 +248,8 @@ module.exports = (httpServer) => {
        })
        .finally(() => {
          sftpClient = null
-          fs.emptyDir(sftpCacheDir)
-            .then(() => {
-              consola.success('clean sftpCacheDir: ', sftpCacheDir)
-            })
+          const cacheDir = rawPath.join(sftpCacheDir)
+          clearDir(cacheDir)
        })
    })
  })
--- a/server/app/socket/terminal.js
+++ b/server/app/socket/terminal.js
@ -1,105 +1,31 @@
-const path = require('path')
 const { Server } = require('socket.io')
 const { Client: SSHClient } = require('ssh2')
-const { verifyAuthSync } = require('../utils/verify-auth')
-const { sendNoticeAsync } = require('../utils/notify')
-const { isAllowedIp, ping } = require('../utils/tools')
-const { AESDecryptAsync } = require('../utils/encrypt')
-const { HostListDB, CredentialsDB } = require('../utils/db-class')
-const decryptAndExecuteAsync = require('../utils/decrypt-file')
-const hostListDB = new HostListDB().getInstance()
-const credentialsDB = new CredentialsDB().getInstance()
+const { readSSHRecord, verifyAuth, RSADecrypt, AESDecrypt } = require('../utils')

-async function getConnectionOptions(hostId) {
-  const hostInfo = await hostListDB.findOneAsync({ _id: hostId })
-  if (!hostInfo) throw new Error(`Host with ID ${ hostId } not found`)
-  let { authType, host, port, username, name } = hostInfo
-  let authInfo = { host, port, username }
-  try {
-    if (authType === 'credential') {
-      let credentialId = await AESDecryptAsync(hostInfo[authType])
-      const sshRecord = await credentialsDB.findOneAsync({ _id: credentialId })
-      authInfo.authType = sshRecord.authType
-      authInfo[authInfo.authType] = await AESDecryptAsync(sshRecord[authInfo.authType])
-    } else {
-      authInfo[authType] = await AESDecryptAsync(hostInfo[authType])
-    }
-    return { authInfo, name }
-  } catch (err) {
-    throw new Error(`解密认证信息失败: ${ err.message }`)
-  }
-}
-
-function createInteractiveShell(socket, targetSSHClient) {
-  return new Promise((resolve) => {
-    targetSSHClient.shell({ term: 'xterm-color' }, (err, stream) => {
-      resolve(stream)
-      if (err) return socket.emit('output', err.toString())
-      stream
-        .on('data', (data) => {
-          socket.emit('output', data.toString())
-        })
-        .on('close', () => {
-          consola.info('交互终端已关闭')
-          targetSSHClient.end()
-        })
-      socket.emit('connect_shell_success') // 已连接终端，web端可以执行指令了
+function createTerminal(socket, sshClient) {
+  sshClient.shell({ term: 'xterm-color' }, (err, stream) => {
+    if (err) return socket.emit('output', err.toString())
+    // 终端输出
+    stream
+      .on('data', (data) => {
+        socket.emit('output', data.toString())
+      })
+      .on('close', () => {
+        consola.info('关闭终端')
+        sshClient.end()
+      })
+    // web端输入
+    socket.on('input', key => {
+      if(sshClient._sock.writable === false) return consola.info('终端连接已关闭')
+      stream.write(key)
    })
-  })
-}
+    socket.emit('connect_terminal') // 已连接终端，web端可以执行指令了

-async function createTerminal(hostId, socket, targetSSHClient) {
-  return new Promise(async (resolve) => {
-    const targetHostInfo = await hostListDB.findOneAsync({ _id: hostId })
-    if (!targetHostInfo) return socket.emit('create_fail', `查找hostId【${ hostId }】凭证信息失败`)
-    let { connectByJumpHosts = null } = (await decryptAndExecuteAsync(path.join(__dirname, 'plus.js'))) || {}
-    let { authType, host, port, username, name, jumpHosts } = targetHostInfo
-    try {
-      let { authInfo: targetConnectionOptions } = await getConnectionOptions(hostId)
-      let jumpHostResult = connectByJumpHosts && (await connectByJumpHosts(jumpHosts, targetConnectionOptions.host, targetConnectionOptions.port, socket))
-      if (jumpHostResult) {
-        targetConnectionOptions.sock = jumpHostResult.sock
-      }
-
-      socket.emit('terminal_print_info', `准备连接目标终端: ${ name } - ${ host }`)
-      socket.emit('terminal_print_info', `连接信息: ssh ${ username }@${ host } -p ${ port }  ->  ${ authType }`)
-
-      consola.info('准备连接目标终端：', host)
-      consola.log('连接信息', { username, port, authType })
-      let closeNoticeFlag = false // 避免重复发送通知
-      targetSSHClient
-        .on('ready', async () => {
-          sendNoticeAsync('host_login', '终端登录', `别名: ${ name } \n IP：${ host } \n 端口：${ port } \n 状态: 登录成功`)
-          socket.emit('terminal_print_info', `终端连接成功: ${ name } - ${ host }`)
-          consola.success('终端连接成功：', host)
-          socket.emit('connect_terminal_success', `终端连接成功：${ host }`)
-          let stream = await createInteractiveShell(socket, targetSSHClient)
-          resolve(stream)
-        })
-        .on('close', (err) => {
-          if (closeNoticeFlag) return closeNoticeFlag = false
-          const closeReason = err ? '发生错误导致连接断开' : '正常断开连接'
-          consola.info(`终端连接断开(${ closeReason }): ${ host }`)
-          socket.emit('connect_close', { reason: closeReason })
