yaosanqi137/TodoList
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: yaosanqi137/TodoList:revert-11-feature/p3-ai-routing
Branches Tags
yaosanqi137/TodoList:develop yaosanqi137/TodoList:main yaosanqi137/TodoList:revert-11-feature/p3-ai-routing yaosanqi137/TodoList:feature/p3-ai-routing yaosanqi137/TodoList:feature/p2-sync-engine yaosanqi137/TodoList:feature/p2-web-shell-auth yaosanqi137/TodoList:feature/p1-db-schema-prisma yaosanqi137/TodoList:feature/p1-code-quality-hooks yaosanqi137/TodoList:feature/p1-repo-bootstrap
..
pull from: yaosanqi137/TodoList:develop
Branches Tags
yaosanqi137/TodoList:develop yaosanqi137/TodoList:main yaosanqi137/TodoList:revert-11-feature/p3-ai-routing yaosanqi137/TodoList:feature/p3-ai-routing yaosanqi137/TodoList:feature/p2-sync-engine yaosanqi137/TodoList:feature/p2-web-shell-auth yaosanqi137/TodoList:feature/p1-db-schema-prisma yaosanqi137/TodoList:feature/p1-code-quality-hooks yaosanqi137/TodoList:feature/p1-repo-bootstrap

3 Commits
revert-11-feature/p3-ai-routing .. develop

Author SHA1 Message Date
yaosanqi137 f177c22174 ci: 修改.github为.gitea 2026-05-16 01:04:01 +08:00
Yaosanqi137 6d88ab4afd Merge pull request #14 from Yaosanqi137/feature/p3-ai-routing 
Feature/p3 ai routing
 2026-04-08 00:53:06 +08:00
Yaosanqi137 b6f99b6f09 Merge pull request #10 from Yaosanqi137/feature/p2-sync-engine 
feat(sync): 完成离线同步链路并优化任务编辑体验
 2026-04-06 02:14:01 +08:00
141 changed files with 30212 additions and 18 deletions
Expand all files Collapse all files
.gitea/workflows/api-docker-image.yml
+66
View File
@@ -0,0 +1,66 @@
name: API Docker Image
on:
pull_request:
branches: [main, develop]
paths:
- "apps/api/**"
- ".github/workflows/api-docker-image.yml"
push:
branches: [main]
paths:
- "apps/api/**"
- ".github/workflows/api-docker-image.yml"
workflow_dispatch:
concurrency:
group: api-docker-${{ github.ref }}
cancel-in-progress: true
jobs:
build-and-publish:
name: Build API Docker Image
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Check Dockerfile
id: dockerfile
run: |
if [ -f apps/api/Dockerfile ]; then
echo "exists=true" >> "$GITHUB_OUTPUT"
else
echo "exists=false" >> "$GITHUB_OUTPUT"
fi
- name: Setup Docker Buildx
if: steps.dockerfile.outputs.exists == 'true'
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
if: steps.dockerfile.outputs.exists == 'true' && github.event_name == 'push' && github.ref == 'refs/heads/main'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build (PR/manual) or Build and Push (main)
if: steps.dockerfile.outputs.exists == 'true'
uses: docker/build-push-action@v6
with:
context: ./apps/api
file: ./apps/api/Dockerfile
push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
tags: |
ghcr.io/${{ github.repository }}/api:${{ github.sha }}
ghcr.io/${{ github.repository }}/api:latest
- name: Skip notice
if: steps.dockerfile.outputs.exists != 'true'
run: echo "apps/api/Dockerfile not found, skip docker build."
.gitea/workflows/deploy-admin.yml
+59
View File
@@ -0,0 +1,59 @@
name: Deploy Admin
on:
push:
branches: [main]
paths:
- "apps/admin/**"
- "packages/shared-types/**"
- "packages/ui/**"
- ".github/workflows/deploy-admin.yml"
workflow_dispatch:
concurrency:
group: deploy-admin-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
name: Build Admin
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup pnpm
uses: pnpm/action-setup@v4
with:
version: 9.15.2
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 20
cache: pnpm
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Build workspace
run: pnpm run build
deploy:
name: Deploy Admin (Template)
runs-on: ubuntu-latest
needs: build
steps:
- name: Trigger deployment webhook
env:
ADMIN_DEPLOY_WEBHOOK_URL: ${{ secrets.ADMIN_DEPLOY_WEBHOOK_URL }}
run: |
if [ -z "$ADMIN_DEPLOY_WEBHOOK_URL" ]; then
echo "ADMIN_DEPLOY_WEBHOOK_URL is not configured. Skipping deploy."
exit 0
fi
curl -X POST "$ADMIN_DEPLOY_WEBHOOK_URL"
echo "Admin deployment webhook triggered."
.gitea/workflows/deploy-web.yml
+59
View File
@@ -0,0 +1,59 @@
name: Deploy Web
on:
push:
branches: [main]
paths:
- "apps/web/**"
- "packages/shared-types/**"
- "packages/ui/**"
- ".github/workflows/deploy-web.yml"
workflow_dispatch:
concurrency:
group: deploy-web-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
name: Build Web
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup pnpm
uses: pnpm/action-setup@v4
with:
version: 9.15.2
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 20
cache: pnpm
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Build workspace
run: pnpm run build
deploy:
name: Deploy Web (Template)
runs-on: ubuntu-latest
needs: build
steps:
- name: Trigger deployment webhook
env:
WEB_DEPLOY_WEBHOOK_URL: ${{ secrets.WEB_DEPLOY_WEBHOOK_URL }}
run: |
if [ -z "$WEB_DEPLOY_WEBHOOK_URL" ]; then
echo "WEB_DEPLOY_WEBHOOK_URL is not configured. Skipping deploy."
exit 0
fi
curl -X POST "$WEB_DEPLOY_WEBHOOK_URL"
echo "Web deployment webhook triggered."
.gitea/workflows/pr-quality.yml
+46
View File
@@ -0,0 +1,46 @@
name: PR Quality
on:
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
branches: [main, develop]
concurrency:
group: pr-quality-${{ github.ref }}
cancel-in-progress: true
jobs:
quality:
name: Lint, Typecheck, Test, Build
runs-on: ubuntu-latest
if: github.event.pull_request.draft == false
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup pnpm
uses: pnpm/action-setup@v4
with:
version: 9.15.2
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 20
cache: pnpm
- name: Install dependencies
run: pnpm install --frozen-lockfile
- name: Lint
run: pnpm run lint
- name: Typecheck
run: pnpm run typecheck
- name: Test
run: pnpm run test
- name: Build
run: pnpm run build
.gitignore
+5 -1
View File
@@ -1,2 +1,6 @@
develop.md develop.md
.idea/ node_modules/
.turbo/
.idea/
.eslintcache
/.husky/_
.husky/pre-commit
Executable
+1
View File
@@ -0,0 +1 @@
pnpm lint:staged
.husky/pre-push
Executable
+2
View File
@@ -0,0 +1,2 @@
pnpm typecheck
pnpm test
.lintstagedrc.cjs
+4
View File
@@ -0,0 +1,4 @@
module.exports = {
"*.{js,mjs,cjs,ts,tsx}": ["eslint --fix", "prettier --write"],
"*.{json,md,yml,yaml}": ["prettier --write"]
};
.prettierignore
+7
View File
@@ -0,0 +1,7 @@
node_modules
.turbo
.idea
dist
build
coverage
*.png
.prettierrc.json
+6
View File
@@ -0,0 +1,6 @@
{
"semi": true,
"singleQuote": false,
"trailingComma": "none",
"printWidth": 100
}
CONTRIBUTING.md
+69
View File
@@ -0,0 +1,69 @@
# 贡献指南(Contributing
本文档定义 TodoList 仓库的协作规范,所有贡献者提交代码前请先阅读。
## 1. 分支模型
- 长期分支:
- `main`:生产稳定分支
- `develop`:开发集成分支
- 功能分支:
- 命名:`feature/<phase>-<name>`
- 示例:`feature/p1-code-quality-hooks`
- 其他分支:
- `release/<version>`
- `hotfix/<issue-id>-<short-desc>`
## 2. 提交流程
1. 从目标基线分支切出功能分支。
2. 每完成一个小功能,提交一个最小 commit。
3. 完成后推送分支并创建 PR。
4. 通过 Code Review 后再合并到目标分支。
## 3. Commit 规范
- 使用 Conventional Commits
- `feat(scope): ...`
- `fix(scope): ...`
- `chore(scope): ...`
- `docs(scope): ...`
- `test(scope): ...`
- `ci(scope): ...`
- 要求:
- commit 粒度最小化,不要把多个不相关改动塞进一个提交。
- commit 必须可回滚、可解释。
- 默认使用 GPG 签名提交:`git commit -S`
## 4. PR 规范
- PR 标题简明描述变更目标。
- PR 描述至少包含:
- 变更概述
- 具体改动
- 测试结果
- 风险评估
- 回滚方案
- 一个 PR 只解决一类问题,避免“超大 PR”。
## 5. 代码质量检查
提交前建议至少执行:
```bash
pnpm install
pnpm run lint
pnpm run typecheck
pnpm run test
```
说明:
- `pre-commit` 会自动执行 `lint-staged`
- `pre-push` 会自动执行 `typecheck + test`
## 6. 变更边界要求
- 不要提交无关文件(例如本地 IDE 缓存、临时导出文件)。
- 不要随意修改与当前任务无关的历史代码。
- 如发现仓库出现非本人预期改动,先暂停并和维护者确认。
README.md
+108 -17
View File
@@ -71,23 +71,23 @@
> 状态说明:`[x]` 已完成,`[ ]` 进行中/未开始(请随开发进度更新) > 状态说明:`[x]` 已完成,`[ ]` 进行中/未开始(请随开发进度更新)
| 顺序 | 功能实现项(用户视角) | 你会看到的效果 | 状态 | | 顺序 | 功能实现项(用户视角) | 你会看到的效果 | 状态 |
|---|---|---|---| | ---- | ---------------------------------- | --------------------------------------- | ---- |
| 1 | 明确产品能力与交互流程 | 确认 TodoList 的核心使用方式与页面路径 | [x] | | 1 | 明确产品能力与交互流程 | 确认 TodoList 的核心使用方式与页面路径 | [x] |
| 2 | 实现基础登录(邮箱验证码) | 可以注册/登录并进入主页面 | [ ] | | 2 | 实现基础登录(邮箱验证码) | 可以注册/登录并进入主页面 | [x] |
| 3 | 实现任务基础能力(增删改查) | 可以创建、编辑、删除、完成任务 | [ ] | | 3 | 实现任务基础能力(增删改查) | 可以创建、编辑、删除、完成任务 | [x] |
| 4 | 实现富文本与媒体内容 | 任务详情可插入图片、视频、链接等内容 | [ ] | | 4 | 实现富文本与媒体内容 | 任务详情可插入图片、视频、链接等内容 | [x] |
| 5 | 实现本地离线存储(Dexie) | 无网时仍可打开并编辑任务 | [ ] | | 5 | 实现本地离线存储(Dexie | 无网时仍可打开并编辑任务 | [ ] |
| 6 | 实现云端同步与冲突处理 | 恢复网络后自动同步,冲突按规则合并 | [ ] | | 6 | 实现云端同步与冲突处理 | 恢复网络后自动同步,冲突按规则合并 | [ ] |
| 7 | 实现提醒系统(邮件) | DDL 临近时收到邮件提醒 | [ ] | | 7 | 实现提醒系统(邮件) | DDL 临近时收到邮件提醒 | [ ] |
| 8 | 实现 AI 问答(用户自带 Key) | 可直接用自己的 AI API Key 获取建议 | [ ] | | 8 | 实现 AI 问答(用户自带 Key) | 可直接用自己的 AI API Key 获取建议 | [ ] |
| 9 | 实现 Astrbot Provider 接入 | 可复用 Astrbot 内配置的 AI 提供商 | [ ] | | 9 | 实现 Astrbot Provider 接入 | 可复用 Astrbot 内配置的 AI 提供商 | [ ] |
| 10 | 实现公共 AI 通道(可开关) | 管理员开启后,用户可直接使用站点公共 AI | [ ] | | 10 | 实现公共 AI 通道(可开关) | 管理员开启后,用户可直接使用站点公共 AI | [ ] |
| 11 | 实现 Astrbot Skill 对接 | 可通过 QQ 机器人添加/修改任务与获取建议 | [ ] | | 11 | 实现 Astrbot Skill 对接 | 可通过 QQ 机器人添加/修改任务与获取建议 | [ ] |
| 12 | 实现完整账号安全(2FA + OAuth | 支持 2FA、QQ/微信/GitHub 登录 | [ ] | | 12 | 实现完整账号安全(2FA + OAuth) | 支持 2FA、QQ/微信/GitHub 登录 | [ ] |
| 13 | 实现 PWA 安装与离线体验优化 | 支持“添加到桌面”,像本地 App 一样使用 | [ ] | | 13 | 实现 PWA 安装与离线体验优化 | 支持“添加到桌面”,像本地 App 一样使用 | [ ] |
| 14 | 实现管理后台(配额/日志/系统配置) | 管理员可管理用户配额、站点信息、日志 | [ ] | | 14 | 实现管理后台(配额/日志/系统配置) | 管理员可管理用户配额、站点信息、日志 | [ ] |
| 15 | 上线前安全与性能收尾 | 使用更稳定、更安全,核心链路可观测 | [ ] | | 15 | 上线前安全与性能收尾 | 使用更稳定、更安全,核心链路可观测 | [ ] |
--- ---
@@ -151,6 +151,97 @@ TodoList/
--- ---
## 部署与使用
### 1. 环境要求
- Node.js `20.x`
- pnpm `9.15.2`
- PostgreSQL `14+`(本地或远程都可)
- 可选:MinIO / S3(附件上传功能使用)
### 2. 安装依赖
```bash
pnpm install
```
### 3. 后端环境变量配置
1. 复制环境变量示例文件:
```bash
cp apps/api/.env.example apps/api/.env
# PowerShell:
# Copy-Item apps/api/.env.example apps/api/.env
```
2. 至少修改以下配置:
- `DATABASE_URL`:你的 PostgreSQL 连接串
- `AUTH_ACCESS_SECRET`:生产环境请改为高强度随机值
- `MAIL_SMTP_*`:邮件服务器配置(验证码/提醒邮件)
- `OAUTH_*`:第三方登录配置(未接入可先保留示例值)
- `S3_*`:对象存储配置(未启用附件可后续再配)
### 4. 初始化数据库
```bash
pnpm --filter @todolist/api exec prisma db push
```
### 5. 本地开发启动
1. 启动后端(默认端口 `3000`):
```bash
pnpm --filter @todolist/api start:dev
```
2. 启动前端(默认端口 `5173`):
```bash
pnpm --filter web dev
```
3. 若前端需连接非默认后端地址,可设置:
```bash
VITE_API_BASE_URL=http://localhost:3000
```
### 6. 生产构建与运行
1. 构建:
```bash
pnpm run build
```
2. 运行 API(需先构建):
```bash
pnpm --filter @todolist/api start
```
3. 发布 Web
- `apps/web/dist` 为静态资源产物,建议使用 Nginx/静态托管服务发布。
### 7. CI/CD 说明(当前仓库)
- PR 质量检查:`.github/workflows/pr-quality.yml`
- Web 部署模板:`.github/workflows/deploy-web.yml`
- Admin 部署模板:`.github/workflows/deploy-admin.yml`
- API 镜像构建:`.github/workflows/api-docker-image.yml`
说明:
- Web/Admin 工作流通过 Webhook 触发真实部署,需在仓库 Secrets 配置:
- `WEB_DEPLOY_WEBHOOK_URL`
- `ADMIN_DEPLOY_WEBHOOK_URL`
- API 镜像工作流仅在存在 `apps/api/Dockerfile` 时执行镜像构建与推送。
## License ## License
本项目遵循 [GNUv3](./LICENSE)。 本项目遵循 [GNUv3](./LICENSE)。
apps/admin/.gitkeep
View File
apps/api/.env.example
+73
View File
@@ -0,0 +1,73 @@
# -----------------------------------------------------------------------------
# TodoList API 环境变量示例
# 用法:
# 1) 复制为 apps/api/.env
# 2) 按实际环境替换值(尤其是密钥、密码、令牌)
# -----------------------------------------------------------------------------
# [数据库] PostgreSQL 连接串
# 格式:postgresql://<user>:<password>@<host>:<port>/<db>?schema=public
DATABASE_URL="postgresql://postgres:postgres@localhost:5432/todolist?schema=public"
# [鉴权] Access Token 签名密钥(生产环境必须使用高强度随机值)
AUTH_ACCESS_SECRET="dev-access-secret"
# [鉴权] Access Token 有效期(秒),默认 15 分钟
AUTH_ACCESS_EXPIRES_IN_SECONDS="900"
# [鉴权] Refresh Token 有效期(秒),默认 30 天
AUTH_REFRESH_EXPIRES_IN_SECONDS="2592000"
# [鉴权] 邮箱验证码有效期(秒),默认 5 分钟
AUTH_EMAIL_CODE_TTL_SECONDS="300"
# [2FA] TOTP 签发方名称(会显示在验证器 App 中)
AUTH_TOTP_ISSUER="TodoList"
# [OAuth - GitHub] 第三方登录配置
OAUTH_GITHUB_CLIENT_ID="github-client-id"
OAUTH_GITHUB_CLIENT_SECRET="github-client-secret"
OAUTH_GITHUB_CALLBACK_URL="http://localhost:3000/auth/oauth/github/callback"
# [OAuth - QQ] 第三方登录配置
OAUTH_QQ_CLIENT_ID="qq-client-id"
OAUTH_QQ_CLIENT_SECRET="qq-client-secret"
OAUTH_QQ_CALLBACK_URL="http://localhost:3000/auth/oauth/qq/callback"
OAUTH_QQ_AUTH_URL="https://graph.qq.com/oauth2.0/authorize"
OAUTH_QQ_TOKEN_URL="https://graph.qq.com/oauth2.0/token"
# [OAuth - 微信] 第三方登录配置
OAUTH_WECHAT_CLIENT_ID="wechat-client-id"
OAUTH_WECHAT_CLIENT_SECRET="wechat-client-secret"
OAUTH_WECHAT_CALLBACK_URL="http://localhost:3000/auth/oauth/wechat/callback"
OAUTH_WECHAT_AUTH_URL="https://open.weixin.qq.com/connect/qrconnect"
OAUTH_WECHAT_TOKEN_URL="https://api.weixin.qq.com/sns/oauth2/access_token"
# [对象存储] S3/MinIO 配置(附件上传)
# 本地开发可使用 MinIO,生产可切换到云厂商 S3 兼容服务
S3_ENDPOINT="http://127.0.0.1:9000"
S3_REGION="us-east-1"
S3_BUCKET="todolist"
S3_ACCESS_KEY_ID="minioadmin"
S3_SECRET_ACCESS_KEY="minioadmin"
# MinIO 常用 trueAWS S3 常用 false
S3_FORCE_PATH_STYLE="true"
# 预签名上传 URL 的有效期(秒)
S3_PRESIGN_EXPIRES_SECONDS="900"
# 对外访问附件的基础地址(用于拼接公开 URL)
S3_PUBLIC_BASE_URL="http://127.0.0.1:9000"
# [邮件] SMTP 配置(验证码/DDL 提醒邮件)
MAIL_SMTP_HOST="smtp.example.com"
MAIL_SMTP_PORT="465"
# 465 通常为 trueSSL),587 通常为 falseSTARTTLS
MAIL_SMTP_SECURE="true"
MAIL_SMTP_USER="no-reply@example.com"
MAIL_SMTP_PASS="replace-with-smtp-password"
# 发件人显示名称与地址
MAIL_FROM_NAME="TodoList"
MAIL_FROM_ADDRESS="no-reply@example.com"
# [数据加密] 服务端敏感数据加密主密钥
# 用于加密 AI 配置、任务内容、同步 payload、附件元数据等数据库字段
# 请使用高强度随机字符串,生产环境务必单独保管
DATA_ENCRYPTION_SECRET="replace-with-a-long-random-secret"
# [对象存储加密] 服务端对象加密策略,默认使用 AES256;如需关闭可填写 NONE
S3_SERVER_SIDE_ENCRYPTION="AES256"
apps/api/.gitignore
+8
View File
@@ -0,0 +1,8 @@
node_modules
# 环境变量文件不纳入版本控制
.env
/generated/prisma
dist
prisma.config.js
prisma.config.js.map
apps/api/jest.config.cjs
+11
View File
@@ -0,0 +1,11 @@
/** @type {import('jest').Config} */
module.exports = {
rootDir: ".",
testEnvironment: "node",
clearMocks: true,
testMatch: ["<rootDir>/test/**/*.spec.ts"],
moduleFileExtensions: ["ts", "js", "json"],
transform: {
"^.+\\.(t|j)s$": ["ts-jest", { tsconfig: "<rootDir>/tsconfig.spec.json" }]
}
};
apps/api/package.json
+61
View File
@@ -0,0 +1,61 @@
{
"name": "@todolist/api",
"version": "0.1.0",
"description": "TodoList API service",
"scripts": {
"prisma:generate": "node -e \"require('node:fs').rmSync('generated/prisma', { recursive: true, force: true })\" && prisma generate",
"prisma:format": "prisma format",
"prisma:validate": "prisma validate",
"prebuild": "pnpm run prisma:generate",
"pretypecheck": "pnpm run prisma:generate",
"pretest": "pnpm run prisma:generate",
"data:reencrypt": "node -e \"require('node:fs').rmSync('.tmp-compile', { recursive: true, force: true })\" && tsc -p tsconfig.json --outDir .tmp-compile --noEmit false && node .tmp-compile/scripts/reencrypt-sensitive-data.js && node -e \"require('node:fs').rmSync('.tmp-compile', { recursive: true, force: true })\"",
"start": "node dist/main.js",
"start:dev": "ts-node-dev --respawn --transpile-only src/main.ts",
"build": "tsc -p tsconfig.build.json",
"typecheck": "tsc --noEmit -p tsconfig.json",
"test": "jest --config jest.config.cjs --runInBand"
},
"license": "GPL-3.0-or-later",
"devDependencies": {
"@nestjs/testing": "^11.1.18",
"@types/jest": "^30.0.0",
"@types/node": "^25.5.2",
"@types/nodemailer": "^8.0.0",
"@types/passport-github2": "^1.2.9",
"@types/passport-oauth2": "^1.8.0",
"@types/supertest": "^7.2.0",
"dotenv": "^16.6.1",
"jest": "^30.3.0",
"prisma": "^7.6.0",
"supertest": "^7.2.2",
"ts-jest": "^29.4.9",
"ts-node": "^10.9.2",
"ts-node-dev": "^2.0.0",
"typescript": "^5.9.3"
},
"private": true,
"dependencies": {
"@aws-sdk/client-s3": "^3.1024.0",
"@aws-sdk/s3-request-presigner": "^3.1024.0",
"@nestjs/common": "^11.1.18",
"@nestjs/config": "^4.0.3",
"@nestjs/core": "^11.1.18",
"@nestjs/jwt": "^11.0.2",
"@nestjs/passport": "^11.0.5",
"@nestjs/platform-express": "^11.1.18",
"@otplib/preset-default": "^12.0.1",
"@prisma/adapter-pg": "^7.6.0",
"@prisma/client": "^7.6.0",
"class-transformer": "^0.5.1",
"class-validator": "^0.15.1",
"nodemailer": "^8.0.4",
"otplib": "^13.4.0",
"passport": "^0.7.0",
"passport-github2": "^0.1.12",
"passport-oauth2": "^1.8.0",
"pg": "^8.20.0",
"reflect-metadata": "^0.2.2",
"rxjs": "^7.8.2"
}
}
apps/api/prisma.config.ts
+13
View File
@@ -0,0 +1,13 @@
// Prisma CLI 配置(TodoList
import "dotenv/config";
import { defineConfig } from "prisma/config";
export default defineConfig({
schema: "prisma/schema.prisma",
migrations: {
path: "prisma/migrations"
},
datasource: {
url: process.env["DATABASE_URL"]
}
});
apps/api/prisma/schema.prisma
+408
View File
@@ -0,0 +1,408 @@
// Prisma 数据模型定义(TodoList
generator client {
provider = "prisma-client"
output = "../generated/prisma"
}
datasource db {
provider = "postgresql"
}
enum UserStatus {
ACTIVE
DISABLED
BANNED
}
enum AuthProvider {
EMAIL
GITHUB
QQ
WECHAT
}
enum TaskPriority {
LOW
MEDIUM
HIGH
URGENT
}
enum TaskStatus {
TODO
IN_PROGRESS
DONE
ARCHIVED
}
enum AttachmentType {
IMAGE
VIDEO
FILE
LINK
}
enum AiChannel {
USER_KEY
ASTRBOT
PUBLIC_POOL
}
enum NotificationChannel {
EMAIL
WEB_PUSH
}
enum NotificationStatus {
PENDING
SENT
FAILED
CANCELED
}
model User {
id String @id @default(cuid())
email String
emailHash String? @unique
nickname String?
avatarUrl String?
status UserStatus @default(ACTIVE)
defaultStorageQuotaMb Int @default(100)
usedStorageBytes BigInt @default(0)
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
identities AuthIdentity[]
refreshTokens RefreshToken[]
security UserSecurity?
tasks Task[]
tags Tag[]
attachments Attachment[]
taskActivityLogs TaskActivityLog[]
syncOperations SyncOperation[]
syncCursors SyncCursor[]
taskTombstones TaskTombstone[]
aiProviderBindings AiProviderBinding[]
aiUsageLogs AiUsageLog[]
notificationRules NotificationRule[]
notificationJobs NotificationJob[]
createdAdminTokens AdminToken[]
auditLogs AuditLog[]
@@map("users")
}
model AuthIdentity {
id String @id @default(cuid())
userId String
provider AuthProvider
providerUserId String
email String?
emailHash String?
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
@@unique([provider, providerUserId])
@@index([emailHash])
@@index([userId])
@@map("auth_identities")
}
model UserSecurity {
id String @id @default(cuid())
userId String @unique
twoFactorEnabled Boolean @default(false)
twoFactorSecret String?
recoveryCodes String[] @default([])
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
@@map("user_security")
}
model RefreshToken {
id String @id @default(cuid())
userId String
tokenHash String @unique
deviceId String?
expiresAt DateTime
revokedAt DateTime?
createdAt DateTime @default(now())
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
@@index([userId, expiresAt])
@@map("refresh_tokens")
}
model Task {
id String @id @default(cuid())
userId String
title String
contentJson Json?
contentText String?
priority TaskPriority @default(MEDIUM)
status TaskStatus @default(TODO)
ddl DateTime?
completedAt DateTime?
version Int @default(1)
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
taskTags TaskTag[]
attachments Attachment[]
activityLogs TaskActivityLog[]
notificationJobs NotificationJob[]
notificationRules NotificationRule[]
@@index([userId, status])
@@index([userId, ddl])
@@map("tasks")
}
model Tag {
id String @id @default(cuid())
userId String
name String
color String?
