迁移

2026-05-21 04:27:21 +08:00
parent f9c19463f9
commit fed86c0375
290 changed files with 12010 additions and 26318 deletions
--- a/scripts/account_insights_full_test.py
+++ b/scripts/account_insights_full_test.py
@@ -0,0 +1,749 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""
+============================================================
+闲言APP — 账户洞察全流程接口验证脚本
+创建时间: 2026-05-21
+更新时间: 2026-05-21
+作用: 根据API文档全流程验证接口，列出可洞察问题，
+      分析本地计算是否有误，最后使用注销接口申请注销用户
+运行: python Scripts/account_insights_full_test.py
+============================================================
+"""
+
+import hashlib
+import hmac
+import json
+import base64
+import os
+import time
+import sys
+
+try:
+    import requests
+except ImportError:
+    print("❌ 缺少 requests 库，请安装: pip install requests")
+    sys.exit(1)
+
+BASE = "https://tools.wktyl.com"
+SECRET = "Xy7kP9mL2qR4wS8v"
+TEST_ACCOUNT = "apitest_user"
+TEST_PASSWORD = "123456"
+TEST_EMAIL = "test@example.com"
+
+pass_count = 0
+fail_count = 0
+token = None
+user_id = None
+user_data = None
+
+
+def result(name, ok, detail=""):
+    global pass_count, fail_count
+    icon = "✅" if ok else "❌"
+    status = "PASS" if ok else "FAIL"
+    if ok:
+        pass_count += 1
+    else:
+        fail_count += 1
+    msg = f"{icon} [{status}] {name}"
+    if detail:
+        msg += f" — {detail}"
+    print(msg)
+
+
+def make_receipt(action, payload_str):
+    data = {
+        "action": action,
+        "payload": hashlib.sha256(payload_str.encode()).hexdigest()[:16],
+        "ts": int(time.time()),
+        "nonce": os.urandom(4).hex(),
+    }
+    receipt = base64.b64encode(json.dumps(data, ensure_ascii=False).encode()).decode()
+    sig = hmac.new(SECRET.encode(), receipt.encode(), hashlib.sha256).hexdigest()
+    return {"receipt": receipt, "sig": sig}
+
+
+def api_headers():
+    h = {"Content-Type": "application/x-www-form-urlencoded"}
+    if token:
+        h["token"] = token
+    return h
+
+
+# ============================================================
+# 测试0: 注册测试账号(如不存在)
+# ============================================================
+def test_register():
+    global token, user_id
+    print("\n📝 === 测试0: 注册测试账号 ===")
+    rcpt = make_receipt("register", TEST_EMAIL)
+    try:
+        r = requests.post(f"{BASE}/api/user_security/register", data={
+            "username": TEST_ACCOUNT,
+            "password": TEST_PASSWORD,
+            "email": TEST_EMAIL,
+            "receipt": rcpt["receipt"],
+            "sig": rcpt["sig"],
+        }, timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        if code == 1:
+            data = resp.get("data", {})
+            userinfo = data.get("userinfo", {})
+            user_id = userinfo.get("id")
+            result("注册测试账号", True, f"uid={user_id}")
+        else:
+            msg = resp.get("msg", "")
+            if "已被注册" in msg or "已存在" in msg:
+                result("注册测试账号-已存在", True, f"msg={msg} → 尝试登录")
+            else:
+                result("注册测试账号", False, f"code={code}, msg={msg}")
+    except Exception as e:
+        result("注册测试账号", False, str(e))
+
+
+# ============================================================
+# 测试1: 登录
+# ============================================================
+def test_login():
+    global token, user_id
+    print("\n🔑 === 测试1: 账号密码登录 ===")
+    try:
+        r = requests.post(f"{BASE}/api/user_security/login", data={
+            "account": TEST_ACCOUNT,
+            "password": TEST_PASSWORD,
+            "device_name": "测试脚本",
+            "device_model": "Python Script",
+            "platform": "web",
+            "app_name": "闲言工具箱验证脚本",
+        }, timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        if code == 1:
+            data = resp.get("data", {})
+            userinfo = data.get("userinfo", {})
+            token_val = userinfo.get("token") or resp.headers.get("__token__")
+            user_id = userinfo.get("id")
+            if token_val:
+                token = token_val
+                result("登录获取Token", True, f"uid={user_id}, token={token[:20]}...")
