Merge pull request #5 from Yaosanqi137/feature/p2-api-auth

Feature/p2 api auth

README.md

@@ -72,7 +72,7 @@
 > 状态说明：`[x]` 已完成，`[ ]` 进行中/未开始（请随开发进度更新）
 
 | 顺序 | 功能实现项（用户视角） | 你会看到的效果 | 状态 |
-| ---- | ---------------------------------- | --------------------------------------- | ---- |
+|---|---|---|---|
 | 1 | 明确产品能力与交互流程 | 确认 TodoList 的核心使用方式与页面路径 | [x] |
 | 2 | 实现基础登录（邮箱验证码） | 可以注册/登录并进入主页面 | [ ] |
 | 3 | 实现任务基础能力（增删改查） | 可以创建、编辑、删除、完成任务 | [ ] |
@@ -151,97 +151,6 @@ TodoList/
 
 ---
 
-## 部署与使用
-
-### 1. 环境要求
-
-- Node.js `20.x`
-- pnpm `9.15.2`
-- PostgreSQL `14+`（本地或远程都可）
-- 可选：MinIO / S3（附件上传功能使用）
-
-### 2. 安装依赖
-
-```bash
-pnpm install
-```
-
-### 3. 后端环境变量配置
-
-1. 复制环境变量示例文件：
-
-```bash
-cp apps/api/.env.example apps/api/.env
-# PowerShell:
-# Copy-Item apps/api/.env.example apps/api/.env
-```
-
-2. 至少修改以下配置：
-
-- `DATABASE_URL`：你的 PostgreSQL 连接串
-- `AUTH_ACCESS_SECRET`：生产环境请改为高强度随机值
-- `MAIL_SMTP_*`：邮件服务器配置（验证码/提醒邮件）
-- `OAUTH_*`：第三方登录配置（未接入可先保留示例值）
-- `S3_*`：对象存储配置（未启用附件可后续再配）
-
-### 4. 初始化数据库
-
-```bash
-pnpm --filter @todolist/api exec prisma db push
-```
-
-### 5. 本地开发启动
-
-1. 启动后端（默认端口 `3000`）：
-
-```bash
-pnpm --filter @todolist/api start:dev
-```
-
-2. 启动前端（默认端口 `5173`）：
-
-```bash
-pnpm --filter web dev
-```
-
-3. 若前端需连接非默认后端地址，可设置：
-
-```bash
-VITE_API_BASE_URL=http://localhost:3000
-```
-
-### 6. 生产构建与运行
-
-1. 构建：
-
-```bash
-pnpm run build
-```
-
-2. 运行 API（需先构建）：
-
-```bash
-pnpm --filter @todolist/api start
-```
-
-3. 发布 Web：
-
-- `apps/web/dist` 为静态资源产物，建议使用 Nginx/静态托管服务发布。
-
-### 7. CI/CD 说明（当前仓库）
-
-- PR 质量检查：`.github/workflows/pr-quality.yml`
-- Web 部署模板：`.github/workflows/deploy-web.yml`
-- Admin 部署模板：`.github/workflows/deploy-admin.yml`
-- API 镜像构建：`.github/workflows/api-docker-image.yml`
-
-说明：
-
-- Web/Admin 工作流通过 Webhook 触发真实部署，需在仓库 Secrets 配置：
-  - `WEB_DEPLOY_WEBHOOK_URL`
-  - `ADMIN_DEPLOY_WEBHOOK_URL`
-- API 镜像工作流仅在存在 `apps/api/Dockerfile` 时执行镜像构建与推送。
-
 ## License
 
 本项目遵循 [GNUv3](./LICENSE)。

apps/api/.env.example

@@ -1,65 +1,19 @@
-# -----------------------------------------------------------------------------
-# TodoList API 环境变量示例
-# 用法：
-# 1) 复制为 apps/api/.env
-# 2) 按实际环境替换值（尤其是密钥、密码、令牌）
-# -----------------------------------------------------------------------------
-
-# [数据库] PostgreSQL 连接串
-# 格式：postgresql://<user>:<password>@<host>:<port>/<db>?schema=public
 DATABASE_URL="postgresql://postgres:postgres@localhost:5432/todolist?schema=public"
-
-# [鉴权] Access Token 签名密钥（生产环境必须使用高强度随机值）
 AUTH_ACCESS_SECRET="dev-access-secret"
-# [鉴权] Access Token 有效期（秒），默认 15 分钟
 AUTH_ACCESS_EXPIRES_IN_SECONDS="900"
-# [鉴权] Refresh Token 有效期（秒），默认 30 天
 AUTH_REFRESH_EXPIRES_IN_SECONDS="2592000"
-# [鉴权] 邮箱验证码有效期（秒），默认 5 分钟
 AUTH_EMAIL_CODE_TTL_SECONDS="300"
-# [2FA] TOTP 签发方名称（会显示在验证器 App 中）
 AUTH_TOTP_ISSUER="TodoList"
-
-# [OAuth - GitHub] 第三方登录配置
 OAUTH_GITHUB_CLIENT_ID="github-client-id"
 OAUTH_GITHUB_CLIENT_SECRET="github-client-secret"
 OAUTH_GITHUB_CALLBACK_URL="http://localhost:3000/auth/oauth/github/callback"
-
-# [OAuth - QQ] 第三方登录配置
 OAUTH_QQ_CLIENT_ID="qq-client-id"
 OAUTH_QQ_CLIENT_SECRET="qq-client-secret"
 OAUTH_QQ_CALLBACK_URL="http://localhost:3000/auth/oauth/qq/callback"
 OAUTH_QQ_AUTH_URL="https://graph.qq.com/oauth2.0/authorize"
 OAUTH_QQ_TOKEN_URL="https://graph.qq.com/oauth2.0/token"
-
-# [OAuth - 微信] 第三方登录配置
 OAUTH_WECHAT_CLIENT_ID="wechat-client-id"
 OAUTH_WECHAT_CLIENT_SECRET="wechat-client-secret"
 OAUTH_WECHAT_CALLBACK_URL="http://localhost:3000/auth/oauth/wechat/callback"
 OAUTH_WECHAT_AUTH_URL="https://open.weixin.qq.com/connect/qrconnect"
 OAUTH_WECHAT_TOKEN_URL="https://api.weixin.qq.com/sns/oauth2/access_token"
-
-# [对象存储] S3/MinIO 配置（附件上传）
-# 本地开发可使用 MinIO，生产可切换到云厂商 S3 兼容服务
-S3_ENDPOINT="http://127.0.0.1:9000"
-S3_REGION="us-east-1"
-S3_BUCKET="todolist"
-S3_ACCESS_KEY_ID="minioadmin"
-S3_SECRET_ACCESS_KEY="minioadmin"
-# MinIO 常用 true；AWS S3 常用 false
-S3_FORCE_PATH_STYLE="true"
-# 预签名上传 URL 的有效期（秒）
-S3_PRESIGN_EXPIRES_SECONDS="900"
-# 对外访问附件的基础地址（用于拼接公开 URL）
-S3_PUBLIC_BASE_URL="http://127.0.0.1:9000"
-
-# [邮件] SMTP 配置（验证码/DDL 提醒邮件）
-MAIL_SMTP_HOST="smtp.example.com"
-MAIL_SMTP_PORT="465"
-# 465 通常为 true（SSL），587 通常为 false（STARTTLS）
-MAIL_SMTP_SECURE="true"
-MAIL_SMTP_USER="no-reply@example.com"
-MAIL_SMTP_PASS="replace-with-smtp-password"
-# 发件人显示名称与地址
-MAIL_FROM_NAME="TodoList"
-MAIL_FROM_ADDRESS="no-reply@example.com"

apps/api/jest.config.cjs

@@ -1,11 +0,0 @@
-/** @type {import('jest').Config} */
-module.exports = {
-  rootDir: ".",
-  testEnvironment: "node",
-  clearMocks: true,
-  testMatch: ["<rootDir>/test/**/*.spec.ts"],
-  moduleFileExtensions: ["ts", "js", "json"],
-  transform: {
-    "^.+\\.(t|j)s$": ["ts-jest", { tsconfig: "<rootDir>/tsconfig.spec.json" }]
-  }
-};

apps/api/package.json

@@ -6,54 +6,35 @@
     "prisma:generate": "prisma generate",
     "prisma:format": "prisma format",
     "prisma:validate": "prisma validate",
-    "prebuild": "pnpm run prisma:generate",
-    "pretypecheck": "pnpm run prisma:generate",
-    "pretest": "pnpm run prisma:generate",
     "start": "node dist/main.js",
     "start:dev": "ts-node-dev --respawn --transpile-only src/main.ts",
     "build": "tsc -p tsconfig.build.json",
     "typecheck": "tsc --noEmit -p tsconfig.json",
-    "test": "jest --config jest.config.cjs --runInBand"
+    "test": "echo api tests pending"
   },
   "license": "GPL-3.0-or-later",
   "devDependencies": {
-    "@nestjs/testing": "^11.1.18",
-    "@types/jest": "^30.0.0",
     "@types/node": "^25.5.2",
-    "@types/nodemailer": "^8.0.0",
     "@types/passport-github2": "^1.2.9",
     "@types/passport-oauth2": "^1.8.0",
-    "@types/supertest": "^7.2.0",
     "dotenv": "^16.6.1",
-    "jest": "^30.3.0",
     "prisma": "^7.6.0",
-    "supertest": "^7.2.2",
-    "ts-jest": "^29.4.9",
     "ts-node": "^10.9.2",
     "ts-node-dev": "^2.0.0",
     "typescript": "^5.9.3"
   },
   "private": true,
   "dependencies": {
-    "@aws-sdk/client-s3": "^3.1024.0",
-    "@aws-sdk/s3-request-presigner": "^3.1024.0",
     "@nestjs/common": "^11.1.18",
     "@nestjs/config": "^4.0.3",
     "@nestjs/core": "^11.1.18",
     "@nestjs/jwt": "^11.0.2",
-    "@nestjs/passport": "^11.0.5",
     "@nestjs/platform-express": "^11.1.18",
     "@otplib/preset-default": "^12.0.1",
-    "@prisma/adapter-pg": "^7.6.0",
     "@prisma/client": "^7.6.0",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.15.1",
-    "nodemailer": "^8.0.4",
     "otplib": "^13.4.0",
-    "passport": "^0.7.0",
-    "passport-github2": "^0.1.12",
-    "passport-oauth2": "^1.8.0",
-    "pg": "^8.20.0",
     "reflect-metadata": "^0.2.2",
     "rxjs": "^7.8.2"
   }

apps/api/src/app.module.ts

@@ -1,9 +1,6 @@
 import { Module } from "@nestjs/common";
 import { ConfigModule } from "@nestjs/config";
-import { AttachmentModule } from "./attachment/attachment.module";
 import { AuthModule } from "./auth/auth.module";
-import { PrismaModule } from "./prisma/prisma.module";
-import { TaskModule } from "./task/task.module";
 
 @Module({
   imports: [
@@ -11,10 +8,7 @@ import { TaskModule } from "./task/task.module";
       isGlobal: true,
       envFilePath: ".env"
     }),
-    PrismaModule,
-    AuthModule,
-    TaskModule,
-    AttachmentModule
+    AuthModule
   ]
 })
 export class AppModule {}

apps/api/src/attachment/attachment.controller.ts

@@ -1,38 +0,0 @@
-import { Body, Controller, Headers, Post, UnauthorizedException } from "@nestjs/common";
-import {
-  AttachmentResponse,
-  AttachmentService,
-  PresignAttachmentResponse
-} from "./attachment.service";
-import { CompleteAttachmentDto } from "./dto/complete-attachment.dto";
-import { PresignAttachmentDto } from "./dto/presign-attachment.dto";
-
-@Controller("attachments")
-export class AttachmentController {
-  constructor(private readonly attachmentService: AttachmentService) {}
-
-  @Post("presign")
-  async presignAttachment(
-    @Headers("x-user-id") userIdHeader: string | string[] | undefined,
-    @Body() body: PresignAttachmentDto
-  ): Promise<PresignAttachmentResponse> {
-    return this.attachmentService.presignAttachment(this.resolveUserId(userIdHeader), body);
-  }
-
-  @Post("complete")
-  async completeAttachment(
-    @Headers("x-user-id") userIdHeader: string | string[] | undefined,
-    @Body() body: CompleteAttachmentDto
-  ): Promise<AttachmentResponse> {
-    return this.attachmentService.completeAttachment(this.resolveUserId(userIdHeader), body);
-  }
-
-  private resolveUserId(userIdHeader: string | string[] | undefined): string {
-    const userId = Array.isArray(userIdHeader) ? userIdHeader[0] : userIdHeader;
-    if (!userId) {
-      throw new UnauthorizedException("缺少用户上下文");
-    }
-
-    return userId;
-  }
-}

apps/api/src/attachment/attachment.module.ts

@@ -1,11 +0,0 @@
-import { Module } from "@nestjs/common";
-import { PrismaModule } from "../prisma/prisma.module";
-import { AttachmentController } from "./attachment.controller";
-import { AttachmentService } from "./attachment.service";
-
-@Module({
-  imports: [PrismaModule],
-  controllers: [AttachmentController],
-  providers: [AttachmentService]
-})
-export class AttachmentModule {}