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
taskTags TaskTag[]
@@unique([userId, name])
@@index([userId])
@@map("tags")
}
model TaskTag {
taskId String
tagId String
createdAt DateTime @default(now())
task Task @relation(fields: [taskId], references: [id], onDelete: Cascade)
tag Tag @relation(fields: [tagId], references: [id], onDelete: Cascade)
@@id([taskId, tagId])
@@index([tagId])
@@map("task_tags")
}
model Attachment {
id String @id @default(cuid())
userId String
taskId String?
type AttachmentType
url String
mimeType String?
fileName String?
fileSize Int
width Int?
height Int?
durationMs Int?
checksum String?
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
task Task? @relation(fields: [taskId], references: [id], onDelete: SetNull)
@@index([userId])
@@index([taskId])
@@map("attachments")
}
model TaskActivityLog {
id String @id @default(cuid())
userId String
taskId String
action String
payload Json?
createdAt DateTime @default(now())
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
task Task @relation(fields: [taskId], references: [id], onDelete: Cascade)
@@index([taskId, createdAt])
@@index([userId, createdAt])
@@map("task_activity_logs")
}
model SyncOperation {
id String @id @default(cuid())
opId String @unique
userId String
deviceId String
entityType String
entityId String
action String
payload Json?
clientTs DateTime
serverTs DateTime @default(now())
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
@@index([userId, deviceId, serverTs])
@@index([userId, entityType, entityId])
@@map("sync_operations")
}
model SyncCursor {
id String @id @default(cuid())
userId String
deviceId String
lastPulledAt DateTime?
lastOperationServerTs DateTime?
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
@@unique([userId, deviceId])
@@map("sync_cursors")
}
model TaskTombstone {
id String @id @default(cuid())
taskId String @unique
userId String
deletedAt DateTime @default(now())
deleteOpId String?
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
@@index([userId, deletedAt])
@@map("task_tombstones")
}
model AiProviderBinding {
id String @id @default(cuid())
userId String
channel AiChannel
providerName String
model String?
configId String?
configName String?
encryptedApiKey String?
endpoint String?
isDefault Boolean @default(false)
isEnabled Boolean @default(true)
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
@@index([userId, isEnabled])
@@map("ai_provider_bindings")
}
model AiPublicPoolConfig {
id String @id @default(cuid())
enabled Boolean @default(false)
providerName String?
model String?
encryptedApiKey String?
endpoint String?
rpmLimit Int @default(60)
dailyTokenLimit Int @default(0)
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
@@map("ai_public_pool_config")
}
model AiUsageLog {
id String @id @default(cuid())
userId String?
channel AiChannel
providerName String?
model String?
promptTokens Int @default(0)
completionTokens Int @default(0)
totalTokens Int @default(0)
latencyMs Int?
success Boolean @default(true)
errorCode String?
createdAt DateTime @default(now())
user User? @relation(fields: [userId], references: [id], onDelete: SetNull)
@@index([userId, createdAt])
@@index([channel, createdAt])
@@map("ai_usage_logs")
}
model NotificationRule {
id String @id @default(cuid())
userId String
taskId String?
channel NotificationChannel @default(EMAIL)
advanceMinutes Int @default(60)
enabled Boolean @default(true)
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
task Task? @relation(fields: [taskId], references: [id], onDelete: SetNull)
jobs NotificationJob[]
@@index([userId, enabled])
@@index([taskId])
@@map("notification_rules")
}
model NotificationJob {
id String @id @default(cuid())
userId String
taskId String?
ruleId String?
channel NotificationChannel
scheduledAt DateTime
sentAt DateTime?
status NotificationStatus @default(PENDING)
retryCount Int @default(0)
errorMessage String?
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
task Task? @relation(fields: [taskId], references: [id], onDelete: SetNull)
rule NotificationRule? @relation(fields: [ruleId], references: [id], onDelete: SetNull)
@@index([status, scheduledAt])
@@index([userId, createdAt])
@@map("notification_jobs")
}
model SystemSetting {
id String @id @default(cuid())
key String @unique
value Json
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
@@map("system_settings")
}
model AdminToken {
id String @id @default(cuid())
tokenHash String @unique
name String
expiresAt DateTime
lastUsedAt DateTime?
revokedAt DateTime?
createdAt DateTime @default(now())
createdByUserId String?
createdByUser User? @relation(fields: [createdByUserId], references: [id], onDelete: SetNull)
@@index([expiresAt])
@@map("admin_tokens")
}
model AuditLog {
id String @id @default(cuid())
actorUserId String?
action String
targetType String
targetId String?
meta Json?
ip String?
userAgent String?
createdAt DateTime @default(now())
actorUser User? @relation(fields: [actorUserId], references: [id], onDelete: SetNull)
@@index([action, createdAt])
@@index([actorUserId, createdAt])
@@map("audit_logs")
}
apps/api/scripts/reencrypt-sensitive-data.ts
+418
View File
@@ -0,0 +1,418 @@
import "dotenv/config";
import { PrismaPg } from "@prisma/adapter-pg";
import { ConfigService } from "@nestjs/config";
import { Prisma, PrismaClient } from "../generated/prisma/client";
import { DataEncryptionService } from "../src/security/data-encryption.service";
type MigrationCounter = Record<
| "users"
| "authIdentities"
| "aiBindings"
| "publicPools"
| "aiUsageLogs"
| "tasks"
| "attachments"
| "syncOperations",
number
>;
function createEncryptionService(): DataEncryptionService {
const configService = {
get: (key: string) => process.env[key]
} as ConfigService;
return new DataEncryptionService(configService);
}
function encryptStringIfNeeded(
value: string | null,
dataEncryptionService: DataEncryptionService
): string | null | undefined {
if (value === null || dataEncryptionService.isEncryptedString(value)) {
return undefined;
}
return dataEncryptionService.encryptString(value) ?? null;
}
function assignRequiredEncryptedString<T extends Record<string, unknown>, K extends keyof T>(
target: T,
key: K,
value: string | null | undefined
): void {
if (typeof value === "string") {
target[key] = value as T[K];
}
}
function assignOptionalEncryptedString<T extends Record<string, unknown>, K extends keyof T>(
target: T,
key: K,
value: string | null | undefined
): void {
if (value !== undefined) {
target[key] = value as T[K];
}
}
function encryptJsonIfNeeded(
value: Prisma.JsonValue | null,
dataEncryptionService: DataEncryptionService
): Prisma.InputJsonValue | Prisma.NullableJsonNullValueInput | undefined {
if (value === null) {
return undefined;
}
if (typeof value === "string" && dataEncryptionService.isEncryptedString(value)) {
return undefined;
}
return (dataEncryptionService.encryptJson(value as Prisma.InputJsonValue) ?? Prisma.JsonNull) as
| Prisma.InputJsonValue
| Prisma.NullableJsonNullValueInput;
}
function resolvePlainString(
value: string | null,
dataEncryptionService: DataEncryptionService
): string | null {
if (value === null) {
return null;
}
return dataEncryptionService.isEncryptedString(value)
? (dataEncryptionService.decryptString(value) ?? null)
: value;
}
async function main(): Promise<void> {
if (!process.env["DATABASE_URL"]) {
throw new Error("缺少 DATABASE_URL,无法执行敏感数据迁移");
}
if (!process.env["DATA_ENCRYPTION_SECRET"]) {
throw new Error("缺少 DATA_ENCRYPTION_SECRET,无法执行敏感数据迁移");
}
const prisma = new PrismaClient({
adapter: new PrismaPg({
connectionString: process.env["DATABASE_URL"]
})
});
const dataEncryptionService = createEncryptionService();
const counter: MigrationCounter = {
users: 0,
authIdentities: 0,
aiBindings: 0,
publicPools: 0,
aiUsageLogs: 0,
tasks: 0,
attachments: 0,
syncOperations: 0
};
try {
const users = await prisma.user.findMany({
select: {
id: true,
email: true,
emailHash: true,
nickname: true,
avatarUrl: true
}
});
for (const user of users) {
const normalizedEmail = resolvePlainString(user.email, dataEncryptionService)?.toLowerCase();
if (!normalizedEmail) {
continue;
}
const nextEmailHash = dataEncryptionService.createLookupHash("user.email", normalizedEmail);
const data: Prisma.UserUpdateInput = {};
const email = encryptStringIfNeeded(user.email, dataEncryptionService);
const nickname = encryptStringIfNeeded(user.nickname, dataEncryptionService);
const avatarUrl = encryptStringIfNeeded(user.avatarUrl, dataEncryptionService);
assignRequiredEncryptedString(data, "email", email);
if (user.emailHash !== nextEmailHash) {
data.emailHash = nextEmailHash;
}
assignOptionalEncryptedString(data, "nickname", nickname);
assignOptionalEncryptedString(data, "avatarUrl", avatarUrl);
if (Object.keys(data).length === 0) {
continue;
}
await prisma.user.update({
where: {
id: user.id
},
data
});
counter.users += 1;
}
const authIdentities = await prisma.authIdentity.findMany({
select: {
id: true,
email: true,
emailHash: true
}
});
for (const authIdentity of authIdentities) {
const data: Prisma.AuthIdentityUpdateInput = {};
const email = encryptStringIfNeeded(authIdentity.email, dataEncryptionService);
const normalizedIdentityEmail = resolvePlainString(authIdentity.email, dataEncryptionService);
const nextEmailHash =
normalizedIdentityEmail === null
? null
: dataEncryptionService.createLookupHash(
"auth_identity.email",
normalizedIdentityEmail.toLowerCase()
);
assignOptionalEncryptedString(data, "email", email);
if (authIdentity.emailHash !== nextEmailHash) {
data.emailHash = nextEmailHash;
}
if (Object.keys(data).length === 0) {
continue;
}
await prisma.authIdentity.update({
where: {
id: authIdentity.id
},
data
});
counter.authIdentities += 1;
}
const aiBindings = await prisma.aiProviderBinding.findMany({
select: {
id: true,
providerName: true,
model: true,
configId: true,
configName: true,
endpoint: true,
encryptedApiKey: true
}
});
for (const binding of aiBindings) {
const data: Prisma.AiProviderBindingUpdateInput = {};
const providerName = encryptStringIfNeeded(binding.providerName, dataEncryptionService);
const model = encryptStringIfNeeded(binding.model, dataEncryptionService);
const configId = encryptStringIfNeeded(binding.configId, dataEncryptionService);
const configName = encryptStringIfNeeded(binding.configName, dataEncryptionService);
const endpoint = encryptStringIfNeeded(binding.endpoint, dataEncryptionService);
const encryptedApiKey = encryptStringIfNeeded(binding.encryptedApiKey, dataEncryptionService);
assignRequiredEncryptedString(data, "providerName", providerName);
assignOptionalEncryptedString(data, "model", model);
assignOptionalEncryptedString(data, "configId", configId);
assignOptionalEncryptedString(data, "configName", configName);
assignOptionalEncryptedString(data, "endpoint", endpoint);
assignOptionalEncryptedString(data, "encryptedApiKey", encryptedApiKey);
if (Object.keys(data).length === 0) {
continue;
}
await prisma.aiProviderBinding.update({
where: {
id: binding.id
},
data
});
counter.aiBindings += 1;
}
const publicPools = await prisma.aiPublicPoolConfig.findMany({
select: {
id: true,
providerName: true,
model: true,
endpoint: true,
encryptedApiKey: true
}
});
for (const publicPool of publicPools) {
const data: Prisma.AiPublicPoolConfigUpdateInput = {};
const providerName = encryptStringIfNeeded(publicPool.providerName, dataEncryptionService);
const model = encryptStringIfNeeded(publicPool.model, dataEncryptionService);
const endpoint = encryptStringIfNeeded(publicPool.endpoint, dataEncryptionService);
const encryptedApiKey = encryptStringIfNeeded(
publicPool.encryptedApiKey,
dataEncryptionService
);
assignOptionalEncryptedString(data, "providerName", providerName);
assignOptionalEncryptedString(data, "model", model);
assignOptionalEncryptedString(data, "endpoint", endpoint);
assignOptionalEncryptedString(data, "encryptedApiKey", encryptedApiKey);
if (Object.keys(data).length === 0) {
continue;
}
await prisma.aiPublicPoolConfig.update({
where: {
id: publicPool.id
},
data
});
counter.publicPools += 1;
}
const aiUsageLogs = await prisma.aiUsageLog.findMany({
select: {
id: true,
providerName: true,
model: true
}
});
for (const aiUsageLog of aiUsageLogs) {
const data: Prisma.AiUsageLogUpdateInput = {};
const providerName = encryptStringIfNeeded(aiUsageLog.providerName, dataEncryptionService);
const model = encryptStringIfNeeded(aiUsageLog.model, dataEncryptionService);
assignOptionalEncryptedString(data, "providerName", providerName);
assignOptionalEncryptedString(data, "model", model);
if (Object.keys(data).length === 0) {
continue;
}
await prisma.aiUsageLog.update({
where: {
id: aiUsageLog.id
},
data
});
counter.aiUsageLogs += 1;
}
const tasks = await prisma.task.findMany({
select: {
id: true,
title: true,
contentJson: true,
contentText: true
}
});
for (const task of tasks) {
const data: Prisma.TaskUpdateInput = {};
const title = encryptStringIfNeeded(task.title, dataEncryptionService);
const contentJson = encryptJsonIfNeeded(task.contentJson, dataEncryptionService);
const contentText = encryptStringIfNeeded(task.contentText, dataEncryptionService);
assignRequiredEncryptedString(data, "title", title);
if (contentJson !== undefined) {
data.contentJson = contentJson;
}
assignOptionalEncryptedString(data, "contentText", contentText);
if (Object.keys(data).length === 0) {
continue;
}
await prisma.task.update({
where: {
id: task.id
},
data
});
counter.tasks += 1;
}
const attachments = await prisma.attachment.findMany({
select: {
id: true,
url: true,
fileName: true,
checksum: true
}
});
for (const attachment of attachments) {
const data: Prisma.AttachmentUpdateInput = {};
const url = encryptStringIfNeeded(attachment.url, dataEncryptionService);
const fileName = encryptStringIfNeeded(attachment.fileName, dataEncryptionService);
const checksum = encryptStringIfNeeded(attachment.checksum, dataEncryptionService);
assignRequiredEncryptedString(data, "url", url);
assignOptionalEncryptedString(data, "fileName", fileName);
assignOptionalEncryptedString(data, "checksum", checksum);
if (Object.keys(data).length === 0) {
continue;
}
await prisma.attachment.update({
where: {
id: attachment.id
},
data
});
counter.attachments += 1;
}
const syncOperations = await prisma.syncOperation.findMany({
select: {
id: true,
payload: true
}
});
for (const operation of syncOperations) {
if (operation.payload === null) {
continue;
}
let nextPayload: string | null = null;
if (typeof operation.payload === "string") {
if (dataEncryptionService.isEncryptedString(operation.payload)) {
continue;
}
nextPayload = dataEncryptionService.encryptString(operation.payload) ?? null;
} else {
nextPayload =
dataEncryptionService.encryptString(JSON.stringify(operation.payload)) ?? null;
}
if (nextPayload === null) {
continue;
}
await prisma.syncOperation.update({
where: {
id: operation.id
},
data: {
payload: nextPayload
}
});
counter.syncOperations += 1;
}
console.log("敏感数据迁移完成");
console.log(JSON.stringify(counter, null, 2));
} finally {
await prisma.$disconnect();
}
}
void main().catch((error: unknown) => {
const message = error instanceof Error ? error.message : "未知错误";
console.error(`敏感数据迁移失败:${message}`);
process.exitCode = 1;
});
apps/api/src/ai/ai-provider-registry.service.ts
+28
View File
@@ -0,0 +1,28 @@
import { Injectable } from "@nestjs/common";
import { AiChannel } from "../../generated/prisma/client";
import { AstrbotProvider } from "./providers/astrbot.provider";
import { OpenAiCompatibleProvider } from "./providers/openai-compatible.provider";
import { AiChannelExecutor } from "./ai.types";
@Injectable()
export class AiProviderRegistryService {
private readonly executors = new Map<AiChannel, AiChannelExecutor>();
constructor(
openAiCompatibleProvider: OpenAiCompatibleProvider,
astrbotProvider: AstrbotProvider
) {
this.executors.set(AiChannel.USER_KEY, openAiCompatibleProvider);
this.executors.set(AiChannel.PUBLIC_POOL, openAiCompatibleProvider);
this.executors.set(AiChannel.ASTRBOT, astrbotProvider);
}
getExecutor(channel: AiChannel): AiChannelExecutor {
const executor = this.executors.get(channel);
if (!executor) {
throw new Error(`未找到 ${channel} 对应的 AI 通道执行器`);
}
return executor;
}
}
apps/api/src/ai/ai-rate-limit.service.ts
+123
View File
@@ -0,0 +1,123 @@
import { Injectable } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
type AiRateLimitBucket = {
count: number;
resetAt: number;
};
export type AiRateLimitResult =
| {
allowed: true;
}
| {
allowed: false;
reason: "USER" | "IP";
retryAfterMs: number;
limit: number;
windowMs: number;
};
@Injectable()
export class AiRateLimitService {
private readonly userBuckets = new Map<string, AiRateLimitBucket>();
private readonly ipBuckets = new Map<string, AiRateLimitBucket>();
private readonly windowMs: number;
private readonly userLimit: number;
private readonly ipLimit: number;
constructor(private readonly configService: ConfigService) {
this.windowMs = this.readPositiveInt("AI_RATE_LIMIT_WINDOW_MS", 60_000);
this.userLimit = this.readPositiveInt("AI_RATE_LIMIT_USER_MAX", 20);
this.ipLimit = this.readPositiveInt("AI_RATE_LIMIT_IP_MAX", 60);
}
consume(userId: string, clientIp: string | null): AiRateLimitResult {
const now = Date.now();
const userBucket = this.getBucket(this.userBuckets, userId, now);
if (userBucket.count >= this.userLimit) {
return {
allowed: false,
reason: "USER",
retryAfterMs: Math.max(0, userBucket.resetAt - now),
limit: this.userLimit,
windowMs: this.windowMs
};
}
const normalizedIp = this.normalizeIp(clientIp);
const ipBucket = normalizedIp ? this.getBucket(this.ipBuckets, normalizedIp, now) : null;
if (ipBucket && ipBucket.count >= this.ipLimit) {
return {
allowed: false,
reason: "IP",
retryAfterMs: Math.max(0, ipBucket.resetAt - now),
limit: this.ipLimit,
windowMs: this.windowMs
};
}
userBucket.count += 1;
if (ipBucket) {
ipBucket.count += 1;
}
this.cleanupExpiredBuckets(this.userBuckets, now);
this.cleanupExpiredBuckets(this.ipBuckets, now);
return {
allowed: true
};
}
private getBucket(
buckets: Map<string, AiRateLimitBucket>,
key: string,
now: number
): AiRateLimitBucket {
const currentBucket = buckets.get(key);
if (!currentBucket || now >= currentBucket.resetAt) {
const nextBucket: AiRateLimitBucket = {
count: 0,
resetAt: now + this.windowMs
};
buckets.set(key, nextBucket);
return nextBucket;
}
return currentBucket;
}
private cleanupExpiredBuckets(buckets: Map<string, AiRateLimitBucket>, now: number): void {
if (buckets.size <= 256) {
return;
}
for (const [key, bucket] of buckets.entries()) {
if (now >= bucket.resetAt) {
buckets.delete(key);
}
}
}
private normalizeIp(clientIp: string | null): string | null {
if (!clientIp) {
return null;
}
const normalizedIp = clientIp.trim();
return normalizedIp.length > 0 ? normalizedIp : null;
}
private readPositiveInt(key: string, fallbackValue: number): number {
const rawValue = this.configService.get<string | number | undefined>(key);
const parsedValue =
typeof rawValue === "number" ? rawValue : Number.parseInt(String(rawValue ?? ""), 10);
if (!Number.isFinite(parsedValue) || parsedValue <= 0) {
return fallbackValue;
}
return parsedValue;
}
}
apps/api/src/ai/ai.controller.ts
+74
View File
@@ -0,0 +1,74 @@
import {
Body,
Controller,
Get,
Headers,
Ip,
Post,
Query,
UnauthorizedException
} from "@nestjs/common";
import { AiChatDto } from "./dto/ai-chat.dto";
import { ListAiUsageLogsQueryDto } from "./dto/list-ai-usage-logs-query.dto";
import { UpsertAiProviderBindingDto } from "./dto/upsert-ai-provider-binding.dto";
import {
AiChatResponse,
AiService,
ListAiBindingsResponse,
ListAiUsageLogsResponse,
TestAiBindingResponse
} from "./ai.service";
@Controller("ai")
export class AiController {
constructor(private readonly aiService: AiService) {}
@Get("bindings")
async listBindings(
@Headers("x-user-id") userIdHeader: string | string[] | undefined
): Promise<ListAiBindingsResponse> {
return this.aiService.listBindings(this.resolveUserId(userIdHeader));
}
@Get("usage-logs")
async listUsageLogs(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Query() query: ListAiUsageLogsQueryDto
): Promise<ListAiUsageLogsResponse> {
return this.aiService.listUsageLogs(this.resolveUserId(userIdHeader), query);
}
@Post("bindings")
async upsertBinding(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Body() body: UpsertAiProviderBindingDto
) {
return this.aiService.upsertBinding(this.resolveUserId(userIdHeader), body);
}
@Post("bindings/test")
async testBinding(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Body() body: UpsertAiProviderBindingDto
): Promise<TestAiBindingResponse> {
return this.aiService.testBinding(this.resolveUserId(userIdHeader), body);
}
@Post("chat")
async chat(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Ip() clientIp: string,
@Body() body: AiChatDto
): Promise<AiChatResponse> {
return this.aiService.chat(this.resolveUserId(userIdHeader), body, clientIp);
}
private resolveUserId(userIdHeader: string | string[] | undefined): string {
const userId = Array.isArray(userIdHeader) ? userIdHeader[0] : userIdHeader;
if (!userId) {
throw new UnauthorizedException("缺少用户上下文");
}
return userId;
}
}
apps/api/src/ai/ai.module.ts
+21
View File
@@ -0,0 +1,21 @@
import { Module } from "@nestjs/common";
import { PrismaModule } from "../prisma/prisma.module";
import { AiRateLimitService } from "./ai-rate-limit.service";
import { AiController } from "./ai.controller";
import { AiProviderRegistryService } from "./ai-provider-registry.service";
import { AiService } from "./ai.service";
import { AstrbotProvider } from "./providers/astrbot.provider";
import { OpenAiCompatibleProvider } from "./providers/openai-compatible.provider";
@Module({
imports: [PrismaModule],
controllers: [AiController],
providers: [
AiService,
AiRateLimitService,
AiProviderRegistryService,
OpenAiCompatibleProvider,
AstrbotProvider
]
})
export class AiModule {}
apps/api/src/ai/ai.service.ts
+988
View File
@@ -0,0 +1,988 @@
import {
BadGatewayException,
BadRequestException,
HttpException,
HttpStatus,
Injectable,
Logger
} from "@nestjs/common";
import {
AiChannel,
AiUsageLog,
AiProviderBinding,
AiPublicPoolConfig,
Prisma,
TaskPriority,
TaskStatus
} from "../../generated/prisma/client";
import { PrismaService } from "../prisma/prisma.service";
import { DataEncryptionService } from "../security/data-encryption.service";
import { AiRateLimitService } from "./ai-rate-limit.service";
import { AiProviderRegistryService } from "./ai-provider-registry.service";
import { AiChatDto } from "./dto/ai-chat.dto";
import { ListAiUsageLogsQueryDto } from "./dto/list-ai-usage-logs-query.dto";
import { UpsertAiProviderBindingDto } from "./dto/upsert-ai-provider-binding.dto";
import {
AiResolvedRouteCandidate,
AiRouteAttempt,
AiRouteFailureError,
AiUsageMetrics
} from "./ai.types";
type AiBindingSummary = {
id: string;
channel: AiChannel;
providerName: string;
model: string | null;
configId: string | null;
configName: string | null;
endpoint: string | null;
isEnabled: boolean;
hasApiKey: boolean;
maskedApiKey: string | null;
updatedAt: string;
};
type AiRoutePlanEntry =
| {
kind: "candidate";
candidate: AiResolvedRouteCandidate;
}
| {
kind: "skip";
attempt: AiRouteAttempt;
};
export type ListAiBindingsResponse = {
routeOrder: AiChannel[];
bindings: AiBindingSummary[];
publicPool: {
enabled: boolean;
providerName: string | null;
model: string | null;
hasApiKey: boolean;
