Merge branch 'v2-dev' into v2

2026-04-16 05:50:50 +08:00 · 2025-09-14 01:04:20 +08:00
parent 768bdc2cc2 daddf4d98e
commit 297c2965f4
117 changed files with 2715 additions and 432 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,26 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+### Bug Fixes
+
+* 修复商业版退出登录后，丢失站点个性化设置的bug ([d75dd05](https://github.com/certd/certd/commit/d75dd058d65c85f80c49e1fa7a910e6c6f08e824))
+* 修复授权类型和名称字段排到最后的bug ([43b7977](https://github.com/certd/certd/commit/43b79778ea9034065f6a15af3296274315597c6b))
+* 修复证书监控某些情况下报 options.lookup不能为null的bug ([d2ecfe5](https://github.com/certd/certd/commit/d2ecfe5491b2639eb30b5cae293af6062d58bb9f))
+* 修复证书手动托管时新上传的证书无效的bug ([506385e](https://github.com/certd/certd/commit/506385e5a2600887fe30854e0713583caaa2e689))
+* 修复secret patch 类型多了type：的bug ([d04f383](https://github.com/certd/certd/commit/d04f3831611011a90ec0594724b9694490d5edd0))
+
+### Performance Improvements
+
+* 登录支持极验验证码 ([370db62](https://github.com/certd/certd/commit/370db62bf0aece241859244927beabba32d6a257))
+* 登录注册、找回密码都支持极验验证码和图片验证码 ([7bdde68](https://github.com/certd/certd/commit/7bdde68ecea29fe2c570fd3cb082139db6c93d93))
+* 优化加量包展示效果 ([3c65f37](https://github.com/certd/certd/commit/3c65f37d84177ba107d4a6462648af12d2fc4b7a))
+* 证书到期剩余天数进度条根据实际证书有效期计算 ([#528](https://github.com/certd/certd/issues/528)) nicheng-he ([2d4586b](https://github.com/certd/certd/commit/2d4586b1c42c39f97d2a95b9453cca4bc8bfbe61))
+* add preferred chain option ([#519](https://github.com/certd/certd/issues/519))  @ZeroClover  ([902359f](https://github.com/certd/certd/commit/902359f24ed12eee4f9b65178f1d6a60378351d2))
+* ssh配置增加脚本类型设置，bash还是sh ([ae41c60](https://github.com/certd/certd/commit/ae41c6038b27c9476e64a2402a8daf247c38a5b6))
+* start.sh增加sudo ([b7271d7](https://github.com/certd/certd/commit/b7271d7a464773a1bf87d7d1f24d933ba0f86915))
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 ### Bug Fixes
--- a/build.trigger
+++ b/build.trigger
@@ -1 +1 @@
-00:34
+01:01
--- a/docs/.vitepress/config.ts
+++ b/docs/.vitepress/config.ts
@@ -107,7 +107,6 @@ export default defineConfig({
                    text: "常见问题",
                    items: [
                        {text: "QA", link: "/guide/qa/use.md"},
-                        {text: "常见报错处理", link: "/guide/qa/"},
                        {text: "群晖证书部署", link: "/guide/use/synology/"},
                        {text: "腾讯云密钥获取", link: "/guide/use/tencent/"},
                        {text: "连接windows主机", link: "/guide/use/host/windows.md"},
--- a/docs/guide/changelogs/CHANGELOG.md
+++ b/docs/guide/changelogs/CHANGELOG.md
@@ -3,6 +3,26 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+### Bug Fixes
+
+* 修复商业版退出登录后，丢失站点个性化设置的bug ([d75dd05](https://github.com/certd/certd/commit/d75dd058d65c85f80c49e1fa7a910e6c6f08e824))
+* 修复授权类型和名称字段排到最后的bug ([43b7977](https://github.com/certd/certd/commit/43b79778ea9034065f6a15af3296274315597c6b))
+* 修复证书监控某些情况下报 options.lookup不能为null的bug ([d2ecfe5](https://github.com/certd/certd/commit/d2ecfe5491b2639eb30b5cae293af6062d58bb9f))
+* 修复证书手动托管时新上传的证书无效的bug ([506385e](https://github.com/certd/certd/commit/506385e5a2600887fe30854e0713583caaa2e689))
+* 修复secret patch 类型多了type：的bug ([d04f383](https://github.com/certd/certd/commit/d04f3831611011a90ec0594724b9694490d5edd0))
+
+### Performance Improvements
+
+* 登录支持极验验证码 ([370db62](https://github.com/certd/certd/commit/370db62bf0aece241859244927beabba32d6a257))
+* 登录注册、找回密码都支持极验验证码和图片验证码 ([7bdde68](https://github.com/certd/certd/commit/7bdde68ecea29fe2c570fd3cb082139db6c93d93))
+* 优化加量包展示效果 ([3c65f37](https://github.com/certd/certd/commit/3c65f37d84177ba107d4a6462648af12d2fc4b7a))
+* 证书到期剩余天数进度条根据实际证书有效期计算 ([#528](https://github.com/certd/certd/issues/528)) nicheng-he ([2d4586b](https://github.com/certd/certd/commit/2d4586b1c42c39f97d2a95b9453cca4bc8bfbe61))
+* add preferred chain option ([#519](https://github.com/certd/certd/issues/519))  @ZeroClover  ([902359f](https://github.com/certd/certd/commit/902359f24ed12eee4f9b65178f1d6a60378351d2))
+* ssh配置增加脚本类型设置，bash还是sh ([ae41c60](https://github.com/certd/certd/commit/ae41c6038b27c9476e64a2402a8daf247c38a5b6))
+* start.sh增加sudo ([b7271d7](https://github.com/certd/certd/commit/b7271d7a464773a1bf87d7d1f24d933ba0f86915))
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 ### Bug Fixes
--- a/docs/guide/install/source/index.md
+++ b/docs/guide/install/source/index.md
@@ -12,7 +12,7 @@ git clone https://github.com/certd/certd --depth=1
 # git checkout v1.x.x  # 当v2主干分支代码无法正常启动时，可以尝试此命令，1.x.x换成最新版本号
 cd certd
 # 启动服务
-./start.sh  
+./start.sh

 ```
 >如果是windows，请先安装`git for windows` ，然后右键，选择`open git bash here`打开终端，再执行`./start.sh`命令
@@ -21,9 +21,9 @@ cd certd

 ### 访问测试

-http://your_server_ip:7001  
-https://your_server_ip:7002   
-默认账号密码：admin/123456    
+http://your_server_ip:7001
+https://your_server_ip:7002
+默认账号密码：admin/123456
 记得修改密码


@@ -37,7 +37,7 @@ cp -rf ./packages/ui/certd-server/data ../certd-data-backup

 git pull
 # 如果提示pull失败，可以尝试强制更新
-# git checkout v2 -f && git pull 
+# git checkout v2 -f && git pull

 # 先停止旧的服务,7001是certd的默认端口
 kill -9 $(lsof -t -i:7001)
@@ -45,16 +45,31 @@ kill -9 $(lsof -t -i:7001)
 ./start.sh

 ```
-::: warning   
-升级certd版本前，切记切记先备份一下数据    
+::: warning
+升级certd版本前，切记切记先备份一下数据
 :::


 ## 三、数据备份
-> 数据默认保存在 `./packages/ui/certd-server/data` 目录下    
+> 数据默认保存在 `./packages/ui/certd-server/data` 目录下
 > 建议配置一条[数据库备份流水线](../../use/backup/)  自动备份


 ## 四、备份恢复

 将备份的`db.sqlite`及同目录下的其他文件覆盖到原来的位置，重启certd即可
+
+## 六、常见问题
+
+### 1. npm install better-sqlite3 时，提示node-gyp需要vscode环境编译
+
+1. 首先确保node版本为22以上
+2. 将下面两行加到  ~/.npmrc 里面
+3. 重新install
+> better_sqlite3_binary_host=https://registry.npmmirror.com/-/binary/better-sqlite3
+> better_sqlite3_binary_host_mirror=https://registry.npmmirror.com/-/binary/better-sqlite3
+
+
+
+
+
--- a/docs/guide/qa/use.md
+++ b/docs/guide/qa/use.md
@@ -1,4 +1,4 @@
-# 使用问题
+# 常见问题


 ## 1. 是否支持IP证书
@@ -7,8 +7,14 @@


 ## 2. 建议设置多长时间运行一次流水线
-建议每天运行一次，检查证书过期时间    
+建议每天运行一次，检查证书过期时间
 当证书没过期时，自动跳过部署
 当证书到期前35天（创建流水线时可以修改），将会自动重新申请证书，自动部署


+## 3. too many certificates 错误
+当出现如下报错时，说明相同的域名短时间内申请超过5次
+解决方案：可以加多一个子域名，重新执行就可以规避次错误
+```
+"detail": too many certificates (5) already issued for this exact set of idantifiers in the last 168hm0s
+```
--- a/lerna.json
+++ b/lerna.json
@@ -9,5 +9,5 @@
    }
  },
  "npmClient": "pnpm",
-  "version": "1.36.19"
+  "version": "1.36.20"
 }
--- a/packages/core/acme-client/CHANGELOG.md
+++ b/packages/core/acme-client/CHANGELOG.md
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/publishlab/node-acme-client/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.36.19](https://github.com/publishlab/node-acme-client/compare/v1.36.18...v1.36.19) (2025-09-05)

 ### Performance Improvements
--- a/packages/core/acme-client/package.json
+++ b/packages/core/acme-client/package.json
@@ -3,7 +3,7 @@
    "description": "Simple and unopinionated ACME client",
    "private": false,
    "author": "nmorsman",
-    "version": "1.36.19",
+    "version": "1.36.20",
    "type": "module",
    "module": "scr/index.js",
    "main": "src/index.js",
@@ -18,7 +18,7 @@
        "types"
    ],
    "dependencies": {
-        "@certd/basic": "^1.36.19",
+        "@certd/basic": "^1.36.20",
        "@peculiar/x509": "^1.11.0",
        "asn1js": "^3.0.5",
        "axios": "^1.7.2",
@@ -69,5 +69,5 @@
    "bugs": {
        "url": "https://github.com/publishlab/node-acme-client/issues"
    },
-    "gitHead": "6d8981479517b5de9634e242c1ebf22e70527ec4"
+    "gitHead": "ef46aeae6fd766883aeac61a59ce1dfec07f6ca6"
 }
--- a/packages/core/acme-client/src/client.js
+++ b/packages/core/acme-client/src/client.js
@@ -502,7 +502,7 @@ class AcmeClient {
            await verify[challenge.type](authz, challenge, keyAuthorization);
        };

-        log('Waiting for ACME challenge verification（等待ACME挑战验证）', this.backoffOpts);
+        log('Waiting for ACME challenge verification（等待ACME挑战验证）');
        return util.retry(verifyFn, this.backoffOpts);
    }

--- a/packages/core/basic/CHANGELOG.md
+++ b/packages/core/basic/CHANGELOG.md
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 ### Bug Fixes
--- a/packages/core/basic/build.md
+++ b/packages/core/basic/build.md
@@ -1 +1 @@
-00:30
+00:56
--- a/packages/core/basic/package.json
+++ b/packages/core/basic/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/basic",
  "private": false,
-  "version": "1.36.19",
+  "version": "1.36.20",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -45,5 +45,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "6d8981479517b5de9634e242c1ebf22e70527ec4"
+  "gitHead": "ef46aeae6fd766883aeac61a59ce1dfec07f6ca6"
 }
--- a/packages/core/pipeline/CHANGELOG.md
+++ b/packages/core/pipeline/CHANGELOG.md
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 ### Bug Fixes
--- a/packages/core/pipeline/package.json
+++ b/packages/core/pipeline/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/pipeline",
  "private": false,
-  "version": "1.36.19",
+  "version": "1.36.20",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -17,8 +17,8 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/basic": "^1.36.19",
-    "@certd/plus-core": "^1.36.19",
+    "@certd/basic": "^1.36.20",
+    "@certd/plus-core": "^1.36.20",
    "dayjs": "^1.11.7",
    "lodash-es": "^4.17.21",
    "reflect-metadata": "^0.1.13"
@@ -44,5 +44,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "6d8981479517b5de9634e242c1ebf22e70527ec4"
+  "gitHead": "ef46aeae6fd766883aeac61a59ce1dfec07f6ca6"
 }
--- a/packages/core/pipeline/src/registry/registry.ts
+++ b/packages/core/pipeline/src/registry/registry.ts
@@ -69,9 +69,15 @@ export class Registry<T = any> {
    return this.storage;
  }

-  getDefineList() {
+  getDefineList(prefix?: string) {
    let list = [];
+    if (prefix) {
+      prefix = prefix + ":";
+    }
    for (const key in this.storage) {
+      if (prefix && !key.startsWith(prefix)) {
+        continue;
+      }
      const define = this.getDefine(key);
      if (define) {
        if (define?.deprecated) {
@@ -90,7 +96,10 @@ export class Registry<T = any> {
    return list;
  }

-  getDefine(key: string) {
+  getDefine(key: string, prefix?: string) {
+    if (prefix) {
+      key = prefix + ":" + key;
+    }
    const item = this.storage[key];
    if (!item) {
      return;
--- a/packages/libs/lib-huawei/CHANGELOG.md
+++ b/packages/libs/lib-huawei/CHANGELOG.md
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 **Note:** Version bump only for package @certd/lib-huawei
--- a/packages/libs/lib-huawei/package.json
+++ b/packages/libs/lib-huawei/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-huawei",
  "private": false,
-  "version": "1.36.19",
+  "version": "1.36.20",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
  "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
    "prettier": "^2.8.8",
    "tslib": "^2.8.1"
  },
-  "gitHead": "6d8981479517b5de9634e242c1ebf22e70527ec4"
+  "gitHead": "ef46aeae6fd766883aeac61a59ce1dfec07f6ca6"
 }
--- a/packages/libs/lib-iframe/CHANGELOG.md
+++ b/packages/libs/lib-iframe/CHANGELOG.md
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 **Note:** Version bump only for package @certd/lib-iframe
--- a/packages/libs/lib-iframe/package.json
+++ b/packages/libs/lib-iframe/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-iframe",
  "private": false,
-  "version": "1.36.19",
+  "version": "1.36.20",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -31,5 +31,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "6d8981479517b5de9634e242c1ebf22e70527ec4"
+  "gitHead": "ef46aeae6fd766883aeac61a59ce1dfec07f6ca6"
 }
--- a/packages/libs/lib-jdcloud/CHANGELOG.md
+++ b/packages/libs/lib-jdcloud/CHANGELOG.md
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 **Note:** Version bump only for package @certd/jdcloud
--- a/packages/libs/lib-jdcloud/package.json
+++ b/packages/libs/lib-jdcloud/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/jdcloud",
-  "version": "1.36.19",
+  "version": "1.36.20",
  "description": "jdcloud openApi sdk",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
@@ -61,5 +61,5 @@
      "fetch"
    ]
  },
-  "gitHead": "6d8981479517b5de9634e242c1ebf22e70527ec4"
+  "gitHead": "ef46aeae6fd766883aeac61a59ce1dfec07f6ca6"
 }
--- a/packages/libs/lib-k8s/CHANGELOG.md
+++ b/packages/libs/lib-k8s/CHANGELOG.md
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+### Bug Fixes
+
+* 修复secret patch 类型多了type：的bug ([d04f383](https://github.com/certd/certd/commit/d04f3831611011a90ec0594724b9694490d5edd0))
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 ### Bug Fixes
--- a/packages/libs/lib-k8s/package.json
+++ b/packages/libs/lib-k8s/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-k8s",
  "private": false,
-  "version": "1.36.19",
+  "version": "1.36.20",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -17,7 +17,7 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/basic": "^1.36.19",
+    "@certd/basic": "^1.36.20",
    "@kubernetes/client-node": "0.21.0"
  },
  "devDependencies": {
@@ -32,5 +32,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "6d8981479517b5de9634e242c1ebf22e70527ec4"
+  "gitHead": "ef46aeae6fd766883aeac61a59ce1dfec07f6ca6"
 }
--- a/packages/libs/lib-k8s/src/lib/k8s.client.ts
+++ b/packages/libs/lib-k8s/src/lib/k8s.client.ts
@@ -85,7 +85,6 @@ export class K8sClient {
  /**
   * 创建Secret
   * @param opts {namespace:default, body:yamlStr}
-   * @returns {Promise<*>}
   */
  async createSecret(opts: { namespace: string; body: V1Secret }) {
    const namespace = opts.namespace || "default";
@@ -121,7 +120,7 @@ export class K8sClient {
          //没有找到，则创建
          const body = merge(
            {
-              type: "type: kubernetes.io/tls",
+              type: "kubernetes.io/tls",
            },
            opts.body
          );
--- a/packages/libs/lib-server/CHANGELOG.md
+++ b/packages/libs/lib-server/CHANGELOG.md
@@ -3,6 +3,13 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+### Performance Improvements
+
+* 登录支持极验验证码 ([370db62](https://github.com/certd/certd/commit/370db62bf0aece241859244927beabba32d6a257))
+* 登录注册、找回密码都支持极验验证码和图片验证码 ([7bdde68](https://github.com/certd/certd/commit/7bdde68ecea29fe2c570fd3cb082139db6c93d93))
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 **Note:** Version bump only for package @certd/lib-server
--- a/packages/libs/lib-server/package.json
+++ b/packages/libs/lib-server/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/lib-server",
-  "version": "1.36.19",
+  "version": "1.36.20",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -27,10 +27,10 @@
  ],
  "license": "AGPL",
  "dependencies": {
-    "@certd/acme-client": "^1.36.19",
-    "@certd/basic": "^1.36.19",
-    "@certd/pipeline": "^1.36.19",
-    "@certd/plus-core": "^1.36.19",
+    "@certd/acme-client": "^1.36.20",
+    "@certd/basic": "^1.36.20",
+    "@certd/pipeline": "^1.36.20",
+    "@certd/plus-core": "^1.36.20",
    "@midwayjs/cache": "~3.14.0",
    "@midwayjs/core": "~3.20.3",
    "@midwayjs/i18n": "~3.20.3",
@@ -61,5 +61,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "6d8981479517b5de9634e242c1ebf22e70527ec4"
+  "gitHead": "ef46aeae6fd766883aeac61a59ce1dfec07f6ca6"
 }
--- a/packages/libs/lib-server/src/index.ts
+++ b/packages/libs/lib-server/src/index.ts
@@ -1,8 +1,9 @@
 import { SysSettingsEntity } from './system/index.js';
 import { AccessEntity } from './user/access/entity/access.js';
+import { AddonEntity } from "./user/index.js";
 export * from './basic/index.js';
 export * from './system/index.js';
 export * from './user/index.js';
 export { LibServerConfiguration as Configuration } from './configuration.js';

