Commit Graph

7 Commits

Author SHA1 Message Date
cc
e5b27a6281 refactor(auth): 去掉登录/入口门的内置兜底,强制走数据库
- db_pool_from_env 强制要求 DATABASE_URL,缺失即 panic 拒启
- UserStore/WallUserStore/DevGate 改为只持连接池的 struct,
  删除全部 seed()/Memory/dev_gate.txt 文件兜底——源码不再留写死账号/hash
- 本地新增 MariaDB(InternetProject 库 + ccuser/dev_gate/wall_users 三表)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-25 21:09:18 +08:00
cc
6335654904 feat: 上传压缩改按需(>1MB) + 特殊文件夹 6340 兜底用户
- PhotoWallPage: 仅当原文件 >1MB 才 Canvas 压缩,小图原样上传
- auth.rs: seed 兜底表新增 UserTest6340(本地无 DB 时用;线上走 wall_users 表)

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-25 19:42:06 +08:00
cc
0e6c774ed6 @
feat(auth): 新增 wall_users 表,照片墙与开发者登录分离

登录先查 ccuser(开发者),再查 wall_users(照片墙用户)。
wall_users 初始用户:cc / UserTest。

Co-Authored-By: Claude <noreply@anthropic.com>
@
2026-06-24 22:42:06 +08:00
cc
1186d80475 fix(auth): fail loudly on JWT encode error instead of returning empty token
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-24 21:00:21 +08:00
cc
e1820d0ec8 feat(auth): issue/verify username-bearing HS256 JWT
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-24 20:57:37 +08:00
cc
58bed0ae44 feat(server): 登录与开发者入口门改走 MySQL
UserStore/DevGate 不再写死,改为从 MySQL 实时查询(每次校验一条索引查询、
不缓存整表,照顾内存):
- 新增 db_pool_from_env(),UserStore 与 DevGate 共用一个 sqlx 懒连接池
- verify() 查 ccuser 表、allows() 查 dev_gate 表,均改为 async
- 未设置 DATABASE_URL 时各自回退到内置/文件兜底,便于本地无库开发

连接串经环境变量 DATABASE_URL 注入(线上写在 weather.env)。

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-20 20:43:23 +08:00
cc
58284f3fe0 feat: add login/auth system + blog page with rainbow design
- Client: auth API wrapper (api/auth.ts) + useAuth hook with localStorage persistence

- Client: LoginPage/LoginForm with remember-me and loading states

- Client: BlogPage with hero section, rainbow spotlight cursor effect, post list

- Client: CSS rainbow gradient utilities for text/borders/backgrounds

- Server: POST /api/web/login with username/password verification + token

- Server: CORS extended to POST + Content-Type header

- Server: auth.rs token issuer, serde dependency for JSON

- Chore: gitignore Server/.vite

Co-Authored-By: Claude <noreply@anthropic.com>
2026-06-18 00:00:38 +08:00