} | null;
};
type AiUsageLogSummary = {
id: string;
channel: AiChannel;
providerName: string | null;
model: string | null;
promptTokens: number;
completionTokens: number;
totalTokens: number;
latencyMs: number | null;
success: boolean;
errorCode: string | null;
createdAt: string;
};
type AiContextTaskItem = {
id: string;
title: string;
priority: TaskPriority;
status: TaskStatus;
ddl: Date | null;
contentText: string | null;
updatedAt: Date;
};
export type ListAiUsageLogsResponse = {
items: AiUsageLogSummary[];
page: number;
pageSize: number;
total: number;
};
export type AiChatResponse = {
channel: AiChannel;
providerName: string;
model: string | null;
content: string;
sessionId: string | null;
attempts: AiRouteAttempt[];
};
export type TestAiBindingResponse =
| {
success: true;
channel: AiChannel;
providerName: string;
model: string | null;
contentPreview: string;
}
| {
success: false;
channel: AiChannel;
providerName: string;
model: string | null;
code: string;
message: string;
};
@Injectable()
export class AiService {
private readonly logger = new Logger(AiService.name);
private readonly maxContextTasks = 6;
private readonly maxContextContentLength = 80;
constructor(
private readonly prismaService: PrismaService,
private readonly aiProviderRegistryService: AiProviderRegistryService,
private readonly dataEncryptionService: DataEncryptionService,
private readonly aiRateLimitService: AiRateLimitService
) {}
async listBindings(userId: string): Promise<ListAiBindingsResponse> {
const [bindings, publicPool] = await Promise.all([
this.prismaService.aiProviderBinding.findMany({
where: {
userId
},
orderBy: [{ updatedAt: "desc" }]
}),
this.prismaService.aiPublicPoolConfig.findFirst({
orderBy: {
updatedAt: "desc"
}
})
]);
const latestBindings = this.pickLatestBindingsByChannel(bindings);
return {
routeOrder: [AiChannel.USER_KEY, AiChannel.ASTRBOT, AiChannel.PUBLIC_POOL],
bindings: latestBindings.map((binding) => this.serializeBinding(binding)),
publicPool: publicPool
? {
enabled: publicPool.enabled,
providerName: this.readDecryptedString(publicPool.providerName),
model: this.readDecryptedString(publicPool.model),
hasApiKey: Boolean(publicPool.encryptedApiKey)
}
: null
};
}
async listUsageLogs(
userId: string,
query: ListAiUsageLogsQueryDto
): Promise<ListAiUsageLogsResponse> {
const page = query.page ?? 1;
const pageSize = query.pageSize ?? 20;
const skip = (page - 1) * pageSize;
const where: Prisma.AiUsageLogWhereInput = {
userId
};
if (query.channel) {
where.channel = query.channel;
}
if (query.success !== undefined) {
where.success = query.success;
}
const [items, total] = await Promise.all([
this.prismaService.aiUsageLog.findMany({
where,
orderBy: {
createdAt: "desc"
},
skip,
take: pageSize
}),
this.prismaService.aiUsageLog.count({
where
})
]);
return {
items: items.map((item) => this.serializeUsageLog(item)),
page,
pageSize,
total
};
}
async upsertBinding(userId: string, dto: UpsertAiProviderBindingDto): Promise<AiBindingSummary> {
if (dto.channel === AiChannel.PUBLIC_POOL) {
throw new BadRequestException("公共 AI 通道只能由管理员配置");
}
this.validateBindingInput(dto);
const result = await this.prismaService.$transaction(async (tx) => {
const existingBinding = await tx.aiProviderBinding.findFirst({
where: {
userId,
channel: dto.channel
},
orderBy: {
updatedAt: "desc"
}
});
if (!existingBinding) {
return tx.aiProviderBinding.create({
data: {
userId,
channel: dto.channel,
providerName: this.encryptRequiredString(this.normalizeProviderName(dto.providerName)),
model: this.encryptOptionalString(dto.model),
configId: this.encryptOptionalString(dto.configId),
configName: this.encryptOptionalString(dto.configName),
endpoint: this.encryptOptionalString(dto.endpoint),
encryptedApiKey: this.encryptOptionalString(dto.apiKey),
isEnabled: dto.isEnabled ?? true
}
});
}
const updateData: Prisma.AiProviderBindingUpdateInput = {
channel: dto.channel,
providerName: this.encryptRequiredString(this.normalizeProviderName(dto.providerName)),
model: this.encryptOptionalString(dto.model),
configId: this.encryptOptionalString(dto.configId),
configName: this.encryptOptionalString(dto.configName),
isEnabled: dto.isEnabled ?? existingBinding.isEnabled
};
if (dto.endpoint !== undefined) {
updateData.endpoint = this.encryptOptionalString(dto.endpoint);
}
if (dto.apiKey !== undefined) {
updateData.encryptedApiKey = this.encryptOptionalString(dto.apiKey);
}
return tx.aiProviderBinding.update({
where: {
id: existingBinding.id
},
data: updateData
});
});
return this.serializeBinding(result);
}
async testBinding(
userId: string,
dto: UpsertAiProviderBindingDto
): Promise<TestAiBindingResponse> {
if (dto.channel === AiChannel.PUBLIC_POOL) {
throw new BadRequestException("公共 AI 通道不能由用户自行测试");
}
const candidate = await this.buildTestCandidate(userId, dto);
const executor = this.aiProviderRegistryService.getExecutor(candidate.channel);
try {
const result = await executor.execute(candidate, {
userId,
message: "请只回复“连接成功”,不要添加其他内容。",
sessionId: null
});
return {
success: true,
channel: result.channel,
providerName: result.providerName,
model: result.model,
contentPreview: this.limitPreviewText(result.content)
};
} catch (error) {
if (error instanceof AiRouteFailureError) {
return {
success: false,
channel: error.channel,
providerName: error.providerName,
model: candidate.model,
code: error.code,
message: error.message
};
}
if (error instanceof Error) {
return {
success: false,
channel: candidate.channel,
providerName: candidate.providerName,
model: candidate.model,
code: "UNKNOWN_ERROR",
message: error.message
};
}
return {
success: false,
channel: candidate.channel,
providerName: candidate.providerName,
model: candidate.model,
code: "UNKNOWN_ERROR",
message: "未知错误"
};
}
}
async chat(
userId: string,
dto: AiChatDto,
clientIp: string | null = null
): Promise<AiChatResponse> {
const rateLimitResult = this.aiRateLimitService.consume(userId, clientIp);
if (!rateLimitResult.allowed) {
throw new HttpException(
{
message: "AI 请求过于频繁,请稍后再试",
code: "AI_RATE_LIMITED",
dimension: rateLimitResult.reason === "USER" ? "user" : "ip",
retryAfterMs: rateLimitResult.retryAfterMs,
limit: rateLimitResult.limit,
windowMs: rateLimitResult.windowMs
},
HttpStatus.TOO_MANY_REQUESTS
);
}
const attempts: AiRouteAttempt[] = [];
const plan = await this.buildRoutePlan(userId, dto.channel ?? null);
const promptMessage = await this.buildPromptMessage(userId, dto.message, dto.localTasks ?? []);
for (const entry of plan) {
if (entry.kind === "skip") {
attempts.push(entry.attempt);
continue;
}
const executor = this.aiProviderRegistryService.getExecutor(entry.candidate.channel);
const startedAt = Date.now();
try {
const result = await executor.execute(entry.candidate, {
userId,
message: promptMessage,
sessionId: dto.sessionId ?? null
});
const latencyMs = Date.now() - startedAt;
attempts.push({
channel: result.channel,
providerName: result.providerName,
model: result.model,
status: "success",
reasonCode: null,
reasonMessage: null
});
await this.recordUsageLog({
userId,
channel: result.channel,
providerName: result.providerName,
model: result.model,
usage: result.usage,
latencyMs,
success: true,
errorCode: null
});
return {
channel: result.channel,
providerName: result.providerName,
model: result.model,
content: result.content,
sessionId: result.sessionId,
attempts
};
} catch (error) {
const latencyMs = Date.now() - startedAt;
const failureAttempt = this.toFailureAttempt(entry.candidate, error);
attempts.push(failureAttempt);
await this.recordUsageLog({
userId,
channel: failureAttempt.channel,
providerName: failureAttempt.providerName,
model: failureAttempt.model,
usage: null,
latencyMs,
success: false,
errorCode: failureAttempt.reasonCode
});
this.logger.warn(
`AI 通道降级:channel=${failureAttempt.channel} provider=${failureAttempt.providerName ?? "unknown"} code=${failureAttempt.reasonCode ?? "UNKNOWN"} message=${failureAttempt.reasonMessage ?? "unknown"}`
);
}
}
throw new BadGatewayException({
message: "当前没有可用的 AI 通道,请稍后重试",
attempts
});
}
private async buildRoutePlan(
userId: string,
selectedChannel: AiChannel | null
): Promise<AiRoutePlanEntry[]> {
const plan: AiRoutePlanEntry[] = [];
const targetChannels = selectedChannel
? [selectedChannel]
: [AiChannel.USER_KEY, AiChannel.ASTRBOT, AiChannel.PUBLIC_POOL];
for (const channel of targetChannels) {
if (channel === AiChannel.PUBLIC_POOL) {
const publicPool = await this.findEnabledPublicPool();
if (publicPool) {
plan.push({
kind: "candidate",
candidate: this.toPublicPoolCandidate(publicPool)
});
} else {
plan.push({
kind: "skip",
attempt: {
channel: AiChannel.PUBLIC_POOL,
providerName: null,
model: null,
status: "skipped",
reasonCode: "PUBLIC_POOL_DISABLED",
reasonMessage: "公共 AI 通道未开启"
}
});
}
continue;
}
const binding = await this.findPreferredBinding(userId, channel);
if (binding) {
plan.push({
kind: "candidate",
candidate: this.toBindingCandidate(binding)
});
continue;
}
plan.push({
kind: "skip",
attempt: {
channel,
providerName: null,
model: null,
status: "skipped",
reasonCode: "CHANNEL_NOT_CONFIGURED",
reasonMessage:
channel === AiChannel.USER_KEY
? "当前用户未配置可用的自备 Key 通道"
: "当前用户未配置可用的 AstrBot 通道"
}
});
}
return plan;
}
private async findPreferredBinding(
userId: string,
channel: AiChannel
): Promise<AiProviderBinding | null> {
return this.prismaService.aiProviderBinding.findFirst({
where: {
userId,
channel,
isEnabled: true
},
orderBy: {
updatedAt: "desc"
}
});
}
private async findEnabledPublicPool(): Promise<AiPublicPoolConfig | null> {
return this.prismaService.aiPublicPoolConfig.findFirst({
where: {
enabled: true
},
orderBy: {
updatedAt: "desc"
}
});
}
private async buildTestCandidate(
userId: string,
dto: UpsertAiProviderBindingDto
): Promise<AiResolvedRouteCandidate> {
const existingBinding = await this.prismaService.aiProviderBinding.findFirst({
where: {
userId,
channel: dto.channel
},
orderBy: {
updatedAt: "desc"
}
});
const mergedDto: UpsertAiProviderBindingDto = {
channel: dto.channel,
providerName:
dto.providerName ?? this.readDecryptedString(existingBinding?.providerName ?? null) ?? "",
model: dto.model ?? this.readDecryptedString(existingBinding?.model ?? null) ?? undefined,
configId:
dto.configId ?? this.readDecryptedString(existingBinding?.configId ?? null) ?? undefined,
configName:
dto.configName ??
this.readDecryptedString(existingBinding?.configName ?? null) ??
undefined,
endpoint:
dto.endpoint ?? this.readDecryptedString(existingBinding?.endpoint ?? null) ?? undefined,
apiKey:
dto.apiKey ??
this.readDecryptedString(existingBinding?.encryptedApiKey ?? null) ??
undefined,
isEnabled: dto.isEnabled ?? existingBinding?.isEnabled ?? true
};
this.validateBindingInput(mergedDto);
return {
channel: mergedDto.channel,
source: existingBinding ? "binding" : "binding",
sourceId: existingBinding?.id ?? null,
providerName: this.normalizeProviderName(mergedDto.providerName),
model: this.normalizeOptionalString(mergedDto.model),
configId: this.normalizeOptionalString(mergedDto.configId),
configName: this.normalizeOptionalString(mergedDto.configName),
endpoint: this.normalizeOptionalString(mergedDto.endpoint),
apiKey: this.normalizeOptionalString(mergedDto.apiKey)
};
}
private toBindingCandidate(binding: AiProviderBinding): AiResolvedRouteCandidate {
return {
channel: binding.channel,
source: "binding",
sourceId: binding.id,
providerName: this.readDecryptedString(binding.providerName) ?? "",
model: this.readDecryptedString(binding.model),
configId: this.readDecryptedString(binding.configId),
configName: this.readDecryptedString(binding.configName),
endpoint: this.readDecryptedString(binding.endpoint),
apiKey: this.readDecryptedString(binding.encryptedApiKey)
};
}
private toPublicPoolCandidate(publicPool: AiPublicPoolConfig): AiResolvedRouteCandidate {
return {
channel: AiChannel.PUBLIC_POOL,
source: "public_pool",
sourceId: publicPool.id,
providerName: this.readDecryptedString(publicPool.providerName) ?? "public-pool",
model: this.readDecryptedString(publicPool.model),
configId: null,
configName: null,
endpoint: this.readDecryptedString(publicPool.endpoint),
apiKey: this.readDecryptedString(publicPool.encryptedApiKey)
};
}
private serializeBinding(binding: AiProviderBinding): AiBindingSummary {
const decryptedProviderName = this.readDecryptedString(binding.providerName) ?? "";
const decryptedModel = this.readDecryptedString(binding.model);
const decryptedConfigId = this.readDecryptedString(binding.configId);
const decryptedConfigName = this.readDecryptedString(binding.configName);
const decryptedEndpoint = this.readDecryptedString(binding.endpoint);
const decryptedApiKey = this.readDecryptedString(binding.encryptedApiKey);
return {
id: binding.id,
channel: binding.channel,
providerName: decryptedProviderName,
model: decryptedModel,
configId: decryptedConfigId,
configName: decryptedConfigName,
endpoint: decryptedEndpoint,
isEnabled: binding.isEnabled,
hasApiKey: Boolean(binding.encryptedApiKey),
maskedApiKey: this.maskSecret(decryptedApiKey),
updatedAt: binding.updatedAt.toISOString()
};
}
private pickLatestBindingsByChannel(bindings: AiProviderBinding[]): AiProviderBinding[] {
const bindingMap = new Map<AiChannel, AiProviderBinding>();
for (const binding of bindings) {
if (!bindingMap.has(binding.channel)) {
bindingMap.set(binding.channel, binding);
}
}
return [AiChannel.USER_KEY, AiChannel.ASTRBOT]
.map((channel) => bindingMap.get(channel) ?? null)
.filter((binding): binding is AiProviderBinding => binding !== null);
}
private serializeUsageLog(log: AiUsageLog): AiUsageLogSummary {
return {
id: log.id,
channel: log.channel,
providerName: this.readDecryptedString(log.providerName),
model: this.readDecryptedString(log.model),
promptTokens: log.promptTokens,
completionTokens: log.completionTokens,
totalTokens: log.totalTokens,
latencyMs: log.latencyMs,
success: log.success,
errorCode: log.errorCode,
createdAt: log.createdAt.toISOString()
};
}
private async buildPromptMessage(
userId: string,
userMessage: string,
localTasks: NonNullable<AiChatDto["localTasks"]>
): Promise<string> {
const taskSummary = await this.buildTaskContextSummary(userId, localTasks);
if (!taskSummary) {
return userMessage;
}
return [
"你是 TodoList 的 AI 助手,需要结合用户当前待办提供任务统筹建议。",
"以下是系统整理的未完成任务摘要:",
taskSummary,
"请优先根据这些任务的紧急度、截止时间和执行顺序回答,并给出明确可执行的建议。",
`用户当前问题:${userMessage}`
].join("\n\n");
}
private async buildTaskContextSummary(
userId: string,
localTasks: NonNullable<AiChatDto["localTasks"]>
): Promise<string | null> {
const tasks = await this.prismaService.task.findMany({
where: {
userId,
status: {
in: [TaskStatus.TODO, TaskStatus.IN_PROGRESS]
}
},
select: {
id: true,
title: true,
priority: true,
status: true,
ddl: true,
contentText: true,
updatedAt: true
},
take: 20
});
const sortedTasks = this.sortContextTasks(this.mergeContextTasks(tasks, localTasks));
if (sortedTasks.length === 0) {
return null;
}
const visibleTasks = sortedTasks.slice(0, this.maxContextTasks);
const lines = visibleTasks.map((task, index) => {
const parts = [
`${index + 1}. ${task.title}`,
`优先级:${this.getPriorityLabel(task.priority)}`,
`状态:${this.getStatusLabel(task.status)}`,
`DDL${task.ddl ? task.ddl.toISOString() : "未设置"}`
];
const contentSnippet = this.getContentSnippet(task.contentText);
if (contentSnippet) {
parts.push(`内容摘要:${contentSnippet}`);
}
return parts.join(" | ");
});
const omittedCount = sortedTasks.length - visibleTasks.length;
if (omittedCount > 0) {
lines.push(`另有 ${omittedCount} 条任务已省略。`);
}
return [`${sortedTasks.length} 条未完成任务。`, ...lines].join("\n");
}
private mergeContextTasks(
databaseTasks: Array<{
id: string;
title: string;
priority: TaskPriority;
status: TaskStatus;
ddl: Date | null;
contentText: string | null;
updatedAt: Date;
}>,
localTasks: NonNullable<AiChatDto["localTasks"]>
): AiContextTaskItem[] {
const taskMap = new Map<string, AiContextTaskItem>();
for (const task of databaseTasks) {
taskMap.set(task.id, {
id: task.id,
title: this.readDecryptedString(task.title) ?? "未命名任务",
priority: task.priority,
status: task.status,
ddl: task.ddl,
contentText: this.readDecryptedString(task.contentText),
updatedAt: task.updatedAt
});
}
for (const task of localTasks) {
if (task.status !== TaskStatus.TODO && task.status !== TaskStatus.IN_PROGRESS) {
continue;
}
const currentTask = taskMap.get(task.id);
const nextTask: AiContextTaskItem = {
id: task.id,
title: task.title.trim().length > 0 ? task.title.trim() : "未命名任务",
priority: task.priority,
status: task.status,
ddl: typeof task.ddlAt === "number" ? new Date(task.ddlAt) : null,
contentText:
typeof task.contentText === "string" && task.contentText.trim().length > 0
? task.contentText
: null,
updatedAt: new Date(task.updatedAt)
};
if (!currentTask || nextTask.updatedAt.getTime() >= currentTask.updatedAt.getTime()) {
taskMap.set(task.id, nextTask);
}
}
return [...taskMap.values()].filter(
(task) => task.status === TaskStatus.TODO || task.status === TaskStatus.IN_PROGRESS
);
}
private sortContextTasks(tasks: AiContextTaskItem[]): AiContextTaskItem[] {
return [...tasks].sort((left, right) => {
const priorityDiff =
this.getPriorityWeight(right.priority) - this.getPriorityWeight(left.priority);
if (priorityDiff !== 0) {
return priorityDiff;
}
const leftDdl = left.ddl?.getTime() ?? Number.POSITIVE_INFINITY;
const rightDdl = right.ddl?.getTime() ?? Number.POSITIVE_INFINITY;
if (leftDdl !== rightDdl) {
return leftDdl - rightDdl;
}
return right.updatedAt.getTime() - left.updatedAt.getTime();
});
}
private toFailureAttempt(candidate: AiResolvedRouteCandidate, error: unknown): AiRouteAttempt {
if (error instanceof AiRouteFailureError) {
return {
channel: error.channel,
providerName: error.providerName,
model: candidate.model,
status: "failed",
reasonCode: error.code,
reasonMessage: error.message
};
}
if (error instanceof Error) {
return {
channel: candidate.channel,
providerName: candidate.providerName,
model: candidate.model,
status: "failed",
reasonCode: "UNKNOWN_ERROR",
reasonMessage: error.message
};
}
return {
channel: candidate.channel,
providerName: candidate.providerName,
model: candidate.model,
status: "failed",
reasonCode: "UNKNOWN_ERROR",
reasonMessage: "未知错误"
};
}
private normalizeOptionalString(value: string | undefined): string | null {
if (value === undefined) {
return null;
}
const normalizedValue = value.trim();
return normalizedValue.length > 0 ? normalizedValue : null;
}
private normalizeProviderName(value: string | undefined): string {
return this.normalizeOptionalString(value) ?? "";
}
private encryptOptionalString(value: string | undefined): string | null | undefined {
const normalizedValue = this.normalizeOptionalString(value);
return this.dataEncryptionService.encryptString(normalizedValue);
}
private encryptRequiredString(value: string): string {
const encryptedValue = this.dataEncryptionService.encryptString(value);
if (!encryptedValue) {
throw new BadRequestException("敏感配置加密失败");
}
return encryptedValue;
}
private readDecryptedString(value: string | null): string | null {
const decryptedValue = this.dataEncryptionService.decryptString(value);
return typeof decryptedValue === "string" ? decryptedValue : null;
}
private validateBindingInput(dto: UpsertAiProviderBindingDto): void {
const providerName = this.normalizeOptionalString(dto.providerName);
const configId = this.normalizeOptionalString(dto.configId);
const configName = this.normalizeOptionalString(dto.configName);
if (dto.channel === AiChannel.ASTRBOT) {
if (!providerName && !configId && !configName) {
throw new BadRequestException(
"AstrBot 通道至少需要 providerName、configId、configName 三者之一"
);
}
return;
}
if (!providerName) {
throw new BadRequestException("当前通道必须提供 providerName");
}
}
private maskSecret(secret: string | null): string | null {
if (!secret) {
return null;
}
if (secret.length <= 6) {
return "*".repeat(secret.length);
}
return `${secret.slice(0, 4)}***${secret.slice(-2)}`;
}
private limitPreviewText(content: string): string {
const normalizedContent = content.replace(/\s+/g, " ").trim();
if (normalizedContent.length <= 60) {
return normalizedContent;
}
return `${normalizedContent.slice(0, 60)}...`;
}
private getPriorityWeight(priority: TaskPriority): number {
switch (priority) {
case TaskPriority.URGENT:
return 4;
case TaskPriority.HIGH:
return 3;
case TaskPriority.MEDIUM:
return 2;
case TaskPriority.LOW:
return 1;
default:
return 0;
}
}
private getPriorityLabel(priority: TaskPriority): string {
switch (priority) {
case TaskPriority.URGENT:
return "紧急";
case TaskPriority.HIGH:
return "高";
case TaskPriority.MEDIUM:
return "中";
case TaskPriority.LOW:
return "低";
default:
return String(priority);
}
}
private getStatusLabel(status: TaskStatus): string {
switch (status) {
case TaskStatus.TODO:
return "待开始";
case TaskStatus.IN_PROGRESS:
return "进行中";
case TaskStatus.DONE:
return "已完成";
case TaskStatus.ARCHIVED:
return "已归档";
default:
return String(status);
}
}
private getContentSnippet(contentText: string | null): string | null {
if (!contentText) {
return null;
}
const normalizedContent = contentText.replace(/\s+/g, " ").trim();
if (normalizedContent.length === 0) {
return null;
}
if (normalizedContent.length <= this.maxContextContentLength) {
return normalizedContent;
}
return `${normalizedContent.slice(0, this.maxContextContentLength)}...`;
}
private async recordUsageLog(input: {
userId: string;
channel: AiChannel;
providerName: string | null;
model: string | null;
usage: AiUsageMetrics | null;
latencyMs: number;
success: boolean;
errorCode: string | null;
}): Promise<void> {
try {
await this.prismaService.aiUsageLog.create({
data: {
userId: input.userId,
channel: input.channel,
providerName:
input.providerName === null
? null
: this.dataEncryptionService.encryptString(input.providerName),
model:
input.model === null ? null : this.dataEncryptionService.encryptString(input.model),
promptTokens: input.usage?.promptTokens ?? 0,
completionTokens: input.usage?.completionTokens ?? 0,
totalTokens: input.usage?.totalTokens ?? 0,
latencyMs: input.latencyMs,
success: input.success,
errorCode: input.errorCode
}
});
} catch (error) {
const message = error instanceof Error ? error.message : "未知错误";
this.logger.warn(`写入 AI 使用日志失败:${message}`);
}
}
}
apps/api/src/ai/ai.types.ts
+61
View File
@@ -0,0 +1,61 @@
import { AiChannel } from "../../generated/prisma/client";
export type AiResolvedRouteCandidate = {
channel: AiChannel;
source: "binding" | "public_pool";
sourceId: string | null;
providerName: string;
model: string | null;
configId: string | null;
configName: string | null;
endpoint: string | null;
apiKey: string | null;
};
export type AiChatInput = {
userId: string;
message: string;
sessionId: string | null;
};
export type AiChatResult = {
channel: AiChannel;
providerName: string;
model: string | null;
content: string;
sessionId: string | null;
usage: AiUsageMetrics | null;
raw: unknown;
};
export type AiUsageMetrics = {
promptTokens: number;
completionTokens: number;
totalTokens: number;
};
export type AiRouteAttempt = {
channel: AiChannel;
providerName: string | null;
model: string | null;
status: "skipped" | "failed" | "success";
reasonCode: string | null;
reasonMessage: string | null;
};
export class AiRouteFailureError extends Error {
constructor(
public readonly channel: AiChannel,
public readonly providerName: string,
public readonly code: string,
message: string
) {
super(message);
this.name = "AiRouteFailureError";
