diff --git a/.gitignore b/.gitignore
index 378b547..6615ed6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,41 +1,70 @@
-# Logs
-logs
+# === 操作系统 ===
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db
+
+# === 备份文件 ===
+backups/
+*.sql
+*.db
+
+# === IDE 和编辑器 ===
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+.project
+.classpath
+.settings/
+
+# === Python ===
+__pycache__/
+*.pyc
+*.pyo
+*.pyd
+.Python
+venv/
+env/
+ENV/
+
+# === Node.js ===
+node_modules/
+dist/
+build/
 *.log
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
-pnpm-debug.log*
-lerna-debug.log*
-pnpm-lock.yaml
-*/node_modules
-*/uploads
-*/dist/*
-dist
-*/dist
-dist.zip
-dist-ssr
-*.local
 package-lock.json
-*/package-lock.json
-# Editor directories and files
-.vscode/*
-!.vscode/extensions.json
-.idea
-.DS_Store
-*.suo
-*.ntvs*
-*.njsproj
-*.sln
-*.sw?
 
-/auto-imports.d.ts
-/components.d.ts
-/typed-router.d.ts
-/locale.d.ts
-
-stats.html
-*.class
+# === Java ===
 target/
+*.class
+*.jar
+*.war
+*.ear
 
-# 前端生成的 OpenAPI 文档（由 api:fetch 生成）
-reading-platform-frontend/openapi.json
\ No newline at end of file
+# === 测试结果 ===
+screenshots/
+*.png
+*.webm
+test-results/
+playwright-report/
+
+# === 临时文件 ===
+*.tmp
+*.temp
+*.bak
+*.swp
+.cache/
+
+# === 上传文件 ===
+uploads/
+
+# === 文档生成 ===
+docs/node_modules/
diff --git a/tools/reset_passwords.py b/tools/reset_passwords.py
new file mode 100644
index 0000000..40a8bce
--- /dev/null
+++ b/tools/reset_passwords.py
@@ -0,0 +1,62 @@
+#!/usr/bin/env python3
+"""Reset all user passwords to 123456"""
+
+import bcrypt
+import mysql.connector
+
+DB_CONFIG = {
+    'host': '8.148.151.56',
+    'port': 3306,
+    'user': 'root',
+    'password': 'reading_platform_pwd',
+    'database': 'reading_platform',
+    'charset': 'utf8mb4'
+}
+
+def main():
+    print("=" * 60)
+    print("Reset All User Passwords to '123456'")
+    print("=" * 60)
+
+    # Generate BCrypt hash for 123456
+    password = "123456"
+    salt = bcrypt.gensalt(rounds=10)
+    password_hash = bcrypt.hashpw(password.encode('utf-8'), salt).decode('utf-8')
+
+    print(f"\nNew BCrypt hash for '123456':")
+    print(f"{password_hash}")
+    print()
+
+    conn = mysql.connector.connect(**DB_CONFIG)
+    cursor = conn.cursor()
+
+    # Update admin_users
+    print("Updating admin_users...")
+    cursor.execute("UPDATE admin_users SET password = %s", (password_hash,))
+    print(f"   Updated {cursor.rowcount} rows")
+
+    # Update tenants
+    print("Updating tenants...")
+    cursor.execute("UPDATE tenants SET password = %s", (password_hash,))
+    print(f"   Updated {cursor.rowcount} rows")
+
+    # Update teachers
+    print("Updating teachers...")
+    cursor.execute("UPDATE teachers SET password = %s", (password_hash,))
+    print(f"   Updated {cursor.rowcount} rows")
+
+    # Update parents
+    print("Updating parents...")
+    cursor.execute("UPDATE parents SET password = %s", (password_hash,))
+    print(f"   Updated {cursor.rowcount} rows")
+
+    conn.commit()
+
+    print()
+    print("All passwords reset to '123456' successfully!")
+
+    cursor.close()
+    conn.close()
+
+if __name__ == '__main__':
+    main()