+            else:
+                result("登录获取Token", False, "Token为空，尝试从Header获取")
+                token_val = r.headers.get("__token__")
+                if token_val:
+                    token = token_val
+                    result("从Header获取Token", True, f"token={token[:20]}...")
+                else:
+                    result("获取Token", False, "所有方式均无法获取Token")
+        else:
+            result("登录获取Token", False, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("登录获取Token", False, str(e))
+
+
+# ============================================================
+# 测试2: 获取用户信息
+# ============================================================
+def test_user_info():
+    global user_data
+    print("\n👤 === 测试2: 获取用户信息 (洞察数据源) ===")
+    if not token:
+        result("获取用户信息", False, "无Token，跳过")
+        return
+    try:
+        r = requests.get(f"{BASE}/api/user_center/index", headers=api_headers(), timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        if code == 1:
+            data = resp.get("data", {})
+            user_data = data
+            result("用户信息-基本字段", data.get("id") is not None,
+                   f"id={data.get('id')}, username={data.get('username')}, nickname={data.get('nickname')}")
+
+            extra = data.get("extra", {})
+            sec_q = extra.get("sec_question")
+            result("用户信息-密保问题", sec_q is not None,
+                   f"sec_question={sec_q}")
+
+            verification = extra.get("verification", {})
+            result("用户信息-验证状态", verification is not None,
+                   f"email={verification.get('email')}, mobile={verification.get('mobile')}")
+
+            devices = data.get("devices", [])
+            result("用户信息-设备列表", devices is not None,
+                   f"设备数量: {len(devices) if devices else 0}")
+
+            vip = data.get("vip", {})
+            result("用户信息-VIP信息", vip is not None,
+                   f"is_vip={vip.get('is_vip')}")
+
+            cloud = data.get("cloud_space", {})
+            result("用户信息-云空间", cloud is not None,
+                   f"used={cloud.get('used_human')}, total={cloud.get('total_human')}")
+
+            is_online = data.get("is_online")
+            result("用户信息-在线状态", is_online is not None,
+                   f"is_online={is_online}")
+
+            if devices and len(devices) > 0:
+                d = devices[0]
+                result("设备信息-IP字段", d.get("ip") is not None,
+                       f"ip={d.get('ip')}, ip_city={d.get('ip_city')}")
+                result("设备信息-平台字段", d.get("platform") is not None,
+                       f"platform={d.get('platform')}, model={d.get('device_model')}")
+        else:
+            result("获取用户信息", False, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("获取用户信息", False, str(e))
+
+
+# ============================================================
+# 测试3: 设备列表
+# ============================================================
+def test_device_list():
+    print("\n📱 === 测试3: 设备列表查询 ===")
+    if not token:
+        result("设备列表查询", False, "无Token，跳过")
+        return
+    try:
+        r = requests.post(f"{BASE}/api/user_center/devices", data={"action": "list"},
+                          headers=api_headers(), timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        if code == 1:
+            data = resp.get("data", {})
+            devices = data.get("devices", [])
+            result("设备列表查询", devices is not None,
+                   f"设备数量: {len(devices) if devices else 0}")
+            if devices:
+                for i, d in enumerate(devices):
+                    print(f"    设备{i+1}: {d.get('device_model')} | {d.get('platform')} | "
+                          f"IP:{d.get('ip')} | {d.get('ip_city')} | {d.get('last_active_text')}")
+        else:
+            result("设备列表查询", False, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("设备列表查询", False, str(e))
+
+
+# ============================================================
+# 测试4: 注册设备
+# ============================================================
+def test_register_device():
+    print("\n📲 === 测试4: 注册/更新设备 ===")
+    if not token:
+        result("注册设备", False, "无Token，跳过")
+        return
+    try:
