Bump js-yaml from 3.14.1 to 3.14.2 (#875)

Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.14.1 to 3.14.2.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 3.14.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.editorconfig

@@ -8,8 +8,11 @@ indent_style = space
 indent_size = 4
 trim_trailing_whitespace = true
 
-[*.{html, less, js}]
-indent_size = 2
-
 [*.md]
 trim_trailing_whitespace = false
+
+[*.{yml,yaml}]
+indent_size = 2
+
+[docker-compose.yml]
+indent_size = 4

.env.example

@@ -0,0 +1,39 @@
+APP_NAME="Lsky Pro"
+APP_ENV=prod
+APP_KEY=
+APP_DEBUG=false
+APP_URL=http://localhost
+
+LOG_CHANNEL=daily
+LOG_DEPRECATIONS_CHANNEL=null
+LOG_LEVEL=debug
+
+DB_CONNECTION=
+DB_HOST=
+DB_PORT=
+DB_DATABASE=
+DB_USERNAME=
+DB_PASSWORD=
+
+BROADCAST_DRIVER=log
+CACHE_DRIVER=file
+FILESYSTEM_DISK=public
+QUEUE_CONNECTION=sync
+SESSION_DRIVER=file
+SESSION_LIFETIME=120
+
+MEMCACHED_HOST=127.0.0.1
+
+REDIS_HOST=127.0.0.1
+REDIS_PASSWORD=null
+REDIS_PORT=6379
+
+PUSHER_APP_ID=
+PUSHER_APP_KEY=
+PUSHER_APP_SECRET=
+PUSHER_APP_CLUSTER=mt1
+
+MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
+MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
+
+IGNITION_SHARING_ENABLED=false

.gitattributes

@@ -0,0 +1,10 @@
+* text=auto
+
+*.blade.php diff=html
+*.css diff=css
+*.html diff=html
+*.md diff=markdown
+*.php diff=php
+
+/.github export-ignore
+CHANGELOG.md export-ignore

.github/FUNDING.yml

@@ -0,0 +1 @@
+custom: https://github.com/wisp-x/lsky-pro#-%E6%8D%90%E8%B5%A0

.github/workflows/main.yml

@@ -0,0 +1,35 @@
+name: Lsky-pro
+
+on:
+  push:
+    branches: [ dev ]
+  pull_request:
+    branches: [ dev ]
+
+jobs:
+  lsky-pro-tests:
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: shivammathur/setup-php@15c43e89cdef867065b0213be354c2841860869e
+        with:
+          php-version: '8.0'
+      - uses: actions/checkout@v2
+      - name: Copy .env
+        run: php -r "file_exists('.env') || copy('.env.example', '.env');"
+      - name: Install Dependencies
+        run: composer install -q --no-ansi --no-interaction --no-scripts --no-progress --prefer-dist
+      - name: Generate key
+        run: php artisan key:generate
+      - name: Directory Permissions
+        run: chmod -R 777 storage bootstrap/cache
+      - name: Create Database
+        run: |
+          mkdir -p database
+          touch database/database.sqlite
+      - name: Execute tests (Unit and Feature tests) via PHPUnit
+        env:
+          DB_CONNECTION: sqlite
+          DB_DATABASE: database/database.sqlite
+        run: vendor/bin/phpunit

.gitignore

@@ -1,33 +1,20 @@
-# General
-.DS_Store
-.AppleDouble
-.LSOverride
-.idea
-.vscode
-
-runtime
-/config/db.php
+/installed.lock
+/upgrading.lock
+/*.zip
+/node_modules
+/public/hot
+/public/storage
+/public/js/custom.js
+/storage/*.key
+/vendor
 .env
-
-# Icon must end with two \r
-Icon
-
-
-# Thumbnails
-._*
-
-# Files that might appear in the root of a volume
-.DocumentRevisions-V100
-.fseventsd
-.Spotlight-V100
-.TemporaryItems
-.Trashes
-.VolumeIcon.icns
-.com.apple.timemachine.donotpresent
-
-# Directories potentially created on remote AFP share
-.AppleDB
-.AppleDesktop
-Network Trash Folder
-Temporary Items
-.apdisk
+.env.backup
+.phpunit.result.cache
+docker-compose.override.yml
+Homestead.json
+Homestead.yaml
+npm-debug.log
+yarn-error.log
+/.idea
+/.vscode
+/public/i

.styleci.yml

@@ -0,0 +1,13 @@
+php:
+  preset: laravel
+  version: 8
+  disabled:
+    - no_unused_imports
+  finder:
+    not-name:
+      - index.php
+js:
+  finder:
+    not-name:
+      - webpack.mix.js
+css: true

LICENSE

@@ -652,7 +652,7 @@ Also add information on how to contact you by electronic and paper mail.
   If the program does terminal interaction, make it output a short
 notice like this when it starts in an interactive mode:
 
-    Lsky Pro  Copyright (C) 2018  熊二哈
+    Lsky Pro  Copyright (C) 2018  Wisp X
     This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
     This is free software, and you are welcome to redistribute it
     under certain conditions; type `show c' for details.
@@ -671,4 +671,4 @@ into proprietary programs.  If your program is a subroutine library, you
 may consider it more useful to permit linking proprietary applications with
 the library.  If this is what you want to do, use the GNU Lesser General
 Public License instead of this License.  But first, please read
-[http://www.gnu.org/philosophy/why-not-lgpl.html].
+[http://www.gnu.org/philosophy/why-not-lgpl.html].

README.md

@@ -1,123 +1,101 @@
-<p align="center">
-    <a href="./public/static/app/images/logo.png" target="_blank">
-        <img width="300" src="./public/static/app/images/logo.png">
-    </a>
-</p>
+<img align="right" width="100" src="https://avatars.githubusercontent.com/u/100565733?s=200" alt="Lsky Pro Logo"/>
 
-# Lsky Pro - Your photo album on the cloud.
+<h1 align="left"><a href="https://www.lsky.pro">Lsky Pro</a></h1>
 
-[官网](https://www.lsky.pro) &nbsp;
-[手册](https://www.kancloud.cn/wispx/lsky-pro) &nbsp;
-[演示](https://pic.iqy.ink) &nbsp;
-[Chrome 拓展](https://github.com/wisp-x/lsky-pro-chrome-extension)
+☁ Your photo album on the cloud.
+
+[![PHP](https://img.shields.io/badge/PHP->=8.0-orange.svg)](http://php.net)
+[![Release](https://img.shields.io/github/v/release/lsky-org/lsky-pro)](https://github.com/lsky-org/lsky-pro/releases)
+[![Issues](https://img.shields.io/github/issues/lsky-org/lsky-pro)](https://github.com/lsky-org/lsky-pro/issues)
+[![Code size](https://img.shields.io/github/languages/code-size/lsky-org/lsky-pro?color=blueviolet)](https://github.com/lsky-org/lsky-pro)
+[![Repo size](https://img.shields.io/github/repo-size/lsky-org/lsky-pro?color=eb56fd)](https://github.com/lsky-org/lsky-pro)
+[![Last commit](https://img.shields.io/github/last-commit/lsky-org/lsky-pro/dev)](https://github.com/lsky-org/lsky-pro/commits/dev)
+[![License](https://img.shields.io/badge/license-GPL_V3.0-yellowgreen.svg)](https://github.com/lsky-org/lsky-pro/blob/master/LICENSE)
+
+[官网](https://www.lsky.pro) &middot;
+[文档](https://docs.lsky.pro) &middot;
+[社区](https://github.com/lsky-org/lsky-pro/discussions) &middot;
+[演示](https://pic.vv1234.cn) &middot;
 [Telegram 群组](https://t.me/lsky_pro)
 
-[![License](https://img.shields.io/badge/license-GPL_V3.0-yellowgreen.svg)](https://github.com/wisp-x/lsky-pro/blob/master/LICENSE)
-[![PHP](https://img.shields.io/badge/PHP->=5.6-orange.svg)](http://php.net)
-[![GitHub code size in bytes](https://img.shields.io/github/languages/code-size/wisp-x/lsky-pro.svg)](https://github.com/wisp-x/lsky-pro)
+> [!WARNING]
+> 开源版本已停止维护，不再进行新特性更新和 bug 修复。
 
-> 下载稳定版请点击[这里](https://github.com/wisp-x/lsky-pro/releases)，发现 bug 可发送邮件至邮箱：i@wispx.cn，或提交 [issues](https://github.com/wisp-x/lsky-pro/issues)  
-> 下载速度慢的可以移步 Coding https://dev.tencent.com/u/wispx/p/lsky-pro-releases/git
+> master 分支为未安装三方拓展的版本，通常包含了最新未发布版本的一些实验性新特性和修复补丁，正式版本请点击 [这里](https://github.com/lsky-org/lsky-pro/releases) 下载。  
+> 发现 bug 请提交 [issues](https://github.com/lsky-org/lsky-pro/issues) (提问前建议阅读[提问的智慧](https://github.com/ryanhanwu/How-To-Ask-Questions-The-Smart-Way/blob/main/README-zh_CN.md))  
+> 有任何想法、建议、或分享，请移步 [社区](https://github.com/lsky-org/lsky-pro/discussions)
 
-![homepage.png](./public/static/app/images/demo/1.png)
-![homepage.png](./public/static/app/images/demo/2.png)
+![看不见图片请使用科学上网](https://user-images.githubusercontent.com/22728201/157242302-bfbd04a0-fb30-4241-800e-cc2b1dad9b19.png)
+![看不见图片请使用科学上网](https://user-images.githubusercontent.com/22728201/157242314-5716d578-fee5-4083-8d91-0d98cb2545d9.png)
 
-主要特性
----
-- 支持第三方云储存，支持本地、阿里云 OSS、腾讯云 COS、七牛云、又拍云。
-- 支持多图上传、拖拽上传、上传预览、全屏预览、页面响应式布局。
-- 简洁的图片管理功能，支持鼠标右键、单选多选等操作。
-- 强大的图片预览功能，支持响应式。
-- 支持全局配置用户初始剩余储存空间、支持单个设置用户剩余储存空间。
-- 支持一键复制图片外链、二维码扫描链接。
-- 支持设置上传文件、文件夹路径命名规则。
-- 支持图片鉴黄功能。
-- 支持文件夹分类功能。
-- 对外开放的上传接口。
+### 📌 TODO
+* [x] 支持`本地`等多种第三方云储存 `AWS S3`、`阿里云 OSS`、`腾讯云 COS`、`七牛云`、`又拍云`、`SFTP`、`FTP`、`WebDav`、`Minio`
+* [x] 多种数据库驱动支持，`MySQL 5.7+`、`PostgreSQL 9.6+`、`SQLite 3.8.8+`、`SQL Server 2017+`
+* [x] 支持配置使用多种缓存驱动，`Memcached`、`Redis`、`DynamoDB`、等其他关系型数据库，默认以文件的方式缓存
+* [x] 多图上传、拖拽上传、粘贴上传、动态设置策略上传、复制、一键复制链接
+* [x] 强大的图片管理功能，瀑布流展示，支持鼠标右键、单选多选、重命名等操作
+* [x] 自由度极高的角色组配置，可以为每个组配置多个储存策略，同时储存策略可以配置多个角色组
+* [x] 可针对角色组设置上传文件、文件夹路径命名规则、上传频率限制、图片审核等功能
+* [x] 支持图片水印、文字水印、水印平铺、设置水印位置、X/y 轴偏移量设置、旋转角度等
+* [x] 支持通过接口上传、管理图片、管理相册
+* [x] 支持在线增量更新、跨版本更新
+* [x] 图片广场
 
-安装需求
----
-* PHP 版本 &ge; 5.6(建议使用PHP7+)
-* mysql 版本 &ge; 5.5
-* mysqli 支持
-* fileinfo 拓展
-* curl 拓展
-* rewrite
+### 🛠 安装要求
+- PHP >= 8.0.2
+- BCMath PHP 扩展
+- Ctype PHP 扩展
+- DOM PHP 拓展
+- Fileinfo PHP 扩展
+- JSON PHP 扩展
+- Mbstring PHP 扩展
+- OpenSSL PHP 扩展
+- PDO PHP 扩展
+- Tokenizer PHP 扩展
+- XML PHP 扩展
+- Imagick 拓展
+- exec、shell_exec 函数
+- readlink、symlink 函数
+- putenv、getenv 函数
+- chmod、chown、fileperms 函数
 
-安装教程
----
-1. 下载兰空，上传至 web 运行环境，解压。
-2. 设置运行目录为 public。
-3. 配置 Rewrite 规则：
-    ##### Nginx：
-    ```
-    location / {
-        if (!-e $request_filename) {
-        	rewrite ^(.*)$ /index.php?s=$1 last; break;
-        }
-    }
-    ```
+### 😋 鸣谢
+- [Laravel](https://laravel.com)
+- [Tailwindcss](https://tailwindcss.com)
+- [Fontawesome](https://fontawesome.com)
+- [Echarts](https://echarts.apache.org)
+- [Intervention/image](https://github.com/Intervention/image)
+- [league/flysystem](https://flysystem.thephpleague.com)
+- [overtrue](https://github.com/overtrue)
+- [Jquery](https://jquery.com)
+- [jQuery-File-Upload](https://github.com/blueimp/jQuery-File-Upload)
+- [Alpinejs](https://alpinejs.dev/)
+- [Viewer.js](https://github.com/fengyuanchen/viewerjs)
+- [DragSelect](https://github.com/ThibaultJanBeyer/DragSelect)
+- [Justified-Gallery](https://github.com/miromannino/Justified-Gallery)
+- [Clipboard.js](https://github.com/zenorocha/clipboard.js)
 
-    ##### Apache:
-    Apache 直接使用 .htaccess 即可
+### 💰 捐赠
+Lsky Pro 的开发和更新等，都是作者在业余时间独立开发，并免费开源使用，如果您认可我的作品，并且觉得对你有所帮助我愿意接受来自各方面的捐赠😃。
+<table width="100%">
+    <tr>
+        <th>支付宝</th>
+        <th>微信</th>
+    </tr>
+    <tr>
+        <td><img alt="看不见图片请使用科学上网" src="https://raw.githubusercontent.com/lsky-org/lsky-pro/82988ebe2edd32264d609b26bf9132b3dce7c39e/public/static/app/images/demo/alipay.png"></td>
+        <td><img alt="看不见图片请使用科学上网" src="https://raw.githubusercontent.com/lsky-org/lsky-pro/82988ebe2edd32264d609b26bf9132b3dce7c39e/public/static/app/images/demo/wechat.jpeg"></td>
+    </tr>
+</table>
 
-4. 访问首页，未安装自动跳转至安装页面，根据页面提示安装即可。
-5. 安装完成以后请设置 runtime 目录0755权限，如果你使用本地存储，public 目录也需要设置为0755权限
+### 🤩 Stargazers over time
+[![Stargazers over time](https://starchart.cc/lsky-org/lsky-pro.svg)](https://starchart.cc/lsky-org/lsky-pro)
 
