f260fd6bfb
feat: 添加管理员管理 API
...
- 新增管理员类型定义 (src/types/admin.ts)
- 新增管理员管理服务 (src/services/admin/admin-management-service.ts)
- 新增管理员管理路由 (src/routes/admin/admins.ts)
- 更新 API 参考文档
功能:
- GET /v1/admin/admins - 获取管理员列表(支持分页和筛选)
- GET /v1/admin/admins/:id - 获取管理员详情
- POST /v1/admin/admins - 创建管理员(super_admin 专属)
- PUT /v1/admin/admins/:id - 更新管理员信息(super_admin 专属)
- DELETE /v1/admin/admins/:id - 软删除管理员(super_admin 专属)
- POST /v1/admin/admins/:id/reset-password - 重置密码(super_admin 专属)
安全特性:
- BCrypt 密码哈希
- 随机密码生成(12 位,包含大小写字母、数字、符号)
- 软删除机制
- 防止删除最后一个 super_admin
- 防止管理员修改自己的关键信息
- 使用 Drizzle ORM ne() 操作符防止 SQL 注入
2026-04-11 18:36:24 +08:00
3991a02a8c
feat: 添加管理员用户名密码登录功能
...
新增 /v1/admin/auth/login 接口,支持用户名密码登录获取 JWT Token。
- 添加 admin_users 表存储管理员账号和哈希密码
- 使用 bcryptjs 进行密码哈希(cost=10)
- JWT Token 认证优先,保留 ADMIN_TOKEN 作为向后兼容
- 记录登录审计日志到 admin_audit_log
- 种子数据创建默认管理员(username: admin, password: admin123)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-11 15:25:31 +08:00
4c0419649b
docs: update admin categories API with pagination parameters
...
- Add page/limit query parameters documentation
- Update response format to include pagination metadata
- Specify parameter constraints (page ≥ 1, limit 1-50)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-11 12:57:24 +08:00
6e65993f89
feat: add pagination support to admin categories endpoint
...
- Add page/limit query parameters with Zod validation (max 50)
- Update listCategories service to return paginated results
- Response format includes pagination metadata (total, page, limit)
- Matches existing pattern from questions/feedback endpoints
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-11 12:56:40 +08:00
2dd5f18822
docs: add API reference and environment variable guide
...
- docs/api-reference.md: comprehensive API documentation for client and admin endpoints
- docs/env-secrets-guide.md: guide for generating secure keys and tokens
2026-04-11 12:01:53 +08:00
00d9731f06
docs: sync project progress across CLAUDE.md and dev-spec.md
...
- CLAUDE.md: update project structure (14 tables, admin services, tests,
content dir, audit-log middleware, subscription-service)
- CLAUDE.md: update tech stack (Zod validated routes, Vitest tests)
- CLAUDE.md: add test command to dev commands
- CLAUDE.md: update database section (7 → 14 tables with categories)
- CLAUDE.md: add implementation-plan.md to docs table
- CLAUDE.md: update progress (1a/1b/1c done, 1c-5 remaining)
- dev-spec.md: update status from "待启动开发" to actual progress
2026-04-09 12:02:43 +08:00
b872b1cad9
feat: implement Phase 1b core features and Phase 1c commercialization
...
Phase 1b — Core Features:
- Huawei ID Kit login (token exchange + user info) with guest mode
- Quiz engine: randomized questions, distractor shuffling, answer verification
- XP service with combo bonuses (3/5/10-hit streaks), daily reset
- Streak service: >=3 correct/day, freeze, UTC date handling
- Hearts service: 5/day, 30min auto-restore, Pro unlimited
- 50 quiz questions across 3 categories (history/drama/crosstalk)
- 13 skill tree chapters with linear progression
- Idempotent seed import script (categories → skill tree → questions)
- 7 admin CRUD services (questions, categories, knowledge cards,
skill tree, users, stats, feedback) with Zod validation
- All routes use Zod schema validation, /auth/me endpoint
Phase 1c — Commercialization:
- Leaderboard with live XP ranking, 10 tiers, weekly settlement
- Achievement system with 15 seed achievements and condition checking
- Huawei IAP receipt verification + subscription management
- Differentiated rate limiting (auth 10/min, quiz 60/min)
- Admin audit logging middleware
Infrastructure:
- Vitest test framework with DB mock utilities (19 tests passing)
- 12 DB tables (5 new: question_ratings, user_feedback, achievements,
user_achievements, leaderboard_snapshots, subscriptions, admin_audit_log)
- TypeScript strict mode: zero errors
2026-04-09 00:12:12 +08:00
f6e7be324e
feat: initialize duoqi-api project skeleton
...
Set up Fastify + TypeScript + Drizzle ORM backend with:
- Database schema (7 tables: users, categories, questions, knowledge_cards, user_progress, skill_tree, user_chapter_progress)
- JWT auth middleware + admin token auth
- Route structure for auth, quiz, progress, gamification, payment, and admin
- Service stubs for Phase 1b implementation
- Zod-validated env config, custom error classes
2026-04-08 21:24:15 +08:00