-export const libServerEntities = [SysSettingsEntity, AccessEntity];
+export const libServerEntities = [SysSettingsEntity, AccessEntity,AddonEntity];
--- a/packages/libs/lib-server/src/system/settings/service/models.ts
+++ b/packages/libs/lib-server/src/system/settings/service/models.ts
@@ -30,6 +30,13 @@ export class SysPublicSettings extends BaseSettings {
  mpsNo?: string;
  robots?: boolean = true;
  aiChatEnabled = true;
+
+
+  //验证码是否开启
+  captchaEnabled = false;
+  //验证码类型
+  captchaType?: string;
+  captchaAddonId?:number;
 }

 export class SysPrivateSettings extends BaseSettings {
@@ -207,4 +214,3 @@ export class SysSafeSetting extends BaseSettings {
  };
 }

-
--- a/packages/libs/lib-server/src/user/addon/api/api.ts
+++ b/packages/libs/lib-server/src/user/addon/api/api.ts
@@ -0,0 +1,97 @@
+import { HttpClient, ILogger, utils } from "@certd/basic";
+import {upperFirst} from "lodash-es";
+import { FormItemProps, PluginRequestHandleReq, Registrable } from "@certd/pipeline";
+
+
+export type AddonRequestHandleReqInput<T = any> = {
+  id?: number;
+  title?: string;
+  addon: T;
+};
+
+export type AddonRequestHandleReq<T = any> = {
+  addonType: string;
+} &PluginRequestHandleReq<AddonRequestHandleReqInput<T>>;
+
+export type AddonInputDefine = FormItemProps & {
+  title: string;
+  required?: boolean;
+};
+export type AddonDefine = Registrable & {
+  addonType: string;
+  needPlus?: boolean;
+  input?: {
+    [key: string]: AddonInputDefine;
+  };
+  showTest?: boolean;
+};
+
+export type AddonInstanceConfig = {
+  id: number;
+  addonType: string;
+  type: string;
+  name: string;
+  userId: number;
+  setting: {
+    [key: string]: any;
+  };
+};
+
+
+
+export interface IAddon {
+  ctx: AddonContext;
+  [key: string]: any;
+}
+
+export type AddonContext = {
+  http: HttpClient;
+  logger: ILogger;
+  utils: typeof utils;
+};
+
+export abstract class BaseAddon implements IAddon {
+  define!: AddonDefine;
+  ctx!: AddonContext;
+  http!: HttpClient;
+  logger!: ILogger;
+
+
+
+  // eslint-disable-next-line @typescript-eslint/no-empty-function
+  async onInstance() {}
+  setCtx(ctx: AddonContext) {
+    this.ctx = ctx;
+    this.http = ctx.http;
+    this.logger = ctx.logger;
+  }
+  setDefine = (define:AddonDefine) => {
+    this.define = define;
+  };
+
+  async onRequest(req:AddonRequestHandleReq) {
+    if (!req.action) {
+      throw new Error("action is required");
+    }
+
+    let methodName = req.action;
+    if (!req.action.startsWith("on")) {
+      methodName = `on${upperFirst(req.action)}`;
+    }
+
+    // @ts-ignore
+    const method = this[methodName];
+    if (method) {
+      // @ts-ignore
+      return await this[methodName](req.data);
+    }
+    throw new Error(`action ${req.action} not found`);
+  }
+
+}
+
+
+export interface IAddonGetter {
+  getById<T = any>(id: any): Promise<T>;
+  getCommonById<T = any>(id: any): Promise<T>;
+}
--- a/packages/libs/lib-server/src/user/addon/api/decorator.ts
+++ b/packages/libs/lib-server/src/user/addon/api/decorator.ts
@@ -0,0 +1,65 @@
+// src/decorator/memoryCache.decorator.ts
+import * as _ from "lodash-es";
+import { merge } from "lodash-es";
+import { addonRegistry } from "./registry.js";
+import { AddonContext, AddonDefine, AddonInputDefine } from "./api.js";
+import { Decorator } from "@certd/pipeline";
+
+// 提供一个唯一 key
+export const ADDON_CLASS_KEY = "pipeline:addon";
+export const ADDON_INPUT_KEY = "pipeline:addon:input";
+
+export function IsAddon(define: AddonDefine): ClassDecorator {
+  return (target: any) => {
+    target = Decorator.target(target);
+
+    const inputs: any = {};
+    const properties = Decorator.getClassProperties(target);
+    for (const property in properties) {
+      const input = Reflect.getMetadata(ADDON_INPUT_KEY, target, property);
+      if (input) {
+        inputs[property] = input;
+      }
+    }
+    _.merge(define, { input: inputs });
+    Reflect.defineMetadata(ADDON_CLASS_KEY, define, target);
+    target.define = define;
+    const key = `${define.addonType}:${define.name}`;
+    addonRegistry.register(key, {
+      define,
+      target: async () => {
+        return target;
+      },
+    });
+  };
+}
+
+export function AddonInput(input?: AddonInputDefine): PropertyDecorator {
+  return (target, propertyKey) => {
+    target = Decorator.target(target, propertyKey);
+    // const _type = Reflect.getMetadata("design:type", target, propertyKey);
+    Reflect.defineMetadata(ADDON_INPUT_KEY, input, target, propertyKey);
+  };
+}
+
+export async function newAddon(addonType:string,type: string, input: any, ctx: AddonContext) {
+ const key = `${addonType}:${type}`
+  const register = addonRegistry.get(key);
+  if (register == null) {
+    throw new Error(`${addonType} ${type} not found`);
+  }
+  // @ts-ignore
+  const pluginCls = await register.target();
+  // @ts-ignore
+  const plugin = new pluginCls();
+  merge(plugin, input);
+  if (!ctx) {
+    throw new Error("ctx is required");
+  }
+  plugin.setDefine(register.define);
+  plugin.setCtx(ctx);
+  await plugin.onInstance();
+  return plugin;
+}
+
+
--- a/packages/libs/lib-server/src/user/addon/api/index.ts
+++ b/packages/libs/lib-server/src/user/addon/api/index.ts
@@ -0,0 +1,3 @@
+export * from "./api.js";
+export * from "./registry.js";
+export * from "./decorator.js";
--- a/packages/libs/lib-server/src/user/addon/api/registry.ts
+++ b/packages/libs/lib-server/src/user/addon/api/registry.ts
@@ -0,0 +1,3 @@
+import { createRegistry } from "@certd/pipeline";
+
+export const addonRegistry = createRegistry("addon");
--- a/packages/libs/lib-server/src/user/addon/entity/addon.ts
+++ b/packages/libs/lib-server/src/user/addon/entity/addon.ts
@@ -0,0 +1,44 @@
+import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
+
+/**
+ */
+@Entity('cd_addon')
+export class AddonEntity {
+  @PrimaryGeneratedColumn()
+  id: number;
+  @Column({ name: 'user_id', comment: '用户id' })
+  userId: number;
+  @Column({ comment: '名称', length: 100 })
+  name: string;
+
+
+  @Column({ name: 'addon_type', comment: 'addon类型', length: 100 })
+  addonType: string;
+
+
+  @Column({ comment: '类型', length: 100 })
+  type: string;
+
+  @Column({ name: 'setting', comment: '设置', length: 10240, nullable: true })
+  setting: string;
+
+  @Column({ name: 'is_system', comment: '是否系统级别',  nullable: false, default: false })
+  isSystem: boolean;
+
+  @Column({ name: 'is_default', comment: '是否默认',  nullable: false, default: false })
+  isDefault: boolean;
+
+
+  @Column({
+    name: 'create_time',
+    comment: '创建时间',
+    default: () => 'CURRENT_TIMESTAMP',
+  })
+  createTime: Date;
+  @Column({
+    name: 'update_time',
+    comment: '修改时间',
+    default: () => 'CURRENT_TIMESTAMP',
+  })
+  updateTime: Date;
+}
--- a/packages/libs/lib-server/src/user/addon/index.ts
+++ b/packages/libs/lib-server/src/user/addon/index.ts
@@ -0,0 +1,5 @@
+export * from './api/index.js'
+export * from './entity/addon.js'
+export * from './service/addon-service.js'
+export * from './service/addon-getter.js'
+export * from './service/addon-sys-getter.js'
--- a/packages/libs/lib-server/src/user/addon/service/addon-getter.ts
+++ b/packages/libs/lib-server/src/user/addon/service/addon-getter.ts
@@ -0,0 +1,18 @@
+import { IAddonGetter } from "../api/index.js";
+
+export class AddonGetter implements IAddonGetter {
+  userId: number;
+  getter: <T>(id: any, userId?: number) => Promise<T>;
+  constructor(userId: number, getter: (id: any, userId: number) => Promise<any>) {
+    this.userId = userId;
+    this.getter = getter;
+  }
+
+  async getById<T = any>(id: any) {
+    return await this.getter<T>(id, this.userId);
+  }
+
+  async getCommonById<T = any>(id: any) {
+    return await this.getter<T>(id, 0);
+  }
+}
--- a/packages/libs/lib-server/src/user/addon/service/addon-service.ts
+++ b/packages/libs/lib-server/src/user/addon/service/addon-service.ts
@@ -0,0 +1,231 @@
+import { Provide, Scope, ScopeEnum } from "@midwayjs/core";
+import { InjectEntityModel } from "@midwayjs/typeorm";
+import { In, Repository } from "typeorm";
+import { AddonDefine, BaseService, PageReq, PermissionException, ValidateException } from "../../../index.js";
+import { addonRegistry, newAddon } from "../api/index.js";
+import { AddonEntity } from "../entity/addon.js";
+import { http, logger, utils } from "@certd/basic";
+
+/**
+ * Addon
+ */
+@Provide()
+@Scope(ScopeEnum.Request, {allowDowngrade: true})
+export class AddonService extends BaseService<AddonEntity> {
+  @InjectEntityModel(AddonEntity)
+  repository: Repository<AddonEntity>;
+
+  //@ts-ignore
+  getRepository() {
+    return this.repository;
+  }
+
+  async page(pageReq: PageReq<AddonEntity>) {
+    const res = await super.page(pageReq);
+    res.records = res.records.map(item => {
+      return item;
+    });
+    return res;
+  }
+
+  async add(param) {
+    let oldEntity = null;
+    if (param._copyFrom){
+      oldEntity = await this.info(param._copyFrom);
+      if (oldEntity == null) {
+        throw new ValidateException('该Addon配置不存在,请确认是否已被删除');
+      }
+      if (oldEntity.userId  !== param.userId) {
+        throw new ValidateException('您无权查看该Addon配置');
+      }
+    }
+    if (!param.userId){
+      param.isSystem = true
+    }else{
+      param.isSystem = false
+    }
+    delete param._copyFrom
+    return await super.add(param);
+  }
+
+
+  /**
+   * 修改
+   * @param param 数据
+   */
+  async update(param) {
+    const oldEntity = await this.info(param.id);
+    if (oldEntity == null) {
+      throw new ValidateException('该Addon配置不存在,请确认是否已被删除');
+    }
+    return await super.update(param);
+  }
+
+  async getSimpleInfo(id: number) {
+    const entity = await this.info(id);
+    if (entity == null) {
+      throw new ValidateException('该Addon配置不存在,请确认是否已被删除');
+    }
+    return {
+      id: entity.id,
+      name: entity.name,
+      userId: entity.userId,
+      addonType: entity.addonType,
+      type: entity.type,
+    };
+  }
+
+  async getAddonById(id: any, checkUserId: boolean, userId?: number): Promise<any> {
+    const ctx = {
+      http: http,
+      logger: logger,
+      utils: utils,
+    };
+
+
+    if (!id){
+      //使用图片验证码
+      return await newAddon("captcha", "image", {},ctx);
+    }
+    const entity = await this.info(id);
+    if (entity == null) {
+      //使用图片验证码
+      return await newAddon("captcha", "image", {},ctx);
+    }
+    if (checkUserId) {
+      if (userId == null) {
+        throw new ValidateException('userId不能为空');
+      }
+      if (userId !== entity.userId) {
+        throw new PermissionException('您对该Addon无访问权限');
+      }
+    }
+
+    const setting =  JSON.parse(entity.setting ??"{}")
+    const input = {
+      id: entity.id,
+      ...setting,
+    };
+
+    return await newAddon(entity.addonType, entity.type, input,ctx);
+  }
+
+  async getById(id: any, userId: number): Promise<any> {
+    return await this.getAddonById(id, true, userId);
+  }
+
+
+  getDefineList(addonType: string) {
+    return addonRegistry.getDefineList();
+  }
+
+  getDefineByType(type: string,prefix?: string)  {
+    return addonRegistry.getDefine(type,prefix) as AddonDefine;
+  }
+
+
+  async getSimpleByIds(ids: number[], userId: any) {
+    if (ids.length === 0) {
+      return [];
+    }
+    if (!userId) {
+      return [];
+    }
+    return await this.repository.find({
+      where: {
+        id: In(ids),
+        userId,
+      },
+      select: {
+        id: true,
+        name: true,
+        addonType: true,
+        type: true,
+        userId:true,
+        isSystem: true,
+      },
+    });
+
+  }
+
+
+
+  async getDefault(userId: number,addonType: string): Promise<any> {
+    const res = await this.repository.findOne({
+      where: {
+        userId,
+        addonType
+      },
+      order: {
+        isDefault: 'DESC',
+      },
+    });
+    if (!res) {
+      return null;
+    }
+    return this.buildAddonInstanceConfig(res);
+  }
+
+  private buildAddonInstanceConfig(res: AddonEntity) {
+    const setting = JSON.parse(res.setting);
+    return {
+      id: res.id,
+      addonType: res.addonType,
+      type: res.type,
+      name: res.name,
+      userId: res.userId,
+      setting,
+    };
+  }
+
+  async setDefault(id: number, userId: number,addonType:string) {
+    if (!id) {
+      throw new ValidateException('id不能为空');
+    }
+    if (!userId) {
+      throw new ValidateException('userId不能为空');
+    }
+    await this.repository.update(
+      {
+        userId,
+        addonType
+      },
+      {
+        isDefault: false,
+      }
+    );
+    await this.repository.update(
+      {
+        id,
+        userId,
+        addonType
+      },
+      {
+        isDefault: true,
+      }
+    );
+  }
+
+  async getOrCreateDefault(opts:{addonType:string,type:string, inputs: any, userId: any}) {
+    const {addonType,type,inputs,userId} = opts;
+
+   const addonDefine =  this.getDefineByType( type,addonType)
+
+    const defaultConfig = await this.getDefault(userId,addonType);
+    if (defaultConfig) {
+      return defaultConfig;
+    }
+    const setting = {
+      ...inputs,
+    };
+    const res = await this.repository.save({
+      userId,
+      addonType,
+      type: type,
+      name: addonDefine.title,
+      setting: JSON.stringify(setting),
+      isDefault: true,
+    });
+    return this.buildAddonInstanceConfig(res);
+  }
+}
--- a/packages/libs/lib-server/src/user/addon/service/addon-sys-getter.ts
+++ b/packages/libs/lib-server/src/user/addon/service/addon-sys-getter.ts
@@ -0,0 +1,17 @@
+import { IAccessService } from '@certd/pipeline';
+import { AddonService } from './addon-service.js';
+
+export class AddonSysGetter implements IAccessService {
+  addonService: AddonService;
+  constructor(addonService: AddonService) {
+    this.addonService = addonService;
+  }
+
+  async getById<T = any>(id: any) {
+    return await this.addonService.getById(id, 0);
+  }
+
+  async getCommonById<T = any>(id: any) {
+    return await this.addonService.getById(id, 0);
+  }
+}
--- a/packages/libs/lib-server/src/user/index.ts
+++ b/packages/libs/lib-server/src/user/index.ts
@@ -1 +1,2 @@
 export * from './access/index.js';
+export * from './addon/index.js';
--- a/packages/libs/midway-flyway-js/CHANGELOG.md
+++ b/packages/libs/midway-flyway-js/CHANGELOG.md
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 **Note:** Version bump only for package @certd/midway-flyway-js
--- a/packages/libs/midway-flyway-js/package.json
+++ b/packages/libs/midway-flyway-js/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/midway-flyway-js",
-  "version": "1.36.19",
+  "version": "1.36.20",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -46,5 +46,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "6d8981479517b5de9634e242c1ebf22e70527ec4"
+  "gitHead": "ef46aeae6fd766883aeac61a59ce1dfec07f6ca6"
 }
--- a/packages/plugins/plugin-cert/CHANGELOG.md
+++ b/packages/plugins/plugin-cert/CHANGELOG.md
@@ -3,6 +3,17 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+### Bug Fixes
+
+* 修复证书手动托管时新上传的证书无效的bug ([506385e](https://github.com/certd/certd/commit/506385e5a2600887fe30854e0713583caaa2e689))
+
+### Performance Improvements
+
+* 证书到期剩余天数进度条根据实际证书有效期计算 ([#528](https://github.com/certd/certd/issues/528)) nicheng-he ([2d4586b](https://github.com/certd/certd/commit/2d4586b1c42c39f97d2a95b9453cca4bc8bfbe61))
+* add preferred chain option ([#519](https://github.com/certd/certd/issues/519))  @ZeroClover  ([902359f](https://github.com/certd/certd/commit/902359f24ed12eee4f9b65178f1d6a60378351d2))
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 ### Performance Improvements
--- a/packages/plugins/plugin-cert/package.json
+++ b/packages/plugins/plugin-cert/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-cert",
  "private": false,
-  "version": "1.36.19",
+  "version": "1.36.20",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -16,10 +16,10 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/acme-client": "^1.36.19",
-    "@certd/basic": "^1.36.19",
-    "@certd/pipeline": "^1.36.19",
-    "@certd/plugin-lib": "^1.36.19",
+    "@certd/acme-client": "^1.36.20",
+    "@certd/basic": "^1.36.20",
+    "@certd/pipeline": "^1.36.20",
+    "@certd/plugin-lib": "^1.36.20",
    "@google-cloud/publicca": "^1.3.0",
    "dayjs": "^1.11.7",
    "jszip": "^3.10.1",
@@ -43,5 +43,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "6d8981479517b5de9634e242c1ebf22e70527ec4"
+  "gitHead": "ef46aeae6fd766883aeac61a59ce1dfec07f6ca6"
 }
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/base-convert.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/base-convert.ts
@@ -99,6 +99,7 @@ export abstract class CertApplyBaseConvertPlugin extends AbstractTaskPlugin {
    const cert: CertInfo = certReader.toCertInfo();
    this.cert = cert;