Object.setPrototypeOf(this, new.target.prototype);
}
}
export interface AiChannelExecutor {
execute(candidate: AiResolvedRouteCandidate, input: AiChatInput): Promise<AiChatResult>;
}
apps/api/src/ai/dto/ai-chat.dto.ts
+60
View File
@@ -0,0 +1,60 @@
import { Type } from "class-transformer";
import {
IsArray,
IsEnum,
IsInt,
IsOptional,
IsString,
MinLength,
ValidateNested
} from "class-validator";
import { AiChannel } from "../../../generated/prisma/client";
import { TaskPriority, TaskStatus } from "../../../generated/prisma/client";
export class LocalTaskContextItemDto {
@IsString()
@MinLength(1)
id!: string;
@IsString()
@MinLength(1)
title!: string;
@IsEnum(TaskPriority)
priority!: TaskPriority;
@IsEnum(TaskStatus)
status!: TaskStatus;
@IsOptional()
@IsInt()
ddlAt?: number | null;
@IsOptional()
@IsString()
contentText?: string | null;
@IsInt()
updatedAt!: number;
}
export class AiChatDto {
@IsString()
@MinLength(1)
message!: string;
@IsOptional()
@IsString()
@MinLength(1)
sessionId?: string;
@IsOptional()
@IsEnum(AiChannel)
channel?: AiChannel;
@IsOptional()
@IsArray()
@ValidateNested({ each: true })
@Type(() => LocalTaskContextItemDto)
localTasks?: LocalTaskContextItemDto[];
}
apps/api/src/ai/dto/list-ai-usage-logs-query.dto.ts
+48
View File
@@ -0,0 +1,48 @@
import { Transform, Type } from "class-transformer";
import { IsBoolean, IsEnum, IsInt, IsOptional, Max, Min } from "class-validator";
import { AiChannel } from "../../../generated/prisma/client";
function normalizeBoolean(value: unknown): boolean | undefined {
if (typeof value === "boolean") {
return value;
}
if (typeof value !== "string") {
return undefined;
}
const normalized = value.trim().toLowerCase();
if (normalized === "true" || normalized === "1") {
return true;
}
if (normalized === "false" || normalized === "0") {
return false;
}
return undefined;
}
export class ListAiUsageLogsQueryDto {
@Type(() => Number)
@IsOptional()
@IsInt()
@Min(1)
page?: number;
@Type(() => Number)
@IsOptional()
@IsInt()
@Min(1)
@Max(100)
pageSize?: number;
@IsOptional()
@IsEnum(AiChannel)
channel?: AiChannel;
@Transform(({ value }) => normalizeBoolean(value))
@IsOptional()
@IsBoolean()
success?: boolean;
}
apps/api/src/ai/dto/upsert-ai-provider-binding.dto.ts
+47
View File
@@ -0,0 +1,47 @@
import { AiChannel } from "../../../generated/prisma/client";
import { IsBoolean, IsEnum, IsOptional, IsString, IsUrl, MinLength } from "class-validator";
export class UpsertAiProviderBindingDto {
@IsEnum(AiChannel)
channel!: AiChannel;
@IsOptional()
@IsString()
@MinLength(1)
providerName?: string;
@IsOptional()
@IsString()
@MinLength(1)
model?: string;
@IsOptional()
@IsString()
@MinLength(1)
configId?: string;
@IsOptional()
@IsString()
@MinLength(1)
configName?: string;
@IsOptional()
@IsUrl(
{
require_tld: false
},
{
message: "endpoint \u5fc5\u987b\u662f\u5408\u6cd5\u7684 URL"
}
)
endpoint?: string;
@IsOptional()
@IsString()
@MinLength(1)
apiKey?: string;
@IsOptional()
@IsBoolean()
isEnabled?: boolean;
}
apps/api/src/ai/providers/astrbot.provider.ts
+284
View File
@@ -0,0 +1,284 @@
import { Injectable } from "@nestjs/common";
import {
AiChannelExecutor,
AiChatInput,
AiChatResult,
AiResolvedRouteCandidate,
AiRouteFailureError
} from "../ai.types";
@Injectable()
export class AstrbotProvider implements AiChannelExecutor {
async execute(candidate: AiResolvedRouteCandidate, input: AiChatInput): Promise<AiChatResult> {
const routeLabel =
candidate.providerName || candidate.configName || candidate.configId || "astrbot";
if (!candidate.endpoint) {
throw new AiRouteFailureError(
candidate.channel,
routeLabel,
"MISSING_ENDPOINT",
"缺少 AstrBot 服务地址配置"
);
}
if (!candidate.apiKey) {
throw new AiRouteFailureError(
candidate.channel,
routeLabel,
"MISSING_API_KEY",
"缺少 AstrBot API Key 配置"
);
}
const requestUrl = this.buildRequestUrl(candidate.endpoint);
let response: Response;
try {
response = await fetch(requestUrl, {
method: "POST",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${candidate.apiKey}`
},
body: JSON.stringify({
username: input.userId,
session_id: input.sessionId ?? undefined,
message: input.message,
enable_streaming: false,
selected_model: candidate.model ?? undefined
}),
signal: AbortSignal.timeout(30000)
});
} catch (error) {
throw new AiRouteFailureError(
candidate.channel,
routeLabel,
"UPSTREAM_UNREACHABLE",
this.toErrorMessage(error, "AstrBot 服务请求失败")
);
}
if (!response.ok) {
const rawText = await response.text();
throw new AiRouteFailureError(
candidate.channel,
routeLabel,
`UPSTREAM_HTTP_${response.status}`,
this.extractHttpErrorMessage(rawText, response.status)
);
}
const events = await this.readSseEvents(response);
let content = "";
let sessionId = input.sessionId;
for (const event of events) {
const type = this.readString(event["type"]);
if (type === "session_id") {
sessionId = this.readString(event["session_id"]) ?? sessionId;
continue;
}
if (type === "error") {
throw new AiRouteFailureError(
candidate.channel,
routeLabel,
this.readString(event["code"]) ?? "ASTRBOT_ERROR",
this.readString(event["data"]) ?? "AstrBot 返回错误"
);
}
if (type !== "plain") {
continue;
}
const chainType = this.readString(event["chain_type"]);
if (
chainType === "reasoning" ||
chainType === "tool_call" ||
chainType === "tool_call_result"
) {
continue;
}
const data = this.readString(event["data"]);
if (!data) {
continue;
}
if (event["streaming"] === true) {
content += data;
continue;
}
content = data;
}
if (!content.trim()) {
throw new AiRouteFailureError(
candidate.channel,
routeLabel,
"EMPTY_RESPONSE",
"AstrBot 没有返回有效内容"
);
}
return {
channel: candidate.channel,
providerName: routeLabel,
model: candidate.model,
content,
sessionId,
usage: this.extractUsage(events),
raw: events
};
}
private buildRequestUrl(endpoint: string): string {
const normalizedEndpoint = endpoint.replace(/\/+$/, "");
if (normalizedEndpoint.endsWith("/api/v1/chat")) {
return normalizedEndpoint;
}
if (normalizedEndpoint.endsWith("/api/v1")) {
return `${normalizedEndpoint}/chat`;
}
if (normalizedEndpoint.endsWith("/api")) {
return `${normalizedEndpoint}/v1/chat`;
}
return `${normalizedEndpoint}/api/v1/chat`;
}
private parseSseEvents(rawText: string): Array<Record<string, unknown>> {
return rawText
.split(/\r?\n\r?\n/)
.map((block) =>
block
.split(/\r?\n/)
.filter((line) => line.startsWith("data:"))
.map((line) => line.slice(5).trim())
.join("\n")
)
.filter((payload) => payload.length > 0)
.map((payload) => {
try {
return JSON.parse(payload) as Record<string, unknown>;
} catch {
return null;
}
})
.filter((item): item is Record<string, unknown> => item !== null);
}
private async readSseEvents(response: Response): Promise<Array<Record<string, unknown>>> {
if (!response.body) {
return this.parseSseEvents(await response.text());
}
const reader = response.body.getReader();
const decoder = new TextDecoder();
const events: Array<Record<string, unknown>> = [];
let buffer = "";
let reachedEndEvent = false;
try {
while (!reachedEndEvent) {
const { done, value } = await reader.read();
if (done) {
break;
}
buffer += decoder.decode(value, { stream: true });
const segments = buffer.split(/\r?\n\r?\n/);
buffer = segments.pop() ?? "";
for (const segment of segments) {
const parsedEvents = this.parseSseEvents(segment);
for (const event of parsedEvents) {
events.push(event);
if (this.readString(event["type"]) === "end") {
reachedEndEvent = true;
break;
}
}
if (reachedEndEvent) {
break;
}
}
}
const tail = `${buffer}${decoder.decode()}`;
if (tail.trim().length > 0) {
events.push(...this.parseSseEvents(tail));
}
} finally {
await reader.cancel();
}
return events;
}
private extractHttpErrorMessage(rawText: string, statusCode: number): string {
try {
const payload = JSON.parse(rawText) as Record<string, unknown>;
if (typeof payload["message"] === "string") {
return payload["message"];
}
if (typeof payload["data"] === "string") {
return payload["data"];
}
} catch {
return `AstrBot 服务调用失败,状态码 ${statusCode}`;
}
return `AstrBot 服务调用失败,状态码 ${statusCode}`;
}
private readString(value: unknown): string | null {
return typeof value === "string" ? value : null;
}
private toErrorMessage(error: unknown, fallback: string): string {
if (error instanceof Error && error.message) {
return error.message;
}
return fallback;
}
private extractUsage(events: Array<Record<string, unknown>>): AiChatResult["usage"] {
for (const event of events) {
if (this.readString(event["type"]) !== "agent_stats") {
continue;
}
const data = this.asRecord(event["data"]);
const tokenUsage = this.asRecord(data?.["token_usage"]);
if (!tokenUsage) {
continue;
}
const promptTokens =
(this.readNumber(tokenUsage["input_other"]) ?? 0) +
(this.readNumber(tokenUsage["input_cached"]) ?? 0);
const completionTokens = this.readNumber(tokenUsage["output"]) ?? 0;
return {
promptTokens,
completionTokens,
totalTokens: promptTokens + completionTokens
};
}
return null;
}
private asRecord(value: unknown): Record<string, unknown> | null {
return typeof value === "object" && value !== null ? (value as Record<string, unknown>) : null;
}
private readNumber(value: unknown): number | null {
return typeof value === "number" && Number.isFinite(value) ? value : null;
}
}
apps/api/src/ai/providers/openai-compatible.provider.ts
+300
View File
@@ -0,0 +1,300 @@
import { Injectable } from "@nestjs/common";
import {
AiChannelExecutor,
AiChatInput,
AiChatResult,
AiResolvedRouteCandidate,
AiRouteFailureError
} from "../ai.types";
@Injectable()
export class OpenAiCompatibleProvider implements AiChannelExecutor {
async execute(candidate: AiResolvedRouteCandidate, input: AiChatInput): Promise<AiChatResult> {
if (!candidate.endpoint) {
throw new AiRouteFailureError(
candidate.channel,
candidate.providerName,
"MISSING_ENDPOINT",
"缺少 AI 服务地址配置"
);
}
if (!candidate.apiKey) {
throw new AiRouteFailureError(
candidate.channel,
candidate.providerName,
"MISSING_API_KEY",
"缺少 AI 服务密钥配置"
);
}
if (!candidate.model) {
throw new AiRouteFailureError(
candidate.channel,
candidate.providerName,
"MISSING_MODEL",
"缺少 AI 模型配置"
);
}
const requestUrl = this.buildRequestUrl(candidate.endpoint);
let response: Response;
try {
response = await fetch(requestUrl, {
method: "POST",
headers: {
"Content-Type": "application/json",
Authorization: `Bearer ${candidate.apiKey}`
},
body: JSON.stringify({
model: candidate.model,
messages: [
{
role: "user",
content: input.message
}
],
stream: false
}),
signal: AbortSignal.timeout(30000)
});
} catch (error) {
throw new AiRouteFailureError(
candidate.channel,
candidate.providerName,
"UPSTREAM_UNREACHABLE",
this.toErrorMessage(error, "AI 服务请求失败")
);
}
let payload: unknown;
try {
payload = await response.json();
} catch (error) {
throw new AiRouteFailureError(
candidate.channel,
candidate.providerName,
"INVALID_RESPONSE",
this.toErrorMessage(error, "AI 服务返回了无法解析的数据")
);
}
if (!response.ok) {
throw new AiRouteFailureError(
candidate.channel,
candidate.providerName,
`UPSTREAM_HTTP_${response.status}`,
this.extractErrorMessage(payload, `AI 服务调用失败,状态码 ${response.status}`)
);
}
const content = this.extractAssistantText(payload);
if (!content.trim()) {
throw new AiRouteFailureError(
candidate.channel,
candidate.providerName,
"EMPTY_RESPONSE",
"AI 服务没有返回有效内容"
);
}
return {
channel: candidate.channel,
providerName: candidate.providerName,
model: this.extractModel(payload) ?? candidate.model,
content,
sessionId: input.sessionId,
usage: this.extractUsage(payload),
raw: payload
};
}
private buildRequestUrl(endpoint: string): string {
const normalizedEndpoint = endpoint.replace(/\/+$/, "");
if (normalizedEndpoint.endsWith("/chat/completions")) {
return normalizedEndpoint;
}
if (normalizedEndpoint.endsWith("/v1")) {
return `${normalizedEndpoint}/chat/completions`;
}
return `${normalizedEndpoint}/v1/chat/completions`;
}
private extractAssistantText(payload: unknown): string {
const chatCompletionText = this.extractChatCompletionText(payload);
if (chatCompletionText) {
return chatCompletionText;
}
const responsesText = this.extractResponsesApiText(payload);
if (responsesText) {
return responsesText;
}
return "";
}
private extractChatCompletionText(payload: unknown): string {
if (!this.isRecord(payload)) {
return "";
}
const choices = payload["choices"];
if (!Array.isArray(choices) || choices.length === 0) {
return "";
}
const firstChoice = choices[0];
if (!this.isRecord(firstChoice)) {
return "";
}
const message = firstChoice["message"];
if (this.isRecord(message)) {
const messageContent = this.extractMessageContent(message["content"]);
if (messageContent) {
return messageContent;
}
}
if (typeof firstChoice["text"] === "string") {
return firstChoice["text"];
}
return "";
}
private extractResponsesApiText(payload: unknown): string {
if (!this.isRecord(payload)) {
return "";
}
if (typeof payload["output_text"] === "string") {
return payload["output_text"];
}
const output = payload["output"];
if (!Array.isArray(output)) {
return "";
}
return output
.map((item) => {
if (!this.isRecord(item)) {
return "";
}
if (typeof item["text"] === "string") {
return item["text"];
}
return this.extractMessageContent(item["content"]);
})
.filter((item) => item.length > 0)
.join("\n")
.trim();
}
private extractMessageContent(content: unknown): string {
if (typeof content === "string") {
return content;
}
if (!Array.isArray(content)) {
return "";
}
return content
.map((item) => this.extractContentPartText(item))
.filter((item) => item.length > 0)
.join("\n")
.trim();
}
private extractContentPartText(item: unknown): string {
if (!this.isRecord(item)) {
return "";
}
if (typeof item["text"] === "string") {
return item["text"];
}
if (this.isRecord(item["text"]) && typeof item["text"]["value"] === "string") {
return item["text"]["value"];
}
if (typeof item["content"] === "string") {
return item["content"];
}
if (this.isRecord(item["content"]) && typeof item["content"]["text"] === "string") {
return item["content"]["text"];
}
return "";
}
private extractModel(payload: unknown): string | null {
if (!this.isRecord(payload) || typeof payload["model"] !== "string") {
return null;
}
return payload["model"];
}
private extractUsage(payload: unknown): AiChatResult["usage"] {
if (!this.isRecord(payload)) {
return null;
}
const usage = payload["usage"];
if (!this.isRecord(usage)) {
return null;
}
const promptTokens = this.readNumber(usage["prompt_tokens"]);
const completionTokens = this.readNumber(usage["completion_tokens"]);
const totalTokens = this.readNumber(usage["total_tokens"]);
if (promptTokens === null && completionTokens === null && totalTokens === null) {
return null;
}
return {
promptTokens: promptTokens ?? 0,
completionTokens: completionTokens ?? 0,
totalTokens: totalTokens ?? (promptTokens ?? 0) + (completionTokens ?? 0)
};
}
private extractErrorMessage(payload: unknown, fallback: string): string {
if (!this.isRecord(payload)) {
return fallback;
}
const error = payload["error"];
if (!this.isRecord(error) || typeof error["message"] !== "string") {
return fallback;
}
return error["message"];
}
private isRecord(value: unknown): value is Record<string, unknown> {
return typeof value === "object" && value !== null;
}
private toErrorMessage(error: unknown, fallback: string): string {
if (error instanceof Error && error.message) {
return error.message;
}
return fallback;
}
private readNumber(value: unknown): number | null {
return typeof value === "number" && Number.isFinite(value) ? value : null;
}
}
apps/api/src/app.module.ts
+27
View File
@@ -0,0 +1,27 @@
import { Module } from "@nestjs/common";
import { ConfigModule } from "@nestjs/config";
import { resolve } from "node:path";
import { AiModule } from "./ai/ai.module";
import { AttachmentModule } from "./attachment/attachment.module";
import { AuthModule } from "./auth/auth.module";
import { PrismaModule } from "./prisma/prisma.module";
import { SecurityModule } from "./security/security.module";
import { SyncModule } from "./sync/sync.module";
import { TaskModule } from "./task/task.module";
@Module({
imports: [
ConfigModule.forRoot({
isGlobal: true,
envFilePath: [resolve(__dirname, "../.env"), ".env"]
}),
PrismaModule,
SecurityModule,
AuthModule,
TaskModule,
AttachmentModule,
SyncModule,
AiModule
]
})
export class AppModule {}
apps/api/src/attachment/attachment.controller.ts
+38
View File
@@ -0,0 +1,38 @@
import { Body, Controller, Headers, Post, UnauthorizedException } from "@nestjs/common";
import {
AttachmentResponse,
AttachmentService,
PresignAttachmentResponse
} from "./attachment.service";
import { CompleteAttachmentDto } from "./dto/complete-attachment.dto";
import { PresignAttachmentDto } from "./dto/presign-attachment.dto";
@Controller("attachments")
export class AttachmentController {
constructor(private readonly attachmentService: AttachmentService) {}
@Post("presign")
async presignAttachment(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Body() body: PresignAttachmentDto
): Promise<PresignAttachmentResponse> {
return this.attachmentService.presignAttachment(this.resolveUserId(userIdHeader), body);
}
@Post("complete")
async completeAttachment(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Body() body: CompleteAttachmentDto
): Promise<AttachmentResponse> {
return this.attachmentService.completeAttachment(this.resolveUserId(userIdHeader), body);
}
private resolveUserId(userIdHeader: string | string[] | undefined): string {
const userId = Array.isArray(userIdHeader) ? userIdHeader[0] : userIdHeader;
if (!userId) {
throw new UnauthorizedException("缺少用户上下文");
}
return userId;
}
}
apps/api/src/attachment/attachment.module.ts
+11
View File
@@ -0,0 +1,11 @@
import { Module } from "@nestjs/common";
import { PrismaModule } from "../prisma/prisma.module";
import { AttachmentController } from "./attachment.controller";
import { AttachmentService } from "./attachment.service";
@Module({
imports: [PrismaModule],
controllers: [AttachmentController],
providers: [AttachmentService]
})
export class AttachmentModule {}
apps/api/src/attachment/attachment.service.ts
+335
View File
@@ -0,0 +1,335 @@
import { randomUUID } from "node:crypto";
import {
Injectable,
InternalServerErrorException,
NotFoundException,
PayloadTooLargeException
} from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { PutObjectCommand, S3Client } from "@aws-sdk/client-s3";
import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
import { AttachmentType } from "../../generated/prisma/client";
import { PrismaService } from "../prisma/prisma.service";
import { DataEncryptionService } from "../security/data-encryption.service";
import { CompleteAttachmentDto } from "./dto/complete-attachment.dto";
import { PresignAttachmentDto } from "./dto/presign-attachment.dto";
type QuotaInfo = {
totalBytes: bigint;
usedBytes: bigint;
};
export type PresignAttachmentResponse = {
method: "PUT";
uploadUrl: string;
bucket: string;
objectKey: string;
objectUrl: string;
expiresInSeconds: number;
quota: {
totalBytes: string;
usedBytes: string;
remainingBytes: string;
};
headers: Record<string, string>;
};
export type AttachmentResponse = {
id: string;
taskId: string | null;
type: AttachmentType;
url: string;
mimeType: string | null;
fileName: string | null;
fileSize: number;
width: number | null;
height: number | null;
durationMs: number | null;
checksum: string | null;
createdAt: string;
updatedAt: string;
};
@Injectable()
export class AttachmentService {
private s3Client: S3Client | null = null;
constructor(
private readonly configService: ConfigService,
private readonly prismaService: PrismaService,
private readonly dataEncryptionService: DataEncryptionService
) {}
async presignAttachment(
userId: string,
body: PresignAttachmentDto
): Promise<PresignAttachmentResponse> {
const quotaInfo = await this.getQuotaSnapshot(userId);
this.assertQuotaAvailable(quotaInfo.totalBytes, quotaInfo.usedBytes, body.fileSize);
if (body.taskId) {
await this.ensureTaskOwnership(userId, body.taskId);
}
const bucket = this.getDefaultBucket();
const objectKey = this.generateObjectKey(body.fileName);
const objectUrl = this.resolveObjectUrl(bucket, objectKey);
const expiresInSeconds = this.getPresignExpiresInSeconds();
const serverSideEncryption = this.getServerSideEncryptionMode();
const command = new PutObjectCommand({
Bucket: bucket,
Key: objectKey,
ContentType: body.mimeType,
ContentLength: body.fileSize,
ServerSideEncryption: serverSideEncryption
});
const uploadUrl = await getSignedUrl(this.getS3Client(), command, {
expiresIn: expiresInSeconds
});
return {
method: "PUT",
uploadUrl,
bucket,
objectKey,
objectUrl,
expiresInSeconds,
quota: {
totalBytes: quotaInfo.totalBytes.toString(),
usedBytes: quotaInfo.usedBytes.toString(),
remainingBytes: (quotaInfo.totalBytes - quotaInfo.usedBytes).toString()
},
headers: this.buildUploadHeaders(body.mimeType, serverSideEncryption)
};
}
async completeAttachment(
userId: string,
body: CompleteAttachmentDto
): Promise<AttachmentResponse> {
if (body.taskId) {
await this.ensureTaskOwnership(userId, body.taskId);
}
const bucket = body.bucket ?? this.getDefaultBucket();
const objectUrl = this.resolveObjectUrl(bucket, body.objectKey);
const attachment = await this.prismaService.$transaction(async (tx) => {
const quotaInfo = await this.getQuotaSnapshot(userId, tx);
this.assertQuotaAvailable(quotaInfo.totalBytes, quotaInfo.usedBytes, body.fileSize);
const uploadBytes = BigInt(body.fileSize);
const maxUsedBeforeUpload = quotaInfo.totalBytes - uploadBytes;
const updatedUser = await tx.user.updateMany({
where: {
id: userId,
usedStorageBytes: {
lte: maxUsedBeforeUpload
}
},
data: {
usedStorageBytes: {
increment: uploadBytes
}
}
});
if (updatedUser.count === 0) {
throw new PayloadTooLargeException("存储配额不足");
}
return tx.attachment.create({
data: {
userId,
taskId: body.taskId ?? null,
type: body.type ?? this.resolveAttachmentType(body.mimeType),
url: this.encryptRequiredString(objectUrl),
mimeType: body.mimeType,
fileName: this.encryptNullableString(body.fileName),
fileSize: body.fileSize,
width: body.width ?? null,
height: body.height ?? null,
durationMs: body.durationMs ?? null,
checksum: this.encryptNullableString(body.checksum)
}
});
});
return {
id: attachment.id,
taskId: attachment.taskId,
type: attachment.type,
url: this.readDecryptedString(attachment.url) ?? objectUrl,
mimeType: attachment.mimeType,
fileName: this.readDecryptedString(attachment.fileName),
fileSize: attachment.fileSize,
width: attachment.width,
height: attachment.height,
durationMs: attachment.durationMs,
checksum: this.readDecryptedString(attachment.checksum),
createdAt: attachment.createdAt.toISOString(),
updatedAt: attachment.updatedAt.toISOString()
};
}
private getS3Client(): S3Client {
if (this.s3Client) {
return this.s3Client;
}
const endpoint = this.configService.get<string>("S3_ENDPOINT") ?? "http://127.0.0.1:9000";
const region = this.configService.get<string>("S3_REGION") ?? "us-east-1";
const forcePathStyle =
this.configService.get<string>("S3_FORCE_PATH_STYLE")?.toLowerCase() !== "false";
this.s3Client = new S3Client({
endpoint,
region,
forcePathStyle,
credentials: {
accessKeyId: this.configService.get<string>("S3_ACCESS_KEY_ID") ?? "minioadmin",
secretAccessKey: this.configService.get<string>("S3_SECRET_ACCESS_KEY") ?? "minioadmin"
}
});
return this.s3Client;
}
private getDefaultBucket(): string {
return this.configService.get<string>("S3_BUCKET") ?? "todolist";
}
private getPresignExpiresInSeconds(): number {