-        })
-        .on('error', (err) => {
-          closeNoticeFlag = true
-          sendNoticeAsync('host_login', '终端登录', `别名: ${ name } \n IP：${ host } \n 端口：${ port } \n 状态: 登录失败`)
-          consola.error('连接终端失败:', host, err.message)
-          socket.emit('connect_terminal_fail', err.message)
-        })
-        .on('keyboard-interactive', function (name, instructions, instructionsLang, prompts, finish) {
-          finish([targetConnectionOptions[authType]])
-        })
-        .connect({
-          tryKeyboard: true,
-          ...targetConnectionOptions
-          // debug: (info) => console.log(info)
-        })
-    } catch (err) {
-      consola.error('创建终端失败: ', host, err.message)
-      socket.emit('create_terminal_fail', err.message)
-    }
+    // 监听按键重置终端大小
+    socket.on('resize', ({ rows, cols }) => {
+      consola.info('更改tty终端行&列: ', { rows, cols })
+      stream.setWindow(rows, cols)
+    })
  })
 }

@ -107,57 +33,55 @@ module.exports = (httpServer) => {
  const serverIo = new Server(httpServer, {
    path: '/terminal',
    cors: {
-      origin: '*'
+      origin: '*' // 'http://localhost:8080'
    }
  })
-
-  let connectionCount = 0
-
  serverIo.on('connection', (socket) => {
-    connectionCount++
-    consola.success(`terminal websocket 已连接 - 当前连接数: ${ connectionCount }`)
-    let requestIP = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
-    if (!isAllowedIp(requestIP)) {
-      socket.emit('ip_forbidden', 'IP地址不在白名单中')
-      socket.disconnect()
-      return
-    }
+    // 前者兼容nginx反代, 后者兼容nodejs自身服务
+    let clientIp = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
+    let sshClient = new SSHClient()
    consola.success('terminal websocket 已连接')
-    let targetSSHClient = null
-    socket.on('create', async ({ hostId, token }) => {
-      const { code } = await verifyAuthSync(token, requestIP)
-      if (code !== 1) {
+
+    socket.on('create', ({ host: ip, token }) => {
+      const { code } = verifyAuth(token, clientIp)
+      if(code !== 1) {
        socket.emit('token_verify_fail')
        socket.disconnect()
        return
      }
-      targetSSHClient = new SSHClient()
-      let stream = null
-      function listenerInput(key) {
-        if (targetSSHClient._sock.writable === false) return consola.info('终端连接已关闭,禁止输入')
-        stream && stream.write(key)
-      }
-      function resizeShell({ rows, cols }) {
-        stream && stream.setWindow(rows, cols)
-      }
-      socket.on('input', listenerInput)
-      socket.on('resize', resizeShell)
-      stream = await createTerminal(hostId, socket, targetSSHClient)
-    })
-
-    socket.on('get_ping', async (ip) => {
+      const sshRecord = readSSHRecord()
+      let loginInfo = sshRecord.find(item => item.host === ip)
+      if(!sshRecord.some(item => item.host === ip)) return socket.emit('create_fail', `未找到【${ ip }】凭证`)
+      let { type, host, port, username, randomKey } = loginInfo
      try {
-        socket.emit('ping_data', await ping(ip, 2500))
-      } catch (error) {
-        socket.emit('ping_data', { success: false, msg: error.message })
+        // 解密放到try里面，防止报错【公私钥必须配对, 否则需要重新添加服务器密钥】
+        randomKey = AESDecrypt(randomKey) // 先对称解密key
+        randomKey = RSADecrypt(randomKey) // 再非对称解密key
+        loginInfo[type] = AESDecrypt(loginInfo[type], randomKey) // 对称解密ssh密钥
+        consola.info('准备连接终端：', host)
+        const authInfo = { host, port, username, [type]: loginInfo[type] }
+        sshClient
+          .on('ready', () => {
+            consola.success('已连接到终端：', host)
+            socket.emit('connect_success', `已连接到终端：${ host }`)
+            createTerminal(socket, sshClient)
+          })
+          .on('error', (err) => {
+            consola.error('连接终端失败:', err.level)
+            socket.emit('connect_fail', err.message)
+          })
+          .connect(authInfo)
+      } catch (err) {
+        consola.error('创建终端失败:', err.message)
+        socket.emit('create_fail', err.message)
      }
    })

    socket.on('disconnect', (reason) => {
-      connectionCount--
-      consola.info(`终端socket连接断开: ${ reason } - 当前连接数: ${ connectionCount }`)
+      consola.info('终端连接断开:', reason)
+      sshClient.end()
+      sshClient.destroy()
+      sshClient = null
    })
  })
 }
-
-module.exports.getConnectionOptions = getConnectionOptions
--- a/server/app/static/assets/bg.4d05532a.jpg
+++ b/server/app/static/assets/bg.4d05532a.jpg
--- a/server/app/static/assets/delete.41fc4989.png
+++ b/server/app/static/assets/delete.41fc4989.png
--- a/server/app/static/assets/index.be6b9da9.js
+++ b/server/app/static/assets/index.be6b9da9.js
--- a/server/app/static/assets/index.be6b9da9.js.gz
+++ b/server/app/static/assets/index.be6b9da9.js.gz
--- a/server/app/static/assets/index.de24ebdf.css
+++ b/server/app/static/assets/index.de24ebdf.css
--- a/server/app/static/assets/index.de24ebdf.css.gz
+++ b/server/app/static/assets/index.de24ebdf.css.gz
--- a/server/app/static/assets/link.86235911.png