apps/api/src/attachment/attachment.service.ts

@@ -1,282 +0,0 @@
-import { randomUUID } from "node:crypto";
-import { Injectable, NotFoundException, PayloadTooLargeException } from "@nestjs/common";
-import { ConfigService } from "@nestjs/config";
-import { PutObjectCommand, S3Client } from "@aws-sdk/client-s3";
-import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
-import { AttachmentType } from "../../generated/prisma/client";
-import { PrismaService } from "../prisma/prisma.service";
-import { CompleteAttachmentDto } from "./dto/complete-attachment.dto";
-import { PresignAttachmentDto } from "./dto/presign-attachment.dto";
-
-type QuotaInfo = {
-  totalBytes: bigint;
-  usedBytes: bigint;
-};
-
-export type PresignAttachmentResponse = {
-  method: "PUT";
-  uploadUrl: string;
-  bucket: string;
-  objectKey: string;
-  objectUrl: string;
-  expiresInSeconds: number;
-  quota: {
-    totalBytes: string;
-    usedBytes: string;
-    remainingBytes: string;
-  };
-  headers: {
-    "Content-Type": string;
-  };
-};
-
-export type AttachmentResponse = {
-  id: string;
-  taskId: string | null;
-  type: AttachmentType;
-  url: string;
-  mimeType: string | null;
-  fileName: string | null;
-  fileSize: number;
-  width: number | null;
-  height: number | null;
-  durationMs: number | null;
-  checksum: string | null;
-  createdAt: string;
-  updatedAt: string;
-};
-
-@Injectable()
-export class AttachmentService {
-  private s3Client: S3Client | null = null;
-
-  constructor(
-    private readonly configService: ConfigService,
-    private readonly prismaService: PrismaService
-  ) {}
-
-  async presignAttachment(
-    userId: string,
-    body: PresignAttachmentDto
-  ): Promise<PresignAttachmentResponse> {
-    const quotaInfo = await this.getQuotaSnapshot(userId);
-    this.assertQuotaAvailable(quotaInfo.totalBytes, quotaInfo.usedBytes, body.fileSize);
-
-    if (body.taskId) {
-      await this.ensureTaskOwnership(userId, body.taskId);
-    }
-
-    const bucket = this.getDefaultBucket();
-    const objectKey = this.generateObjectKey(userId, body.fileName);
-    const objectUrl = this.resolveObjectUrl(bucket, objectKey);
-    const expiresInSeconds = this.getPresignExpiresInSeconds();
-
-    const command = new PutObjectCommand({
-      Bucket: bucket,
-      Key: objectKey,
-      ContentType: body.mimeType,
-      ContentLength: body.fileSize
-    });
-
-    const uploadUrl = await getSignedUrl(this.getS3Client(), command, {
-      expiresIn: expiresInSeconds
-    });
-
-    return {
-      method: "PUT",
-      uploadUrl,
-      bucket,
-      objectKey,
-      objectUrl,
-      expiresInSeconds,
-      quota: {
-        totalBytes: quotaInfo.totalBytes.toString(),
-        usedBytes: quotaInfo.usedBytes.toString(),
-        remainingBytes: (quotaInfo.totalBytes - quotaInfo.usedBytes).toString()
-      },
-      headers: {
-        "Content-Type": body.mimeType
-      }
-    };
-  }
-
-  async completeAttachment(
-    userId: string,
-    body: CompleteAttachmentDto
-  ): Promise<AttachmentResponse> {
-    if (body.taskId) {
-      await this.ensureTaskOwnership(userId, body.taskId);
-    }
-
-    const bucket = body.bucket ?? this.getDefaultBucket();
-    const objectUrl = this.resolveObjectUrl(bucket, body.objectKey);
-
-    const attachment = await this.prismaService.$transaction(async (tx) => {
-      const quotaInfo = await this.getQuotaSnapshot(userId, tx);
-      this.assertQuotaAvailable(quotaInfo.totalBytes, quotaInfo.usedBytes, body.fileSize);
-
-      const uploadBytes = BigInt(body.fileSize);
-      const maxUsedBeforeUpload = quotaInfo.totalBytes - uploadBytes;
-      const updatedUser = await tx.user.updateMany({
-        where: {
-          id: userId,
-          usedStorageBytes: {
-            lte: maxUsedBeforeUpload
-          }
-        },
-        data: {
-          usedStorageBytes: {
-            increment: uploadBytes
-          }
-        }
-      });
-      if (updatedUser.count === 0) {
-        throw new PayloadTooLargeException("存储配额不足");
-      }
-
-      return tx.attachment.create({
-        data: {
-          userId,
-          taskId: body.taskId ?? null,
-          type: body.type ?? this.resolveAttachmentType(body.mimeType),
-          url: objectUrl,
-          mimeType: body.mimeType,
-          fileName: body.fileName,
-          fileSize: body.fileSize,
-          width: body.width ?? null,
-          height: body.height ?? null,
-          durationMs: body.durationMs ?? null,
-          checksum: body.checksum ?? null
-        }
-      });
-    });
-
-    return {
-      id: attachment.id,
-      taskId: attachment.taskId,
-      type: attachment.type,
-      url: attachment.url,
-      mimeType: attachment.mimeType,
-      fileName: attachment.fileName,
-      fileSize: attachment.fileSize,
-      width: attachment.width,
-      height: attachment.height,
-      durationMs: attachment.durationMs,
-      checksum: attachment.checksum,
-      createdAt: attachment.createdAt.toISOString(),
-      updatedAt: attachment.updatedAt.toISOString()
-    };
-  }
-
-  private getS3Client(): S3Client {
-    if (this.s3Client) {
-      return this.s3Client;
-    }
-
-    const endpoint = this.configService.get<string>("S3_ENDPOINT") ?? "http://127.0.0.1:9000";
-    const region = this.configService.get<string>("S3_REGION") ?? "us-east-1";
-    const forcePathStyle =
-      this.configService.get<string>("S3_FORCE_PATH_STYLE")?.toLowerCase() !== "false";
-
-    this.s3Client = new S3Client({
-      endpoint,
-      region,
-      forcePathStyle,
-      credentials: {
-        accessKeyId: this.configService.get<string>("S3_ACCESS_KEY_ID") ?? "minioadmin",
-        secretAccessKey: this.configService.get<string>("S3_SECRET_ACCESS_KEY") ?? "minioadmin"
-      }
-    });
-
-    return this.s3Client;
-  }
-
-  private getDefaultBucket(): string {
-    return this.configService.get<string>("S3_BUCKET") ?? "todolist";
-  }
-
-  private getPresignExpiresInSeconds(): number {
-    const configValue = Number(this.configService.get<string>("S3_PRESIGN_EXPIRES_SECONDS") ?? 900);
-    if (!Number.isFinite(configValue) || configValue <= 0) {
-      return 900;
-    }
-
-    return Math.min(configValue, 604800);
-  }
-
-  private generateObjectKey(userId: string, fileName: string): string {
-    const safeFileName = fileName.replace(/[^\w.-]+/g, "_");
-    const datePrefix = new Date().toISOString().slice(0, 10);
-    return `${userId}/${datePrefix}/${randomUUID()}-${safeFileName}`;
-  }
-
-  private resolveObjectUrl(bucket: string, objectKey: string): string {
-    const publicBaseUrl = this.configService.get<string>("S3_PUBLIC_BASE_URL");
-    if (publicBaseUrl) {
-      return `${publicBaseUrl.replace(/\/+$/, "")}/${bucket}/${objectKey}`;
-    }
-
-    const endpoint = this.configService.get<string>("S3_ENDPOINT") ?? "http://127.0.0.1:9000";
-    return `${endpoint.replace(/\/+$/, "")}/${bucket}/${objectKey}`;
-  }
-
-  private resolveAttachmentType(mimeType: string): AttachmentType {
-    if (mimeType.startsWith("image/")) {
-      return AttachmentType.IMAGE;
-    }
-
-    if (mimeType.startsWith("video/")) {
-      return AttachmentType.VIDEO;
-    }
-
-    return AttachmentType.FILE;
-  }
-
-  private async ensureTaskOwnership(userId: string, taskId: string): Promise<void> {
-    const task = await this.prismaService.task.findFirst({
-      where: {
-        id: taskId,
-        userId
-      },
-      select: {
-        id: true
-      }
-    });
-
-    if (!task) {
-      throw new NotFoundException("任务不存在");
-    }
-  }
-
-  private async getQuotaSnapshot(
-    userId: string,
-    tx: Pick<PrismaService, "user"> = this.prismaService
-  ): Promise<QuotaInfo> {
-    const user = await tx.user.findUnique({
-      where: {
-        id: userId
-      },
-      select: {
-        id: true,
-        defaultStorageQuotaMb: true,
-        usedStorageBytes: true
-      }
-    });
-
-    if (!user) {
-      throw new NotFoundException("用户不存在");
-    }
-
-    return {
-      totalBytes: BigInt(user.defaultStorageQuotaMb) * 1024n * 1024n,
-      usedBytes: user.usedStorageBytes
-    };
-  }
-
-  private assertQuotaAvailable(totalBytes: bigint, usedBytes: bigint, fileSize: number): void {
-    const uploadBytes = BigInt(fileSize);
-    if (uploadBytes > totalBytes || usedBytes + uploadBytes > totalBytes) {
-      throw new PayloadTooLargeException("存储配额不足");
-    }
-  }
-}

apps/api/src/attachment/dto/complete-attachment.dto.ts

@@ -1,89 +0,0 @@
-import { Transform, Type } from "class-transformer";
-import {
-  IsEnum,
-  IsInt,
-  IsOptional,
-  IsString,
-  Max,
-  MaxLength,
-  Min,
-  MinLength
-} from "class-validator";
-import { AttachmentType } from "../../../generated/prisma/client";
-
-function normalizeString(value: unknown): unknown {
-  if (typeof value !== "string") {
-    return value;
-  }
-
-  return value.trim();
-}
-
-export class CompleteAttachmentDto {
-  @Transform(({ value }) => normalizeString(value))
-  @IsString()
-  @MinLength(1)
-  @MaxLength(255)
-  objectKey!: string;
-
-  @Transform(({ value }) => normalizeString(value))
-  @IsOptional()
-  @IsString()
-  @MaxLength(100)
-  bucket?: string;
-
-  @Transform(({ value }) => normalizeString(value))
-  @IsString()
-  @MinLength(1)
-  @MaxLength(255)
-  fileName!: string;
-
-  @Transform(({ value }) => normalizeString(value))
-  @IsString()
-  @MinLength(1)
-  @MaxLength(255)
-  mimeType!: string;
-
-  @Type(() => Number)
-  @IsInt()
-  @Min(1)
-  @Max(1073741824)
-  fileSize!: number;
-
-  @IsOptional()
-  @IsEnum(AttachmentType)
-  type?: AttachmentType;
-
-  @Transform(({ value }) => normalizeString(value))
-  @IsOptional()
-  @IsString()
-  @MaxLength(255)
-  taskId?: string;
-
-  @Transform(({ value }) => normalizeString(value))
-  @IsOptional()
-  @IsString()
-  @MaxLength(128)
-  checksum?: string;
-
-  @Type(() => Number)
-  @IsOptional()
-  @IsInt()
-  @Min(1)
-  @Max(100000)
-  width?: number;
-
-  @Type(() => Number)
-  @IsOptional()
-  @IsInt()
-  @Min(1)
-  @Max(100000)
-  height?: number;
-
-  @Type(() => Number)
-  @IsOptional()
-  @IsInt()
-  @Min(1)
-  @Max(86400000)
-  durationMs?: number;
-}

apps/api/src/attachment/dto/presign-attachment.dto.ts

@@ -1,35 +0,0 @@
-import { Transform } from "class-transformer";
-import { IsInt, IsOptional, IsString, Max, MaxLength, Min, MinLength } from "class-validator";
-
-function normalizeString(value: unknown): unknown {
-  if (typeof value !== "string") {
-    return value;
-  }
-
-  return value.trim();
-}
-
-export class PresignAttachmentDto {
-  @Transform(({ value }) => normalizeString(value))
-  @IsString()
-  @MinLength(1)
-  @MaxLength(255)
-  fileName!: string;
-
-  @Transform(({ value }) => normalizeString(value))
-  @IsString()
-  @MinLength(1)
-  @MaxLength(255)
-  mimeType!: string;
-
-  @IsInt()
-  @Min(1)
-  @Max(1073741824)
-  fileSize!: number;
-
-  @Transform(({ value }) => normalizeString(value))
-  @IsOptional()
-  @IsString()
-  @MaxLength(255)
-  taskId?: string;
-}

apps/api/src/auth/auth-mail.service.ts

@@ -1,131 +0,0 @@
-import {
-  Injectable,
-  InternalServerErrorException,
-  Logger,
-  ServiceUnavailableException
-} from "@nestjs/common";
-import { ConfigService } from "@nestjs/config";
-import { createTransport, type Transporter } from "nodemailer";
-
-type MailRuntimeConfig = {
-  host: string;
-  port: number;
-  secure: boolean;
-  user: string;
-  pass: string;
-  fromName: string;
-  fromAddress: string;
-};
-
-@Injectable()
-export class AuthMailService {
-  private readonly logger = new Logger(AuthMailService.name);
-  private cachedConfig: MailRuntimeConfig | null = null;
-  private transporter: Transporter | null = null;
-
-  constructor(private readonly configService: ConfigService) {}
-
-  async sendLoginCode(email: string, code: string, ttlSeconds: number): Promise<void> {
-    const config = this.getRuntimeConfig();
-    const transporter = this.getTransporter(config);
-
-    try {
-      await transporter.sendMail({
-        from: this.resolveFromField(config),
-        to: email,
-        subject: "TodoList 登录验证码",
-        text: `你的验证码是 ${code}，${ttlSeconds} 秒内有效。`,
-        html: `<p>你的验证码是 <strong>${code}</strong>，${ttlSeconds} 秒内有效。</p>`
-      });
-    } catch (error) {
-      this.logger.error(
-        `验证码邮件发送失败: ${email}`,
-        error instanceof Error ? error.stack : undefined
-      );
-      throw new ServiceUnavailableException("验证码邮件发送失败，请稍后重试");
-    }
-  }
-
-  private getTransporter(config: MailRuntimeConfig): Transporter {
-    if (this.transporter) {
-      return this.transporter;
-    }
-
-    this.transporter = createTransport({
-      host: config.host,
-      port: config.port,
-      secure: config.secure,
-      auth: {
-        user: config.user,
-        pass: config.pass
-      }
-    });
-
-    return this.transporter;
-  }
-
-  private getRuntimeConfig(): MailRuntimeConfig {
-    if (this.cachedConfig) {
-      return this.cachedConfig;
-    }
-
-    const host = this.getRequiredString("MAIL_SMTP_HOST");
-    const port = this.getRequiredNumber("MAIL_SMTP_PORT");
-    const secure = this.getBoolean("MAIL_SMTP_SECURE", port === 465);
-    const user = this.getRequiredString("MAIL_SMTP_USER");
-    const pass = this.getRequiredString("MAIL_SMTP_PASS");
-    const fromName = this.configService.get<string>("MAIL_FROM_NAME")?.trim() || "TodoList";
-    const fromAddress = this.configService.get<string>("MAIL_FROM_ADDRESS")?.trim() || user;
-
-    const config: MailRuntimeConfig = {
-      host,
-      port,
-      secure,
-      user,
-      pass,
-      fromName,
-      fromAddress
-    };
-
-    this.cachedConfig = config;
-    return config;
-  }
-
-  private getRequiredString(key: string): string {
-    const value = this.configService.get<string>(key)?.trim();
-    if (!value) {
-      throw new InternalServerErrorException(`邮件配置缺失: ${key}`);
-    }
-
-    return value;
-  }
-
-  private getRequiredNumber(key: string): number {
-    const rawValue = this.configService.get<string>(key)?.trim();
-    if (!rawValue) {
-      throw new InternalServerErrorException(`邮件配置缺失: ${key}`);
-    }
-
-    const parsedValue = Number(rawValue);
-    if (!Number.isFinite(parsedValue)) {
-      throw new InternalServerErrorException(`邮件配置格式错误: ${key}`);
-    }
-
-    return parsedValue;
-  }
-
-  private getBoolean(key: string, fallback: boolean): boolean {
-    const rawValue = this.configService.get<string>(key);
-    if (!rawValue) {
-      return fallback;
-    }
-
-    const normalizedValue = rawValue.trim().toLowerCase();
-    return normalizedValue === "true" || normalizedValue === "1";
-  }
-
-  private resolveFromField(config: MailRuntimeConfig): string {
-    const sanitizedName = config.fromName.replace(/"/g, "");
-    return `"${sanitizedName}" <${config.fromAddress}>`;
-  }
-}

apps/api/src/auth/auth.controller.ts

@@ -14,7 +14,7 @@ export class AuthController {
   @Post("email/send-code")
   async sendEmailCode(
     @Body() body: SendEmailCodeDto
-  ): Promise<{ success: boolean; expiresInSeconds: number }> {
+  ): Promise<{ success: boolean; expiresInSeconds: number; debugCode: string }> {
     return this.authService.sendEmailCode(body.email);
   }
 

apps/api/src/auth/auth.module.ts

@@ -3,7 +3,6 @@ import { ConfigModule, ConfigService } from "@nestjs/config";
 import { JwtModule } from "@nestjs/jwt";
 import { PassportModule } from "@nestjs/passport";
 import { AuthController } from "./auth.controller";
-import { AuthMailService } from "./auth-mail.service";
 import { AuthService } from "./auth.service";
 import { GithubStrategy } from "./strategies/github.strategy";
 import { QqStrategy } from "./strategies/qq.strategy";
@@ -28,6 +27,6 @@ import { WechatStrategy } from "./strategies/wechat.strategy";
     })
   ],
   controllers: [AuthController],
-  providers: [AuthService, AuthMailService, GithubStrategy, QqStrategy, WechatStrategy]
+  providers: [AuthService, GithubStrategy, QqStrategy, WechatStrategy]
 })
 export class AuthModule {}

apps/api/src/auth/auth.service.ts

@@ -3,8 +3,6 @@ import { ConfigService } from "@nestjs/config";
 import { JwtService } from "@nestjs/jwt";
 import { randomUUID } from "node:crypto";
 import { authenticator } from "@otplib/preset-default";
-import { AuthMailService } from "./auth-mail.service";
-import { PrismaService } from "../prisma/prisma.service";
 
 type EmailCodeEntry = {
   code: string;
@@ -16,6 +14,17 @@ type AuthUser = {
   email: string;
 };
 
+type RefreshTokenEntry = {
+  userId: string;
+  expiresAt: number;
+  revokedAt?: number;
+};
+
+type TwoFactorEntry = {
+  secret: string;
+  enabled: boolean;
+};
+
 type AuthTokenResult = {
   accessToken: string;
   tokenType: "Bearer";
@@ -28,26 +37,29 @@ type AuthTokenResult = {
 @Injectable()
 export class AuthService {
   private readonly emailCodeStore = new Map<string, EmailCodeEntry>();
+  private readonly userStoreByEmail = new Map<string, AuthUser>();
+  private readonly userStoreById = new Map<string, AuthUser>();
+  private readonly refreshTokenStore = new Map<string, RefreshTokenEntry>();
+  private readonly twoFactorStore = new Map<string, TwoFactorEntry>();
 
   constructor(
     private readonly configService: ConfigService,
-    private readonly jwtService: JwtService,
-    private readonly authMailService: AuthMailService,
-    private readonly prismaService: PrismaService
+    private readonly jwtService: JwtService
   ) {}
 
-  async sendEmailCode(email: string): Promise<{ success: boolean; expiresInSeconds: number }> {
+  async sendEmailCode(
+    email: string
+  ): Promise<{ success: boolean; expiresInSeconds: number; debugCode: string }> {
     const ttlSeconds = Number(this.configService.get("AUTH_EMAIL_CODE_TTL_SECONDS") ?? 300);
     const code = this.generateCode();
     const expiresAt = Date.now() + ttlSeconds * 1000;
-    const normalizedEmail = email.toLowerCase();
 
-    await this.authMailService.sendLoginCode(normalizedEmail, code, ttlSeconds);
-    this.emailCodeStore.set(normalizedEmail, { code, expiresAt });
+    this.emailCodeStore.set(email.toLowerCase(), { code, expiresAt });
 
     return {
       success: true,
-      expiresInSeconds: ttlSeconds
+      expiresInSeconds: ttlSeconds,
+      debugCode: code
     };
   }
 
