refactor(security): 重构安全配置并优化测试环境

- 移除旧的测试套件和UAT测试文件
- 更新密码编码器配置使用BCrypt strength=12
- 添加用户角色关联表和相关服务
- 优化前端日期显示格式
- 清理无用资源和配置文件
- 增强测试数据管理和清理功能

test_bcrypt_behavior.py

@@ -0,0 +1,43 @@
+#!/usr/bin/env python3
+"""
+测试 BCryptPasswordEncoder 的行为
+"""
+import bcrypt
+
+def test_bcrypt_behavior():
+    password = "admin123"
+    
+    # 测试 strength=10
+    print("Testing BCrypt with strength=10:")
+    for i in range(3):
+        hash_result = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(10))
+        print(f"  Hash {i+1}: {hash_result.decode('utf-8')}")
+        print(f"  Length: {len(hash_result)}")
+        print(f"  Matches: {bcrypt.checkpw(password.encode('utf-8'), hash_result)}")
+    
+    print("\nTesting BCrypt with strength=12:")
+    for i in range(3):
+        hash_result = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(12))
+        print(f"  Hash {i+1}: {hash_result.decode('utf-8')}")
+        print(f"  Length: {len(hash_result)}")
+        print(f"  Matches: {bcrypt.checkpw(password.encode('utf-8'), hash_result)}")
+    
+    print("\nCross-testing:")
+    # 用 strength=10 生成的哈希
+    hash_10 = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(10))
+    print(f"Hash with strength=10: {hash_10.decode('utf-8')}")
+    
+    # 用 strength=12 生成的哈希
+    hash_12 = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(12))
+    print(f"Hash with strength=12: {hash_12.decode('utf-8')}")
+    
+    # 测试交叉验证
+    print(f"\nPassword matches hash_10: {bcrypt.checkpw(password.encode('utf-8'), hash_10)}")
+    print(f"Password matches hash_12: {bcrypt.checkpw(password.encode('utf-8'), hash_12)}")
+    
+    # 测试不同 strength 的哈希是否能互相验证
+    print(f"\nCan hash_10 verify password: {bcrypt.checkpw(password.encode('utf-8'), hash_10)}")
+    print(f"Can hash_12 verify password: {bcrypt.checkpw(password.encode('utf-8'), hash_12)}")
+
+if __name__ == '__main__':
+    test_bcrypt_behavior()