bookworm/bookworm-boot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: OneClick Keychain 免密 + sync-version 补 guide.html

Browse Source 
- Bookworm-OneClick-Mac.sh: 回退路径加 Keychain 缓存(对标 Setup.sh)
- sync-version.js: 补 guide.html 到文件列表

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
bookworm 2026-04-06 14:18:13 +08:00
parent 23b369f99b
commit d07316f0f9
2 changed files with 40 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
Bookworm-OneClick-Mac.sh
View File

@ -208,9 +208,42 @@ else
# 回退: 手动执行核心配置步骤 # 回退: 手动执行核心配置步骤
info "未找到安装脚本, 执行基础配置..." info "未找到安装脚本, 执行基础配置..."
# 解密凭证 # Keychain 缓存
KC_SVC="bookworm-secrets"
KC_ACCT="$(whoami)"
_kc_load() {
local cached
cached=$(security find-generic-password -s "$KC_SVC" -a "$KC_ACCT" -w 2>/dev/null) || return 1
local expiry_date
expiry_date=$(echo "$cached" | head -1 | sed 's/EXPIRY=//')
[ "$expiry_date" != "$(date +%Y-%m-%d)" ] && { security delete-generic-password -s "$KC_SVC" -a "$KC_ACCT" 2>/dev/null; return 1; }
local count=0
while IFS= read -r line; do
[ -z "$line" ] && continue; [[ "$line" == EXPIRY=* ]] && continue
local key="${line%%=*}" value="${line#*=}"
key=$(echo "$key" | tr -d ' ')
[ -n "$key" ] && [ -n "$value" ] && export "$key=$value" && count=$((count + 1))
done <<< "$cached"
[ $count -gt 0 ] && [ -n "$ANTHROPIC_API_KEY" ] && { success "从 Keychain 缓存加载 $count 个凭证 (免密)"; return 0; }
return 1
}
_kc_save() {
local data="EXPIRY=$(date +%Y-%m-%d)"
for k in ANTHROPIC_API_KEY ANTHROPIC_BASE_URL GITHUB_PERSONAL_ACCESS_TOKEN SLACK_BOT_TOKEN ATLASSIAN_API_TOKEN BROWSERBASE_API_KEY FIRECRAWL_API_KEY; do
local v="${!k}"; [ -n "$v" ] && data="$data
$k=$v"
done
security add-generic-password -s "$KC_SVC" -a "$KC_ACCT" -w "$data" -U 2>/dev/null && \
success "凭证已缓存至今日 23:59 (下次免密)" || true
}
# 解密凭证 (先查缓存)
SECRETS_ENC="$BOOT_DIR/secrets.enc" SECRETS_ENC="$BOOT_DIR/secrets.enc"
if [ -f "$SECRETS_ENC" ] && [ -n "$OPENSSL_CMD" ]; then if _kc_load 2>/dev/null; then
: # 缓存命中
elif [ -f "$SECRETS_ENC" ] && [ -n "$OPENSSL_CMD" ]; then
echo "" echo ""
for attempt in 1 2 3; do for attempt in 1 2 3; do
read -rs -p " 输入主密码解密凭证 (第 $attempt/3 次): " PASSWORD read -rs -p " 输入主密码解密凭证 (第 $attempt/3 次): " PASSWORD
@ -228,6 +261,10 @@ else
success "已注入: $key" success "已注入: $key"
fi fi
done <<< "$DECRYPTED" done <<< "$DECRYPTED"
DECRYPTED=""
echo ""
read -p " 今日内免密启动? (y/n): " _cache_yn
[ "$_cache_yn" = "y" ] || [ "$_cache_yn" = "Y" ] && _kc_save
break break
else else
if [ $attempt -lt 3 ]; then if [ $attempt -lt 3 ]; then

1
sync-version.js
View File

@ -42,6 +42,7 @@ const FILES = [
'Bookworm-OneClick-Win10.bat', 'Bookworm-OneClick-Win10.bat',
'Bookworm-OneClick-Mac.sh', 'Bookworm-OneClick-Mac.sh',
'install.ps1', 'install.ps1',
'guide.html',
'guide-mac.html', 'guide-mac.html',
'quick-start.html', 'quick-start.html',
'quick-reference.txt', 'quick-reference.txt',