@@ -70,92 +82,53 @@ export class AuthService {
 
     this.emailCodeStore.delete(lowerEmail);
 
-    const user = await this.getOrCreateUser(lowerEmail);
+    const user = this.getOrCreateUser(lowerEmail);
     return this.issueTokens(user);
   }
 
   async refreshTokens(refreshToken: string): Promise<AuthTokenResult> {
-    const entry = await this.prismaService.refreshToken.findUnique({
-      where: {
-        tokenHash: refreshToken
-      },
-      include: {
-        user: {
-          select: {
-            id: true,
-            email: true
-          }
-        }
-      }
-    });
-
+    const entry = this.refreshTokenStore.get(refreshToken);
     if (!entry) {
       throw new UnauthorizedException("刷新令牌不存在");
     }
-
     if (entry.revokedAt) {
       throw new UnauthorizedException("刷新令牌已注销");
     }
-
-    if (entry.expiresAt.getTime() < Date.now()) {
-      await this.prismaService.refreshToken.update({
-        where: {
-          id: entry.id
-        },
-        data: {
-          revokedAt: new Date()
-        }
-      });
+    if (entry.expiresAt < Date.now()) {
+      this.refreshTokenStore.delete(refreshToken);
       throw new UnauthorizedException("刷新令牌已过期");
     }
 
-    await this.prismaService.refreshToken.update({
-      where: {
-        id: entry.id
-      },
-      data: {
-        revokedAt: new Date()
+    const user = this.userStoreById.get(entry.userId);
+    if (!user) {
+      throw new UnauthorizedException("用户不存在");
     }
-    });
 
-    return this.issueTokens(entry.user);
+    entry.revokedAt = Date.now();
+    return this.issueTokens(user);
   }
 
   async revokeRefreshToken(refreshToken: string): Promise<{ success: boolean }> {
-    await this.prismaService.refreshToken.updateMany({
-      where: {
-        tokenHash: refreshToken,
-        revokedAt: null
-      },
-      data: {
-        revokedAt: new Date()
+    const entry = this.refreshTokenStore.get(refreshToken);
+    if (!entry) {
+      return { success: true };
     }
-    });
 
+    entry.revokedAt = Date.now();
     return { success: true };
   }
 
   async enrollTwoFactor(
     email: string
   ): Promise<{ userId: string; secret: string; otpauthUrl: string; enabled: boolean }> {
-    const user = await this.getOrCreateUser(email.toLowerCase());
+    const user = this.getOrCreateUser(email.toLowerCase());
     const secret = authenticator.generateSecret();
     const issuer = this.configService.get<string>("AUTH_TOTP_ISSUER") ?? "TodoList";
     const otpauthUrl = authenticator.keyuri(user.email, issuer, secret);
 
-    await this.prismaService.userSecurity.upsert({
-      where: {
-        userId: user.id
-      },
-      update: {
-        twoFactorSecret: secret,
-        twoFactorEnabled: false
-      },
-      create: {
-        userId: user.id,
-        twoFactorSecret: secret,
-        twoFactorEnabled: false
-      }
+    this.twoFactorStore.set(user.id, {
+      secret,
+      enabled: false
     });
 
     return {
@@ -170,54 +143,38 @@ export class AuthService {
     email: string,
     token: string
   ): Promise<{ success: boolean; enabled: boolean }> {
-    const user = await this.getOrCreateUser(email.toLowerCase());
-    const security = await this.prismaService.userSecurity.findUnique({
-      where: {
-        userId: user.id
-      },
-      select: {
-        twoFactorSecret: true
-      }
-    });
-
-    if (!security?.twoFactorSecret) {
+    const user = this.getOrCreateUser(email.toLowerCase());
+    const entry = this.twoFactorStore.get(user.id);
+    if (!entry) {
       throw new UnauthorizedException("尚未启用两步验证");
     }
 
-    const valid = authenticator.check(token, security.twoFactorSecret);
+    const valid = authenticator.check(token, entry.secret);
     if (!valid) {
       throw new UnauthorizedException("两步验证码错误");
     }
 
-    await this.prismaService.userSecurity.update({
-      where: {
-        userId: user.id
-      },
-      data: {
-        twoFactorEnabled: true
-      }
-    });
-
+    entry.enabled = true;
     return {
       success: true,
       enabled: true
     };
   }
 
-  private async getOrCreateUser(email: string): Promise<AuthUser> {
-    return this.prismaService.user.upsert({
-      where: {
-        email
-      },
-      update: {},
-      create: {
-        email
-      },
-      select: {
-        id: true,
-        email: true
+  private getOrCreateUser(email: string): AuthUser {
+    const existingUser = this.userStoreByEmail.get(email);
+    if (existingUser) {
+      return existingUser;
     }
-    });
+
+    const newUser = {
+      id: randomUUID(),
+      email
+    };
+    this.userStoreByEmail.set(email, newUser);
+    this.userStoreById.set(newUser.id, newUser);
+
+    return newUser;
   }
 
   private generateCode(): string {
@@ -237,12 +194,9 @@ export class AuthService {
     });
     const refreshToken = `${randomUUID()}${randomUUID()}`;
 
-    await this.prismaService.refreshToken.create({
-      data: {
+    this.refreshTokenStore.set(refreshToken, {
       userId: user.id,
-        tokenHash: refreshToken,
-        expiresAt: new Date(Date.now() + refreshExpiresInSeconds * 1000)
-      }
+      expiresAt: Date.now() + refreshExpiresInSeconds * 1000
     });
 
     return {

apps/api/src/main.ts

@@ -5,10 +5,6 @@ import { AppModule } from "./app.module";
 
 async function bootstrap(): Promise<void> {
   const app = await NestFactory.create(AppModule);
-  app.enableCors({
-    origin: true,
-    credentials: true
-  });
   app.useGlobalPipes(
     new ValidationPipe({
       transform: true,

apps/api/src/prisma/prisma.module.ts

@@ -1,9 +0,0 @@
-import { Global, Module } from "@nestjs/common";
-import { PrismaService } from "./prisma.service";
-
-@Global()
-@Module({
-  providers: [PrismaService],
-  exports: [PrismaService]
-})
-export class PrismaModule {}

apps/api/src/prisma/prisma.service.ts

@@ -1,28 +0,0 @@
-import { Injectable, OnModuleDestroy, OnModuleInit } from "@nestjs/common";
-import { ConfigService } from "@nestjs/config";
-import { PrismaPg } from "@prisma/adapter-pg";
-import { PrismaClient } from "../../generated/prisma/client";
-
-@Injectable()
-export class PrismaService extends PrismaClient implements OnModuleInit, OnModuleDestroy {
-  constructor(configService: ConfigService) {
-    const connectionString = configService.get<string>("DATABASE_URL");
-    if (!connectionString) {
-      throw new Error("缺少数据库连接配置 DATABASE_URL");
-    }
-
-    super({
-      adapter: new PrismaPg({
-        connectionString
-      })
-    });
-  }
-
-  async onModuleInit(): Promise<void> {
-    await this.$connect();
-  }
-
-  async onModuleDestroy(): Promise<void> {
-    await this.$disconnect();
-  }
-}

apps/api/src/task/dto/create-task.dto.ts

@@ -1,64 +0,0 @@
-import { Transform } from "class-transformer";
-import {
-  IsArray,
-  IsDateString,
-  IsEnum,
-  IsObject,
-  IsOptional,
-  IsString,
-  MaxLength,
-  MinLength
-} from "class-validator";
-import { TaskPriority, TaskStatus } from "../../../generated/prisma/client";
-
-function normalizeString(value: unknown): unknown {
-  if (typeof value !== "string") {
-    return value;
-  }
-
-  return value.trim();
-}
-
-export class CreateTaskDto {
-  @Transform(({ value }) => normalizeString(value))
-  @IsString()
-  @MinLength(1)
-  @MaxLength(120)
-  title!: string;
-
-  @IsOptional()
-  @IsObject()
-  contentJson?: Record<string, unknown>;
-
-  @Transform(({ value }) => normalizeString(value))
-  @IsOptional()
-  @IsString()
-  @MaxLength(20000)
-  contentText?: string;
-
-  @IsOptional()
-  @IsEnum(TaskPriority)
-  priority?: TaskPriority;
-
-  @IsOptional()
-  @IsEnum(TaskStatus)
-  status?: TaskStatus;
-
-  @IsOptional()
-  @IsDateString()
-  ddl?: string;
-
-  @Transform(({ value }) => {
-    if (!Array.isArray(value)) {
-      return value;
-    }
-
-    return value.map((item) => normalizeString(item));
-  })
-  @IsOptional()
-  @IsArray()
-  @IsString({ each: true })
-  @MinLength(1, { each: true })
-  @MaxLength(30, { each: true })
-  tagNames?: string[];
-}

apps/api/src/task/dto/list-tasks-query.dto.ts

@@ -1,92 +0,0 @@
-import { Transform, Type } from "class-transformer";
-import { IsArray, IsEnum, IsInt, IsOptional, IsString, Max, MaxLength, Min } from "class-validator";
-import { TaskPriority, TaskStatus } from "../../../generated/prisma/client";
-
-export enum TaskSortBy {
-  CREATED_AT = "createdAt",
-  UPDATED_AT = "updatedAt",
-  DDL = "ddl"
-}
-
-export enum TaskSortOrder {
-  ASC = "asc",
-  DESC = "desc"
-}
-
-function normalizeString(value: unknown): string | undefined {
-  if (typeof value !== "string") {
-    return undefined;
-  }
-
-  const normalized = value.trim();
-  if (!normalized) {
-    return undefined;
-  }
-
-  return normalized;
-}
-
-export class ListTasksQueryDto {
-  @IsOptional()
-  @IsEnum(TaskStatus)
-  status?: TaskStatus;
-
-  @IsOptional()
-  @IsEnum(TaskPriority)
-  priority?: TaskPriority;
-
-  @Transform(({ value }) => {
-    if (value === undefined || value === null || value === "") {
-      return undefined;
-    }
-
-    if (Array.isArray(value)) {
-      const normalized = value
-        .map((item) => normalizeString(item))
-        .filter((item): item is string => item !== undefined);
-      return normalized.length > 0 ? normalized : undefined;
-    }
-
-    if (typeof value === "string") {
-      const normalized = value
-        .split(",")
-        .map((item) => normalizeString(item))
-        .filter((item): item is string => item !== undefined);
-      return normalized.length > 0 ? normalized : undefined;
-    }
-
-    return undefined;
-  })
-  @IsOptional()
-  @IsArray()
-  @IsString({ each: true })
-  @MaxLength(30, { each: true })
-  tags?: string[];
-
-  @Transform(({ value }) => normalizeString(value))
-  @IsOptional()
-  @IsString()
-  @MaxLength(120)
-  keyword?: string;
-
-  @Type(() => Number)
-  @IsOptional()
-  @IsInt()
-  @Min(1)
-  page?: number;
-
-  @Type(() => Number)
-  @IsOptional()
-  @IsInt()
-  @Min(1)
-  @Max(100)
-  pageSize?: number;
-
-  @IsOptional()
-  @IsEnum(TaskSortBy)
-  sortBy?: TaskSortBy;
-
-  @IsOptional()
-  @IsEnum(TaskSortOrder)
-  sortOrder?: TaskSortOrder;
-}

apps/api/src/task/dto/update-task.dto.ts

@@ -1,65 +0,0 @@
-import { Transform } from "class-transformer";
-import {
-  IsArray,
-  IsDateString,
-  IsEnum,
-  IsObject,
-  IsOptional,
-  IsString,
-  MaxLength,
-  MinLength
-} from "class-validator";
-import { TaskPriority, TaskStatus } from "../../../generated/prisma/client";
-
-function normalizeString(value: unknown): unknown {
-  if (typeof value !== "string") {
-    return value;
-  }
-
-  return value.trim();
-}
-
-export class UpdateTaskDto {
-  @Transform(({ value }) => normalizeString(value))
-  @IsOptional()
-  @IsString()
-  @MinLength(1)
-  @MaxLength(120)
-  title?: string;
-
-  @IsOptional()
-  @IsObject()
-  contentJson?: Record<string, unknown>;
-
-  @Transform(({ value }) => normalizeString(value))
-  @IsOptional()
-  @IsString()
-  @MaxLength(20000)
-  contentText?: string;
-
-  @IsOptional()
-  @IsEnum(TaskPriority)
-  priority?: TaskPriority;
-
-  @IsOptional()
-  @IsEnum(TaskStatus)
-  status?: TaskStatus;
-
-  @IsOptional()
-  @IsDateString()
-  ddl?: string;
-
-  @Transform(({ value }) => {
-    if (!Array.isArray(value)) {
-      return value;
-    }
-
-    return value.map((item) => normalizeString(item));
-  })
-  @IsOptional()
-  @IsArray()
-  @IsString({ each: true })
-  @MinLength(1, { each: true })
-  @MaxLength(30, { each: true })
-  tagNames?: string[];
-}

apps/api/src/task/task.controller.ts

@@ -1,71 +0,0 @@
-import {
-  Body,
-  Controller,
-  Delete,
-  Get,
-  Headers,
-  Param,
-  Patch,
-  Post,
-  Query,
-  UnauthorizedException
-} from "@nestjs/common";
-import { CreateTaskDto } from "./dto/create-task.dto";
-import { ListTasksQueryDto } from "./dto/list-tasks-query.dto";
-import { UpdateTaskDto } from "./dto/update-task.dto";
-import { ListTasksResponse, TaskResponse, TaskService } from "./task.service";
-
-@Controller("tasks")
-export class TaskController {
-  constructor(private readonly taskService: TaskService) {}
-
-  @Get()
-  async listTasks(
-    @Headers("x-user-id") userIdHeader: string | string[] | undefined,
-    @Query() query: ListTasksQueryDto
-  ): Promise<ListTasksResponse> {
-    return this.taskService.listTasks(this.resolveUserId(userIdHeader), query);
-  }
-
-  @Get(":taskId")
-  async getTaskById(
-    @Headers("x-user-id") userIdHeader: string | string[] | undefined,
-    @Param("taskId") taskId: string
-  ): Promise<TaskResponse> {
-    return this.taskService.getTaskById(this.resolveUserId(userIdHeader), taskId);
-  }
-
-  @Post()
-  async createTask(
-    @Headers("x-user-id") userIdHeader: string | string[] | undefined,
-    @Body() body: CreateTaskDto
-  ): Promise<TaskResponse> {
-    return this.taskService.createTask(this.resolveUserId(userIdHeader), body);
-  }
-
-  @Patch(":taskId")
-  async updateTask(
-    @Headers("x-user-id") userIdHeader: string | string[] | undefined,
-    @Param("taskId") taskId: string,
-    @Body() body: UpdateTaskDto
-  ): Promise<TaskResponse> {
-    return this.taskService.updateTask(this.resolveUserId(userIdHeader), taskId, body);
-  }
-
-  @Delete(":taskId")
-  async deleteTask(
-    @Headers("x-user-id") userIdHeader: string | string[] | undefined,
-    @Param("taskId") taskId: string
-  ): Promise<{ success: boolean }> {
-    return this.taskService.deleteTask(this.resolveUserId(userIdHeader), taskId);
-  }
-
-  private resolveUserId(userIdHeader: string | string[] | undefined): string {
-    const userId = Array.isArray(userIdHeader) ? userIdHeader[0] : userIdHeader;
-    if (!userId) {
-      throw new UnauthorizedException("缺少用户上下文");
-    }
-
-    return userId;
-  }
-}

apps/api/src/task/task.module.ts

@@ -1,11 +0,0 @@
-import { Module } from "@nestjs/common";
-import { PrismaModule } from "../prisma/prisma.module";
-import { TaskController } from "./task.controller";
-import { TaskService } from "./task.service";
-
-@Module({
-  imports: [PrismaModule],
-  controllers: [TaskController],
-  providers: [TaskService]
-})
-export class TaskModule {}