-如何更新到最新版？
----
-升级过程并不复杂，但也简单粗暴，总共分为四个步骤。
-1. [下载](https://github.com/wisp-x/lsky-pro/releases)最新版程序并解压到本地。
-2. 将旧版程序 ```config/db.php``` 文件复制到新版程序的 ```config``` 文件夹，如果你使用的是本地储存策略，文件是储存在本地的，请注意也要将你旧版本的图片资源移动到新程序对应的目录。
-3. 删除旧版本程序所有文件，上传最新版程序到站点根目录即可(这一步也可以直接覆盖，但会有残留文件，不选择覆盖的话建议先打包备份旧版本)。
-4. 使用管理员账号登录，访问任意页面会跳转到升级数据库结构页面，根据提示操作即可。
-
-FAQ：如果覆盖更新文件后无法重定向到更新页面，或首页出现错误，请直接访问  ```http://域名/install/update.html``` 进行更新。
-
-如何修改网站运行目录？
----
-默认程序的入口文件在 ```public``` 目录下，所以需要把 public 目录设置为网站运行目录，这样做是为了：
-> 入口文件位置的设计是为了让应用部署更安全，```public``` 目录为web可访问目录，其他的文件都可以放到非WEB访问目录下面。
-
-而你如果安装时没有设置，使用 ```http://域名/public``` 的方式来访问站点，会导致 css 和 js 等静态资源无法获取。  
-如果你 无法 或 不会 设置运行目录，可以将 public 目录下的所有文件和文件夹（包括 .htaccess 文件）移动到根目录
-(和 ```application``` 文件夹同级)即可，尽管我们不推荐你这么做，这样会导致应用程序核心文件暴露在外。
-
-移动文件以后，打开根目录 ```index.php``` 文件，修改如下：
-```php
-<?php
-
-// [ 应用入口文件 ]
-namespace think;
-
-define('ROOT_PATH', __DIR__ . DIRECTORY_SEPARATOR);
-
-// 加载基础文件
-require __DIR__ . '/thinkphp/base.php';
-
- // 执行应用并响应
-Container::get('app')->bind('index')->run()->send();
- ```
-
-注意：请不要使用记事本打开修改，修改完成后保存即可。
-
-联系我
----
-- QQ：1591788658
+### 📧 联系我
 - Email: i@wispx.cn
-- Blog：[https://www.wispx.cn](https://www.wispx.cn)
 
-鸣谢
----
-- ThinkPHP
-- Jquery
-- BootStrap
-- Mdui
-- viewer.js
-- context.js
-
-开源许可
----
+### 📃 开源许可
 [GPL 3.0](https://opensource.org/licenses/GPL-3.0)
 
 Copyright (c) 2018-present Lsky Pro.
+

app/Console/Commands/Install.php

@@ -0,0 +1,113 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Utils;
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\Config;
+
+class Install extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'lsky:install';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Install Lsky Pro.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        $this->signature = implode(' ', [
+            'lsky:install',
+            '{--connection=mysql : Database type}',
+            '{--host=127.0.0.1 : Database connection address}',
+            '{--port=3306 : Database connection port}',
+            '{--database= : Database name}',
+            '{--username=root : Database connection user name}',
+            '{--password=root : Database connection password}',
+        ]);
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return int
+     */
+    public function handle(): int
+    {
+        // 判断是否已经安装
+        if (file_exists(base_path('installed.lock'))) {
+            $this->warn('Already installed. if you want to reinstall, please remove installed.lock file.');
+            return 0;
+        }
+
+        $driver = $this->option('connection');
+        $connection = "database.connections.{$driver}";
+        $options = [
+            'connection' => $this->option('connection'),
+            'host' => $this->option('host'),
+            'port' => $this->option('port'),
+            'database' => $this->option('database'),
+            'username' => $this->option('username'),
+            'password' => $this->option('password'),
+        ];
+        $configs = array_intersect_key($options, config($connection));
+
+        // 覆盖默认配置
+        Config::set($connection, array_merge(config($connection), $configs));
+        // 设置默认数据库驱动
+        Config::set('database.default', $driver);
+
+        clearstatcache(true);
+
+        try {
+            if ($options['connection'] === 'sqlite' && ! $options['database']) {
+                $options['database'] = database_path('database.sqlite');
+                file_put_contents($options['database'], '');
+                Config::set('database.connections.sqlite.database', $options['database']);
+            }
+            // 执行数据库迁移
+            Artisan::call('migrate:fresh', ['--force' => true], outputBuffer: $this->output);
+            // 填充数据
+            Artisan::call('db:seed', ['--force' => true, '--class' => 'InstallSeeder'], outputBuffer: $this->output);
+            // 更新 env 文件
+            $replaces = collect($options)->transform(fn ($item, $key) => ['DB_'.strtoupper($key) => $item])->collapse();
+            file_put_contents($this->laravel->environmentFilePath(), preg_replace(
+                $replaces->map(fn ($item, $key) => $this->replacementPattern($key, env($key, '')))->values()->toArray(),
+                $replaces->map(fn ($item, $key) => "{$key}={$item}")->values()->toArray(),
+                file_get_contents($this->laravel->environmentFilePath())
+            ));
+            // 创建锁文件
+            file_put_contents(base_path('installed.lock'), '');
+        } catch (\Throwable $e) {
+            $this->warn("Installation error!\n");
+            $this->error($e->getMessage());
+            Utils::e($e, '执行数据库安装程序时出现异常');
+            return 1;
+        }
+
+        $this->info('Install success!');
+        return 0;
+    }
+
+    protected function replacementPattern(string $name, string $value): string
+    {
+        $escaped = preg_quote('='.$value, '/');
+
+        return "/^{$name}{$escaped}/m";
+    }
+}

app/Console/Commands/MakeThumbnails.php

@@ -0,0 +1,58 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Image;
+use App\Services\ImageService;
+use Illuminate\Console\Command;
+use League\Flysystem\FilesystemException;
+use Symfony\Component\Console\Helper\ProgressBar;
+
+class MakeThumbnails extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'lsky:thumbnails';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Make images thumbnails.';
+
+    /**
+     * Execute the console command.
+     *
+     * @return int
+     */
+    public function handle()
+    {
+        $progress = new ProgressBar($this->output, Image::query()->count());
+        $progress->setMessage('获取图片处理中...');
+        $progress->start();
+
+        $service = new ImageService();
+
+        /** @var Image $image */
+        foreach (Image::query()->whereNotNull('strategy_id')->cursor() as $image) {
+            try {
+                $service->makeThumbnail(
+                    image: $image,
+                    data: $image->filesystem()->read($image->pathname),
+                    force: true,
+                );
+                $progress->advance();
+            } catch (\Throwable $e) {
+                $this->error("缩略图生成失败, {$e->getMessage()}");
+            }
+        }
+
+        $progress->finish();
+
+        return 0;
+    }
+}

app/Console/Commands/Upgrade.php

@@ -0,0 +1,45 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Enums\ConfigKey;
+use App\Services\UpgradeService;
+use App\Utils;
+use Illuminate\Console\Command;
+
+class Upgrade extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'lsky:upgrade';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Upgrade Lsky Pro.';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return int
+     */
+    public function handle(): int
+    {
+        return (new UpgradeService(Utils::config(ConfigKey::AppVersion)))->upgrade() ? 0 : 1;
+    }
+}

app/Console/Kernel.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Console;
+
+use Illuminate\Console\Scheduling\Schedule;
+use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
+
+class Kernel extends ConsoleKernel
+{
+    /**
+     * Define the application's command schedule.
+     *
+     * @param  \Illuminate\Console\Scheduling\Schedule  $schedule
+     * @return void
+     */
+    protected function schedule(Schedule $schedule)
+    {
+        // $schedule->command('inspire')->hourly();
+    }
+
+    /**
+     * Register the commands for the application.
+     *
+     * @return void
+     */
+    protected function commands()
+    {
+        $this->load(__DIR__.'/Commands');
+
+        require base_path('routes/console.php');
+    }
+}

app/Enums/ConfigKey.php

@@ -0,0 +1,48 @@
+<?php
+
+namespace App\Enums;
+
+final class ConfigKey
+{
+    /** @var string 是否启用注册 */
+    const IsEnableRegistration = 'is_enable_registration';
+
+    /** @var string 是否启用画廊 */
+    const IsEnableGallery = 'is_enable_gallery';
+
+    /** @var string 是否启用接口 */
+    const IsEnableApi = 'is_enable_api';
+
+    /** @var string 程序名称 */
+    const AppName = 'app_name';
+
+    /** @var string 程序版本 */
+    const AppVersion = 'app_version';
+
+    /** @var string 站点关键字 */
+    const SiteKeywords = 'site_keywords';
+
+    /** @var string 站点描述 */
+    const SiteDescription = 'site_description';
+
+    /** @var string 站点公告 */
+    const SiteNotice = 'site_notice';
+
+    /** @var string icp备案号 */
+    const IcpNo = 'icp_no';
+
+    /** @var string 是否允许游客上传 */
+    const IsAllowGuestUpload = 'is_allow_guest_upload';
+
+    /** @var string 用户初始容量(kb) */
+    const UserInitialCapacity = 'user_initial_capacity';
+
+    /** @var string 账户是否需要验证 */
+    const IsUserNeedVerify = 'is_user_need_verify';
+
+    /** @var string 邮件配置 */
+    const Mail = 'mail';
+
+    /** @var string 角色组默认配置 */
+    const Group = 'group';
+}

app/Enums/GroupConfigKey.php

@@ -0,0 +1,63 @@
+<?php
+
+namespace App\Enums;
+
+final class GroupConfigKey
+{
+    /** @var string 最大文件大小 */
+    const MaximumFileSize = 'maximum_file_size';
+
+    /** @var string 并发上传数量 */
+    const ConcurrentUploadNum = 'concurrent_upload_num';
+
+    /** @var string 上传是否需要审查 */
+    const IsEnableScan = 'is_enable_scan';
+
+    /** @var string 审查配置 */
+    const ScanConfigs = 'scan_configs';
+
+    /** @var string 违规图片审查后动作 */
+    const ScannedAction = 'scanned_action';
+
+    /** @var string 是否启用原图保护功能 */
+    const IsEnableOriginalProtection = 'is_enable_original_protection';
+
+    /** @var string 上传是否启用水印功能 */
+    const IsEnableWatermark = 'is_enable_watermark';
+
+    /** @var string 水印配置 */
+    const WatermarkConfigs = 'watermark_configs';
+
+    /** @var string 每分钟上传限制 */
+    const LimitPerMinute = 'limit_per_minute';
+
+    /** @var string 每小时上传限制 */
+    const LimitPerHour = 'limit_per_hour';
+
+    /** @var string 每天上传数量限制 */
+    const LimitPerDay = 'limit_per_day';
+
+    /** @var string 每周上传数量限制 */
+    const LimitPerWeek = 'limit_per_week';
+
+    /** @var string 每月上传数量限制 */
+    const LimitPerMonth = 'limit_per_month';
+
+    /** @var string 允许上传的文件后缀 */
+    const AcceptedFileSuffixes = 'accepted_file_suffixes';
+
+    /** @var string 路径命名规则 */
+    const PathNamingRule = 'path_naming_rule';
+
+    /** @var string 文件命名规则 */
+    const FileNamingRule = 'file_naming_rule';
+
+    /** @var string 图片缓存时间 */
+    const ImageCacheTtl = 'image_cache_ttl';
+
+    /** @var string 图片保存格式 */
+    const ImageSaveFormat = 'image_save_format';
+
+    /** @var string 图片保存质量 */
+    const ImageSaveQuality = 'image_save_quality';
+}

app/Enums/ImagePermission.php

@@ -0,0 +1,9 @@
+<?php
+
+namespace App\Enums;
+
+final class ImagePermission
+{
+    const Public  = 1; // 公开
+    const Private = 0; // 私有
+}

app/Enums/Mail/SmtpOption.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Enums\Mail;
+
+final class SmtpOption
+{
+    const Transport = 'smtp';
+
+    /** @var string 主机地址 */
+    const Host = 'host';
+
+    /** @var string 连接端口 */
+    const Port = 'port';
+
+    /** @var string 加密方式 */
+    const Encryption = 'encryption';
+
+    /** @var string 用户名 */
+    const Username = 'username';
+
+    /** @var string 密码 */
+    const Password = 'password';
+
+    /** @var string 超时时间 */
+    const Timeout = 'timeout';
+
+    /** @var string 发件人地址 */
+    const FromAddress = 'from_address';
+
+    /** @var string 发件人名称 */
+    const FromName = 'from_name';
+}

app/Enums/PastedAction.php

@@ -0,0 +1,9 @@
+<?php
+
+namespace App\Enums;
+
+final class PastedAction
+{
+    const Upload  = 2; // 直接上传
+    const Waiting = 1; // 等待上传
+}

app/Enums/Scan/AliyunOption.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Enums\Scan;
+
+final class AliyunOption
+{
+    /** @var string AccessKeyId */
+    const AccessKeyId = 'access_key_id';
+
+    /** @var string AccessKeySecret */
+    const AccessKeySecret = 'access_key_secret';
+
+    /** @var string RegionId */
+    const RegionId = 'region_id';
+
+    /** @var string 场景 */
+    const Scenes = 'scenes';
+
+    /** @var string 业务场景 */
+    const BizType = 'biz_type';
+}

app/Enums/Scan/NsfwJsOption.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace App\Enums\Scan;
+
+final class NsfwJsOption
+{
+    /** @var string 接口地址 */
+    const ApiUrl = 'api_url';
+
+    /** @var string 表单属性名称 */
+    const AttrName = 'attr_name';
+
+    /** @var string 阈值 */
+    const Threshold = 'threshold';
+}

app/Enums/Scan/TencentOption.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Enums\Scan;
+
+final class TencentOption
+{
+    /** @var string SecretId */
+    const SecretId = 'secret_id';
+
+    /** @var string SecretKey */
+    const SecretKey = 'secret_key';
+
+    /** @var string Region */
+    const Region = 'region';
+
+    /** @var string Endpoint */
+    const Endpoint = 'endpoint';
+
+    /** @var string 业务场景 */
+    const BizType = 'biz_type';
+}

app/Enums/Strategy/CosOption.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Enums\Strategy;
+
+final class CosOption
+{
+    /** @var string 访问地址 */
+    const Url = 'url';
+
+    /** @var string AppId */
+    const AppId = 'app_id';
+
+    /** @var string SecretId */
+    const SecretId = 'secret_id';
+
+    /** @var string SecretKey */
+    const SecretKey = 'secret_key';
+
+    /** @var string 所属地域 */
+    const Region = 'region';
+
+    /** @var string 储存桶名称 */
+    const Bucket = 'bucket';
+}

app/Enums/Strategy/FtpOption.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Enums\Strategy;
+
+final class FtpOption
+{
+    /** @var string 访问url */
+    const Url = 'url';
+
+    /** @var string 根目录 */
+    const Root = 'root';
+
+    /** @var string 主机地址 */
+    const Host = 'host';
+
+    /** @var string 连接名称 */
+    const Username = 'username';
+
+    /** @var string 密码 */
+    const Password = 'password';
+
+    /** @var string 连接端口 */
+    const Port = 'port';
+
+    /** @var string 加密连接 */
+    const Ssl = 'ssl';
+
+    /** @var string 被动模式 */
+    const Passive = 'passive';
+}

app/Enums/Strategy/KodoOption.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Enums\Strategy;
+
+final class KodoOption
+{
+    /** @var string 访问地址 */
+    const Url = 'url';
+
+    /** @var string AccessKey */
+    const AccessKey = 'access_key';
+
+    /** @var string SecretKey */
+    const SecretKey = 'secret_key';
+
+    /** @var string Bucket */
+    const Bucket = 'bucket';
+}

app/Enums/Strategy/LocalOption.php

@@ -0,0 +1,12 @@
+<?php
+
+namespace App\Enums\Strategy;
+
+final class LocalOption
+{
+    /** @var string 访问url */
+    const Url = 'url';
+
+    /** @var string 根目录 */
+    const Root = 'root';
+}

app/Enums/Strategy/MinioOption.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Enums\Strategy;
+
+final class MinioOption
+{
+    /** @var string 访问url */
+    const Url = 'url';
+
+    /** @var string AccessKey */
+    const AccessKey = 'access_key';
+
+    /** @var string SecretKey */
+    const SecretKey = 'secret_key';
+
+    /** @var string Endpoint */
+    const Endpoint = 'endpoint';
+
+    /** @var string 区域 */
+    const Region = 'region';
+
+    /** @var string Bucket */
+    const Bucket = 'bucket';
+
+    /** @var string BucketEndpoint */
+    const BucketEndpoint = 'bucket_endpoint';
+}

app/Enums/Strategy/OssOption.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Enums\Strategy;
+
+final class OssOption
+{
+    /** @var string 访问地址 */
+    const Url = 'url';
+
+    /** @var string AccessKeyId */
+    const AccessKeyId = 'access_key_id';
+
+    /** @var string AccessKeySecret */
+    const AccessKeySecret = 'access_key_secret';
+
+    /** @var string Endpoint */
+    const Endpoint = 'endpoint';
+
+    /** @var string 储存桶名称 */
+    const Bucket = 'bucket';
+}

app/Enums/Strategy/S3Option.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Enums\Strategy;
+
+final class S3Option
+{
+    /** @var string 访问url */
+    const Url = 'url';
+
+    /** @var string AccessKeyId */
+    const AccessKeyId = 'access_key_id';
+
+    /** @var string SecretAccessKey */
+    const SecretAccessKey = 'secret_access_key';
+
+    /** @var string Endpoint */
+    const Endpoint = 'endpoint';
+
+    /** @var string 区域 */
+    const Region = 'region';
+
+    /** @var string Bucket */
+    const Bucket = 'bucket';
+}

app/Enums/Strategy/SftpOption.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Enums\Strategy;
+
+final class SftpOption
+{
+    /** @var string 访问url */
+    const Url = 'url';
+
+    /** @var string 根目录 */
+    const Root = 'root';
+
+    /** @var string 主机地址 */
+    const Host = 'host';
+
+    /** @var string 连接名称 */
+    const Username = 'username';
+
+    /** @var string 密码 */
+    const Password = 'password';
+
+    /** @var string 私钥 */
+    const PrivateKey = 'private_key';
+
+    /** @var string 密钥口令 */
+    const Passphrase = 'passphrase';
+
+    /** @var string 连接端口 */
+    const Port = 'port';
+
+    /** @var string 使用代理 */
+    const UseAgent = 'use_agent';
+}

app/Enums/Strategy/UssOption.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Enums\Strategy;
+
+final class UssOption
+{
+    /** @var string 访问地址 */
+    const Url = 'url';
+
+    /** @var string 操作员 */
+    const Operator = 'operator';
+
+    /** @var string 密码 */
+    const Password = 'password';
+
+    /** @var string 服务名称 */
+    const Service = 'service';
+}

app/Enums/Strategy/WebDavOption.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Enums\Strategy;
+
+final class WebDavOption
+{
+    /** @var string 访问url */
+    const Url = 'url';
+
+    /** @var string baseUri */
+    const BaseUri = 'base_uri';
+
+    /** @var string 用户名 */
+    const Username = 'username';
+
+    /** @var string 密码 */
+    const Password = 'password';
+
+    /** @var string 认证方式 */
+    const AuthType = 'auth_type';
+
+    /** @var string 地址前缀 */
+    const Prefix = 'prefix';
+}

app/Enums/StrategyKey.php

@@ -0,0 +1,36 @@
+<?php
+
+namespace App\Enums;
+
+final class StrategyKey
+{
+    /** @var int 本地 */
+    const Local = 1;
+
+    /** @var int S3 */
+    const S3 = 2;
+
+    /** @var int 阿里云 Oss */
+    const Oss = 3;
+
+    /** @var int 腾讯云 Cos */
+    const Cos = 4;
+
+    /** @var int 七牛云 Kodo */
+    const Kodo = 5;
+
+    /** @var int 又拍云 Uss */
+    const Uss = 6;
+
+    /** @var int Sftp */
+    const Sftp = 7;
+
+    /** @var int Ftp */
+    const Ftp = 8;
+
+    /** @var int WebDav */
+    const Webdav = 9;
+
+    /** @var int Minio */
+    const Minio = 10;
+}

app/Enums/UserConfigKey.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Enums;
+
+final class UserConfigKey
+{
+    /** @var string 默认相册 */
+    const DefaultAlbum = 'default_album';
+
+    /** @var string 默认策略 */
+    const DefaultStrategy = 'default_strategy';
+
+    /** @var string 默认权限 */
+    const DefaultPermission = 'default_permission';
+
+    /** @var string 图片粘贴后动作 */