+    this._result.pipelineVars.certEffectiveTime = dayjs(certReader.detail.notBefore).valueOf();
    this._result.pipelineVars.certExpiresTime = dayjs(certReader.detail.notAfter).valueOf();
    if (!this._result.pipelinePrivateVars) {
      this._result.pipelinePrivateVars = {};
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts
@@ -35,6 +35,7 @@ export class CertReader {

  detail: CertificateInfo;
  //毫秒时间戳
+  effective: number;
  expires: number;
  constructor(certInfo: CertInfo) {
    this.cert = certInfo;
@@ -52,8 +53,9 @@ export class CertReader {
    }

    try {
-      const { detail, expires } = this.getCrtDetail(this.cert.crt);
+      const { detail, effective, expires } = this.getCrtDetail(this.cert.crt);
      this.detail = detail;
+      this.effective = effective.getTime();
      this.expires = expires.getTime();
    } catch (e) {
      throw new Error("证书解析失败:" + e.message);
@@ -102,8 +104,9 @@ export class CertReader {

  static readCertDetail(crt: string) {
    const detail = crypto.readCertificateInfo(crt.toString());
+    const effective = detail.notBefore;
    const expires = detail.notAfter;
-    return { detail, expires };
+    return { detail, effective, expires };
  }

  getAllDomains() {
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/custom/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/custom/index.ts
@@ -118,7 +118,7 @@ export class CertApplyUploadPlugin extends CertApplyBaseConvertPlugin {
  }

  async execute(): Promise<string | void> {
-    const certReader = await this.getCertFromStore();
+    let certReader = await this.getCertFromStore();
    const crtMd5 = this.ctx.utils.hash.md5(certReader.cert.crt);

    const leftDays = dayjs(certReader.expires).diff(dayjs(), "day");
@@ -141,9 +141,13 @@ export class CertApplyUploadPlugin extends CertApplyBaseConvertPlugin {
      this.logger.info("输入参数有变化，重新部署");
    }

+    certReader = new CertReader(this.uploadCert);
    this.clearLastStatus();
    //输出证书MD5
-    this.certMd5 = crtMd5;
+    this.certMd5 = this.ctx.utils.hash.md5(certReader.cert.crt);
+    const newLeftDays = dayjs(certReader.expires).diff(dayjs(), "day");
+    this.logger.info(`新证书过期时间${dayjs(certReader.expires).format("YYYY-MM-DD HH:mm:ss")},剩余${newLeftDays}天`);
+
    await this.output(certReader, true);

    //必须output之后执行
--- a/packages/plugins/plugin-lib/CHANGELOG.md
+++ b/packages/plugins/plugin-lib/CHANGELOG.md
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+### Performance Improvements
+
+* ssh配置增加脚本类型设置，bash还是sh ([ae41c60](https://github.com/certd/certd/commit/ae41c6038b27c9476e64a2402a8daf247c38a5b6))
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 ### Performance Improvements
--- a/packages/plugins/plugin-lib/package.json
+++ b/packages/plugins/plugin-lib/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-lib",
  "private": false,
-  "version": "1.36.19",
+  "version": "1.36.20",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -21,8 +21,8 @@
    "@alicloud/pop-core": "^1.7.10",
    "@alicloud/tea-util": "^1.4.10",
    "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.36.19",
-    "@certd/pipeline": "^1.36.19",
+    "@certd/basic": "^1.36.20",
+    "@certd/pipeline": "^1.36.20",
    "@kubernetes/client-node": "0.21.0",
    "ali-oss": "^6.22.0",
    "basic-ftp": "^5.0.5",
@@ -53,5 +53,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "6d8981479517b5de9634e242c1ebf22e70527ec4"
+  "gitHead": "ef46aeae6fd766883aeac61a59ce1dfec07f6ca6"
 }
--- a/packages/plugins/plugin-lib/src/ssh/ssh-access.ts
+++ b/packages/plugins/plugin-lib/src/ssh/ssh-access.ts
@@ -64,6 +64,22 @@ export class SshAccess extends BaseAccess {
  })
  passphrase!: string;

+  @AccessInput({
+    title: "脚本类型",
+    helper: "bash 、sh 、fish",
+    component: {
+      name: "a-select",
+      vModel: "value",
+      options: [
+        { value: "default", label: "默认" },
+        { value: "sh", label: "sh" },
+        { value: "bash", label: "bash" },
+        { value: "fish", label: "fish(不支持set -e)" },
+      ],
+    },
+  })
+  scriptType: string;
+
  @AccessInput({
    title: "伪终端",
    helper: "如果登录报错：all authentication methods failed，可以尝试开启伪终端模式进行keyboard-interactive方式登录\n开启后对日志输出有一定的影响",
--- a/packages/plugins/plugin-lib/src/ssh/ssh.ts
+++ b/packages/plugins/plugin-lib/src/ssh/ssh.ts
@@ -543,8 +543,16 @@ export class SshClient {
          }
        }

-        if (isLinux && options.stopOnError !== false) {
-          script = "set -e\n" + script;
+        if (isLinux) {
+          if (options.connectConf.scriptType == "bash") {
+            script = "#!/usr/bin/env bash \n" + script;
+          } else if (options.connectConf.scriptType == "sh") {
+            script = "#!/bin/sh\n" + script;
+          }
+
+          if (options.connectConf.scriptType != "fish" && options.stopOnError !== false) {
+            script = "set -e\n" + script;
+          }
        }

        return await conn.exec(script as string, { throwOnStdErr });
--- a/packages/ui/certd-client/CHANGELOG.md
+++ b/packages/ui/certd-client/CHANGELOG.md
@@ -3,6 +3,20 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+### Bug Fixes
+
+* 修复商业版退出登录后，丢失站点个性化设置的bug ([d75dd05](https://github.com/certd/certd/commit/d75dd058d65c85f80c49e1fa7a910e6c6f08e824))
+* 修复授权类型和名称字段排到最后的bug ([43b7977](https://github.com/certd/certd/commit/43b79778ea9034065f6a15af3296274315597c6b))
+
+### Performance Improvements
+
+* 登录支持极验验证码 ([370db62](https://github.com/certd/certd/commit/370db62bf0aece241859244927beabba32d6a257))
+* 登录注册、找回密码都支持极验验证码和图片验证码 ([7bdde68](https://github.com/certd/certd/commit/7bdde68ecea29fe2c570fd3cb082139db6c93d93))
+* 优化加量包展示效果 ([3c65f37](https://github.com/certd/certd/commit/3c65f37d84177ba107d4a6462648af12d2fc4b7a))
+* 证书到期剩余天数进度条根据实际证书有效期计算 ([#528](https://github.com/certd/certd/issues/528)) nicheng-he ([2d4586b](https://github.com/certd/certd/commit/2d4586b1c42c39f97d2a95b9453cca4bc8bfbe61))
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 ### Bug Fixes
--- a/packages/ui/certd-client/index.html
+++ b/packages/ui/certd-client/index.html
@@ -23,5 +23,6 @@

 </div>
 <script type="module" src="/src/main.ts"></script>
+<script src="https://static.geetest.com/v4/gt4.js"></script>
 </body>
 </html>
--- a/packages/ui/certd-client/package.json
+++ b/packages/ui/certd-client/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-client",
-  "version": "1.36.19",
+  "version": "1.36.20",
  "private": true,
  "scripts": {
    "dev": "vite --open",
@@ -32,10 +32,10 @@
    "@aws-sdk/s3-request-presigner": "^3.535.0",
    "@certd/vue-js-cron-light": "^4.0.14",
    "@ctrl/tinycolor": "^4.1.0",
-    "@fast-crud/fast-crud": "^1.25.13",
-    "@fast-crud/fast-extends": "^1.25.13",
-    "@fast-crud/ui-antdv4": "^1.25.13",
-    "@fast-crud/ui-interface": "^1.25.13",
+    "@fast-crud/fast-crud": "^1.26.6",
+    "@fast-crud/fast-extends": "^1.26.6",
+    "@fast-crud/ui-antdv4": "^1.26.6",
+    "@fast-crud/ui-interface": "^1.26.6",
    "@iconify/tailwind": "^1.2.0",
    "@iconify/vue": "^4.1.1",
    "@manypkg/get-packages": "^2.2.2",
@@ -103,8 +103,8 @@
    "zod-defaults": "^0.1.3"
  },
  "devDependencies": {
-    "@certd/lib-iframe": "^1.36.19",
-    "@certd/pipeline": "^1.36.19",
+    "@certd/lib-iframe": "^1.36.20",
+    "@certd/pipeline": "^1.36.20",
    "@rollup/plugin-commonjs": "^25.0.7",
    "@rollup/plugin-node-resolve": "^15.2.3",
    "@types/chai": "^4.3.12",
--- a/packages/ui/certd-client/src/components/captcha/captcha-input.vue
+++ b/packages/ui/certd-client/src/components/captcha/captcha-input.vue
@@ -0,0 +1,50 @@
+<template>
+  <component :is="captchaComponent" v-if="settingStore.inited" ref="captchaRef" class="captcha_input" :captcha-get="getCaptcha" @change="onChange" />
+</template>
+<script setup lang="ts">
+import { ref, computed, defineAsyncComponent } from "vue";
+import { useSettingStore } from "/@/store/settings";
+import { nanoid } from "nanoid";
+import { request } from "/@/api/service";
+
+const captchaRef = ref(null);
+const settingStore = useSettingStore();
+
+const emits = defineEmits(["update:modelValue", "change"]);
+const captchaImpls = import.meta.glob("./captchas/*.vue");
+
+const captchaAddonId = computed(() => {
+  return settingStore.sysPublic.captchaAddonId ?? 0;
+});
+const captchaComponent = computed(() => {
+  let type = "image";
+  if (settingStore.sysPublic.captchaAddonId && settingStore.sysPublic.captchaType) {
+    type = settingStore.sysPublic.captchaType;
+  }
+  const componentName = `${type}_captcha`;
+  return defineAsyncComponent(captchaImpls[`./captchas/${componentName}.vue`]);
+});
+
+async function getCaptcha(): Promise<any> {
+  const randomStr = nanoid(10);
+  return await request({
+    url: `/basic/code/captcha/get?randomStr=${randomStr}`,
+    method: "post",
+    data: {
+      captchaAddonId: captchaAddonId.value,
+    },
+  });
+}
+
+function onChange(data) {
+  emits("update:modelValue", data);
+  emits("change", data);
+}
+
+async function getCaptchaForm() {
+  return await captchaRef.value.getCaptchaForm();
+}
+defineExpose({
+  getCaptchaForm,
+});
+</script>
--- a/packages/ui/certd-client/src/components/captcha/captchas/geetest_captcha.vue
+++ b/packages/ui/certd-client/src/components/captcha/captchas/geetest_captcha.vue
@@ -0,0 +1,96 @@
+<template>
+  <div ref="captchaRef" class="geetest_captcha_wrapper"></div>
+</template>
+<script setup lang="ts">
+import { onMounted, defineProps, defineEmits, ref, onUnmounted } from "vue";
+import { useSettingStore } from "/@/store/settings";
+import { request } from "/src/api/service";
+import { notification } from "ant-design-vue";
+
+defineOptions({
+  name: "GeetestCaptcha",
+});
+const emit = defineEmits(["update:modelValue", "change"]);
+const props = defineProps<{
+  captchaGet: () => Promise<any>;
+}>();
+const captchaRef = ref(null);
+// const addonApi = createAddonApi();
+const settingStore = useSettingStore();
+
+const captchaInstanceRef = ref({});
+async function init() {
+  // if (!initGeetest4) {
+  //   await import("https://static.geetest.com/v4/gt4.js");
+  // }
+
+  const { captchaId } = await props.captchaGet();
+  // @ts-ignore
+  initGeetest4(
+    {
+      captchaId: captchaId,
+    },
+    (captcha: any) => {
+      // captcha为验证码实例
+      captcha.appendTo(captchaRef.value); // 调用appendTo将验证码插入到页的某一个元素中，这个元素用户可以自定义
+      captchaInstanceRef.value.instance = captcha;
+      captchaInstanceRef.value.captchaId = captchaId;
+    }
+  );
+}
+
+function getCaptchaForm() {
+  if (!captchaInstanceRef.value?.instance) {
+    // notification.error({
+    //   message: "验证码还未初始化",
+    // });
+    return false;
+  }
+  const result = captchaInstanceRef.value.instance.getValidate();
+  if (!result) {
+    // notification.error({
+    //   message: "请先完成验证码验证",
+    // });
+    return false;
+  }
+  result.captcha_id = captchaInstanceRef.value.captchaId;
+
+  return result;
+}
+
+const valueRef = ref(null);
+const timeoutId = setInterval(() => {
+  const form = getCaptchaForm();
+  if (form && valueRef.value != form) {
+    console.log("form", form);
+    valueRef.value = form;
+    emitChange(form);
+  }
+}, 1000);
+
+onUnmounted(() => {
+  clearTimeout(timeoutId);
+});
+
+function emitChange(value: string) {
+  emit("update:modelValue", value);
+  emit("change", value);
+}
+
+defineExpose({
+  getCaptchaForm,
+});
+
+onMounted(async () => {
+  await init();
+});
+</script>
+<style lang="less">
+.geetest_captcha_wrapper {
+  .geetest_captcha {
+    .geetest_holder {
+      width: 100%;
+    }
+  }
+}
+</style>
--- a/packages/ui/certd-client/src/components/captcha/captchas/image_captcha.vue
+++ b/packages/ui/certd-client/src/components/captcha/captchas/image_captcha.vue
@@ -0,0 +1,59 @@
+<template>
+  <div class="flex">
+    <a-input :value="valueRef" placeholder="请输入图片验证码" autocomplete="off" @update:value="onChange">
+      <template #prefix>
+        <fs-icon icon="ion:image-outline"></fs-icon>
+      </template>
+    </a-input>
+    <div class="input-right pointer" title="点击刷新">
+      <img class="image-code" :src="imageCodeSrc" @click="resetImageCode" />
+    </div>
+  </div>
+</template>
+<script setup lang="ts">
+import { defineEmits, defineExpose, defineProps, ref } from "vue";
+import { nanoid } from "nanoid";
+
+const props = defineProps<{
+  captchaGet?: () => Promise<any>;
+}>();
+defineOptions({
+  name: "ImageCaptcha",
+});
+const emit = defineEmits(["update:modelValue", "change"]);
+
+const valueRef = ref("");
+const randomStrRef = ref();
+const imageCodeSrc = ref();
+async function resetImageCode() {
+  const res = await props.captchaGet();
+  randomStrRef.value = res.randomStr;
+  valueRef.value = "";
+  emitChange(null);
+  imageCodeSrc.value = "data:image/svg+xml," + encodeURIComponent(res.imageData);
+}
+
+function getCaptchaForm() {
+  return {
+    imageCode: valueRef.value,
+    randomStr: randomStrRef.value,
+  };
+}
+defineExpose({
+  resetImageCode,
+  getCaptchaForm,
+});
+
+resetImageCode();
+
+function onChange(value: string) {
+  valueRef.value = value;
+  const form = getCaptchaForm();
+  emitChange(form);
+}
+
+function emitChange(value) {
+  emit("update:modelValue", value);
+  emit("change", value);
+}
+</script>
--- a/packages/ui/certd-client/src/components/plugins/common/remote-tree-select.vue
+++ b/packages/ui/certd-client/src/components/plugins/common/remote-tree-select.vue
@@ -53,7 +53,6 @@ const pagerRef: Ref = ref({
  current: 1,
 });
 const getOptions = async () => {
-  debugger;
  if (loading.value) {
    return;
  }
--- a/packages/ui/certd-client/src/locales/langs/en-US/certd.ts
+++ b/packages/ui/certd-client/src/locales/langs/en-US/certd.ts
@@ -119,6 +119,7 @@ export default {
    scheduledTaskCount: "Scheduled Task Count",
    deployTaskCount: "Deployment Task Count",
    remainingValidity: "Remaining Validity",
+    effectiveTime: "Effective time",
    expiryTime: "Expiry Time",
    status: "Status",
    lastRun: "Last Run",
@@ -250,7 +251,9 @@ export default {
      ok: "Valid",
      expired: "Expired",
    },
+    certEffectiveTime: "Certificate Effective",
    certExpiresTime: "Certificate Expiration",
+    remainingValidity: "Remaining Validity",
    expired: "expired",
    days: "days",
    lastCheckTime: "Last Check Time",
@@ -465,6 +468,7 @@ export default {
  validDays: "Valid Days",
  expires: " expires",
  days: " days",
+  effectiveTime: "Effective Time",
  expireTime: "Expiration Time",
  certIssuer: "Certificate Issuer",
  applyTime: "Application Time",
@@ -707,10 +711,23 @@ export default {
    pipeline: "Pipeline",
  },