apps/api/src/task/task.service.ts

@@ -1,390 +0,0 @@
-import { Injectable, NotFoundException } from "@nestjs/common";
-import { Prisma, TaskPriority, TaskStatus } from "../../generated/prisma/client";
-import { PrismaService } from "../prisma/prisma.service";
-import { CreateTaskDto } from "./dto/create-task.dto";
-import { ListTasksQueryDto, TaskSortBy, TaskSortOrder } from "./dto/list-tasks-query.dto";
-import { UpdateTaskDto } from "./dto/update-task.dto";
-
-type TaskEntity = Prisma.TaskGetPayload<{
-  include: {
-    taskTags: {
-      include: {
-        tag: {
-          select: {
-            name: true;
-          };
-        };
-      };
-    };
-  };
-}>;
-
-export type TaskResponse = {
-  id: string;
-  title: string;
-  contentJson: unknown | null;
-  contentText: string | null;
-  priority: TaskPriority;
-  status: TaskStatus;
-  ddl: string | null;
-  completedAt: string | null;
-  version: number;
-  tags: string[];
-  createdAt: string;
-  updatedAt: string;
-};
-
-export type ListTasksResponse = {
-  items: TaskResponse[];
-  page: number;
-  pageSize: number;
-  total: number;
-};
-
-@Injectable()
-export class TaskService {
-  constructor(private readonly prismaService: PrismaService) {}
-
-  async listTasks(userId: string, query: ListTasksQueryDto): Promise<ListTasksResponse> {
-    const page = query.page ?? 1;
-    const pageSize = query.pageSize ?? 20;
-    const skip = (page - 1) * pageSize;
-
-    const where = this.buildWhereInput(userId, query);
-    const orderBy = this.buildOrderByInput(query);
-
-    const [items, total] = await Promise.all([
-      this.prismaService.task.findMany({
-        where,
-        orderBy,
-        skip,
-        take: pageSize,
-        include: {
-          taskTags: {
-            include: {
-              tag: {
-                select: {
-                  name: true
-                }
-              }
-            }
-          }
-        }
-      }),
-      this.prismaService.task.count({ where })
-    ]);
-
-    return {
-      items: items.map((item) => this.serializeTask(item)),
-      page,
-      pageSize,
-      total
-    };
-  }
-
-  async getTaskById(userId: string, taskId: string): Promise<TaskResponse> {
-    const task = await this.prismaService.task.findFirst({
-      where: {
-        id: taskId,
-        userId
-      },
-      include: {
-        taskTags: {
-          include: {
-            tag: {
-              select: {
-                name: true
-              }
-            }
-          }
-        }
-      }
-    });
-
-    if (!task) {
-      throw new NotFoundException("任务不存在");
-    }
-
-    return this.serializeTask(task);
-  }
-
-  async createTask(userId: string, body: CreateTaskDto): Promise<TaskResponse> {
-    const tagNames = this.normalizeTagNames(body.tagNames);
-    const nextStatus = body.status ?? TaskStatus.TODO;
-    const contentJson =
-      body.contentJson !== undefined ? (body.contentJson as Prisma.InputJsonValue) : undefined;
-
-    const task = await this.prismaService.$transaction(async (tx) => {
-      const createdTask = await tx.task.create({
-        data: {
-          userId,
-          title: body.title,
-          contentJson,
-          contentText: body.contentText ?? null,
-          priority: body.priority ?? TaskPriority.MEDIUM,
-          status: nextStatus,
-          ddl: body.ddl ? new Date(body.ddl) : null,
-          completedAt: nextStatus === TaskStatus.DONE ? new Date() : null
-        }
-      });
-
-      await this.replaceTaskTags(tx, userId, createdTask.id, tagNames);
-
-      return tx.task.findUniqueOrThrow({
-        where: { id: createdTask.id },
-        include: {
-          taskTags: {
-            include: {
-              tag: {
-                select: {
-                  name: true
-                }
-              }
-            }
-          }
-        }
-      });
-    });
-
-    return this.serializeTask(task);
-  }
-
-  async updateTask(userId: string, taskId: string, body: UpdateTaskDto): Promise<TaskResponse> {
-    const currentTask = await this.prismaService.task.findFirst({
-      where: {
-        id: taskId,
-        userId
-      },
-      select: {
-        id: true,
-        status: true
-      }
-    });
-
-    if (!currentTask) {
-      throw new NotFoundException("任务不存在");
-    }
-
-    const data: Prisma.TaskUpdateInput = {
-      version: {
-        increment: 1
-      }
-    };
-
-    if (body.title !== undefined) {
-      data.title = body.title;
-    }
-    if (body.contentJson !== undefined) {
-      data.contentJson = body.contentJson as Prisma.InputJsonValue;
-    }
-    if (body.contentText !== undefined) {
-      data.contentText = body.contentText;
-    }
-    if (body.priority !== undefined) {
-      data.priority = body.priority;
-    }
-    if (body.status !== undefined) {
-      data.status = body.status;
-      if (body.status === TaskStatus.DONE && currentTask.status !== TaskStatus.DONE) {
-        data.completedAt = new Date();
-      } else if (body.status !== TaskStatus.DONE) {
-        data.completedAt = null;
-      }
-    }
-    if (body.ddl !== undefined) {
-      data.ddl = body.ddl ? new Date(body.ddl) : null;
-    }
-
-    const shouldReplaceTags = body.tagNames !== undefined;
-    const nextTagNames = this.normalizeTagNames(body.tagNames);
-
-    const task = await this.prismaService.$transaction(async (tx) => {
-      await tx.task.update({
-        where: { id: taskId },
-        data
-      });
-
-      if (shouldReplaceTags) {
-        await this.replaceTaskTags(tx, userId, taskId, nextTagNames);
-      }
-
-      return tx.task.findUniqueOrThrow({
-        where: { id: taskId },
-        include: {
-          taskTags: {
-            include: {
-              tag: {
-                select: {
-                  name: true
-                }
-              }
-            }
-          }
-        }
-      });
-    });
-
-    return this.serializeTask(task);
-  }
-
-  async deleteTask(userId: string, taskId: string): Promise<{ success: boolean }> {
-    const deleted = await this.prismaService.task.deleteMany({
-      where: {
-        id: taskId,
-        userId
-      }
-    });
-
-    if (deleted.count === 0) {
-      throw new NotFoundException("任务不存在");
-    }
-
-    return { success: true };
-  }
-
-  private buildWhereInput(userId: string, query: ListTasksQueryDto): Prisma.TaskWhereInput {
-    const where: Prisma.TaskWhereInput = {
-      userId
-    };
-
-    if (query.status !== undefined) {
-      where.status = query.status;
-    }
-
-    if (query.priority !== undefined) {
-      where.priority = query.priority;
-    }
-
-    if (query.tags !== undefined && query.tags.length > 0) {
-      where.taskTags = {
-        some: {
-          tag: {
-            name: {
-              in: query.tags
-            }
-          }
-        }
-      };
-    }
-
-    if (query.keyword !== undefined && query.keyword.length > 0) {
-      where.OR = [
-        {
-          title: {
-            contains: query.keyword,
-            mode: "insensitive"
-          }
-        },
-        {
-          contentText: {
-            contains: query.keyword,
-            mode: "insensitive"
-          }
-        }
-      ];
-    }
-
-    return where;
-  }
-
-  private buildOrderByInput(query: ListTasksQueryDto): Prisma.TaskOrderByWithRelationInput {
-    const order: Prisma.SortOrder =
-      query.sortOrder === TaskSortOrder.ASC ? Prisma.SortOrder.asc : Prisma.SortOrder.desc;
-
-    if (query.sortBy === TaskSortBy.CREATED_AT) {
-      return { createdAt: order };
-    }
-
-    if (query.sortBy === TaskSortBy.DDL) {
-      return { ddl: order };
-    }
-
-    return { updatedAt: order };
-  }
-
-  private normalizeTagNames(tagNames: string[] | undefined): string[] {
-    if (!tagNames) {
-      return [];
-    }
-
-    const result: string[] = [];
-    const uniqueNames = new Set<string>();
-
-    for (const rawTagName of tagNames) {
-      const normalized = rawTagName.trim();
-      if (!normalized) {
-        continue;
-      }
-
-      const uniqueKey = normalized.toLocaleLowerCase();
-      if (uniqueNames.has(uniqueKey)) {
-        continue;
-      }
-
-      uniqueNames.add(uniqueKey);
-      result.push(normalized);
-    }
-
-    return result;
-  }
-
-  private async replaceTaskTags(
-    tx: Prisma.TransactionClient,
-    userId: string,
-    taskId: string,
-    tagNames: string[]
-  ): Promise<void> {
-    await tx.taskTag.deleteMany({
-      where: {
-        taskId
-      }
-    });
-
-    if (tagNames.length === 0) {
-      return;
-    }
-
-    const tags = await Promise.all(
-      tagNames.map((name) =>
-        tx.tag.upsert({
-          where: {
-            userId_name: {
-              userId,
-              name
-            }
-          },
-          update: {},
-          create: {
-            userId,
-            name
-          }
-        })
-      )
-    );
-
-    await tx.taskTag.createMany({
-      data: tags.map((tag) => ({
-        taskId,
-        tagId: tag.id
-      })),
-      skipDuplicates: true
-    });
-  }
-
-  private serializeTask(task: TaskEntity): TaskResponse {
-    return {
-      id: task.id,
-      title: task.title,
-      contentJson: task.contentJson,
-      contentText: task.contentText,
-      priority: task.priority,
-      status: task.status,
-      ddl: task.ddl?.toISOString() ?? null,
-      completedAt: task.completedAt?.toISOString() ?? null,
-      version: task.version,
-      tags: task.taskTags.map((taskTag) => taskTag.tag.name),
-      createdAt: task.createdAt.toISOString(),
-      updatedAt: task.updatedAt.toISOString()
-    };
-  }
-}

apps/api/test/task.spec.ts

@@ -1,464 +0,0 @@
-import request from "supertest";
-import { INestApplication, ValidationPipe } from "@nestjs/common";
-import { Test, TestingModule } from "@nestjs/testing";
-import { PrismaService } from "../src/prisma/prisma.service";
-import { TaskController } from "../src/task/task.controller";
-import { TaskService } from "../src/task/task.service";
-import { TaskPriority, TaskStatus } from "../generated/prisma/client";
-
-type TaskRecord = {
-  id: string;
-  userId: string;
-  title: string;
-  contentJson: unknown | null;
-  contentText: string | null;
-  priority: TaskPriority;
-  status: TaskStatus;
-  ddl: Date | null;
-  completedAt: Date | null;
-  version: number;
-  createdAt: Date;
-  updatedAt: Date;
-};
-
-type TagRecord = {
-  id: string;
-  userId: string;
-  name: string;
-};
-
-type TaskTagRecord = {
-  taskId: string;
-  tagId: string;
-};
-
-type ListWhereInput = {
-  userId?: string;
-  status?: TaskStatus;
-  priority?: TaskPriority;
-  taskTags?: {
-    some: {
-      tag: {
-        name: {
-          in: string[];
-        };
-      };
-    };
-  };
-  OR?: Array<{
-    title?: {
-      contains: string;
-      mode?: "insensitive";
-    };
-    contentText?: {
-      contains: string;
-      mode?: "insensitive";
-    };
-  }>;
-};
-
-class InMemoryPrismaService {
-  private taskIdSequence = 1;
-  private tagIdSequence = 1;
-  private tasks: TaskRecord[] = [];
-  private tags: TagRecord[] = [];
-  private taskTags: TaskTagRecord[] = [];
-
-  readonly task = {
-    findMany: async (args: {
-      where?: ListWhereInput;
-      orderBy?: { createdAt?: "asc" | "desc"; updatedAt?: "asc" | "desc"; ddl?: "asc" | "desc" };
-      skip?: number;
-      take?: number;
-    }) => {
-      const where = args.where;
-      const skip = args.skip ?? 0;
-      const take = args.take ?? 20;
-      let filtered = [...this.tasks];
-
-      if (where?.userId) {
-        filtered = filtered.filter((task) => task.userId === where.userId);
-      }
-      if (where?.status) {
-        filtered = filtered.filter((task) => task.status === where.status);
-      }
-      if (where?.priority) {
-        filtered = filtered.filter((task) => task.priority === where.priority);
-      }
-      if (where?.taskTags?.some.tag.name.in) {
-        const expectedTags = new Set(where.taskTags.some.tag.name.in);
-        filtered = filtered.filter((task) => {
-          const taskTagNames = this.getTaskTagNames(task.id);
-          return taskTagNames.some((tagName) => expectedTags.has(tagName));
-        });
-      }
-      if (where?.OR && where.OR.length > 0) {
-        filtered = filtered.filter((task) =>
-          where.OR!.some((orCondition) => {
-            if (orCondition.title?.contains) {
-              return task.title.toLowerCase().includes(orCondition.title.contains.toLowerCase());
-            }
-            if (orCondition.contentText?.contains) {
-              return (
-                task.contentText
-                  ?.toLowerCase()
-                  .includes(orCondition.contentText.contains.toLowerCase()) ?? false
-              );
-            }
-            return false;
-          })
-        );
-      }
-
-      if (args.orderBy) {
-        const [orderField, orderDirection] = Object.entries(args.orderBy)[0] as [
-          "createdAt" | "updatedAt" | "ddl",
-          "asc" | "desc"
-        ];
-        filtered.sort((left, right) => {
-          const leftValue = left[orderField];
-          const rightValue = right[orderField];
-
-          if (leftValue === null && rightValue === null) {
-            return 0;
-          }
-          if (leftValue === null) {
-            return 1;
-          }
-          if (rightValue === null) {
-            return -1;
-          }
-
-          const diff = leftValue.getTime() - rightValue.getTime();
-          return orderDirection === "asc" ? diff : -diff;
-        });
-      }
-
-      return filtered.slice(skip, skip + take).map((task) => this.toTaskWithTags(task));
-    },
-
-    count: async (args: { where?: ListWhereInput }) => {
-      const results = await this.task.findMany({
-        where: args.where,
-        skip: 0,
-        take: Number.MAX_SAFE_INTEGER
-      });
-      return results.length;
-    },
-
-    findFirst: async (args: {
-      where: {
-        id?: string;
-        userId?: string;
-      };
-      select?: {
-        id?: boolean;
-        status?: boolean;
-      };
-    }) => {
-      const task = this.tasks.find(
-        (item) =>
-          (args.where.id === undefined || item.id === args.where.id) &&
-          (args.where.userId === undefined || item.userId === args.where.userId)
-      );
-      if (!task) {
-        return null;
-      }
-
-      if (args.select) {
-        return {
-          id: args.select.id ? task.id : undefined,
-          status: args.select.status ? task.status : undefined
-        };
-      }
-
-      return this.toTaskWithTags(task);
-    },
-
-    create: async (args: {
-      data: {
-        userId: string;
-        title: string;
-        contentJson?: unknown;
-        contentText: string | null;
-        priority: TaskPriority;
-        status: TaskStatus;
-        ddl: Date | null;
-        completedAt: Date | null;
-      };
-    }) => {
-      const now = new Date();
-      const task: TaskRecord = {
-        id: `task_${this.taskIdSequence++}`,
-        userId: args.data.userId,
-        title: args.data.title,
-        contentJson: args.data.contentJson ?? null,
-        contentText: args.data.contentText,
-        priority: args.data.priority,
-        status: args.data.status,
-        ddl: args.data.ddl,
-        completedAt: args.data.completedAt,
-        version: 1,
-        createdAt: now,
-        updatedAt: now
-      };
-      this.tasks.push(task);
-      return task;
-    },
-
-    update: async (args: {
-      where: {
-        id: string;
-      };
-      data: {
-        title?: string;
-        contentJson?: unknown;
-        contentText?: string | null;
-        priority?: TaskPriority;
-        status?: TaskStatus;
-        ddl?: Date | null;
-        completedAt?: Date | null;
-        version?: {
-          increment: number;
-        };
-      };
-    }) => {
-      const task = this.tasks.find((item) => item.id === args.where.id);
-      if (!task) {
-        throw new Error("task not found");
-      }
-
-      if (args.data.title !== undefined) {
-        task.title = args.data.title;
-      }
-      if (args.data.contentJson !== undefined) {
-        task.contentJson = args.data.contentJson;
-      }
-      if (args.data.contentText !== undefined) {
-        task.contentText = args.data.contentText;
-      }
-      if (args.data.priority !== undefined) {
-        task.priority = args.data.priority;
-      }
-      if (args.data.status !== undefined) {
-        task.status = args.data.status;
-      }
-      if (args.data.ddl !== undefined) {
-        task.ddl = args.data.ddl;
-      }
-      if (args.data.completedAt !== undefined) {
-        task.completedAt = args.data.completedAt;
-      }
-      if (args.data.version !== undefined) {
-        task.version += args.data.version.increment;
-      }
-      task.updatedAt = new Date();
-
-      return task;
-    },
-
-    deleteMany: async (args: {
-      where: {
-        id: string;
-        userId: string;
-      };
-    }) => {
-      const beforeCount = this.tasks.length;
-      this.tasks = this.tasks.filter(
-        (task) => !(task.id === args.where.id && task.userId === args.where.userId)
-      );
-      this.taskTags = this.taskTags.filter((taskTag) => taskTag.taskId !== args.where.id);
-      return {
-        count: beforeCount - this.tasks.length
-      };
-    },
-
-    findUniqueOrThrow: async (args: {
-      where: {
-        id: string;
-      };
-    }) => {
-      const task = this.tasks.find((item) => item.id === args.where.id);
-      if (!task) {
-        throw new Error("task not found");
-      }
-
-      return this.toTaskWithTags(task);
-    }
-  };
-
-  readonly tag = {
-    upsert: async (args: {
-      where: {
-        userId_name: {
-          userId: string;
-          name: string;
-        };
-      };
-      create: {
-        userId: string;
-        name: string;
-      };
-    }) => {
-      const existing = this.tags.find(
-        (tag) =>
-          tag.userId === args.where.userId_name.userId && tag.name === args.where.userId_name.name
-      );
-      if (existing) {
-        return existing;
-      }
-
-      const createdTag: TagRecord = {
-        id: `tag_${this.tagIdSequence++}`,
-        userId: args.create.userId,
-        name: args.create.name
-      };
-      this.tags.push(createdTag);
-      return createdTag;
-    }
-  };
-
-  readonly taskTag = {
-    deleteMany: async (args: {
-      where: {
-        taskId: string;
-      };
-    }) => {
-      const beforeCount = this.taskTags.length;
-      this.taskTags = this.taskTags.filter((taskTag) => taskTag.taskId !== args.where.taskId);
-      return {
-        count: beforeCount - this.taskTags.length
-      };
-    },
-
-    createMany: async (args: {
-      data: Array<{
-        taskId: string;
-        tagId: string;
-      }>;
-    }) => {
-      for (const row of args.data) {
-        const existing = this.taskTags.find(
-          (taskTag) => taskTag.taskId === row.taskId && taskTag.tagId === row.tagId
-        );
-        if (!existing) {
-          this.taskTags.push(row);
-        }
-      }
-      return {
-        count: args.data.length
-      };
-    }
-  };
-
-  async $transaction<T>(runner: (tx: InMemoryPrismaService) => Promise<T>): Promise<T> {
-    return runner(this);
-  }
-
-  private toTaskWithTags(
-    task: TaskRecord
-  ): TaskRecord & { taskTags: Array<{ tag: { name: string } }> } {
-    return {
-      ...task,
-      taskTags: this.taskTags
-        .filter((taskTag) => taskTag.taskId === task.id)
-        .map((taskTag) => this.tags.find((tag) => tag.id === taskTag.tagId))
-        .filter((tag): tag is TagRecord => tag !== undefined)
-        .map((tag) => ({
-          tag: {
-            name: tag.name
-          }
-        }))
-    };
-  }
-
-  private getTaskTagNames(taskId: string): string[] {
-    return this.taskTags
-      .filter((taskTag) => taskTag.taskId === taskId)
-      .map((taskTag) => this.tags.find((tag) => tag.id === taskTag.tagId))
-      .filter((tag): tag is TagRecord => tag !== undefined)
-      .map((tag) => tag.name);
-  }
-}
-
-describe("TaskController (integration)", () => {
-  let app: INestApplication;
-  const prismaService = new InMemoryPrismaService();
-
-  beforeAll(async () => {
-    const moduleRef: TestingModule = await Test.createTestingModule({
-      controllers: [TaskController],
-      providers: [
-        TaskService,
-        { provide: PrismaService, useValue: prismaService as unknown as PrismaService }
-      ]
-    }).compile();
-
-    app = moduleRef.createNestApplication();
-    app.useGlobalPipes(
-      new ValidationPipe({
-        transform: true,
-        whitelist: true,
-        forbidNonWhitelisted: true
-      })
-    );
-
-    await app.init();
-  });
-
-  afterAll(async () => {
-    await app.close();
-  });
-
-  it("should create, query, update and delete a task", async () => {
-    const createResponse = await request(app.getHttpServer())
-      .post("/tasks")
-      .set("x-user-id", "user_1")
-      .send({
-        title: "准备周会",
-        contentText: "整理本周进度",
-        priority: "HIGH",
-        tagNames: ["工作", "会议"]
-      })
-      .expect(201);
-
-    expect(createResponse.body.id).toBeDefined();
-    expect(createResponse.body.tags).toEqual(["工作", "会议"]);
-    const taskId = createResponse.body.id as string;
-
-    const listResponse = await request(app.getHttpServer())
-      .get("/tasks")
-      .set("x-user-id", "user_1")
-      .query({ tags: "会议" })
-      .expect(200);
-
-    expect(listResponse.body.total).toBe(1);
-    expect(listResponse.body.items[0].id).toBe(taskId);
-
-    const updateResponse = await request(app.getHttpServer())
-      .patch(`/tasks/${taskId}`)
-      .set("x-user-id", "user_1")
-      .send({
-        status: "DONE"
-      })
-      .expect(200);
-
-    expect(updateResponse.body.status).toBe("DONE");
-    expect(updateResponse.body.completedAt).toBeTruthy();
-    expect(updateResponse.body.version).toBe(2);
-
-    await request(app.getHttpServer())
-      .delete(`/tasks/${taskId}`)
-      .set("x-user-id", "user_1")
-      .expect(200)
-      .expect({
-        success: true
-      });
-
-    const listAfterDeleteResponse = await request(app.getHttpServer())
-      .get("/tasks")
-      .set("x-user-id", "user_1")
-      .expect(200);
-    expect(listAfterDeleteResponse.body.total).toBe(0);
-  });
-});