+    const PastedAction = 'pasted_action';
+
+    /** @var string 上传是否自动清除预览 */
+    const IsAutoClearPreview = 'is_auto_clear_preview';
+}

app/Enums/UserStatus.php

@@ -0,0 +1,12 @@
+<?php
+
+namespace App\Enums;
+
+final class UserStatus
+{
+    /** @var int 正常 */
+    const Normal = 1;
+
+    /** @var int 冻结 */
+    const Frozen = 0;
+}

app/Enums/Watermark/FontOption.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Enums\Watermark;
+
+final class FontOption
+{
+    /** @var string 文本内容 */
+    const Text = 'text';
+
+    /** @var string 文字颜色 */
+    const Color = 'color';
+
+    /** @var string 字体大小 */
+    const Size = 'size';
+
+    /** @var string 字体文件路径 */
+    const Font = 'font';
+
+    /** @var string 水印位置 */
+    const Position = 'position';
+
+    /** @var string 旋转角度 */
+    const Angle = 'angle';
+
+    /** @var string X轴偏移量 */
+    const X = 'x';
+
+    /** @var string Y轴偏移量 */
+    const Y = 'y';
+}

app/Enums/Watermark/ImageOption.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Enums\Watermark;
+
+final class ImageOption
+{
+    /** @var string 水印图片 */
+    const Image = 'image';
+
+    /** @var string 水印位置 */
+    const Position = 'position';
+
+    /** @var string 水印图片宽 */
+    const Width = 'width';
+
+    /** @var string 水印图片高 */
+    const Height = 'height';
+
+    /** @var string 旋转角度 */
+    const Rotate = 'rotate';
+
+    /** @var string 不透明度 */
+    const Opacity = 'opacity';
+
+    /** @var string X轴偏移量 */
+    const X = 'x';
+
+    /** @var string Y轴偏移量 */
+    const Y = 'y';
+}

app/Enums/Watermark/Mode.php

@@ -0,0 +1,9 @@
+<?php
+
+namespace App\Enums\Watermark;
+
+final class Mode
+{
+    const Overlay = 1; // 覆盖原图
+    const Dynamic = 2; // 动态生成
+}

app/Exceptions/Handler.php

@@ -0,0 +1,57 @@
+<?php
+
+namespace App\Exceptions;
+
+use App\Http\Result;
+use Illuminate\Auth\AuthenticationException;
+use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
+use Illuminate\Http\Exceptions\ThrottleRequestsException;
+use Throwable;
+
+class Handler extends ExceptionHandler
+{
+    use Result;
+
+    /**
+     * A list of the exception types that are not reported.
+     *
+     * @var array<int, class-string<Throwable>>
+     */
+    protected $dontReport = [
+        //
+    ];
+
+    /**
+     * A list of the inputs that are never flashed for validation exceptions.
+     *
+     * @var array<int, string>
+     */
+    protected $dontFlash = [
+        'current_password',
+        'password',
+        'password_confirmation',
+    ];
+
+    /**
+     * Register the exception handling callbacks for the application.
+     *
+     * @return void
+     */
+    public function register()
+    {
+        $this->reportable(function (Throwable $e) {
+            //
+        });
+
+        $this->renderable(function (ThrottleRequestsException $e) {
+            return $this->fail($e->getMessage())->setStatusCode(429);
+        });
+    }
+
+    protected function unauthenticated($request, AuthenticationException $exception)
+    {
+        return $this->shouldReturnJson($request, $exception)
+            ? $this->fail($exception->getMessage())->setStatusCode(401)
+            : redirect()->guest($exception->redirectTo() ?? route('login'));
+    }
+}

app/Exceptions/UploadException.php

@@ -0,0 +1,9 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+
+class UploadException extends Exception
+{
+}

app/Http/Controllers/Admin/ConsoleController.php

@@ -0,0 +1,65 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Models\Image;
+use App\Models\User;
+use App\Utils;
+use Illuminate\Support\Carbon;
+use Illuminate\Support\Collection;
+use Illuminate\View\View;
+
+class ConsoleController extends Controller
+{
+    public function index(): View
+    {
+        $carbon = Carbon::now();
+        $format = 'Y-m-d H:i:s';
+
+        $numbers = [
+            'today' => Image::query()->whereBetween('created_at', [$carbon->startOfDay()->format($format), $carbon->endOfDay()->format($format)])->count(),
+            'yesterday' => Image::query()->whereBetween('created_at', [$carbon->yesterday()->startOfDay()->format($format), $carbon->yesterday()->endOfDay()->format($format)])->count(),
+            'week' => Image::query()->whereBetween('created_at', [$carbon->startOfWeek()->format($format), $carbon->endOfWeek()->format($format)])->count(),
+            'month' => Image::query()->whereBetween('created_at', [$carbon->startOfMonth()->format($format), $carbon->endOfMonth()->format($format)])->count(),
+        ];
+
+        $start = Carbon::now()->parse('-30 day')->startOfDay();
+        $end = Carbon::now()->endOfDay();
+        $dates = Utils::makeDateRange($start->format('Y-m-d'), $end->format('Y-m-d'));
+
+        $fields = ['游客上传', '用户上传', '新用户'];
+
+        $images = Image::query()
+            ->whereBetween('created_at', [$start->format($format), $end->format($format)])
+            ->get(['user_id', 'created_at'])
+            ->transform(function (Image $image) {
+                $image['date'] = $image->created_at->format('Y-m-d');
+                return $image;
+            })->groupBy('date');
+
+        $users = User::query()
+            ->whereBetween('created_at', [$start->format($format), $end->format($format)])
+            ->get()
+            ->transform(function (User $user) {
+                $user['date'] = $user->created_at->format('Y-m-d');
+                return $user;
+            })->groupBy('date');
+
+        $data = collect(array_map(fn() => 0, array_flip($dates)));
+        $array = [
+            $data->merge($images->map(fn(Collection $items) => $items->whereNull('user_id')->count())),
+            $data->merge($images->map(fn(Collection $items) => $items->whereNotNull('user_id')->count())),
+            $data->merge($users->map(fn(Collection $items) => $items->count())),
+        ];
+        $datasets = collect($fields)->transform(function ($item, $index) use ($dates, $array) {
+            return [
+                'name' => $item,
+                'type' => 'line',
+                'data' => $array[$index]->values(),
+            ];
+        });
+
+        return view('admin.console.index', compact('fields', 'numbers', 'dates', 'datasets'));
+    }
+}

app/Http/Controllers/Admin/GroupController.php

@@ -0,0 +1,125 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\Admin\GroupRequest;
+use App\Models\Group;
+use App\Models\Image;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Facades\DB;
+use Illuminate\View\View;
+
+class GroupController extends Controller
+{
+    private function share()
+    {
+        \Illuminate\Support\Facades\View::share([
+            'default' => Group::getDefaultConfigs(),
+            'positions' => Group::POSITIONS,
+            'scenes' => Group::SCENES,
+        ]);
+    }
+
+    public function index(Request $request): View
+    {
+        $keywords = $request->query('keywords');
+        $groups = Group::query()->when($keywords, function (Builder $builder, $keywords) {
+            $builder->where('name', 'like', "%{$keywords}%");
+        })->withCount('users')->withCount('strategies')->latest()->paginate();
+
+        $groups->appends(compact('keywords'));
+
+        $this->share();
+
+        return view('admin.group.index', compact('groups'));
+    }
+
+    public function add(): View
+    {
+        $this->share();
+
+        return view('admin.group.add');
+    }
+
+    public function edit(Request $request): View
+    {
+        $group = Group::query()->findOrFail($request->route('id'));
+
+        $this->share();
+
+        return view('admin.group.edit', compact('group'));
+    }
+
+    public function create(GroupRequest $request): Response
+    {
+        DB::transaction(function () use ($request) {
+            $group = new Group();
+            $group->fill($request->validated());
+            $group->save();
+        });
+
+        $this->share();
+
+        return $this->success('创建成功');
+    }
+
+    public function update(GroupRequest $request): Response
+    {
+        DB::beginTransaction();
+        try {
+            /** @var Group $group */
+            $group = Group::query()->findOrFail($request->route('id'));
+            $group->fill($request->validated());
+            if ($group->isDirty('is_default') && ! $group->is_default) {
+                if (! Group::query()->where('is_default', true)->where('id', '<>', $group->id)->exists()) {
+                    return $this->fail('系统至少需要保留一个默认组');
+                }
+            }
+            if ($group->isDirty('is_guest') && ! $group->is_guest) {
+                if (! Group::query()->where('is_guest', true)->where('id', '<>', $group->id)->exists()) {
+                    return $this->fail('系统至少需要保留一个游客组');
+                }
+            }
+            $group->save();
+            DB::commit();
+        } catch (\Throwable $e) {
+            DB::rollBack();
+            return $this->fail('保存失败');
+        }
+
+        return $this->success('保存成功');
+    }
+
+    public function delete(Request $request): Response
+    {
+        /** @var Group $group */
+        if ($group = Group::query()->find($request->route('id'))) {
+            if ($group->is_default || $group->is_guest) {
+                return $this->fail('默认组和游客组无法删除');
+            }
+            DB::transaction(function () use ($group) {
+                $group->users()->update(['group_id' => Group::query()->where('is_default', true)->value('id')]);
+                $group->delete();
+            });
+        }
+        return $this->success('删除成功');
+    }
+
+    public function clearCache(Request $request): Response
+    {
+        /** @var Group $group */
+        if ($group = Group::query()->find($request->route('id'))) {
+            /** @var Image $image */
+            foreach ($group->images()->select('key')->cursor() as $image) {
+                Cache::forget('image_'.$image->key);
+            }
+        }
+        return $this->success('清除成功');
+    }
+}

app/Http/Controllers/Admin/ImageController.php

@@ -0,0 +1,96 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Enums\ImagePermission;
+use App\Http\Controllers\Controller;
+use App\Models\Image;
+use App\Services\UserService;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Str;
+use Illuminate\View\View;
+
+class ImageController extends Controller
+{
+    public function index(Request $request): View
+    {
+        $keywords = $request->query('keywords');
+        $images = Image::query()->with(['user' => function (BelongsTo $belongsTo) {
+            $belongsTo->withSum('images', 'size');
+        }, 'album', 'group', 'strategy'])->when($keywords, function (Builder $builder, $keywords) {
+            $words = [];
+            $qualifiers = [
+                'name:', 'album:', 'group:', 'strategy:', 'email:', 'extension:', 'md5:', 'sha1:', 'ip:', 'is:', 'order:',
+            ];
+            collect(array_filter(explode(' ', $keywords)))->filter(function ($keyword) use ($qualifiers, &$words) {
+                if (Str::startsWith($keyword, $qualifiers)) {
+                    return true;
+                }
+                $words[] = $keyword;
+                return false;
+            })->each(function ($filter) use ($builder) {
+                match ($filter) {
+                    'is:public' => $builder->where('permission', ImagePermission::Public),
+                    'is:private' => $builder->where('permission', ImagePermission::Private),
+                    'is:unhealthy' => $builder->where('is_unhealthy', 1),
+                    'is:guest' => $builder->whereNull('user_id'),
+                    'is:adminer' => $builder->whereHas('user', fn (Builder $builder) => $builder->where('is_adminer', 1)),
+                    'order:earliest' => $builder->orderBy('created_at'),
+                    'order:utmost' => $builder->orderByDesc('size'),
+                    'order:least' => $builder->orderBy('size'),
+                    default => 0,
+                };
+
+                [$qualifier, $value] = explode(':', $filter);
+
+                if ($value) {
+                    $callback = fn (Builder $builder) => $builder->where('name', $value);
+                    match ($qualifier) {
+                        'name' => $builder->whereHas('user', $callback),
+                        'album' => $builder->whereHas('album', $callback),
+                        'group' => $builder->whereHas('group', $callback),
+                        'strategy' => $builder->whereHas('strategy', $callback),
+                        'email' => $builder->whereHas('user', fn (Builder $builder) => $builder->where('email', $value)),
+                        'extension' => $builder->where('extension', $value),
+                        'md5' => $builder->where('md5', $value),
+                        'sha1' => $builder->where('sha1', $value),
+                        'ip' => $builder->where('ip', $value),
+                        default => 0
+                    };
+                }
+            });
+
+            foreach ($words as $word) {
+                $builder->where('name', 'like', "%{$word}%")
+                    ->orWhere('origin_name', 'like', "%{$word}%")
+                    ->orWhere('alias_name', 'like', "%{$word}%");
+            }
+        })->latest()->paginate(40);
+        $images->getCollection()->each(function (Image $image) {
+            $image->append('url', 'pathname', 'thumb_url');
+            $image->album?->setVisible(['name']);
+            $image->group?->setVisible(['name']);
+            $image->strategy?->setVisible(['name']);
+        });
+
+        $images->appends(compact('keywords'));
+
+        return view('admin.image.index', compact('images'));
+    }
+
+    public function update(): Response
+    {
+        return $this->success();
+    }
+
+    public function delete(Request $request): Response
+    {
+        /** @var Image $image */
+        $image = Image::with('user', 'strategy', 'album')->find($request->route('id'));
+        (new UserService())->deleteImages([$image->id]);
+        return $this->success('删除成功');
+    }
+}

app/Http/Controllers/Admin/SettingController.php

@@ -0,0 +1,78 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Enums\ConfigKey;
+use App\Http\Controllers\Controller;
+use App\Mail\Test;
+use App\Models\Config;
+use App\Services\UpgradeService;
+use App\Utils;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Facades\Mail;
+use Illuminate\View\View;
+
+class SettingController extends Controller
+{
+    public function index(): View
+    {
+        $configs = Utils::config();
+        return view('admin.setting.index', compact('configs'));
+    }
+
+    public function save(Request $request): Response
+    {
+        foreach ($request->all() as $key => $value) {
+            Config::query()->where('name', $key)->update(['value' => $value]);
+        }
+        Cache::flush();
+        return $this->success('保存成功');
+    }
+
+    public function mailTest(Request $request): Response
+    {
+        try {
+            Mail::to($request->post('email'))->send(new Test());
+        } catch (\Throwable $e) {
+            return $this->fail($e->getMessage());
+        }
+        return $this->success('发送成功');
+    }
+
+    public function checkUpdate(): Response
+    {
+        $version = Utils::config(ConfigKey::AppVersion);
+        $service = new UpgradeService($version);
+        try {
+            $data = [
+                'is_update' => $service->check(),
+            ];
+            if ($data['is_update']) {
+                $data['version'] = $service->getVersions()->first();
+            }
+        } catch (\Exception $e) {
+            return $this->fail($e->getMessage());
+        }
+
+        return $this->success('success', $data);
+    }
+
+    public function upgrade()
+    {
+        ignore_user_abort(true);
+        set_time_limit(0);
+
+        $version = Utils::config(ConfigKey::AppVersion);
+        $service = new UpgradeService($version);
+        $this->success()->send();
+        $service->upgrade();
+        flush();
+    }
+
+    public function upgradeProgress(): Response
+    {
+        return $this->success('success', Cache::get('upgrade_progress'));
+    }
+}

app/Http/Controllers/Admin/StrategyController.php

@@ -0,0 +1,75 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\Admin\StrategyRequest;
+use App\Models\Strategy;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\DB;
+use Illuminate\View\View;
+
+class StrategyController extends Controller
+{
+    public function index(Request $request): View
+    {
+        $keywords = $request->query('keywords');
+        $strategies = Strategy::query()->when($keywords, function (Builder $builder, $keywords) {
+            $builder->where('name', 'like', "%{$keywords}%")->orWhere('intro', 'like', "%{$keywords}%");
+        })->withCount('images')->withSum('images', 'size')->latest()->paginate();
+
+        $strategies->appends(compact('keywords'));
+
+        return view('admin.strategy.index', compact('strategies'));
+    }
+
+    public function add(): View
+    {
+        return view('admin.strategy.add');
+    }
+
+    public function edit(Request $request): View
+    {
+        /** @var Strategy $strategy */
+        $strategy = Strategy::query()->findOrFail($request->route('id'));
+        return view('admin.strategy.edit', compact('strategy'));
+    }
+
+    public function create(StrategyRequest $request): Response
+    {
+        $validated = $request->validated();
+        $strategy = new Strategy($validated);
+        DB::transaction(function () use ($strategy, $validated) {
+            $strategy->save();
+            $strategy->groups()->attach($validated['groups'] ?? []);
+        });
+        return $this->success('创建成功');
+    }
+
+    public function update(StrategyRequest $request): Response
+    {
+        $validated = $request->validated();
+        /** @var Strategy $strategy */
+        $strategy = Strategy::query()->findOrFail($request->route('id'));
+        $strategy->fill($request->validated());
+        DB::transaction(function () use ($strategy, $validated) {
+            $strategy->save();
+            $strategy->groups()->sync($validated['groups'] ?? []);
+        });
+        return $this->success('保存成功');
+    }
+
+    public function delete(Request $request): Response
+    {
+        /** @var Strategy $strategy */
+        if ($strategy = Strategy::query()->find($request->route('id'))) {
+            DB::transaction(function () use ($strategy) {
+                $strategy->images()->update(['strategy_id' => null]);
+                $strategy->delete();
+            });
+        }
+        return $this->success('删除成功');
+    }
+}

app/Http/Controllers/Admin/UserController.php