+  addonType: "Type",
+  addonName: "Name",
+  addonNameHelper: "Fill freely, helps to distinguish when multiple same type exist",
+  addonTypeSelect: "Select type",
  sys: {
    setting: {
      showRunStrategy: "Show RunStrategy",
      showRunStrategyHelper: "Allow modify the run strategy of the task",
+
+      captchaEnabled: "Enable Login Captcha",
+      captchaHelper: "Whether to enable captcha verification for login",
+      captchaType: "Captcha Setting",
+
+      baseSetting: "Base Settings",
+      registerSetting: "Register Settings",
+      safeSetting: "Safe Settings",
+      paymentSetting: "Payment Settings",
    },
  },
  modal: {
@@ -731,4 +748,8 @@ export default {
    challengeSetting: "Challenge Setting",
    gotoCnameTip: "Please go to CNAME Record Page",
  },
+  addonSelector: {
+    select: "Select",
+    placeholder: "select please",
+  },
 };
--- a/packages/ui/certd-client/src/locales/langs/zh-CN/certd.ts
+++ b/packages/ui/certd-client/src/locales/langs/zh-CN/certd.ts
@@ -125,6 +125,7 @@ export default {
    scheduledTaskCount: "定时任务数",
    deployTaskCount: "部署任务数",
    remainingValidity: "到期剩余",
+    effectiveTime: "生效时间",
    expiryTime: "过期时间",
    status: "状态",
    lastRun: "最后运行",
@@ -255,7 +256,9 @@ export default {
      ok: "正常",
      expired: "过期",
    },
+    certEffectiveTime: "证书生效时间",
    certExpiresTime: "证书到期时间",
+    remainingValidity: "到期剩余",
    expired: "过期",
    days: "天",
    lastCheckTime: "上次检查时间",
@@ -471,6 +474,7 @@ export default {
  validDays: "有效天数",
  expires: "过期",
  days: "天",
+  effectiveTime: "生效时间",
  expireTime: "过期时间",
  certIssuer: "证书颁发机构",
  applyTime: "申请时间",
@@ -695,7 +699,10 @@ export default {
  setAsDefault: "设为默认",
  disabledLabel: "禁用",
  confirmToggleStatus: "确定要{action}吗？",
-
+  addonType: "类型",
+  addonName: "名称",
+  addonNameHelper: "随意填写，相同类型助于区分即可",
+  addonTypeSelect: "请选择",
  template: {
    title: "流水线模版",
    edit: "流水线模版编辑",
@@ -714,6 +721,15 @@ export default {
    setting: {
      showRunStrategy: "显示运行策略选择",
      showRunStrategyHelper: "任务设置中是否允许选择运行策略",
+
+      captchaEnabled: "启用登录验证码",
+      captchaHelper: "登录时是否启用验证码",
+      captchaType: "验证码配置",
+
+      baseSetting: "基本设置",
+      registerSetting: "注册设置",
+      safeSetting: "安全设置",
+      paymentSetting: "支付设置",
    },
  },
  modal: {
@@ -734,4 +750,8 @@ export default {
    challengeSetting: "校验配置",
    gotoCnameTip: "CNAME域名配置请前往CNAME记录页面添加",
  },
+  addonSelector: {
+    select: "选择",
+    placeholder: "请选择",
+  },
 };
--- a/packages/ui/certd-client/src/store/plugin/index.ts
+++ b/packages/ui/certd-client/src/store/plugin/index.ts
@@ -167,7 +167,7 @@ export const usePluginStore = defineStore({
    },
    async clear() {
      this.group = null;
-      this.originGroup = null
+      this.originGroup = null;
    },
    async getList(): Promise<PluginDefine[]> {
      await this.init();
--- a/packages/ui/certd-client/src/store/settings/api.basic.ts
+++ b/packages/ui/certd-client/src/store/settings/api.basic.ts
@@ -46,6 +46,10 @@ export type SysPublicSetting = {
  aiChatEnabled?: boolean;