const configValue = Number(this.configService.get<string>("S3_PRESIGN_EXPIRES_SECONDS") ?? 900);
if (!Number.isFinite(configValue) || configValue <= 0) {
return 900;
}
return Math.min(configValue, 604800);
}
private generateObjectKey(fileName: string): string {
const datePrefix = new Date().toISOString().slice(0, 10);
return `attachments/${datePrefix}/${randomUUID()}${this.extractFileExtension(fileName)}`;
}
private resolveObjectUrl(bucket: string, objectKey: string): string {
const publicBaseUrl = this.configService.get<string>("S3_PUBLIC_BASE_URL");
if (publicBaseUrl) {
return `${publicBaseUrl.replace(/\/+$/, "")}/${bucket}/${objectKey}`;
}
const endpoint = this.configService.get<string>("S3_ENDPOINT") ?? "http://127.0.0.1:9000";
return `${endpoint.replace(/\/+$/, "")}/${bucket}/${objectKey}`;
}
private resolveAttachmentType(mimeType: string): AttachmentType {
if (mimeType.startsWith("image/")) {
return AttachmentType.IMAGE;
}
if (mimeType.startsWith("video/")) {
return AttachmentType.VIDEO;
}
return AttachmentType.FILE;
}
private buildUploadHeaders(
mimeType: string,
serverSideEncryption: "AES256" | undefined
): Record<string, string> {
const headers: Record<string, string> = {
"Content-Type": mimeType
};
if (serverSideEncryption) {
headers["x-amz-server-side-encryption"] = serverSideEncryption;
}
return headers;
}
private getServerSideEncryptionMode(): "AES256" | undefined {
const configValue =
this.configService.get<string>("S3_SERVER_SIDE_ENCRYPTION")?.trim().toUpperCase() ?? "AES256";
if (configValue === "NONE" || configValue === "DISABLED") {
return undefined;
}
return "AES256";
}
private extractFileExtension(fileName: string): string {
const match = /\.[a-zA-Z0-9]{1,16}$/.exec(fileName);
return match?.[0]?.toLowerCase() ?? "";
}
private async ensureTaskOwnership(userId: string, taskId: string): Promise<void> {
const task = await this.prismaService.task.findFirst({
where: {
id: taskId,
userId
},
select: {
id: true
}
});
if (!task) {
throw new NotFoundException("任务不存在");
}
}
private async getQuotaSnapshot(
userId: string,
tx: Pick<PrismaService, "user"> = this.prismaService
): Promise<QuotaInfo> {
const user = await tx.user.findUnique({
where: {
id: userId
},
select: {
id: true,
defaultStorageQuotaMb: true,
usedStorageBytes: true
}
});
if (!user) {
throw new NotFoundException("用户不存在");
}
return {
totalBytes: BigInt(user.defaultStorageQuotaMb) * 1024n * 1024n,
usedBytes: user.usedStorageBytes
};
}
private assertQuotaAvailable(totalBytes: bigint, usedBytes: bigint, fileSize: number): void {
const uploadBytes = BigInt(fileSize);
if (uploadBytes > totalBytes || usedBytes + uploadBytes > totalBytes) {
throw new PayloadTooLargeException("存储配额不足");
}
}
private encryptRequiredString(value: string): string {
const encryptedValue = this.dataEncryptionService.encryptString(value);
if (!encryptedValue) {
throw new InternalServerErrorException("附件元数据加密失败");
}
return encryptedValue;
}
private encryptNullableString(value: string | null | undefined): string | null | undefined {
return this.dataEncryptionService.encryptString(value);
}
private readDecryptedString(value: string | null): string | null {
const decryptedValue = this.dataEncryptionService.decryptString(value);
return typeof decryptedValue === "string" ? decryptedValue : null;
}
}
apps/api/src/attachment/dto/complete-attachment.dto.ts
+89
View File
@@ -0,0 +1,89 @@
import { Transform, Type } from "class-transformer";
import {
IsEnum,
IsInt,
IsOptional,
IsString,
Max,
MaxLength,
Min,
MinLength
} from "class-validator";
import { AttachmentType } from "../../../generated/prisma/client";
function normalizeString(value: unknown): unknown {
if (typeof value !== "string") {
return value;
}
return value.trim();
}
export class CompleteAttachmentDto {
@Transform(({ value }) => normalizeString(value))
@IsString()
@MinLength(1)
@MaxLength(255)
objectKey!: string;
@Transform(({ value }) => normalizeString(value))
@IsOptional()
@IsString()
@MaxLength(100)
bucket?: string;
@Transform(({ value }) => normalizeString(value))
@IsString()
@MinLength(1)
@MaxLength(255)
fileName!: string;
@Transform(({ value }) => normalizeString(value))
@IsString()
@MinLength(1)
@MaxLength(255)
mimeType!: string;
@Type(() => Number)
@IsInt()
@Min(1)
@Max(1073741824)
fileSize!: number;
@IsOptional()
@IsEnum(AttachmentType)
type?: AttachmentType;
@Transform(({ value }) => normalizeString(value))
@IsOptional()
@IsString()
@MaxLength(255)
taskId?: string;
@Transform(({ value }) => normalizeString(value))
@IsOptional()
@IsString()
@MaxLength(128)
checksum?: string;
@Type(() => Number)
@IsOptional()
@IsInt()
@Min(1)
@Max(100000)
width?: number;
@Type(() => Number)
@IsOptional()
@IsInt()
@Min(1)
@Max(100000)
height?: number;
@Type(() => Number)
@IsOptional()
@IsInt()
@Min(1)
@Max(86400000)
durationMs?: number;
}
apps/api/src/attachment/dto/presign-attachment.dto.ts
+35
View File
@@ -0,0 +1,35 @@
import { Transform } from "class-transformer";
import { IsInt, IsOptional, IsString, Max, MaxLength, Min, MinLength } from "class-validator";
function normalizeString(value: unknown): unknown {
if (typeof value !== "string") {
return value;
}
return value.trim();
}
export class PresignAttachmentDto {
@Transform(({ value }) => normalizeString(value))
@IsString()
@MinLength(1)
@MaxLength(255)
fileName!: string;
@Transform(({ value }) => normalizeString(value))
@IsString()
@MinLength(1)
@MaxLength(255)
mimeType!: string;
@IsInt()
@Min(1)
@Max(1073741824)
fileSize!: number;
@Transform(({ value }) => normalizeString(value))
@IsOptional()
@IsString()
@MaxLength(255)
taskId?: string;
}
apps/api/src/auth/auth-mail.service.ts
+131
View File
@@ -0,0 +1,131 @@
import {
Injectable,
InternalServerErrorException,
Logger,
ServiceUnavailableException
} from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { createTransport, type Transporter } from "nodemailer";
type MailRuntimeConfig = {
host: string;
port: number;
secure: boolean;
user: string;
pass: string;
fromName: string;
fromAddress: string;
};
@Injectable()
export class AuthMailService {
private readonly logger = new Logger(AuthMailService.name);
private cachedConfig: MailRuntimeConfig | null = null;
private transporter: Transporter | null = null;
constructor(private readonly configService: ConfigService) {}
async sendLoginCode(email: string, code: string, ttlSeconds: number): Promise<void> {
const config = this.getRuntimeConfig();
const transporter = this.getTransporter(config);
try {
await transporter.sendMail({
from: this.resolveFromField(config),
to: email,
subject: "TodoList 登录验证码",
text: `你的验证码是 ${code}${ttlSeconds} 秒内有效。`,
html: `<p>你的验证码是 <strong>${code}</strong>${ttlSeconds} 秒内有效。</p>`
});
} catch (error) {
this.logger.error(
`验证码邮件发送失败: ${email}`,
error instanceof Error ? error.stack : undefined
);
throw new ServiceUnavailableException("验证码邮件发送失败,请稍后重试");
}
}
private getTransporter(config: MailRuntimeConfig): Transporter {
if (this.transporter) {
return this.transporter;
}
this.transporter = createTransport({
host: config.host,
port: config.port,
secure: config.secure,
auth: {
user: config.user,
pass: config.pass
}
});
return this.transporter;
}
private getRuntimeConfig(): MailRuntimeConfig {
if (this.cachedConfig) {
return this.cachedConfig;
}
const host = this.getRequiredString("MAIL_SMTP_HOST");
const port = this.getRequiredNumber("MAIL_SMTP_PORT");
const secure = this.getBoolean("MAIL_SMTP_SECURE", port === 465);
const user = this.getRequiredString("MAIL_SMTP_USER");
const pass = this.getRequiredString("MAIL_SMTP_PASS");
const fromName = this.configService.get<string>("MAIL_FROM_NAME")?.trim() || "TodoList";
const fromAddress = this.configService.get<string>("MAIL_FROM_ADDRESS")?.trim() || user;
const config: MailRuntimeConfig = {
host,
port,
secure,
user,
pass,
fromName,
fromAddress
};
this.cachedConfig = config;
return config;
}
private getRequiredString(key: string): string {
const value = this.configService.get<string>(key)?.trim();
if (!value) {
throw new InternalServerErrorException(`邮件配置缺失: ${key}`);
}
return value;
}
private getRequiredNumber(key: string): number {
const rawValue = this.configService.get<string>(key)?.trim();
if (!rawValue) {
throw new InternalServerErrorException(`邮件配置缺失: ${key}`);
}
const parsedValue = Number(rawValue);
if (!Number.isFinite(parsedValue)) {
throw new InternalServerErrorException(`邮件配置格式错误: ${key}`);
}
return parsedValue;
}
private getBoolean(key: string, fallback: boolean): boolean {
const rawValue = this.configService.get<string>(key);
if (!rawValue) {
return fallback;
}
const normalizedValue = rawValue.trim().toLowerCase();
return normalizedValue === "true" || normalizedValue === "1";
}
private resolveFromField(config: MailRuntimeConfig): string {
const sanitizedName = config.fromName.replace(/"/g, "");
return `"${sanitizedName}" <${config.fromAddress}>`;
}
}
apps/api/src/auth/auth.controller.ts
+120
View File
@@ -0,0 +1,120 @@
import { Body, Controller, Get, Post, Req, UseGuards } from "@nestjs/common";
import { AuthGuard } from "@nestjs/passport";
import { AuthService } from "./auth.service";
import { EmailLoginDto } from "./dto/email-login.dto";
import { RefreshTokenDto } from "./dto/refresh-token.dto";
import { SendEmailCodeDto } from "./dto/send-email-code.dto";
import { TwoFactorEnrollDto } from "./dto/two-factor-enroll.dto";
import { TwoFactorVerifyDto } from "./dto/two-factor-verify.dto";
@Controller("auth")
export class AuthController {
constructor(private readonly authService: AuthService) {}
@Post("email/send-code")
async sendEmailCode(
@Body() body: SendEmailCodeDto
): Promise<{ success: boolean; expiresInSeconds: number }> {
return this.authService.sendEmailCode(body.email);
}
@Post("email/login")
async loginWithEmailCode(@Body() body: EmailLoginDto): Promise<{
accessToken: string;
tokenType: "Bearer";
expiresInSeconds: number;
refreshToken: string;
refreshExpiresInSeconds: number;
user: { id: string; email: string };
}> {
return this.authService.loginWithEmailCode(body.email, body.code);
}
@Post("token/refresh")
async refreshTokens(@Body() body: RefreshTokenDto): Promise<{
accessToken: string;
tokenType: "Bearer";
expiresInSeconds: number;
refreshToken: string;
refreshExpiresInSeconds: number;
user: { id: string; email: string };
}> {
return this.authService.refreshTokens(body.refreshToken);
}
@Post("token/revoke")
async revokeRefreshToken(@Body() body: RefreshTokenDto): Promise<{ success: boolean }> {
return this.authService.revokeRefreshToken(body.refreshToken);
}
@Post("2fa/enroll")
async enrollTwoFactor(@Body() body: TwoFactorEnrollDto): Promise<{
userId: string;
secret: string;
otpauthUrl: string;
enabled: boolean;
}> {
return this.authService.enrollTwoFactor(body.email);
}
@Post("2fa/verify")
async verifyTwoFactor(
@Body() body: TwoFactorVerifyDto
): Promise<{ success: boolean; enabled: boolean }> {
return this.authService.verifyTwoFactor(body.email, body.token);
}
@Get("oauth/github")
@UseGuards(AuthGuard("github"))
githubLogin(): void {}
@Get("oauth/github/callback")
@UseGuards(AuthGuard("github"))
githubCallback(@Req() req: { user: unknown }): {
success: boolean;
provider: "github";
profile: unknown;
} {
return {
success: true,
provider: "github",
profile: req.user
};
}
@Get("oauth/qq")
@UseGuards(AuthGuard("qq"))
qqLogin(): void {}
@Get("oauth/qq/callback")
@UseGuards(AuthGuard("qq"))
qqCallback(@Req() req: { user: unknown }): {
success: boolean;
provider: "qq";
profile: unknown;
} {
return {
success: true,
provider: "qq",
profile: req.user
};
}
@Get("oauth/wechat")
@UseGuards(AuthGuard("wechat"))
wechatLogin(): void {}
@Get("oauth/wechat/callback")
@UseGuards(AuthGuard("wechat"))
wechatCallback(@Req() req: { user: unknown }): {
success: boolean;
provider: "wechat";
profile: unknown;
} {
return {
success: true,
provider: "wechat",
profile: req.user
};
}
}
apps/api/src/auth/auth.module.ts
+33
View File
@@ -0,0 +1,33 @@
import { Module } from "@nestjs/common";
import { ConfigModule, ConfigService } from "@nestjs/config";
import { JwtModule } from "@nestjs/jwt";
import { PassportModule } from "@nestjs/passport";
import { AuthController } from "./auth.controller";
import { AuthMailService } from "./auth-mail.service";
import { AuthService } from "./auth.service";
import { GithubStrategy } from "./strategies/github.strategy";
import { QqStrategy } from "./strategies/qq.strategy";
import { WechatStrategy } from "./strategies/wechat.strategy";
@Module({
imports: [
ConfigModule,
PassportModule.register({ session: false }),
JwtModule.registerAsync({
inject: [ConfigService],
useFactory: (configService: ConfigService) => {
const expiresInSeconds = Number(configService.get("AUTH_ACCESS_EXPIRES_IN_SECONDS") ?? 900);
return {
secret: configService.get<string>("AUTH_ACCESS_SECRET") ?? "dev-access-secret",
signOptions: {
expiresIn: expiresInSeconds
}
};
}
})
],
controllers: [AuthController],
providers: [AuthService, AuthMailService, GithubStrategy, QqStrategy, WechatStrategy]
})
export class AuthModule {}
apps/api/src/auth/auth.service.ts
+288
View File
@@ -0,0 +1,288 @@
import { Injectable, UnauthorizedException } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { JwtService } from "@nestjs/jwt";
import { randomUUID } from "node:crypto";
import { authenticator } from "@otplib/preset-default";
import { AuthMailService } from "./auth-mail.service";
import { PrismaService } from "../prisma/prisma.service";
import { DataEncryptionService } from "../security/data-encryption.service";
type EmailCodeEntry = {
code: string;
expiresAt: number;
};
type AuthUser = {
id: string;
email: string;
};
type AuthTokenResult = {
accessToken: string;
tokenType: "Bearer";
expiresInSeconds: number;
refreshToken: string;
refreshExpiresInSeconds: number;
user: AuthUser;
};
@Injectable()
export class AuthService {
private readonly emailCodeStore = new Map<string, EmailCodeEntry>();
constructor(
private readonly configService: ConfigService,
private readonly jwtService: JwtService,
private readonly authMailService: AuthMailService,
private readonly prismaService: PrismaService,
private readonly dataEncryptionService: DataEncryptionService
) {}
async sendEmailCode(email: string): Promise<{ success: boolean; expiresInSeconds: number }> {
const ttlSeconds = Number(this.configService.get("AUTH_EMAIL_CODE_TTL_SECONDS") ?? 300);
const code = this.generateCode();
const expiresAt = Date.now() + ttlSeconds * 1000;
const normalizedEmail = email.toLowerCase();
await this.authMailService.sendLoginCode(normalizedEmail, code, ttlSeconds);
this.emailCodeStore.set(normalizedEmail, { code, expiresAt });
return {
success: true,
expiresInSeconds: ttlSeconds
};
}
async loginWithEmailCode(email: string, code: string): Promise<AuthTokenResult> {
const lowerEmail = email.toLowerCase();
const codeEntry = this.emailCodeStore.get(lowerEmail);
if (!codeEntry) {
throw new UnauthorizedException("验证码不存在或已失效");
}
if (codeEntry.expiresAt < Date.now()) {
this.emailCodeStore.delete(lowerEmail);
throw new UnauthorizedException("验证码已过期");
}
if (codeEntry.code !== code) {
throw new UnauthorizedException("验证码错误");
}
this.emailCodeStore.delete(lowerEmail);
const user = await this.getOrCreateUser(lowerEmail);
return this.issueTokens(user);
}
async refreshTokens(refreshToken: string): Promise<AuthTokenResult> {
const entry = await this.prismaService.refreshToken.findUnique({
where: {
tokenHash: refreshToken
},
include: {
user: {
select: {
id: true,
email: true
}
}
}
});
if (!entry) {
throw new UnauthorizedException("刷新令牌不存在");
}
if (entry.revokedAt) {
throw new UnauthorizedException("刷新令牌已注销");
}
if (entry.expiresAt.getTime() < Date.now()) {
await this.prismaService.refreshToken.update({
where: {
id: entry.id
},
data: {
revokedAt: new Date()
}
});
throw new UnauthorizedException("刷新令牌已过期");
}
await this.prismaService.refreshToken.update({
where: {
id: entry.id
},
data: {
revokedAt: new Date()
}
});
return this.issueTokens({
id: entry.user.id,
email: this.readRequiredEmail(entry.user.email)
});
}
async revokeRefreshToken(refreshToken: string): Promise<{ success: boolean }> {
await this.prismaService.refreshToken.updateMany({
where: {
tokenHash: refreshToken,
revokedAt: null
},
data: {
revokedAt: new Date()
}
});
return { success: true };
}
async enrollTwoFactor(
email: string
): Promise<{ userId: string; secret: string; otpauthUrl: string; enabled: boolean }> {
const user = await this.getOrCreateUser(email.toLowerCase());
const secret = authenticator.generateSecret();
const issuer = this.configService.get<string>("AUTH_TOTP_ISSUER") ?? "TodoList";
const otpauthUrl = authenticator.keyuri(user.email, issuer, secret);
await this.prismaService.userSecurity.upsert({
where: {
userId: user.id
},
update: {
twoFactorSecret: secret,
twoFactorEnabled: false
},
create: {
userId: user.id,
twoFactorSecret: secret,
twoFactorEnabled: false
}
});
return {
userId: user.id,
secret,
otpauthUrl,
enabled: false
};
}
async verifyTwoFactor(
email: string,
token: string
): Promise<{ success: boolean; enabled: boolean }> {
const user = await this.getOrCreateUser(email.toLowerCase());
const security = await this.prismaService.userSecurity.findUnique({
where: {
userId: user.id
},
select: {
twoFactorSecret: true
}
});
if (!security?.twoFactorSecret) {
throw new UnauthorizedException("尚未启用两步验证");
}
const valid = authenticator.check(token, security.twoFactorSecret);
if (!valid) {
throw new UnauthorizedException("两步验证码错误");
}
await this.prismaService.userSecurity.update({
where: {
userId: user.id
},
data: {
twoFactorEnabled: true
}
});
return {
success: true,
enabled: true
};
}
private async getOrCreateUser(email: string): Promise<AuthUser> {
const normalizedEmail = email.toLowerCase();
const emailHash = this.dataEncryptionService.createLookupHash("user.email", normalizedEmail);
const user = await this.prismaService.user.upsert({
where: {
emailHash
},
update: {},
create: {
email: this.encryptRequiredString(normalizedEmail),
emailHash
},
select: {
id: true,
email: true
}
});
return {
id: user.id,
email: this.readRequiredEmail(user.email)
};
}
private generateCode(): string {
return String(Math.floor(100000 + Math.random() * 900000));
}
private async issueTokens(user: AuthUser): Promise<AuthTokenResult> {
const accessExpiresInSeconds = Number(
this.configService.get("AUTH_ACCESS_EXPIRES_IN_SECONDS") ?? 900
);
const refreshExpiresInSeconds = Number(
this.configService.get("AUTH_REFRESH_EXPIRES_IN_SECONDS") ?? 2592000
);
const accessToken = await this.jwtService.signAsync({
sub: user.id,
email: user.email
});
const refreshToken = `${randomUUID()}${randomUUID()}`;
await this.prismaService.refreshToken.create({
data: {
userId: user.id,
tokenHash: refreshToken,
expiresAt: new Date(Date.now() + refreshExpiresInSeconds * 1000)
}
});
return {
accessToken,
tokenType: "Bearer",
expiresInSeconds: accessExpiresInSeconds,
refreshToken,
refreshExpiresInSeconds,
user
};
}
private encryptRequiredString(value: string): string {
const encryptedValue = this.dataEncryptionService.encryptString(value);
if (!encryptedValue) {
throw new UnauthorizedException("用户敏感字段加密失败");
}
return encryptedValue;
}
private readRequiredEmail(value: string): string {
const decryptedValue = this.dataEncryptionService.decryptString(value);
if (typeof decryptedValue !== "string" || decryptedValue.length === 0) {
throw new UnauthorizedException("用户邮箱解密失败");
}
return decryptedValue;
}
}
apps/api/src/auth/dto/email-login.dto.ts
+11
View File
@@ -0,0 +1,11 @@
import { IsEmail, IsString, Length, Matches } from "class-validator";
export class EmailLoginDto {
@IsEmail()
email!: string;
@IsString()
@Length(6, 6)
@Matches(/^\d{6}$/)
code!: string;
}
apps/api/src/auth/dto/refresh-token.dto.ts
+7
View File
@@ -0,0 +1,7 @@
import { IsString, MinLength } from "class-validator";
export class RefreshTokenDto {
@IsString()
@MinLength(20)
refreshToken!: string;
}
apps/api/src/auth/dto/send-email-code.dto.ts
+6
View File
@@ -0,0 +1,6 @@
import { IsEmail } from "class-validator";
export class SendEmailCodeDto {
@IsEmail()
email!: string;
}
apps/api/src/auth/dto/two-factor-enroll.dto.ts
+6
View File
@@ -0,0 +1,6 @@
import { IsEmail } from "class-validator";
export class TwoFactorEnrollDto {
@IsEmail()
email!: string;
}
apps/api/src/auth/dto/two-factor-verify.dto.ts
+11
View File
@@ -0,0 +1,11 @@
import { IsEmail, IsString, Length, Matches } from "class-validator";
export class TwoFactorVerifyDto {
@IsEmail()
email!: string;
@IsString()
@Length(6, 6)
@Matches(/^\d{6}$/)
token!: string;
}
apps/api/src/auth/strategies/github.strategy.ts
+32
View File
@@ -0,0 +1,32 @@
import { Injectable } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { PassportStrategy } from "@nestjs/passport";
import { Profile, Strategy } from "passport-github2";
@Injectable()
export class GithubStrategy extends PassportStrategy(Strategy, "github") {
constructor(configService: ConfigService) {
super({
clientID: configService.get<string>("OAUTH_GITHUB_CLIENT_ID") ?? "github-client-id",
clientSecret:
configService.get<string>("OAUTH_GITHUB_CLIENT_SECRET") ?? "github-client-secret",
callbackURL:
configService.get<string>("OAUTH_GITHUB_CALLBACK_URL") ??
"http://localhost:3000/auth/oauth/github/callback",
scope: ["user:email"]
});
}
async validate(
accessToken: string,
refreshToken: string,
profile: Profile
): Promise<{ provider: "github"; accessToken: string; refreshToken: string; profile: Profile }> {
return {
provider: "github",
accessToken,
refreshToken,
profile
};
}
}
apps/api/src/auth/strategies/qq.strategy.ts
+33
View File
@@ -0,0 +1,33 @@
import { Injectable } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { PassportStrategy } from "@nestjs/passport";
import { Strategy } from "passport-oauth2";
@Injectable()
export class QqStrategy extends PassportStrategy(Strategy, "qq") {
constructor(configService: ConfigService) {
super({
authorizationURL:
configService.get<string>("OAUTH_QQ_AUTH_URL") ?? "https://graph.qq.com/oauth2.0/authorize",
tokenURL:
configService.get<string>("OAUTH_QQ_TOKEN_URL") ?? "https://graph.qq.com/oauth2.0/token",
clientID: configService.get<string>("OAUTH_QQ_CLIENT_ID") ?? "qq-client-id",
clientSecret: configService.get<string>("OAUTH_QQ_CLIENT_SECRET") ?? "qq-client-secret",
callbackURL:
configService.get<string>("OAUTH_QQ_CALLBACK_URL") ??
"http://localhost:3000/auth/oauth/qq/callback",
scope: ["get_user_info"]
});
}
async validate(
accessToken: string,
refreshToken: string
): Promise<{ provider: "qq"; accessToken: string; refreshToken: string }> {
return {
provider: "qq",
accessToken,
refreshToken
};
}
}
apps/api/src/auth/strategies/wechat.strategy.ts
+36
View File
@@ -0,0 +1,36 @@
import { Injectable } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { PassportStrategy } from "@nestjs/passport";
import { Strategy } from "passport-oauth2";
@Injectable()
export class WechatStrategy extends PassportStrategy(Strategy, "wechat") {
constructor(configService: ConfigService) {
super({
authorizationURL:
configService.get<string>("OAUTH_WECHAT_AUTH_URL") ??
"https://open.weixin.qq.com/connect/qrconnect",
tokenURL:
configService.get<string>("OAUTH_WECHAT_TOKEN_URL") ??
"https://api.weixin.qq.com/sns/oauth2/access_token",
clientID: configService.get<string>("OAUTH_WECHAT_CLIENT_ID") ?? "wechat-client-id",
clientSecret:
configService.get<string>("OAUTH_WECHAT_CLIENT_SECRET") ?? "wechat-client-secret",
callbackURL:
configService.get<string>("OAUTH_WECHAT_CALLBACK_URL") ??