+        r = requests.post(f"{BASE}/api/user_center/registerDevice", data={
+            "device_name": "验证脚本设备",
+            "device_model": "Python Test",
+            "platform": "web",
+            "app_name": "闲言工具箱",
+            "device_id": "test-script-device-001",
+            "ip_city": "测试城市",
+            "ip_range": "192.168.0.0 - 192.168.255.255",
+        }, headers=api_headers(), timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        result("注册设备", code == 1, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("注册设备", False, str(e))
+
+
+# ============================================================
+# 测试5: IP归属地查询
+# ============================================================
+def test_ip_query():
+    print("\n🌐 === 测试5: IP归属地查询 ===")
+    try:
+        r = requests.post(f"{BASE}/api/webapi/ip", timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        if code == 1:
+            data = resp.get("data", {})
+            result("IP归属地查询-本机", data is not None,
+                   f"ip={data.get('domain')}, city={data.get('city')}, fw={data.get('fw')}")
+        else:
+            result("IP归属地查询-本机", False, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("IP归属地查询-本机", False, str(e))
+
+    try:
+        r = requests.post(f"{BASE}/api/webapi/ip", data={"ip": "8.8.8.8"}, timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        if code == 1:
+            data = resp.get("data", {})
+            result("IP归属地查询-指定IP", data is not None,
+                   f"ip={data.get('domain')}, city={data.get('city')}")
+        else:
+            result("IP归属地查询-指定IP", False, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("IP归属地查询-指定IP", False, str(e))
+
+
+# ============================================================
+# 测试6: 密保问题列表
+# ============================================================
+def test_sec_questions():
+    print("\n🔐 === 测试6: 密保问题列表 ===")
+    try:
+        r = requests.get(f"{BASE}/api/user_security/secQuestions", timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        if code == 1:
+            data = resp.get("data", {})
+            questions = data.get("questions", [])
+            result("密保问题列表", len(questions) > 0,
+                   f"问题数量: {len(questions)}")
+            for q in questions:
+                print(f"    {q.get('id')}. {q.get('question')}")
+        else:
+            result("密保问题列表", False, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("密保问题列表", False, str(e))
+
+
+# ============================================================
+# 测试7: 数据面板
+# ============================================================
+def test_dashboard():
+    print("\n📊 === 测试7: 数据面板 ===")
+    if not token:
+        result("数据面板", False, "无Token，跳过")
+        return
+    try:
+        r = requests.get(f"{BASE}/api/user_center/dashboard", headers=api_headers(), timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        if code == 1:
+            data = resp.get("data", {})
+            result("数据面板", data is not None,
+                   f"score={data.get('score')}, signin_days={data.get('signin_days')}, "
+                   f"favorite_count={data.get('favorite_count')}, note_count={data.get('note_count')}")
+        else:
+            result("数据面板", False, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("数据面板", False, str(e))
+
+
+# ============================================================
+# 测试8: 签到
+# ============================================================
+def test_signin():
+    print("\n✅ === 测试8: 每日签到 ===")
+    if not token:
+        result("每日签到", False, "无Token，跳过")
+        return
+    try:
+        r = requests.post(f"{BASE}/api/user_center/signin", headers=api_headers(), timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        result("每日签到", code == 1 or "已签到" in resp.get("msg", ""),
+               f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("每日签到", False, str(e))
+
+
+# ============================================================
+# 测试9: 互动操作
+# ============================================================
+def test_interaction():
+    print("\n🔄 === 测试9: 互动操作 ===")
+    if not token:
+        result("互动操作", False, "无Token，跳过")
+        return