@@ -0,0 +1,81 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\Admin\UserRequest;
+use App\Models\User;
+use Illuminate\Auth\Events\PasswordReset;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Str;
+use Illuminate\View\View;
+
+class UserController extends Controller
+{
+    public function index(Request $request): View
+    {
+        $status = $request->query('status');
+        $keywords = $request->query('keywords');
+        $users = User::query()->when($status > -1, function (Builder $builder) use ($status) {
+            $builder->where('status', $status);
+        })->when($keywords, function (Builder $builder, $keywords) {
+            $builder->where('name', 'like', "%{$keywords}%")->orWhere('email', 'like', "%{$keywords}%");
+        })->with('group')->withSum('images', 'size')->latest()->paginate();
+        $users->getCollection()->each(function (User $user) {
+            $user->group->setVisible(['name']);
+        });
+        $statuses = [-1 => '全部', 1 => '正常', 0 => '冻结'];
+
+        $users->appends(compact('status', 'keywords'));
+
+        return view('admin.user.index', compact('users', 'statuses'));
+    }
+
+    public function edit(Request $request): View
+    {
+        $user = User::query()->findOrFail($request->route('id'));
+        return view('admin.user.edit', compact('user'));
+    }
+
+    public function update(UserRequest $request): Response
+    {
+        /** @var User $user */
+        $user = User::query()->findOrFail($request->route('id'));
+        $validated = $request->validated();
+
+        if (! empty($validated['password'])) {
+            $user->forceFill([
+                'password' => Hash::make($validated['password']),
+                'remember_token' => Str::random(60),
+            ]);
+
+            event(new PasswordReset($user));
+        }
+
+        unset($validated['password']);
+        $user->fill($validated);
+        $user->group_id = $validated['group_id'];
+
+        if (!$user->save()) {
+            return $this->fail('保存失败');
+        }
+        return $this->success('保存成功');
+    }
+
+    public function delete(Request $request): Response
+    {
+        /** @var User $user */
+        if ($user = User::query()->find($request->route('id'))) {
+            DB::transaction(function () use ($user) {
+                $user->images()->update(['user_id' => null]);
+                $user->albums()->delete();
+                $user->delete();
+            });
+        }
+        return $this->success('删除成功');
+    }
+}

app/Http/Controllers/Api/V1/AlbumController.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Http\Controllers\Controller;
+use App\Models\Album;
+use App\Models\User;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Auth;
+
+class AlbumController extends Controller
+{
+    public function index(Request $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        $albums = $user->albums()->filter($request)->paginate(40);
+        $albums->getCollection()->each(function (Album $album) {
+            $album->setVisible(['id', 'name', 'intro', 'image_num']);
+        });
+        return $this->success('success', $albums);
+    }
+
+    public function destroy(Request $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        $user->albums()->where('id', $request->route('id'))->delete();
+        return $this->success('删除成功');
+    }
+}

app/Http/Controllers/Api/V1/ImageController.php

@@ -0,0 +1,83 @@
+<?php
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Exceptions\UploadException;
+use App\Http\Controllers\Controller;
+use App\Models\Image;
+use App\Models\User;
+use App\Services\ImageService;
+use App\Services\UserService;
+use App\Utils;
+use Illuminate\Auth\AuthenticationException;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Auth;
+
+class ImageController extends Controller
+{
+    /**
+     * @throws AuthenticationException
+     */
+    public function upload(Request $request, ImageService $service): Response
+    {
+        if ($request->hasHeader('Authorization')) {
+            $guards = array_keys(config('auth.guards'));
+
+            if (empty($guards)) {
+                $guards = [null];
+            }
+
+            foreach ($guards as $guard) {
+                if (Auth::guard($guard)->check()) {
+                    Auth::shouldUse($guard);
+                    break;
+                }
+            }
+
+            if (! Auth::check()) {
+                throw new AuthenticationException('Authentication failed.');
+            }
+        }
+
+        try {
+            $image = $service->store($request);
+        } catch (UploadException $e) {
+            return $this->fail($e->getMessage());
+        } catch (\Throwable $e) {
+            Utils::e($e, 'Api 上传文件时发生异常');
+            if (config('app.debug')) {
+                return $this->fail($e->getMessage());
+            }
+            return $this->fail('服务异常，请稍后再试');
+        }
+        return $this->success('上传成功', $image->setAppends(['pathname', 'links'])->only(
+            'key', 'name', 'pathname', 'origin_name', 'size', 'mimetype', 'extension', 'md5', 'sha1', 'links'
+        ));
+    }
+
+    public function images(Request $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+
+        $images = $user->images()->filter($request)->paginate(40)->withQueryString();
+        $images->getCollection()->each(function (Image $image) {
+            $image->human_date = $image->created_at->diffForHumans();
+            $image->date = $image->created_at->format('Y-m-d H:i:s');
+            $image->append(['pathname', 'links'])->setVisible([
+                'album', 'key', 'name', 'pathname', 'origin_name', 'size', 'mimetype', 'extension', 'md5', 'sha1',
+                'width', 'height', 'links', 'human_date', 'date',
+            ]);
+        });
+        return $this->success('success', $images);
+    }
+
+    public function destroy(Request $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        (new UserService())->deleteImages([$request->route('key')], $user, 'key');
+        return $this->success('删除成功');
+    }
+}

app/Http/Controllers/Api/V1/StrategyController.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Http\Controllers\Controller;
+use App\Models\Group;
+use App\Models\Strategy;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Auth;
+
+class StrategyController extends Controller
+{
+    public function index(): Response
+    {
+        /** @var Group $group */
+        $group = Auth::check() ? Auth::user()->group : Group::query()->where('is_guest', true)->first();
+        $strategies = $group->strategies()->get()->each(fn (Strategy $strategy) => $strategy->setVisible(['id', 'name']));
+        return $this->success('success', compact('strategies'));
+    }
+}

app/Http/Controllers/Api/V1/TokenController.php

@@ -0,0 +1,45 @@
+<?php
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Validation\ValidationException;
+
+class TokenController extends Controller
+{
+    public function store(Request $request): Response
+    {
+        try {
+            $request->validate([
+                'email' => 'required|email',
+                'password' => 'required',
+            ]);
+        } catch (ValidationException $e) {
+            return $this->fail($e->validator->errors()->first());
+        }
+
+        /** @var User|null $user */
+        $user = User::query()->where('email', $request->email)->first();
+
+        if (! $user || ! Hash::check($request->password, $user->password)) {
+            return $this->fail('The email address or password is incorrect.');
+        }
+
+        $token = $user->createToken($user->email)->plainTextToken;
+
+        return $this->success('success', compact('token'));
+    }
+
+    public function clear(): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        $user->tokens()->delete();
+        return $this->success();
+    }
+}

app/Http/Controllers/Api/V1/UserController.php

@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Http\Controllers\Api\V1;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Auth;
+
+class UserController extends Controller
+{
+    public function index(): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        $user->used_capacity = $user->images()->sum('size') + 0;
+        $user->setVisible([
+            'name', 'avatar', 'email', 'capacity', 'used_capacity', 'url', 'image_num', 'album_num', 'registered_ip'
+        ]);
+        return $this->success('success', $user);
+    }
+}

app/Http/Controllers/Auth/AuthenticatedSessionController.php

@@ -0,0 +1,54 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\Auth\LoginRequest;
+use App\Providers\RouteServiceProvider;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class AuthenticatedSessionController extends Controller
+{
+    /**
+     * Display the login view.
+     *
+     * @return \Illuminate\View\View
+     */
+    public function create()
+    {
+        return view('auth.login');
+    }
+
+    /**
+     * Handle an incoming authentication request.
+     *
+     * @param  \App\Http\Requests\Auth\LoginRequest  $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(LoginRequest $request)
+    {
+        $request->authenticate();
+
+        $request->session()->regenerate();
+
+        return redirect()->intended(RouteServiceProvider::HOME);
+    }
+
+    /**
+     * Destroy an authenticated session.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function destroy(Request $request)
+    {
+        Auth::guard('web')->logout();
+
+        $request->session()->invalidate();
+
+        $request->session()->regenerateToken();
+
+        return redirect('/');
+    }
+}

app/Http/Controllers/Auth/ConfirmablePasswordController.php

@@ -0,0 +1,44 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Providers\RouteServiceProvider;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Validation\ValidationException;
+
+class ConfirmablePasswordController extends Controller
+{
+    /**
+     * Show the confirm password view.
+     *
+     * @return \Illuminate\View\View
+     */
+    public function show()
+    {
+        return view('auth.confirm-password');
+    }
+
+    /**
+     * Confirm the user's password.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return mixed
+     */
+    public function store(Request $request)
+    {
+        if (! Auth::guard('web')->validate([
+            'email' => $request->user()->email,
+            'password' => $request->password,
+        ])) {
+            throw ValidationException::withMessages([
+                'password' => __('auth.password'),
+            ]);
+        }
+
+        $request->session()->put('auth.password_confirmed_at', time());
+
+        return redirect()->intended(RouteServiceProvider::HOME);
+    }
+}

app/Http/Controllers/Auth/EmailVerificationNotificationController.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Providers\RouteServiceProvider;
+use Illuminate\Http\Request;
+
+class EmailVerificationNotificationController extends Controller
+{
+    /**
+     * Send a new email verification notification.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function store(Request $request)
+    {
+        if ($request->user()->hasVerifiedEmail()) {
+            return redirect()->intended(RouteServiceProvider::HOME);
+        }
+
+        $request->user()->sendEmailVerificationNotification();
+
+        return back()->with('status', 'verification-link-sent');
+    }
+}

app/Http/Controllers/Auth/EmailVerificationPromptController.php

@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Providers\RouteServiceProvider;
+use Illuminate\Http\Request;
+
+class EmailVerificationPromptController extends Controller
+{
+    /**
+     * Display the email verification prompt.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return mixed
+     */
+    public function __invoke(Request $request)
+    {
+        return $request->user()->hasVerifiedEmail()
+                    ? redirect()->intended(RouteServiceProvider::HOME)
+                    : view('auth.verify-email');
+    }
+}

app/Http/Controllers/Auth/NewPasswordController.php

@@ -0,0 +1,65 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Auth\Events\PasswordReset;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Password;
+use Illuminate\Support\Str;
+use Illuminate\Validation\Rules;
+
+class NewPasswordController extends Controller
+{
+    /**
+     * Display the password reset view.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\View\View
+     */
+    public function create(Request $request)
+    {
+        return view('auth.reset-password', ['request' => $request]);
+    }
+
+    /**
+     * Handle an incoming new password request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\RedirectResponse
+     *
+     * @throws \Illuminate\Validation\ValidationException
+     */
+    public function store(Request $request)
+    {
+        $request->validate([
+            'token' => ['required'],
+            'email' => ['required', 'email'],
+            'password' => ['required', 'confirmed', Rules\Password::defaults()],
+        ]);
+
+        // Here we will attempt to reset the user's password. If it is successful we
+        // will update the password on an actual user model and persist it to the
+        // database. Otherwise we will parse the error and return the response.
+        $status = Password::reset(
+            $request->only('email', 'password', 'password_confirmation', 'token'),
+            function ($user) use ($request) {
+                $user->forceFill([
+                    'password' => Hash::make($request->password),
+                    'remember_token' => Str::random(60),
+                ])->save();
+
+                event(new PasswordReset($user));
+            }
+        );
+
+        // If the password was successfully reset, we will redirect the user back to
+        // the application's home authenticated view. If there is an error we can
+        // redirect them back to where they came from with their error message.
+        return $status == Password::PASSWORD_RESET
+                    ? redirect()->route('login')->with('status', __($status))
+                    : back()->withInput($request->only('email'))
+                            ->withErrors(['email' => __($status)]);
+    }
+}

app/Http/Controllers/Auth/PasswordResetLinkController.php

@@ -0,0 +1,47 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Password;
+
+class PasswordResetLinkController extends Controller
+{
+    /**
+     * Display the password reset link request view.
+     *
+     * @return \Illuminate\View\View
+     */
+    public function create()
+    {
+        return view('auth.forgot-password');
+    }
+
+    /**
+     * Handle an incoming password reset link request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\RedirectResponse
+     *
+     * @throws \Illuminate\Validation\ValidationException
+     */
+    public function store(Request $request)
+    {
+        $request->validate([
+            'email' => ['required', 'email'],
+        ]);
+
+        // We will send the password reset link to this user. Once we have attempted
+        // to send the link, we will examine the response then see the message we
+        // need to show to the user. Finally, we'll send out a proper response.
+        $status = Password::sendResetLink(
+            $request->only('email')
+        );
+
+        return $status == Password::RESET_LINK_SENT
+                    ? back()->with('status', __($status))
+                    : back()->withInput($request->only('email'))
+                            ->withErrors(['email' => __($status)]);
+    }
+}

app/Http/Controllers/Auth/RegisteredUserController.php

@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Enums\ConfigKey;
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use App\Providers\RouteServiceProvider;
+use App\Utils;
+use Illuminate\Auth\Events\Registered;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Validation\Rules;
+
+class RegisteredUserController extends Controller
+{
+    /**
+     * Display the registration view.
+     *
+     * @return \Illuminate\View\View
+     */
+    public function create()
+    {
+        return view('auth.register');
+    }
+
+    /**
+     * Handle an incoming registration request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\RedirectResponse
+     *
+     * @throws \Illuminate\Validation\ValidationException
+     */
+    public function store(Request $request)
+    {
+        $request->validate([
+            'name' => ['required', 'string', 'max:255'],
+            'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
+            'password' => ['required', 'confirmed', Rules\Password::defaults()],
+        ]);
+
+        $user = User::create([
+            'name' => $request->name,
+            'email' => $request->email,
+            'password' => Hash::make($request->password),
+            'registered_ip' => $request->ip(),
+        ]);
+
+        if (Utils::config(ConfigKey::IsUserNeedVerify)) {
+            event(new Registered($user));
+        }
+
+        Auth::login($user);
+
+        return redirect(RouteServiceProvider::HOME);
+    }
+}

app/Http/Controllers/Auth/VerifyEmailController.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Providers\RouteServiceProvider;
+use Illuminate\Auth\Events\Verified;
+use Illuminate\Foundation\Auth\EmailVerificationRequest;
+
+class VerifyEmailController extends Controller
+{
+    /**
+     * Mark the authenticated user's email address as verified.
+     *
+     * @param  \Illuminate\Foundation\Auth\EmailVerificationRequest  $request
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function __invoke(EmailVerificationRequest $request)
+    {
+        if ($request->user()->hasVerifiedEmail()) {
+            return redirect()->intended(RouteServiceProvider::HOME.'?verified=1');
+        }
+
+        if ($request->user()->markEmailAsVerified()) {
+            event(new Verified($request->user()));
+        }
+
+        return redirect()->intended(RouteServiceProvider::HOME.'?verified=1');
+    }
+}

app/Http/Controllers/Common/ApiController.php

@@ -0,0 +1,14 @@
+<?php
+
+namespace App\Http\Controllers\Common;
+
+use App\Http\Controllers\Controller;
+use Illuminate\View\View;
+
+class ApiController extends Controller
+{
+    public function index(): View
+    {
+        return view('common.api');
+    }
+}

app/Http/Controllers/Common/GalleryController.php

@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Http\Controllers\Common;
+
+use App\Enums\ImagePermission;
+use App\Http\Controllers\Controller;
+use App\Models\Image;
+use Illuminate\View\View;
+
+class GalleryController extends Controller
+{