apps/api/tsconfig.json

@@ -2,9 +2,9 @@
   "$schema": "https://json.schemastore.org/tsconfig",
   "extends": "../../packages/tsconfig/nest-app.json",
   "compilerOptions": {
-    "rootDir": ".",
+    "rootDir": "src",
     "outDir": "dist"
   },
-  "include": ["src/**/*.ts", "generated/prisma/**/*.ts"],
+  "include": ["src/**/*.ts"],
   "exclude": ["dist", "node_modules"]
 }

apps/api/tsconfig.spec.json

@@ -1,9 +0,0 @@
-{
-  "$schema": "https://json.schemastore.org/tsconfig",
-  "extends": "./tsconfig.json",
-  "compilerOptions": {
-    "types": ["node", "jest"]
-  },
-  "include": ["src/**/*.ts", "generated/prisma/**/*.ts", "test/**/*.ts"],
-  "exclude": ["dist", "node_modules"]
-}

apps/web/.gitignore

@@ -1,24 +0,0 @@
-# Logs
-logs
-*.log
-npm-debug.log*
-yarn-debug.log*
-yarn-error.log*
-pnpm-debug.log*
-lerna-debug.log*
-
-node_modules
-dist
-dist-ssr
-*.local
-
-# Editor directories and files
-.vscode/*
-!.vscode/extensions.json
-.idea
-.DS_Store
-*.suo
-*.ntvs*
-*.njsproj
-*.sln
-*.sw?

apps/web/README.md

@@ -1,57 +0,0 @@
-# TodoList Web 前端
-
-这是 TodoList 的用户端前端应用（SPA + PWA），基于 `React + TypeScript + Vite`。
-
-## 技术栈
-
-- React
-- TypeScript
-- Vite
-- Tailwind CSS
-- shadcn/ui
-
-## 本地开发
-
-在仓库根目录执行：
-
-```bash
-pnpm install
-pnpm --filter web dev
-```
-
-默认开发地址：
-
-- `http://localhost:5173`
-
-## 后端接口地址
-
-前端默认请求：
-
-- `http://localhost:3000`
-
-如需自定义，请在运行前设置环境变量：
-
-```bash
-VITE_API_BASE_URL=http://localhost:3000
-```
-
-## 构建与预览
-
-```bash
-pnpm --filter web build
-pnpm --filter web preview
-```
-
-## 当前功能进度（阶段性）
-
-- 邮箱验证码登录页面
-- OAuth 回调页面
-- 会话本地缓存与启动恢复
-- 基础工作台页面骨架
-
-## 目录说明
-
-- `src/pages`：页面组件
-- `src/components`：通用 UI 组件
-- `src/services`：接口请求与会话处理
-- `src/lib`：工具函数

apps/web/components.json

@@ -1,25 +0,0 @@
-{
-  "$schema": "https://ui.shadcn.com/schema.json",
-  "style": "base-nova",
-  "rsc": false,
-  "tsx": true,
-  "tailwind": {
-    "config": "tailwind.config.js",
-    "css": "src/index.css",
-    "baseColor": "neutral",
-    "cssVariables": true,
-    "prefix": ""
-  },
-  "iconLibrary": "lucide",
-  "rtl": false,
-  "aliases": {
-    "components": "@/components",
-    "utils": "@/lib/utils",
-    "ui": "@/components/ui",
-    "lib": "@/lib",
-    "hooks": "@/hooks"
-  },
-  "menuColor": "default",
-  "menuAccent": "subtle",
-  "registries": {}
-}

apps/web/eslint.config.js

@@ -1,23 +0,0 @@
-import js from "@eslint/js";
-import globals from "globals";
-import reactHooks from "eslint-plugin-react-hooks";
-import reactRefresh from "eslint-plugin-react-refresh";
-import tseslint from "typescript-eslint";
-import { defineConfig, globalIgnores } from "eslint/config";
-
-export default defineConfig([
-  globalIgnores(["dist"]),
-  {
-    files: ["**/*.{ts,tsx}"],
-    extends: [
-      js.configs.recommended,
-      tseslint.configs.recommended,
-      reactHooks.configs.flat.recommended,
-      reactRefresh.configs.vite
-    ],
-    languageOptions: {
-      ecmaVersion: 2020,
-      globals: globals.browser
-    }
-  }
-]);

apps/web/index.html

@@ -1,14 +0,0 @@
-<!doctype html>
-<html lang="zh-CN">
-  <head>
-    <meta charset="UTF-8" />
-    <link rel="icon" type="image/png" href="/favicon.png" />
-    <link rel="apple-touch-icon" href="/favicon.png" />
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>TodoList</title>
-  </head>
-  <body>
-    <div id="root"></div>
-    <script type="module" src="/src/main.tsx"></script>
-  </body>
-</html>

apps/web/package.json

@@ -1,42 +0,0 @@
-{
-  "name": "web",
-  "private": true,
-  "version": "0.0.0",
-  "type": "module",
-  "scripts": {
-    "dev": "vite",
-    "build": "tsc -b && vite build",
-    "lint": "eslint .",
-    "preview": "vite preview"
-  },
-  "dependencies": {
-    "@base-ui/react": "^1.3.0",
-    "@fontsource-variable/geist": "^5.2.8",
-    "class-variance-authority": "^0.7.1",
-    "clsx": "^2.1.1",
-    "lucide-react": "^1.7.0",
-    "react": "^19.2.4",
-    "react-dom": "^19.2.4",
-    "react-router-dom": "^7.14.0",
-    "shadcn": "^4.1.2",
-    "tailwind-merge": "^3.5.0",
-    "tw-animate-css": "^1.4.0"
-  },
-  "devDependencies": {
-    "@eslint/js": "^9.39.4",
-    "@types/node": "^24.12.0",
-    "@types/react": "^19.2.14",
-    "@types/react-dom": "^19.2.3",
-    "@vitejs/plugin-react": "^6.0.1",
-    "autoprefixer": "^10.4.27",
-    "eslint": "^9.39.4",
-    "eslint-plugin-react-hooks": "^7.0.1",
-    "eslint-plugin-react-refresh": "^0.5.2",
-    "globals": "^17.4.0",
-    "postcss": "^8.5.8",
-    "tailwindcss": "^3.4.17",
-    "typescript": "~5.9.3",
-    "typescript-eslint": "^8.57.0",
-    "vite": "^8.0.1"
-  }
-}

apps/web/postcss.config.js

@@ -1,6 +0,0 @@
-export default {
-  plugins: {
-    tailwindcss: {},
-    autoprefixer: {}
-  }
-};

apps/web/public/icons.svg

@@ -1,24 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg">
-  <symbol id="bluesky-icon" viewBox="0 0 16 17">
-    <g clip-path="url(#bluesky-clip)"><path fill="#08060d" d="M7.75 7.735c-.693-1.348-2.58-3.86-4.334-5.097-1.68-1.187-2.32-.981-2.74-.79C.188 2.065.1 2.812.1 3.251s.241 3.602.398 4.13c.52 1.744 2.367 2.333 4.07 2.145-2.495.37-4.71 1.278-1.805 4.512 3.196 3.309 4.38-.71 4.987-2.746.608 2.036 1.307 5.91 4.93 2.746 2.72-2.746.747-4.143-1.747-4.512 1.702.189 3.55-.4 4.07-2.145.156-.528.397-3.691.397-4.13s-.088-1.186-.575-1.406c-.42-.19-1.06-.395-2.741.79-1.755 1.24-3.64 3.752-4.334 5.099"/></g>
-    <defs><clipPath id="bluesky-clip"><path fill="#fff" d="M.1.85h15.3v15.3H.1z"/></clipPath></defs>
-  </symbol>
-  <symbol id="discord-icon" viewBox="0 0 20 19">
-    <path fill="#08060d" d="M16.224 3.768a14.5 14.5 0 0 0-3.67-1.153c-.158.286-.343.67-.47.976a13.5 13.5 0 0 0-4.067 0c-.128-.306-.317-.69-.476-.976A14.4 14.4 0 0 0 3.868 3.77C1.546 7.28.916 10.703 1.231 14.077a14.7 14.7 0 0 0 4.5 2.306q.545-.748.965-1.587a9.5 9.5 0 0 1-1.518-.74q.191-.14.372-.293c2.927 1.369 6.107 1.369 8.999 0q.183.152.372.294-.723.437-1.52.74.418.838.963 1.588a14.6 14.6 0 0 0 4.504-2.308c.37-3.911-.63-7.302-2.644-10.309m-9.13 8.234c-.878 0-1.599-.82-1.599-1.82 0-.998.705-1.82 1.6-1.82.894 0 1.614.82 1.599 1.82.001 1-.705 1.82-1.6 1.82m5.91 0c-.878 0-1.599-.82-1.599-1.82 0-.998.705-1.82 1.6-1.82.893 0 1.614.82 1.599 1.82 0 1-.706 1.82-1.6 1.82"/>
-  </symbol>
-  <symbol id="documentation-icon" viewBox="0 0 21 20">
-    <path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="m15.5 13.333 1.533 1.322c.645.555.967.833.967 1.178s-.322.623-.967 1.179L15.5 18.333m-3.333-5-1.534 1.322c-.644.555-.966.833-.966 1.178s.322.623.966 1.179l1.534 1.321"/>
-    <path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="M17.167 10.836v-4.32c0-1.41 0-2.117-.224-2.68-.359-.906-1.118-1.621-2.08-1.96-.599-.21-1.349-.21-2.848-.21-2.623 0-3.935 0-4.983.369-1.684.591-3.013 1.842-3.641 3.428C3 6.449 3 7.684 3 10.154v2.122c0 2.558 0 3.838.706 4.726q.306.383.713.671c.76.536 1.79.64 3.581.66"/>
-    <path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="M3 10a2.78 2.78 0 0 1 2.778-2.778c.555 0 1.209.097 1.748-.047.48-.129.854-.503.982-.982.145-.54.048-1.194.048-1.749a2.78 2.78 0 0 1 2.777-2.777"/>
-  </symbol>
-  <symbol id="github-icon" viewBox="0 0 19 19">
-    <path fill="#08060d" fill-rule="evenodd" d="M9.356 1.85C5.05 1.85 1.57 5.356 1.57 9.694a7.84 7.84 0 0 0 5.324 7.44c.387.079.528-.168.528-.376 0-.182-.013-.805-.013-1.454-2.165.467-2.616-.935-2.616-.935-.349-.91-.864-1.143-.864-1.143-.71-.48.051-.48.051-.48.787.051 1.2.805 1.2.805.695 1.194 1.817.857 2.268.649.064-.507.27-.857.49-1.052-1.728-.182-3.545-.857-3.545-3.87 0-.857.31-1.558.8-2.104-.078-.195-.349-1 .077-2.078 0 0 .657-.208 2.14.805a7.5 7.5 0 0 1 1.946-.26c.657 0 1.328.092 1.946.26 1.483-1.013 2.14-.805 2.14-.805.426 1.078.155 1.883.078 2.078.502.546.799 1.247.799 2.104 0 3.013-1.818 3.675-3.558 3.87.284.247.528.714.528 1.454 0 1.052-.012 1.896-.012 2.156 0 .208.142.455.528.377a7.84 7.84 0 0 0 5.324-7.441c.013-4.338-3.48-7.844-7.773-7.844" clip-rule="evenodd"/>
-  </symbol>
-  <symbol id="social-icon" viewBox="0 0 20 20">
-    <path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="M12.5 6.667a4.167 4.167 0 1 0-8.334 0 4.167 4.167 0 0 0 8.334 0"/>
-    <path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="M2.5 16.667a5.833 5.833 0 0 1 8.75-5.053m3.837.474.513 1.035c.07.144.257.282.414.309l.93.155c.596.1.736.536.307.965l-.723.73a.64.64 0 0 0-.152.531l.207.903c.164.715-.213.991-.84.618l-.872-.52a.63.63 0 0 0-.577 0l-.872.52c-.624.373-1.003.094-.84-.618l.207-.903a.64.64 0 0 0-.152-.532l-.723-.729c-.426-.43-.289-.864.306-.964l.93-.156a.64.64 0 0 0 .412-.31l.513-1.034c.28-.562.735-.562 1.012 0"/>
-  </symbol>
-  <symbol id="x-icon" viewBox="0 0 19 19">
-    <path fill="#08060d" fill-rule="evenodd" d="M1.893 1.98c.052.072 1.245 1.769 2.653 3.77l2.892 4.114c.183.261.333.48.333.486s-.068.089-.152.183l-.522.593-.765.867-3.597 4.087c-.375.426-.734.834-.798.905a1 1 0 0 0-.118.148c0 .01.236.017.664.017h.663l.729-.83c.4-.457.796-.906.879-.999a692 692 0 0 0 1.794-2.038c.034-.037.301-.34.594-.675l.551-.624.345-.392a7 7 0 0 1 .34-.374c.006 0 .93 1.306 2.052 2.903l2.084 2.965.045.063h2.275c1.87 0 2.273-.003 2.266-.021-.008-.02-1.098-1.572-3.894-5.547-2.013-2.862-2.28-3.246-2.273-3.266.008-.019.282-.332 2.085-2.38l2-2.274 1.567-1.782c.022-.028-.016-.03-.65-.03h-.674l-.3.342a871 871 0 0 1-1.782 2.025c-.067.075-.405.458-.75.852a100 100 0 0 1-.803.91c-.148.172-.299.344-.99 1.127-.304.343-.32.358-.345.327-.015-.019-.904-1.282-1.976-2.808L6.365 1.85H1.8zm1.782.91 8.078 11.294c.772 1.08 1.413 1.973 1.425 1.984.016.017.241.02 1.05.017l1.03-.004-2.694-3.766L7.796 5.75 5.722 2.852l-1.039-.004-1.039-.004z" clip-rule="evenodd"/>
-  </symbol>
-</svg>

