duoqi-api

Author	SHA1	Message	Date
Wang Zhuoxuan	c8a5d0bf25	feat: add high-reward quota fields to challenge answer DTO Include highRewardSessionsLeft/Max in AnswerResultDto.progress so clients can update UI after each answer without extra API calls.	2026-05-12 00:12:24 +08:00
Wang Zhuoxuan	05b9faa0ea	feat: enforce daily high-reward session limits with tier-based quotas Free users get 3 high-reward sessions/day, Plus users get 8. Sessions after quota are still playable but with degraded XP rewards.	2026-05-12 00:01:31 +08:00
Wang Zhuoxuan	6ea5ed9de0	feat: add heart deduction boundaries with new user protection Add 3-day new user heart protection (minimum 1 heart) and block answering when hearts are exhausted for free-tier users.	2026-05-11 23:44:45 +08:00
Wang Zhuoxuan	9e0f97d162	Settle completed challenge sessions	2026-05-11 21:40:41 +08:00
Wang Zhuoxuan	5bb6ba29a2	Record idempotent challenge answers	2026-05-11 21:34:27 +08:00
Wang Zhuoxuan	1d84de8d15	Create challenge sessions with five questions	2026-05-11 18:32:40 +08:00
Wang Zhuoxuan	6a655d0ce2	Add weekly XP schema	2026-05-11 18:18:33 +08:00
Wang Zhuoxuan	7a617ce1f9	Add daily progress schema	2026-05-11 18:06:19 +08:00
Wang Zhuoxuan	51395bf5ec	Add reward ledger schema	2026-05-11 17:59:03 +08:00
Wang Zhuoxuan	a23f1abc12	Add wallet and inventory schema	2026-05-11 17:41:26 +08:00
Wang Zhuoxuan	5570973f74	Add challenge session schema	2026-05-11 17:39:06 +08:00
Wang Zhuoxuan	8382183ee5	Add gamification rule constants	2026-05-11 17:33:53 +08:00
Wang Zhuoxuan	94b807ad16	docs: annotate database schema fields	2026-05-11 12:45:00 +08:00
Wang Zhuoxuan	2649b24277	Add ad recovery API contract	2026-05-05 16:12:04 +08:00
Wang Zhuoxuan	3ea44189e8	Add Flutter app-facing API routes	2026-05-04 01:24:23 +08:00
Wang Zhuoxuan	c70748dde2	fix: 修复 admin change-password 接口 401 和 CORS 问题 All checks were successful CI/CD Pipeline / Code Quality (push) Successful in 18s Details CI/CD Pipeline / Unit Tests (push) Successful in 45s Details CI/CD Pipeline / Build & Deploy Test (push) Has been skipped Details CI/CD Pipeline / Build & Deploy Production (push) Successful in 12m21s Details - CORS 配置显式放行 PUT/PATCH/DELETE 方法（默认只有 GET/POST/HEAD） - admin-auth 白名单路径修正 /v1/admin/auth/login → /v1/admin/login - JWT verify 后手动赋值 request.user，修复 decoded payload 丢失	2026-04-23 22:27:23 +08:00
Wang Zhuoxuan	2c97412c82	fix: 修复 admin-auth 测试的 TypeScript 类型错误 Some checks failed CI/CD Pipeline / Code Quality (push) Successful in 18s Details CI/CD Pipeline / Unit Tests (push) Failing after 14s Details CI/CD Pipeline / Build & Deploy Test (push) Has been skipped Details CI/CD Pipeline / Build & Deploy Production (push) Has been skipped Details 将 mockDb 的类型从 Record<string, Mock> 改为显式的映射类型，消除 CI 中 "possibly undefined" 的类型检查报错。	2026-04-23 12:55:01 +08:00
Wang Zhuoxuan	5b1f0848ac	feat: 添加管理员修改自己密码的接口 Some checks failed CI/CD Pipeline / Code Quality (push) Failing after 17s Details CI/CD Pipeline / Unit Tests (push) Has been skipped Details CI/CD Pipeline / Build & Deploy Test (push) Has been skipped Details CI/CD Pipeline / Build & Deploy Production (push) Has been skipped Details 新增 PUT /v1/admin/change-password 端点，允许已登录管理员（admin / super_admin）修改自己的密码。需验证旧密码，且新旧密码不能相同。错误由全局 errorHandler 统一处理。	2026-04-23 12:32:31 +08:00
Wang Zhuoxuan	9d1f52d95b	fix: health 路由路径修正为 /health All checks were successful CI/CD Pipeline / Code Quality (push) Successful in 15s Details CI/CD Pipeline / Unit Tests (push) Successful in 8s Details CI/CD Pipeline / Build & Deploy Test (push) Has been skipped Details CI/CD Pipeline / Build & Deploy Production (push) Successful in 1m15s Details healthRoutes 注册时无 /v1 前缀，实际路径是 /health 而非 /v1/health。将 auth 中间件白名单从 /v1/health 改为 /health，并同步修正所有 HEALTHCHECK 和 CI health check 路径。	2026-04-18 04:13:59 +08:00
Wang Zhuoxuan	db2f3af8a3	feat: 完善题目列表查询接口，支持搜索、多维筛选和排序 - 新增关键词搜索（同时匹配题干 stem 和选项 distractors） - 新增按难度(difficulty)、来源(source)筛选 - 新增动态排序：支持 createdAt/updatedAt/difficulty，可选 asc/desc - 路由层增加 sortBy/sortOrder 白名单校验	2026-04-12 00:04:11 +08:00