+++ b/server/app/static/assets/link.86235911.png
--- a/server/app/static/assets/refresh.edd046ad.png
+++ b/server/app/static/assets/refresh.edd046ad.png
--- a/server/app/static/favicon.ico
+++ b/server/app/static/favicon.ico
--- a/server/app/static/index.html
+++ b/server/app/static/index.html
@ -0,0 +1 @@
+<html lang="zh"> <head> <meta charset="UTF-8" /> <link rel="icon" href="/favicon.ico" /> <meta name="viewport" content="width=device-width, initial-scale=0,user-scalable=yes"> <title>EasyNode</title> <script src="//at.alicdn.com/t/c/font_3309550_flid0kihu36.js"></script> <script type="module" crossorigin src="/assets/index.be6b9da9.js"></script> <link rel="stylesheet" href="/assets/index.de24ebdf.css"> </head> <body> <div id="app"></div> <script> var _hmt = _hmt || []; (function() { var hm = document.createElement("script"); hm.src = "https://hm.baidu.com/hm.js?9cd0d4e4da3a7f1d4f6e4aaaa0ce8f25"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(hm, s); })(); </script> </body> </html>
--- a/server/app/static/upload/.gitkeep
+++ b/server/app/static/upload/.gitkeep
--- a/server/app/storage/README.md
+++ b/server/app/storage/README.md
@ -0,0 +1,38 @@
+# host-list.json
+
+> 存储服务器基本信息
+
+# key.json
+
+> 用于加密的密钥相关
+
+# ssh-record.json
+
+> ssh密钥记录(加密存储)
+
+# email.json
+
+> 邮件配置
+
+- port: 587 --> secure: false
+```json
+// Gmail调试不通过, 暂缓
+{
+  "name": "Google邮箱",
+  "target": "google",
+  "host": "smtp.gmail.com",
+  "port": 465,
+  "secure": true,
+  "tls": {
+    "rejectUnauthorized": false
+  }
+}
+```
+
+# notify.json
+
+> 通知配置
+
+# group.json
+
+> 服务器分组配置
--- a/server/app/storage/email.json
+++ b/server/app/storage/email.json
@ -0,0 +1,36 @@
+{
+  "support": [
+    {
+      "name": "QQ邮箱",
+      "target": "qq",
+      "host": "smtp.qq.com",
+      "port": 465,
+      "secure": true,
+      "tls": {
+        "rejectUnauthorized": false
+      }
+    },
+    {
+      "name": "网易126",
+      "target": "wangyi126",
+      "host": "smtp.126.com",
+      "port": 465,
+      "secure": true,
+      "tls": {
+        "rejectUnauthorized": false
+      }
+    },
+    {
+      "name": "网易163",
+      "target": "wangyi163",
+      "host": "smtp.163.com",
+      "port": 465,
+      "secure": true,
+      "tls": {
+        "rejectUnauthorized": false
+      }
+    }
+  ],
+  "user": [
+  ]
+}
--- a/server/app/storage/group.json
+++ b/server/app/storage/group.json
@ -0,0 +1,7 @@
+[
+  {
+    "id": "default",
+    "name": "默认分组",
+    "index": 0
+  }
+]
--- a/server/app/storage/host-list.json
+++ b/server/app/storage/host-list.json
@ -0,0 +1 @@
+[]
--- a/server/app/storage/key.json
+++ b/server/app/storage/key.json
@ -0,0 +1,6 @@
+{
+  "pwd": "admin",
+  "commonKey": "",
+  "publicKey": "",
+  "privateKey": ""
+}
--- a/server/app/storage/notify.json
+++ b/server/app/storage/notify.json
@ -0,0 +1,22 @@
+[
+  {
+    "type": "login",
+    "desc": "登录面板提醒",
+    "sw": true
+  },
+  {
+    "type": "err_login",
+    "desc": "登录错误提醒(连续5次)",
+    "sw": true
+  },
+  {
+    "type": "updatePwd",
+    "desc": "修改密码提醒",
+    "sw": true
+  },
+  {
+    "type": "host_offline",
+    "desc": "客户端离线提醒(每小时最多发送一次提醒)",
+    "sw": true
+  }
+]
--- a/server/app/storage/ssh-record.json
+++ b/server/app/storage/ssh-record.json
@ -0,0 +1 @@
+[]
--- a/server/app/template/commonTemp.js
+++ b/server/app/template/commonTemp.js
@ -1,40 +1,26 @@
 module.exports = (content) => {
-  return `<!DOCTYPE html>
-    <html>
-    <head>
-        <style>
-            body {
-                font-family: Arial, sans-serif;
-                margin: 15px 5px;
-                color: #333;
-                background-color: #f4f4f4;
-                line-height: 1.6;
-            }
-            .container {
-                background-color: #fff;
-                padding: 20px;
-                border-radius: 8px;
-                box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
-            }
-            h1 {
-                color: #4CAF50;
-            }
-            p {
-                margin: 12px 0;
-            }
-            .footer {
-                text-align: center;
-                font-size: 0.9em;
-                color: #777;
-            }
-        </style>
-    </head>
-    <body>
-        <div class="container">
-            <p>${ content }</p>
-            <p class="footer">通知发送时间: ${ new Date() }</p>
-        </div>
-    </body>
-    </html>
+  return `<!DOCTYPE html
+  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+</head>
+
+<body style="margin: 0; padding: 0;text-align: center;">
+  <table border="0" cellpadding="0" cellspacing="0" width="100%">
+    <tr>
+      <td>
+        <h3 style="font-size: 18px;color: #5992D3;padding:0 0 0 10px;">
+          ${ content }
+        </h3>
+      </td>
+    </tr>
+  </table>
+</body>
+
+</html>
  `
 }
--- a/server/app/template/ipForbidden.html
+++ b/server/app/template/ipForbidden.html
@ -1,43 +0,0 @@
-<!DOCTYPE html>
-<html lang="zh-CN">
-
-<head>