  showRunStrategy?: boolean;
+
+  captchaEnabled?: boolean;
+  captchaType?: number;
+  captchaAddonId?: number;
 };
 export type SuiteSetting = {
  enabled?: boolean;
--- a/packages/ui/certd-client/src/store/settings/index.ts
+++ b/packages/ui/certd-client/src/store/settings/index.ts
@@ -12,6 +12,7 @@ import { utils } from "/@/utils";
 import { cloneDeep, merge } from "lodash-es";
 import { useI18n } from "/src/locales";
 export interface SettingState {
+  skipReset?: boolean; // 注销登录时，不清空此store的状态
  sysPublic?: SysPublicSetting;
  installInfo?: {
    siteId: string;
@@ -64,6 +65,7 @@ const defaultSiteInfo: SiteInfo = {
 export const useSettingStore = defineStore({
  id: "app.setting",
  state: (): SettingState => ({
+    skipReset: true,
    plusInfo: {
      isPlus: false,
      vipType: "free",
--- a/packages/ui/certd-client/src/vben/stores/setup.ts
+++ b/packages/ui/certd-client/src/vben/stores/setup.ts
@@ -38,6 +38,9 @@ export function resetAllStores() {
  }
  const allStores = (pinia as any)._s;
  for (const [_key, store] of allStores) {
+    if (store.skipReset) {
+      continue;
+    }
    store.$reset();
  }
 }
--- a/packages/ui/certd-client/src/views/certd/access/common.tsx
+++ b/packages/ui/certd-client/src/views/certd/access/common.tsx
@@ -87,6 +87,7 @@ export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any) {
        order: -1,
      },
      form: {
+        order: -1,
        component: {
          disabled: false,
          showSearch: true,
--- a/packages/ui/certd-client/src/views/certd/access/crud.tsx
+++ b/packages/ui/certd-client/src/views/certd/access/crud.tsx
@@ -79,6 +79,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
          },
          form: {
            rules: [{ required: true, message: "必填项" }],
+            order: -11,
          },
          column: {
            width: 300,
--- a/packages/ui/certd-client/src/views/certd/addon/addon-selector/index.vue
+++ b/packages/ui/certd-client/src/views/certd/addon/addon-selector/index.vue
@@ -0,0 +1,178 @@
+<template>
+  <div class="addon-selector">
+    <div class="flex-o w-100">
+      <!--      <fs-dict-select class="flex-1" :value="modelValue" :dict="optionsDictRef" :disabled="disabled" :render-label="renderLabel" :slots="selectSlots" :allow-clear="true" v-bind="select" @update:value="onChange" />-->
+      <span v-if="modelValue" class="mr-5 cd-flex-inline">
+        <a-tag class="mr-5" color="green">{{ target?.name || modelValue }}</a-tag>
+        <fs-icon class="cd-icon-button" icon="ion:close-circle-outline" @click="clear"></fs-icon>
+      </span>
+      <span v-else class="mlr-5 text-gray">{{ placeholder || t("certd.addonSelector.placeholder") }}</span>
+      <fs-table-select
+        ref="tableSelectRef"
+        class="flex-0"
+        :model-value="modelValue"
+        :dict="optionsDictRef"
+        :create-crud-options="createCrudOptionsWithApi"
+        :crud-options-override="{
+          search: { show: false },
+          table: {
+            scroll: {
+              x: 540,
+            },
+          },
+        }"
+        :show-current="false"
+        :show-select="false"
+        :dialog="{ width: 960 }"
+        :destroy-on-close="false"
+        height="400px"
+        v-bind="tableSelect"
+        @update:model-value="onChange"
+        @dialog-closed="doRefresh"
+      >
+        <template #default="scope">
+          <fs-button class="ml-5" :disabled="disabled" :size="size" type="primary" :text="t('certd.addonSelector.select')" @click="scope.open" />
+        </template>
+      </fs-table-select>
+    </div>
+  </div>
+</template>
+
+<script lang="tsx" setup>
+import { inject, ref, Ref, watch } from "vue";
+import { createAddonApi } from "../api";
+import { message } from "ant-design-vue";
+import { dict } from "@fast-crud/fast-crud";
+import createCrudOptions from "../crud";
+import { addonProvide } from "../common";
+import { useUserStore } from "/@/store/user";
+import { useI18n } from "/src/locales";
+
+const { t } = useI18n();
+
+defineOptions({
+  name: "AddonSelector",
+});
+
+const props = defineProps<{
+  modelValue?: number | string | number[] | string[];
+  type?: string;
+  placeholder?: string;
+  size?: string;
+  disabled?: boolean;
+  select?: any;
+  tableSelect?: any;
+  addonType: string;
+  from?: string;
+}>();
+
+const onChange = async (value: number) => {
+  await emitValue(value);
+};
+
+const emit = defineEmits(["update:modelValue", "selected-change", "change"]);
+
+const api = createAddonApi({
+  from: props.from,
+  addonType: props.addonType,
+});
+addonProvide(api);
+
+function createCrudOptionsWithApi(opts: any) {
+  opts.context = {
+    api,
+    addonType: props.addonType,
+  };
+  return createCrudOptions(opts);
+}
+
+const tableSelectRef = ref();
+const optionsDictRef = dict({
+  url: `/addon/options?addonType=${props.addonType}`,
+  value: "id",
+  label: "name",
+});
+
+const renderLabel = (option: any) => {
+  return <span>{option.name}</span>;
+};
+
+async function openTableSelectDialog() {
+  selectOpened.value = false;
+  await tableSelectRef.value.open({});
+  await tableSelectRef.value.crudExpose.openAdd({});
+}
+
+const selectOpened = ref(false);
+const selectSlots = ref({
+  dropdownRender({ menuNode, props }: any) {
+    const res = [];
+    res.push(menuNode);
+    // res.push(<a-divider style="margin: 4px 0" />);
+    // res.push(<a-space style="padding: 4px 8px" />);
+    // res.push(<fs-button class="w-100" type="text" icon="plus-outlined" text="新建通知渠道" onClick={openTableSelectDialog}></fs-button>);
+    return res;
+  },
+});
+
+const target: Ref<any> = ref({});
+
+function clear() {
+  if (props.disabled) {
+    return;
+  }
+  emitValue(null);
+}
+
+const userStore = useUserStore();
+
+async function emitValue(value: any) {
+  // target.value = optionsDictRef.dataMap[value];
+  const userId = userStore.userInfo.id;
+  if (pipeline?.value && pipeline.value.userId !== userId) {
+    message.error(`对不起，您不能修改他人流水线的${props.addonType}设置`);
+    return;
+  }
+  emit("change", value);
+  emit("update:modelValue", value);
+}
+
+async function refreshTarget(value: any) {
+  if (value > 0) {
+    target.value = await api.GetSimpleInfo(value);
+  } else {
+    target.value = {
+      //captchaType会监听此字段，给个默认值
+      type: "",
+    };
+  }
+}
+
+watch(
+  () => {
+    return props.modelValue;
+  },
+  async value => {
+    // await optionsDictRef.loadDict();
+    //@ts-ignore
+    await refreshTarget(value);
+    // target.value = optionsDictRef.dataMap[value];
+    emit("selected-change", target.value);
+  },
+  {
+    immediate: true,
+  }
+);
+
+//当不在pipeline中编辑时，可能为空
+const pipeline = inject("pipeline", null);
+
+async function doRefresh() {
+  await optionsDictRef.reloadDict();
+}
+</script>
+<style lang="less">
+.addon-selector {
+  width: 100%;
+}
+</style>
--- a/packages/ui/certd-client/src/views/certd/addon/api.ts
+++ b/packages/ui/certd-client/src/views/certd/addon/api.ts
@@ -0,0 +1,142 @@
+import { request } from "/src/api/service";
+import { RequestHandleReq } from "/@/components/plugins/lib";
+
+export function createAddonApi(opts: { from: any; addonType: string }) {
+  let apiPrefix = "/addon";
+  if (opts.from === "sys") {
+    apiPrefix = "/sys/addon";
+  }
+  return {
+    async GetList(query: any) {
+      return await request({
+        url: apiPrefix + "/page",
+        method: "post",
+        data: {
+          ...query,
+          query: {
+            addonType: opts.addonType,
+            ...query.query,
+          },
+        },
+      });
+    },
+
+    async AddObj(obj: any) {
+      return await request({
+        url: apiPrefix + "/add",
+        method: "post",
+        data: {
+          ...obj,
+          addonType: opts.addonType,
+        },
+      });
+    },
+
+    async UpdateObj(obj: any) {
+      return await request({
+        url: apiPrefix + "/update",
+        method: "post",
+        data: obj,
+      });
+    },
+
+    async DelObj(id: number) {
+      return await request({
+        url: apiPrefix + "/delete",
+        method: "post",
+        params: { id },
+      });
+    },
+
+    async GetObj(id: number) {
+      return await request({
+        url: apiPrefix + "/info",
+        method: "post",
+        params: { id },
+      });
+    },
+
+    async GetOptions(id: number) {
+      return await request({
+        url: apiPrefix + `/options?addonType=${opts.addonType}`,
+        method: "post",
+      });
+    },
+
+    async SetDefault(id: number) {
+      return await request({
+        url: apiPrefix + "/setDefault",
+        method: "post",
+        params: { id },
+      });
+    },
+
+    async GetDefaultId() {
+      return await request({
+        url: apiPrefix + "/getDefaultId",
+        method: "post",
+      });
+    },
+
+    async GetSimpleInfo(id: number) {
+      return await request({
+        url: apiPrefix + `/simpleInfo?addonType=${opts.addonType}`,
+        method: "post",
+        params: { id },
+      });
+    },
+
+    async GetDefineTypes() {
+      return await request({
+        url: apiPrefix + `/getTypeDict?addonType=${opts.addonType}`,
+        method: "post",
+      });
+    },
+
+    async GetProviderDefine(type: string) {
+      return await request({
+        url: apiPrefix + `/define?addonType=${opts.addonType}`,
+        method: "post",
+        params: { type },
+      });
+    },
+
+    async GetProviderDefineByType(type: string) {
+      return await request({
+        url: apiPrefix + `/defineByType?addonType=${opts.addonType}`,
+        method: "post",
+        params: { type },
+      });
+    },
+
+    async Handle(req: RequestHandleReq, opts: any = {}) {
+      const url = `/handle/${req.type}?addonType=${opts.addonType}`;
+      const { typeName, action, data, input } = req;
+      const res = await request({
+        url,
+        method: "post",
+        data: {
+          typeName,
+          action,
+          data,
+          input,
+        },
+        ...opts,
+      });
+      return res;
+    },
+  };
+}
+
+export const AddonTypeDefines = {
+  captcha: {
+    name: "captcha",
+    title: "验证码",
+    showDefault: false,
+    showTest: false,
+  },
+};
+
+export function getAddonTypeDefine(addonType: string) {
+  return AddonTypeDefines[addonType];
+}
--- a/packages/ui/certd-client/src/views/certd/addon/common.tsx
+++ b/packages/ui/certd-client/src/views/certd/addon/common.tsx
@@ -0,0 +1,280 @@
+import { ColumnCompositionProps, compute, dict } from "@fast-crud/fast-crud";
+import { computed, provide, ref, toRef } from "vue";
+import { useReference } from "/@/use/use-refrence";
+import { forEach, get, merge, set } from "lodash-es";
+import { Modal } from "ant-design-vue";
+import { mitter } from "/@/utils/util.mitt";
+import { useI18n } from "/src/locales";
+import * as pipelineApi from "/@/views/certd/pipeline/api";
+import { getAddonTypeDefine } from "/@/views/certd/addon/api";
+
+export function addonProvide(api: any) {
+  provide("addonApi", api);
+  provide("get:plugin:type", () => {
+    return "addon";
+  });
+}
+
+export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any, addonType: string) {
+  const { t } = useI18n();
+  // const addonTypeTypeDictRef = dict({
+  //   data: [{ value: "captcha", label: "验证码" }],
+  // });
+  const addonTypeDictRef = dict({
+    url: `/addon/getTypeDict?addonType=${addonType}`,
+  });
+  const defaultPluginConfig = {
+    component: {
+      name: "a-input",
+      vModel: "value",
+    },
+  };
+
+  function buildDefineFields(define: any, form: any, mode: string) {
+    const formWrapperRef = crudExpose.getFormWrapperRef();
+    const columnsRef = toRef(formWrapperRef.formOptions, "columns");
+
+    for (const key in columnsRef.value) {
+      if (key.indexOf(".") >= 0) {
+        delete columnsRef.value[key];
+      }
+    }
+    console.log('crudBinding.value[mode + "Form"].columns', columnsRef.value);
+    forEach(define.input, (value: any, mapKey: any) => {
+      const key = "body." + mapKey;
+      const field = {
+        ...value,
+        key,
+      };
+      const column = merge({ title: key }, defaultPluginConfig, field);
+      //eval
+      useReference(column);
+
+      if (column.required) {
+        if (!column.rules) {
+          column.rules = [];
+        }
+        column.rules.push({ required: true, message: t("certd.requiredField") });
+      }
+
+      //设置默认值
+      if (column.value != null && get(form, key) == null) {
+        set(form, key, column.value);
+      }
+      //字段配置赋值
+      columnsRef.value[key] = column;
+    });
+  }
+
+  const currentDefine = ref();
+
+  return {
+    id: {
+      title: "ID",
+      key: "id",
+      type: "number",
+      column: {
+        width: 100,
+      },
+      form: {
+        show: false,
+      },
+    },
+    // addonType: {
+    //   title: "Addon类型",
+    //   type: "dict-select",
+    //   dict: addonTypeTypeDictRef,
+    //   search: {
+    //     show: false,
+    //   },
+    //   column: {
+    //     width: 200,
+    //     component: {
+    //       color: "auto",
+    //     },
+    //   },
+    //   form: {
+    //     onChange(ctx: { value: any }) {
+    //       addonTypeDictRef.url = `/addon/getTypeDict?addonType=${ctx.value}`;
+    //     },
+    //   },
+    //   editForm: {
+    //     component: {
+    //       disabled: false,
+    //     },
+    //   },
+    // },
+    type: {
+      title: t("certd.addonType"),
+      type: "dict-select",
+      dict: addonTypeDictRef,
+      search: {
+        show: false,
+      },
+      column: {
+        width: 200,
+        component: {
+          color: "auto",
+        },
+      },
+      editForm: {
+        component: {
+          disabled: false,
+        },
+      },
+      form: {
+        order: -22,
+        component: {
+          disabled: false,
+          showSearch: true,
+          filterOption: (input: string, option: any) => {
+            input = input?.toLowerCase();
+            return option.value.toLowerCase().indexOf(input) >= 0 || option.label.toLowerCase().indexOf(input) >= 0;
+          },
+          renderLabel(item: any) {
+            return (
+              <span class={"flex-o flex-between"}>
+                {item.label}
+                {item.needPlus && <fs-icon icon={"mingcute:vip-1-line"} className={"color-plus"}></fs-icon>}
+              </span>
+            );
+          },
+        },
+        rules: [{ required: true, message: t("certd.addonTypeSelect") }],
+        valueChange: {
+          immediate: true,
+          async handle({ value, mode, form, immediate }) {
+            if (value == null) {
+              return;
+            }
+            const lastTitle = currentDefine.value?.title;
+            const define = await api.GetProviderDefine(value);
+            currentDefine.value = define;
+            console.log("define", define);
+
+            if (!immediate) {
+              form.body = {};
+              if (define.needPlus) {
+                mitter.emit("openVipModal");
+              }
+            }
+
+            if (!form.name || form.name === lastTitle) {
+              form.name = define.title;
+            }
+            buildDefineFields(define, form, mode);
+          },
+        },
+        helper: computed(() => {
+          const define = currentDefine.value;
+          if (define == null) {
+            return "";
+          }
+          return define.desc;
+        }),
+      },
+    } as ColumnCompositionProps,
+    name: {
+      title: t("certd.addonName"),
+      search: {
+        show: true,
+      },
+      type: ["text"],
+      form: {
+        order: -2,
+        rules: [{ required: true, message: t("certd.enterName") }],
+        helper: t("certd.addonNameHelper"),
+      },
+      column: {
+        width: 200,
+      },
+    },
+    isDefault: {
+      title: t("certd.isDefault"),
+      type: "dict-switch",
+      dict: dict({
+        data: [
+          { label: t("certd.yes"), value: true, color: "success" },
+          { label: t("certd.no"), value: false, color: "default" },
+        ],
+      }),
+      form: {
+        show: computed(() => {
+          return getAddonTypeDefine(addonType)?.showDefault ?? false;
+        }),
+        value: false,
+        rules: [{ required: true, message: t("certd.selectIsDefault") }],
+        order: 999,
+      },
+      column: {
+        align: "center",
+        width: 100,
+        show: computed(() => {
+          return getAddonTypeDefine(addonType)?.showDefault ?? false;
+        }),
+        component: {
+          name: "a-switch",
+          vModel: "checked",
+          disabled: compute(({ value }) => {
+            return value === true;
+          }),
+          on: {
+            // @ts-ignore
+            change({ row }) {
+              Modal.confirm({
+                title: t("certd.prompt"),
+                content: t("certd.confirmSetDefaultNotification"),
+                onOk: async () => {
+                  await api.SetDefault(row.id);
+                  await crudExpose.doRefresh();
+                },
+                onCancel: async () => {
+                  await crudExpose.doRefresh();
+                },
+              });
+            },
+          },
+        },
+      },
+    },
+    test: {
+      title: t("certd.test"),
+      form: {
+        show: compute(({ form }) => {
+          return !!form.type && currentDefine.value?.showTest === true;
+        }),
+        component: {
+          name: "api-test",
+          action: "TestRequest",
+        },
+        order: 990,
+        col: {
+          span: 24,
+        },
+      },
+      column: {
+        show: false,
+      },
+    },
+    setting: {
+      column: { show: false },
+      form: {
+        show: false,
+        valueBuilder({ value, form }) {
+          form.body = {};
+          if (!value) {
+            return;
+          }
+          const setting = JSON.parse(value);
+          for (const key in setting) {
+            form.body[key] = setting[key];
+          }
+        },
+        valueResolve({ form }) {
+          const setting = form.body;
+          form.setting = JSON.stringify(setting);
+        },
+      },
+    } as ColumnCompositionProps,
+  };
+}
--- a/packages/ui/certd-client/src/views/certd/addon/crud.tsx
+++ b/packages/ui/certd-client/src/views/certd/addon/crud.tsx
@@ -0,0 +1,55 @@
+import { ref } from "vue";
+import { getCommonColumnDefine } from "./common";
+import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, EditReq, UserPageQuery, UserPageRes } from "@fast-crud/fast-crud";
+
+export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
+  const api = context.api;
+  const addonType = context.addonType;
+  const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
+    return await api.GetList(query);
+  };
+  const editRequest = async (req: EditReq) => {
+    const { form, row } = req;
+    form.id = row.id;
+    const res = await api.UpdateObj(form);
+    return res;
+  };
+  const delRequest = async (req: DelReq) => {
+    const { row } = req;
+    return await api.DelObj(row.id);
+  };
+
+  const addRequest = async (req: AddReq) => {
+    const { form } = req;
+    const res = await api.AddObj(form);
+    return res;
+  };
+
+  const typeRef = ref();
+  const commonColumnsDefine = getCommonColumnDefine(crudExpose, typeRef, api, addonType);
+  return {
+    crudOptions: {
+      request: {
+        pageRequest,
+        addRequest,
+        editRequest,
+        delRequest,
+      },
+      form: {
+        labelCol: {
+          //固定label宽度
+          span: null,
+          style: {
+            width: "145px",
+          },
+        },
+      },
+      rowHandle: {
+        width: 200,
+      },
+      columns: {
+        ...commonColumnsDefine,
+      },
+    },
+  };
+}
--- a/packages/ui/certd-client/src/views/certd/addon/index.vue
+++ b/packages/ui/certd-client/src/views/certd/addon/index.vue
@@ -0,0 +1,41 @@
+<template>
+  <fs-page>
+    <template #header>
+      <div class="title">
+        通知管理
+        <span class="sub">管理通知配置</span>
+      </div>
+    </template>
+    <fs-crud ref="crudRef" v-bind="crudBinding"> </fs-crud>
+  </fs-page>
+</template>
+
+<script lang="ts">
+import { defineComponent, onActivated, onMounted } from "vue";
+import { useFs } from "@fast-crud/fast-crud";
+import createCrudOptions from "./crud";
+import { createAddonApi } from "./api";
+import { addonProvide } from "/@/views/certd/addon/common";
+
+export default defineComponent({
+  name: "AddonManager",
+  setup() {
+    const api = createAddonApi();
+    addonProvide(api);
+    const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { api } });
+
+    // 页面打开后获取列表数据
+    onMounted(() => {
+      crudExpose.doRefresh();
+    });
+    onActivated(() => {
+      crudExpose.doRefresh();
+    });
+
+    return {
+      crudBinding,
+      crudRef,
+    };
+  },
+});
+</script>
--- a/packages/ui/certd-client/src/views/certd/monitor/cert/crud.tsx
+++ b/packages/ui/certd-client/src/views/certd/monitor/cert/crud.tsx
@@ -220,22 +220,47 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
            sorter: true,
            conditionalRender: false,
            cellRender({ row }) {
-              const value = row.expiresTime;
-              if (!value) {
+              const {
+                applyTime,
+                effectiveTime,
+                expiresTime,
+              } = row || {};
+              if (!expiresTime) {
                return "-";
              }
-              const expireDate = dayjs(value).format("YYYY-MM-DD");
-              const leftDays = dayjs(value).diff(dayjs(), "day");
+              // 申请时间 ps:此处为证书在certd创建的时间而非实际证书申请时间
+              const applyDate = dayjs(effectiveTime ?? applyTime ?? Date.now()).format("YYYY-MM-DD");
+              // 失效时间
+              const expireDate = dayjs(expiresTime).format("YYYY-MM-DD");
+              // 有效天数 ps:此处证书最小设置为90d
+              const effectiveDays = Math.max(90, dayjs(expiresTime).diff(applyDate, "day"));
+              // 距离失效时间剩余天数
+              const leftDays = dayjs(expiresTime).diff(dayjs(), "day");
              const color = leftDays < 20 ? "red" : "#389e0d";
-              const percent = (leftDays / 90) * 100;
+              const percent = (leftDays / effectiveDays) * 100;
              const textColor = leftDays < 20 ? "red" : leftDays > 60 ? "#389e0d" : "";
              const format = () => {
                return <span style={{ color: textColor }}>{`${leftDays}${t("certd.days")}`}</span>;
              };
+              // console.log('cellRender', 'effectiveDays', effectiveDays, 'expiresTime', expiresTime, 'applyTime', applyTime, 'percent', percent, row)
              return <a-progress title={expireDate + t("certd.expires")} percent={percent} strokeColor={color} format={format} />;
            },
          },
        },
+        effectiveTime: {
+          title: t("certd.effectiveTime"),
+          search: {
+            show: false,
+          },
+          type: "datetime",
+          form: {
+            show: false,
+          },
+          column: {
+            sorter: true,
+            show: false,
+          },
+        },
        expiresTime: {
          title: t("certd.expireTime"),
          search: {
--- a/packages/ui/certd-client/src/views/certd/monitor/site/crud.tsx
+++ b/packages/ui/certd-client/src/views/certd/monitor/site/crud.tsx
@@ -345,25 +345,64 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
            align: "center",
          },
        },
+        certEffectiveTime: {
+          title: t("certd.monitor.certEffectiveTime"),
+          search: {
+            show: false,
+          },
+          type: "datetime",
+          form: {
+            show: false,
+          },
+          column: {
+            sorter: true,
+            width: 155,
+          },
+        },
        certExpiresTime: {
          title: t("certd.monitor.certExpiresTime"),
          search: {
            show: false,
          },
+          type: "datetime",
+          form: {
+            show: false,
+          },
+          column: {
+            sorter: true,
+            width: 155,
+          },
+        },
+        remainingValidity: {
+          title: t("certd.monitor.remainingValidity"),
+          search: {
+            show: false,
+          },
          type: "date",
          form: {
            show: false,
          },
          column: {
-            sorter: true,
-            cellRender({ value }) {
-              if (!value) {
+            conditionalRender: false,
+            cellRender({ row }) {
+              const {
+                certEffectiveTime: effectiveTime,
+                certExpiresTime: expiresTime,
+              } = row || {};
+              if (!expiresTime) {
                return "-";
              }
-              const expireDate = dayjs(value).format("YYYY-MM-DD");
-              const leftDays = dayjs(value).diff(dayjs(), "day");
+              // 申请时间 ps:此处为证书在certd创建的时间而非实际证书申请时间
+              const applyDate = dayjs(effectiveTime ?? Date.now()).format("YYYY-MM-DD");
+              // 失效时间
+              const expireDate = dayjs(expiresTime).format("YYYY-MM-DD");
+              // 有效天数 ps:此处证书最小设置为90d
+              const effectiveDays = Math.max(90, dayjs(expiresTime).diff(applyDate, "day"));
+              // 距离失效时间剩余天数
+              const leftDays = dayjs(expiresTime).diff(dayjs(), "day");
              const color = leftDays < 20 ? "red" : "#389e0d";
-              const percent = (leftDays / 90) * 100;
+              const percent = (leftDays / effectiveDays) * 100;
+              // console.log('cellRender', 'effectiveDays', effectiveDays, 'expiresTime', expiresTime, 'applyTime', applyTime, 'percent', percent, row)
              return <a-progress title={expireDate + t("certd.monitor.expired")} percent={percent} strokeColor={color} format={(percent: number) => `${leftDays}${t("certd.monitor.days")}`} />;
            },
          },
--- a/packages/ui/certd-client/src/views/certd/notification/common.tsx
+++ b/packages/ui/certd-client/src/views/certd/notification/common.tsx
@@ -96,6 +96,7 @@ export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any) {
        },
      },
      form: {
+        order: -3,
        component: {
          disabled: false,
          showSearch: true,
@@ -153,6 +154,7 @@ export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any) {
      },
      type: ["text"],
      form: {
+        order: -2,
        rules: [{ required: true, message: t("certd.enterName") }],
        helper: t("certd.helperNotificationName"),
      },
--- a/packages/ui/certd-client/src/views/certd/pipeline/crud.tsx
+++ b/packages/ui/certd-client/src/views/certd/pipeline/crud.tsx
@@ -366,23 +366,49 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
          },
          column: {
            cellRender({ row }) {
-              const value = row.lastVars?.certExpiresTime;
-              if (!value) {
+              const {
+                certEffectiveTime: effectiveTime,
+                certExpiresTime: expiresTime,
+              } = row?.lastVars || {};
+              if (!expiresTime) {
                return "-";
              }
-              const expireDate = dayjs(value).format("YYYY-MM-DD");
-              const leftDays = dayjs(value).diff(dayjs(), "day");
+              // 申请时间 ps:此处为证书在certd创建的时间而非实际证书申请时间
+              const applyDate = dayjs(effectiveTime ?? Date.now()).format("YYYY-MM-DD");
+              // 失效时间
+              const expireDate = dayjs(expiresTime).format("YYYY-MM-DD");
+              // 有效天数 ps:此处证书最小设置为90d
+              const effectiveDays = Math.max(90, dayjs(expiresTime).diff(applyDate, "day"));
+              // 距离失效时间剩余天数
+              const leftDays = dayjs(expiresTime).diff(dayjs(), "day");
              const color = leftDays < 20 ? "red" : "#389e0d";
-              const percent = (leftDays / 90) * 100;
+              const percent = (leftDays / effectiveDays) * 100;
              const textColor = leftDays < 20 ? "red" : leftDays > 60 ? "#389e0d" : "";
              const format = () => {
                return <span style={{ color: textColor }}>{`${leftDays}${t("certd.days")}`}</span>;
              };
+              // console.log('cellRender', 'effectiveDays', effectiveDays, 'expiresTime', expiresTime, 'applyTime', applyTime, 'percent', percent, row)
              return <a-progress title={expireDate + t("certd.expires")} percent={percent} strokeColor={color} format={format} />;
            },
            width: 150,
          },
        },
+        "lastVars.certEffectiveTime": {
+          title: t("certd.fields.effectiveTime"),
+          search: {
+            show: false,
+          },
+          type: "datetime",
+          form: {
+            show: false,
+          },
+          column: {
+            sorter: false,
+            show: false,
+            width: 150,
+            align: "center",
+          },
+        },
        "lastVars.certExpiresTime": {
          title: t("certd.fields.expiryTime"),
          search: {
--- a/packages/ui/certd-client/src/views/certd/suite/mine/api.ts
+++ b/packages/ui/certd-client/src/views/certd/suite/mine/api.ts
@@ -9,6 +9,8 @@ export type SuiteValue = {
 export type SuiteDetail = {
  enabled?: boolean;
  suites?: any[];
+  suiteList?: any[];
+  addonList?: any[];
  expiresTime?: number;
  pipelineCount?: SuiteValue;
  domainCount?: SuiteValue;
--- a/packages/ui/certd-client/src/views/framework/forgot-password/index.vue
+++ b/packages/ui/certd-client/src/views/framework/forgot-password/index.vue
@@ -20,8 +20,11 @@
              </template>
            </a-input>
          </a-form-item>
+          <a-form-item has-feedback name="captchaForEmail" label="验证码">
+            <CaptchaInput v-model:model-value="formState.captchaForEmail"></CaptchaInput>
+          </a-form-item>
          <a-form-item has-feedback name="validateCode" label="邮件验证码">
-            <email-code v-model:value="formState.validateCode" :img-code="formState.imgCode" :email="formState.input" :random-str="formState.randomStr" verification-type="forgotPassword" />
+            <email-code v-model:value="formState.validateCode" :captcha="formState.captchaForEmail" :email="formState.input" :random-str="formState.randomStr" verification-type="forgotPassword" />
          </a-form-item>
        </a-tab-pane>
        <a-tab-pane key="mobile" tab="手机号找回">
@@ -32,23 +35,15 @@
              </template>
            </a-input>
          </a-form-item>
+          <a-form-item has-feedback name="captchaForSms" label="验证码">
+            <CaptchaInput v-model:model-value="formState.captchaForSms"></CaptchaInput>
+          </a-form-item>
          <a-form-item name="validateCode" label="手机验证码">
-            <sms-code
-              v-model:value="formState.validateCode"
-              :img-code="formState.imgCode"
-              :mobile="formState.input"
-              :phone-code="formState.phoneCode"
-              :random-str="formState.randomStr"
-              verification-type="forgotPassword"
-            />
+            <sms-code v-model:value="formState.validateCode" :captcha="formState.captchaForSms" :mobile="formState.input" :phone-code="formState.phoneCode" verification-type="forgotPassword" />
          </a-form-item>
        </a-tab-pane>
      </a-tabs>

