# Phase 2 深审 — Wave P2-5(webssh.py 全文) **日期**: 2026-06-04 **范围**: WebSSH WebSocket 端点 + 令牌签发链 + 前端连接 **标准**: `standards/line-walk-audit-standard-v2.md` 8 步 ## 登记 | # | 文件 | 语言 | 行数 N | Read 范围 | |---|------|------|--------|-----------| | 1 | `server/api/webssh.py` | Python | 401 | 1–401 全文 | | 2 | `server/api/auth.py` | Python | 374 | 330–349(webssh-token 端点) | | 3 | `server/application/services/auth_service.py` | Python | 684 | 412–471(create_webssh_token) | | 4 | `server/api/dependencies.py` | Python | — | 167–180(check_dangerous_command) | | 5 | `frontend/src/composables/terminal/useTerminalSessions.ts` | TS | 749 | 277–311(令牌 + WS URL) | ## 入口表 | 方法 | 路径 | 鉴权 | |------|------|------| | WS | `/ws/terminal/{server_id}?token=` | purpose=webssh JWT | | POST | `/api/auth/webssh-token` | JWT + server 存在 | ## Closure 表 | H | 文件:行号 | 判定 | 理由 | |---|-----------|------|------| | H-Purpose | webssh.py:48-49 | SAFE | 拒绝非 webssh purpose | | H-Bind | webssh.py:106-109 | SAFE | token server_id 须匹配路径 | | H-TV | webssh.py:66-76 | SAFE | tv 校验;legacy updated_at +5s grace | | H-Close | webssh.py:97-104 | SAFE | 缺 token→4001;无效→4401 | | H-Issue | auth.py:334-346 | SAFE | 签发前 JWT + server/domain 校验 | | H-Scope | auth_service.py:455-470 | SAFE | JWT 含 server_id + purpose + tv | | H-Expire | auth_service.py:467 | SAFE | 15 分钟短期令牌 | | H-WSQuery | webssh.py:88, useTerminalSessions:293 | RISK | ADR-011 query token(已接受) | | H-Cred | webssh.py:126-135 | SAFE | key/password 配置检查 | | H-Audit | webssh.py:137-146,353-366 | SAFE | connect/disconnect 审计 | | H-Session | webssh.py:148-157,369-376 | SAFE | SshSession 创建/关闭 | | H-DB | webssh.py:111-158 | SAFE | 长连接前关闭 DB session | | H-Pool | webssh.py:167,337 | SAFE | acquire/release + stale retry | | H-CmdLog | webssh.py:277-290,379-398 | SAFE | Enter 触发;2000 字符截断 | | H-Danger | dependencies.py:167-180 | RISK | 危险命令仅 WARN 不阻断(设计) | | H-Resize | webssh.py:293-296 | SAFE | cols/rows 边界默认 80×24 | | H-Error | webssh.py:171,204 | SAFE | SSH 失败不向客户端泄露栈 | **len(H)=17, Closure=17** ## FINDING 无 P0/P1 新 FINDING。 ## DoD - [x] webssh.py 401 行全文 Read - [x] 令牌签发链交叉验证 - [x] len(H) == Closure - [x] local_verify 通过 ## 验证 `bash scripts/local_verify.sh` — 全绿