-  <meta charset="UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1.0">
-  <title>403 禁止访问</title>
-  <link rel="icon" href="data:;base64,=">
-  <style>
-    body {
-      font-family: Arial, sans-serif;
-      background-color: #f4f4f4;
-      display: flex;
-      justify-content: center;
-      align-items: center;
-      height: 100vh;
-      margin: 0;
-    }
-
-    .container {
-      text-align: center;
-      padding: 20px;
-      border-radius: 8px;
-    }
-
-    h1 {
-      color: #d9534f;
-    }
-
-    p {
-      color: #333;
-    }
-  </style>
-</head>
-
-<body>
-  <div class="container">
-    <h1>403 禁止访问</h1>
-    <p>抱歉，您没有权限访问此页面。</p>
-  </div>
-</body>
-
-</html>
--- a/server/app/utils/db-class.js
+++ b/server/app/utils/db-class.js
@ -1,132 +0,0 @@
-const Datastore = require('@seald-io/nedb')
-const {
-  credentialsDBPath,
-  hostListDBPath,
-  keyDBPath,
-  notifyDBPath,
-  notifyConfigDBPath,
-  groupConfDBPath,
-  scriptsDBPath,
-  onekeyDBPath,
-  logDBPath,
-  plusDBPath
-} = require('../config')
-
-module.exports.KeyDB = class KeyDB {
-  constructor() {
-    if (!KeyDB.instance) {
-      KeyDB.instance = new Datastore({ filename: keyDBPath, autoload: true })
-      // KeyDB.instance.setAutocompactionInterval(5000)
-    }
-  }
-  getInstance() {
-    return KeyDB.instance
-  }
-}
-
-module.exports.HostListDB = class HostListDB {
-  constructor() {
-    if (!HostListDB.instance) {
-      HostListDB.instance = new Datastore({ filename: hostListDBPath, autoload: true })
-      // HostListDB.instance.setAutocompactionInterval(5000)
-    }
-  }
-  getInstance() {
-    return HostListDB.instance
-  }
-}
-
-module.exports.CredentialsDB = class CredentialsDB {
-  constructor() {
-    if (!CredentialsDB.instance) {
-      CredentialsDB.instance = new Datastore({ filename: credentialsDBPath, autoload: true })
-      // CredentialsDB.instance.setAutocompactionInterval(5000)
-    }
-  }
-  getInstance() {
-    return CredentialsDB.instance
-  }
-}
-
-module.exports.NotifyDB = class NotifyDB {
-  constructor() {
-    if (!NotifyDB.instance) {
-      NotifyDB.instance = new Datastore({ filename: notifyDBPath, autoload: true })
-      // NotifyDB.instance.setAutocompactionInterval(5000)
-    }
-  }
-  getInstance() {
-    return NotifyDB.instance
-  }
-}
-
-module.exports.NotifyConfigDB = class NotifyConfigDB {
-  constructor() {
-    if (!NotifyConfigDB.instance) {
-      NotifyConfigDB.instance = new Datastore({ filename: notifyConfigDBPath, autoload: true })
-      // NotifyConfigDB.instance.setAutocompactionInterval(5000)
-    }
-  }
-  getInstance() {
-    return NotifyConfigDB.instance
-  }
-}
-
-module.exports.GroupDB = class GroupDB {
-  constructor() {
-    if (!GroupDB.instance) {
-      GroupDB.instance = new Datastore({ filename: groupConfDBPath, autoload: true })
-      // GroupDB.instance.setAutocompactionInterval(5000)
-    }
-  }
-  getInstance() {
-    return GroupDB.instance
-  }
-}
-
-module.exports.ScriptsDB = class ScriptsDB {
-  constructor() {
-    if (!ScriptsDB.instance) {
-      ScriptsDB.instance = new Datastore({ filename: scriptsDBPath, autoload: true })
-      // ScriptsDB.instance.setAutocompactionInterval(5000)
-    }
-  }
-  getInstance() {
-    return ScriptsDB.instance
-  }
-}
-
-module.exports.OnekeyDB = class OnekeyDB {
-  constructor() {
-    if (!OnekeyDB.instance) {
-      OnekeyDB.instance = new Datastore({ filename: onekeyDBPath, autoload: true })
-      // OnekeyDB.instance.setAutocompactionInterval(5000)
-    }
-  }
-  getInstance() {
-    return OnekeyDB.instance
-  }
-}
-
-module.exports.LogDB = class LogDB {
-  constructor() {
-    if (!LogDB.instance) {
-      LogDB.instance = new Datastore({ filename: logDBPath, autoload: true })
-      // LogDB.instance.setAutocompactionInterval(5000)
-    }
-  }
-  getInstance() {
-    return LogDB.instance
-  }
-}
-
-module.exports.PlusDB = class PlusDB {
-  constructor() {
-    if (!PlusDB.instance) {
-      PlusDB.instance = new Datastore({ filename: plusDBPath, autoload: true })
-    }
-  }
-  getInstance() {
-    return PlusDB.instance
-  }
-}
--- a/server/app/utils/decrypt-file.js
+++ b/server/app/utils/decrypt-file.js
@ -1,53 +0,0 @@
-const fs = require('fs-extra')
-const path = require('path')
-const CryptoJS = require('crypto-js')
-const { AESDecryptAsync } = require('./encrypt')
-const { PlusDB } = require('./db-class')
-const plusDB = new PlusDB().getInstance()
-
-function decryptAndExecuteAsync(plusPath) {
-  return new Promise(async (resolve) => {
-    try {
-      let { decryptKey } = await plusDB.findOneAsync({})
-      if (!decryptKey) {
-        throw new Error('缺少解密密钥')
-      }
-      decryptKey = await AESDecryptAsync(decryptKey)
-      const encryptedContent = fs.readFileSync(plusPath, 'utf-8')
-      const bytes = CryptoJS.AES.decrypt(encryptedContent, decryptKey)
-      const decryptedContent = bytes.toString(CryptoJS.enc.Utf8)
-      if (!decryptedContent) {
-        throw new Error('解密失败,请检查密钥是否正确')