"http://localhost:3000/auth/oauth/wechat/callback",
scope: ["snsapi_login"]
});
}
async validate(
accessToken: string,
refreshToken: string
): Promise<{ provider: "wechat"; accessToken: string; refreshToken: string }> {
return {
provider: "wechat",
accessToken,
refreshToken
};
}
}
apps/api/src/main.ts
+31
View File
@@ -0,0 +1,31 @@
import "reflect-metadata";
import { ValidationPipe } from "@nestjs/common";
import { NestFactory } from "@nestjs/core";
import type { NestExpressApplication } from "@nestjs/platform-express";
import { AppModule } from "./app.module";
async function bootstrap(): Promise<void> {
const app = await NestFactory.create<NestExpressApplication>(AppModule);
const bodyLimit = process.env.API_BODY_LIMIT ?? "8mb";
app.useBodyParser("json", { limit: bodyLimit });
app.useBodyParser("urlencoded", {
extended: true,
limit: bodyLimit
});
app.enableCors({
origin: true,
credentials: true
});
app.useGlobalPipes(
new ValidationPipe({
transform: true,
whitelist: true,
forbidNonWhitelisted: true
})
);
await app.listen(3000);
}
void bootstrap();
apps/api/src/prisma/prisma.module.ts
+9
View File
@@ -0,0 +1,9 @@
import { Global, Module } from "@nestjs/common";
import { PrismaService } from "./prisma.service";
@Global()
@Module({
providers: [PrismaService],
exports: [PrismaService]
})
export class PrismaModule {}
apps/api/src/prisma/prisma.service.ts
+28
View File
@@ -0,0 +1,28 @@
import { Injectable, OnModuleDestroy, OnModuleInit } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { PrismaPg } from "@prisma/adapter-pg";
import { PrismaClient } from "../../generated/prisma/client";
@Injectable()
export class PrismaService extends PrismaClient implements OnModuleInit, OnModuleDestroy {
constructor(configService: ConfigService) {
const connectionString = configService.get<string>("DATABASE_URL");
if (!connectionString) {
throw new Error("缺少数据库连接配置 DATABASE_URL");
}
super({
adapter: new PrismaPg({
connectionString
})
});
}
async onModuleInit(): Promise<void> {
await this.$connect();
}
async onModuleDestroy(): Promise<void> {
await this.$disconnect();
}
}
apps/api/src/security/data-encryption.service.ts
+155
View File
@@ -0,0 +1,155 @@
import { Injectable, InternalServerErrorException } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { Prisma } from "../../generated/prisma/client";
import { createCipheriv, createDecipheriv, createHash, createHmac, randomBytes } from "node:crypto";
const ENCRYPTION_PREFIX = "encv1";
const ENCRYPTION_ALGORITHM = "aes-256-gcm";
const ENCRYPTION_IV_LENGTH = 12;
@Injectable()
export class DataEncryptionService {
constructor(private readonly configService: ConfigService) {}
isConfigured(): boolean {
return Boolean(this.configService.get<string>("DATA_ENCRYPTION_SECRET"));
}
isEncryptedString(value: string): boolean {
return value.startsWith(`${ENCRYPTION_PREFIX}:`);
}
encryptString(value: string | null | undefined): string | null | undefined {
if (value === undefined) {
return undefined;
}
if (value === null) {
return null;
}
const key = this.resolveKey();
const iv = randomBytes(ENCRYPTION_IV_LENGTH);
const cipher = createCipheriv(ENCRYPTION_ALGORITHM, key, iv);
const encrypted = Buffer.concat([cipher.update(value, "utf8"), cipher.final()]);
const authTag = cipher.getAuthTag();
return [
ENCRYPTION_PREFIX,
iv.toString("base64url"),
authTag.toString("base64url"),
encrypted.toString("base64url")
].join(":");
}
decryptString(value: string | null | undefined): string | null | undefined {
if (value === undefined) {
return undefined;
}
if (value === null || !this.isEncryptedPayload(value)) {
return value;
}
const [prefix, ivText, authTagText, encryptedText] = value.split(":");
if (prefix !== ENCRYPTION_PREFIX || !ivText || !authTagText || encryptedText === undefined) {
throw new InternalServerErrorException("加密数据格式无效");
}
try {
const key = this.resolveKey();
const decipher = createDecipheriv(
ENCRYPTION_ALGORITHM,
key,
Buffer.from(ivText, "base64url")
);
decipher.setAuthTag(Buffer.from(authTagText, "base64url"));
const decrypted = Buffer.concat([
decipher.update(Buffer.from(encryptedText, "base64url")),
decipher.final()
]);
return decrypted.toString("utf8");
} catch {
throw new InternalServerErrorException("加密数据解密失败");
}
}
encryptJson(
value: Prisma.InputJsonValue | null | undefined
): Prisma.InputJsonValue | null | undefined {
if (value === undefined) {
return undefined;
}
if (value === null) {
return null;
}
return this.encryptString(JSON.stringify(value));
}
decryptJson(value: Prisma.JsonValue | null): Prisma.JsonValue | null {
if (value === null) {
return null;
}
if (typeof value !== "string" || !this.isEncryptedPayload(value)) {
return value;
}
const decrypted = this.decryptString(value);
if (typeof decrypted !== "string") {
throw new InternalServerErrorException("加密数据解密失败");
}
try {
return JSON.parse(decrypted) as Prisma.JsonValue;
} catch {
throw new InternalServerErrorException("加密 JSON 数据损坏");
}
}
decryptPayload(value: Prisma.JsonValue | null): string | null {
if (value === null) {
return null;
}
if (typeof value === "string") {
return this.decryptString(value) ?? null;
}
return JSON.stringify(value);
}
createLookupHash(scope: string, value: string): string {
const normalizedScope = scope.trim().toLowerCase();
if (!normalizedScope) {
throw new InternalServerErrorException("缺少盲索引作用域");
}
const secret = this.configService.get<string>("DATA_ENCRYPTION_SECRET");
if (!secret) {
throw new InternalServerErrorException("服务端未配置 DATA_ENCRYPTION_SECRET,无法生成盲索引");
}
return createHmac("sha256", `lookup:${normalizedScope}:${secret}`)
.update(value, "utf8")
.digest("hex");
}
private isEncryptedPayload(value: string): boolean {
return this.isEncryptedString(value);
}
private resolveKey(): Buffer {
const secret = this.configService.get<string>("DATA_ENCRYPTION_SECRET");
if (!secret) {
throw new InternalServerErrorException(
"服务端未配置 DATA_ENCRYPTION_SECRET,无法写入加密数据"
);
}
return createHash("sha256").update(secret, "utf8").digest();
}
}
apps/api/src/security/security.module.ts
+9
View File
@@ -0,0 +1,9 @@
import { Global, Module } from "@nestjs/common";
import { DataEncryptionService } from "./data-encryption.service";
@Global()
@Module({
providers: [DataEncryptionService],
exports: [DataEncryptionService]
})
export class SecurityModule {}
apps/api/src/sync/dto/sync-pull.dto.ts
+16
View File
@@ -0,0 +1,16 @@
import { Type } from "class-transformer";
import { IsInt, IsOptional, IsString, Max, MaxLength, Min } from "class-validator";
export class SyncPullQueryDto {
@IsOptional()
@IsString()
@MaxLength(512)
cursor?: string;
@Type(() => Number)
@IsOptional()
@IsInt()
@Min(1)
@Max(200)
limit?: number;
}
apps/api/src/sync/dto/sync-push.dto.ts
+62
View File
@@ -0,0 +1,62 @@
import { Type } from "class-transformer";
import {
ArrayMaxSize,
ArrayMinSize,
IsArray,
IsEnum,
IsInt,
IsOptional,
IsString,
MaxLength,
Min,
ValidateNested
} from "class-validator";
export enum SyncEntityTypeDto {
TASK = "TASK"
}
export enum SyncActionTypeDto {
CREATE = "CREATE",
UPDATE = "UPDATE",
DELETE = "DELETE"
}
export class SyncPushOperationDto {
@IsString()
@MaxLength(64)
opId!: string;
@IsString()
@MaxLength(64)
entityId!: string;
@IsEnum(SyncEntityTypeDto)
entityType!: SyncEntityTypeDto;
@IsEnum(SyncActionTypeDto)
action!: SyncActionTypeDto;
@IsOptional()
@IsString()
@MaxLength(5000000)
payload?: string;
@Type(() => Number)
@IsInt()
@Min(0)
clientTs!: number;
@IsString()
@MaxLength(128)
deviceId!: string;
}
export class SyncPushDto {
@IsArray()
@ArrayMinSize(1)
@ArrayMaxSize(200)
@ValidateNested({ each: true })
@Type(() => SyncPushOperationDto)
operations!: SyncPushOperationDto[];
}
apps/api/src/sync/sync.controller.ts
+34
View File
@@ -0,0 +1,34 @@
import { Body, Controller, Get, Headers, Post, Query, UnauthorizedException } from "@nestjs/common";
import { SyncPullQueryDto } from "./dto/sync-pull.dto";
import { SyncPushDto } from "./dto/sync-push.dto";
import { SyncPullResponse, SyncPushResponse, SyncService } from "./sync.service";
@Controller("sync")
export class SyncController {
constructor(private readonly syncService: SyncService) {}
@Get("pull")
async pullOperations(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Query() query: SyncPullQueryDto
): Promise<SyncPullResponse> {
return this.syncService.pullOperations(this.resolveUserId(userIdHeader), query);
}
@Post("push")
async pushOperations(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Body() body: SyncPushDto
): Promise<SyncPushResponse> {
return this.syncService.pushOperations(this.resolveUserId(userIdHeader), body);
}
private resolveUserId(userIdHeader: string | string[] | undefined): string {
const userId = Array.isArray(userIdHeader) ? userIdHeader[0] : userIdHeader;
if (!userId) {
throw new UnauthorizedException("缺少用户上下文");
}
return userId;
}
}
apps/api/src/sync/sync.module.ts
+11
View File
@@ -0,0 +1,11 @@
import { Module } from "@nestjs/common";
import { PrismaModule } from "../prisma/prisma.module";
import { SyncController } from "./sync.controller";
import { SyncService } from "./sync.service";
@Module({
imports: [PrismaModule],
controllers: [SyncController],
providers: [SyncService]
})
export class SyncModule {}
apps/api/src/sync/sync.service.ts
+309
View File
@@ -0,0 +1,309 @@
import { BadRequestException, Injectable } from "@nestjs/common";
import { Prisma } from "../../generated/prisma/client";
import { PrismaService } from "../prisma/prisma.service";
import { DataEncryptionService } from "../security/data-encryption.service";
import { SyncPullQueryDto } from "./dto/sync-pull.dto";
import { SyncPushDto, SyncPushOperationDto } from "./dto/sync-push.dto";
export type SyncPushItemStatus = "accepted" | "duplicate" | "failed";
export type SyncPushItemResult = {
opId: string;
status: SyncPushItemStatus;
serverTs: string | null;
reason: string | null;
};
export type SyncPushResponse = {
acceptedCount: number;
duplicateCount: number;
failedCount: number;
results: SyncPushItemResult[];
};
type ExistingOperationRecord = {
opId: string;
serverTs: Date;
};
type SyncPullCursorState = {
serverTs: string;
opId: string;
};
type SyncPullOperationRecord = {
opId: string;
entityId: string;
entityType: string;
action: string;
payload: Prisma.JsonValue | null;
clientTs: Date;
deviceId: string;
serverTs: Date;
};
export type SyncPullItem = {
opId: string;
entityId: string;
entityType: string;
action: string;
payload: string | null;
clientTs: number;
deviceId: string;
serverTs: string;
};
export type SyncPullResponse = {
items: SyncPullItem[];
nextCursor: string | null;
hasMore: boolean;
};
@Injectable()
export class SyncService {
constructor(
private readonly prismaService: PrismaService,
private readonly dataEncryptionService: DataEncryptionService
) {}
async pullOperations(userId: string, query: SyncPullQueryDto): Promise<SyncPullResponse> {
const limit = query.limit ?? 100;
const cursor = this.parseCursor(query.cursor);
const operations = (await this.prismaService.syncOperation.findMany({
where: this.buildPullWhereInput(userId, cursor),
orderBy: [{ serverTs: "asc" }, { opId: "asc" }],
take: limit + 1,
select: {
opId: true,
entityId: true,
entityType: true,
action: true,
payload: true,
clientTs: true,
deviceId: true,
serverTs: true
}
})) as SyncPullOperationRecord[];
const hasMore = operations.length > limit;
const pageItems = hasMore ? operations.slice(0, limit) : operations;
const lastOperation = pageItems.at(-1);
return {
items: pageItems.map((operation) => this.serializePullItem(operation)),
nextCursor: lastOperation
? this.encodeCursor({
serverTs: lastOperation.serverTs.toISOString(),
opId: lastOperation.opId
})
: (query.cursor ?? null),
hasMore
};
}
async pushOperations(userId: string, body: SyncPushDto): Promise<SyncPushResponse> {
const existingOperations = await this.loadExistingOperations(userId, body.operations);
const results: SyncPushItemResult[] = [];
const seenOperationIds = new Set<string>();
const acceptedOperationServerTs = new Map<string, string>();
for (const operation of body.operations) {
if (seenOperationIds.has(operation.opId)) {
results.push({
opId: operation.opId,
status: "duplicate",
serverTs: acceptedOperationServerTs.get(operation.opId) ?? null,
reason: "same_batch_duplicate"
});
continue;
}
seenOperationIds.add(operation.opId);
const existingOperation = existingOperations.get(operation.opId);
if (existingOperation) {
results.push({
opId: operation.opId,
status: "duplicate",
serverTs: existingOperation.serverTs.toISOString(),
reason: "already_synced"
});
continue;
}
try {
const createdOperation = await this.prismaService.syncOperation.create({
data: {
opId: operation.opId,
userId,
deviceId: operation.deviceId,
entityType: operation.entityType,
entityId: operation.entityId,
action: operation.action,
payload: this.dataEncryptionService.encryptString(operation.payload) ?? undefined,
clientTs: new Date(operation.clientTs)
},
select: {
opId: true,
serverTs: true
}
});
const serverTs = createdOperation.serverTs.toISOString();
acceptedOperationServerTs.set(createdOperation.opId, serverTs);
results.push({
opId: createdOperation.opId,
status: "accepted",
serverTs,
reason: null
});
} catch (error) {
if (this.isDuplicateOpIdError(error)) {
results.push({
opId: operation.opId,
status: "duplicate",
serverTs: null,
reason: "already_synced"
});
continue;
}
results.push({
opId: operation.opId,
status: "failed",
serverTs: null,
reason: "persist_failed"
});
}
}
return {
acceptedCount: results.filter((item) => item.status === "accepted").length,
duplicateCount: results.filter((item) => item.status === "duplicate").length,
failedCount: results.filter((item) => item.status === "failed").length,
results
};
}
private async loadExistingOperations(
userId: string,
operations: SyncPushOperationDto[]
): Promise<Map<string, ExistingOperationRecord>> {
const opIds = Array.from(new Set(operations.map((operation) => operation.opId)));
const existingOperations = (await this.prismaService.syncOperation.findMany({
where: {
userId,
opId: {
in: opIds
}
},
select: {
opId: true,
serverTs: true
}
})) as ExistingOperationRecord[];
return new Map(
existingOperations.map((operation): [string, ExistingOperationRecord] => [
operation.opId,
operation
])
);
}
private buildPullWhereInput(
userId: string,
cursor: SyncPullCursorState | null
): Prisma.SyncOperationWhereInput {
if (!cursor) {
return { userId };
}
const cursorDate = new Date(cursor.serverTs);
return {
userId,
// 同一毫秒内可能有多条操作,必须使用 opId 作为二级游标来保证稳定分页。
OR: [
{
serverTs: {
gt: cursorDate
}
},
{
serverTs: cursorDate,
opId: {
gt: cursor.opId
}
}
]
};
}
private serializePullItem(operation: SyncPullOperationRecord): SyncPullItem {
return {
opId: operation.opId,
entityId: operation.entityId,
entityType: operation.entityType,
action: operation.action,
payload: this.serializePayload(operation.payload),
clientTs: operation.clientTs.getTime(),
deviceId: operation.deviceId,
serverTs: operation.serverTs.toISOString()
};
}
private serializePayload(payload: Prisma.JsonValue | null): string | null {
return this.dataEncryptionService.decryptPayload(payload);
}
private parseCursor(cursor: string | undefined): SyncPullCursorState | null {
if (!cursor) {
return null;
}
let decodedCursor: unknown;
try {
decodedCursor = JSON.parse(Buffer.from(cursor, "base64url").toString("utf8"));
} catch {
throw new BadRequestException("Invalid sync cursor");
}
if (typeof decodedCursor !== "object" || decodedCursor === null) {
throw new BadRequestException("Invalid sync cursor");
}
const cursorRecord = decodedCursor as {
serverTs?: unknown;
opId?: unknown;
};
if (
typeof cursorRecord.serverTs !== "string" ||
typeof cursorRecord.opId !== "string" ||
Number.isNaN(Date.parse(cursorRecord.serverTs)) ||
cursorRecord.opId.trim().length === 0
) {
throw new BadRequestException("Invalid sync cursor");
}
return {
serverTs: cursorRecord.serverTs,
opId: cursorRecord.opId
};
}
private encodeCursor(cursor: SyncPullCursorState): string {
return Buffer.from(JSON.stringify(cursor), "utf8").toString("base64url");
}
private isDuplicateOpIdError(error: unknown): boolean {
if (!(error instanceof Prisma.PrismaClientKnownRequestError)) {
return false;
}
return error.code === "P2002";
}
}
apps/api/src/task/dto/create-task.dto.ts
+64
View File
@@ -0,0 +1,64 @@
import { Transform } from "class-transformer";
import {
IsArray,
IsDateString,
IsEnum,
IsObject,
IsOptional,
IsString,
MaxLength,
MinLength
} from "class-validator";
import { TaskPriority, TaskStatus } from "../../../generated/prisma/client";
function normalizeString(value: unknown): unknown {
if (typeof value !== "string") {
return value;
}
return value.trim();
}
export class CreateTaskDto {
@Transform(({ value }) => normalizeString(value))
@IsString()
@MinLength(1)
@MaxLength(120)
title!: string;
@IsOptional()
@IsObject()
contentJson?: Record<string, unknown>;
@Transform(({ value }) => normalizeString(value))
@IsOptional()
@IsString()
@MaxLength(20000)
contentText?: string;
@IsOptional()
@IsEnum(TaskPriority)
priority?: TaskPriority;
@IsOptional()
@IsEnum(TaskStatus)
status?: TaskStatus;
@IsOptional()
@IsDateString()
ddl?: string;
@Transform(({ value }) => {
if (!Array.isArray(value)) {
return value;
}
return value.map((item) => normalizeString(item));
})
@IsOptional()
@IsArray()
@IsString({ each: true })
@MinLength(1, { each: true })
@MaxLength(30, { each: true })
tagNames?: string[];
}
apps/api/src/task/dto/list-tasks-query.dto.ts
+92
View File
@@ -0,0 +1,92 @@
import { Transform, Type } from "class-transformer";
import { IsArray, IsEnum, IsInt, IsOptional, IsString, Max, MaxLength, Min } from "class-validator";
import { TaskPriority, TaskStatus } from "../../../generated/prisma/client";
export enum TaskSortBy {
CREATED_AT = "createdAt",
UPDATED_AT = "updatedAt",
DDL = "ddl"
}
export enum TaskSortOrder {
ASC = "asc",
DESC = "desc"
}
function normalizeString(value: unknown): string | undefined {
if (typeof value !== "string") {
return undefined;
}
const normalized = value.trim();
if (!normalized) {
return undefined;
}
return normalized;
}
export class ListTasksQueryDto {
@IsOptional()
@IsEnum(TaskStatus)
status?: TaskStatus;
@IsOptional()
@IsEnum(TaskPriority)
priority?: TaskPriority;
@Transform(({ value }) => {
if (value === undefined || value === null || value === "") {
return undefined;
}
if (Array.isArray(value)) {
const normalized = value
.map((item) => normalizeString(item))
.filter((item): item is string => item !== undefined);
return normalized.length > 0 ? normalized : undefined;
}
if (typeof value === "string") {
const normalized = value
.split(",")
.map((item) => normalizeString(item))
.filter((item): item is string => item !== undefined);
return normalized.length > 0 ? normalized : undefined;
}
return undefined;
})
@IsOptional()
@IsArray()
@IsString({ each: true })
@MaxLength(30, { each: true })
tags?: string[];
@Transform(({ value }) => normalizeString(value))
@IsOptional()
@IsString()
@MaxLength(120)
keyword?: string;
@Type(() => Number)
@IsOptional()
@IsInt()
@Min(1)
page?: number;
@Type(() => Number)
@IsOptional()
@IsInt()
@Min(1)
@Max(100)
pageSize?: number;
@IsOptional()
@IsEnum(TaskSortBy)
sortBy?: TaskSortBy;
@IsOptional()
@IsEnum(TaskSortOrder)
sortOrder?: TaskSortOrder;
}
apps/api/src/task/dto/update-task.dto.ts
+65
View File
@@ -0,0 +1,65 @@
import { Transform } from "class-transformer";
import {
IsArray,
IsDateString,
IsEnum,
IsObject,
IsOptional,
IsString,
MaxLength,
MinLength
} from "class-validator";
import { TaskPriority, TaskStatus } from "../../../generated/prisma/client";
function normalizeString(value: unknown): unknown {
if (typeof value !== "string") {
return value;
}
return value.trim();
}
export class UpdateTaskDto {
@Transform(({ value }) => normalizeString(value))
@IsOptional()
@IsString()
@MinLength(1)
@MaxLength(120)
title?: string;
@IsOptional()
@IsObject()
contentJson?: Record<string, unknown>;
@Transform(({ value }) => normalizeString(value))
@IsOptional()
@IsString()
@MaxLength(20000)
contentText?: string;
@IsOptional()
@IsEnum(TaskPriority)
priority?: TaskPriority;
@IsOptional()
@IsEnum(TaskStatus)
status?: TaskStatus;
@IsOptional()
@IsDateString()
ddl?: string;
@Transform(({ value }) => {
if (!Array.isArray(value)) {
return value;
}
return value.map((item) => normalizeString(item));
})
@IsOptional()
@IsArray()
@IsString({ each: true })
@MinLength(1, { each: true })
@MaxLength(30, { each: true })
tagNames?: string[];
}
apps/api/src/task/task.controller.ts
+71
View File
@@ -0,0 +1,71 @@
import {
Body,
Controller,
Delete,
Get,
Headers,
Param,
Patch,
Post,
Query,
UnauthorizedException
} from "@nestjs/common";
import { CreateTaskDto } from "./dto/create-task.dto";
import { ListTasksQueryDto } from "./dto/list-tasks-query.dto";
import { UpdateTaskDto } from "./dto/update-task.dto";
import { ListTasksResponse, TaskResponse, TaskService } from "./task.service";
@Controller("tasks")
export class TaskController {
constructor(private readonly taskService: TaskService) {}
@Get()
async listTasks(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Query() query: ListTasksQueryDto
): Promise<ListTasksResponse> {
return this.taskService.listTasks(this.resolveUserId(userIdHeader), query);
}
@Get(":taskId")
async getTaskById(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Param("taskId") taskId: string
): Promise<TaskResponse> {
return this.taskService.getTaskById(this.resolveUserId(userIdHeader), taskId);
}
@Post()
async createTask(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Body() body: CreateTaskDto
): Promise<TaskResponse> {
return this.taskService.createTask(this.resolveUserId(userIdHeader), body);
}
@Patch(":taskId")
async updateTask(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Param("taskId") taskId: string,
@Body() body: UpdateTaskDto
): Promise<TaskResponse> {
return this.taskService.updateTask(this.resolveUserId(userIdHeader), taskId, body);
}
@Delete(":taskId")
async deleteTask(
@Headers("x-user-id") userIdHeader: string | string[] | undefined,
@Param("taskId") taskId: string
): Promise<{ success: boolean }> {
return this.taskService.deleteTask(this.resolveUserId(userIdHeader), taskId);
}
private resolveUserId(userIdHeader: string | string[] | undefined): string {
const userId = Array.isArray(userIdHeader) ? userIdHeader[0] : userIdHeader;
if (!userId) {
throw new UnauthorizedException("缺少用户上下文");
}
return userId;
}
}
apps/api/src/task/task.module.ts
+11
View File
@@ -0,0 +1,11 @@
import { Module } from "@nestjs/common";
import { PrismaModule } from "../prisma/prisma.module";
import { TaskController } from "./task.controller";
import { TaskService } from "./task.service";
@Module({
imports: [PrismaModule],
controllers: [TaskController],
providers: [TaskService]
})
export class TaskModule {}
apps/api/src/task/task.service.ts
+458
View File
@@ -0,0 +1,458 @@
import { Injectable, InternalServerErrorException, NotFoundException } from "@nestjs/common";
import { Prisma, TaskPriority, TaskStatus } from "../../generated/prisma/client";
import { PrismaService } from "../prisma/prisma.service";
import { DataEncryptionService } from "../security/data-encryption.service";
import { CreateTaskDto } from "./dto/create-task.dto";
import { ListTasksQueryDto, TaskSortBy, TaskSortOrder } from "./dto/list-tasks-query.dto";
import { UpdateTaskDto } from "./dto/update-task.dto";
type TaskEntity = Prisma.TaskGetPayload<{
include: {
taskTags: {
include: {
tag: {
select: {
name: true;
};
};
};
};
};
}>;
export type TaskResponse = {
id: string;
title: string;
contentJson: unknown | null;
contentText: string | null;
priority: TaskPriority;
status: TaskStatus;
ddl: string | null;
completedAt: string | null;
version: number;
tags: string[];
createdAt: string;
updatedAt: string;
};
export type ListTasksResponse = {
items: TaskResponse[];
page: number;
pageSize: number;
total: number;
};
@Injectable()
export class TaskService {
constructor(
private readonly prismaService: PrismaService,
private readonly dataEncryptionService: DataEncryptionService
) {}
async listTasks(userId: string, query: ListTasksQueryDto): Promise<ListTasksResponse> {
const page = query.page ?? 1;
const pageSize = query.pageSize ?? 20;
const skip = (page - 1) * pageSize;
const keyword = query.keyword?.trim() ?? "";
const where = this.buildWhereInput(userId, query, keyword.length === 0);
const orderBy = this.buildOrderByInput(query);
if (keyword.length > 0) {
const items = await this.prismaService.task.findMany({
where,
orderBy,
include: {
taskTags: {
include: {
tag: {
select: {
name: true
}
}
}
}
}
});
const serializedItems = items.map((item: TaskEntity) => this.serializeTask(item));
const filteredItems = serializedItems.filter((item) => this.matchesKeyword(item, keyword));
return {
items: filteredItems.slice(skip, skip + pageSize),
page,
pageSize,
total: filteredItems.length
};
}
const [items, total] = await Promise.all([
this.prismaService.task.findMany({
where,
orderBy,
skip,
take: pageSize,
include: {
taskTags: {
include: {
tag: {
select: {
name: true
}
}
}
}
}
}),
this.prismaService.task.count({ where })
]);
return {
items: items.map((item: TaskEntity) => this.serializeTask(item)),
page,
pageSize,
total
};
}
async getTaskById(userId: string, taskId: string): Promise<TaskResponse> {
const task = await this.prismaService.task.findFirst({
where: {
id: taskId,
userId
},
include: {
taskTags: {
include: {
tag: {
select: {
name: true
}
}
}
}
}
});
if (!task) {
throw new NotFoundException("任务不存在");
}
return this.serializeTask(task);
}
async createTask(userId: string, body: CreateTaskDto): Promise<TaskResponse> {
const tagNames = this.normalizeTagNames(body.tagNames);
const nextStatus = body.status ?? TaskStatus.TODO;
const contentJson =
body.contentJson !== undefined
? ((this.dataEncryptionService.encryptJson(body.contentJson as Prisma.InputJsonValue) ??
