Commit Graph

4 Commits

Author SHA1 Message Date
cc
1186d80475 fix(auth): fail loudly on JWT encode error instead of returning empty token
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-24 21:00:21 +08:00
cc
e1820d0ec8 feat(auth): issue/verify username-bearing HS256 JWT
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-24 20:57:37 +08:00
cc
58bed0ae44 feat(server): 登录与开发者入口门改走 MySQL
UserStore/DevGate 不再写死,改为从 MySQL 实时查询(每次校验一条索引查询、
不缓存整表,照顾内存):
- 新增 db_pool_from_env(),UserStore 与 DevGate 共用一个 sqlx 懒连接池
- verify() 查 ccuser 表、allows() 查 dev_gate 表,均改为 async
- 未设置 DATABASE_URL 时各自回退到内置/文件兜底,便于本地无库开发

连接串经环境变量 DATABASE_URL 注入(线上写在 weather.env)。

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-20 20:43:23 +08:00
cc
58284f3fe0 feat: add login/auth system + blog page with rainbow design
- Client: auth API wrapper (api/auth.ts) + useAuth hook with localStorage persistence

- Client: LoginPage/LoginForm with remember-me and loading states

- Client: BlogPage with hero section, rainbow spotlight cursor effect, post list

- Client: CSS rainbow gradient utilities for text/borders/backgrounds

- Server: POST /api/web/login with username/password verification + token

- Server: CORS extended to POST + Content-Type header

- Server: auth.rs token issuer, serde dependency for JSON

- Chore: gitignore Server/.vite

Co-Authored-By: Claude <noreply@anthropic.com>
2026-06-18 00:00:38 +08:00