Beta

.env.example

@@ -69,15 +69,18 @@ WINRM_RETRY_COUNT=3
 
 # ========== Gateway 配置 ==========
 GATEWAY_ENABLED=False
-GATEWAY_CONTROL_SOCKET=/run/zasca/control.sock
+GATEWAY_CONTROL_SOCKET=/run/2c2a/control.sock
 
 # ========== Beta数据库配置（Beta推送插件） ==========
-# 配置后可将生产数据推送到Beta版本数据库，支持MySQL和PostgreSQL架构
+# 配置后可将生产数据推送到Beta版本数据库，仅支持PostgreSQL架构
 #BETA_DB_NAME=zasca_beta
-#BETA_DB_USER=root
+#BETA_DB_USER=postgres
 #BETA_DB_PASSWORD=your_beta_database_password_here
 #BETA_DB_HOST=127.0.0.1
-#BETA_DB_PORT=3306
+#BETA_DB_PORT=5432
+# Beta环境的SECRET_KEY（用于重加密：生产密钥解密 → Beta密钥加密）
+# 若不配置则直接复制密文，Beta端需使用与生产相同的SECRET_KEY才能解密
+#BETA_SECRET_KEY=
 
 # ========== Bootstrap 认证配置 ==========
 BOOTSTRAP_SHARED_SALT=

LICENSE

@@ -661,12 +661,12 @@ For more information, and how to apply and follow the GNU AGPL, see
 <https://www.gnu.org/licenses/>.
 
 
-                    ZASCA PLUGIN EXCEPTION TO THE
+                    2c2a PLUGIN EXCEPTION TO THE
               GNU AFFERO GENERAL PUBLIC LICENSE VERSION 3
 
   This Plugin Exception ("Exception") is an additional permission under
 Section 7 of the GNU Affero General Public License, Version 3 ("AGPLv3").
-It applies to the software known as ZASCA (the "Program"). This Exception
+It applies to the software known as 2c2a (the "Program"). This Exception
 modifies the AGPLv3 as it applies to the Program by providing an exception
 for qualifying Plugins, as defined below.
 
@@ -876,35 +876,35 @@ the following notices:
         a prominent comment at the beginning of the file containing:
 
           (i)   A statement identifying the work as a Plugin for the
-                ZASCA program;
+                2c2a program;
           (ii)  The Plugin's own license terms; and
           (iii) The following declaration:
 
-            "This is a plugin for the ZASCA program. ZASCA is licensed
+            "This is a plugin for the 2c2a program. 2c2a is licensed
              under the GNU Affero General Public License, Version 3
-             (AGPLv3). This plugin is NOT part of ZASCA and is NOT
-             licensed under the AGPLv3. The AGPLv3 applies to ZASCA
-             itself, not to this plugin. This plugin uses the ZASCA
+             (AGPLv3). This plugin is NOT part of 2c2a and is NOT
+             licensed under the AGPLv3. The AGPLv3 applies to 2c2a
+             itself, not to this plugin. This plugin uses the 2c2a
              Plugin Exception to the AGPLv3 for its interaction with
-             ZASCA."
+             2c2a."
 
     (b) Documentation Notice. Any documentation, README, or
         distribution materials for the Plugin must prominently state:
 
-          (i)   That the work is a Plugin for the ZASCA program;
-          (ii)  That ZASCA is licensed under the AGPLv3;
-          (iii) That the Plugin is NOT part of ZASCA and is NOT
-                subject to the AGPLv3 by virtue of the ZASCA Plugin
+          (i)   That the work is a Plugin for the 2c2a program;
+          (ii)  That 2c2a is licensed under the AGPLv3;
+          (iii) That the Plugin is NOT part of 2c2a and is NOT
+                subject to the AGPLv3 by virtue of the 2c2a Plugin
                 Exception;
           (iv)  The Plugin's own license terms; and
-          (v)   That the AGPLv3 applies to ZASCA itself, not to the
+          (v)   That the AGPLv3 applies to 2c2a itself, not to the
                 Plugin.
 
     (c) Runtime Notice. If the Plugin provides any user-facing
         interface (including but not limited to: web pages, API
         responses, CLI output, or log messages), it must display or
-        include a notice indicating that it is a Plugin for ZASCA and
-        that ZASCA's license (AGPLv3) does not apply to the Plugin.
+        include a notice indicating that it is a Plugin for 2c2a and
+        that 2c2a's license (AGPLv3) does not apply to the Plugin.
 
     (d) Visual Interface Attribution. In addition to the source code
         and documentation notices required by subsections (a) and (b),
@@ -926,7 +926,7 @@ the following notices:
                 HTML source code, comments, or developer tools. The
                 label must include at minimum the Plugin's name and a
                 statement that the content is provided by a third-party
-                Plugin (e.g., "Provided by [Plugin Name] (ZASCA
+                Plugin (e.g., "Provided by [Plugin Name] (2c2a
                 Plugin)").
 
           (ii)  Injected UI Panels and Widgets. Any panel, widget,
@@ -951,14 +951,14 @@ the following notices:
                 mechanism must include a visible notice (such as a
                 footer, header badge, or sidebar indicator) stating
                 that the page is provided by the Plugin and is not part
-                of ZASCA's core interface.
+                of 2c2a's core interface.
 