+    try:
+        r = requests.post(f"{BASE}/api/user_center/interaction", data={
+            "action": "view",
+            "target_id": 1,
+            "target_type": "poetry",
+        }, headers=api_headers(), timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        result("互动-浏览记录", code == 1, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("互动-浏览记录", False, str(e))
+
+    try:
+        r = requests.post(f"{BASE}/api/user_center/interaction", data={
+            "action": "counts",
+        }, headers=api_headers(), timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        result("互动-统计查询", code == 1, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("互动-统计查询", False, str(e))
+
+
+# ============================================================
+# 测试10: 收藏操作
+# ============================================================
+def test_favorite():
+    print("\n⭐ === 测试10: 收藏操作 ===")
+    if not token:
+        result("收藏操作", False, "无Token，跳过")
+        return
+    try:
+        r = requests.post(f"{BASE}/api/user_center/favorite", data={
+            "action": "count",
+        }, headers=api_headers(), timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        result("收藏统计", code == 1, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("收藏统计", False, str(e))
+
+
+# ============================================================
+# 测试11: 修改个人信息
+# ============================================================
+def test_profile():
+    print("\n📝 === 测试11: 修改个人信息 ===")
+    if not token:
+        result("修改个人信息", False, "无Token，跳过")
+        return
+    try:
+        r = requests.post(f"{BASE}/api/user_center/profile", data={
+            "bio": "API验证脚本测试 - " + time.strftime("%H:%M:%S"),
+        }, headers=api_headers(), timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        result("修改个人信息", code == 1, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("修改个人信息", False, str(e))
+
+
+# ============================================================
+# 测试12: 回执登录
+# ============================================================
+def test_receipt_login():
+    print("\n🔑 === 测试12: 回执登录 ===")
+    try:
+        rcpt = make_receipt("receipt_login", TEST_ACCOUNT)
+        r = requests.post(f"{BASE}/api/user_security/receiptLogin", data={
+            "account": TEST_ACCOUNT,
+            "receipt": rcpt["receipt"],
+            "sig": rcpt["sig"],
+            "platform": "web",
+            "device_name": "回执登录测试",
+        }, timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        result("回执登录", code == 1, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("回执登录", False, str(e))
+
+
+# ============================================================
+# 测试13: Token登录
+# ============================================================
+def test_token_login():
+    print("\n🔑 === 测试13: Token登录 ===")
+    if not token:
+        result("Token登录", False, "无Token，跳过")
+        return
+    try:
+        r = requests.post(f"{BASE}/api/user_security/tokenLogin", data={
+            "token": token,
+        }, timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        result("Token登录", code == 1, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("Token登录", False, str(e))
+
+
+# ============================================================
+# 测试14: 注销状态查询
+# ============================================================
+def test_deletion_status():
+    print("\n🗑️ === 测试14: 注销状态查询 ===")
+    if not token:
+        result("注销状态查询", False, "无Token，跳过")
+        return
+    try:
+        r = requests.get(f"{BASE}/api/user_security/deletionStatus",
+                          headers=api_headers(), timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        if code == 1:
+            data = resp.get("data", {})
+            has_pending = data.get("has_pending", False)
+            result("注销状态查询", True, f"has_pending={has_pending}")
+            if has_pending:
+                print(f"    ⚠️ 已有注销申请: status={data.get('status_text')}, "
+                      f"countdown={data.get('countdown')}")
+        else:
+            result("注销状态查询", False, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("注销状态查询", False, str(e))
+
+