-      <a-form-item has-feedback name="imgCode" label="图片验证码">
-        <image-code ref="imageCodeRef" v-model:value="formState.imgCode" v-model:random-str="formState.randomStr"></image-code>
-      </a-form-item>
-
      <a-form-item has-feedback name="password" label="新密码">
        <a-input-password v-model:value="formState.password" placeholder="新密码" size="large" autocomplete="off">
          <template #prefix>
@@ -66,8 +61,10 @@
      <a-form-item>
        <a-button type="primary" size="large" html-type="submit" class="submit-button"> 找回密码</a-button>

-        <div v-comm="false" class="mt-2">
-          <a href="https://certd.docmirror.cn/guide/use/forgotpasswd/" target="_blank"> 管理员无绑定通信方式或MFA丢失找回 </a>
+        <div class="mt-2 flex-between">
+          <a v-comm="false" href="https://certd.docmirror.cn/guide/use/forgotpasswd/" target="_blank"> 管理员无绑定通信方式或MFA丢失找回 </a>
+
+          <router-link :to="{ name: 'login' }"> 返回登录 </router-link>
        </div>
      </a-form-item>
    </a-form>
@@ -82,6 +79,7 @@ import SmsCode from "/@/views/framework/login/sms-code.vue";
 import { utils } from "@fast-crud/fast-crud";
 import { useUserStore } from "/@/store/user";
 import { useSettingStore } from "/@/store/settings";
+import CaptchaInput from "/@/components/captcha/captcha-input.vue";
 defineOptions({
  name: "ForgotPasswordPage",
 });
@@ -89,7 +87,8 @@ defineOptions({
 const rules = {
  input: [{ required: true }],
  validateCode: [{ required: true }],
-  imgCode: [{ required: true }, { min: 4, max: 4, message: "请输入4位图片验证码" }],
+  captchaForEmail: [{ required: true }],
+  captchaForSms: [{ required: true }],
  password: [
    { required: true, trigger: "change", message: "请输入密码" },
    { min: 6, message: "至少输入6位密码" },
@@ -119,15 +118,13 @@ const forgotPasswordType = ref();
 const userStore = useUserStore();
 const settingStore = useSettingStore();
 const formRef = ref();
-const imageCodeRef = ref();

 const formState: any = reactive({
  input: "",
-  randomStr: "",
-  imgCode: "",
+  captchaForSms: null,
+  captchaForEmail: null,
  phoneCode: "86",
  validateCode: "",
-
  password: "",
  confirmPassword: "",
 });
@@ -141,7 +138,6 @@ onMounted(() => {
 watch(forgotPasswordType, () => {
  formState.input = "";
  formState.validateCode = "";
-  imageCodeRef.value.resetImageCode();
  formRef.value.clearValidate(Object.keys(formState).filter(key => !["password", "confirmPassword"].includes(key)));
 });

@@ -150,8 +146,6 @@ const handleFinish = async (values: any) => {
    toRaw({
      type: forgotPasswordType.value,
      input: formState.input,
-      randomStr: formState.randomStr,
-      imgCode: formState.imgCode,
      validateCode: formState.validateCode,
      password: formState.password,
      confirmPassword: formState.confirmPassword,
--- a/packages/ui/certd-client/src/views/framework/home/dashboard/suite-card.vue
+++ b/packages/ui/certd-client/src/views/framework/home/dashboard/suite-card.vue
@@ -3,7 +3,16 @@
    <div class="flex-o flex-wrap">
      <a-popover>
        <template #content>
-          <div>
+          <div style="width: 300px">
+            <div v-if="detail.addonList.length > 0" class="flex flex-wrap">
+              <a-tag v-for="(item, index) of detail.addonList" :key="index" color="green" class="pointer flex-o m-1">
+                <span class="mr-5">
+                  {{ item.title }}
+                </span>
+                <span>(<expires-time-text :value="item.expiresTime" />)</span>
+              </a-tag>
+              <a-divider class="m-5" />
+            </div>
            <div class="flex-between mt-5">
              <div class="flex-o"><fs-icon icon="ant-design:check-outlined" class="color-green mr-5" /> 流水线条数：</div>
              <suite-value :model-value="detail.pipelineCount.max" :used="detail.pipelineCount.used" unit="条" />
@@ -30,12 +39,13 @@
        </template>
        <div class="flex-o">
          <fs-icon icon="ant-design:gift-outlined" class="color-green mr-5" />
-          <a-tag v-for="(item, index) of detail.suites" :key="index" color="green" class="pointer flex-o">
+          <a-tag v-for="(item, index) of detail.suiteList" :key="index" color="green" class="pointer flex-o">
            <span class="mr-5">
              {{ item.title }}
            </span>
            <span>(<expires-time-text :value="item.expiresTime" />)</span>
          </a-tag>
+          <a-tag v-if="detail.addonList.length > 0" color="green" class="pointer flex-o">加量包+{{ detail.addonList.length }}</a-tag>
          <div v-if="detail.suites?.length === 0" class="flex-o ml-5">暂无套餐 <a-button class="ml-5" type="primary" size="small" @click="goBuy">去购买</a-button></div>
        </div>
      </a-popover>
@@ -59,6 +69,10 @@ const detail = ref<SuiteDetail>({});

 async function loadSuiteDetail() {
  detail.value = await mySuiteApi.SuiteDetailGet();
+  const suites = detail.value.suites.filter(item => item.productType === "suite");
+  const addons = detail.value.suites.filter(item => item.productType === "addon");
+  detail.value.suiteList = suites;
+  detail.value.addonList = addons;
 }

 loadSuiteDetail();
--- a/packages/ui/certd-client/src/views/framework/login/image-code.vue
+++ b/packages/ui/certd-client/src/views/framework/login/image-code.vue
@@ -1,41 +0,0 @@
-<template>
-  <div class="flex">
-    <a-input :value="value" placeholder="请输入图片验证码" autocomplete="off" @update:value="onChange">
-      <template #prefix>
-        <fs-icon icon="ion:image-outline"></fs-icon>
-      </template>
-    </a-input>
-    <div class="input-right pointer" title="点击刷新">
-      <img class="image-code" :src="imageCodeUrl" @click="resetImageCode" />
-    </div>
-  </div>
-</template>
-<script setup lang="ts">
-import { ref, useAttrs, defineExpose } from "vue";
-import { nanoid } from "nanoid";
-
-const props = defineProps<{
-  randomStr?: string;
-  value?: string;
-}>();
-const emit = defineEmits(["update:value", "update:randomStr", "change"]);
-
-function onChange(value: string) {
-  emit("update:value", value);
-  emit("change", value);
-}
-
-const imageCodeUrl = ref();
-function resetImageCode() {
-  const randomStr = nanoid(10);
-  let url = "api/basic/code/captcha";
-  imageCodeUrl.value = url + "?randomStr=" + randomStr;
-  emit("update:randomStr", randomStr);
-}
-
-defineExpose({
-  resetImageCode,
-})
-
-resetImageCode();
-</script>
--- a/packages/ui/certd-client/src/views/framework/login/index.vue
+++ b/packages/ui/certd-client/src/views/framework/login/index.vue
@@ -20,6 +20,10 @@
                </template>
              </a-input-password>
            </a-form-item>
+
+            <a-form-item v-if="settingStore.sysPublic.captchaEnabled" has-feedback required name="captcha" :rules="rules.captcha">
+              <CaptchaInput v-model:model-value="formState.captcha"></CaptchaInput>
+            </a-form-item>
          </template>
        </a-tab-pane>
        <a-tab-pane v-if="sysPublicSettings.smsLoginEnabled === true" key="sms" :tab="t('authentication.smsTab')">
@@ -32,12 +36,12 @@
              </a-input>
            </a-form-item>

-            <a-form-item has-feedback name="imgCode">
-              <image-code v-model:value="formState.imgCode" v-model:random-str="formState.randomStr"></image-code>
+            <a-form-item has-feedback name="smsCaptcha">
+              <CaptchaInput v-model:model-value="formState.smsCaptcha"></CaptchaInput>
            </a-form-item>

            <a-form-item name="smsCode" :rules="rules.smsCode">
-              <sms-code v-model:value="formState.smsCode" :img-code="formState.imgCode" :mobile="formState.mobile" :phone-code="formState.phoneCode" :random-str="formState.randomStr" />
+              <sms-code v-model:value="formState.smsCode" :captcha="formState.smsCaptcha" :mobile="formState.mobile" :phone-code="formState.phoneCode" />
            </a-form-item>
          </template>
        </a-tab-pane>
@@ -87,14 +91,13 @@ import { defineComponent, nextTick, reactive, ref, toRaw } from "vue";
 import { useUserStore } from "/src/store/user";
 import { useSettingStore } from "/@/store/settings";
 import { utils } from "@fast-crud/fast-crud";
-import ImageCode from "/@/views/framework/login/image-code.vue";
 import SmsCode from "/@/views/framework/login/sms-code.vue";
 import { useI18n } from "/@/locales";
 import { LanguageToggle } from "/@/vben/layouts";
-
+import CaptchaInput from "/@/components/captcha/captcha-input.vue";
 export default defineComponent({
  name: "LoginPage",
-  components: { LanguageToggle, SmsCode, ImageCode },
+  components: { LanguageToggle, SmsCode, CaptchaInput },
  setup() {
    const { t } = useI18n();
    const verifyCodeInputRef = ref();
@@ -108,9 +111,9 @@ export default defineComponent({
      mobile: "",
      password: "",
      loginType: "password", //password
-      imgCode: "",
      smsCode: "",
-      randomStr: "",
+      captcha: null,
+      smsCaptcha: null,
    });

    const rules = {
@@ -138,6 +141,12 @@ export default defineComponent({
          message: "请输入短信验证码",
        },
      ],
+      captcha: [
+        {
+          required: true,
+          message: "请进行验证码验证",
+        },
+      ],
    };
    const layout = {
      labelCol: {
@@ -160,6 +169,10 @@ export default defineComponent({
    const handleFinish = async (values: any) => {
      loading.value = true;
      try {
+        // formState.captcha = await doCaptchaValidate();
+        // if (!formState.captcha) {
+        //   return;
+        // }
        const loginType = formState.loginType;
        await userStore.login(loginType, toRaw(formState));
      } catch (e: any) {
@@ -194,6 +207,21 @@ export default defineComponent({
      return sysPublicSettings.registerEnabled && (sysPublicSettings.usernameRegisterEnabled || sysPublicSettings.emailRegisterEnabled);
    }

+    const captchaInputRef = ref();
+    const captchaInputForSmsCode = ref();
+    async function doCaptchaValidate() {
+      if (!sysPublicSettings.captchaEnabled) {
+        return {};
+      }
+      const res = await captchaInputRef.value.getValidatedForm();
+      if (!res) {
+        return false;
+      }
+      return {
+        ...res,
+      };
+    }
+
    return {
      t,
      loading,
@@ -211,6 +239,8 @@ export default defineComponent({
      handleTwoFactorSubmit,
      verifyCodeInputRef,
      settingStore,
+      captchaInputRef,
+      captchaInputForSmsCode,
    };
  },
 });
--- a/packages/ui/certd-client/src/views/framework/login/sms-code.vue
+++ b/packages/ui/certd-client/src/views/framework/login/sms-code.vue
@@ -5,7 +5,7 @@
        <fs-icon icon="ion:mail-outline"></fs-icon>
      </template>
    </a-input>
-    <div class="input-right">
+    <div class="input-right ml-5">
      <a-button class="getCaptcha" type="primary" tabindex="-1" :disabled="smsSendBtnDisabled" @click="sendSmsCode">
        {{ smsTime <= 0 ? "发送" : smsTime + " s" }}
      </a-button>
@@ -21,8 +21,7 @@ const props = defineProps<{
  value?: string;
  mobile?: string;
  phoneCode?: string;
-  imgCode?: string;
-  randomStr?: string;
+  captcha?: any;
  verificationType?: string;
 }>();
 const emit = defineEmits(["update:value", "change"]);
@@ -48,8 +47,8 @@ async function sendSmsCode() {
    notification.error({ message: "请输入手机号" });
    return;
  }
-  if (!props.imgCode) {
-    notification.error({ message: "请输入图片验证码" });
+  if (!props.captcha) {
+    notification.error({ message: "请输入验证码" });
    return;
  }
  loading.value = true;
@@ -57,8 +56,7 @@ async function sendSmsCode() {
    await api.sendSmsCode({
      phoneCode: props.phoneCode,
      mobile: props.mobile,
-      imgCode: props.imgCode,
-      randomStr: props.randomStr,
+      captcha: props.captcha,
      verificationType: props.verificationType,
    });
  } finally {
--- a/packages/ui/certd-client/src/views/framework/register/email-code.vue
+++ b/packages/ui/certd-client/src/views/framework/register/email-code.vue
@@ -5,7 +5,7 @@
        <fs-icon icon="ion:mail-outline"></fs-icon>
      </template>
    </a-input>
-    <div class="input-right">
+    <div class="input-right ml-5">
      <a-button class="getCaptcha" type="primary" tabindex="-1" :disabled="smsSendBtnDisabled" @click="sendSmsCode">
        {{ smsTime <= 0 ? "发送" : smsTime + " s" }}
      </a-button>
@@ -20,8 +20,7 @@ import * as api from "/@/store/settings/api.basic";
 const props = defineProps<{
  value?: string;
  email?: string;
-  imgCode?: string;
-  randomStr?: string;
+  captcha?: any;
  verificationType?: string;
 }>();
 const emit = defineEmits(["update:value", "change"]);
@@ -44,16 +43,15 @@ async function sendSmsCode() {
    notification.error({ message: "请输入邮箱" });
    return;
  }
-  if (!props.imgCode) {
-    notification.error({ message: "请输入图片验证码" });
+  if (!props.captcha) {
+    notification.error({ message: "请输入验证码" });
    return;
  }
  loading.value = true;
  try {
    await api.sendEmailCode({
      email: props.email,
-      imgCode: props.imgCode,
-      randomStr: props.randomStr,
+      captcha: props.captcha,
      verificationType: props.verificationType,
    });
  } finally {
--- a/packages/ui/certd-client/src/views/framework/register/index.vue
+++ b/packages/ui/certd-client/src/views/framework/register/index.vue
@@ -25,8 +25,8 @@
                </template>
              </a-input-password>
            </a-form-item>
-            <a-form-item has-feedback name="imgCode" label="图片验证码" :rules="rules.imgCode">
-              <image-code v-model:value="formState.imgCode" v-model:random-str="formState.randomStr"></image-code>
+            <a-form-item has-feedback name="captcha" label="验证码" :rules="rules.captcha">
+              <CaptchaInput v-model:model-value="formState.captcha"></CaptchaInput>
            </a-form-item>
          </template>
        </a-tab-pane>
@@ -61,12 +61,12 @@
              </a-input-password>
            </a-form-item>