apps/web/src/App.css

@@ -1,184 +0,0 @@
-.counter {
-  font-size: 16px;
-  padding: 5px 10px;
-  border-radius: 5px;
-  color: var(--accent);
-  background: var(--accent-bg);
-  border: 2px solid transparent;
-  transition: border-color 0.3s;
-  margin-bottom: 24px;
-
-  &:hover {
-    border-color: var(--accent-border);
-  }
-  &:focus-visible {
-    outline: 2px solid var(--accent);
-    outline-offset: 2px;
-  }
-}
-
-.hero {
-  position: relative;
-
-  .base,
-  .framework,
-  .vite {
-    inset-inline: 0;
-    margin: 0 auto;
-  }
-
-  .base {
-    width: 170px;
-    position: relative;
-    z-index: 0;
-  }
-
-  .framework,
-  .vite {
-    position: absolute;
-  }
-
-  .framework {
-    z-index: 1;
-    top: 34px;
-    height: 28px;
-    transform: perspective(2000px) rotateZ(300deg) rotateX(44deg) rotateY(39deg)
-      scale(1.4);
-  }
-
-  .vite {
-    z-index: 0;
-    top: 107px;
-    height: 26px;
-    width: auto;
-    transform: perspective(2000px) rotateZ(300deg) rotateX(40deg) rotateY(39deg)
-      scale(0.8);
-  }
-}
-
-#center {
-  display: flex;
-  flex-direction: column;
-  gap: 25px;
-  place-content: center;
-  place-items: center;
-  flex-grow: 1;
-
-  @media (max-width: 1024px) {
-    padding: 32px 20px 24px;
-    gap: 18px;
-  }
-}
-
-#next-steps {
-  display: flex;
-  border-top: 1px solid var(--border);
-  text-align: left;
-
-  & > div {
-    flex: 1 1 0;
-    padding: 32px;
-    @media (max-width: 1024px) {
-      padding: 24px 20px;
-    }
-  }
-
-  .icon {
-    margin-bottom: 16px;
-    width: 22px;
-    height: 22px;
-  }
-
-  @media (max-width: 1024px) {
-    flex-direction: column;
-    text-align: center;
-  }
-}
-
-#docs {
-  border-right: 1px solid var(--border);
-
-  @media (max-width: 1024px) {
-    border-right: none;
-    border-bottom: 1px solid var(--border);
-  }
-}
-
-#next-steps ul {
-  list-style: none;
-  padding: 0;
-  display: flex;
-  gap: 8px;
-  margin: 32px 0 0;
-
-  .logo {
-    height: 18px;
-  }
-
-  a {
-    color: var(--text-h);
-    font-size: 16px;
-    border-radius: 6px;
-    background: var(--social-bg);
-    display: flex;
-    padding: 6px 12px;
-    align-items: center;
-    gap: 8px;
-    text-decoration: none;
-    transition: box-shadow 0.3s;
-
-    &:hover {
-      box-shadow: var(--shadow);
-    }
-    .button-icon {
-      height: 18px;
-      width: 18px;
-    }
-  }
-
-  @media (max-width: 1024px) {
-    margin-top: 20px;
-    flex-wrap: wrap;
-    justify-content: center;
-
-    li {
-      flex: 1 1 calc(50% - 8px);
-    }
-
-    a {
-      width: 100%;
-      justify-content: center;
-      box-sizing: border-box;
-    }
-  }
-}
-
-#spacer {
-  height: 88px;
-  border-top: 1px solid var(--border);
-  @media (max-width: 1024px) {
-    height: 48px;
-  }
-}
-
-.ticks {
-  position: relative;
-  width: 100%;
-
-  &::before,
-  &::after {
-    content: '';
-    position: absolute;
-    top: -4.5px;
-    border: 5px solid transparent;
-  }
-
-  &::before {
-    left: 0;
-    border-left-color: var(--border);
-  }
-  &::after {
-    right: 0;
-    border-right-color: var(--border);
-  }
-}

apps/web/src/App.tsx

@@ -1,318 +0,0 @@
-import { useEffect, useState } from "react";
-import type { LucideIcon } from "lucide-react";
-import {
-  Bell,
-  ChevronLeft,
-  ChevronRight,
-  LayoutDashboard,
-  ListTodo,
-  LogOut,
-  Menu,
-  Moon,
-  Settings,
-  Sparkles,
-  Sun,
-  X
-} from "lucide-react";
-import { Navigate, Route, Routes, useLocation, useNavigate } from "react-router-dom";
-import { Button } from "@/components/ui/button";
-import { cn } from "@/lib/utils";
-import { EmailLoginPage } from "@/pages/email-login-page";
-import { OAuthCallbackPage } from "@/pages/oauth-callback-page";
-import { TodoShellPage } from "@/pages/todo-shell-page";
-import { revokeRefreshToken, type EmailLoginResult } from "@/services/auth-api";
-import {
-  clearSession,
-  loadSession,
-  saveSession,
-  type WebSession
-} from "@/services/session-storage";
-import {
-  applyThemeMode,
-  loadThemeMode,
-  saveThemeMode,
-  type ThemeMode
-} from "@/services/theme-storage";
-
-type SidebarItem = {
-  key: string;
-  label: string;
-  icon: LucideIcon;
-};
-
-const SIDEBAR_ITEMS: SidebarItem[] = [
-  { key: "dashboard", label: "概览面板", icon: LayoutDashboard },
-  { key: "todo", label: "待办事项", icon: ListTodo },
-  { key: "ai", label: "AI 建议", icon: Sparkles },
-  { key: "notice", label: "提醒中心", icon: Bell },
-  { key: "settings", label: "系统设置", icon: Settings }
-];
-
-function toWebSession(payload: EmailLoginResult): WebSession {
-  return {
-    accessToken: payload.accessToken,
-    refreshToken: payload.refreshToken,
-    user: {
-      id: payload.user.id,
-      email: payload.user.email
-    }
-  };
-}
-
-function App() {
-  const [session, setSession] = useState<WebSession | null>(() => loadSession());
-  const [loggingOut, setLoggingOut] = useState(false);
-  const [themeMode, setThemeMode] = useState<ThemeMode>(() => loadThemeMode());
-  const [sidebarCollapsed, setSidebarCollapsed] = useState(false);
-  const [mobileSidebarOpen, setMobileSidebarOpen] = useState(false);
-  const navigate = useNavigate();
-  const location = useLocation();
-
-  const isAuthPage =
-    location.pathname === "/login/email" || location.pathname.startsWith("/auth/callback/");
-
-  useEffect(() => {
-    applyThemeMode(themeMode);
-    saveThemeMode(themeMode);
-  }, [themeMode]);
-
-  async function handleLogout(): Promise<void> {
-    if (!session || loggingOut) {
-      return;
-    }
-
-    try {
-      setLoggingOut(true);
-      await revokeRefreshToken(session.refreshToken);
-    } catch {
-      // 无论接口成功与否，都要清理本地会话，避免页面卡在登录态。
-    } finally {
-      clearSession();
-      setSession(null);
-      setLoggingOut(false);
-      setMobileSidebarOpen(false);
-      navigate("/login/email", { replace: true });
-    }
-  }
-
-  function handleToggleTheme(): void {
-    setThemeMode((currentTheme) => (currentTheme === "dark" ? "light" : "dark"));
-  }
-
-  function handleLoginSuccess(payload: EmailLoginResult): void {
-    const nextSession = toWebSession(payload);
-    saveSession(nextSession);
-    setSession(nextSession);
-    setMobileSidebarOpen(false);
-    navigate("/", { replace: true });
-  }
-
-  function handleBootstrapSession(nextSession: WebSession): void {
-    setSession(nextSession);
-    setMobileSidebarOpen(false);
-  }
-
-  function renderSidebarContent(options: { collapsed: boolean; mobile: boolean }) {
-    const { collapsed, mobile } = options;
-
-    return (
-      <div className="flex h-full min-h-0 flex-col">
-        {mobile ? (
-          <div className="flex h-14 shrink-0 items-center justify-end border-b border-border/70 px-3">
-            <Button
-              type="button"
-              size="icon-sm"
-              variant="ghost"
-              className="text-muted-foreground"
-              onClick={() => setMobileSidebarOpen(false)}
-              aria-label="关闭侧边栏"
-            >
-              <X className="size-4" />
-            </Button>
-          </div>
-        ) : null}
-
-        <div className="min-h-0 flex-1 overflow-y-auto p-2">
-          <nav className="space-y-1">
-            {SIDEBAR_ITEMS.map((item) => {
-              const ItemIcon = item.icon;
-              return (
-                <button
-                  key={item.key}
-                  type="button"
-                  className={cn(
-                    "group flex w-full items-center rounded-xl border border-transparent px-3 py-2.5 text-left transition-colors",
-                    "gap-3 hover:border-primary/25 hover:bg-primary/10"
-                  )}
-                >
-                  <ItemIcon className="size-5 shrink-0 text-primary" />
-                  {collapsed ? null : (
-                    <>
-                      <span className="text-sm whitespace-nowrap text-foreground">
-                        {item.label}
-                      </span>
-                      <span className="ml-auto whitespace-nowrap rounded-full border border-border bg-card px-2 py-0.5 text-[10px] text-muted-foreground">
-                        即将上线
-                      </span>
-                    </>
-                  )}
-                </button>
-              );
-            })}
-          </nav>
-        </div>
-
-        <div className="shrink-0 space-y-2 border-t border-border/70 p-2">
-          <Button
-            type="button"
-            variant="outline"
-            className="w-full justify-start gap-2 border-primary/25 px-3 text-primary hover:bg-primary/10"
-            onClick={handleToggleTheme}
-          >
-            {themeMode === "dark" ? <Sun className="size-4" /> : <Moon className="size-4" />}
-            {collapsed ? null : (
-              <span className="whitespace-nowrap">
-                {themeMode === "dark" ? "浅色模式" : "深色模式"}
-              </span>
-            )}
-          </Button>
-
-          <Button
-            type="button"
-            variant="outline"
-            className="w-full justify-start gap-2 border-primary/25 px-3 text-primary hover:bg-primary/10"
-            onClick={handleLogout}
-            disabled={!session || loggingOut}
-          >
-            <LogOut className="size-4" />
-            {collapsed ? null : (
-              <span className="whitespace-nowrap">{loggingOut ? "退出中..." : "退出登录"}</span>
-            )}
-          </Button>
-        </div>
-      </div>
-    );
-  }
-
-  if (isAuthPage) {
-    return (
-      <div className="min-h-dvh bg-background text-foreground md:min-h-screen">
-        <main className="flex min-h-dvh items-center justify-center px-4 py-8 md:min-h-screen md:px-6">
-          <div className="w-full max-w-md">
-            <Routes>
-              <Route
-                path="/login/email"
-                element={<EmailLoginPage onLoginSuccess={handleLoginSuccess} />}
-              />
-              <Route
-                path="/auth/callback/:provider"
-                element={<OAuthCallbackPage onBootstrapSession={handleBootstrapSession} />}
-              />
-              <Route path="*" element={<Navigate to={session ? "/" : "/login/email"} replace />} />
-            </Routes>
-          </div>
-        </main>
-      </div>
-    );
-  }
-
-  return (
-    <div className="h-dvh overflow-hidden bg-background text-foreground md:h-screen">
-      <header className="relative z-50 shrink-0 border-b border-border/70 bg-background/80 backdrop-blur-xl">
-        <div className="flex h-16 items-center justify-between px-4 md:px-6">
-          <div className="flex items-center gap-3">
-            <button
-              type="button"
-              className="text-primary md:hidden"
-              onClick={() => setMobileSidebarOpen(true)}
-              aria-label="打开侧边栏"
-            >
-              <Menu className="size-12" />
-            </button>
-            <img
-              src="/favicon.png"
-              alt="TodoList"
-              className="h-9 w-9 shrink-0 rounded-xl shadow-sm"
-            />
-            <span className="text-base font-semibold tracking-tight text-foreground">TodoList</span>
-          </div>
-          <span className="hidden max-w-[280px] truncate text-sm text-muted-foreground md:block">
-            {session ? session.user.email : "未登录"}
-          </span>
-        </div>
-      </header>
-
-      {mobileSidebarOpen ? (
-        <button
-          type="button"
-          className="fixed inset-x-0 bottom-0 top-16 z-30 bg-black/40 backdrop-blur-[2px] md:hidden"
-          aria-label="关闭侧边栏遮罩"
-          onClick={() => setMobileSidebarOpen(false)}
-        />
-      ) : null}
-
-      <aside
-        className={cn(
-          "fixed bottom-0 left-0 top-16 z-40 w-72 border-r border-border/80 bg-card/95 backdrop-blur-xl transition-transform duration-300 md:hidden",
-          mobileSidebarOpen ? "translate-x-0" : "-translate-x-full"
-        )}
-      >
-        {renderSidebarContent({ collapsed: false, mobile: true })}
-      </aside>
-
-      <div className="flex h-[calc(100dvh-4rem)] min-h-0 md:h-[calc(100vh-4rem)]">
-        <aside
-          className={cn(
-            "relative hidden h-full border-r border-border/80 bg-card/88 backdrop-blur-xl transition-[width] duration-300 md:flex md:flex-col",
-            sidebarCollapsed ? "md:w-14" : "md:w-72"
-          )}
-        >
-          {renderSidebarContent({ collapsed: sidebarCollapsed, mobile: false })}
-          <Button
-            type="button"
-            size="icon-sm"
-            variant="outline"
-            className={cn(
-              "absolute left-full top-1/2 z-20 -ml-px h-14 w-6 -translate-y-1/2 rounded-none border border-border/80",
-              "bg-card/88 text-muted-foreground backdrop-blur-xl transition-colors duration-200 hover:bg-muted/80 hover:text-foreground",
-              "focus-visible:ring-2 focus-visible:ring-ring/45 focus-visible:ring-offset-0"
-            )}
-            onClick={() => setSidebarCollapsed((current) => !current)}
-            aria-label={sidebarCollapsed ? "展开侧边栏" : "收起侧边栏"}
-          >
-            {sidebarCollapsed ? (
-              <ChevronRight className="size-4" />
-            ) : (
-              <ChevronLeft className="size-4" />
-            )}
-          </Button>
-        </aside>
-
-        <div className="flex min-h-0 min-w-0 flex-1 flex-col">
-          <main className="min-h-0 flex-1 overflow-y-auto px-4 py-6 md:px-6 md:py-8">
-            <div className="mx-auto w-full max-w-6xl">
-              <Routes>
-                <Route
-                  path="/"
-                  element={
-                    session ? (
-                      <TodoShellPage session={session} />
-                    ) : (
-                      <Navigate to="/login/email" replace />
-                    )
-                  }
-                />
-                <Route
-                  path="*"
-                  element={<Navigate to={session ? "/" : "/login/email"} replace />}
-                />
-              </Routes>
-            </div>
-          </main>
-        </div>
-      </div>
-    </div>
-  );
-}
-
-export default App;