+    public function index(): View
+    {
+        $images = Image::query()
+            ->with('user')
+            ->whereNotNull('user_id')
+            ->where('is_unhealthy', false)
+            ->where('permission', ImagePermission::Public)
+            ->latest()
+            ->simplePaginate(40);
+        return view('common.gallery', compact('images'));
+    }
+}

app/Http/Controllers/Controller.php

@@ -0,0 +1,205 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Enums\GroupConfigKey;
+use App\Enums\UserStatus;
+use App\Enums\Watermark\Mode;
+use App\Exceptions\UploadException;
+use App\Http\Result;
+use App\Models\Group;
+use App\Models\Image;
+use App\Models\Strategy;
+use App\Models\User;
+use App\Services\ImageService;
+use App\Utils;
+use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
+use Illuminate\Foundation\Bus\DispatchesJobs;
+use Illuminate\Foundation\Validation\ValidatesRequests;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Routing\Controller as BaseController;
+use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\View\View;
+use Intervention\Image\Facades\Image as InterventionImage;
+use League\Flysystem\FilesystemException;
+use Symfony\Component\Console\Output\BufferedOutput;
+use Symfony\Component\HttpFoundation\StreamedResponse;
+
+class Controller extends BaseController
+{
+    use AuthorizesRequests, DispatchesJobs, ValidatesRequests, Result;
+
+    public function install(Request $request): View|Response
+    {
+        if (file_exists(base_path('installed.lock'))) {
+            if ($request->expectsJson()) {
+                return $this->fail('Already installed. if you want to reinstall, please remove installed.lock file.');
+            }
+            abort(404);
+        }
+
+        $extensions = collect([
+            ['name' => 'BCMath', 'intro' => '数学精度处理拓展'],
+            ['name' => 'Ctype', 'intro' => '字符类型检测拓展'],
+            ['name' => 'DOM', 'intro' => 'DOM 对象模型，用于处理文档元素'],
+            ['name' => 'Fileinfo', 'intro' => '获取文件信息拓展'],
+            ['name' => 'JSON', 'intro' => 'JavaScript 对象符号（JSON）'],
+            ['name' => 'Mbstring', 'intro' => '多字节字符串处理拓展'],
+            ['name' => 'OpenSSL', 'intro' => '加密拓展'],
+            ['name' => 'PCRE', 'intro' => '正则表达式拓展'],
+            ['name' => 'PDO', 'intro' => '数据库拓展'],
+            ['name' => 'Tokenizer', 'intro' => '令牌处理拓展'],
+            ['name' => 'XML', 'intro' => 'Xml 解析器'],
+            ['name' => 'Imagick', 'intro' => '高性能图片处理拓展'],
+        ])->transform(function ($item) {
+            $item['result'] = extension_loaded(strtolower($item['name']));
+            return $item;
+        })->push([
+            'name' => 'readlink、symlink 函数',
+            'intro' => '读取、创建符号链接函数',
+            'result' => function_exists('readlink') && function_exists('symlink'),
+        ])->push([
+            'name' => 'putenv、getenv 函数',
+            'intro' => '设置和获取环境变量函数',
+            'result' => function_exists('putenv') && function_exists('getenv'),
+        ])->push([
+            'name' => 'exec、shell_exec 函数',
+            'intro' => '执行外部命令',
+            'result' => function_exists('exec') && function_exists('shell_exec'),
+        ])->push([
+            'name' => 'chmod、chown、fileperms 函数',
+            'intro' => '设置和获取文件、文件夹权限函数',
+            'result' => function_exists('chmod') && function_exists('chown') && function_exists('fileperms'),
+        ])->push([
+            'name' => 'PHP >= 8.0.2',
+            'intro' => '最低要求 PHP 8.0.2 版本',
+            'result' => phpversion() >= 8,
+        ]);
+
+        $status = ! $extensions->where('result', false)->isNotEmpty();
+
+        if ($request->method() === 'POST') {
+            try {
+                $request->validate([
+                    'account.email' => 'required|email',
+                    'account.password' => 'required|between:6,32'
+                ], [], [
+                    'account.email' => '管理员账号邮箱',
+                    'account.password' => '管理员账号密码'
+                ]);
+
+                $data = collect($request->only([
+                    'connection', 'host', 'port', 'database', 'username', 'password',
+                ]))->transform(fn($item, $key) => ['--'.$key => $item])->collapse();
+                $output = new BufferedOutput();
+                $exitCode = Artisan::call('lsky:install', $data->toArray(), $output);
+                if ($exitCode) {
+                    throw new \Exception(str_replace(PHP_EOL, '<br/>', $output->fetch()));
+                }
+                $user = new User([
+                    'name' => '超级管理员',
+                    'email' => $request->input('account.email'),
+                    'password' => Hash::make($request->input('account.password')),
+                    'registered_ip' => $request->ip(),
+                ]);
+                $user->group_id = Group::query()->first()['id'];
+                $user->is_adminer = true;
+                $user->status = UserStatus::Normal;
+                $user->email_verified_at = date('Y-m-d H:i:s');
+                // 设置默认策略组的 url 为当前请求 url
+                Strategy::query()->update(['configs->url' => $request->getSchemeAndHttpHost().'/i']);
+                $user->save();
+            } catch (\Throwable $e) {
+                @unlink(base_path('installed.lock'));
+                Utils::e($e, '执行安装程序时出现异常');
+                return $this->fail($e->getMessage());
+            }
+            return $this->success();
+        }
+
+        return view('install', compact('extensions', 'status'));
+    }
+
+    public function upload(Request $request, ImageService $service): Response
+    {
+        try {
+            $image = $service->store($request);
+        } catch (UploadException $e) {
+            return $this->fail($e->getMessage());
+        } catch (\Throwable $e) {
+            Utils::e($e, 'Web 上传文件时发生异常');
+            if (config('app.debug')) {
+                return $this->fail($e->getMessage());
+            }
+            return $this->fail('服务异常，请稍后再试');
+        }
+        return $this->success('上传成功', $image->setAppends(['pathname', 'links'])->only(
+            'id', 'pathname', 'origin_name', 'size', 'mimetype', 'md5', 'sha1', 'links'
+        ));
+    }
+
+    public function output(Request $request, ImageService $service): StreamedResponse
+    {
+        /** @var Image $image */
+        $image = Image::query()
+            ->with('group')
+            ->where('key', $request->route('key'))
+            ->where('extension', strtolower($request->route('extension')))
+            ->firstOr(fn() => abort(404));
+        if (! $image->group?->configs->get(GroupConfigKey::IsEnableOriginalProtection)) {
+            abort(404);
+        }
+        try {
+            $cacheKey = "image_{$image->key}";
+
+            if (Cache::has($cacheKey)) {
+                $contents = Cache::get($cacheKey);
+            } else {
+                $contents = $image->filesystem()->read($image->pathname);
+                $configs = collect($image->group?->configs->get(GroupConfigKey::WatermarkConfigs));
+
+                // 是否启用了水印功能，跳过gif和ico图片
+                if (
+                    $image->group?->configs->get(GroupConfigKey::IsEnableWatermark) &&
+                    $configs->get('mode', Mode::Overlay) == Mode::Dynamic &&
+                    ! in_array($image->extension, ['ico', 'gif', 'svg'])
+                ) {
+                    $quality = $image->group?->configs->get(GroupConfigKey::ImageSaveQuality, 75);
+                    $contents = $service->stickWatermark($contents, $configs)->encode($image->extension, $quality)->getEncoded();
+                }
+                $cacheTtl = (int)$image->group?->configs->get(GroupConfigKey::ImageCacheTtl, 0);
+                // 是否启用了缓存
+                if ($cacheTtl) {
+                    Cache::remember($cacheKey, $cacheTtl, fn () => $contents);
+                } else {
+                    if (Cache::has($cacheKey)) Cache::forget($cacheKey);
+                }
+            }
+        } catch (FilesystemException $e) {
+            Utils::e($e, '图片输出时出现异常');
+            abort(404);
+        }
+
+        $mimetype = $image->mimetype;
+
+        // ico svg 图片直接输出，不经过 InterventionImage 处理
+        if (in_array($image->extension, ['ico', 'svg'])) {
+            goto out;
+        }
+
+        // 浏览器无法预览的图片，改为 png 格式输出
+        if (in_array($image->extension, ['psd', 'tif', 'bmp'])) {
+            $mimetype = 'image/png';
+            $contents = InterventionImage::make($contents)->encode('png')->getEncoded();
+        }
+
+        out:
+
+        return \response()->stream(function () use ($contents) {
+            echo $contents;
+        }, headers: ['Content-type' => $mimetype]);
+    }
+}

app/Http/Controllers/User/AlbumController.php

@@ -0,0 +1,69 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\AlbumRequest;
+use App\Models\Album;
+use App\Models\User;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\DB;
+
+class AlbumController extends Controller
+{
+    public function albums(): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        $albums = $user->albums()->latest()->paginate(40);
+        $albums->getCollection()->each(function (Album $album) {
+            $album->setVisible(['id', 'name', 'intro', 'image_num']);
+        });
+        return $this->success('success', compact('albums'));
+    }
+
+    public function create(AlbumRequest $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        DB::transaction(function () use ($user, $request) {
+            $user->albums()->create(array_filter($request->validated()));
+            $user->album_num = $user->albums()->count();
+            $user->save();
+        });
+
+        return $this->success('创建成功');
+    }
+
+    public function update(AlbumRequest $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        $album = $user->albums()->find($request->route('id'));
+        if (is_null($album)) {
+            return $this->fail('不存在的相册');
+        }
+        $album->update(array_filter($request->validated()));
+        return $this->success('修改成功');
+    }
+
+    public function delete(Request $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        /** @var Album|null $album */
+        $album = $user->albums()->find($request->route('id'));
+        if (is_null($album)) {
+            return $this->fail('不存在的相册');
+        }
+        DB::transaction(function () use ($user, $album) {
+            $album->images()->update(['album_id' => null]);
+            $album->delete();
+            $user->album_num = $user->albums()->count();
+            $user->save();
+        });
+        return $this->success('删除成功');
+    }
+}

app/Http/Controllers/User/ImageController.php

@@ -0,0 +1,121 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Enums\ImagePermission;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\ImageRenameRequest;
+use App\Models\Album;
+use App\Models\Image;
+use App\Models\User;
+use App\Services\UserService;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\DB;
+use Illuminate\View\View;
+
+class ImageController extends Controller
+{
+    public function index(): View
+    {
+        return view('user.images');
+    }
+
+    public function images(Request $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+
+        $images = $user->images()->filter($request)->with('group', 'strategy')->paginate(40);
+        $images->getCollection()->each(function (Image $image) {
+            // 图片宽高过小会导致前端排版异常
+            $image->width = max($image->width, 200);
+            $image->height = max($image->height, 200);
+
+            $image->human_date = $image->created_at->diffForHumans();
+            $image->date = $image->created_at->format('Y-m-d H:i:s');
+            $image->append(['url', 'thumb_url', 'filename', 'links'])->setVisible([
+                'id', 'filename', 'url', 'thumb_url', 'human_date', 'date', 'size', 'width', 'height', 'links'
+            ]);
+        });
+        return $this->success('success', compact('images'));
+    }
+
+    public function image(Request $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        /** @var Image $image */
+        if (!$image = $user->images()->find($request->route('id'))) {
+            return $this->fail('未找到该图片');
+        }
+        $image->strategy?->setVisible(['name']);
+        $image->album?->setVisible(['name']);
+        $image->append(['url', 'thumb_url', 'filename', 'links'])->setVisible([
+            'id', 'filename', 'origin_name', 'url', 'thumb_url', 'width', 'height', 'size', 'mimetype', 'md5', 'sha1',
+            'permission', 'strategy', 'album', 'uploaded_ip', 'links', 'created_at'
+        ]);
+        return $this->success('success', compact('image'));
+    }
+
+    public function permission(Request $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        $permission = $request->input('permission');
+        $permissions = ['public' => ImagePermission::Public, 'private' => ImagePermission::Private];
+        if (!in_array($permission, array_keys($permissions))) {
+            return $this->fail('设置失败');
+        }
+        $user->images()->whereIn('id', (array) $request->input('ids'))->update([
+            'permission' => $permissions[$permission],
+        ]);
+        return $this->success('设置成功');
+    }
+
+    public function rename(ImageRenameRequest $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        /** @var Image $image */
+        if ($image = $user->images()->find($request->input('id'))) {
+            $image->alias_name = $request->input('name');
+            $image->save();
+        }
+
+        return $this->success('重命名成功', $image->only('id', 'filename'));
+    }
+
+    public function movement(Request $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        DB::transaction(function () use ($user, $request) {
+            /** @var null|Album $album */
+            $album = $user->albums()->find((int) $request->input('id'));
+            $user->images()->whereIn('id', $request->input('selected'))->update([
+                'album_id' => $album->id ?? null,
+            ]);
+            if ($album) {
+                $album->image_num = $album->images()->count();
+                $album->save();
+            }
+            if ($albumId = (int) $request->input('album_id')) {
+                /** @var Album $originAlbum */
+                $originAlbum = $user->albums()->find($albumId);
+                $originAlbum->image_num = $originAlbum->images()->count();
+                $originAlbum->save();
+            }
+        });
+        return $this->success('移动成功');
+    }
+
+    public function delete(Request $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        (new UserService())->deleteImages($request->all() ?: [], $user);
+        return $this->success('删除成功');
+    }
+}

app/Http/Controllers/User/UserController.php

@@ -0,0 +1,64 @@
+<?php
+
+namespace App\Http\Controllers\User;
+
+use App\Enums\UserConfigKey;
+use App\Http\Controllers\Controller;
+use App\Http\Requests\UserSettingRequest;
+use App\Models\User;
+use Illuminate\Auth\Events\PasswordReset;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Str;
+use Illuminate\View\View;
+
+class UserController extends Controller
+{
+    public function dashboard(): View
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        $configs = $user->group->configs;
+        $strategies = $user->group->strategies()->get();
+        return view('user.dashboard', compact('strategies', 'configs', 'user'));
+    }
+
+    public function settings(): View
+    {
+        return view('user.settings');
+    }
+
+    public function update(UserSettingRequest $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        $user->name = $request->validated('name');
+        $user->url = $request->validated('url') ?: '';
+        $user->configs = $user->configs->merge(collect($request->validated('configs'))->transform(function ($value) {
+            return (int)$value;
+        }));
+        if ($password = $request->validated('password')) {
+            $user->forceFill([
+                'password' => Hash::make($password),
+                'remember_token' => Str::random(60),
+            ]);
+
+            event(new PasswordReset($user));
+        }
+        $user->save();
+        return $this->success('保存成功');
+    }
+
+    public function setStrategy(Request $request): Response
+    {
+        /** @var User $user */
+        $user = Auth::user();
+        if (! $strategy = $user->group->strategies()->find($request->id)) {
+            return $this->fail('没有找到该策略');
+        }
+        $user->update(['configs->'.UserConfigKey::DefaultStrategy => $strategy->id]);
+        return $this->success('设置成功');
+    }
+}

app/Http/Kernel.php

@@ -0,0 +1,68 @@
+<?php
+
+namespace App\Http;
+
+use Illuminate\Foundation\Http\Kernel as HttpKernel;
+
+class Kernel extends HttpKernel
+{
+    /**
+     * The application's global HTTP middleware stack.
+     *
+     * These middleware are run during every request to your application.
+     *
+     * @var array<int, class-string|string>
+     */
+    protected $middleware = [
+        // \App\Http\Middleware\TrustHosts::class,
+        \App\Http\Middleware\TrustProxies::class,
+        \Fruitcake\Cors\HandleCors::class,
+        \App\Http\Middleware\PreventRequestsDuringMaintenance::class,
+        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
+        \App\Http\Middleware\TrimStrings::class,
+        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
+    ];
+
+    /**
+     * The application's route middleware groups.
+     *
+     * @var array<string, array<int, class-string|string>>
+     */
+    protected $middlewareGroups = [
+        'web' => [
+            \App\Http\Middleware\EncryptCookies::class,
+            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
+            \Illuminate\Session\Middleware\StartSession::class,
+            // \Illuminate\Session\Middleware\AuthenticateSession::class,
+            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
+            \App\Http\Middleware\VerifyCsrfToken::class,
+            \Illuminate\Routing\Middleware\SubstituteBindings::class,
+        ],
+
+        'api' => [
+            \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
+            'throttle:api',
+            \Illuminate\Routing\Middleware\SubstituteBindings::class,
+        ],
+    ];
+
+    /**
+     * The application's route middleware.
+     *
+     * These middleware may be assigned to groups or used individually.
+     *
+     * @var array<string, class-string|string>
+     */
+    protected $routeMiddleware = [
+        'auth' => \App\Http\Middleware\Authenticate::class,