-            <a-form-item has-feedback name="imgCode" label="图片验证码" :rules="rules.imgCode">
-              <image-code v-model:value="formState.imgCode" v-model:random-str="formState.randomStr"></image-code>
+            <a-form-item has-feedback name="imgCode" label="验证码" :rules="rules.imgCode">
+              <CaptchaInput v-model:model-value="formState.captchaForEmail"></CaptchaInput>
            </a-form-item>

            <a-form-item has-feedback name="validateCode" :rules="rules.validateCode" label="邮件验证码">
-              <email-code v-model:value="formState.validateCode" :img-code="formState.imgCode" :email="formState.email" :random-str="formState.randomStr" />
+              <email-code v-model:value="formState.validateCode" :captcha="formState.captchaForEmail" :email="formState.email" />
            </a-form-item>
          </template>
        </a-tab-pane>
@@ -86,13 +86,13 @@
 import { defineComponent, reactive, ref, toRaw } from "vue";
 import { useUserStore } from "/src/store/user";
 import { utils } from "@fast-crud/fast-crud";
-import ImageCode from "/@/views/framework/login/image-code.vue";
 import EmailCode from "./email-code.vue";
 import { useSettingStore } from "/@/store/settings";
 import { notification } from "ant-design-vue";
+import CaptchaInput from "/@/components/captcha/captcha-input.vue";
 export default defineComponent({
  name: "RegisterPage",
-  components: { EmailCode, ImageCode },
+  components: { CaptchaInput, EmailCode },
  setup() {
    const settingsStore = useSettingStore();
    const registerType = ref("email");
@@ -114,7 +114,7 @@ export default defineComponent({
      username: "",
      password: "",
      confirmPassword: "",
-      randomStr: "",
+      captcha: null,
    });

    const rules = {
@@ -159,17 +159,6 @@ export default defineComponent({
        },
      ],

-      imgCode: [
-        {
-          required: true,
-          message: "请输入图片验证码",
-        },
-        {
-          min: 4,
-          max: 4,
-          message: "请输入4位图片验证码",
-        },
-      ],
      smsCode: [
        {
          required: true,
@@ -198,9 +187,8 @@ export default defineComponent({
          type: registerType.value,
          password: formState.password,
          username: formState.username,
-          imgCode: formState.imgCode,
-          randomStr: formState.randomStr,
          email: formState.email,
+          captcha: formState.captcha,
          validateCode: formState.validateCode,
        }) as any
      );
@@ -214,16 +202,7 @@ export default defineComponent({
      formRef.value.resetFields();
    };

-    const imageCodeUrl = ref();
-    function resetImageCode() {
-      let url = "/basic/code";
-      imageCodeUrl.value = url + "?t=" + new Date().getTime();
-    }
-    resetImageCode();
-
    return {
-      resetImageCode,
-      imageCodeUrl,
      formState,
      formRef,
      rules,
--- a/packages/ui/certd-client/src/views/sys/settings/index.vue
+++ b/packages/ui/certd-client/src/views/sys/settings/index.vue
@@ -5,17 +5,17 @@
    <!--    </template>-->
    <div class="sys-settings-body md:p-5">
      <a-tabs :active-key="activeKey" type="card" class="sys-settings-tabs" @update:active-key="onChange">
-        <a-tab-pane key="base" tab="基本设置">
+        <a-tab-pane key="base" :tab="t('certd.sys.setting.baseSetting')">
          <SettingBase v-if="activeKey === 'base'" />
        </a-tab-pane>
-        <a-tab-pane key="register" tab="注册设置">
+        <a-tab-pane key="register" :tab="t('certd.sys.setting.registerSetting')">
          <SettingRegister v-if="activeKey === 'register'" />
        </a-tab-pane>
-        <a-tab-pane v-if="settingsStore.isComm" key="payment" tab="支付设置">
+        <a-tab-pane v-if="settingsStore.isComm" key="payment" :tab="t('certd.sys.setting.paymentSetting')">
          <SettingPayment v-if="activeKey === 'payment'" />
        </a-tab-pane>
-        <a-tab-pane key="save" tab="安全设置">
-          <SettingSafe v-if="activeKey === 'save'" />
+        <a-tab-pane key="safe" :tab="t('certd.sys.setting.safeSetting')">
+          <SettingSafe v-if="activeKey === 'safe'" />
        </a-tab-pane>
      </a-tabs>
    </div>
@@ -30,9 +30,11 @@ import SettingSafe from "/@/views/sys/settings/tabs/safe.vue";
 import { useRoute, useRouter } from "vue-router";
 import { ref } from "vue";
 import { useSettingStore } from "/@/store/settings";
+import { useI18n } from "/@/locales";
 defineOptions({
  name: "SysSettings",
 });
+const { t } = useI18n();
 const settingsStore = useSettingStore();
 const activeKey = ref("base");
 const route = useRoute();
--- a/packages/ui/certd-client/src/views/sys/settings/tabs/base.vue
+++ b/packages/ui/certd-client/src/views/sys/settings/tabs/base.vue
@@ -47,6 +47,18 @@
        <div class="helper" v-html="t('certd.commonCnameHelper')"></div>
      </a-form-item>

+      <a-form-item :label="t('certd.sys.setting.captchaEnabled')" :name="['public', 'captchaEnabled']">
+        <a-switch v-model:checked="formState.public.captchaEnabled" />
+        <div class="helper" v-html="t('certd.sys.setting.captchaHelper')"></div>
+      </a-form-item>
+      <a-form-item :label="t('certd.sys.setting.captchaType')" :name="['public', 'captchaAddonId']">
+        <addon-selector v-model:model-value="formState.public.captchaAddonId" addon-type="captcha" from="sys" @selected-change="onAddonChanged" />
+      </a-form-item>
+
+      <a-form-item :name="['public', 'captchaType']" class="hidden">
+        <a-input v-model:model-value="formState.public.captchaType"></a-input>
+      </a-form-item>
+
      <a-form-item label=" " :colon="false" :wrapper-col="{ span: 8 }">
        <a-button :loading="saveLoading" type="primary" html-type="submit">{{ t("certd.saveButton") }}</a-button>
      </a-form-item>
@@ -63,7 +75,7 @@ import { useSettingStore } from "/@/store/settings";
 import { notification } from "ant-design-vue";
 import { util } from "/@/utils";
 import { useI18n } from "/src/locales";
-
+import AddonSelector from "../../../certd/addon/addon-selector/index.vue";
 const { t } = useI18n();

 defineOptions({
@@ -115,6 +127,10 @@ async function stopOtherUserTimer() {
  });
 }

+function onAddonChanged(target: any) {
+  formState.public.captchaType = target.type;
+}
+
 const testProxyLoading = ref(false);
 async function testProxy() {
  testProxyLoading.value = true;
--- a/packages/ui/certd-server/CHANGELOG.md
+++ b/packages/ui/certd-server/CHANGELOG.md
@@ -3,6 +3,20 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.20](https://github.com/certd/certd/compare/v1.36.19...v1.36.20) (2025-09-13)
+
+### Bug Fixes
+
+* 修复证书监控某些情况下报 options.lookup不能为null的bug ([d2ecfe5](https://github.com/certd/certd/commit/d2ecfe5491b2639eb30b5cae293af6062d58bb9f))
+* 修复证书手动托管时新上传的证书无效的bug ([506385e](https://github.com/certd/certd/commit/506385e5a2600887fe30854e0713583caaa2e689))
+
+### Performance Improvements
+
+* 登录支持极验验证码 ([370db62](https://github.com/certd/certd/commit/370db62bf0aece241859244927beabba32d6a257))
+* 登录注册、找回密码都支持极验验证码和图片验证码 ([7bdde68](https://github.com/certd/certd/commit/7bdde68ecea29fe2c570fd3cb082139db6c93d93))
+* 证书到期剩余天数进度条根据实际证书有效期计算 ([#528](https://github.com/certd/certd/issues/528)) nicheng-he ([2d4586b](https://github.com/certd/certd/commit/2d4586b1c42c39f97d2a95b9453cca4bc8bfbe61))
+* add preferred chain option ([#519](https://github.com/certd/certd/issues/519))  @ZeroClover  ([902359f](https://github.com/certd/certd/commit/902359f24ed12eee4f9b65178f1d6a60378351d2))
+
 ## [1.36.19](https://github.com/certd/certd/compare/v1.36.18...v1.36.19) (2025-09-05)

 ### Bug Fixes
--- a/packages/ui/certd-server/db/migration-mysql/v10029__cert_effective_time.sql
+++ b/packages/ui/certd-server/db/migration-mysql/v10029__cert_effective_time.sql
@@ -0,0 +1,2 @@
+ALTER TABLE cd_cert_info ADD COLUMN effective_time bigint;
+ALTER TABLE cd_site_info ADD COLUMN cert_effective_time bigint;
--- a/packages/ui/certd-server/db/migration-mysql/v10030__addon.sql
+++ b/packages/ui/certd-server/db/migration-mysql/v10030__addon.sql
@@ -0,0 +1,13 @@
+
+CREATE TABLE `cd_addon` (
+  `id` bigint PRIMARY KEY AUTO_INCREMENT NOT NULL,
+  `user_id` bigint NOT NULL,
+  `name` varchar(100) NOT NULL,
+  `type` varchar(100) NOT NULL,
+  `addon_type` varchar(100) NOT NULL,
+  `is_default` boolean NOT NULL DEFAULT false,
+  `is_system` boolean NOT NULL DEFAULT false,
+  `setting` longtext,
+  `create_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `update_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
--- a/packages/ui/certd-server/db/migration-pg/v10029__cert_effective_time.sql
+++ b/packages/ui/certd-server/db/migration-pg/v10029__cert_effective_time.sql
@@ -0,0 +1,2 @@
+ALTER TABLE cd_cert_info ADD COLUMN effective_time bigint;
+ALTER TABLE cd_site_info ADD COLUMN cert_effective_time bigint;
--- a/packages/ui/certd-server/db/migration-pg/v10030__addon.sql
+++ b/packages/ui/certd-server/db/migration-pg/v10030__addon.sql
@@ -0,0 +1,13 @@
+
+CREATE TABLE "cd_addon" (
+  "id" bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL,
+  "user_id" bigint NOT NULL,
+  "name" varchar(100) NOT NULL,
+  "type" varchar(100) NOT NULL,
+  "addon_type" varchar(100) NOT NULL,
+  "is_default" boolean NOT NULL DEFAULT (false),
+  "is_system" boolean NOT NULL DEFAULT (false),
+  "setting" text,
+  "create_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP),
+  "update_time" timestamp NOT NULL DEFAULT (CURRENT_TIMESTAMP)
+);
--- a/packages/ui/certd-server/db/migration/v10029__cert_effective_time.sql
+++ b/packages/ui/certd-server/db/migration/v10029__cert_effective_time.sql
@@ -0,0 +1,2 @@
+ALTER TABLE cd_cert_info ADD COLUMN effective_time INTEGER;
+ALTER TABLE cd_site_info ADD COLUMN cert_effective_time INTEGER;
--- a/packages/ui/certd-server/db/migration/v10030__addon.sql
+++ b/packages/ui/certd-server/db/migration/v10030__addon.sql
@@ -0,0 +1,13 @@
+
+CREATE TABLE "cd_addon" (
+  "id" integer PRIMARY KEY AUTOINCREMENT NOT NULL,
+  "user_id" integer NOT NULL,
+  "name" varchar(100) NOT NULL,
+  "type" varchar(100) NOT NULL,
+  "addon_type" varchar(100) NOT NULL,
+  "is_default" boolean NOT NULL DEFAULT (false),
+  "is_system" boolean NOT NULL DEFAULT (false),
+  "setting" text,
+  "create_time" datetime NOT NULL DEFAULT (CURRENT_TIMESTAMP),
+  "update_time" datetime NOT NULL DEFAULT (CURRENT_TIMESTAMP)
+);
--- a/packages/ui/certd-server/db/transform.js
+++ b/packages/ui/certd-server/db/transform.js
@@ -39,6 +39,7 @@ function transformPG() {
    pgSql = pgSql.replaceAll(/boolean DEFAULT \(0\)/g, 'boolean DEFAULT (false)');
    pgSql = pgSql.replaceAll(/boolean.*NOT NULL DEFAULT \(0\)/g, 'boolean NOT NULL DEFAULT (false)');
    pgSql = pgSql.replaceAll(/integer/g, 'bigint');
+    pgSql = pgSql.replaceAll(/INTEGER/g, 'bigint');
    pgSql = pgSql.replaceAll(/last_insert_rowid\(\)/g, 'LASTVAL()');
    fs.writeFileSync(`./migration-pg/${notFile}`, pgSql);
  }
@@ -66,6 +67,7 @@ function transformMysql() {
    //DEFAULT (xxx) 替换成 DEFAULT xxx
    pgSql = pgSql.replaceAll(/DEFAULT \(([^)]*)\)/g, 'DEFAULT $1');
    pgSql = pgSql.replaceAll(/integer/g, 'bigint');
+    pgSql = pgSql.replaceAll(/INTEGER/g, 'bigint');
    pgSql = pgSql.replaceAll(/last_insert_rowid\(\)/g, 'LAST_INSERT_ID()');
    //text 改成longtext
    pgSql = pgSql.replaceAll(/text/g, 'longtext');
--- a/packages/ui/certd-server/package.json
+++ b/packages/ui/certd-server/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-server",
-  "version": "1.36.19",
+  "version": "1.36.20",
  "description": "fast-server base midway",
  "private": true,
  "type": "module",
@@ -43,20 +43,20 @@
    "@aws-sdk/client-cloudfront": "^3.699.0",
    "@aws-sdk/client-iam": "^3.699.0",
    "@aws-sdk/client-s3": "^3.705.0",
-    "@certd/acme-client": "^1.36.19",
-    "@certd/basic": "^1.36.19",
-    "@certd/commercial-core": "^1.36.19",
+    "@certd/acme-client": "^1.36.20",
+    "@certd/basic": "^1.36.20",
+    "@certd/commercial-core": "^1.36.20",
    "@certd/cv4pve-api-javascript": "^8.4.2",
-    "@certd/jdcloud": "^1.36.19",
-    "@certd/lib-huawei": "^1.36.19",
-    "@certd/lib-k8s": "^1.36.19",
-    "@certd/lib-server": "^1.36.19",
-    "@certd/midway-flyway-js": "^1.36.19",
-    "@certd/pipeline": "^1.36.19",
-    "@certd/plugin-cert": "^1.36.19",
-    "@certd/plugin-lib": "^1.36.19",
-    "@certd/plugin-plus": "^1.36.19",
-    "@certd/plus-core": "^1.36.19",
+    "@certd/jdcloud": "^1.36.20",
+    "@certd/lib-huawei": "^1.36.20",
+    "@certd/lib-k8s": "^1.36.20",
+    "@certd/lib-server": "^1.36.20",
+    "@certd/midway-flyway-js": "^1.36.20",
+    "@certd/pipeline": "^1.36.20",
+    "@certd/plugin-cert": "^1.36.20",
+    "@certd/plugin-lib": "^1.36.20",
+    "@certd/plugin-plus": "^1.36.20",
+    "@certd/plus-core": "^1.36.20",
    "@huaweicloud/huaweicloud-sdk-cdn": "^3.1.120",
    "@huaweicloud/huaweicloud-sdk-core": "^3.1.120",
    "@koa/cors": "^5.0.0",
--- a/packages/ui/certd-server/src/controller/basic/code-controller.ts
+++ b/packages/ui/certd-server/src/controller/basic/code-controller.ts
@@ -1,8 +1,9 @@
-import { Rule, RuleType } from '@midwayjs/validate';
-import { ALL, Body, Controller, Get, Inject, Post, Provide, Query } from '@midwayjs/core';
-import { BaseController, Constants } from '@certd/lib-server';
-import { CodeService } from '../../modules/basic/service/code-service.js';
-import { EmailService } from '../../modules/basic/service/email-service.js';
+import { Rule, RuleType } from "@midwayjs/validate";
+import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
+import { BaseController, Constants, SysSettingsService } from "@certd/lib-server";
+import { CodeService } from "../../modules/basic/service/code-service.js";
+import { EmailService } from "../../modules/basic/service/email-service.js";
+import { CaptchaService } from "../../modules/basic/service/captcha-service.js";

 export class SmsCodeReq {
  @Rule(RuleType.string().required())
@@ -11,11 +12,8 @@ export class SmsCodeReq {
  @Rule(RuleType.string().required())
  mobile: string;

-  @Rule(RuleType.string().required().max(10))
-  randomStr: string;
-
-  @Rule(RuleType.string().required().max(4))
-  imgCode: string;
+  @Rule(RuleType.required())
+  captcha: any;

  @Rule(RuleType.string())
  verificationType: string;
@@ -25,11 +23,8 @@ export class EmailCodeReq {
  @Rule(RuleType.string().required())
  email: string;

-  @Rule(RuleType.string().required().max(10))
-  randomStr: string;
-
-  @Rule(RuleType.string().required().max(4))
-  imgCode: string;
+  @Rule(RuleType.required())
+  captcha: any;

  @Rule(RuleType.string())
  verificationType: string;
@@ -48,6 +43,17 @@ export class BasicController extends BaseController {

  @Inject()
  emailService: EmailService;
+  @Inject()
+  sysSettingsService: SysSettingsService;
+
+  @Inject()
+  captchaService: CaptchaService;
+
+  @Post('/captcha/get', { summary: Constants.per.guest })
+  async getCaptcha(@Query("captchaAddonId") captchaAddonId:number) {
+      const form = await this.captchaService.getCaptcha(captchaAddonId)
+      return this.ok(form);
+  }

