refactor(vless): drop selectedAuth, expose two explicit auth buttons

selectedAuth was UI-only metadata (Xray never reads it) and entirely redundant with the encryption string itself — the dropdown only controlled which block from `xray vlessenc` to apply. Replace it with two explicit buttons ("X25519" and "ML-KEM-768") so the user picks the auth mode in one click instead of dropdown + Get-New-Keys. - VLESSSettings drops the field from constructor, fromJson, and toJson; legacy `selectedAuth` values still in DB will be silently shed on the next save. - getNewVlessEnc(authLabel) now takes the label as a parameter; clear resets only decryption/encryption. - Fallbacks visibility now keys on encryption === "none" (the same thing the dropdown was effectively gating on). - Info modal drops the redundant Authentication tag and colours the encryption tag red when it's "none", green otherwise. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-08 14:36:13 +00:00 · 2026-05-07 15:08:06 +02:00
parent 79a7e7a5b5
commit 3b64a62137
4 changed files with 17 additions and 36 deletions
--- a/web/assets/js/model/inbound.js
+++ b/web/assets/js/model/inbound.js
@@ -2543,7 +2543,6 @@ Inbound.VLESSSettings = class extends Inbound.Settings {
        decryption = "none",
        encryption = "none",
        fallbacks = [],
-        selectedAuth = undefined,
        testseed = [],
    ) {
        super(protocol);
@@ -2551,7 +2550,6 @@ Inbound.VLESSSettings = class extends Inbound.Settings {
        this.decryption = decryption;
        this.encryption = encryption;
        this.fallbacks = fallbacks;
-        this.selectedAuth = selectedAuth;
        this.testseed = testseed;
    }

@@ -2587,7 +2585,6 @@ Inbound.VLESSSettings = class extends Inbound.Settings {
            json.decryption,
            json.encryption,
            Inbound.VLESSSettings.Fallback.fromJson(json.fallbacks || []),
-            json.selectedAuth,
            testseed,
        );
        return obj;
@@ -2610,9 +2607,6 @@ Inbound.VLESSSettings = class extends Inbound.Settings {
        if (this.fallbacks && this.fallbacks.length > 0) {
            json.fallbacks = Inbound.VLESSSettings.toJsonArray(this.fallbacks);
        }
-        if (this.selectedAuth) {
-            json.selectedAuth = this.selectedAuth;
-        }

        // testseed is only meaningful for the exact xtls-rprx-vision flow, and only when
        // the user supplied a complete 4-positive-int array. Otherwise omit and let the
--- a/web/html/form/protocol/vless.html
+++ b/web/html/form/protocol/vless.html
@@ -21,16 +21,6 @@
 </a-collapse>
 <template v-if=" !inbound.stream.isTLS || !inbound.stream.isReality">
  <a-form :colon="false" :label-col="{ md: {span:8} }" :wrapper-col="{ md: {span:14} }">
-    <a-form-item label="Authentication">
-      <a-select v-model="inbound.settings.selectedAuth" @change="getNewVlessEnc"
-        :dropdown-class-name="themeSwitcher.currentTheme">
-        <a-select-option :value="undefined">None</a-select-option>
-        <a-select-option value="X25519, not Post-Quantum">X25519 (not
-          Post-Quantum)</a-select-option>
-        <a-select-option value="ML-KEM-768, Post-Quantum">ML-KEM-768
-          (Post-Quantum)</a-select-option>
-      </a-select>
-    </a-form-item>
    <a-form-item label="decryption">
      <a-input v-model.trim="inbound.settings.decryption"></a-input>
    </a-form-item>
@@ -38,16 +28,20 @@
      <a-input v-model="inbound.settings.encryption"></a-input>
    </a-form-item>
    <a-form-item label=" ">
-      <a-space>
-        <a-button type="primary" icon="import" @click="getNewVlessEnc">Get New
-          keys</a-button>
+      <a-space :size="8" wrap>
+        <a-button type="primary" icon="import" @click="getNewVlessEnc('X25519, not Post-Quantum')">
+          X25519
+        </a-button>
+        <a-button type="primary" icon="import" @click="getNewVlessEnc('ML-KEM-768, Post-Quantum')">
+          ML-KEM-768
+        </a-button>
        <a-button danger @click="clearVlessEnc">Clear</a-button>
      </a-space>
    </a-form-item>
  </a-form>
  <a-divider :style="{ margin: '5px 0' }"></a-divider>
 </template>
-<template v-if="inbound.isTcp && !inbound.settings.selectedAuth">
+<template v-if="inbound.isTcp && (!inbound.settings.encryption || inbound.settings.encryption === 'none')">
  <a-form :colon="false" :label-col="{ md: {span:8} }" :wrapper-col="{ md: {span:14} }">
    <a-form-item label="Fallbacks">
      <a-button icon="plus" type="primary" size="small" @click="inbound.settings.addFallback()"></a-button>
--- a/web/html/modals/inbound_info_modal.html
+++ b/web/html/modals/inbound_info_modal.html
@@ -90,14 +90,9 @@
      <a-tag :color="inbound.stream.security == 'none' ? 'red' : 'green'">[[
        inbound.stream.security ]]</a-tag>
      <br />
-      <td>Authentication</td>
-      <a-tag v-if="inbound.settings.selectedAuth" color="green">[[
-        inbound.settings.selectedAuth ? inbound.settings.selectedAuth : ''
-        ]]</a-tag>
-      <a-tag v-else color="red">{{ i18n "none" }}</a-tag>
-      <br />
      {{ i18n "encryption" }}
-      <a-tag class="info-large-tag" :color="inbound.settings.encryption ? 'green' : 'red'">[[
+      <a-tag class="info-large-tag"
+        :color="inbound.settings.encryption && inbound.settings.encryption !== 'none' ? 'green' : 'red'">[[
        inbound.settings.encryption ? inbound.settings.encryption : ''
        ]]</a-tag>
      <a-tooltip title='{{ i18n "copy" }}'>
--- a/web/html/modals/inbound_modal.html
+++ b/web/html/modals/inbound_modal.html
@@ -302,12 +302,11 @@
                this.inbound.stream.tls.echServerKeys = "";
                this.inbound.stream.tls.settings.echConfigList = "";
            },
-            async getNewVlessEnc() {
-                const selected = inModal.inbound.settings.selectedAuth;
-                if (!selected) {
-                    this.clearVlessEnc();
-                    return;
-                }
+            // Pulls the requested auth block from `xray vlessenc` (which always returns
+            // both X25519 and ML-KEM-768 variants) and applies it to the inbound's
+            // decryption/encryption strings. The auth mode is implied by the resulting
+            async getNewVlessEnc(authLabel) {
+                if (!authLabel) return;

                inModal.loading(true);
                const msg = await HttpUtil.get("/panel/api/server/getNewVlessEnc");
@@ -318,10 +317,10 @@
                }

                const auths = msg.obj.auths || [];
-                const block = auths.find((a) => a.label === selected);
+                const block = auths.find((a) => a.label === authLabel);

                if (!block) {
-                    console.error("No auth block for", selected);
+                    console.error("No auth block for", authLabel);
                    return;
                }

@@ -331,7 +330,6 @@
            clearVlessEnc() {
                this.inbound.settings.decryption = "none";
                this.inbound.settings.encryption = "none";
-                this.inbound.settings.selectedAuth = undefined;
            },
            // Vision Seed methods - must be in Vue methods for proper template binding.
            // Mirror the inModal helpers but use Vue.set so the form re-renders.