apps/web/src/assets/react.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="35.93" height="32" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 228"><path fill="#00D8FF" d="M210.483 73.824a171.49 171.49 0 0 0-8.24-2.597c.465-1.9.893-3.777 1.273-5.621c6.238-30.281 2.16-54.676-11.769-62.708c-13.355-7.7-35.196.329-57.254 19.526a171.23 171.23 0 0 0-6.375 5.848a155.866 155.866 0 0 0-4.241-3.917C100.759 3.829 77.587-4.822 63.673 3.233C50.33 10.957 46.379 33.89 51.995 62.588a170.974 170.974 0 0 0 1.892 8.48c-3.28.932-6.445 1.924-9.474 2.98C17.309 83.498 0 98.307 0 113.668c0 15.865 18.582 31.778 46.812 41.427a145.52 145.52 0 0 0 6.921 2.165a167.467 167.467 0 0 0-2.01 9.138c-5.354 28.2-1.173 50.591 12.134 58.266c13.744 7.926 36.812-.22 59.273-19.855a145.567 145.567 0 0 0 5.342-4.923a168.064 168.064 0 0 0 6.92 6.314c21.758 18.722 43.246 26.282 56.54 18.586c13.731-7.949 18.194-32.003 12.4-61.268a145.016 145.016 0 0 0-1.535-6.842c1.62-.48 3.21-.974 4.76-1.488c29.348-9.723 48.443-25.443 48.443-41.52c0-15.417-17.868-30.326-45.517-39.844Zm-6.365 70.984c-1.4.463-2.836.91-4.3 1.345c-3.24-10.257-7.612-21.163-12.963-32.432c5.106-11 9.31-21.767 12.459-31.957c2.619.758 5.16 1.557 7.61 2.4c23.69 8.156 38.14 20.213 38.14 29.504c0 9.896-15.606 22.743-40.946 31.14Zm-10.514 20.834c2.562 12.94 2.927 24.64 1.23 33.787c-1.524 8.219-4.59 13.698-8.382 15.893c-8.067 4.67-25.32-1.4-43.927-17.412a156.726 156.726 0 0 1-6.437-5.87c7.214-7.889 14.423-17.06 21.459-27.246c12.376-1.098 24.068-2.894 34.671-5.345a134.17 134.17 0 0 1 1.386 6.193ZM87.276 214.515c-7.882 2.783-14.16 2.863-17.955.675c-8.075-4.657-11.432-22.636-6.853-46.752a156.923 156.923 0 0 1 1.869-8.499c10.486 2.32 22.093 3.988 34.498 4.994c7.084 9.967 14.501 19.128 21.976 27.15a134.668 134.668 0 0 1-4.877 4.492c-9.933 8.682-19.886 14.842-28.658 17.94ZM50.35 144.747c-12.483-4.267-22.792-9.812-29.858-15.863c-6.35-5.437-9.555-10.836-9.555-15.216c0-9.322 13.897-21.212 37.076-29.293c2.813-.98 5.757-1.905 8.812-2.773c3.204 10.42 7.406 21.315 12.477 32.332c-5.137 11.18-9.399 22.249-12.634 32.792a134.718 134.718 0 0 1-6.318-1.979Zm12.378-84.26c-4.811-24.587-1.616-43.134 6.425-47.789c8.564-4.958 27.502 2.111 47.463 19.835a144.318 144.318 0 0 1 3.841 3.545c-7.438 7.987-14.787 17.08-21.808 26.988c-12.04 1.116-23.565 2.908-34.161 5.309a160.342 160.342 0 0 1-1.76-7.887Zm110.427 27.268a347.8 347.8 0 0 0-7.785-12.803c8.168 1.033 15.994 2.404 23.343 4.08c-2.206 7.072-4.956 14.465-8.193 22.045a381.151 381.151 0 0 0-7.365-13.322Zm-45.032-43.861c5.044 5.465 10.096 11.566 15.065 18.186a322.04 322.04 0 0 0-30.257-.006c4.974-6.559 10.069-12.652 15.192-18.18ZM82.802 87.83a323.167 323.167 0 0 0-7.227 13.238c-3.184-7.553-5.909-14.98-8.134-22.152c7.304-1.634 15.093-2.97 23.209-3.984a321.524 321.524 0 0 0-7.848 12.897Zm8.081 65.352c-8.385-.936-16.291-2.203-23.593-3.793c2.26-7.3 5.045-14.885 8.298-22.6a321.187 321.187 0 0 0 7.257 13.246c2.594 4.48 5.28 8.868 8.038 13.147Zm37.542 31.03c-5.184-5.592-10.354-11.779-15.403-18.433c4.902.192 9.899.29 14.978.29c5.218 0 10.376-.117 15.453-.343c-4.985 6.774-10.018 12.97-15.028 18.486Zm52.198-57.817c3.422 7.8 6.306 15.345 8.596 22.52c-7.422 1.694-15.436 3.058-23.88 4.071a382.417 382.417 0 0 0 7.859-13.026a347.403 347.403 0 0 0 7.425-13.565Zm-16.898 8.101a358.557 358.557 0 0 1-12.281 19.815a329.4 329.4 0 0 1-23.444.823c-7.967 0-15.716-.248-23.178-.732a310.202 310.202 0 0 1-12.513-19.846h.001a307.41 307.41 0 0 1-10.923-20.627a310.278 310.278 0 0 1 10.89-20.637l-.001.001a307.318 307.318 0 0 1 12.413-19.761c7.613-.576 15.42-.876 23.31-.876H128c7.926 0 15.743.303 23.354.883a329.357 329.357 0 0 1 12.335 19.695a358.489 358.489 0 0 1 11.036 20.54a329.472 329.472 0 0 1-11 20.722Zm22.56-122.124c8.572 4.944 11.906 24.881 6.52 51.026c-.344 1.668-.73 3.367-1.15 5.09c-10.622-2.452-22.155-4.275-34.23-5.408c-7.034-10.017-14.323-19.124-21.64-27.008a160.789 160.789 0 0 1 5.888-5.4c18.9-16.447 36.564-22.941 44.612-18.3ZM128 90.808c12.625 0 22.86 10.235 22.86 22.86s-10.235 22.86-22.86 22.86s-22.86-10.235-22.86-22.86s10.235-22.86 22.86-22.86Z"></path></svg>

apps/web/src/components/ui/button.tsx

@@ -1,59 +0,0 @@
-/* eslint-disable react-refresh/only-export-components */
-import { Button as ButtonPrimitive } from "@base-ui/react/button";
-import { cva, type VariantProps } from "class-variance-authority";
-
-import { cn } from "@/lib/utils";
-
-const buttonVariants = cva(
-  "group/button inline-flex shrink-0 items-center justify-center rounded-lg border border-transparent bg-clip-padding text-sm font-medium whitespace-nowrap transition-all outline-none select-none focus-visible:border-ring focus-visible:ring-3 focus-visible:ring-ring/50 active:not-aria-[haspopup]:translate-y-px disabled:pointer-events-none disabled:opacity-50 aria-invalid:border-destructive aria-invalid:ring-3 aria-invalid:ring-destructive/20 dark:aria-invalid:border-destructive/50 dark:aria-invalid:ring-destructive/40 [&_svg]:pointer-events-none [&_svg]:shrink-0 [&_svg:not([class*='size-'])]:size-4",
-  {
-    variants: {
-      variant: {
-        default: "bg-primary text-primary-foreground [a]:hover:bg-primary/80",
-        outline:
-          "border-border bg-background hover:bg-muted hover:text-foreground aria-expanded:bg-muted aria-expanded:text-foreground dark:border-input dark:bg-input/30 dark:hover:bg-input/50",
-        secondary:
-          "bg-secondary text-secondary-foreground hover:bg-secondary/80 aria-expanded:bg-secondary aria-expanded:text-secondary-foreground",
-        ghost:
-          "hover:bg-muted hover:text-foreground aria-expanded:bg-muted aria-expanded:text-foreground dark:hover:bg-muted/50",
-        destructive:
-          "bg-destructive/10 text-destructive hover:bg-destructive/20 focus-visible:border-destructive/40 focus-visible:ring-destructive/20 dark:bg-destructive/20 dark:hover:bg-destructive/30 dark:focus-visible:ring-destructive/40",
-        link: "text-primary underline-offset-4 hover:underline"
-      },
-      size: {
-        default:
-          "h-8 gap-1.5 px-2.5 has-data-[icon=inline-end]:pr-2 has-data-[icon=inline-start]:pl-2",
-        xs: "h-6 gap-1 rounded-[min(var(--radius-md),10px)] px-2 text-xs in-data-[slot=button-group]:rounded-lg has-data-[icon=inline-end]:pr-1.5 has-data-[icon=inline-start]:pl-1.5 [&_svg:not([class*='size-'])]:size-3",
-        sm: "h-7 gap-1 rounded-[min(var(--radius-md),12px)] px-2.5 text-[0.8rem] in-data-[slot=button-group]:rounded-lg has-data-[icon=inline-end]:pr-1.5 has-data-[icon=inline-start]:pl-1.5 [&_svg:not([class*='size-'])]:size-3.5",
-        lg: "h-9 gap-1.5 px-2.5 has-data-[icon=inline-end]:pr-2 has-data-[icon=inline-start]:pl-2",
-        icon: "size-8",
-        "icon-xs":
-          "size-6 rounded-[min(var(--radius-md),10px)] in-data-[slot=button-group]:rounded-lg [&_svg:not([class*='size-'])]:size-3",
-        "icon-sm":
-          "size-7 rounded-[min(var(--radius-md),12px)] in-data-[slot=button-group]:rounded-lg",
-        "icon-lg": "size-9"
-      }
-    },
-    defaultVariants: {
-      variant: "default",
-      size: "default"
-    }
-  }
-);
-
-function Button({
-  className,
-  variant = "default",
-  size = "default",
-  ...props
-}: ButtonPrimitive.Props & VariantProps<typeof buttonVariants>) {
-  return (
-    <ButtonPrimitive
-      data-slot="button"
-      className={cn(buttonVariants({ variant, size, className }))}
-      {...props}
-    />
-  );
-}
-
-export { Button, buttonVariants };

apps/web/src/index.css

@@ -1,77 +0,0 @@
-@import "@fontsource-variable/geist";
-@tailwind base;
-@tailwind components;
-@tailwind utilities;
-
-html {
-  height: 100%;
-  font-size: 120%;
-}
-
-:root {
-  --radius: 0.9rem;
-  --background: 246 100% 98%;
-  --foreground: 248 40% 18%;
-  --card: 0 0% 100%;
-  --border: 248 53% 89%;
-  --input: 248 48% 84%;
-  --ring: 246 53% 53%;
-  --primary: 246 53% 53%;
-  --primary-foreground: 0 0% 100%;
-  --secondary: 250 70% 94%;
-  --secondary-foreground: 248 40% 25%;
-  --muted: 249 78% 95%;
-  --muted-foreground: 248 17% 45%;
-  --accent: 173 56% 66%;
-  --accent-foreground: 248 40% 25%;
-  --destructive: 343 40% 50%;
-  --destructive-foreground: 0 0% 100%;
-  color-scheme: light;
-  font-family: "Geist Variable", "Noto Sans SC", sans-serif;
-}
-
-.dark {
-  --background: 248 46% 10%;
-  --foreground: 240 44% 96%;
-  --card: 249 41% 15%;
-  --border: 249 24% 30%;
-  --input: 249 23% 28%;
-  --ring: 246 76% 68%;
-  --primary: 246 76% 68%;
-  --primary-foreground: 248 43% 12%;
-  --secondary: 249 30% 24%;
-  --secondary-foreground: 240 38% 92%;
-  --muted: 249 29% 20%;
-  --muted-foreground: 247 16% 74%;
-  --accent: 173 52% 58%;
-  --accent-foreground: 248 43% 12%;
-  --destructive: 343 64% 58%;
-  --destructive-foreground: 0 0% 100%;
-  color-scheme: dark;
-}
-
-body {
-  margin: 0;
-  height: 100%;
-  overflow: hidden;
-  background:
-    radial-gradient(
-      1100px 620px at -12% -25%,
-      hsl(var(--primary) / 0.2),
-      hsl(var(--primary) / 0) 60%
-    ),
-    radial-gradient(
-      900px 540px at 112% -14%,
-      hsl(var(--accent) / 0.35),
-      hsl(var(--accent) / 0) 58%
-    ),
-    hsl(var(--background));
-  color: hsl(var(--foreground));
-  transition:
-    background-color 220ms ease,
-    color 220ms ease;
-}
-
-#root {
-  height: 100%;
-}

apps/web/src/lib/utils.ts

@@ -1,6 +0,0 @@
-import { clsx, type ClassValue } from "clsx";
-import { twMerge } from "tailwind-merge";
-
-export function cn(...inputs: ClassValue[]) {
-  return twMerge(clsx(inputs));
-}

apps/web/src/main.tsx

@@ -1,16 +0,0 @@
-import { StrictMode } from "react";
-import { createRoot } from "react-dom/client";
-import { BrowserRouter } from "react-router-dom";
-import "./index.css";
-import App from "./App.tsx";
-import { applyThemeMode, loadThemeMode } from "@/services/theme-storage";
-
-applyThemeMode(loadThemeMode());
-
-createRoot(document.getElementById("root")!).render(
-  <StrictMode>
-    <BrowserRouter>
-      <App />
-    </BrowserRouter>
-  </StrictMode>
-);

apps/web/src/pages/email-login-page.tsx

@@ -1,175 +0,0 @@
-import { useMemo, useState } from "react";
-import type { FormEvent } from "react";
-import { Button } from "@/components/ui/button";
-import { loginWithEmailCode, sendEmailCode, type EmailLoginResult } from "@/services/auth-api";
-
-type EmailLoginPageProps = {
-  onLoginSuccess: (payload: EmailLoginResult) => void;
-};
-
-const DEFAULT_API_BASE_URL = "http://localhost:3000";
-
-function resolveApiBaseUrl(): string {
-  const envBaseUrl = import.meta.env.VITE_API_BASE_URL as string | undefined;
-  if (!envBaseUrl) {
-    return DEFAULT_API_BASE_URL;
-  }
-
-  return envBaseUrl.replace(/\/+$/, "");
-}
-
-export function EmailLoginPage({ onLoginSuccess }: EmailLoginPageProps) {
-  const [email, setEmail] = useState("");
-  const [code, setCode] = useState("");
-  const [sendingCode, setSendingCode] = useState(false);
-  const [loggingIn, setLoggingIn] = useState(false);
-  const [codeCooldown, setCodeCooldown] = useState(0);
-  const [message, setMessage] = useState<string | null>(null);
-  const [error, setError] = useState<string | null>(null);
-
-  const canSendCode = useMemo(() => {
-    return email.trim().length > 0 && !sendingCode && codeCooldown <= 0;
-  }, [codeCooldown, email, sendingCode]);
-
-  const canLogin = useMemo(() => {
-    return email.trim().length > 0 && code.trim().length === 6 && !loggingIn;
-  }, [code, email, loggingIn]);
-
-  async function handleSendCode(event: FormEvent<HTMLFormElement>): Promise<void> {
-    event.preventDefault();
-    if (!canSendCode) {
-      return;
-    }
-
-    try {
-      setSendingCode(true);
-      setError(null);
-      setMessage(null);
-      const result = await sendEmailCode(email.trim());
-      setMessage(`验证码已发送，有效期 ${result.expiresInSeconds} 秒。`);
-
-      let remain = 60;
-      setCodeCooldown(remain);
-      const timer = window.setInterval(() => {
-        remain -= 1;
-        setCodeCooldown(remain);
-        if (remain <= 0) {
-          window.clearInterval(timer);
-        }
-      }, 1000);
-    } catch (err) {
-      setError(err instanceof Error ? err.message : "发送验证码失败");
-    } finally {
-      setSendingCode(false);
-    }
-  }
-
-  async function handleLogin(event: FormEvent<HTMLFormElement>): Promise<void> {
-    event.preventDefault();
-    if (!canLogin) {
-      return;
-    }
-
-    try {
-      setLoggingIn(true);
-      setError(null);
-      setMessage(null);
-      const result = await loginWithEmailCode(email.trim(), code.trim());
-      onLoginSuccess(result);
-    } catch (err) {
-      setError(err instanceof Error ? err.message : "登录失败");
-    } finally {
-      setLoggingIn(false);
-    }
-  }
-
-  return (
-    <div className="mx-auto w-full max-w-md rounded-2xl border border-border bg-card/92 p-6 shadow-[0_24px_60px_-36px_hsl(var(--primary)/0.65)] backdrop-blur">
-      <div className="mb-4 flex items-center gap-3">
-        <img src="/favicon.png" alt="TodoList" className="h-10 w-10 rounded-xl shadow-sm" />
-        <div>
-          <h1 className="text-2xl font-semibold text-foreground">邮箱验证码登录</h1>
-        </div>
-      </div>
-
-      <form className="mt-6 space-y-3" onSubmit={handleSendCode}>
-        <label className="block text-sm font-medium text-secondary-foreground" htmlFor="email">
-          邮箱
-        </label>
-        <div className="flex items-stretch gap-2">
-          <input
-            id="email"
-            type="email"
-            className="min-w-0 flex-1 rounded-lg border border-input bg-background px-3 py-2 text-sm text-foreground outline-none focus:border-primary focus:ring-3 focus:ring-ring/25"
-            placeholder="you@example.com"
-            value={email}
-            onChange={(event) => setEmail(event.target.value)}
-          />
-          <Button
-            type="submit"
-            disabled={!canSendCode}
-            className="shrink-0 bg-primary px-4 text-primary-foreground hover:bg-primary/90"
-          >
-            {sendingCode ? "发送中..." : codeCooldown > 0 ? `${codeCooldown}s` : "发送验证码"}
-          </Button>
-        </div>
-      </form>
-
-      <form className="mt-4 space-y-3" onSubmit={handleLogin}>
-        <label className="block text-sm font-medium text-secondary-foreground" htmlFor="code">
-          验证码
-        </label>
-        <input
-          id="code"
-          type="text"
-          inputMode="numeric"
-          maxLength={6}
-          className="w-full rounded-lg border border-input bg-background px-3 py-2 text-sm text-foreground outline-none focus:border-primary focus:ring-3 focus:ring-ring/25"
-          placeholder="6位数字验证码"
-          value={code}
-          onChange={(event) => setCode(event.target.value)}
-        />
-        <Button
-          type="submit"
-          disabled={!canLogin}
-          className="w-full bg-gradient-to-r from-primary to-accent text-primary-foreground hover:opacity-95"
-        >
-          {loggingIn ? "登录中..." : "立即登录"}
-        </Button>
-      </form>
-
-      <div className="mt-6 grid grid-cols-1 gap-2">
-        <a href={`${resolveApiBaseUrl()}/auth/oauth/github`}>
-          <Button
-            type="button"
-            variant="outline"
-            className="w-full border-border bg-card text-foreground"
-          >
-            使用 GitHub 登录
-          </Button>
-        </a>
-        <a href={`${resolveApiBaseUrl()}/auth/oauth/qq`}>
-          <Button
-            type="button"
-            variant="outline"
-            className="w-full border-border bg-card text-foreground"
-          >
-            使用 QQ 登录
-          </Button>
-        </a>
-        <a href={`${resolveApiBaseUrl()}/auth/oauth/wechat`}>
-          <Button
-            type="button"
-            variant="outline"
-            className="w-full border-border bg-card text-foreground"
-          >
-            使用微信登录
-          </Button>
-        </a>
-      </div>
-
-      {message ? <p className="mt-4 text-sm text-primary">{message}</p> : null}
-      {error ? <p className="mt-2 text-sm text-destructive">{error}</p> : null}
-    </div>
-  );
-}