  @Post('/sendSmsCode', { summary: Constants.per.guest })
  public async sendSmsCode(
@@ -64,8 +70,8 @@ export class BasicController extends BaseController {
      // opts.verificationCodeLength = 6; //部分厂商这里会设置参数长度这里就不改了
    }

-    await this.codeService.checkCaptcha(body.randomStr, body.imgCode);
-    await this.codeService.sendSmsCode(body.phoneCode, body.mobile, body.randomStr, opts);
+    await this.codeService.checkCaptcha(body.captcha);
+    await this.codeService.sendSmsCode(body.phoneCode, body.mobile, opts);
    return this.ok(null);
  }

@@ -88,16 +94,10 @@ export class BasicController extends BaseController {
      opts.verificationCodeLength = 6;
    }

-    await this.codeService.checkCaptcha(body.randomStr, body.imgCode);
-    await this.codeService.sendEmailCode(body.email, body.randomStr, opts);
+    await this.codeService.checkCaptcha(body.captcha);
+    await this.codeService.sendEmailCode(body.email, opts);
    // 设置缓存内容
    return this.ok(null);
  }

-  @Get('/captcha', { summary: Constants.per.guest })
-  public async getCaptcha(@Query('randomStr') randomStr: any) {
-    const captcha = await this.codeService.generateCaptcha(randomStr);
-    this.ctx.res.setHeader('Content-Type', 'image/svg+xml');
-    return captcha.data;
-  }
 }
--- a/packages/ui/certd-server/src/controller/sys/addon/addon-controller.ts
+++ b/packages/ui/certd-server/src/controller/sys/addon/addon-controller.ts
@@ -0,0 +1,83 @@
+import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
+import { AddonRequestHandleReq, AddonService, Constants } from "@certd/lib-server";
+import { AddonController } from "../../user/addon/addon-controller.js";
+
+@Provide()
+@Controller('/api/sys/addon')
+export class SysAddonController extends AddonController {
+  @Inject()
+  service2: AddonService;
+
+  getService(): AddonService {
+    return this.service2;
+  }
+
+  getUserId() {
+    // checkComm();
+    return 0;
+  }
+
+  @Post('/page', { summary: 'sys:settings:view' })
+  async page(@Body(ALL) body: any) {
+    return await super.page(body);
+  }
+
+  @Post('/list', { summary: 'sys:settings:view' })
+  async list(@Body(ALL) body: any) {
+    return await super.list(body);
+  }
+
+  @Post('/add', { summary: 'sys:settings:edit' })
+  async add(@Body(ALL) bean: any) {
+    return await super.add(bean);
+  }
+
+  @Post('/update', { summary: 'sys:settings:edit' })
+  async update(@Body(ALL) bean: any) {
+    return await super.update(bean);
+  }
+  @Post('/info', { summary: 'sys:settings:view' })
+  async info(@Query('id') id: number) {
+    return await super.info(id);
+  }
+
+  @Post('/delete', { summary: 'sys:settings:edit' })
+  async delete(@Query('id') id: number) {
+    return await super.delete(id);
+  }
+  @Post('/define', { summary: Constants.per.authOnly })
+  async define(@Query('type') type: string,@Query('addonType') addonType: string) {
+    return await super.define(type,addonType);
+  }
+
+  @Post('/getTypeDict', { summary: Constants.per.authOnly })
+  async getTypeDict(@Query('addonType') addonType: string) {
+    return await super.getTypeDict(addonType);
+  }
+
+  @Post('/simpleInfo', { summary: Constants.per.authOnly })
+  async simpleInfo(@Query('addonType') addonType: string,@Query('id') id: number) {
+    return await super.simpleInfo(addonType,id);
+  }
+
+  @Post('/getDefaultId', { summary: Constants.per.authOnly })
+  async getDefaultId(@Query('addonType') addonType: string) {
+   return await super.getDefaultId(addonType);
+  }
+
+  @Post('/setDefault', { summary: Constants.per.authOnly })
+  async setDefault(@Query('addonType') addonType: string,@Query('id') id: number) {
+    return await super.setDefault(addonType,id);
+  }
+
+
+  @Post('/options', { summary: Constants.per.authOnly })
+  async options(@Query('addonType') addonType: string) {
+    return await super.options(addonType);
+  }
+
+  @Post('/handle', { summary: Constants.per.authOnly })
+  async handle(@Body(ALL) body: AddonRequestHandleReq) {
+   return await super.handle(body);
+  }
+}
--- a/packages/ui/certd-server/src/controller/sys/settings/sys-settings-controller.ts
+++ b/packages/ui/certd-server/src/controller/sys/settings/sys-settings-controller.ts
@@ -1,4 +1,4 @@
-import {ALL, Body, Controller, Inject, Post, Provide, Query} from '@midwayjs/core';
+import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
 import {
  CrudController,
  SysPrivateSettings,
@@ -6,14 +6,14 @@ import {
  SysSafeSetting,
  SysSettingsEntity,
  SysSettingsService
-} from '@certd/lib-server';
-import {cloneDeep, merge} from 'lodash-es';
-import {PipelineService} from '../../../modules/pipeline/service/pipeline-service.js';
-import {UserSettingsService} from '../../../modules/mine/service/user-settings-service.js';
-import {getEmailSettings} from '../../../modules/sys/settings/fix.js';
-import {http, logger, simpleNanoId, utils} from '@certd/basic';
-import {CodeService} from '../../../modules/basic/service/code-service.js';
-import {SmsServiceFactory} from '../../../modules/basic/sms/factory.js';
+} from "@certd/lib-server";
+import { cloneDeep, merge } from "lodash-es";
+import { PipelineService } from "../../../modules/pipeline/service/pipeline-service.js";
+import { UserSettingsService } from "../../../modules/mine/service/user-settings-service.js";
+import { getEmailSettings } from "../../../modules/sys/settings/fix.js";
+import { http, logger, utils } from "@certd/basic";
+import { CodeService } from "../../../modules/basic/service/code-service.js";
+import { SmsServiceFactory } from "../../../modules/basic/sms/factory.js";


 /**
@@ -158,7 +158,7 @@ export class SysSettingsController extends CrudController<SysSettingsService> {

  @Post('/testSms', { summary: 'sys:settings:edit' })
  async testSms(@Body(ALL) body) {
-    await this.codeService.sendSmsCode(body.phoneCode, body.mobile, simpleNanoId());
+    await this.codeService.sendSmsCode(body.phoneCode, body.mobile );
    return this.ok({});
  }

--- a/packages/ui/certd-server/src/controller/user/addon/addon-controller.ts
+++ b/packages/ui/certd-server/src/controller/user/addon/addon-controller.ts
@@ -0,0 +1,199 @@
+import { ALL, Body, Controller, Inject, Post, Provide, Query } from "@midwayjs/core";
+import {
+  AddonDefine,
+  AddonRequestHandleReq,
+  AddonService,
+  Constants,
+  CrudController,
+  newAddon,
+  ValidateException
+} from "@certd/lib-server";
+import { AuthService } from "../../../modules/sys/authority/service/auth-service.js";
+import { checkPlus } from "@certd/plus-core";
+import { http, logger, utils } from "@certd/basic";
+
+/**
+ * Addon
+ */
+@Provide()
+@Controller('/api/addon')
+export class AddonController extends CrudController<AddonService> {
+  @Inject()
+  service: AddonService;
+  @Inject()
+  authService: AuthService;
+
+  getService(): AddonService {
+    return this.service;
+  }
+
+  @Post('/page', { summary: Constants.per.authOnly })
+  async page(@Body(ALL) body) {
+    body.query = body.query ?? {};
+    delete body.query.userId;
+    const buildQuery = qb => {
+      qb.andWhere('user_id = :userId', { userId: this.getUserId() });
+    };
+    const res = await this.service.page({
+      query: body.query,
+      page: body.page,
+      sort: body.sort,
+      buildQuery,
+    });
+    return this.ok(res);
+  }
+
+  @Post('/list', { summary: Constants.per.authOnly })
+  async list(@Body(ALL) body) {
+    body.query = body.query ?? {};
+    body.query.userId = this.getUserId();
+    return super.list(body);
+  }
+
+  @Post('/add', { summary: Constants.per.authOnly })
+  async add(@Body(ALL) bean) {
+    bean.userId = this.getUserId();
+    const type = bean.type;
+    const addonType = bean.addonType;
+    if (! type || !addonType){
+        throw new ValidateException('请选择Addon类型');
+    }
+    const define: AddonDefine = this.service.getDefineByType(type,addonType);
+    if (!define) {
+      throw new ValidateException('Addon类型不存在');
+    }
+    if (define.needPlus) {
+      checkPlus();
+    }
+    return super.add(bean);
+  }
+
+  @Post('/update', { summary: Constants.per.authOnly })
+  async update(@Body(ALL) bean) {
+    await this.service.checkUserId(bean.id, this.getUserId());
+    const old = await this.service.info(bean.id);
+    if (!old) {
+      throw new ValidateException('Addon配置不存在');
+    }
+    if (old.type !== bean.type ) {
+      const addonType = old.type;
+      const type = bean.type;
+      const define: AddonDefine = this.service.getDefineByType(type,addonType);
+      if (!define) {
+        throw new ValidateException('Addon类型不存在');
+      }
+      if (define.needPlus) {
+        checkPlus();
+      }
+    }
+    delete bean.userId;
+    return super.update(bean);
+  }
+  @Post('/info', { summary: Constants.per.authOnly })
+  async info(@Query('id') id: number) {
+    await this.service.checkUserId(id, this.getUserId());
+    return super.info(id);
+  }
+
+  @Post('/delete', { summary: Constants.per.authOnly })
+  async delete(@Query('id') id: number) {
+    await this.service.checkUserId(id, this.getUserId());
+    return super.delete(id);
+  }
+
+  @Post('/define', { summary: Constants.per.authOnly })
+  async define(@Query('type') type: string,@Query('addonType') addonType: string) {
+    const notification = this.service.getDefineByType(type,addonType);
+    return this.ok(notification);
+  }
+
+  @Post('/getTypeDict', { summary: Constants.per.authOnly })
+  async getTypeDict(@Query('addonType') addonType: string) {
+    const list: any = this.service.getDefineList(addonType);
+    let dict = [];
+    for (const item of list) {
+      dict.push({
+        value: item.name,
+        label: item.title,
+        needPlus: item.needPlus ?? false,
+        icon: item.icon,
+      });
+    }
+    dict = dict.sort(a => {
+      return a.needPlus ? 0 : -1;
+    });
+    return this.ok(dict);
+  }
+
+  @Post('/simpleInfo', { summary: Constants.per.authOnly })
+  async simpleInfo(@Query('addonType') addonType: string,@Query('id') id: number) {
+    if (id === 0) {
+      //获取默认
+      const res = await this.service.getDefault(this.getUserId(),addonType);
+      if (!res) {
+        throw new ValidateException('默认Addon配置不存在');
+      }
+      const simple = await this.service.getSimpleInfo(res.id);
+      return this.ok(simple);
+    }
+    await this.authService.checkEntityUserId(this.ctx, this.service, id);
+    const res = await this.service.getSimpleInfo(id);
+    return this.ok(res);
+  }
+
+  @Post('/getDefaultId', { summary: Constants.per.authOnly })
+  async getDefaultId(@Query('addonType') addonType: string) {
+    const res = await this.service.getDefault(this.getUserId(),addonType);
+    return this.ok(res?.id);
+  }
+
+  @Post('/setDefault', { summary: Constants.per.authOnly })
+  async setDefault(@Query('addonType') addonType: string,@Query('id') id: number) {
+    await this.service.checkUserId(id, this.getUserId());
+    const res = await this.service.setDefault(id, this.getUserId(),addonType);
+    return this.ok(res);
+  }
+
+
+  @Post('/options', { summary: Constants.per.authOnly })
+  async options(@Query('addonType') addonType: string) {
+    const res = await this.service.list({
+      query: {
+        userId: this.getUserId(),
+        addonType
+      },
+    });
+    for (const item of res) {
+      delete item.setting;
+    }
+    return this.ok(res);
+  }
+
+
+  @Post('/handle', { summary: Constants.per.authOnly })
+  async handle(@Body(ALL) body: AddonRequestHandleReq) {
+    const userId = this.getUserId();
+    let inputAddon = body.input.addon;
+    if (body.input.id > 0) {
+      const oldEntity = await this.service.info(body.input.id);
+      if (oldEntity) {
+        if (oldEntity.userId !== userId) {
+          throw new Error('addon not found');
+        }
+        // const param: any = {
+        //   type: body.typeName,
+        //   setting: JSON.stringify(body.input.access),
+        // };
+        inputAddon = JSON.parse( oldEntity.setting)
+      }
+    }
+    const ctx = {
+      http: http,
+      logger:logger,
+      utils:utils,
+    }
+    const addon = await newAddon(body.addonType,body.typeName, inputAddon,ctx);
+    const res = await addon.onRequest(body);
+    return this.ok(res);
+  }
+}
--- a/packages/ui/certd-server/src/controller/user/login/forgot-password-controller.ts
+++ b/packages/ui/certd-server/src/controller/user/login/forgot-password-controller.ts
@@ -29,25 +29,23 @@ export class LoginController extends BaseController {
      throw new CommonException('暂未开启自助找回');
    }
    // 找回密码的验证码允许错误次数
-    const errorNum = 5;
+    const maxErrorCount = 5;

    if(body.type === 'email') {
      this.codeService.checkEmailCode({
        verificationType: 'forgotPassword',
        email: body.input,
-        randomStr: body.randomStr,
        validateCode: body.validateCode,
-        errorNum,
+        maxErrorCount: maxErrorCount,
        throwError: true,
      });
    } else if(body.type === 'mobile') {
      await this.codeService.checkSmsCode({
        verificationType: 'forgotPassword',
        mobile: body.input,
-        randomStr: body.randomStr,
        phoneCode: body.phoneCode,
        smsCode: body.validateCode,
-        errorNum,
+        maxErrorCount: maxErrorCount,
        throwError: true,
      });
    } else {
--- a/packages/ui/certd-server/src/controller/user/login/login-controller.ts
+++ b/packages/ui/certd-server/src/controller/user/login/login-controller.ts
@@ -1,8 +1,9 @@
-import { ALL, Body, Controller, Inject, Post, Provide } from '@midwayjs/core';
-import { LoginService } from '../../../modules/login/service/login-service.js';
-import { BaseController, Constants, SysPublicSettings, SysSettingsService } from '@certd/lib-server';
-import { CodeService } from '../../../modules/basic/service/code-service.js';
-import { checkComm } from '@certd/plus-core';
+import { ALL, Body, Controller, Inject, Post, Provide } from "@midwayjs/core";
+import { LoginService } from "../../../modules/login/service/login-service.js";
+import { AddonService, BaseController, Constants, SysPublicSettings, SysSettingsService } from "@certd/lib-server";
+import { CodeService } from "../../../modules/basic/service/code-service.js";
+import { checkComm } from "@certd/plus-core";
+import { CaptchaService } from "../../../modules/basic/service/captcha-service.js";

 /**
 */
@@ -16,13 +17,22 @@ export class LoginController extends BaseController {

  @Inject()
  sysSettingsService: SysSettingsService;
+  @Inject()
+  addonService: AddonService;
+
+  @Inject()
+  captchaService: CaptchaService;

  @Post('/login', { summary: Constants.per.guest })
  public async login(
    @Body(ALL)
-    user: any
+    body: any
  ) {
-    const token = await this.loginService.loginByPassword(user);
+   const settings = await this.sysSettingsService.getPublicSettings()
+    if (settings.captchaEnabled === true) {
+      await this.captchaService.doValidate({form:body.captcha,must:false,captchaAddonId:settings.captchaAddonId})
+    }
+    const token = await this.loginService.loginByPassword(body);
    this.writeTokenCookie(token);
    return this.ok(token);
  }
--- a/packages/ui/certd-server/src/controller/user/login/register-controller.ts
+++ b/packages/ui/certd-server/src/controller/user/login/register-controller.ts
@@ -13,8 +13,7 @@ export type RegisterReq = {
  phoneCode?: string;

  validateCode: string;
-  imgCode: string;
-  randomStr: string;
+  captcha:any;
 };

 /**
@@ -52,7 +51,7 @@ export class RegisterController extends BaseController {
        throw new Error('用户名不能为空');
      }

-      await this.codeService.checkCaptcha(body.randomStr, body.imgCode);
+      await this.codeService.checkCaptcha(body.captcha);
      const newUser = await this.userService.register(body.type, {
        username: body.username,
        password: body.password,
@@ -68,7 +67,6 @@ export class RegisterController extends BaseController {
        mobile: body.mobile,
        phoneCode: body.phoneCode,
        smsCode: body.validateCode,
-        randomStr: body.randomStr,
        throwError: true,
      });
      const newUser = await this.userService.register(body.type, {
@@ -85,7 +83,6 @@ export class RegisterController extends BaseController {
      checkPlus();
      this.codeService.checkEmailCode({
        email: body.email,
-        randomStr: body.randomStr,
        validateCode: body.validateCode,
        throwError: true,
      });
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 :34
 :01
@@ -1 +1 @@
 :30
 :56