-      }
-      const customRequire = (modulePath) => {
-        if (modulePath.startsWith('.')) {
-          const absolutePath = path.resolve(path.dirname(plusPath), modulePath)
-          return require(absolutePath)
-        }
-        return require(modulePath)
-      }
-      const module = {
-        exports: {},
-        require: customRequire,
-        __filename: plusPath,
-        __dirname: path.dirname(plusPath)
-      }
-      const wrapper = Function('module', 'exports', 'require', '__filename', '__dirname',
-        decryptedContent + '\n return module.exports;'
-      )
-      const exports = wrapper(
-        module,
-        module.exports,
-        customRequire,
-        module.__filename,
-        module.__dirname
-      )
-      resolve(exports)
-    } catch (error) {
-      consola.info('解锁plus功能失败: ', error.message)
-      resolve(null)
-    }
-  })
-}
-
-module.exports = decryptAndExecuteAsync
--- a/server/app/utils/email.js
+++ b/server/app/utils/email.js
@ -0,0 +1,60 @@
+const nodemailer = require('nodemailer')
+const { readSupportEmailList, readUserEmailList } = require('./storage')
+const commonTemp = require('../template/commonTemp')
+
+const emailCode = {
+  SUCCESS: 0,
+  FAIL: -1
+}
+
+const emailTransporter = async (params = {}) => {
+  let { toEmail, title, html } = params
+  try {
+    if(!toEmail) throw Error('missing params: toEmail')
+    let userEmail = readUserEmailList().find(({ auth }) => auth.user === toEmail)
+    if(!userEmail) throw Error(`${ toEmail } 不存在已保存的配置文件中, 请移除后重新添加`)
+    let { target } = userEmail
+    let emailServerConf = readSupportEmailList().find((item) => item.target === target)
+    if(!emailServerConf) throw Error(`邮箱类型不支持：${ target }`)
+    const timeout = 1000*6
+    let options = Object.assign({}, userEmail, emailServerConf, { greetingTimeout: timeout, connectionTimeout: timeout })
+    let transporter = nodemailer.createTransport(options)
+    let info = await transporter.sendMail({
+      from: userEmail.auth.user, // sender address
+      to: userEmail.auth.user, // list of receivers
+      subject: `EasyNode: ${ title }`,
+      html
+    })
+    // consola.success('email发送成功：', info.accepted)
+    return { code: emailCode.SUCCESS, msg: `send successful：${ info.accepted }` }
+  } catch(error) {
+    // consola.error(`email发送失败(${ toEmail })：`, error.message || error)
+    return { code: emailCode.FAIL, msg: error }
+  }
+}
+
+const sendEmailToConfList = (title, content) => {
+  // eslint-disable-next-line
+  return new Promise(async (res, rej) => {
+    let emailList = readUserEmailList()
+    if(Array.isArray(emailList) && emailList.length >= 1) {
+      for (const item of emailList) {
+        const toEmail = item.auth.user
+        await emailTransporter({ toEmail, title, html: commonTemp(content) })
+          .then(({ code }) => {
+            if(code === 0) {
+              consola.success('已发送邮件通知: ', toEmail, title)
+              return res({ code: emailCode.SUCCESS })
+            }
+            consola.error('邮件通知发送失败: ', toEmail, title)
+            return rej({ code: emailCode.FAIL })
+          })
+      }
+    }
+  })
+}
+
+module.exports = {
+  emailTransporter,
+  sendEmailToConfList
+}
--- a/server/app/utils/encrypt.js
+++ b/server/app/utils/encrypt.js
@ -1,32 +1,31 @@
 const CryptoJS = require('crypto-js')
 const rawCrypto = require('crypto')
 const NodeRSA = require('node-rsa')
-const { KeyDB } = require('./db-class')
-const keyDB = new KeyDB().getInstance()
+const { readKey } = require('./storage.js')

 // rsa非对称 私钥解密
-const RSADecryptAsync = async (ciphertext) => {
-  if (!ciphertext) return
-  let { privateKey } = await keyDB.findOneAsync({})
-  privateKey = await AESDecryptAsync(privateKey) // 先解密私钥
+const RSADecrypt = (ciphertext) => {
+  if(!ciphertext) return
+  let { privateKey } = readKey()
+  privateKey = AESDecrypt(privateKey) // 先解密私钥
  const rsakey = new NodeRSA(privateKey)
-  rsakey.setOptions({ encryptionScheme: 'pkcs1', environment: 'browser' }) // Must Set It When Frontend Use jsencrypt
+  rsakey.setOptions({ encryptionScheme: 'pkcs1' }) // Must Set It When Frontend Use jsencrypt
  const plaintext = rsakey.decrypt(ciphertext, 'utf8')
  return plaintext
 }

 // aes对称 加密(default commonKey)
-const AESEncryptAsync = async (text, key) => {
-  if (!text) return
-  let { commonKey } = await keyDB.findOneAsync({})
+const AESEncrypt = (text, key) => {
+  if(!text) return
+  let { commonKey } = readKey()
  let ciphertext = CryptoJS.AES.encrypt(text, key || commonKey).toString()
  return ciphertext
 }

 // aes对称 解密(default commonKey)
-const AESDecryptAsync = async (ciphertext, key) => {
-  if (!ciphertext) return
-  let { commonKey } = await keyDB.findOneAsync({})
+const AESDecrypt = (ciphertext, key) => {
+  if(!ciphertext) return
+  let { commonKey } = readKey()
  let bytes = CryptoJS.AES.decrypt(ciphertext, key || commonKey)
  let originalText = bytes.toString(CryptoJS.enc.Utf8)