+        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
+        'auth.admin' => \App\Http\Middleware\AuthenticateWithAdmin::class,
+        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
+        'can' => \Illuminate\Auth\Middleware\Authorize::class,
+        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
+        'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
+        'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
+        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
+        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
+    ];
+}

app/Http/Middleware/Authenticate.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Auth\Middleware\Authenticate as Middleware;
+
+class Authenticate extends Middleware
+{
+    /**
+     * Get the path the user should be redirected to when they are not authenticated.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return string|null
+     */
+    protected function redirectTo($request)
+    {
+        if (! $request->expectsJson()) {
+            return route('login');
+        }
+    }
+}

app/Http/Middleware/AuthenticateWithAdmin.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Models\User;
+use Closure;
+use Illuminate\Support\Facades\Auth;
+
+class AuthenticateWithAdmin extends Authenticate
+{
+    public function handle($request, Closure $next, ...$guards)
+    {
+        $this->authenticate($request, $guards);
+
+        /** @var User $user */
+        $user = Auth::user();
+
+        if (! $user->is_adminer) {
+            return abort(403);
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/CheckIsEnableApi.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Enums\ConfigKey;
+use App\Http\Result;
+use App\Utils;
+use Closure;
+use Illuminate\Http\Request;
+
+class CheckIsEnableApi
+{
+    use Result;
+
+    public function handle(Request $request, Closure $next)
+    {
+        if (! Utils::config(ConfigKey::IsEnableApi)) {
+            if ($request->expectsJson()) {
+                return $this->fail('管理员未启用 API')->setStatusCode(403);
+            }
+            abort(404);
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/CheckIsEnableGallery.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Enums\ConfigKey;
+use App\Http\Result;
+use App\Utils;
+use Closure;
+use Illuminate\Http\Request;
+
+class CheckIsEnableGallery
+{
+    use Result;
+
+    public function handle(Request $request, Closure $next)
+    {
+        if (! Utils::config(ConfigKey::IsEnableGallery)) {
+            if ($request->expectsJson()) {
+                return $this->fail('管理员未启用画廊功能')->setStatusCode(403);
+            }
+            abort(404);
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/CheckIsEnableGuestUpload.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Enums\ConfigKey;
+use App\Http\Result;
+use App\Utils;
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class CheckIsEnableGuestUpload
+{
+    use Result;
+
+    public function handle(Request $request, Closure $next)
+    {
+        // 检测是否启用了游客上传，未启用、未登录情况下跳转至登录页面
+        if (! Utils::config(ConfigKey::IsAllowGuestUpload) && Auth::guest()) {
+            return redirect('login');
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/CheckIsEnableRegistration.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Enums\ConfigKey;
+use App\Http\Result;
+use App\Utils;
+use Closure;
+use Illuminate\Http\Request;
+
+class CheckIsEnableRegistration
+{
+    use Result;
+
+    public function handle(Request $request, Closure $next)
+    {
+        if (! Utils::config(ConfigKey::IsEnableRegistration)) {
+            if ($request->expectsJson()) {
+                return $this->fail('站点管理员关闭了注册功能')->setStatusCode(403);
+            }
+            abort(404);
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/CheckIsInstalled.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Http\Result;
+use Closure;
+use Illuminate\Http\Request;
+
+class CheckIsInstalled
+{
+    use Result;
+
+    public function handle(Request $request, Closure $next)
+    {
+        // 检测程序是否安装
+        if (! file_exists(base_path('installed.lock'))) {
+            if (! $request->expectsJson()) {
+                return redirect('install');
+            } else {
+                return $this->fail('It has already been installed.');
+            }
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/EncryptCookies.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
+
+class EncryptCookies extends Middleware
+{
+    /**
+     * The names of the cookies that should not be encrypted.
+     *
+     * @var array<int, string>
+     */
+    protected $except = [
+        //
+    ];
+}

app/Http/Middleware/PreventRequestsDuringMaintenance.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance as Middleware;
+
+class PreventRequestsDuringMaintenance extends Middleware
+{
+    /**
+     * The URIs that should be reachable while maintenance mode is enabled.
+     *
+     * @var array<int, string>
+     */
+    protected $except = [
+        //
+    ];
+}

app/Http/Middleware/RedirectIfAuthenticated.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Providers\RouteServiceProvider;
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class RedirectIfAuthenticated
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
+     * @param  string|null  ...$guards
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
+     */
+    public function handle(Request $request, Closure $next, ...$guards)
+    {
+        $guards = empty($guards) ? [null] : $guards;
+
+        foreach ($guards as $guard) {
+            if (Auth::guard($guard)->check()) {
+                return redirect(RouteServiceProvider::HOME);
+            }
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/TrimStrings.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
+
+class TrimStrings extends Middleware
+{
+    /**
+     * The names of the attributes that should not be trimmed.
+     *
+     * @var array<int, string>
+     */
+    protected $except = [
+        'current_password',
+        'password',
+        'password_confirmation',
+    ];
+}

app/Http/Middleware/TrustHosts.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Http\Middleware\TrustHosts as Middleware;
+
+class TrustHosts extends Middleware
+{
+    /**
+     * Get the host patterns that should be trusted.
+     *
+     * @return array<int, string|null>
+     */
+    public function hosts()
+    {
+        return [
+            $this->allSubdomainsOfApplicationUrl(),
+        ];
+    }
+}

app/Http/Middleware/TrustProxies.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Http\Middleware\TrustProxies as Middleware;
+use Illuminate\Http\Request;
+
+class TrustProxies extends Middleware
+{
+    /**
+     * The trusted proxies for this application.
+     *
+     * @var array<int, string>|string|null
+     */
+    protected $proxies = '*';
+
+    /**
+     * The headers that should be used to detect proxies.
+     *
+     * @var int
+     */
+    protected $headers =
+        Request::HEADER_X_FORWARDED_FOR |
+        Request::HEADER_X_FORWARDED_HOST |
+        Request::HEADER_X_FORWARDED_PORT |
+        Request::HEADER_X_FORWARDED_PROTO |
+        Request::HEADER_X_FORWARDED_AWS_ELB;
+}

app/Http/Middleware/VerifyCsrfToken.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
+
+class VerifyCsrfToken extends Middleware
+{
+    /**
+     * The URIs that should be excluded from CSRF verification.
+     *
+     * @var array<int, string>
+     */
+    protected $except = [
+        //
+    ];
+}

app/Http/Requests/Admin/GroupRequest.php

@@ -0,0 +1,165 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use App\Http\Requests\FormRequest;
+use Illuminate\Validation\Rule;
+
+class GroupRequest extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        $requiredIfReview = function ($driver) {
+            return Rule::requiredIf($this->input('configs.is_enable_scan') && $this->input('configs.scan_configs.driver') === $driver);
+        };
+
+        $requiredIfWatermark = function ($driver) {
+            return Rule::requiredIf($this->input('configs.is_enable_watermark') && $this->input('configs.watermark_configs.driver') === $driver);
+        };
+
+        return [
+            'name' => 'required|between:2,30',
+            'is_default' => 'boolean',
+            'is_guest' => 'boolean',
+            'configs' => 'required|array',
+            'configs.maximum_file_size' => 'required|numeric',
+            'configs.concurrent_upload_num' => 'required|integer',
+            'configs.limit_per_minute' => 'required|integer',
+            'configs.limit_per_hour' => 'required|integer',
+            'configs.limit_per_day' => 'required|integer',
+            'configs.limit_per_week' => 'required|integer',
+            'configs.limit_per_month' => 'required|integer',
+            'configs.image_save_quality' => 'required|min:1|max:100',
+            'configs.image_save_format' => '',
+            'configs.path_naming_rule' => 'max:400',
+            'configs.file_naming_rule' => 'max:400',
+            'configs.accepted_file_suffixes' => 'required|array|in:jpeg,jpg,png,gif,tif,bmp,ico,psd,webp,svg',
+
+            'configs.is_enable_scan' => 'boolean',
+            'configs.scanned_action' => [
+                'exclude_if:configs.is_enable_scan,false',
+                'in:mark,delete',
+            ],
+            'configs.scan_configs.driver' => ['exclude_if:configs.is_enable_scan,false', 'in:tencent,aliyun,nsfwjs'],
+            'configs.scan_configs.drivers.tencent.endpoint' => [$requiredIfReview('tencent')],
+            'configs.scan_configs.drivers.tencent.secret_id' => [$requiredIfReview('tencent')],
+            'configs.scan_configs.drivers.tencent.secret_key' => [$requiredIfReview('tencent')],
+            'configs.scan_configs.drivers.tencent.region' => [$requiredIfReview('tencent')],
+            'configs.scan_configs.drivers.tencent.biz_type' => '',
+
+            'configs.scan_configs.drivers.aliyun.access_key_id' => [$requiredIfReview('aliyun')],
+            'configs.scan_configs.drivers.aliyun.access_key_secret' => [$requiredIfReview('aliyun')],
+            'configs.scan_configs.drivers.aliyun.region_id' => [$requiredIfReview('aliyun')],
+            'configs.scan_configs.drivers.aliyun.biz_type' => '',
+            'configs.scan_configs.drivers.aliyun.scenes' => [$requiredIfReview('aliyun'), 'array'],
+
+            'configs.scan_configs.drivers.nsfwjs.api_url' => [$requiredIfReview('nsfwjs')],
+            'configs.scan_configs.drivers.nsfwjs.attr_name' => [$requiredIfReview('nsfwjs'), 'nullable'],
+            'configs.scan_configs.drivers.nsfwjs.threshold' => [$requiredIfReview('nsfwjs'), 'nullable', 'integer', 'between:1,100'],
+
+            'configs.is_enable_original_protection' => 'boolean',
+            'configs.image_cache_ttl' => 'nullable|numeric',
+
+            'configs.is_enable_watermark' => 'boolean',
+            'configs.watermark_configs.mode' => ['in:1,2'],
+            'configs.watermark_configs.driver' => ['exclude_if:configs.is_enable_watermark,false', 'in:font,image'],
+            'configs.watermark_configs.drivers.font.font' => [
+                $requiredIfWatermark('font'),
+                function ($attribute, $value, $fail) {
+                    if (! file_exists(storage_path('app/public/'.$value))) {
+                        $fail('字体文件不存在');
+                    }
+                },
+            ],
+            'configs.watermark_configs.drivers.font.position' => [$requiredIfWatermark('font')],
+            'configs.watermark_configs.drivers.font.text' => [$requiredIfWatermark('font')],
+            'configs.watermark_configs.drivers.font.color' => [$requiredIfWatermark('font')],
+            'configs.watermark_configs.drivers.font.size' => [$requiredIfWatermark('font'), 'nullable', 'integer'],
+            'configs.watermark_configs.drivers.font.angle' => [$requiredIfWatermark('font'), 'nullable', 'integer'],
+            'configs.watermark_configs.drivers.font.x' => [$requiredIfWatermark('font'), 'nullable', 'integer'],
+            'configs.watermark_configs.drivers.font.y' => [$requiredIfWatermark('font'), 'nullable', 'integer'],
+            'configs.watermark_configs.drivers.image.image' => [
+                $requiredIfWatermark('image'),
+                function ($attribute, $value, $fail) {
+                    if (! file_exists(storage_path('app/public/'.$value))) {
+                        $fail('图片文件不存在');
+                    }
+                },
+            ],
+            'configs.watermark_configs.drivers.image.position' => [$requiredIfWatermark('image')],
+            'configs.watermark_configs.drivers.image.width' => [$requiredIfWatermark('image'), 'nullable', 'integer'],
+            'configs.watermark_configs.drivers.image.height' => [$requiredIfWatermark('image'), 'nullable', 'integer'],
+            'configs.watermark_configs.drivers.image.opacity' => [
+                $requiredIfWatermark('image'), 'nullable', 'integer', 'between:0,100',
+            ],
+            'configs.watermark_configs.drivers.image.rotate' => [$requiredIfWatermark('image'), 'nullable', 'integer'],
+            'configs.watermark_configs.drivers.image.x' => [$requiredIfWatermark('image'), 'nullable', 'integer'],
+            'configs.watermark_configs.drivers.image.y' => [$requiredIfWatermark('image'), 'nullable', 'integer'],
+        ];
+    }
+
+    public function attributes()
+    {
+        return [
+            'name' => '组名称',
+            'is_default' => '是否默认',
+            'configs' => '组配置',
+            'configs.maximum_file_size' => '文件最大上传大小',
+            'configs.concurrent_upload_num' => '并发上传数量',
+            'configs.limit_per_minute' => '每分钟上传限制',
+            'configs.limit_per_hour' => '每小时上传限制',
+            'configs.limit_per_day' => '每天上传限制',
+            'configs.limit_per_week' => '每周上传限制',
+            'configs.limit_per_month' => '每月上传限制',
+            'configs.path_naming_rule' => '路径命名规则',
+            'configs.file_naming_rule' => '文件命名规则',
+            'configs.image_save_quality' => '图片保存质量',
+            'configs.image_save_format' => '图片保存格式',
+            'configs.accepted_file_suffixes' => '允许上传的文件后缀',
+
+            'configs.is_enable_scan' => '是否启用图片审核',
+            'configs.scanned_action' => '图片审核动作',
+            'configs.scan_configs.driver' => '图片审核驱动',
+            'configs.scan_configs.drivers.tencent.endpoint' => 'Endpoint',
+            'configs.scan_configs.drivers.tencent.secret_id' => 'SecretId',
+            'configs.scan_configs.drivers.tencent.secret_key' => 'SecretKey',
+            'configs.scan_configs.drivers.tencent.region' => '地域节点',
+            'configs.scan_configs.drivers.tencent.biz_type' => '业务场景',
+            'configs.scan_configs.drivers.aliyun.access_key_id' => 'AccessKeyId',
+            'configs.scan_configs.drivers.aliyun.access_key_secret' => 'AccessKeySecret',
+            'configs.scan_configs.drivers.aliyun.region_id' => '地域节点',
+            'configs.scan_configs.drivers.aliyun.biz_type' => '场景名称',
+            'configs.scan_configs.drivers.aliyun.scenes' => '审核场景',
+            'configs.scan_configs.drivers.nsfwjs.api_url' => '接口地址',
+            'configs.scan_configs.drivers.nsfwjs.attr_name' => '表单名称',
+            'configs.scan_configs.drivers.nsfwjs.threshold' => '阈值',
+
+            'configs.is_enable_original_protection' => '是否启用原图保护功能',
+            'configs.image_cache_ttl' => '图片缓存时间',
+
+            'configs.is_enable_watermark' => '是否启用水印功能',
+            'configs.watermark_configs.driver' => '水印驱动',
+            'configs.watermark_configs.drivers.font.font' => '字体文件',
+            'configs.watermark_configs.drivers.font.position' => '水印位置',
+            'configs.watermark_configs.drivers.font.text' => '水印文字',
+            'configs.watermark_configs.drivers.font.color' => '字体颜色',
+            'configs.watermark_configs.drivers.font.size' => '水印文字大小',
+            'configs.watermark_configs.drivers.font.angle' => '水印旋转角度',
+            'configs.watermark_configs.drivers.font.x' => '水印X轴偏移量',
+            'configs.watermark_configs.drivers.font.y' => '水印Y轴偏移量',
+            'configs.watermark_configs.drivers.image.image' => '水印图片文件',
+            'configs.watermark_configs.drivers.image.position' => '水印位置',
+            'configs.watermark_configs.drivers.image.width' => '水印图片宽度',
+            'configs.watermark_configs.drivers.image.height' => '水印图片高度',
+            'configs.watermark_configs.drivers.image.opacity' => '水印透明度',
+            'configs.watermark_configs.drivers.image.rotate' => '水印旋转角度',
+            'configs.watermark_configs.drivers.image.x' => '水印X轴偏移量',
+            'configs.watermark_configs.drivers.image.y' => '水印Y轴偏移量',
+        ];
+    }
+}

app/Http/Requests/Admin/StrategyRequest.php

@@ -0,0 +1,221 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use App\Enums\StrategyKey;
+use App\Http\Requests\FormRequest;
+use App\Models\Strategy;
+use Illuminate\Support\Collection;
+
+class StrategyRequest extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        $checkUrl = function ($attribute, $value, $fail) {
+            if ($this->input('key') == StrategyKey::Local) {
+                $folders = [config('app.thumbnail_path'), 'fonts', 'css', 'js'];
+                $symlink = Strategy::getRootPath($value);
+                if (! $symlink) {
+                    return $fail('访问域名缺少根路径');
+                }
+                if (in_array($symlink, $folders)) {
+                    return $fail('系统保留路径：'. $symlink);
+                }
+                if (false !== strpbrk($symlink, "\\/?%*:|\"<>")) {
+                    return $fail('根路径名称不符合规则');
+                }
+                // 修改时单独判断
+                if ($this->method() === 'PUT') {
+                    $symlinks = Strategy::query()
+                        ->where('id', '<>', $this->route('id'))
+                        ->pluck('configs')
+                        ->transform(function (Collection $configs) {
+                            return Strategy::getRootPath($configs->get('url'));
+                        })->merge($folders)->values()->toArray();
+                    if (in_array($symlink, $symlinks)) {
+                        return $fail('根路径已经存在');
+                    }
+                } else {
+                    if (realpath(public_path($symlink))) {
+                        return $fail('根路径已经存在');
+                    }
+                }
+            }
+        };
+
+        $array = [
+            'groups' => 'array',
+            'name' => 'required|max:60',
+            'intro' => 'max:2000',
+            'key' => 'required|integer',
