fa69749884
refactor(auth): restructure auth system, align with iOS login flow spec
...
- Split AuthService into AppleAuthService, TokenService, AuthService
- Add dev-login endpoint (dev-only, disabled in production)
- AppleLoginDto: authorizationCode optional, add userIdentifier/email/fullName/nonce
- Login/refresh responses now include user object
- logout: single-token revoke + JwtAuthGuard protection
- users.repository: switch from in-memory Map to Prisma persistence
- JWT payload includes role, guards attach full user info to request
- Dual JWT secret support (JWT_ACCESS_SECRET / JWT_REFRESH_SECRET)
- Replace jwks-rsa+jsonwebtoken with jose library
- Prisma User model: add role field
- Independent DTO files with @Transform for empty string safety
- Add 5 iOS login flow documentation files
2026-05-13 17:31:50 +08:00
387785bd1e
ci: deploy workflow 加 Apple 登录环境变量
Deploy API Server / build-and-deploy (push) Successful in 19s
2026-05-13 15:54:59 +08:00
77c62599b1
feat: Apple 登录真实验签 - jwks-rsa + jsonwebtoken 验签 Apple identityToken
Deploy API Server / build-and-deploy (push) Successful in 2m13s
2026-05-13 15:35:41 +08:00
a16871fdc5
chore: 再次排除敏感文件
Deploy API Server / build-and-deploy (push) Successful in 19s
2026-05-09 21:08:55 +08:00
8ba754daad
ci: 改用 host 模式 runner + 纯 shell workflow
Deploy API Server / build-and-deploy (push) Successful in 2m1s
2026-05-09 21:05:03 +08:00
d424175754
ci: 触发 CI/CD 测试
Deploy API Server / build-and-deploy (push) Waiting to run
2026-05-09 20:57:21 +08:00
9a4041109e
chore: 从远程仓库删除 credentials.md 和 AI回答.md,加入 .gitignore
Deploy API Server / build-and-deploy (push) Waiting to run
2026-05-09 20:47:16 +08:00
4435e4a8ab
docs: 补移 AI回答.md 到 docs/
Deploy API Server / build-and-deploy (push) Failing after 11s
2026-05-09 20:33:33 +08:00
3e653dc1af
docs: 整理文档到 docs/ 文件夹 + 新增 credentials.md 凭据汇总
Deploy API Server / build-and-deploy (push) Has been cancelled
2026-05-09 20:31:23 +08:00
be29a11a54
fix: mock 模式检查同时看 NODE_ENV 和 AI_PROVIDER
Deploy API Server / build-and-deploy (push) Failing after 10m5s
2026-05-09 19:49:50 +08:00
7e308b01cc
fix: Prisma binaryTargets linux-musl-openssl-3.0.x + Dockerfile 精简
Deploy API Server / build-and-deploy (push) Failing after 1m31s
2026-05-09 19:37:15 +08:00
0df5b67a84
fix: Dockerfile 切回 alpine + openssl1.1-compat 兼容 Prisma musl 引擎
Deploy API Server / build-and-deploy (push) Failing after 31s
2026-05-09 19:32:07 +08:00
f0af46dbfe
fix: Dockerfile 改用 node:22-slim + openssl 兼容 Prisma
Deploy API Server / build-and-deploy (push) Failing after 1m31s
2026-05-09 19:28:40 +08:00
07d6b889ef
feat: Dockerfile + CI/CD deploy workflow + @prisma/client 移入 production deps
Deploy API Server / build-and-deploy (push) Failing after 10m2s
2026-05-09 19:05:48 +08:00
ef7c1f1bc9
feat: 安全基线 + 4个安全漏洞修复 - JWT AuthGuard/OptionalAuthGuard, StrictValidationPipe, 全局异常过滤器, Redis限流429, Apple登录mock模式, BigInt精度修复, SECURITY.md
2026-05-09 18:57:33 +08:00
35de65e99b
feat: 重构 api-server 为模块化单体架构,接入 MySQL + Redis
...
- 按 BACKEND-PLAN.md 将项目重构为 4 层架构:
config/ -> common/ -> infrastructure/ -> modules/
- 15 个业务模块,遵循 Controller → Service → Repository 分层
- infrastructure: PrismaService / RedisService / QueueService / AiService / StorageService
- common: guards / interceptors / filters / pipes / decorators / dto / types / utils
- Prisma schema 含 27 张表,MySQL 8.0 服务器 db push 成功
- Redis 7 接入: 限流/任务状态/分布式锁/队列预留
- ai-analysis 模块: 每日 50 次限流 + 重复提交锁 + 异步任务状态追踪
- document-import 模块: 异步导入流程 + 进度追踪
- notifications 模块: BullMQ notification 队列预留
- /health 端点实时返回 database + redis 连接状态
- Swagger 注册 15 个 tag,67 个路由全部映射
2026-05-09 18:25:04 +08:00
bd44b7e138
feat: init api-server v0.1
...
- NestJS + TypeScript 后端 API
- 用户认证 (auth)
- 用户管理 (users)
- 学习路径与课程 (learning)
- AI 分析与对话 (ai)
- 用户反馈 (feedback)
- 等待名单 (waitlist)
- 知识库 (knowledge)
- Swagger API 文档(中文、访问控制)
- Basic Auth 保护生产环境文档
2026-05-04 16:09:01 +08:00