  return originalText
@ -38,8 +37,8 @@ const SHA1Encrypt = (clearText) => {
 }

 module.exports = {
-  RSADecryptAsync,
-  AESEncryptAsync,
-  AESDecryptAsync,
+  RSADecrypt,
+  AESEncrypt,
+  AESDecrypt,
  SHA1Encrypt
 }
--- a/server/app/utils/get-plus.js
+++ b/server/app/utils/get-plus.js
@ -1,93 +0,0 @@
-const { getLocalNetIP } = require('./tools')
-const { AESEncryptAsync } = require('./encrypt')
-const version = require('../../package.json').version
-const { plusServer1, plusServer2 } = require('./plus-server')
-const { PlusDB } = require('./db-class')
-const plusDB = new PlusDB().getInstance()
-
-async function getLicenseInfo(key = '') {
-  const { key: plusKey } = await plusDB.findOneAsync({}) || {}
-  // console.log('plusKey: ', plusKey)
-  // console.log('key: ', key)
-  // console.log('process.env.PLUS_KEY: ', process.env.PLUS_KEY)
-  key = key || plusKey || process.env.PLUS_KEY
-  if (!key || key.length < 16) return { success: false, msg: 'Invalid Plus Key' }
-  let ip = ''
-  if (global.serverIp && (Date.now() - global.getServerIpLastTime) / 1000 / 60 < 60) {
-    ip = global.serverIp
-    consola.log('get server ip by cache: ', ip)
-  } else {
-    ip = await getLocalNetIP()
-    global.serverIp = ip
-    global.getServerIpLastTime = Date.now()
-    consola.log('get server ip by net: ', ip)
-  }
-  if (!ip) {
-    consola.error('activate plus failed: get public ip failed')
-    global.serverIp = ''
-    return { success: false, msg: 'get public ip failed' }
-  }
-  try {
-    let response
-    let method = 'POST'
-    let body = JSON.stringify({ ip, key, version })
-    let headers = { 'Content-Type': 'application/json' }
-    let timeout = 10000
-    try {
-      response = await fetch(plusServer1 + '/api/licenses/activate', {
-        method,
-        headers,
-        body,
-        timeout
-      })
-
-      if (!response.ok && (response.status !== 403)) {
-        throw new Error('port1 error')
-      }
-
-    } catch (error) {
-      consola.log('retry to activate plus by backup server')
-      response = await fetch(plusServer2 + '/api/licenses/activate', {
-        method,
-        headers,
-        body,
-        timeout
-      })
-    }
-
-    if (!response.ok) {
-      consola.log('activate plus failed: ', response.status)
-      if (response.status === 403) {
-        const errMsg = await response.json()
-        throw { errMsg, clear: true }
-      }
-      throw Error({ errMsg: `HTTP error! status: ${ response.status }` })
-    }
-
-    const { success, data } = await response.json()
-    if (success) {
-      let { decryptKey, expiryDate, usedIPCount, maxIPs, usedIPs } = data
-      decryptKey = await AESEncryptAsync(decryptKey)
-      consola.success('activate plus success')
-      const plusData = { key, decryptKey, expiryDate, usedIPCount, maxIPs, usedIPs }
-      let count = await plusDB.countAsync({})
-      if (count === 0) {
-        await plusDB.insertAsync(plusData)
-      } else {
-        await plusDB.removeAsync({}, { multi: true })
-        await plusDB.insertAsync(plusData)
-      }
-      return { success: true, msg: '激活成功' }
-    }
-    consola.error('activate plus failed: ', data)
-    return { success: false, msg: '激活失败' }
-  } catch (error) {
-    consola.error(`activate plus failed: ${ error.message || error.errMsg?.message }`)
-    if (error.clear) {
-      await plusDB.removeAsync({}, { multi: true })
-    }
-    return { success: false, msg: error.message || error.errMsg?.message }
-  }
-}
-
-module.exports = getLicenseInfo
--- a/server/app/utils/index.js
+++ b/server/app/utils/index.js
@ -0,0 +1,50 @@
+const {
+  readSSHRecord,
+  writeSSHRecord,
+  readHostList,
+  writeHostList,
+  readKey,
+  writeKey,
+  readSupportEmailList,
+  readUserEmailList,
+  writeUserEmailList,
+  readNotifyList,
+  getNotifySwByType,
+  writeNotifyList,
+  readGroupList,
+  writeGroupList } = require('./storage')
+const { RSADecrypt, AESEncrypt, AESDecrypt, SHA1Encrypt } = require('./encrypt')
+const { verifyAuth, isProd } = require('./verify-auth')
+const { getNetIPInfo, throwError, isIP, randomStr, getUTCDate, formatTimestamp } = require('./tools')
+const { emailTransporter, sendEmailToConfList } = require('./email')
+
+module.exports = {
+  getNetIPInfo,
+  throwError,
+  isIP,
+  randomStr,
+  getUTCDate,
+  formatTimestamp,
+  verifyAuth,
+  isProd,
+  RSADecrypt,
+  AESEncrypt,
+  AESDecrypt,
+  SHA1Encrypt,
+  readSSHRecord,
+  writeSSHRecord,
+  readHostList,
+  writeHostList,
+  readKey,
+  writeKey,
+  readSupportEmailList,
+  readUserEmailList,
+  writeUserEmailList,
+  emailTransporter,
+  sendEmailToConfList,
+  readNotifyList,
+  getNotifySwByType,
+  writeNotifyList,
+  readGroupList,
+  writeGroupList
+}
--- a/server/app/utils/notify.js
+++ b/server/app/utils/notify.js
@ -1,101 +0,0 @@
-const path = require('path')
-const decryptAndExecuteAsync = require('./decrypt-file')
-const nodemailer = require('nodemailer')
-const axios = require('axios')