+            'configs.url' => ['required', 'url'],
+            'configs.queries' => '',
+        ];
+
+        return array_merge($array, match((int)$this->input('key')) {
+            StrategyKey::Local => [
+                'configs.url' => ['required', 'url', $checkUrl],
+                'configs.root' => ['max:1000', function ($attribute, $value, $fail) {
+                    if ($value) {
+                        if (! is_dir($value)) {
+                            return $fail('储存路径不存在');
+                        }
+                        if (! is_writeable($value)) {
+                            return $fail('储存路径没有写入权限');
+                        }
+                    }
+                }],
+            ],
+            StrategyKey::S3 => [
+                'configs.access_key_id' => 'required',
+                'configs.secret_access_key' => 'required',
+                'configs.endpoint' => '',
+                'configs.region' => '',
+                'configs.bucket' => 'required',
+            ],
+            StrategyKey::Oss => [
+                'configs.access_key_id' => 'required',
+                'configs.access_key_secret' => 'required',
+                'configs.endpoint' => 'required',
+                'configs.bucket' => 'required',
+            ],
+            StrategyKey::Cos => [
+                'configs.app_id' => 'required',
+                'configs.secret_id' => 'required',
+                'configs.secret_key' => 'required',
+                'configs.region' => 'required',
+                'configs.bucket' => 'required',
+            ],
+            StrategyKey::Kodo => [
+                'configs.access_key' => 'required',
+                'configs.secret_key' => 'required',
+                'configs.bucket' => 'required',
+            ],
+            StrategyKey::Uss => [
+                'configs.service' => 'required',
+                'configs.operator' => 'required',
+                'configs.password' => 'required',
+            ],
+            StrategyKey::Sftp => [
+                'configs.root' => 'required',
+                'configs.host' => 'required',
+                'configs.port' => 'integer',
+                'configs.username' => 'required',
+                'configs.password' => 'required_if:configs.private_key,null',
+                'configs.private_key' => 'required_if:configs.password,null',
+                'configs.passphrase' => '',
+                'configs.use_agent' => 'required|boolean',
+            ],
+            StrategyKey::Ftp => [
+                'configs.root' => 'required',
+                'configs.host' => 'required',
+                'configs.port' => 'integer',
+                'configs.username' => 'required',
+                'configs.password' => 'required',
+                'configs.ssl' => 'required|boolean',
+                'configs.passive' => 'required|boolean',
+            ],
+            StrategyKey::Webdav => [
+                'configs.base_uri' => 'required',
+                'configs.username' => '',
+                'configs.password' => '',
+                'configs.auth_type' => '',
+                'configs.prefix' => '',
+            ],
+            StrategyKey::Minio => [
+                'configs.access_key' => 'required',
+                'configs.secret_key' => 'required',
+                'configs.endpoint' => '',
+                'configs.region' => '',
+                'configs.bucket' => 'required',
+                'configs.bucket_endpoint' => '',
+            ],
+        });
+    }
+
+    public function attributes()
+    {
+        $array = [
+            'name' => '名称',
+            'intro' => '简介',
+            'key' => '策略',
+            'configs.url' => '访问网址',
+            'configs.queries' => 'Url 额外参数',
+        ];
+
+        return array_merge($array, match((int)$this->input('key')) {
+            StrategyKey::Local => [
+                'configs.root' => '根目录路径',
+            ],
+            StrategyKey::S3 => [
+                'configs.access_key_id' => 'AccessKeyId',
+                'configs.secret_access_key' => 'SecretAccessKey',
+                'configs.endpoint' => '连接地址',
+                'configs.region' => '区域',
+                'configs.bucket' => '储存桶名称',
+            ],
+            StrategyKey::Oss => [
+                'configs.access_key_id' => 'AccessKeyId',
+                'configs.access_key_secret' => 'AccessKeySecret',
+                'configs.endpoint' => '地域节点域名',
+                'configs.bucket' => 'Bucket 名称',
+            ],
+            StrategyKey::Cos => [
+                'configs.app_id' => 'AppId',
+                'configs.secret_id' => 'SecretId',
+                'configs.secret_key' => 'SecretKey',
+                'configs.region' => '所属地域',
+                'configs.bucket' => '储存桶名称',
+            ],
+            StrategyKey::Kodo => [
+                'configs.access_key' => 'AccessKey',
+                'configs.secret_key' => 'SecretKey',
+                'configs.bucket' => 'Bucket',
+            ],
+            StrategyKey::Uss => [
+                'configs.service' => '服务名称',
+                'configs.operator' => '操作员名称',
+                'configs.password' => '操作员密码',
+            ],
+            StrategyKey::Sftp => [
+                'configs.root' => '根目录路径',
+                'configs.host' => '主机地址',
+                'configs.port' => '连接端口',
+                'configs.username' => '用户名',
+                'configs.password' => '密码',
+                'configs.private_key' => '密钥',
+                'configs.passphrase' => '密钥口令',
+                'configs.use_agent' => '使用代理',
+            ],
+            StrategyKey::Ftp => [
+                'configs.root' => '根目录路径',
+                'configs.host' => '主机地址',
+                'configs.port' => '连接端口',
+                'configs.username' => '用户名',
+                'configs.password' => '密码',
+                'configs.ssl' => '加密连接',
+                'configs.passive' => '被动模式',
+            ],
+            StrategyKey::Webdav => [
+                'configs.base_uri' => '连接地址',
+                'configs.username' => '用户名',
+                'configs.password' => '密码',
+                'configs.auth_type' => '认证方式',
+                'configs.prefix' => '前缀',
+            ],
+            StrategyKey::Minio => [
+                'configs.access_key' => 'AccessKey',
+                'configs.secret_key' => 'SecretKey',
+                'configs.endpoint' => '连接地址',
+                'configs.region' => '区域',
+                'configs.bucket' => 'Bucket 名称',
+                'configs.bucket_endpoint' => 'BucketEndpoint',
+            ],
+        });
+    }
+}

app/Http/Requests/Admin/UserRequest.php

@@ -0,0 +1,36 @@
+<?php
+
+namespace App\Http\Requests\Admin;
+
+use App\Http\Requests\FormRequest;
+use Illuminate\Validation\Rules;
+
+class UserRequest extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'group_id' => 'required',
+            'name' => 'required|between:2,30',
+            'capacity' => 'required|numeric',
+            'password' => ['nullable', Rules\Password::defaults()],
+            'status' => 'in:1,0'
+        ];
+    }
+
+    public function attributes()
+    {
+        return [
+            'group_id' => '角色组',
+            'name' => '昵称',
+            'capacity' => '总容量',
+            'password' => '密码',
+            'status' => '状态',
+        ];
+    }
+}

app/Http/Requests/AlbumRequest.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Requests;
+
+class AlbumRequest extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'name' => 'required|max:60|alpha_dash',
+            'intro' => 'max:600'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'name.required' => '名称不能为空',
+            'name.max' => '名称字符过长，最大不能超过 60',
+            'name.alpha_dash' => '名称只能是字母、数字，短破折号（-）和下划线（_）',
+            'intro.max' => '简介字符过长，最大不能超过 600'
+        ];
+    }
+}

app/Http/Requests/Auth/LoginRequest.php

@@ -0,0 +1,93 @@
+<?php
+
+namespace App\Http\Requests\Auth;
+
+use Illuminate\Auth\Events\Lockout;
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\RateLimiter;
+use Illuminate\Support\Str;
+use Illuminate\Validation\ValidationException;
+
+class LoginRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'email' => ['required', 'string', 'email'],
+            'password' => ['required', 'string'],
+        ];
+    }
+
+    /**
+     * Attempt to authenticate the request's credentials.
+     *
+     * @return void
+     *
+     * @throws \Illuminate\Validation\ValidationException
+     */
+    public function authenticate()
+    {
+        $this->ensureIsNotRateLimited();
+
+        if (! Auth::attempt($this->only('email', 'password'), $this->boolean('remember'))) {
+            RateLimiter::hit($this->throttleKey());
+
+            throw ValidationException::withMessages([
+                'email' => __('auth.failed'),
+            ]);
+        }
+
+        RateLimiter::clear($this->throttleKey());
+    }
+
+    /**
+     * Ensure the login request is not rate limited.
+     *
+     * @return void
+     *
+     * @throws \Illuminate\Validation\ValidationException
+     */
+    public function ensureIsNotRateLimited()
+    {
+        if (! RateLimiter::tooManyAttempts($this->throttleKey(), 5)) {
+            return;
+        }
+
+        event(new Lockout($this));
+
+        $seconds = RateLimiter::availableIn($this->throttleKey());
+
+        throw ValidationException::withMessages([
+            'email' => trans('auth.throttle', [
+                'seconds' => $seconds,
+                'minutes' => ceil($seconds / 60),
+            ]),
+        ]);
+    }
+
+    /**
+     * Get the rate limiting throttle key for the request.
+     *
+     * @return string
+     */
+    public function throttleKey()
+    {
+        return Str::lower($this->input('email')).'|'.$this->ip();
+    }
+}

app/Http/Requests/FormRequest.php

@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Http\Result;
+use Illuminate\Contracts\Validation\Validator;
+use Illuminate\Http\Exceptions\HttpResponseException;
+
+class FormRequest extends \Illuminate\Foundation\Http\FormRequest
+{
+    use Result;
+
+    public function authorize()
+    {
+        return true;
+    }
+
+    protected function failedValidation(Validator $validator)
+    {
+        throw (new HttpResponseException($this->fail($validator->errors()->first())));
+    }
+}

app/Http/Requests/ImageRenameRequest.php

@@ -0,0 +1,40 @@
+<?php
+
+namespace App\Http\Requests;
+
+class ImageRenameRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     *
+     * @return bool
+     */
+    public function authorize()
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'id' => 'required|numeric',
+            'name' => 'required|max:50|string',
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'id.required' => '请选择一张图片',
+            'id.numeric' => '图片选择异常',
+            'name.required' => '请输入名称',
+            'name.max' => '名称长度不能超过 50 个字符',
+            'name.string' => '名称格式不正确',
+        ];
+    }
+}

app/Http/Requests/UserSettingRequest.php

@@ -0,0 +1,46 @@
+<?php
+
+namespace App\Http\Requests;
+
+class UserSettingRequest extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'name' => 'required|between:2,20',
+            'url' => 'nullable|url',
+            'password' => 'nullable|between:6,32',
+            'configs' => 'array',
+            'configs.default_album' => 'required|numeric',
+            'configs.default_strategy' => 'required|numeric',
+            'configs.default_permission' => 'required|in:1,0',
+            'configs.pasted_action' => 'required|in:1,2',
+            'configs.is_auto_clear_preview' => 'nullable|boolean'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'name.required' => '昵称不能为空',
+            'name.between' => '昵称必须在 2-20 个字符之间',
+            'url.url' => '个人主页地址格式不正确',
+            'password.between' => '密码必须在 6-32 个字符之间',
+            'configs.array' => '配置值不正确',
+            'configs.default_album.required' => '默认相册选择错误',
+            'configs.default_album.numeric' => '默认相册选择错误',
+            'configs.default_strategy.required' => '默认策略选择错误',
+            'configs.default_strategy.numeric' => '默认策略选择错误',
+            'configs.default_permission.required' => '权限值选择错误',
+            'configs.default_permission.in' => '权限值不正确',
+            'configs.pasted_action.required' => '粘贴动作值选择错误',
+            'configs.pasted_action.in' => '粘贴动作值不正确',
+            'configs.is_auto_clear_preview.boolean' => '是否自动清除预览选择错误'
+        ];
+    }
+}

app/Http/Result.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Http;
+
+use Illuminate\Http\Response;
+
+trait Result
+{
+    public function success(string $message = 'success', $data = []): Response
+    {
+        return $this->response(true, $message, $data);
+    }
+
+    public function fail(string $message = 'fail', $data = []): Response
+    {
+        return $this->response(false, $message, $data);
+    }
+
+    public function response(bool $status, string $message = '', $data = []): Response
+    {
+        $data = $data ?: new \stdClass;
+        return response(compact('status', 'message', 'data'));
+    }
+}

app/Mail/Test.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Mail;
+
+use Illuminate\Bus\Queueable;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Mail\Mailable;
+use Illuminate\Queue\SerializesModels;
+
+class Test extends Mailable
+{
+    use Queueable, SerializesModels;
+
+    /**
+     * Create a new message instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        //
+    }
+
+    /**
+     * Build the message.
+     *
+     * @return $this
+     */
+    public function build()
+    {
+        return $this->view('emails.test');
+    }
+}

app/Models/Album.php

@@ -0,0 +1,75 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Collection;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Database\Eloquent\Relations\HasMany;
+use Illuminate\Http\Request;
+
+/**
+ * @property int $id
+ * @property int $user_id
+ * @property string $name
+ * @property string $intro
+ * @property int $image_num
+ * @property-read User $user
+ * @property-read Collection $images
+ */
+class Album extends Model
+{
+    use HasFactory;
+
+    protected $fillable = [
+        'name',
+        'intro',
+        'image_num'
+    ];
+
+    protected $hidden = [
+        'user_id',
+    ];
+
+    protected $attributes = [
+        'intro' => '',
+    ];
+
+    protected $casts = [
+        'id' => 'integer',
+        'user_id' => 'integer',
+        'image_num' => 'integer',
+    ];
+
+    public function scopeFilter(Builder $builder, Request $request)
+    {
+        return $builder->when($request->query('order') ?: 'newest', function (Builder $builder, $order) {
+            switch ($order) {
+                case 'earliest':
+                    $builder->orderBy('created_at');
+                    break;
+                case 'most':
+                    $builder->orderByDesc('image_num');
+                    break;
+                case 'least':
+                    $builder->orderBy('image_num');
+                    break;
+                default:
+                    $builder->latest();
+            }
+        })->when($request->query('keyword'), function (Builder $builder, $keyword) {
+            $builder->where('name', 'like', "%{$keyword}%")->orWhere('intro', 'like', "%{$keyword}%");
+        });
+    }
+
+    public function user(): BelongsTo
+    {
+        return $this->belongsTo(User::class, 'user_id', 'id');
+    }
+
+    public function images(): HasMany
+    {
+        return $this->hasMany(Image::class, 'album_id', 'id');
+    }
+}

app/Models/Config.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+
+/**
+ * @property string $name
+ * @property mixed $value
+ */
+class Config extends Model
+{
+    use HasFactory;
+
+    public $incrementing = false;
+
+    protected $keyType = 'string';
+}

app/Models/Group.php

@@ -0,0 +1,101 @@
+<?php
+
+namespace App\Models;
+
+use App\Utils;
+use Illuminate\Support\Carbon;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Relations\BelongsToMany;
+use Illuminate\Database\Eloquent\Relations\HasMany;
+use Illuminate\Support\Collection;
+
+/**
+ * @property int $id
+ * @property string $name
+ * @property boolean $is_default
+ * @property boolean $is_guest
+ * @property Collection $configs
+ * @property Carbon $updated_at
+ * @property Carbon $created_at
+ * @property-read \Illuminate\Database\Eloquent\Collection $users
+ * @property-read \Illuminate\Database\Eloquent\Collection $images
+ * @property-read \Illuminate\Database\Eloquent\Collection $strategies
+ */
+class Group extends Model
+{
+    use HasFactory;
+
+    protected $fillable = [
+        'name',
+        'is_default',
+        'is_guest',
+        'configs',
+    ];
+
+    protected $casts = [
+        'id' => 'integer',
+        'is_default' => 'bool',
+        'is_guest' => 'bool',
+        'configs' => 'collection'
+    ];
+
+    const POSITIONS = [
+        'top-left' => '左上角',
+        'top' => '上中',
+        'top-right' => '右上角',
+        'left' => '左边',
+        'center' => '中间',
+        'right' => '右边',
+        'bottom-left' => '左下角',
+        'bottom' => '下中',
+        'bottom-right' => '右下角',
+        'tiled' => '平铺',
+    ];
+
+    const SCENES = [
+        'porn' => '智能鉴黄',
+        'terrorism' => '暴恐涉政',
+        'ad' => '图文违规',
+        'qrcode' => '二维码',
+        'live' => '不良场景',
+        'logo' => 'Logo',
+    ];
+
+    protected static function booted()
+    {
+        static::saving(function (self $group) {
+            if ($group->isDirty('is_default') && $group->is_default) {
+                Group::query()->where('is_default', true)->update(['is_default' => false]);
+            }
+            if ($group->isDirty('is_guest') && $group->is_guest) {
+                Group::query()->where('is_guest', true)->update(['is_guest' => false]);
+            }
+            $group->configs = Utils::parseConfigs(self::getDefaultConfigs()->toArray(), $group->configs->toArray());
+        });
+    }
+
+    /**
+     * 获取组默认配置
+     *
+     * @return Collection
+     */
+    public static function getDefaultConfigs(): Collection
+    {
+        return collect(config('convention.group'));
+    }
+
+    public function users(): HasMany
+    {
+        return $this->hasMany(User::class, 'group_id', 'id');
+    }
+
+    public function images(): HasMany
+    {
+        return $this->hasMany(Image::class, 'group_id', 'id');
+    }
+
+    public function strategies(): BelongsToMany
+    {
+        return $this->belongsToMany(Strategy::class, 'group_strategy', 'group_id', 'strategy_id');
+    }
+}

app/Models/Image.php

@@ -0,0 +1,254 @@
+<?php
+
