c170f6048b
feat: admin billing API — query DeepSeek + SiliconFlow balances
Deploy API Server / build-and-deploy (push) Successful in 39s
2026-05-22 15:23:25 +08:00
f30a446bd5
feat: server metrics API — local os + remote SSH
Deploy API Server / build-and-deploy (push) Successful in 38s
2026-05-22 13:30:44 +08:00
f20bdc0d7a
feat: add conversation management — sessionId + X-Hermes-Session-Id + CRUD
Deploy API Server / build-and-deploy (push) Successful in 37s
2026-05-22 10:43:18 +08:00
WangDL
017d78a8d6
fix: add admin-ai-chat module + fix AdminUsersModule PasswordService dependency
Deploy API Server / build-and-deploy (push) Successful in 11s
2026-05-21 23:57:59 +08:00
b8a1fb0921
feat: add admin backend modules — dashboard, audit-log, admin-users
...
Deploy API Server / build-and-deploy (push) Successful in 10s
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-21 17:22:48 +08:00
5a7c21dd60
feat: implement complete admin authentication system
...
Deploy API Server / build-and-deploy (push) Successful in 9s
- Add AdminRole enum (SUPER_ADMIN/ADMIN/OPERATIONS/DEVELOPER/READONLY) with hierarchy
- Add PasswordService (bcryptjs, 12 rounds), AdminTokenService (type=admin JWT)
- Add AdminAuthService: login/lockout/refresh/logout with audit logging
- Add AdminAuthController: /admin-api/auth/{login,refresh,logout,me}
- Add AdminAuthGuard: validates type=admin, user status, session, lockout
- Add AdminRolesGuard + @AdminRoles() decorator for RBAC
- Add AdminAuditService for audit log persistence
- Add AdminLoginRateLimit (10 req/15min per IP)
- Add prisma/seed.ts for SUPER_ADMIN initialization via env vars
- Update JwtAuthGuard to skip /admin-api/* and /internal/* paths
- Update main.ts to exclude admin-api/internal from global 'api' prefix
- Update jwt.config.ts with admin JWT secrets and expiry config
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-21 15:05:31 +08:00
WangDL
fbdae9078f
feat: Python RAG Worker + NestJS 内部 API(文档解析/切片/embedding/Qdrant/候选生成)
Deploy API Server / build-and-deploy (push) Failing after 22s
2026-05-19 22:35:12 +08:00
WangDL
9c161db26b
feat: KnowledgeSource 和 ImportCandidate 模块
Deploy API Server / build-and-deploy (push) Failing after 22s
2026-05-19 22:20:29 +08:00
82fcaa1f2f
fix: replace RateLimitService with global RateLimitGuard
...
Deploy API Server / build-and-deploy (push) Successful in 59s
RateLimitService could not be injected into feature modules due to
NestJS DI module isolation. Replaced with a global Guard that uses
@RateLimit() decorator metadata to apply per-endpoint limits.
- RateLimitGuard: checks Redis counters, throws 429 on exceed
- Decorators: LoginRateLimit, FeedbackRateLimit, AiAnalysisRateLimit,
FileUploadRateLimit
- Applied to: auth (login), feedback, ai-analysis, files endpoints
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-18 10:23:19 +08:00
6d7cbffc3b
feat: COS 对象存储接入 — CosStorageProvider + FilesModule
...
Deploy API Server / build-and-deploy (push) Failing after 3m0s
- 安装 cos-nodejs-sdk-v5,封装 CosStorageProvider(upload/download/delete/healthCheck)
- 重写 StorageService,新增 createUploadUrl/verifyUpload/getDownloadUrl/deleteObject
- 创建 FilesModule:POST /files/upload-url, POST /files/complete, GET /files/:id, DELETE /files/:id
- UploadedFile 新增 objectKey/bucket 字段
- 对象键格式 {userId}/{YYYYMM}/{sanitizedName}.{ext}
- 接入文件类型校验(ALLOWED_FILE_TYPES)+ 上传限流(10次/小时/用户)
- 配置文件 cos.longde.cloud → zhixi-1259685406 / ap-guangzhou
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-17 22:30:14 +08:00
08f31dd5b6
feat: P0 后端补全 — BullMQ Workers 注册 + 用户 Profile API + 角色权限
...
- AppModule 注册 3 个 BullMQ Workers (AiAnalysis/DocumentImport/Notification)
- Users 模块新增 GET/PATCH /users/me/profile 端点:
- GET 读取 UserProfile (learningIdentity, learningDirection, bio, currentGoal)
- PATCH upsert UserProfile
- GET /users/me 返回 profile + preferences (include join)
- 新增 RolesGuard + @Roles() 装饰器 (UserRole enum)
- QueueModule/QueueService 改进
- 各模块 controller/repository/service 完善
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-17 19:08:07 +08:00
007b56dad5
feat: AI三层架构 + 全局JwtAuthGuard + 12个Repository迁Prisma
...
Deploy API Server / build-and-deploy (push) Successful in 1m0s
- AI: 新三层架构 Provider→Gateway→Workflow(15文件,DeepSeek+MiniMax)
- Auth: 全局JwtAuthGuard + @Public()装饰器白名单路由
- DB: 12个Repository从Map/Array迁到Prisma
- Schema: 新增AiUsageLog、WaitlistEntry模型
- API: /api-docs-json加Basic Auth保护
- 清理: 删除infrastructure/ai、docs/旧文档
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-17 00:39:46 +08:00
77c62599b1
feat: Apple 登录真实验签 - jwks-rsa + jsonwebtoken 验签 Apple identityToken
Deploy API Server / build-and-deploy (push) Successful in 2m13s
2026-05-13 15:35:41 +08:00
ef7c1f1bc9
feat: 安全基线 + 4个安全漏洞修复 - JWT AuthGuard/OptionalAuthGuard, StrictValidationPipe, 全局异常过滤器, Redis限流429, Apple登录mock模式, BigInt精度修复, SECURITY.md
2026-05-09 18:57:33 +08:00
35de65e99b
feat: 重构 api-server 为模块化单体架构,接入 MySQL + Redis
...
- 按 BACKEND-PLAN.md 将项目重构为 4 层架构:
config/ -> common/ -> infrastructure/ -> modules/
- 15 个业务模块,遵循 Controller → Service → Repository 分层
- infrastructure: PrismaService / RedisService / QueueService / AiService / StorageService
- common: guards / interceptors / filters / pipes / decorators / dto / types / utils
- Prisma schema 含 27 张表,MySQL 8.0 服务器 db push 成功
- Redis 7 接入: 限流/任务状态/分布式锁/队列预留
- ai-analysis 模块: 每日 50 次限流 + 重复提交锁 + 异步任务状态追踪
- document-import 模块: 异步导入流程 + 进度追踪
- notifications 模块: BullMQ notification 队列预留
- /health 端点实时返回 database + redis 连接状态
- Swagger 注册 15 个 tag,67 个路由全部映射
2026-05-09 18:25:04 +08:00
bd44b7e138
feat: init api-server v0.1
...
- NestJS + TypeScript 后端 API
- 用户认证 (auth)
- 用户管理 (users)
- 学习路径与课程 (learning)
- AI 分析与对话 (ai)
- 用户反馈 (feedback)
- 等待名单 (waitlist)
- 知识库 (knowledge)
- Swagger API 文档(中文、访问控制)
- Basic Auth 保护生产环境文档
2026-05-04 16:09:01 +08:00