+# ============================================================
+# 测试15: 站点统计 (无需登录)
+# ============================================================
+def test_stats():
+    print("\n📊 === 测试15: 站点统计接口 ===")
+    try:
+        r = requests.get(f"{BASE}/api/webapi/stats_overview", timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        if code == 1:
+            data = resp.get("data", {})
+            user_total = data.get("user", {}).get("total")
+            result("站点统计概览", data is not None,
+                   f"总用户={user_total}")
+        else:
+            result("站点统计概览", False, f"code={code}")
+    except Exception as e:
+        result("站点统计概览", False, str(e))
+
+    try:
+        r = requests.get(f"{BASE}/api/statistics/overview", timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        result("Statistics概览", code == 1, f"code={code}")
+    except Exception as e:
+        result("Statistics概览", False, str(e))
+
+
+# ============================================================
+# 测试16: 运势接口
+# ============================================================
+def test_fortune():
+    print("\n🔮 === 测试16: 每日运势接口 ===")
+    if not user_id:
+        result("每日运势", False, "无用户ID，跳过")
+        return
+    try:
+        r = requests.get(f"{BASE}/api/fortune/daily", params={
+            "uid": str(user_id),
+        }, timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        if code == 1:
+            data = resp.get("data", {})
+            result("每日运势", data is not None,
+                   f"level={data.get('fortune_level')}, score={data.get('fortune_score')}")
+        else:
+            result("每日运势", False, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("每日运势", False, str(e))
+
+
+# ============================================================
+# 测试17: 申请注销用户
+# ============================================================
+def test_request_deletion():
+    print("\n🚨 === 测试17: 申请注销用户 ===")
+    if not token:
+        result("申请注销", False, "无Token，跳过")
+        return
+    if not user_id:
+        result("申请注销", False, "无用户ID，跳过")
+        return
+
+    try:
+        rcpt = make_receipt("delete_account", str(user_id))
+        r = requests.post(f"{BASE}/api/user_security/requestDeletion", data={
+            "reason": "API验证脚本自动测试注销流程",
+            "receipt": rcpt["receipt"],
+            "sig": rcpt["sig"],
+        }, headers=api_headers(), timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        if code == 1:
+            data = resp.get("data", {})
+            result("申请注销", True,
+                   f"status={data.get('status_text')}, countdown={data.get('countdown')}, "
+                   f"auto_delete={data.get('auto_delete_time_text')}")
+        else:
+            msg = resp.get("msg", "")
+            if "已存在" in msg:
+                result("申请注销-已有申请", True, f"msg={msg} (已有待审核注销申请)")
+            else:
+                result("申请注销", False, f"code={code}, msg={msg}")
+    except Exception as e:
+        result("申请注销", False, str(e))
+
+
+# ============================================================
+# 测试18: 退出登录
+# ============================================================
+def test_logout():
+    print("\n🚪 === 测试18: 退出登录 ===")
+    if not token:
+        result("退出登录", False, "无Token，跳过")
+        return
+    try:
+        r = requests.post(f"{BASE}/api/user_security/logout",
+                          headers=api_headers(), timeout=15)
+        resp = r.json()
+        code = resp.get("code")
+        result("退出登录", code == 1, f"code={code}, msg={resp.get('msg')}")
+    except Exception as e:
+        result("退出登录", False, str(e))
+
+
+# ============================================================
+# 洞察分析
+# ============================================================
+def analyze_insights():
+    print("\n" + "=" * 60)
+    print("🧠 本地计算逻辑分析 & 可洞察问题")
+    print("=" * 60)
+
+    if not user_data:
+        print("  ⚠️ 无用户数据，跳过分析")
+        return
+
+    extra = user_data.get("extra", {})
+    sec_q = extra.get("sec_question")
+    last_signin = extra.get("last_signin_date")
+    devices = user_data.get("devices", [])
+    verification = extra.get("verification", {})
+
+    print("\n📋 可洞察问题列表:")