Prisma.JsonNull) as Prisma.InputJsonValue | Prisma.NullableJsonNullValueInput)
: undefined;
const task = await this.prismaService.$transaction(async (tx) => {
const createdTask = await tx.task.create({
data: {
userId,
title: this.encryptRequiredString(body.title),
contentJson,
contentText: this.encryptNullableString(body.contentText),
priority: body.priority ?? TaskPriority.MEDIUM,
status: nextStatus,
ddl: body.ddl ? new Date(body.ddl) : null,
completedAt: nextStatus === TaskStatus.DONE ? new Date() : null
}
});
await this.replaceTaskTags(tx, userId, createdTask.id, tagNames);
return tx.task.findUniqueOrThrow({
where: { id: createdTask.id },
include: {
taskTags: {
include: {
tag: {
select: {
name: true
}
}
}
}
}
});
});
return this.serializeTask(task);
}
async updateTask(userId: string, taskId: string, body: UpdateTaskDto): Promise<TaskResponse> {
const currentTask = await this.prismaService.task.findFirst({
where: {
id: taskId,
userId
},
select: {
id: true,
status: true
}
});
if (!currentTask) {
throw new NotFoundException("任务不存在");
}
const data: Prisma.TaskUpdateInput = {
version: {
increment: 1
}
};
if (body.title !== undefined) {
data.title = this.encryptRequiredString(body.title);
}
if (body.contentJson !== undefined) {
data.contentJson = (this.dataEncryptionService.encryptJson(
body.contentJson as Prisma.InputJsonValue
) ?? Prisma.JsonNull) as Prisma.InputJsonValue | Prisma.NullableJsonNullValueInput;
}
if (body.contentText !== undefined) {
data.contentText = this.encryptNullableString(body.contentText);
}
if (body.priority !== undefined) {
data.priority = body.priority;
}
if (body.status !== undefined) {
data.status = body.status;
if (body.status === TaskStatus.DONE && currentTask.status !== TaskStatus.DONE) {
data.completedAt = new Date();
} else if (body.status !== TaskStatus.DONE) {
data.completedAt = null;
}
}
if (body.ddl !== undefined) {
data.ddl = body.ddl ? new Date(body.ddl) : null;
}
const shouldReplaceTags = body.tagNames !== undefined;
const nextTagNames = this.normalizeTagNames(body.tagNames);
const task = await this.prismaService.$transaction(async (tx) => {
await tx.task.update({
where: { id: taskId },
data
});
if (shouldReplaceTags) {
await this.replaceTaskTags(tx, userId, taskId, nextTagNames);
}
return tx.task.findUniqueOrThrow({
where: { id: taskId },
include: {
taskTags: {
include: {
tag: {
select: {
name: true
}
}
}
}
}
});
});
return this.serializeTask(task);
}
async deleteTask(userId: string, taskId: string): Promise<{ success: boolean }> {
const deleted = await this.prismaService.task.deleteMany({
where: {
id: taskId,
userId
}
});
if (deleted.count === 0) {
throw new NotFoundException("任务不存在");
}
return { success: true };
}
private buildWhereInput(
userId: string,
query: ListTasksQueryDto,
includeKeyword: boolean
): Prisma.TaskWhereInput {
const where: Prisma.TaskWhereInput = {
userId
};
if (query.status !== undefined) {
where.status = query.status;
}
if (query.priority !== undefined) {
where.priority = query.priority;
}
if (query.tags !== undefined && query.tags.length > 0) {
where.taskTags = {
some: {
tag: {
name: {
in: query.tags
}
}
}
};
}
if (includeKeyword && query.keyword !== undefined && query.keyword.length > 0) {
where.OR = [
{
title: {
contains: query.keyword,
mode: "insensitive"
}
},
{
contentText: {
contains: query.keyword,
mode: "insensitive"
}
}
];
}
return where;
}
private buildOrderByInput(query: ListTasksQueryDto): Prisma.TaskOrderByWithRelationInput {
const order: Prisma.SortOrder =
query.sortOrder === TaskSortOrder.ASC ? Prisma.SortOrder.asc : Prisma.SortOrder.desc;
if (query.sortBy === TaskSortBy.CREATED_AT) {
return { createdAt: order };
}
if (query.sortBy === TaskSortBy.DDL) {
return { ddl: order };
}
return { updatedAt: order };
}
private normalizeTagNames(tagNames: string[] | undefined): string[] {
if (!tagNames) {
return [];
}
const result: string[] = [];
const uniqueNames = new Set<string>();
for (const rawTagName of tagNames) {
const normalized = rawTagName.trim();
if (!normalized) {
continue;
}
const uniqueKey = normalized.toLocaleLowerCase();
if (uniqueNames.has(uniqueKey)) {
continue;
}
uniqueNames.add(uniqueKey);
result.push(normalized);
}
return result;
}
private async replaceTaskTags(
tx: Prisma.TransactionClient,
userId: string,
taskId: string,
tagNames: string[]
): Promise<void> {
await tx.taskTag.deleteMany({
where: {
taskId
}
});
if (tagNames.length === 0) {
return;
}
const tags = await Promise.all(
tagNames.map((name) =>
tx.tag.upsert({
where: {
userId_name: {
userId,
name
}
},
update: {},
create: {
userId,
name
}
})
)
);
await tx.taskTag.createMany({
data: tags.map((tag: { id: string }) => ({
taskId,
tagId: tag.id
})),
skipDuplicates: true
});
}
private serializeTask(task: TaskEntity): TaskResponse {
return {
id: task.id,
title: this.readDecryptedString(task.title) ?? "未命名任务",
contentJson: this.dataEncryptionService.decryptJson(task.contentJson),
contentText: this.readDecryptedString(task.contentText),
priority: task.priority,
status: task.status,
ddl: task.ddl?.toISOString() ?? null,
completedAt: task.completedAt?.toISOString() ?? null,
version: task.version,
tags: task.taskTags.map((taskTag: { tag: { name: string } }) => taskTag.tag.name),
createdAt: task.createdAt.toISOString(),
updatedAt: task.updatedAt.toISOString()
};
}
private encryptRequiredString(value: string): string {
const encryptedValue = this.dataEncryptionService.encryptString(value);
if (!encryptedValue) {
throw new InternalServerErrorException("任务字段加密失败");
}
return encryptedValue;
}
private encryptNullableString(value: string | null | undefined): string | null | undefined {
return this.dataEncryptionService.encryptString(value);
}
private readDecryptedString(value: string | null): string | null {
const decryptedValue = this.dataEncryptionService.decryptString(value);
return typeof decryptedValue === "string" ? decryptedValue : null;
}
private matchesKeyword(task: TaskResponse, keyword: string): boolean {
const lowerKeyword = keyword.toLocaleLowerCase();
return (
task.title.toLocaleLowerCase().includes(lowerKeyword) ||
task.contentText?.toLocaleLowerCase().includes(lowerKeyword) === true
);
}
}
apps/api/test/ai.spec.ts
+1250
View File
File diff suppressed because it is too large Load Diff
apps/api/test/astrbot-provider.spec.ts
+73
View File
@@ -0,0 +1,73 @@
import { AiChannel } from "../generated/prisma/client";
import { AstrbotProvider } from "../src/ai/providers/astrbot.provider";
describe("AstrbotProvider", () => {
const originalFetch = global.fetch;
afterEach(() => {
global.fetch = originalFetch;
jest.restoreAllMocks();
});
it("should not forward binding label fields as astrbot selection parameters", async () => {
const provider = new AstrbotProvider();
const fetchMock = jest.fn(async (_input: unknown, init?: RequestInit) => {
expect(init?.method).toBe("POST");
const payload = JSON.parse(String(init?.body ?? "{}")) as Record<string, unknown>;
expect(payload).toMatchObject({
username: "user_1",
session_id: "session_1",
message: "你好",
enable_streaming: false,
selected_model: "deepseek-chat"
});
expect(payload).not.toHaveProperty("selected_provider");
expect(payload).not.toHaveProperty("config_id");
expect(payload).not.toHaveProperty("config_name");
return new Response(
[
'data: {"type":"session_id","session_id":"session_1"}',
"",
'data: {"type":"plain","data":"收到","streaming":false,"chain_type":null}',
"",
'data: {"type":"end","data":"","streaming":false}',
""
].join("\n"),
{
status: 200,
headers: {
"content-type": "text/event-stream"
}
}
);
});
global.fetch = fetchMock as typeof global.fetch;
const result = await provider.execute(
{
channel: AiChannel.ASTRBOT,
source: "binding",
sourceId: "binding_1",
providerName: "astrbot-main",
model: "deepseek-chat",
configId: "default",
configName: "默认配置",
endpoint: "http://127.0.0.1:6185",
apiKey: "abk_secret"
},
{
userId: "user_1",
message: "你好",
sessionId: "session_1"
}
);
expect(fetchMock).toHaveBeenCalledTimes(1);
expect(result.content).toBe("收到");
expect(result.sessionId).toBe("session_1");
expect(result.providerName).toBe("astrbot-main");
});
});
apps/api/test/auth.spec.ts
+355
View File
@@ -0,0 +1,355 @@
import { UnauthorizedException } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { JwtService } from "@nestjs/jwt";
import { Test, TestingModule } from "@nestjs/testing";
import { AuthMailService } from "../src/auth/auth-mail.service";
import { AuthService } from "../src/auth/auth.service";
import { PrismaService } from "../src/prisma/prisma.service";
import { DataEncryptionService } from "../src/security/data-encryption.service";
type UserRecord = {
id: string;
email: string;
emailHash: string;
nickname: string | null;
avatarUrl: string | null;
};
type RefreshTokenRecord = {
id: string;
userId: string;
tokenHash: string;
expiresAt: Date;
revokedAt: Date | null;
createdAt: Date;
};
type UserSecurityRecord = {
userId: string;
twoFactorEnabled: boolean;
twoFactorSecret: string | null;
};
class InMemoryAuthPrismaService {
private userIdSequence = 1;
private refreshTokenIdSequence = 1;
private users: UserRecord[] = [];
private refreshTokens: RefreshTokenRecord[] = [];
private userSecurities: UserSecurityRecord[] = [];
readonly user = {
upsert: async (args: {
where: {
emailHash: string;
};
update: Record<string, never>;
create: {
email: string;
emailHash: string;
};
select: {
id: true;
email: true;
};
}) => {
const existingUser = this.users.find((user) => user.emailHash === args.where.emailHash);
if (existingUser) {
return {
id: existingUser.id,
email: existingUser.email
};
}
const createdUser: UserRecord = {
id: `user_${this.userIdSequence++}`,
email: args.create.email,
emailHash: args.create.emailHash,
nickname: null,
avatarUrl: null
};
this.users.push(createdUser);
return {
id: createdUser.id,
email: createdUser.email
};
}
};
readonly refreshToken = {
create: async (args: {
data: {
userId: string;
tokenHash: string;
expiresAt: Date;
};
}) => {
const refreshToken: RefreshTokenRecord = {
id: `refresh_${this.refreshTokenIdSequence++}`,
userId: args.data.userId,
tokenHash: args.data.tokenHash,
expiresAt: args.data.expiresAt,
revokedAt: null,
createdAt: new Date()
};
this.refreshTokens.push(refreshToken);
return refreshToken;
},
findUnique: async (args: {
where: {
tokenHash: string;
};
include: {
user: {
select: {
id: true;
email: true;
};
};
};
}) => {
const refreshToken = this.refreshTokens.find(
(item) => item.tokenHash === args.where.tokenHash
);
if (!refreshToken) {
return null;
}
const user = this.users.find((item) => item.id === refreshToken.userId);
if (!user) {
throw new Error("user not found");
}
return {
...refreshToken,
user: {
id: user.id,
email: user.email
}
};
},
update: async (args: {
where: {
id: string;
};
data: {
revokedAt: Date;
};
}) => {
const refreshToken = this.refreshTokens.find((item) => item.id === args.where.id);
if (!refreshToken) {
throw new Error("refresh token not found");
}
refreshToken.revokedAt = args.data.revokedAt;
return refreshToken;
},
updateMany: async (args: {
where: {
tokenHash: string;
revokedAt: null;
};
data: {
revokedAt: Date;
};
}) => {
let count = 0;
for (const refreshToken of this.refreshTokens) {
if (refreshToken.tokenHash !== args.where.tokenHash || refreshToken.revokedAt !== null) {
continue;
}
refreshToken.revokedAt = args.data.revokedAt;
count += 1;
}
return { count };
}
};
readonly userSecurity = {
upsert: async (args: {
where: {
userId: string;
};
update: {
twoFactorSecret: string;
twoFactorEnabled: boolean;
};
create: {
userId: string;
twoFactorSecret: string;
twoFactorEnabled: boolean;
};
}) => {
const existingSecurity = this.userSecurities.find(
(item) => item.userId === args.where.userId
);
if (existingSecurity) {
existingSecurity.twoFactorSecret = args.update.twoFactorSecret;
existingSecurity.twoFactorEnabled = args.update.twoFactorEnabled;
return existingSecurity;
}
const createdSecurity: UserSecurityRecord = {
userId: args.create.userId,
twoFactorSecret: args.create.twoFactorSecret,
twoFactorEnabled: args.create.twoFactorEnabled
};
this.userSecurities.push(createdSecurity);
return createdSecurity;
},
findUnique: async (args: {
where: {
userId: string;
};
select: {
twoFactorSecret: true;
};
}) => {
const security = this.userSecurities.find((item) => item.userId === args.where.userId);
if (!security) {
return null;
}
return {
twoFactorSecret: security.twoFactorSecret
};
},
update: async (args: {
where: {
userId: string;
};
data: {
twoFactorEnabled: boolean;
};
}) => {
const security = this.userSecurities.find((item) => item.userId === args.where.userId);
if (!security) {
throw new Error("user security not found");
}
security.twoFactorEnabled = args.data.twoFactorEnabled;
return security;
}
};
getUsers(): UserRecord[] {
return [...this.users];
}
}
class MockAuthMailService {
readonly sentMessages: Array<{
email: string;
code: string;
ttlSeconds: number;
}> = [];
async sendLoginCode(email: string, code: string, ttlSeconds: number): Promise<void> {
this.sentMessages.push({
email,
code,
ttlSeconds
});
}
}
describe("AuthService", () => {
let authService: AuthService;
let prismaService: InMemoryAuthPrismaService;
let authMailService: MockAuthMailService;
beforeEach(async () => {
prismaService = new InMemoryAuthPrismaService();
authMailService = new MockAuthMailService();
const moduleRef: TestingModule = await Test.createTestingModule({
providers: [
AuthService,
DataEncryptionService,
{
provide: PrismaService,
useValue: prismaService
},
{
provide: AuthMailService,
useValue: authMailService
},
{
provide: JwtService,
useValue: {
signAsync: async (payload: Record<string, unknown>) =>
`signed-${String(payload["sub"])}-${String(payload["email"])}`
}
},
{
provide: ConfigService,
useValue: {
get: (key: string) => {
switch (key) {
case "AUTH_EMAIL_CODE_TTL_SECONDS":
return "300";
case "AUTH_ACCESS_EXPIRES_IN_SECONDS":
return "900";
case "AUTH_REFRESH_EXPIRES_IN_SECONDS":
return "2592000";
case "AUTH_TOTP_ISSUER":
return "TodoList";
case "DATA_ENCRYPTION_SECRET":
return "test-data-encryption-secret";
default:
return undefined;
}
}
}
}
]
}).compile();
authService = moduleRef.get(AuthService);
});
it("should encrypt user email in database while keeping login flow available", async () => {
await authService.sendEmailCode("User@Example.com");
expect(authMailService.sentMessages).toHaveLength(1);
expect(authMailService.sentMessages[0]?.email).toBe("user@example.com");
const loginResult = await authService.loginWithEmailCode(
"USER@example.com",
authMailService.sentMessages[0]?.code ?? ""
);
expect(loginResult.user.email).toBe("user@example.com");
expect(loginResult.accessToken).toContain("user@example.com");
const storedUser = prismaService.getUsers()[0];
expect(storedUser?.email).not.toBe("user@example.com");
expect(storedUser?.emailHash).toMatch(/^[a-f0-9]{64}$/);
});
it("should decrypt user email when refreshing token", async () => {
await authService.sendEmailCode("refresh@example.com");
const loginResult = await authService.loginWithEmailCode(
"refresh@example.com",
authMailService.sentMessages[0]?.code ?? ""
);
const refreshResult = await authService.refreshTokens(loginResult.refreshToken);
expect(refreshResult.user.email).toBe("refresh@example.com");
expect(refreshResult.accessToken).toContain("refresh@example.com");
});
it("should reject invalid verification code", async () => {
await authService.sendEmailCode("invalid@example.com");
await expect(
authService.loginWithEmailCode("invalid@example.com", "000000")
).rejects.toBeInstanceOf(UnauthorizedException);
});
});
apps/api/test/openai-compatible-provider.spec.ts
+80
View File
@@ -0,0 +1,80 @@
import { AiChannel } from "../generated/prisma/client";
import { OpenAiCompatibleProvider } from "../src/ai/providers/openai-compatible.provider";
describe("OpenAiCompatibleProvider", () => {
const originalFetch = global.fetch;
afterEach(() => {
global.fetch = originalFetch;
jest.restoreAllMocks();
});
it("should read text from responses style payload when chat content is empty", async () => {
const provider = new OpenAiCompatibleProvider();
const fetchMock = jest.fn(async (_input: unknown, init?: RequestInit) => {
expect(init?.method).toBe("POST");
return new Response(
JSON.stringify({
id: "resp_123",
object: "response",
model: "gpt-5.4",
output: [
{
id: "msg_123",
type: "message",
role: "assistant",
content: [
{
type: "output_text",
text: "今天优先先完成截止时间最近的任务。"
}
]
}
],
usage: {
prompt_tokens: 15,
completion_tokens: 9,
total_tokens: 24
}
}),
{
status: 200,
headers: {
"content-type": "application/json"
}
}
);
});
global.fetch = fetchMock as typeof global.fetch;
const result = await provider.execute(
{
channel: AiChannel.USER_KEY,
source: "binding",
sourceId: "binding_user_key_1",
providerName: "airouter",
model: "gpt-5.4",
configId: null,
configName: null,
endpoint: "https://api.airouter.io/v1",
apiKey: "sk_test"
},
{
userId: "user_1",
message: "帮我安排今天的任务",
sessionId: null
}
);
expect(fetchMock).toHaveBeenCalledTimes(1);
expect(result.content).toBe("今天优先先完成截止时间最近的任务。");
expect(result.model).toBe("gpt-5.4");
expect(result.usage).toEqual({
promptTokens: 15,
completionTokens: 9,
totalTokens: 24
});
});
});
apps/api/test/sync-push.spec.ts
+439
View File
@@ -0,0 +1,439 @@
import request from "supertest";
import { INestApplication, ValidationPipe } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { Test, TestingModule } from "@nestjs/testing";
import { PrismaService } from "../src/prisma/prisma.service";
import { DataEncryptionService } from "../src/security/data-encryption.service";
import { SyncController } from "../src/sync/sync.controller";
import { SyncService } from "../src/sync/sync.service";
type SyncOperationRecord = {
id: string;
opId: string;
userId: string;
deviceId: string;
entityType: string;
entityId: string;
action: string;
payload: string | null;
clientTs: Date;
serverTs: Date;
};
type SyncOperationSelect = {
opId?: true;
entityId?: true;
entityType?: true;
action?: true;
payload?: true;
clientTs?: true;
deviceId?: true;
serverTs?: true;
};
type SyncOperationFindManyArgs = {
where: {
userId: string;
opId?: {
in: string[];
};
OR?: Array<
| {
serverTs: {
gt: Date;
};
}
| {
serverTs: Date;
opId: {
gt: string;
};
}
>;
};
select: SyncOperationSelect;
orderBy?: Array<{
serverTs?: "asc" | "desc";
opId?: "asc" | "desc";
}>;
take?: number;
};
type SyncOperationCreateArgs = {
data: {
opId: string;
userId: string;
deviceId: string;
entityType: string;
entityId: string;
action: string;
payload?: string;
clientTs: Date;
};
select: {
opId: true;
serverTs: true;
};
};
class InMemoryPrismaService {
private syncOperationIdSequence = 1;
private syncOperations: SyncOperationRecord[] = [];
readonly syncOperation = {
findMany: async (args: SyncOperationFindManyArgs) => {
let items = this.syncOperations.filter((item) => item.userId === args.where.userId);
if (args.where.opId?.in) {
items = items.filter((item) => args.where.opId?.in.includes(item.opId));
}
if (args.where.OR && args.where.OR.length > 0) {
items = items.filter((item) =>
args.where.OR?.some((condition) => {
if ("gt" in condition.serverTs) {
return item.serverTs.getTime() > condition.serverTs.gt.getTime();
}
if ("opId" in condition) {
return (
item.serverTs.getTime() === condition.serverTs.getTime() &&
item.opId > condition.opId.gt
);
}
return false;
})
);
}
if (args.orderBy && args.orderBy.length > 0) {
items = [...items].sort((left, right) => {
for (const orderRule of args.orderBy ?? []) {
if (orderRule.serverTs) {
const diff = left.serverTs.getTime() - right.serverTs.getTime();
if (diff !== 0) {
return orderRule.serverTs === "asc" ? diff : -diff;
}
}
if (orderRule.opId) {
const diff = left.opId.localeCompare(right.opId);
if (diff !== 0) {
return orderRule.opId === "asc" ? diff : -diff;
}
}
}
return 0;
});
}
const limitedItems = args.take ? items.slice(0, args.take) : items;
return limitedItems.map((item) => this.pickSelectedFields(item, args.select));
},
create: async (args: SyncOperationCreateArgs) => {
const createdOperation: SyncOperationRecord = {
id: `sync_${this.syncOperationIdSequence++}`,
opId: args.data.opId,
userId: args.data.userId,
deviceId: args.data.deviceId,
entityType: args.data.entityType,
entityId: args.data.entityId,
action: args.data.action,
payload: args.data.payload ?? null,
clientTs: args.data.clientTs,
serverTs: new Date()
};
this.syncOperations.push(createdOperation);
return {
opId: createdOperation.opId,
serverTs: createdOperation.serverTs
};
}
};
getOperationCount(): number {
return this.syncOperations.length;
}
getRawOperationById(opId: string): SyncOperationRecord | undefined {
return this.syncOperations.find((operation) => operation.opId === opId);
}
seedOperations(records: Array<Omit<SyncOperationRecord, "id">>): void {
for (const record of records) {
this.syncOperations.push({
...record,
id: `sync_${this.syncOperationIdSequence++}`
});
}
}
private pickSelectedFields(
item: SyncOperationRecord,
select: SyncOperationSelect
): Partial<SyncOperationRecord> {
const result: Record<string, unknown> = {};
for (const key of Object.keys(select) as Array<keyof SyncOperationSelect>) {
if (!select[key]) {
continue;
}
const recordKey = key as keyof SyncOperationRecord;
result[recordKey] = item[recordKey];
}
return result as Partial<SyncOperationRecord>;
}
}
describe("SyncController (integration)", () => {
let app: INestApplication;
let prismaService: InMemoryPrismaService;
beforeAll(async () => {
prismaService = new InMemoryPrismaService();
const moduleRef: TestingModule = await Test.createTestingModule({
controllers: [SyncController],
providers: [
SyncService,
DataEncryptionService,
{ provide: PrismaService, useValue: prismaService },
{
provide: ConfigService,
useValue: {
get: (key: string) =>
key === "DATA_ENCRYPTION_SECRET" ? "test-data-encryption-secret" : undefined
}
}
]
}).compile();
app = moduleRef.createNestApplication();
app.useGlobalPipes(
new ValidationPipe({
transform: true,
whitelist: true,
forbidNonWhitelisted: true
})
);
await app.init();
});
afterAll(async () => {
await app.close();
});
it("should accept operations once and mark repeated push as duplicate", async () => {
const payload = {
operations: [
{
opId: "op-create-1",
entityType: "TASK",
entityId: "task-1",
action: "CREATE",
payload: '{"title":"任务一"}',
clientTs: 1712419200000,
deviceId: "device-a"
},
{
opId: "op-update-1",
entityType: "TASK",
entityId: "task-1",
action: "UPDATE",
payload: '{"title":"任务一-更新"}',
clientTs: 1712419201000,
deviceId: "device-a"
}
]
};
const firstResponse = await request(app.getHttpServer())
.post("/sync/push")
.set("x-user-id", "user-1")
.send(payload)
.expect(201);
expect(firstResponse.body.acceptedCount).toBe(2);
expect(firstResponse.body.duplicateCount).toBe(0);
expect(firstResponse.body.failedCount).toBe(0);
expect(firstResponse.body.results).toEqual([
expect.objectContaining({
opId: "op-create-1",
status: "accepted"
}),
expect.objectContaining({
opId: "op-update-1",
status: "accepted"
})
]);
expect(prismaService.getOperationCount()).toBe(2);
expect(prismaService.getRawOperationById("op-create-1")?.payload).not.toBe(
'{"title":"浠诲姟涓€"}'
);
const secondResponse = await request(app.getHttpServer())
.post("/sync/push")
.set("x-user-id", "user-1")
.send(payload)
.expect(201);
expect(secondResponse.body.acceptedCount).toBe(0);
expect(secondResponse.body.duplicateCount).toBe(2);
expect(secondResponse.body.failedCount).toBe(0);
expect(secondResponse.body.results).toEqual([
expect.objectContaining({
opId: "op-create-1",
status: "duplicate",
reason: "already_synced"
}),
expect.objectContaining({
opId: "op-update-1",
status: "duplicate",
reason: "already_synced"
})
]);
expect(prismaService.getOperationCount()).toBe(2);
});
it("should mark duplicated op ids in the same batch as duplicate", async () => {
const response = await request(app.getHttpServer())
.post("/sync/push")
.set("x-user-id", "user-2")
.send({
operations: [
{
opId: "op-dup-1",
entityType: "TASK",
entityId: "task-2",
action: "CREATE",
payload: '{"title":"任务二"}',