apps/web/src/pages/oauth-callback-page.tsx

@@ -1,68 +0,0 @@
-import { useMemo } from "react";
-import { useNavigate, useSearchParams } from "react-router-dom";
-import { Button } from "@/components/ui/button";
-import { saveSession, type WebSession } from "@/services/session-storage";
-
-type OAuthCallbackPageProps = {
-  onBootstrapSession: (session: WebSession) => void;
-};
-
-export function OAuthCallbackPage({ onBootstrapSession }: OAuthCallbackPageProps) {
-  const [searchParams] = useSearchParams();
-  const navigate = useNavigate();
-
-  const parseResult = useMemo(() => {
-    const accessToken = searchParams.get("accessToken");
-    const refreshToken = searchParams.get("refreshToken");
-    const userId = searchParams.get("userId");
-    const email = searchParams.get("email");
-
-    if (!accessToken || !refreshToken || !userId || !email) {
-      return {
-        ok: false as const,
-        reason: "回调参数不完整，暂时无法建立会话。"
-      };
-    }
-
-    return {
-      ok: true as const,
-      session: {
-        accessToken,
-        refreshToken,
-        user: {
-          id: userId,
-          email
-        }
-      }
-    };
-  }, [searchParams]);
-
-  function handleContinue(): void {
-    if (!parseResult.ok) {
-      navigate("/login/email", { replace: true });
-      return;
-    }
-
-    saveSession(parseResult.session);
-    onBootstrapSession(parseResult.session);
-    navigate("/", { replace: true });
-  }
-
-  return (
-    <div className="mx-auto w-full max-w-md rounded-2xl border border-border bg-card/92 p-6 shadow-[0_24px_60px_-36px_hsl(var(--primary)/0.55)] backdrop-blur">
-      <div className="mb-4 flex items-center gap-3">
-        <img src="/favicon.png" alt="TodoList" className="h-10 w-10 rounded-xl shadow-sm" />
-        <h1 className="text-2xl font-semibold text-foreground">OAuth 回调处理中</h1>
-      </div>
-      <p className="mt-2 text-sm text-muted-foreground">
-        {parseResult.ok ? "已收到回调参数，点击继续进入工作台。" : parseResult.reason}
-      </p>
-      <Button
-        className="mt-6 w-full bg-gradient-to-r from-primary to-accent text-primary-foreground hover:opacity-95"
-        onClick={handleContinue}
-      >
-        {parseResult.ok ? "继续" : "返回邮箱登录"}
-      </Button>
-    </div>
-  );
-}

apps/web/src/pages/todo-shell-page.tsx

@@ -1,33 +0,0 @@
-import type { WebSession } from "@/services/session-storage";
-
-type TodoShellPageProps = {
-  session: WebSession | null;
-};
-
-export function TodoShellPage({ session }: TodoShellPageProps) {
-  return (
-    <div className="rounded-2xl border border-border bg-card/90 p-6 shadow-[0_24px_70px_-42px_hsl(var(--primary)/0.6)] backdrop-blur">
-      <h1 className="text-2xl font-semibold text-foreground">TodoList 工作台</h1>
-      <p className="mt-2 text-sm text-muted-foreground">
-        {session ? `当前登录邮箱：${session.user.email}` : "当前未建立登录会话，请先完成登录。"}
-      </p>
-      <div className="mt-6 grid gap-3 sm:grid-cols-3">
-        <div className="rounded-xl border border-border bg-muted/40 p-4">
-          <p className="text-xs text-muted-foreground">今日重点</p>
-          <p className="mt-2 text-lg font-semibold text-foreground">待接入</p>
-        </div>
-        <div className="rounded-xl border border-border bg-muted/40 p-4">
-          <p className="text-xs text-muted-foreground">临近截止</p>
-          <p className="mt-2 text-lg font-semibold text-foreground">待接入</p>
-        </div>
-        <div className="rounded-xl border border-border bg-muted/40 p-4">
-          <p className="text-xs text-muted-foreground">任务分析</p>
-          <p className="mt-2 text-lg font-semibold text-foreground">待接入</p>
-        </div>
-      </div>
-      <p className="mt-4 text-xs text-muted-foreground">
-        当前为界面阶段，统计卡片将在任务数据接入后显示真实结果。
-      </p>
-    </div>
-  );
-}

apps/web/src/services/auth-api.ts

@@ -1,98 +0,0 @@
-export type SendEmailCodeResult = {
-  success: boolean;
-  expiresInSeconds: number;
-};
-
-export type EmailLoginResult = {
-  accessToken: string;
-  tokenType: "Bearer";
-  expiresInSeconds: number;
-  refreshToken: string;
-  refreshExpiresInSeconds: number;
-  user: {
-    id: string;
-    email: string;
-  };
-};
-
-type RevokeRefreshTokenResult = {
-  success: boolean;
-};
-
-const DEFAULT_API_BASE_URL = "http://localhost:3000";
-
-function resolveApiBaseUrl(): string {
-  const envBaseUrl = import.meta.env.VITE_API_BASE_URL as string | undefined;
-  if (!envBaseUrl) {
-    return DEFAULT_API_BASE_URL;
-  }
-
-  return envBaseUrl.replace(/\/+$/, "");
-}
-
-async function parseErrorMessage(response: Response): Promise<string> {
-  try {
-    const body = (await response.json()) as { message?: string | string[] };
-    if (Array.isArray(body.message)) {
-      return body.message.join("，");
-    }
-    if (typeof body.message === "string" && body.message.trim()) {
-      return body.message;
-    }
-  } catch {
-    return `请求失败（${response.status}）`;
-  }
-
-  return `请求失败（${response.status}）`;
-}
-
-export async function sendEmailCode(email: string): Promise<SendEmailCodeResult> {
-  const response = await fetch(`${resolveApiBaseUrl()}/auth/email/send-code`, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify({ email })
-  });
-
-  if (!response.ok) {
-    throw new Error(await parseErrorMessage(response));
-  }
-
-  const body = (await response.json()) as SendEmailCodeResult;
-  return body;
-}
-
-export async function loginWithEmailCode(email: string, code: string): Promise<EmailLoginResult> {
-  const response = await fetch(`${resolveApiBaseUrl()}/auth/email/login`, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify({ email, code })
-  });
-
-  if (!response.ok) {
-    throw new Error(await parseErrorMessage(response));
-  }
-
-  const body = (await response.json()) as EmailLoginResult;
-  return body;
-}
-
-export async function revokeRefreshToken(refreshToken: string): Promise<RevokeRefreshTokenResult> {
-  const response = await fetch(`${resolveApiBaseUrl()}/auth/token/revoke`, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify({ refreshToken })
-  });
-
-  if (!response.ok) {
-    throw new Error(await parseErrorMessage(response));
-  }
-
-  const body = (await response.json()) as RevokeRefreshTokenResult;
-  return body;
-}

apps/web/src/services/session-storage.ts

@@ -1,67 +0,0 @@
-import type { EmailLoginResult } from "@/services/auth-api";
-
-const SESSION_STORAGE_KEY = "todolist.web.session";
-
-export type WebSession = {
-  accessToken: string;
-  refreshToken: string;
-  user: {
-    id: string;
-    email: string;
-  };
-};
-
-function isValidSession(payload: unknown): payload is WebSession {
-  if (!payload || typeof payload !== "object") {
-    return false;
-  }
-
-  const data = payload as {
-    accessToken?: unknown;
-    refreshToken?: unknown;
-    user?: {
-      id?: unknown;
-      email?: unknown;
-    };
-  };
-
-  return (
-    typeof data.accessToken === "string" &&
-    typeof data.refreshToken === "string" &&
-    typeof data.user?.id === "string" &&
-    typeof data.user?.email === "string"
-  );
-}
-
-export function loadSession(): WebSession | null {
-  const raw = window.localStorage.getItem(SESSION_STORAGE_KEY);
-  if (!raw) {
-    return null;
-  }
-
-  try {
-    const parsed = JSON.parse(raw) as unknown;
-    if (!isValidSession(parsed)) {
-      return null;
-    }
-    return parsed;
-  } catch {
-    return null;
-  }
-}
-
-export function saveSession(payload: EmailLoginResult | WebSession): void {
-  const session: WebSession = {
-    accessToken: payload.accessToken,
-    refreshToken: payload.refreshToken,
-    user: {
-      id: payload.user.id,
-      email: payload.user.email
-    }
-  };
-  window.localStorage.setItem(SESSION_STORAGE_KEY, JSON.stringify(session));
-}
-
-export function clearSession(): void {
-  window.localStorage.removeItem(SESSION_STORAGE_KEY);
-}

apps/web/src/services/theme-storage.ts

@@ -1,29 +0,0 @@
-const THEME_STORAGE_KEY = "todolist.web.theme";
-
-export type ThemeMode = "light" | "dark";
-
-function isThemeMode(value: string | null): value is ThemeMode {
-  return value === "light" || value === "dark";
-}
-
-export function loadThemeMode(): ThemeMode {
-  const savedTheme = window.localStorage.getItem(THEME_STORAGE_KEY);
-  if (isThemeMode(savedTheme)) {
-    return savedTheme;
-  }
-
-  if (window.matchMedia("(prefers-color-scheme: dark)").matches) {
-    return "dark";
-  }
-
-  return "light";
-}
-
-export function saveThemeMode(mode: ThemeMode): void {
-  window.localStorage.setItem(THEME_STORAGE_KEY, mode);
-}
-
-export function applyThemeMode(mode: ThemeMode): void {
-  document.documentElement.classList.toggle("dark", mode === "dark");
-  document.documentElement.style.colorScheme = mode;
-}

apps/web/tailwind.config.js

@@ -1,43 +0,0 @@
-/** @type {import('tailwindcss').Config} */
-export default {
-  darkMode: "class",
-  content: ["./index.html", "./src/**/*.{ts,tsx}"],
-  theme: {
-    extend: {
-      colors: {
-        border: "hsl(var(--border) / <alpha-value>)",
-        input: "hsl(var(--input) / <alpha-value>)",
-        ring: "hsl(var(--ring) / <alpha-value>)",
-        background: "hsl(var(--background) / <alpha-value>)",
-        foreground: "hsl(var(--foreground) / <alpha-value>)",
-        primary: {
-          DEFAULT: "hsl(var(--primary) / <alpha-value>)",
-          foreground: "hsl(var(--primary-foreground) / <alpha-value>)"
-        },
-        secondary: {
-          DEFAULT: "hsl(var(--secondary) / <alpha-value>)",
-          foreground: "hsl(var(--secondary-foreground) / <alpha-value>)"
-        },
-        muted: {
-          DEFAULT: "hsl(var(--muted) / <alpha-value>)",
-          foreground: "hsl(var(--muted-foreground) / <alpha-value>)"
-        },
-        accent: {
-          DEFAULT: "hsl(var(--accent) / <alpha-value>)",
-          foreground: "hsl(var(--accent-foreground) / <alpha-value>)"
-        },
-        destructive: {
-          DEFAULT: "hsl(var(--destructive) / <alpha-value>)",
-          foreground: "hsl(var(--destructive-foreground) / <alpha-value>)"
-        },
-        card: "hsl(var(--card) / <alpha-value>)"
-      },
-      borderRadius: {
-        lg: "var(--radius)",
-        md: "calc(var(--radius) - 2px)",
-        sm: "calc(var(--radius) - 4px)"
-      }
-    }
-  },
-  plugins: []
-};

apps/web/tsconfig.app.json

@@ -1,32 +0,0 @@
-{
-  "compilerOptions": {
-    "tsBuildInfoFile": "./node_modules/.tmp/tsconfig.app.tsbuildinfo",
-    "target": "ES2023",
-    "useDefineForClassFields": true,
-    "lib": ["ES2023", "DOM", "DOM.Iterable"],
-    "module": "ESNext",
-    "types": ["vite/client"],
-    "skipLibCheck": true,
-
-    /* Bundler mode */
-    "moduleResolution": "bundler",
-    "baseUrl": ".",
-    "paths": {
-      "@/*": ["./src/*"]
-    },
-    "allowImportingTsExtensions": true,
-    "verbatimModuleSyntax": true,
-    "moduleDetection": "force",
-    "noEmit": true,
-    "jsx": "react-jsx",
-
-    /* Linting */
-    "strict": true,
-    "noUnusedLocals": true,
-    "noUnusedParameters": true,
-    "erasableSyntaxOnly": true,
-    "noFallthroughCasesInSwitch": true,
-    "noUncheckedSideEffectImports": true
-  },
-  "include": ["src"]
-}

apps/web/tsconfig.json

@@ -1,10 +0,0 @@
-{
-  "compilerOptions": {
-    "baseUrl": ".",
-    "paths": {
-      "@/*": ["./src/*"]
-    }
-  },
-  "files": [],
-  "references": [{ "path": "./tsconfig.app.json" }, { "path": "./tsconfig.node.json" }]
-}

apps/web/tsconfig.node.json

@@ -1,26 +0,0 @@
-{
-  "compilerOptions": {
-    "tsBuildInfoFile": "./node_modules/.tmp/tsconfig.node.tsbuildinfo",
-    "target": "ES2023",
-    "lib": ["ES2023"],
-    "module": "ESNext",
-    "types": ["node"],
-    "skipLibCheck": true,
-
-    /* Bundler mode */
-    "moduleResolution": "bundler",
-    "allowImportingTsExtensions": true,
-    "verbatimModuleSyntax": true,
-    "moduleDetection": "force",
-    "noEmit": true,
-
-    /* Linting */
-    "strict": true,
-    "noUnusedLocals": true,
-    "noUnusedParameters": true,
-    "erasableSyntaxOnly": true,
-    "noFallthroughCasesInSwitch": true,
-    "noUncheckedSideEffectImports": true
-  },
-  "include": ["vite.config.ts"]
-}

apps/web/vite.config.ts

@@ -1,13 +0,0 @@
-import path from "node:path";
-import { defineConfig } from "vite";
-import react from "@vitejs/plugin-react";
-
-// https://vite.dev/config/
-export default defineConfig({
-  plugins: [react()],
-  resolve: {
-    alias: {
-      "@": path.resolve(__dirname, "./src")
-    }
-  }
-});