+    print("-" * 40)
+
+    # 1. 密保问题
+    if sec_q is None or sec_q == 0 or (isinstance(sec_q, dict) and sec_q.get("question_id", 0) == 0):
+        print("  🔒 [高] 密保问题未设置 → 应触发'密保问题未设置'通知")
+    else:
+        print(f"  ✅ 密保问题已设置 (sec_question={sec_q}) → 无需通知")
+
+    # 2. 长期未活跃
+    if last_signin and isinstance(last_signin, str) and last_signin:
+        try:
+            last_date = __import__("datetime").datetime.strptime(last_signin, "%Y-%m-%d")
+            diff = (__import__("datetime").datetime.now() - last_date).days
+            if diff > 30:
+                print(f"  ⏰ [中] 长期未活跃 ({diff}天) → 应触发'长期未活跃'通知")
+            else:
+                print(f"  ✅ 最近活跃 ({diff}天前) → 无需通知")
+        except ValueError:
+            print(f"  ⚠️ 最后签到日期格式异常: {last_signin}")
+
+    # 3. 新设备检测
+    if devices and len(devices) > 1:
+        print(f"  📱 [高] 多设备登录 ({len(devices)}台) → 可检测新设备")
+        models = set()
+        for d in devices:
+            m = d.get("device_model", "")
+            if m:
+                models.add(m)
+        if len(models) > 1:
+            print(f"    → 检测到{len(models)}种不同设备型号")
+    elif devices and len(devices) == 1:
+        print(f"  ✅ 单设备登录 → 无新设备风险")
+
+    # 4. IP异常
+    if devices:
+        ips = set()
+        cities = set()
+        for d in devices:
+            ip = d.get("ip", "")
+            city = d.get("ip_city", "")
+            if ip:
+                ips.add(ip)
+            if city:
+                cities.add(city)
+        if len(ips) > 1:
+            print(f"  🌐 [高] 多IP登录 ({len(ips)}个不同IP) → 可检测IP异常")
+            for d in devices:
+                print(f"    → {d.get('device_model')}: IP={d.get('ip')}, 城市={d.get('ip_city')}")
+        else:
+            print(f"  ✅ 单IP登录 → 无IP异常")
+
+    # 5. 邮箱/手机验证
+    if verification:
+        email_verified = verification.get("email", 0)
+        mobile_verified = verification.get("mobile", 0)
+        if not email_verified:
+            print("  📧 [中] 邮箱未验证 → 建议验证邮箱")
+        if not mobile_verified:
+            print("  📱 [中] 手机未验证 → 建议验证手机号")
+
+    # 6. 密码变更
+    print("  ⚠️ [高] 密码变更检测: 当前API不返回 password_changed_at 字段")
+    print("    → 需要后端在 user_center/index 返回中增加此字段")
+    print("    → 当前本地计算假设 userData 中有此字段，实际为空则不会触发")
+
+    # 7. 2FA预告
+    print("  🛡️ [低] 2FA预告: 纯本地静态通知，无需API数据 → 逻辑正确")
+
+    # 8. 安全建议
+    print("  💡 [低] 安全建议: 纯本地静态通知，无需API数据 → 逻辑正确")
+
+    print("\n" + "-" * 40)
+    print("📊 本地计算逻辑准确性评估:")
+    print("-" * 40)
+
+    checks = [
+        ("密保问题检测", True, "使用 extra.sec_question 字段，==0 触发 → 正确"),
+        ("新设备检测", True, "对比 KV Store 缓存的 last_login_device → 正确"),
+        ("IP异常检测", True, "对比 KV Store 缓存的 last_login_ip → 正确"),
+        ("长期未活跃", True, "对比 KV Store 缓存的 last_login_time，>30天触发 → 正确"),
+        ("密码变更检测", False, "API不返回 password_changed_at → 本地无法计算，需后端支持"),
+        ("2FA预告", True, "纯静态通知 → 正确"),
+        ("安全建议", True, "纯静态通知 → 正确"),
+    ]
+
+    for name, ok, desc in checks:
+        icon = "✅" if ok else "⚠️"
+        print(f"  {icon} {name}: {desc}")
+
+    total_ok = sum(1 for _, ok, _ in checks if ok)
+    print(f"\n  📈 准确率: {total_ok}/{len(checks)} ({total_ok*100//len(checks)}%)")
+
+
+def print_summary():
+    print("\n" + "=" * 60)
+    print("📋 测试总结")
+    print("=" * 60)
+    print(f"  ✅ 通过: {pass_count}")
+    print(f"  ❌ 失败: {fail_count}")
+    print(f"  📊 总计: {pass_count + fail_count}")
+    if fail_count == 0:
+        print("  🎉 全部通过！")
+    else:
+        print(f"  ⚠️ 有 {fail_count} 项失败，请检查")
+
+
+def main():
+    print("🛡️ 闲言APP — 账户洞察全流程接口验证脚本")
+    print(f"📅 {time.strftime('%Y-%m-%d %H:%M:%S')}")
+    print(f"🔗 API: {BASE}")
+    print(f"👤 测试账号: {TEST_ACCOUNT}")
+    print("=" * 60)
+
+    test_register()
+    test_login()
+    test_user_info()
+    test_device_list()
+    test_register_device()
+    test_ip_query()
+    test_sec_questions()
+    test_dashboard()
+    test_signin()
+    test_interaction()
+    test_favorite()
+    test_profile()
+    test_receipt_login()
+    test_token_login()
+    test_deletion_status()
+    test_stats()
+    test_fortune()
+
+    analyze_insights()
+
+    test_request_deletion()
+    test_logout()
+
+    print_summary()
+
+
+if __name__ == "__main__":
+    main()