zfc/sub2api
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
3,342 Commits 3 Branches 0 Tags
Commit Graph

58 Commits

Author SHA1 Message Date
imlewc
224e9fc6c2 fix(auth): prefer OIDC compat email in pending flow 2026-05-12 14:35:20 +08:00
shaw
e872cbec0b feat: 添加登录注册条款确认 2026-05-07 17:35:05 +08:00
Wesley Liddick
e69319e747
Merge pull request #2224 from lyen1688/feat-email-oauth-github-google 
feat: 增加 GitHub 和 Google 邮箱快捷登录
 2026-05-07 10:07:28 +08:00
shaw
fff4a300c6 feat(risk-control): add content moderation audit 2026-05-07 09:14:47 +08:00
lyen1688
e69256a706 fix: 完善邮箱快捷登录注册流程 2026-05-06 20:52:10 +08:00
lyen1688
7f185422a5 fix: 修复邮箱快捷登录前端回调兜底 2026-05-06 20:03:44 +08:00
lyen1688
af550fa64e feat: 增加 GitHub 和 Google 邮箱快捷登录 2026-05-06 16:06:11 +08:00
shaw
9b6dcc57bd feat(affiliate): 完善邀请返利系统 
- 修复返利不到账的根因:tryClaimAffiliateRebateAudit 中 PostgreSQL 参数类型推断冲突
  - 补全 OAuth 注册路径(LinuxDo/OIDC/WeChat/Pending Flow)的邀请码绑定
  - 前端 OAuth 注册页面传递 aff_code 参数
  - 新增返利冻结期机制:可配置冻结时间,到期后自动解冻(懒解冻)
  - 新增返利有效期:绑定后 N 天内有效,过期不再产生返利
  - 新增单人返利上限:超出上限部分精确截断
  - 增强返利流程 slog 结构化日志,便于排查问题
  - 已邀请用户列表增加返利明细列
 2026-04-26 12:42:35 +08:00
VpSanta33
f03de00cb9 feat: add affiliate invite rebate flow and admin rebate-rate setting 2026-04-24 22:22:26 +08:00
IanShaw027
ca4e38aa01 fix(profile): stabilize binding compatibility and frontend checks 2026-04-22 14:57:47 +08:00
IanShaw027
6696e61c7b fix(frontend): preserve callback recovery state 2026-04-22 13:19:41 +08:00
IanShaw027
c229f33e9e fix(review): harden payment, oauth, and migration paths 2026-04-22 10:26:22 +08:00
IanShaw027
863258d782 Always show register password hint 2026-04-21 10:15:57 -07:00
IanShaw027
54dc176725 feat(settings): support per-channel WeChat OAuth and persist payment options 2026-04-21 07:51:41 -07:00
IanShaw027
a6b919eb53 frontend: normalize auth oauth i18n and error toasts 2026-04-21 22:26:11 +08:00
IanShaw027
4c21320d1b fix(auth): require explicit choice for third-party signup 2026-04-21 20:36:58 +08:00
IanShaw027
12f1e19d68 fix: restore wechat oauth legacy callback compatibility 2026-04-21 13:36:19 +08:00
IanShaw027
33b208ab6f fix: restore legacy oauth callback fragment compatibility 2026-04-21 11:00:18 +08:00
IanShaw027
7e89bca5e6 fix: tighten pending oauth email routing and binding state 2026-04-21 10:41:29 +08:00
IanShaw027
dcd5c43da4 feat: complete email binding and pending oauth verification flows 2026-04-21 10:00:06 +08:00
IanShaw027
cd0338fbae fix frontend wechat oauth capability recovery 2026-04-21 01:48:23 +08:00
IanShaw027
067eb23d8e Tighten WeChat OAuth capability mode selection 2026-04-21 00:46:40 +08:00
IanShaw027
12f4af742f fix auth pending adoption and turnstile flow 2026-04-21 00:45:56 +08:00
IanShaw027
55e8dd550a Tighten WeChat payment resume flow 2026-04-21 00:33:23 +08:00
IanShaw027
85fc54b205 fix(frontend): restore pending auth session flow 2026-04-21 00:05:44 +08:00
IanShaw027
0fa47f18ed feat: complete pending oauth account creation UI 2026-04-21 00:02:51 +08:00
IanShaw027
7ef7fd19e7 fix: restore wechat payment oauth and jsapi flow 2026-04-20 23:34:57 +08:00
IanShaw027
e1a28848fa fix: clarify wechat existing account binding 2026-04-20 22:54:47 +08:00
IanShaw027
7fdede579a fix: preserve wechat bind resume state 2026-04-20 22:52:56 +08:00
IanShaw027
4d10ba4297 fix: complete wechat pending auth callback flows 2026-04-20 22:50:41 +08:00
IanShaw027
bffcc2042e fix: complete oidc pending auth callback flows 2026-04-20 22:37:25 +08:00
IanShaw027
7826e9880c feat: support linuxdo pending bind 2fa callback 2026-04-20 19:53:22 +08:00
IanShaw027
6ea3f42e2f feat: add oauth callback email binding ui 2026-04-20 19:30:19 +08:00
IanShaw027
c6d8592484 feat: add profile auth identity binding flow 2026-04-20 18:28:44 +08:00
IanShaw027
e9de839d87 feat: rebuild auth identity foundation flow 2026-04-20 17:39:57 +08:00
ruiqurm
02a66a01c3 feat: support OIDC login. 2026-04-09 02:20:51 +00:00
John Doe
6826149a8f feat: add Backend Mode toggle to disable user self-service 
Add a system-wide "Backend Mode" that disables user self-registration
and self-service while keeping admin panel and API gateway fully
functional. When enabled, only admin can log in; all user-facing
routes return 403.