Wang Zhuoxuan	aeebcba77c	feat: 添加题目批量导入接口（JSON + CSV） - POST /admin/questions/import 支持 JSON 数组导入（1-200 条） - POST /admin/questions/import-csv 支持 CSV 文本导入 - 全有或全无事务策略，先验校验后统一插入 - 包含 categoryId 外键存在性校验 - CSV 解析器支持引号内逗号、换行和 "" 转义	2026-04-11 23:23:09 +08:00
Wang Zhuoxuan	1b142f2866	feat: 添加题目批量发布、归档和删除接口 - 新增 batchUpdateStatus 通用方法，带状态流转校验和 BatchResult 报告 - 改造 batchPublish 使用新方法，返回成功/失败详情 - 新增 batchArchive 和 batch-delete 端点（软删除） - 使用 inArray 批量查询和更新，优化数据库往返 - 更新 API 文档，补充三个批量接口说明	2026-04-11 22:19:02 +08:00
Wang Zhuoxuan	6a5490dea4	feat: 添加题目状态变更接口（带流转校验）新增 PATCH /admin/questions/:id/status 接口，支持题目状态流转并校验合法性： - draft → reviewing, archived - reviewing → published, draft, archived - published → archived - archived → draft	2026-04-11 21:17:34 +08:00
Wang Zhuoxuan	f260fd6bfb	feat: 添加管理员管理 API - 新增管理员类型定义 (src/types/admin.ts) - 新增管理员管理服务 (src/services/admin/admin-management-service.ts) - 新增管理员管理路由 (src/routes/admin/admins.ts) - 更新 API 参考文档功能： - GET /v1/admin/admins - 获取管理员列表（支持分页和筛选） - GET /v1/admin/admins/:id - 获取管理员详情 - POST /v1/admin/admins - 创建管理员（super_admin 专属） - PUT /v1/admin/admins/:id - 更新管理员信息（super_admin 专属） - DELETE /v1/admin/admins/:id - 软删除管理员（super_admin 专属） - POST /v1/admin/admins/:id/reset-password - 重置密码（super_admin 专属）安全特性： - BCrypt 密码哈希 - 随机密码生成（12 位，包含大小写字母、数字、符号） - 软删除机制 - 防止删除最后一个 super_admin - 防止管理员修改自己的关键信息 - 使用 Drizzle ORM ne() 操作符防止 SQL 注入	2026-04-11 18:36:24 +08:00
Wang Zhuoxuan	3991a02a8c	feat: 添加管理员用户名密码登录功能新增 /v1/admin/auth/login 接口，支持用户名密码登录获取 JWT Token。 - 添加 admin_users 表存储管理员账号和哈希密码 - 使用 bcryptjs 进行密码哈希（cost=10） - JWT Token 认证优先，保留 ADMIN_TOKEN 作为向后兼容 - 记录登录审计日志到 admin_audit_log - 种子数据创建默认管理员（username: admin, password: admin123） Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-11 15:25:31 +08:00
Wang Zhuoxuan	6e65993f89	feat: add pagination support to admin categories endpoint - Add page/limit query parameters with Zod validation (max 50) - Update listCategories service to return paginated results - Response format includes pagination metadata (total, page, limit) - Matches existing pattern from questions/feedback endpoints Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-11 12:56:40 +08:00
Wang Zhuoxuan	b872b1cad9	feat: implement Phase 1b core features and Phase 1c commercialization Phase 1b — Core Features: - Huawei ID Kit login (token exchange + user info) with guest mode - Quiz engine: randomized questions, distractor shuffling, answer verification - XP service with combo bonuses (3/5/10-hit streaks), daily reset - Streak service: >=3 correct/day, freeze, UTC date handling - Hearts service: 5/day, 30min auto-restore, Pro unlimited - 50 quiz questions across 3 categories (history/drama/crosstalk) - 13 skill tree chapters with linear progression - Idempotent seed import script (categories → skill tree → questions) - 7 admin CRUD services (questions, categories, knowledge cards, skill tree, users, stats, feedback) with Zod validation - All routes use Zod schema validation, /auth/me endpoint Phase 1c — Commercialization: - Leaderboard with live XP ranking, 10 tiers, weekly settlement - Achievement system with 15 seed achievements and condition checking - Huawei IAP receipt verification + subscription management - Differentiated rate limiting (auth 10/min, quiz 60/min) - Admin audit logging middleware Infrastructure: - Vitest test framework with DB mock utilities (19 tests passing) - 12 DB tables (5 new: question_ratings, user_feedback, achievements, user_achievements, leaderboard_snapshots, subscriptions, admin_audit_log) - TypeScript strict mode: zero errors	2026-04-09 00:12:12 +08:00
Wang Zhuoxuan	f6e7be324e	feat: initialize duoqi-api project skeleton Set up Fastify + TypeScript + Drizzle ORM backend with: - Database schema (7 tables: users, categories, questions, knowledge_cards, user_progress, skill_tree, user_chapter_progress) - JWT auth middleware + admin token auth - Route structure for auth, quiz, progress, gamification, payment, and admin - Service stubs for Phase 1b implementation - Zod-validated env config, custom error classes	2026-04-08 21:24:15 +08:00

28 Commits