           (v)   General Principle. The overarching requirement is that
                 no UI content injected by a Plugin may appear to the
-                end user as though it is a native part of the ZASCA
+                end user as though it is a native part of the 2c2a
                 program. The attribution must be sufficient for a
                 typical user to distinguish Plugin-provided UI elements
-                from ZASCA's core interface elements. Minimal or
+                from 2c2a's core interface elements. Minimal or
                 hard-to-notice attributions (such as light-colored
                 small text, hidden metadata, or code comments) do not
                 satisfy this requirement. The attribution must be
@@ -1012,7 +1012,7 @@ the following notices:
 
                     5. SCOPE AND LIMITATIONS
 
-    (a) This Exception applies only to the Program known as ZASCA, as
+    (a) This Exception applies only to the Program known as 2c2a, as
         identified by its copyright holders. It does not apply to any
         other software licensed under the AGPLv3.
 

README.md

@@ -2,7 +2,8 @@
 
 ![2c2a Logo](./docs/images/logo.svg)
 
-<h1>2c2a - Zero Agent Security Control Architecture</h1>
+<h1>2c2a - 
+Cloudy Computer Account Activation Integration Platform</h1>
 
 <p>
   <strong>基于 Django 的企业级 Windows 主机远程管理平台</strong><br>

apps/accounts/captcha_service.py

@@ -1,7 +1,6 @@
 import logging
 from typing import Tuple, Optional
 from django.http import HttpRequest
-from . import geetest_utils, captcha_utils
 
 logger = logging.getLogger(__name__)
 
@@ -22,15 +21,11 @@ def validate_captcha(
     ) -> Tuple[bool, Optional[str]]:
         from apps.dashboard.models import SystemConfig
 
-        provider, _, _ = SystemConfig.get_config().get_captcha_config(scene=scene)
+        provider = SystemConfig.get_config().get_captcha_config(scene=scene)
 
         try:
-            if provider == 'geetest':
-                return CaptchaService._validate_geetest(request)
-            elif provider == 'turnstile':
-                return CaptchaService._validate_turnstile(request)
-            elif provider == 'local':
-                return CaptchaService._validate_local_captcha(request)
+            if provider == 'tianai':
+                return CaptchaService._validate_tianai(request)
             else:
                 logger.debug(f"No captcha validation required for scene '{scene}', provider: {provider}")
                 return True, None
@@ -40,65 +35,23 @@ def validate_captcha(
             return False, e.message
 
     @staticmethod
-    def _validate_geetest(request: HttpRequest) -> Tuple[bool, Optional[str]]:
-        lot_number = request.POST.get('lot_number')
-        captcha_output = request.POST.get('captcha_output')
-        pass_token = request.POST.get('pass_token')
-        gen_time = request.POST.get('gen_time')
-        captcha_id = request.POST.get('captcha_id')
-
-        if not all([lot_number, captcha_output, pass_token, gen_time]):
-            logger.warning(f"Geetest validation failed: missing parameters - lot_number={lot_number}, captcha_output={captcha_output}, pass_token={pass_token}, gen_time={gen_time}")
-            raise CaptchaValidationError('请完成验证码验证')
-
-        ok, resp = geetest_utils.verify_geetest_v4(
-            lot_number, captcha_output, pass_token, gen_time, captcha_id=captcha_id
-        )
-
-        if not ok:
-            logger.warning(f"Geetest validation failed: {resp}")
-            raise CaptchaValidationError('验证码校验失败')
-
-        logger.info("Geetest validation succeeded")
-        return True, None
-
-    @staticmethod
-    def _validate_turnstile(request: HttpRequest) -> Tuple[bool, Optional[str]]:
-        tf_token = request.POST.get('cf-turnstile-response') or request.POST.get('turnstile_token')
-
-        if not tf_token:
-            logger.warning("Turnstile validation failed: missing token")
-            raise CaptchaValidationError('请完成 Turnstile 验证')
+    def _validate_tianai(request: HttpRequest) -> Tuple[bool, Optional[str]]:
+        token = request.POST.get('captcha_token')
 
-        ok, resp = geetest_utils.verify_turnstile(
-            tf_token, remoteip=request.META.get('REMOTE_ADDR')
-        )
-
-        if not ok:
-            logger.warning(f"Turnstile validation failed: {resp}")
-            raise CaptchaValidationError('Turnstile 验证失败')
-
-        logger.info("Turnstile validation succeeded")
-        return True, None
-
-    @staticmethod
-    def _validate_local_captcha(request: HttpRequest) -> Tuple[bool, Optional[str]]:
-        lot_number = request.POST.get('lot_number')
-        captcha_input = request.POST.get('captcha_output')
-
-        if not all([lot_number, captcha_input]):
-            logger.warning(f"Local captcha validation failed: missing parameters - lot_number={lot_number}, captcha_input={captcha_input}")
+        if not token:
+            logger.warning("Tianai captcha validation failed: missing token")
             raise CaptchaValidationError('请完成验证码验证')
 
-        is_valid = captcha_utils.verify_captcha(
-            lot_number, captcha_input, consume=True, check_attempts=True
-        )
+        from django_tianai_captcha.conf import get_captcha_application
+        app = get_captcha_application()
+
+        is_valid = app.secondary_verification(token)
 
         if not is_valid:
-            logger.warning(f"Local captcha validation failed: lot_number={lot_number}")
-            raise CaptchaValidationError('本地验证码校验失败')
+            logger.warning("Tianai captcha secondary verification failed")
+            raise CaptchaValidationError('验证码校验失败')
 
-        logger.info(f"Local captcha validation succeeded: lot_number={lot_number}")
+        logger.info("Tianai captcha validation succeeded")
         return True, None