Backend:
- New setting key `backend_mode_enabled` with atomic cached reads (60s TTL)
- BackendModeUserGuard middleware blocks non-admin authenticated routes
- BackendModeAuthGuard middleware blocks registration/password-reset auth routes
- Login/Login2FA/RefreshToken handlers reject non-admin when enabled
- TokenPairWithUser struct for role-aware token refresh
- 20 unit tests (middleware + service layer)

Frontend:
- Router guards redirect unauthenticated users to /login
- Admin toggle in Settings page
- Login page hides register link and footer in backend mode
- 9 unit tests for router guard logic
- i18n support (en/zh)

27 files changed, 833 insertions(+), 17 deletions(-)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-12 02:42:57 +03:00
Elysia
c069b3b1e8 fix issue #836 linux.do注册无需邀请码 2026-03-09 00:35:34 +08:00
shaw
59879b7fa7 fix(i18n): replace hardcoded English strings in EmailVerifyView with i18n calls 2026-03-04 15:58:44 +08:00
PMExtra
bd0801a887 feat(registration): add email domain whitelist policy 2026-03-04 13:54:18 +08:00
shaw
49a3c43741 feat(auth): 实现 Refresh Token 机制 
- 新增 Access Token + Refresh Token 双令牌认证
- 支持 Token 自动刷新和轮转
- 添加登出和撤销所有会话接口
- 前端实现无感刷新和主动刷新定时器
 2026-02-05 12:42:54 +08:00
shuike
6c86501d11 feat: 增加邀请码注册功能 2026-02-03 13:38:44 +08:00
shaw
1245f07a2d feat(auth): 实现 TOTP 双因素认证功能 
新增功能:
- 支持 Google Authenticator 等应用进行 TOTP 二次验证
- 用户可在个人设置中启用/禁用 2FA
- 登录时支持 TOTP 验证流程
- 管理后台可全局开关 TOTP 功能

安全增强:
- TOTP 密钥使用 AES-256-GCM 加密存储
- 添加 TOTP_ENCRYPTION_KEY 配置项,必须手动配置才能启用功能
- 防止服务重启导致加密密钥变更使用户无法登录
- 验证失败次数限制,防止暴力破解

配置说明:
- Docker 部署:在 .env 中设置 TOTP_ENCRYPTION_KEY
- 非 Docker 部署:在 config.yaml 中设置 totp.encryption_key
- 生成密钥命令:openssl rand -hex 32
 2026-01-26 09:19:53 +08:00
shaw
9cc8352593 feat(auth): 密码重置邮件队列化与限流优化 
- 邮件发送改为异步队列处理,避免并发导致发送失败
- 新增 Email 维度限流(30秒冷却期),防止邮件轰炸
- Token 验证使用常量时间比较,防止时序攻击
- 重构代码消除冗余,提取公共验证逻辑
 2026-01-24 22:55:28 +08:00
shaw
192efb84a0 feat(promo-code): complete promo code feature implementation 
- Add promo_code_enabled field to SystemSettings and PublicSettings DTOs
- Add promo code validation in registration flow
- Add admin settings UI for promo code configuration
- Add i18n translations for promo code feature
 2026-01-20 15:56:26 +08:00
long
d2fc14fb97 feat: 实现注册优惠码功能 
- 支持创建/编辑/删除优惠码,设置赠送金额和使用限制
  - 注册页面实时验证优惠码并显示赠送金额
  - 支持 URL 参数自动填充 (?promo=CODE)
  - 添加优惠码验证接口速率限制
  - 使用数据库行锁防止并发超限
  - 新增后台优惠码管理页面,支持复制注册链接
 2026-01-10 13:14:35 +08:00
shaw
f060db0b30 fix: 加固 LinuxDo OAuth 登录安全与配置校验 2026-01-09 19:32:06 +08:00
admin
152d0cdec6 feat(auth): 添加 Linux DO Connect OAuth 登录支持 
- 新增 Linux DO OAuth 配置项和环境变量支持
- 实现 OAuth 授权流程和回调处理
- 前端添加 Linux DO 登录按钮和回调页面
- 支持通过 Linux DO 账号注册/登录
- 添加相关国际化文本

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 18:26:32 +08:00
IanShaw027
4251a5a451 refactor(frontend): 完成所有组件的内联SVG统一替换为Icon组件 
- 扩展 Icon.vue 组件,新增 60+ 图标路径
  - 导航类: arrowRight, arrowLeft, arrowUp, arrowDown, chevronUp, externalLink
  - 状态类: checkCircle, xCircle, exclamationCircle, exclamationTriangle, infoCircle
  - 用户类: user, userCircle, userPlus, users
  - 文档类: document, clipboard, copy, inbox
  - 操作类: download, upload, filter, sort
  - 安全类: key, lock, shield
  - UI类: menu, calendar, home, terminal, gift, creditCard, mail
  - 数据类: chartBar, trendingUp, database, cube
  - 其他: bolt, sparkles, cloud, server, sun, moon, book 等

- 重构 56 个 Vue 组件,用 Icon 组件替换内联 SVG
  - 净减少约 2200 行代码
  - 提升代码可维护性和一致性
  - 统一图标样式和尺寸管理
 2026-01-05 20:22:48 +08:00
yangjianbo
7dddd06583 Merge branch 'main' of https://github.com/mt21625457/aicodex2api 2026-01-04 21:06:12 +08:00