+namespace App\Models;
+
+use App\Enums\GroupConfigKey;
+use App\Enums\ImagePermission;
+use App\Services\ImageService;
+use App\Utils;
+use Illuminate\Support\Carbon;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Casts\Attribute;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Http\Request;
+use Illuminate\Support\Collection;
+use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Str;
+use League\Flysystem\Filesystem;
+
+/**
+ * @property int $id
+ * @property int $user_id
+ * @property int $album_id
+ * @property int $group_id
+ * @property int $strategy_id
+ * @property string $key
+ * @property string $path
+ * @property string $name
+ * @property string $pathname
+ * @property string $origin_name
+ * @property string $alias_name
+ * @property string $filename
+ * @property float $size
+ * @property string $mimetype
+ * @property string $extension
+ * @property string $md5
+ * @property string $sha1
+ * @property integer $width
+ * @property integer $height
+ * @property string $url
+ * @property string $thumb_url
+ * @property Collection $links
+ * @property int $permission
+ * @property boolean $is_unhealthy
+ * @property string $uploaded_ip
+ * @property Carbon $updated_at
+ * @property Carbon $created_at
+ * @property-read User $user
+ * @property-read Album $album
+ * @property-read Group $group
+ * @property-read Strategy $strategy
+ */
+class Image extends Model
+{
+    use HasFactory;
+
+    protected $fillable = [
+        'key',
+        'path',
+        'name',
+        'origin_name',
+        'alias_name',
+        'size',
+        'mimetype',
+        'extension',
+        'md5',
+        'sha1',
+        'width',
+        'height',
+        'permission',
+        'is_unhealthy',
+        'uploaded_ip',
+    ];
+
+    protected $hidden = [
+        'user_id',
+        'album_id',
+        'group_id',
+        'strategy_id',
+    ];
+
+    protected $casts = [
+        'id' => 'integer',
+        'user_id' => 'integer',
+        'album_id' => 'integer',
+        'group_id' => 'integer',
+        'strategy_id' => 'integer',
+        'width' => 'integer',
+        'height' => 'integer',
+        'size' => 'float',
+        'is_unhealthy' => 'bool',
+        'permission' => 'integer',
+    ];
+
+    protected ?Filesystem $filesystem = null;
+
+    protected static function booted()
+    {
+        static::creating(function (self $image) {
+            $image->key = $image->generateKey();
+        });
+
+        static::deleting(function (self $image) {
+            // TODO 检测是否启用了队列，放置队列中异步删除
+            // 在当前图片所属的策略中是否存在其他相同 md5 和 sha1 的记录，没有则可以删除物理文件
+            if (!static::query()
+                ->where('strategy_id', $image->strategy_id)
+                ->where('id', '<>', $image->id)
+                ->where('md5', $image->md5)
+                ->where('sha1', $image->sha1)
+                ->exists()
+            ) {
+                // 删除本地缓存文件
+                try {
+                    // 删除物理文件
+                    $image->filesystem()->delete($image->pathname);
+                    @unlink(public_path($image->getThumbnailPathname()));
+                    // 删除缓存
+                    Cache::forget("image_{$image->key}");
+                } catch (\Throwable $e) {
+                    Utils::e($e, '删除物理文件时发生异常');
+                }
+            }
+        });
+    }
+
+    public function scopeFilter(Builder $builder, Request $request)
+    {
+        return $builder->when($request->query('order') ?: 'newest', function (Builder $builder, $order) {
+            switch ($order) {
+                case 'earliest':
+                    $builder->orderBy('created_at');
+                    break;
+                case 'utmost':
+                    $builder->orderByDesc('size');
+                    break;
+                case 'least':
+                    $builder->orderBy('size');
+                    break;
+                default:
+                    $builder->latest();
+            }
+        })->when($request->query('permission') ?: 'all', function (Builder $builder, $permission) {
+            switch ($permission) {
+                case 'public':
+                    $builder->where('permission', ImagePermission::Public);
+                    break;
+                case 'private':
+                    $builder->where('permission', ImagePermission::Private);
+                    break;
+            }
+        })->when($request->query('keyword'), function (Builder $builder, $keyword) {
+            $builder->where('origin_name', 'like', "%{$keyword}%")->orWhere('alias_name', 'like', "%{$keyword}%");
+        })->when((int) $request->query('album_id'), function (Builder $builder, $albumId) {
+            $builder->where('album_id', $albumId);
+        }, function (Builder $builder) {
+            $builder->whereNull('album_id');
+        });
+    }
+
+    public function filename(): Attribute
+    {
+        return new Attribute(fn() => $this->alias_name ?: $this->origin_name);
+    }
+
+    public function pathname(): Attribute
+    {
+        $path = $this->path ? "{$this->path}/" : '';
+        return new Attribute(fn() => "{$path}{$this->name}");
+    }
+
+    public function url(): Attribute
+    {
+        return new Attribute(function () {
+            // 是否启用原图保护功能
+            if ($this->group?->configs->get(GroupConfigKey::IsEnableOriginalProtection)) {
+                $url = asset("{$this->key}.{$this->extension}");
+            } else {
+                $url = rtrim($this->strategy?->configs->get('url'), '/').'/'.ltrim($this->pathname, '/');
+            }
+
+            // 拼接图片 url
+            return $url.($this->strategy?->configs->get('queries') ?: '');
+        });
+    }
+
+    public function thumbUrl(): Attribute
+    {
+        return new Attribute(function () {
+            $pathname = $this->getThumbnailPathname();
+
+            // 没有缩略图则返回原图
+            if (! file_exists(public_path($pathname))) {
+                return $this->url;
+            }
+
+            return asset($pathname);
+        });
+    }
+
+    public function links(): Attribute
+    {
+        return new Attribute(fn() => collect([
+            'url' => $this->url,
+            'html' => "&lt;img src=\"{$this->url}\" alt=\"{$this->origin_name}\" title=\"{$this->origin_name}\" /&gt;",
+            'bbcode' => "[img]{$this->url}[/img]",
+            'markdown' => "![{$this->origin_name}]({$this->url})",
+            'markdown_with_link' => "[![{$this->origin_name}]({$this->url})]({$this->url})",
+            'thumbnail_url' => $this->thumb_url,
+        ]));
+    }
+
+    public function filesystem(): Filesystem
+    {
+        if (is_null($this->filesystem)) {
+            $this->filesystem = new Filesystem((new ImageService())->getAdapter($this->strategy));
+        }
+        return $this->filesystem;
+    }
+
+    public function user(): BelongsTo
+    {
+        return $this->belongsTo(User::class, 'user_id', 'id');
+    }
+
+    public function album(): BelongsTo
+    {
+        return $this->belongsTo(Album::class, 'album_id', 'id');
+    }
+
+    public function group(): BelongsTo
+    {
+        return $this->belongsTo(Group::class, 'group_id', 'id');
+    }
+
+    public function strategy(): BelongsTo
+    {
+        return $this->belongsTo(Strategy::class, 'strategy_id', 'id');
+    }
+
+    public function getThumbnailPathname(): string
+    {
+        return trim(config('app.thumbnail_path'), '/')."/{$this->md5}.". ($this->extension === 'svg' ? 'svg' : "png");
+    }
+
+    private function generateKey($length = 6): string
+    {
+        $key = Str::random($length);
+        if (self::query()->where('key', $key)->exists()) {
+            return $this->generateKey(++$length);
+        }
+        return $key;
+    }
+}

app/Models/Model.php

@@ -0,0 +1,13 @@
+<?php
+
+namespace App\Models;
+
+use Carbon\CarbonInterface;
+
+abstract class Model extends \Illuminate\Database\Eloquent\Model
+{
+    protected function serializeDate(\DateTimeInterface $date): string
+    {
+        return $date->format(CarbonInterface::DEFAULT_TO_STRING_FORMAT);
+    }
+}

app/Models/Strategy.php

@@ -0,0 +1,120 @@
+<?php
+
+namespace App\Models;
+
+use App\Enums\StrategyKey;
+use Illuminate\Database\Eloquent\Casts\Attribute;
+use Illuminate\Database\Eloquent\Collection;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Relations\BelongsToMany;
+use Illuminate\Database\Eloquent\Relations\HasMany;
+use Illuminate\Filesystem\Filesystem;
+use Illuminate\Support\Carbon;
+use Sabre\DAV\Client;
+
+/**
+ * @property int $id
+ * @property int $key
+ * @property string $name
+ * @property string $intro
+ * @property \Illuminate\Support\Collection $configs
+ * @property Carbon $updated_at
+ * @property Carbon $created_at
+ * @property-read Collection $groups
+ * @property-read Collection $images
+ */
+class Strategy extends Model
+{
+    use HasFactory;
+
+    protected $fillable = [
+        'key',
+        'name',
+        'intro',
+        'configs',
+    ];
+
+    protected $attributes = [
+        'intro' => '',
+    ];
+
+    protected $casts = [
+        'id' => 'integer',
+        'key' => 'integer',
+        'configs' => 'collection',
+    ];
+
+    const DRIVERS = [
+        StrategyKey::Local => '本地',
+        StrategyKey::S3 => 'AWS S3',
+        StrategyKey::Oss => '阿里云 OSS',
+        StrategyKey::Cos => '腾讯云 COS',
+        StrategyKey::Kodo => '七牛云 Kodo',
+        StrategyKey::Uss => '又拍云 USS',
+        StrategyKey::Sftp => 'SFTP',
+        StrategyKey::Ftp => 'FTP',
+        StrategyKey::Webdav => 'WebDav',
+        StrategyKey::Minio => 'Minio',
+    ];
+
+    const WEBDAV_AUTH_TYPES = [
+        '' => 'Auto',
+        Client::AUTH_BASIC => 'Basic',
+        Client::AUTH_DIGEST => 'Digest',
+        Client::AUTH_NTLM => 'Ntlm',
+    ];
+
+    protected static function booted()
+    {
+        static::saving(function (self $strategy) {
+            $strategy->configs['root'] = $strategy->configs->get('root');
+            $strategy->configs['url'] = rtrim($strategy->configs->get('url'), '/');
+            if ($strategy->key == StrategyKey::Local) {
+                $symlink = self::getRootPath($strategy->configs['url']);
+                $target = $strategy->configs['root'] ?: config('filesystems.disks.uploads.root');
+                if (! is_dir(public_path($symlink))) {
+                    (new Filesystem())->link($target, $symlink);
+                }
+                // 是否需要移除旧的符号链接
+                $url = $strategy->getOriginal('configs')['url'] ?? '';
+                if ($url) {
+                    $oldSymlink = self::getRootPath($url);
+                    if ($oldSymlink != $symlink) {
+                        @unlink($oldSymlink);
+                    }
+                }
+            }
+        });
+
+        static::deleted(function (self $strategy) {
+            // 如果是本地策略，删除的时候同时删除符号连接
+            if ($strategy->key === StrategyKey::Local) {
+                $symlink = self::getRootPath($strategy->configs['url']);
+                @unlink(public_path($symlink));
+            }
+        });
+    }
+
+    public static function getRootPath($url): string
+    {
+        $path = (parse_url($url)['path'] ?? '');
+        return current(array_filter(explode('/', $path)));
+    }
+
+    public function intro(): Attribute
+    {
+        return new Attribute(
+            set: fn ($value) => $value ?: '',
+        );
+    }
+
+    public function groups(): BelongsToMany
+    {
+        return $this->belongsToMany(Group::class, 'group_strategy', 'strategy_id', 'group_id');
+    }
+
+    public function images(): HasMany
+    {
+        return $this->hasMany(Image::class, 'strategy_id', 'id');
+    }
+}

app/Models/User.php

@@ -0,0 +1,130 @@
+<?php
+
+namespace App\Models;
+
+use App\Enums\ConfigKey;
+use App\Utils;
+use Illuminate\Support\Carbon;
+use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Database\Eloquent\Casts\Attribute;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Relations\BelongsTo;
+use Illuminate\Database\Eloquent\Relations\HasMany;
+use Illuminate\Foundation\Auth\User as Authenticatable;
+use Illuminate\Notifications\Notifiable;
+use Illuminate\Support\Collection;
+use Laravel\Sanctum\HasApiTokens;
+
+/**
+ * @property int $id
+ * @property int $group_id
+ * @property string $name
+ * @property string $email
+ * @property string $password
+ * @property string $remember_token
+ * @property boolean $is_adminer
+ * @property float $capacity
+ * @property float $use_capacity
+ * @property string $url
+ * @property Collection $configs
+ * @property int $image_num
+ * @property int $album_num
+ * @property string $registered_ip
+ * @property int $status
+ * @property Carbon $email_verified_at
+ * @property Carbon $updated_at
+ * @property Carbon $created_at
+ * @property-read string $avatar
+ * @property-read Group $group
+ * @property-read \Illuminate\Database\Eloquent\Collection $albums
+ * @property-read \Illuminate\Database\Eloquent\Collection $images
+ */
+class User extends Authenticatable implements MustVerifyEmail
+{
+    use HasApiTokens, HasFactory, Notifiable;
+
+    /**
+     * The attributes that are mass assignable.
+     *
+     * @var array<int, string>
+     */
+    protected $fillable = [
+        'name',
+        'email',
+        'password',
+        'url',
+        'capacity',
+        'configs',
+        'configs->default_strategy',
+        'registered_ip',
+        'status',
+    ];
+
+    /**
+     * The attributes that should be hidden for serialization.
+     *
+     * @var array<int, string>
+     */
+    protected $hidden = [
+        'password',
+        'remember_token',
+        'configs',
+        'group_id',
+        'is_adminer',
+    ];
+
+    /**
+     * The attributes that should be cast.
+     *
+     * @var array<string, string>
+     */
+    protected $casts = [
+        'id' => 'integer',
+        'group_id' => 'integer',
+        'image_num' => 'integer',
+        'album_num' => 'integer',
+        'status' => 'integer',
+        'capacity' => 'float',
+        'is_adminer' => 'bool',
+        'configs' => 'collection',
+        'email_verified_at' => 'datetime',
+    ];
+
+    protected $appends = ['avatar'];
+
+    protected static function booted()
+    {
+        static::creating(function (self $user) {
+            // 默认组
+            $user->group_id = Group::query()->where('is_default', true)->value('id');
+            // 初始容量
+            $user->capacity = Utils::config(ConfigKey::UserInitialCapacity);
+            $user->configs = collect(config('convention.user'))->merge($user->configs ?: []);
+        });
+    }
+
+    public function avatar(): Attribute
+    {
+        return new Attribute(fn () => Utils::getAvatar($this->email));
+    }
+
+    public function useCapacity(): Attribute
+    {
+        return new Attribute(fn () => $this->images()->sum('size'));
+    }
+
+    public function group(): BelongsTo
+    {
+        return $this->belongsTo(Group::class, 'group_id', 'id');
+    }
+
+    public function albums(): HasMany
+    {
+        return $this->hasMany(Album::class, 'user_id', 'id');
+    }
+
+    public function images(): HasMany
+    {
+        return $this->hasMany(Image::class, 'user_id', 'id');
+    }
+}

app/Providers/AppServiceProvider.php

@@ -0,0 +1,56 @@
+<?php
+
+namespace App\Providers;
+
+use App\Enums\ConfigKey;
+use App\Models\Group;
+use App\Utils;
+use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Config;
+use Illuminate\Support\Facades\View;
+use Illuminate\Support\ServiceProvider;
+
+class AppServiceProvider extends ServiceProvider
+{
+    /**
+     * Register any application services.
+     *
+     * @return void
+     */
+    public function register()
+    {
+        //
+    }
+
+    /**
+     * Bootstrap any application services.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        // 是否需要生成 env 文件
+        if (! file_exists(base_path('.env'))) {
+            file_put_contents(base_path('.env'), file_get_contents(base_path('.env.example')));
+            // 生成 key
+            Artisan::call('key:generate');
+        }
+
+        // 如果已经安装程序，初始化一些配置
+        if (file_exists(base_path('installed.lock'))) {
+            // 覆盖默认配置
+            Config::set('app.name', Utils::config(ConfigKey::AppName));
+            Config::set('mail', array_merge(\config('mail'), Utils::config(ConfigKey::Mail)->toArray()));
+
+            View::composer('*', function (\Illuminate\View\View $view) {
+                /** @var Group $group */
+                $group = Auth::check() ? Auth::user()->group : Group::query()->where('is_guest', true)->first();
+                $view->with([
+                    '_group' => $group,
+                    '_is_notice' => strip_tags(Utils::config(ConfigKey::SiteNotice)),
+                ]);
+            });
+        }
+    }
+}

app/Providers/AuthServiceProvider.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Providers;
+
+use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
+use Illuminate\Support\Facades\Gate;
+
+class AuthServiceProvider extends ServiceProvider
+{
+    /**
+     * The policy mappings for the application.
+     *
+     * @var array<class-string, class-string>
+     */
+    protected $policies = [
+        // 'App\Models\Model' => 'App\Policies\ModelPolicy',
+    ];
+
+    /**
+     * Register any authentication / authorization services.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        $this->registerPolicies();
+
+        //
+    }
+}

app/Providers/BroadcastServiceProvider.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Providers;
+
+use Illuminate\Support\Facades\Broadcast;
+use Illuminate\Support\ServiceProvider;
+
+class BroadcastServiceProvider extends ServiceProvider
+{
+    /**
+     * Bootstrap any application services.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        Broadcast::routes();
+
+        require base_path('routes/channels.php');
+    }
+}

app/Providers/EventServiceProvider.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Providers;
+
+use Illuminate\Auth\Events\Registered;
+use Illuminate\Auth\Listeners\SendEmailVerificationNotification;
+use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
+use Illuminate\Support\Facades\Event;
+
+class EventServiceProvider extends ServiceProvider
+{
+    /**
+     * The event listener mappings for the application.
+     *
+     * @var array<class-string, array<int, class-string>>
+     */
+    protected $listen = [
+        Registered::class => [
+            SendEmailVerificationNotification::class,
+        ],
+    ];
+
+    /**
+     * Register any events for your application.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        //
+    }
+}