-const commonTemp = require('../template/commonTemp')
-const { NotifyDB, NotifyConfigDB } = require('./db-class')
-const notifyConfigDB = new NotifyConfigDB().getInstance()
-const notifyDB = new NotifyDB().getInstance()
-
-function sendServerChan(sendKey, title, content) {
-  return new Promise((async (resolve, reject) => {
-    try {
-      consola.info('server酱通知预发送: ', title)
-      const url = `https://sctapi.ftqq.com/${ sendKey }.send`
-      const params = new URLSearchParams({ text: title, desp: content })
-      let { data } = await axios.post(url, params, {
-        headers: {
-          'Content-Type': 'application/x-www-form-urlencoded'
-        }
-      })
-      resolve(data)
-      consola.info('server酱通知发送成功: ', title)
-    } catch (error) {
-      reject(error)
-      consola.error('server酱通知发送失败: ', error)
-    }
-  }))
-
-}
-
-function sendEmail({ service, user, pass }, title, content) {
-  return new Promise((async (resolve, reject) => {
-    try {
-      consola.info('邮箱通知预发送: ', title)
-      let transporter = nodemailer.createTransport({
-        service,
-        auth: {
-          user,
-          pass
-        }
-      })
-      await transporter.sendMail({
-        from: user,
-        to: user,
-        subject: title,
-        // text: '', // 纯文本版本内容，如果收件人的邮件客户端不支持HTML显示，就会显示这个文本
-        html: commonTemp(content)
-      })
-      consola.info('邮件通知发送成功: ', title)
-      resolve()
-    } catch (error) {
-      reject(error)
-      consola.error('邮件通知发送失败: ', error)
-    }
-  }))
-}
-
-// 异步发送通知
-async function sendNoticeAsync(noticeAction, title, content) {
-  try {
-    let notifyList = await notifyDB.findAsync({})
-    let { sw } = notifyList.find((item) => item.type === noticeAction) // 获取对应动作的通知开关
-    // console.log('notify swtich: ', noticeAction, sw)
-    if (!sw) return consola.info('通知开关关闭, 不发送通知: ', noticeAction)
-    let notifyConfig = await notifyConfigDB.findOneAsync({})
-    let { type } = notifyConfig
-    if (!type) return consola.error('通知类型不存在: ', type)
-    title = `EasyNode-${ title }`
-    content += `\n通知发送时间：${ new Date() }`
-    switch (type) {
-      case 'sct':
-        let { sendKey } = notifyConfig['sct']
-        if (!sendKey) return consola.info('未发送server酱通知, sendKey 为空')
-        await sendServerChan(sendKey, title, content)
-        break
-      case 'email':
-        let { service, user, pass } = notifyConfig['email']
-        if (!service || !user || !pass) return consola.info('未发送邮件通知通知, 未配置邮箱: ', { service, user, pass })
-        await sendEmail({ service, user, pass }, title, content)
-        break
-      case 'tg':
-        let { token, chatId } = notifyConfig['tg']
-        if (!token || !chatId) return consola.info('未发送Telegram通知, 未配置token或chatId: ', { token, chatId })
-        let { sendTg } = await decryptAndExecuteAsync(path.join(__dirname, 'plus.js'))
-        if (!sendTg) return consola.info('未发送Telegram通知, Plus功能解析失败')
-        await sendTg({ token, chatId }, title, content)
-        break
-      default:
-        consola.info('未配置通知类型: ', type)
-        break
-    }
-  } catch (error) {
-    consola.error('通知发送失败: ', error)
-  }
-}
-
-module.exports = {
-  sendNoticeAsync,
-  sendServerChan,
-  sendEmail
-}
--- a/Show More
+++ b/Show More
				`@ -1 +0,0 @@`
				U2FsdGVkX18Hh5ifqReKzxVcNwA8NC2cGnvuPCHW9V4+sVMxFFE7NxliY3R9Pyu2jZvnRb80+VpkEinfaZX0H1xx+I5PU2/mqIUU+1yxKrmWQtwJm6EwNwyDFrj3Epbl1zkfTUXLhk1a5lff+s1Qic02SbnLMtThV9Pg2m6w7HeJJiYOdaRFGlHvgGL4m7O9Ps135wdsdLU9y5aRiXF+1fi35Y6ZlDwPJGEMfZyIQKF87QksAW6LOP/Y1+mgIfLS6WwJnf8kW4l0KQktfvmsWtn00neZRQJc9I6WVMEN2jq4vbeE0KqtoOV0B/+Y/nLFnJjSYs5VE4qQ3gTFzuHe/dPoWXcBX5J5RhAxeY1qVQUtgKxUVwnBeGyjCmM7scX001AoxMcZFnpl+rx1ccOHYF2wB8GsuhsRlAAgWiyPXVJFSMYW3mFm61wvy1dWFad+kNYNFJo+SW8YUSkUCs3sXHXHn8eFsy75ChgHqMp1hvvyug8eFVPwp3IgtLK1D1Et096h8EhhvCvR7VecWwFi4AeMvuZWSmn+gkgGinx9zKUjkA5Bi65tyXmCa4ozyoi+TtuWKqJZyRQ8K2Kw0fc1AUCN8Cp/89Omb9thA10lvVtEJ+k1anao1llY9tPJsYlb0lNGYUlff29cDQnKIbV8P9mHXAyjRJatypWfLPfvqBT81iEDdB5dMASgm3gZqQPrSE50hBsCjzeNaCQF32TPfEFeOWRS1M1tOFpjanJZwfUreMLR77lANkSjiPYOgUvSzgAu0JVIehjXW2vYhC3+Sg7ETbdeV74pAx+Tc8qNWPyZtbNvdg+5wegr5ICgvXObf/btDUL9Jl7x+x7SY7dDrDj6AJRQROcUCdtNisG8HBKnvWS8nqNaUmR7d2E8pQ6qEFKX1ISvkxUp5RTD+9Vos0BfL4+mUB9iovxhDTfSXCIdJa69obTvvLD9xOJvNDrd72zLTQZSI74i/cFeNlersYiQAgL26oyqkv1eFL7Xd3bzq24EbZjP3hrBEqktW5qFeUAe8cPuA3bwDQwGI5BGkQ2hsS7G8xvx0dwllUOE3XVjxEuH8hkGO/GfFdqPRHfkizoNu1yNQEQeY6s9cMp5ovY20YIPRl8bhakjcUtUjMqee5kDdmScELKzoam8TwNiTBrBiuCwA2DcaC6dWDgOjhRs1Y4LEiQ8KZptuO/zTbJc5qcoKA6CUiVTN7vD4u5DHN60mGU9hoS46hfCe++U6L5FR4lafjRdUR0qkCEtf2SKnXyWqLUTgS2kNLQr4ZZbLMi7Mm+5+Q1JIIjzqqfjOlzeO9T4F9lknUkFXD5bc0Q5g+it89KG8xDbISUznv/UTXSxh485VKecT9Cjgd7I438N6xeL1CcJZiluLOvZ0Z3FDxkrW4Tmwbi852Z7tghFAamMW7GPL8LJRt5q2fhe0/U5oKBuGglRvga2tju3wBfzQdpavyNVyRjN2pywO4fk3qhez0suF9wVOc6GU9PUU2jCRm/gEF/qrj32tUjpDbxS9D1nCs441La7bYV8eCtb+2pEjgvjtIp+BM0lz+aHnseKT/iUGHlubKhrTMJQ7jEAPKtcl2OpS4fXiVIiy0qK4rI8S/vkdcRd07H77FfPDqEHTxTMQhHMGqi+d+YpFgrXSin4vcn8KXS87MEILjn5kmUDOsXAWZCqlD3oQ5ADVt91R+Ty5DcIZgaiQkB1aq6feIfSx4rsioNCOgFqmx4mcCds4Ar6gzsRdXN4Kcw8plrrePttZLyNOleoIX5Diy3GAiq6ENCkbYtsaic5EqCQ6AV5qBzEDu0DKZkdqxUWd0wf5+gJwEFQAMj+lD/UhlHuD8ArSI56jYQUbrcfdLnXutfrNA2Ogte9RltQxiUb6N90uNW1rT/2vlUgmQgbvZriKqpm+K3CZ9+6zsCDSUgr/cJmkSvu5gIpvC81IAQX6K8sUqtc9l3vn5vEvqqIp2yb5N25xs0NB0/yglyAHgXLXbG/sE73TrRMj4W+3HGlF35YSQnsLcyzvqEIoAhjngDf/6HXCkNpUQjyc8+uzIsKTh73WV9rh1/7xoY0lxHGabI+c8j5+WlWD1K0Xec83Sodqf+XStr90w1ceK73/DZGdgJIbdKfgO4Xn9ZY8AlzbeJq0W2/WWi/nPE9UZtVK6EEuOcmG2L5/gv2hTMjko6KG+ygrn0+bSvClXL51Brq7IvfO9mMlAGV8zK8vp82RM0KH38xPaJGTHbdawB1gaatkXywzXw0YTmzfaswt46WcWlLZ8vgr01zMp7pfp6A4GAT952rSprlfE014osCZj2oe+j2FQ0QOIYPSj3IatoqlDGfMOxPAbId8sx3anls9Zbk4feeVEvy0+VEmeZVIyDSzjZWuQYQ7VQLEcyaARRtOnfDYt2STIXy61ScWepdj1tmuhw/Kc0Aov61tEZ1apHHxrugzmN96A/2FST2KkbCtsYvbBqE9bZ3F4dLAfVazWidSQv4wPKgkZHFY94jlXxkN0dkA0yildyiQC5k3Iiw3zSwZO9a91K8uSQbbL54C4Y7aCW1HG//OabzNSg9Qty5a1hoiovpCiziAc3xoxuT+75ICozxKLG8+UN3vEZ2QXMv3b/qlXhRr7t8LtlFiA9nmUMfCAieovrZSB4OzrKHe37mg17USWsF1by73YTriFRTiE7JO5E6GMFz3bloppT64svf0SHgFELOuc4xclZfJTYAhLLxkiwDzmKWWheEz5TOOL/8p+5n7+/AuffGykVu6NlmSXH1uIg9JYNUy6UFnd2vOhx+8DxSVFd+1VdW+u2zpPAgiFAiNZJGx+6BVS05kO2mQ++0BHlmbXTw2tdt/BF1N07J5kIY0yRqrMtlwAb6cNbb+yWHkYX/C+3MDLBd
				`@ -1 +0,0 @@`
				U2FsdGVkX1+P63MsIfF2N9/XM16sWy0/pZMWy+0Ptf+FhySv/AiawI4Pcf/HQU7Auxde+GszGb7+t+i1Ckngo6VK9PkwALR87GbqCJtGeMazZTkEGkmNuePdpej0O3oAuwITI1FOKPW4Xe4RIFAkJfghqCgUD0Ps0Y6sPwIxOX7fTi4TopNksRMQ5X+UvezrGnPsF5EC2CAPmKwtRFWVqx5csAFhifvMxwEA+WCA7l9KLLvcybGtY4RZf0uSLb6qGxrJBN/zbQ1MMxVw9JbUML09uQ3VKLvQMJZmjctIpZDr4YEMMMdDD/qDk64feV8Tc5VPENsyl2i9kxZ4Z3s5pUu6oDm+/GE2ag0OMITgg7Wc6QpeqlWJwgAeGuqxz2nnuQfGbhHv4g800Hwc7C6ylYgHHeSY+gx39PyDQy1tE7vtW/83ZQUSgWRXxMYTMHUgYKh6P3XG+HxJz6vRjpZqwjPIc3jd253EQnHVG4YZ7VxjBFwpcmidnkvKMa+dvQSZypOL3XLKlMSGdMWFbtVuw4MMYnTBadWkS3eekdVFtvpG5NRqga0TBxPeoISLsn717u9BYcROHvPzvX/MKG7S9CGClZb4mYbOPxKmENPT6AvQbCrzOlK6X/kHTLOxivc2O5uzL4CRXBKFDeaAUJqs/PLZuCfvdmMBKPiMQpCLtFBYCXoxDarggu2D8EZYcoxFPJ/YE7sy/bFa52hQ0V1wYXkhwez1Q4Q3PH1dqdzOESOI30KEOk9TwkEhdV69ymZ6rb6cXWy1KOph2Vo8dQhgNItgvNCCyEuojR54eXnh8x7R1FHmITrobfRZZOYmpFFRZntirTpkEDvt8sPR7G+STcfKc+OgNVoCSV2Ca79Ex0BVACRxWTrafC+VX80mQGldt3wwTk2P+7mcTl0NqH6F7hfzaDjHLy/pbd/78lJLToMz7K1/PaPfOAlVsD5MTh2hefAmqTDZRKfBHyQQjwgh2hNqpmzP2tcQqO5qeigk3fzvZjyXAX2Zqu85hc6QI0Quc4zRS1hb0uY93mnOLnOksTgCNPZHDCTmzT7N0v4D/oABq2VyFFDIvMlzy1kD1WnpmhPldfm+J268QnGfMoR7ob6quZB660xc3V/9zN16ZeVKAhFfzwVHApubxTOYtIIQWLzGj9Q2eqYCXf2p3n8CYF8YV3L1LT6FxEK//MOBXZZbf7JC7tkSWb0EdRf2wuxlDocrxXzSTuIFlpBuG4Dcjf9wVCn3NuQJhqVAdxSX98K/sJpKYPELyYwTvSwG8v2MApAAgv7v+NfgSswXGCVlYpeildrVM4AafoZjBVb4OJK5YvDgmhyhzKP8copwAwi2/tGK8x/fiT0oTQhR60c7wZBuaj3/D0uDxNCcRct5/DYvb3dU1qMDmPfw0BNE7xhHouVLM12tdSnZxxFWgq5747aOpD+yYfgQBxToXsAbfEZLZLfRXPqcNjJWdnY1ZlqARyrzFKbBlGu/HhdEpldDxhdOFLkjytrA7NzvKJKfWvxbtv+jkVYL6SNdLfRoaUe0ecPJH/Gq12FhRXXudPRQT/xqQ5TXCJZ41gkmd7B9oMuVrmpDhaSKkX1loSj/Mhezzq5vIrZPd3+qK7wMeFrxvY7E4wIlK1gZdyQXBzUh8VPQzY6KFEDV4fekqkxkdKm4oX8Ij3IJfuX52+lIJdhL3t3p/j7mLLc1L9hvRudgWnujLEOi8syJv8EkKARC9OmO0S1okf1R805fenbS6MiM7zoFqza6iNn/9uJwgzCjxoTqpLoPwU2OYQyN3h4LnRoV5qsCo/RUunrdkAAQp85iTMSTWm0ux9R/jy+IHe62zwfrCq9xsdqMZ/0MZPRAyGIh5Cr0JbhXwT5s8meI5MgjJ107+hfSdo0ufSqGnceTfvfNVGUt8KO2PWFwgb7fyAiirnIL53lgKOo8dD4tDVZjfClGdIG7KJFty5M3rzyCyPl5ZeQJRD6YZVZG3HPFt4BDPDecPMK63zvrX9zSK3FV5GyBgZQQVMQbou+gpnGdSGw3NI0agN47hRYjFsbvGPrVjBKiPrfnBKkd2lyqKvd2cns/yYmgGXtehYasnPLU01dvRHicQ+TduvMR4NYMCytiDbiKqwBaYI+yt7cKNSf4cQQT9b3DD8pl9dQhzrnAY0tHxSLCVZzl7LCbYzaITQRLzBoIzCmPrFGLj6j2HuGc+gQ3Hd2/HisVAYxbW6Fu0SXQa9nnGW7k+3AJFRs5EvF++QffNW2rMYaBqr+c1jfwURzc7dGD8PNtDJkx3T6eSKx9l4iWR5/LDW+SXrk2OCzMdznsBNCJJbaKzUqs1HlIEuwQ/hHMjk4M+f4/SmbECE3cQXd+nseEoUnKbn/MiWi2lNyjacXuLTtrjDITK9jIZD0Ixfci5Eer2fuPJw7RXr1rb8bjlZWttpjN45NORLB8usjiiEdklPjQMUmTjXgALATorkWt6vc76zB4Fbk5jOwJ53+W1RqvUxt5S+WIhH55jOxYHqrEppguVMw1w4RIceaL/CYunwHxiD5w58hjJ4bR5fXjwARwM/EDGHgPvfV0dDxhBxbBtKrcemUYlBI40wwbOuDgfdnfcJNVCxaVX0Hto/VuqXvfP3eoQT2Vasz96y2/GbSS0rBGtNn9EzPwGZvBrumbl4ezQJp+HjSN65GLXjDNY+ZajGaOs+pK1O8ooAqODnfAhPd3LkMxQxlkqNy8l4KFUPA1lqd8ohK+4UThmfRCQDKPLTdFV/oTvEdBo0d/oN3xJM9ValH+0e3w86b+cmXnLzUxUzeIhmXWW8ctGtNmzV2fewh8ChPl75MCU5d88uzC03YbfZHOOtokTqkhLYhz4il7KSnA+EFEWB7GOvVqnkM/LAwDcJ/1qvqBah+WnDs9uQXTF+QXn/N1q/+83lu9JQWK0crV2mTJHk8efTHBn6oEN8P9pXf2BCJQzbukA/q50QvQU33p8P2VOqL/bHwsaolIhWrys5lyM4pwpMqxvnP5YIFjEhGhcCHLtqL5jvETh3X78HHiEhjmNzwtj3wa/NrgvzJhepqWWGGBK1DEYoMj21cFPpUeB/+2
				`@ -0,0 +1 @@`
				<html lang="zh"> <head> <meta charset="UTF-8" /> <link rel="icon" href="/favicon.ico" /> <meta name="viewport" content="width=device-width, initial-scale=0,user-scalable=yes"> <title>EasyNode</title> <script src="//at.alicdn.com/t/c/font_3309550_flid0kihu36.js"></script> <script type="module" crossorigin src="/assets/index.be6b9da9.js"></script> <link rel="stylesheet" href="/assets/index.de24ebdf.css"> </head> <body> <div id="app"></div> <script> var _hmt = _hmt \|\| []; (function() { var hm = document.createElement("script"); hm.src = "https://hm.baidu.com/hm.js?9cd0d4e4da3a7f1d4f6e4aaaa0ce8f25"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(hm, s); })(); </script> </body> </html>