clientTs: 1712419300000,
deviceId: "device-b"
},
{
opId: "op-dup-1",
entityType: "TASK",
entityId: "task-2",
action: "UPDATE",
payload: '{"title":"任务二-重复"}',
clientTs: 1712419301000,
deviceId: "device-b"
}
]
})
.expect(201);
expect(response.body.acceptedCount).toBe(1);
expect(response.body.duplicateCount).toBe(1);
expect(response.body.failedCount).toBe(0);
expect(response.body.results[0]).toEqual(
expect.objectContaining({
opId: "op-dup-1",
status: "accepted"
})
);
expect(response.body.results[1]).toEqual(
expect.objectContaining({
opId: "op-dup-1",
status: "duplicate",
reason: "same_batch_duplicate"
})
);
expect(prismaService.getOperationCount()).toBe(3);
});
it("should pull operations incrementally with a stable cursor", async () => {
prismaService.seedOperations([
{
opId: "pull-op-1",
userId: "user-pull",
deviceId: "device-c",
entityType: "TASK",
entityId: "task-10",
action: "CREATE",
payload: '{"title":"任务甲"}',
clientTs: new Date("2026-04-06T10:00:00.000Z"),
serverTs: new Date("2026-04-06T10:10:00.000Z")
},
{
opId: "pull-op-2",
userId: "user-pull",
deviceId: "device-c",
entityType: "TASK",
entityId: "task-10",
action: "UPDATE",
payload: '{"title":"任务甲-更新"}',
clientTs: new Date("2026-04-06T10:01:00.000Z"),
serverTs: new Date("2026-04-06T10:10:00.000Z")
},
{
opId: "pull-op-3",
userId: "user-pull",
deviceId: "device-c",
entityType: "TASK",
entityId: "task-11",
action: "CREATE",
payload: '{"title":"任务乙"}',
clientTs: new Date("2026-04-06T10:02:00.000Z"),
serverTs: new Date("2026-04-06T10:11:00.000Z")
},
{
opId: "pull-op-other-user",
userId: "user-other",
deviceId: "device-z",
entityType: "TASK",
entityId: "task-99",
action: "CREATE",
payload: '{"title":"其他用户任务"}',
clientTs: new Date("2026-04-06T10:03:00.000Z"),
serverTs: new Date("2026-04-06T10:12:00.000Z")
}
]);
const firstResponse = await request(app.getHttpServer())
.get("/sync/pull")
.set("x-user-id", "user-pull")
.query({ limit: 2 })
.expect(200);
expect(firstResponse.body.items.map((item: { opId: string }) => item.opId)).toEqual([
"pull-op-1",
"pull-op-2"
]);
expect(firstResponse.body.hasMore).toBe(true);
expect(firstResponse.body.nextCursor).toEqual(expect.any(String));
const secondResponse = await request(app.getHttpServer())
.get("/sync/pull")
.set("x-user-id", "user-pull")
.query({
limit: 2,
cursor: firstResponse.body.nextCursor
})
.expect(200);
expect(secondResponse.body.items.map((item: { opId: string }) => item.opId)).toEqual([
"pull-op-3"
]);
expect(secondResponse.body.hasMore).toBe(false);
expect(secondResponse.body.nextCursor).toEqual(expect.any(String));
});
it("should reject invalid cursor payload", async () => {
await request(app.getHttpServer())
.get("/sync/pull")
.set("x-user-id", "user-invalid-cursor")
.query({
cursor: "not-a-valid-cursor"
})
.expect(400);
});
});
apps/api/test/task.spec.ts
+481
View File
@@ -0,0 +1,481 @@
import request from "supertest";
import { INestApplication, ValidationPipe } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { Test, TestingModule } from "@nestjs/testing";
import { PrismaService } from "../src/prisma/prisma.service";
import { DataEncryptionService } from "../src/security/data-encryption.service";
import { TaskController } from "../src/task/task.controller";
import { TaskService } from "../src/task/task.service";
import { TaskPriority, TaskStatus } from "../generated/prisma/client";
type TaskRecord = {
id: string;
userId: string;
title: string;
contentJson: unknown | null;
contentText: string | null;
priority: TaskPriority;
status: TaskStatus;
ddl: Date | null;
completedAt: Date | null;
version: number;
createdAt: Date;
updatedAt: Date;
};
type TagRecord = {
id: string;
userId: string;
name: string;
};
type TaskTagRecord = {
taskId: string;
tagId: string;
};
type ListWhereInput = {
userId?: string;
status?: TaskStatus;
priority?: TaskPriority;
taskTags?: {
some: {
tag: {
name: {
in: string[];
};
};
};
};
OR?: Array<{
title?: {
contains: string;
mode?: "insensitive";
};
contentText?: {
contains: string;
mode?: "insensitive";
};
}>;
};
class InMemoryPrismaService {
private taskIdSequence = 1;
private tagIdSequence = 1;
private tasks: TaskRecord[] = [];
private tags: TagRecord[] = [];
private taskTags: TaskTagRecord[] = [];
readonly task = {
findMany: async (args: {
where?: ListWhereInput;
orderBy?: { createdAt?: "asc" | "desc"; updatedAt?: "asc" | "desc"; ddl?: "asc" | "desc" };
skip?: number;
take?: number;
}) => {
const where = args.where;
const skip = args.skip ?? 0;
const take = args.take ?? 20;
let filtered = [...this.tasks];
if (where?.userId) {
filtered = filtered.filter((task) => task.userId === where.userId);
}
if (where?.status) {
filtered = filtered.filter((task) => task.status === where.status);
}
if (where?.priority) {
filtered = filtered.filter((task) => task.priority === where.priority);
}
if (where?.taskTags?.some.tag.name.in) {
const expectedTags = new Set(where.taskTags.some.tag.name.in);
filtered = filtered.filter((task) => {
const taskTagNames = this.getTaskTagNames(task.id);
return taskTagNames.some((tagName) => expectedTags.has(tagName));
});
}
if (where?.OR && where.OR.length > 0) {
filtered = filtered.filter((task) =>
where.OR!.some((orCondition) => {
if (orCondition.title?.contains) {
return task.title.toLowerCase().includes(orCondition.title.contains.toLowerCase());
}
if (orCondition.contentText?.contains) {
return (
task.contentText
?.toLowerCase()
.includes(orCondition.contentText.contains.toLowerCase()) ?? false
);
}
return false;
})
);
}
if (args.orderBy) {
const [orderField, orderDirection] = Object.entries(args.orderBy)[0] as [
"createdAt" | "updatedAt" | "ddl",
"asc" | "desc"
];
filtered.sort((left, right) => {
const leftValue = left[orderField];
const rightValue = right[orderField];
if (leftValue === null && rightValue === null) {
return 0;
}
if (leftValue === null) {
return 1;
}
if (rightValue === null) {
return -1;
}
const diff = leftValue.getTime() - rightValue.getTime();
return orderDirection === "asc" ? diff : -diff;
});
}
return filtered.slice(skip, skip + take).map((task) => this.toTaskWithTags(task));
},
count: async (args: { where?: ListWhereInput }) => {
const results = await this.task.findMany({
where: args.where,
skip: 0,
take: Number.MAX_SAFE_INTEGER
});
return results.length;
},
findFirst: async (args: {
where: {
id?: string;
userId?: string;
};
select?: {
id?: boolean;
status?: boolean;
};
}) => {
const task = this.tasks.find(
(item) =>
(args.where.id === undefined || item.id === args.where.id) &&
(args.where.userId === undefined || item.userId === args.where.userId)
);
if (!task) {
return null;
}
if (args.select) {
return {
id: args.select.id ? task.id : undefined,
status: args.select.status ? task.status : undefined
};
}
return this.toTaskWithTags(task);
},
create: async (args: {
data: {
userId: string;
title: string;
contentJson?: unknown;
contentText: string | null;
priority: TaskPriority;
status: TaskStatus;
ddl: Date | null;
completedAt: Date | null;
};
}) => {
const now = new Date();
const task: TaskRecord = {
id: `task_${this.taskIdSequence++}`,
userId: args.data.userId,
title: args.data.title,
contentJson: args.data.contentJson ?? null,
contentText: args.data.contentText,
priority: args.data.priority,
status: args.data.status,
ddl: args.data.ddl,
completedAt: args.data.completedAt,
version: 1,
createdAt: now,
updatedAt: now
};
this.tasks.push(task);
return task;
},
update: async (args: {
where: {
id: string;
};
data: {
title?: string;
contentJson?: unknown;
contentText?: string | null;
priority?: TaskPriority;
status?: TaskStatus;
ddl?: Date | null;
completedAt?: Date | null;
version?: {
increment: number;
};
};
}) => {
const task = this.tasks.find((item) => item.id === args.where.id);
if (!task) {
throw new Error("task not found");
}
if (args.data.title !== undefined) {
task.title = args.data.title;
}
if (args.data.contentJson !== undefined) {
task.contentJson = args.data.contentJson;
}
if (args.data.contentText !== undefined) {
task.contentText = args.data.contentText;
}
if (args.data.priority !== undefined) {
task.priority = args.data.priority;
}
if (args.data.status !== undefined) {
task.status = args.data.status;
}
if (args.data.ddl !== undefined) {
task.ddl = args.data.ddl;
}
if (args.data.completedAt !== undefined) {
task.completedAt = args.data.completedAt;
}
if (args.data.version !== undefined) {
task.version += args.data.version.increment;
}
task.updatedAt = new Date();
return task;
},
deleteMany: async (args: {
where: {
id: string;
userId: string;
};
}) => {
const beforeCount = this.tasks.length;
this.tasks = this.tasks.filter(
(task) => !(task.id === args.where.id && task.userId === args.where.userId)
);
this.taskTags = this.taskTags.filter((taskTag) => taskTag.taskId !== args.where.id);
return {
count: beforeCount - this.tasks.length
};
},
findUniqueOrThrow: async (args: {
where: {
id: string;
};
}) => {
const task = this.tasks.find((item) => item.id === args.where.id);
if (!task) {
throw new Error("task not found");
}
return this.toTaskWithTags(task);
}
};
readonly tag = {
upsert: async (args: {
where: {
userId_name: {
userId: string;
name: string;
};
};
create: {
userId: string;
name: string;
};
}) => {
const existing = this.tags.find(
(tag) =>
tag.userId === args.where.userId_name.userId && tag.name === args.where.userId_name.name
);
if (existing) {
return existing;
}
const createdTag: TagRecord = {
id: `tag_${this.tagIdSequence++}`,
userId: args.create.userId,
name: args.create.name
};
this.tags.push(createdTag);
return createdTag;
}
};
readonly taskTag = {
deleteMany: async (args: {
where: {
taskId: string;
};
}) => {
const beforeCount = this.taskTags.length;
this.taskTags = this.taskTags.filter((taskTag) => taskTag.taskId !== args.where.taskId);
return {
count: beforeCount - this.taskTags.length
};
},
createMany: async (args: {
data: Array<{
taskId: string;
tagId: string;
}>;
}) => {
for (const row of args.data) {
const existing = this.taskTags.find(
(taskTag) => taskTag.taskId === row.taskId && taskTag.tagId === row.tagId
);
if (!existing) {
this.taskTags.push(row);
}
}
return {
count: args.data.length
};
}
};
async $transaction<T>(runner: (tx: InMemoryPrismaService) => Promise<T>): Promise<T> {
return runner(this);
}
getRawTaskById(taskId: string): TaskRecord | undefined {
return this.tasks.find((task) => task.id === taskId);
}
private toTaskWithTags(
task: TaskRecord
): TaskRecord & { taskTags: Array<{ tag: { name: string } }> } {
return {
...task,
taskTags: this.taskTags
.filter((taskTag) => taskTag.taskId === task.id)
.map((taskTag) => this.tags.find((tag) => tag.id === taskTag.tagId))
.filter((tag): tag is TagRecord => tag !== undefined)
.map((tag) => ({
tag: {
name: tag.name
}
}))
};
}
private getTaskTagNames(taskId: string): string[] {
return this.taskTags
.filter((taskTag) => taskTag.taskId === taskId)
.map((taskTag) => this.tags.find((tag) => tag.id === taskTag.tagId))
.filter((tag): tag is TagRecord => tag !== undefined)
.map((tag) => tag.name);
}
}
describe("TaskController (integration)", () => {
let app: INestApplication;
const prismaService = new InMemoryPrismaService();
beforeAll(async () => {
const moduleRef: TestingModule = await Test.createTestingModule({
controllers: [TaskController],
providers: [
TaskService,
DataEncryptionService,
{ provide: PrismaService, useValue: prismaService as unknown as PrismaService },
{
provide: ConfigService,
useValue: {
get: (key: string) =>
key === "DATA_ENCRYPTION_SECRET" ? "test-data-encryption-secret" : undefined
}
}
]
}).compile();
app = moduleRef.createNestApplication();
app.useGlobalPipes(
new ValidationPipe({
transform: true,
whitelist: true,
forbidNonWhitelisted: true
})
);
await app.init();
});
afterAll(async () => {
await app.close();
});
it("should create, query, update and delete a task", async () => {
const createResponse = await request(app.getHttpServer())
.post("/tasks")
.set("x-user-id", "user_1")
.send({
title: "准备周会",
contentText: "整理本周进度",
priority: "HIGH",
tagNames: ["工作", "会议"]
})
.expect(201);
expect(createResponse.body.id).toBeDefined();
expect(createResponse.body.tags).toEqual(["工作", "会议"]);
const taskId = createResponse.body.id as string;
const rawCreatedTask = prismaService.getRawTaskById(taskId);
expect(rawCreatedTask?.title).not.toBe("准备周会");
expect(rawCreatedTask?.contentText).not.toBe("整理本周进度");
const listResponse = await request(app.getHttpServer())
.get("/tasks")
.set("x-user-id", "user_1")
.query({ tags: "会议" })
.expect(200);
expect(listResponse.body.total).toBe(1);
expect(listResponse.body.items[0].id).toBe(taskId);
const updateResponse = await request(app.getHttpServer())
.patch(`/tasks/${taskId}`)
.set("x-user-id", "user_1")
.send({
status: "DONE"
})
.expect(200);
expect(updateResponse.body.status).toBe("DONE");
expect(updateResponse.body.completedAt).toBeTruthy();
expect(updateResponse.body.version).toBe(2);
await request(app.getHttpServer())
.delete(`/tasks/${taskId}`)
.set("x-user-id", "user_1")
.expect(200)
.expect({
success: true
});
const listAfterDeleteResponse = await request(app.getHttpServer())
.get("/tasks")
.set("x-user-id", "user_1")
.expect(200);
expect(listAfterDeleteResponse.body.total).toBe(0);
});
});
apps/api/tsconfig.build.json
+5
View File
@@ -0,0 +1,5 @@
{
"$schema": "https://json.schemastore.org/tsconfig",
"extends": "./tsconfig.json",
"exclude": ["node_modules", "dist", "**/*.spec.ts"]
}
apps/api/tsconfig.json
+10
View File
@@ -0,0 +1,10 @@
{
"$schema": "https://json.schemastore.org/tsconfig",
"extends": "../../packages/tsconfig/nest-app.json",
"compilerOptions": {
"rootDir": ".",
"outDir": "dist"
},
"include": ["src/**/*.ts", "scripts/**/*.ts", "generated/prisma/**/*.ts"],
"exclude": ["dist", "node_modules"]
}
apps/api/tsconfig.spec.json
+9
View File
@@ -0,0 +1,9 @@
{
"$schema": "https://json.schemastore.org/tsconfig",
"extends": "./tsconfig.json",
"compilerOptions": {
"types": ["node", "jest"]
},
"include": ["src/**/*.ts", "generated/prisma/**/*.ts", "test/**/*.ts"],
"exclude": ["dist", "node_modules"]
}
apps/web/.gitignore
+24
View File
@@ -0,0 +1,24 @@
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
lerna-debug.log*
node_modules
dist
dist-ssr
*.local
# Editor directories and files
.vscode/*
!.vscode/extensions.json
.idea
.DS_Store
*.suo
*.ntvs*
*.njsproj
*.sln
*.sw?
apps/web/README.md
+57
View File
@@ -0,0 +1,57 @@
# TodoList Web 前端
这是 TodoList 的用户端前端应用(SPA + PWA),基于 `React + TypeScript + Vite`
## 技术栈
- React
- TypeScript
- Vite
- Tailwind CSS
- shadcn/ui
## 本地开发
在仓库根目录执行:
```bash
pnpm install
pnpm --filter web dev
```
默认开发地址:
- `http://localhost:5173`
## 后端接口地址
前端默认请求:
- `http://localhost:3000`
如需自定义,请在运行前设置环境变量:
```bash
VITE_API_BASE_URL=http://localhost:3000
```
## 构建与预览
```bash
pnpm --filter web build
pnpm --filter web preview
```
## 当前功能进度(阶段性)
- 邮箱验证码登录页面
- OAuth 回调页面
- 会话本地缓存与启动恢复
- 基础工作台页面骨架
## 目录说明
- `src/pages`:页面组件
- `src/components`:通用 UI 组件
- `src/services`:接口请求与会话处理
- `src/lib`:工具函数
apps/web/components.json
+25
View File
@@ -0,0 +1,25 @@
{
"$schema": "https://ui.shadcn.com/schema.json",
"style": "base-nova",
"rsc": false,
"tsx": true,
"tailwind": {
"config": "tailwind.config.js",
"css": "src/index.css",
"baseColor": "neutral",
"cssVariables": true,
"prefix": ""
},
"iconLibrary": "lucide",
"rtl": false,
"aliases": {
"components": "@/components",
"utils": "@/lib/utils",
"ui": "@/components/ui",
"lib": "@/lib",
"hooks": "@/hooks"
},
"menuColor": "default",
"menuAccent": "subtle",
"registries": {}
}
apps/web/eslint.config.js
+23
View File
@@ -0,0 +1,23 @@
import js from "@eslint/js";
import globals from "globals";
import reactHooks from "eslint-plugin-react-hooks";
import reactRefresh from "eslint-plugin-react-refresh";
import tseslint from "typescript-eslint";
import { defineConfig, globalIgnores } from "eslint/config";
export default defineConfig([
globalIgnores(["dist"]),
{
files: ["**/*.{ts,tsx}"],
extends: [
js.configs.recommended,
tseslint.configs.recommended,
reactHooks.configs.flat.recommended,
reactRefresh.configs.vite
],
languageOptions: {
ecmaVersion: 2020,
globals: globals.browser
}
}
]);
apps/web/index.html
+14
View File
@@ -0,0 +1,14 @@
<!doctype html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8" />
<link rel="icon" type="image/png" href="/favicon.png" />
<link rel="apple-touch-icon" href="/favicon.png" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>TodoList</title>
</head>
<body>
<div id="root"></div>
<script type="module" src="/src/main.tsx"></script>
</body>
</html>
apps/web/package.json
+51
View File
@@ -0,0 +1,51 @@
{
"name": "web",
"private": true,
"version": "0.0.0",
"type": "module",
"scripts": {
"dev": "vite",
"build": "tsc -b && vite build",
"lint": "eslint .",
"preview": "vite preview"
},
"dependencies": {
"@base-ui/react": "^1.3.0",
"@fontsource-variable/geist": "^5.2.8",
"@tiptap/core": "^3.22.2",
"@tiptap/extension-image": "^3.22.2",
"@tiptap/extension-link": "^3.22.2",
"@tiptap/extension-youtube": "^3.22.2",
"@tiptap/react": "^3.22.2",
"@tiptap/starter-kit": "^3.22.2",
"browser-image-compression": "^2.0.2",
"class-variance-authority": "^0.7.1",
"clsx": "^2.1.1",
"dexie": "^4.4.2",
"dexie-react-hooks": "^4.4.0",
"lucide-react": "^1.7.0",
"react": "^19.2.4",
"react-dom": "^19.2.4",
"react-router-dom": "^7.14.0",
"shadcn": "^4.1.2",
"tailwind-merge": "^3.5.0",
"tw-animate-css": "^1.4.0"
},
"devDependencies": {
"@eslint/js": "^9.39.4",
"@types/node": "^24.12.0",
"@types/react": "^19.2.14",
"@types/react-dom": "^19.2.3",
"@vitejs/plugin-react": "^6.0.1",
"autoprefixer": "^10.4.27",
"eslint": "^9.39.4",
"eslint-plugin-react-hooks": "^7.0.1",
"eslint-plugin-react-refresh": "^0.5.2",
"globals": "^17.4.0",
"postcss": "^8.5.8",
"tailwindcss": "^3.4.17",
"typescript": "~5.9.3",
"typescript-eslint": "^8.57.0",
"vite": "^8.0.1"
}
}
apps/web/postcss.config.js
+6
View File
@@ -0,0 +1,6 @@
export default {
plugins: {
tailwindcss: {},
autoprefixer: {}
}
};
apps/web/public/favicon.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 199 KiB

apps/web/public/favicon.svg
+1
View File
File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 9.3 KiB

apps/web/public/icons.svg
+24
View File
@@ -0,0 +1,24 @@
<svg xmlns="http://www.w3.org/2000/svg">
<symbol id="bluesky-icon" viewBox="0 0 16 17">
<g clip-path="url(#bluesky-clip)"><path fill="#08060d" d="M7.75 7.735c-.693-1.348-2.58-3.86-4.334-5.097-1.68-1.187-2.32-.981-2.74-.79C.188 2.065.1 2.812.1 3.251s.241 3.602.398 4.13c.52 1.744 2.367 2.333 4.07 2.145-2.495.37-4.71 1.278-1.805 4.512 3.196 3.309 4.38-.71 4.987-2.746.608 2.036 1.307 5.91 4.93 2.746 2.72-2.746.747-4.143-1.747-4.512 1.702.189 3.55-.4 4.07-2.145.156-.528.397-3.691.397-4.13s-.088-1.186-.575-1.406c-.42-.19-1.06-.395-2.741.79-1.755 1.24-3.64 3.752-4.334 5.099"/></g>
<defs><clipPath id="bluesky-clip"><path fill="#fff" d="M.1.85h15.3v15.3H.1z"/></clipPath></defs>
</symbol>
<symbol id="discord-icon" viewBox="0 0 20 19">
<path fill="#08060d" d="M16.224 3.768a14.5 14.5 0 0 0-3.67-1.153c-.158.286-.343.67-.47.976a13.5 13.5 0 0 0-4.067 0c-.128-.306-.317-.69-.476-.976A14.4 14.4 0 0 0 3.868 3.77C1.546 7.28.916 10.703 1.231 14.077a14.7 14.7 0 0 0 4.5 2.306q.545-.748.965-1.587a9.5 9.5 0 0 1-1.518-.74q.191-.14.372-.293c2.927 1.369 6.107 1.369 8.999 0q.183.152.372.294-.723.437-1.52.74.418.838.963 1.588a14.6 14.6 0 0 0 4.504-2.308c.37-3.911-.63-7.302-2.644-10.309m-9.13 8.234c-.878 0-1.599-.82-1.599-1.82 0-.998.705-1.82 1.6-1.82.894 0 1.614.82 1.599 1.82.001 1-.705 1.82-1.6 1.82m5.91 0c-.878 0-1.599-.82-1.599-1.82 0-.998.705-1.82 1.6-1.82.893 0 1.614.82 1.599 1.82 0 1-.706 1.82-1.6 1.82"/>
</symbol>
<symbol id="documentation-icon" viewBox="0 0 21 20">
<path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="m15.5 13.333 1.533 1.322c.645.555.967.833.967 1.178s-.322.623-.967 1.179L15.5 18.333m-3.333-5-1.534 1.322c-.644.555-.966.833-.966 1.178s.322.623.966 1.179l1.534 1.321"/>
<path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="M17.167 10.836v-4.32c0-1.41 0-2.117-.224-2.68-.359-.906-1.118-1.621-2.08-1.96-.599-.21-1.349-.21-2.848-.21-2.623 0-3.935 0-4.983.369-1.684.591-3.013 1.842-3.641 3.428C3 6.449 3 7.684 3 10.154v2.122c0 2.558 0 3.838.706 4.726q.306.383.713.671c.76.536 1.79.64 3.581.66"/>
<path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="M3 10a2.78 2.78 0 0 1 2.778-2.778c.555 0 1.209.097 1.748-.047.48-.129.854-.503.982-.982.145-.54.048-1.194.048-1.749a2.78 2.78 0 0 1 2.777-2.777"/>
</symbol>
<symbol id="github-icon" viewBox="0 0 19 19">
<path fill="#08060d" fill-rule="evenodd" d="M9.356 1.85C5.05 1.85 1.57 5.356 1.57 9.694a7.84 7.84 0 0 0 5.324 7.44c.387.079.528-.168.528-.376 0-.182-.013-.805-.013-1.454-2.165.467-2.616-.935-2.616-.935-.349-.91-.864-1.143-.864-1.143-.71-.48.051-.48.051-.48.787.051 1.2.805 1.2.805.695 1.194 1.817.857 2.268.649.064-.507.27-.857.49-1.052-1.728-.182-3.545-.857-3.545-3.87 0-.857.31-1.558.8-2.104-.078-.195-.349-1 .077-2.078 0 0 .657-.208 2.14.805a7.5 7.5 0 0 1 1.946-.26c.657 0 1.328.092 1.946.26 1.483-1.013 2.14-.805 2.14-.805.426 1.078.155 1.883.078 2.078.502.546.799 1.247.799 2.104 0 3.013-1.818 3.675-3.558 3.87.284.247.528.714.528 1.454 0 1.052-.012 1.896-.012 2.156 0 .208.142.455.528.377a7.84 7.84 0 0 0 5.324-7.441c.013-4.338-3.48-7.844-7.773-7.844" clip-rule="evenodd"/>
</symbol>
<symbol id="social-icon" viewBox="0 0 20 20">
<path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="M12.5 6.667a4.167 4.167 0 1 0-8.334 0 4.167 4.167 0 0 0 8.334 0"/>
<path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="M2.5 16.667a5.833 5.833 0 0 1 8.75-5.053m3.837.474.513 1.035c.07.144.257.282.414.309l.93.155c.596.1.736.536.307.965l-.723.73a.64.64 0 0 0-.152.531l.207.903c.164.715-.213.991-.84.618l-.872-.52a.63.63 0 0 0-.577 0l-.872.52c-.624.373-1.003.094-.84-.618l.207-.903a.64.64 0 0 0-.152-.532l-.723-.729c-.426-.43-.289-.864.306-.964l.93-.156a.64.64 0 0 0 .412-.31l.513-1.034c.28-.562.735-.562 1.012 0"/>
</symbol>
<symbol id="x-icon" viewBox="0 0 19 19">
<path fill="#08060d" fill-rule="evenodd" d="M1.893 1.98c.052.072 1.245 1.769 2.653 3.77l2.892 4.114c.183.261.333.48.333.486s-.068.089-.152.183l-.522.593-.765.867-3.597 4.087c-.375.426-.734.834-.798.905a1 1 0 0 0-.118.148c0 .01.236.017.664.017h.663l.729-.83c.4-.457.796-.906.879-.999a692 692 0 0 0 1.794-2.038c.034-.037.301-.34.594-.675l.551-.624.345-.392a7 7 0 0 1 .34-.374c.006 0 .93 1.306 2.052 2.903l2.084 2.965.045.063h2.275c1.87 0 2.273-.003 2.266-.021-.008-.02-1.098-1.572-3.894-5.547-2.013-2.862-2.28-3.246-2.273-3.266.008-.019.282-.332 2.085-2.38l2-2.274 1.567-1.782c.022-.028-.016-.03-.65-.03h-.674l-.3.342a871 871 0 0 1-1.782 2.025c-.067.075-.405.458-.75.852a100 100 0 0 1-.803.91c-.148.172-.299.344-.99 1.127-.304.343-.32.358-.345.327-.015-.019-.904-1.282-1.976-2.808L6.365 1.85H1.8zm1.782.91 8.078 11.294c.772 1.08 1.413 1.973 1.425 1.984.016.017.241.02 1.05.017l1.03-.004-2.694-3.766L7.796 5.75 5.722 2.852l-1.039-.004-1.039-.004z" clip-rule="evenodd"/>
</symbol>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.9 KiB

apps/web/src/App.css
+184
View File
@@ -0,0 +1,184 @@
.counter {
font-size: 16px;
padding: 5px 10px;
border-radius: 5px;
color: var(--accent);
background: var(--accent-bg);
border: 2px solid transparent;
transition: border-color 0.3s;
margin-bottom: 24px;
&:hover {
border-color: var(--accent-border);
}
&:focus-visible {
outline: 2px solid var(--accent);
outline-offset: 2px;
}
}
.hero {
position: relative;
.base,
.framework,
.vite {
inset-inline: 0;
margin: 0 auto;
}
.base {
width: 170px;
position: relative;
z-index: 0;
}
.framework,
.vite {
position: absolute;
}
.framework {
z-index: 1;
top: 34px;
height: 28px;
transform: perspective(2000px) rotateZ(300deg) rotateX(44deg) rotateY(39deg)
scale(1.4);
}
.vite {
z-index: 0;
top: 107px;
height: 26px;
width: auto;
transform: perspective(2000px) rotateZ(300deg) rotateX(40deg) rotateY(39deg)
scale(0.8);
}
}
#center {
display: flex;
flex-direction: column;
gap: 25px;
place-content: center;
place-items: center;
flex-grow: 1;
@media (max-width: 1024px) {
padding: 32px 20px 24px;
gap: 18px;
}
}
#next-steps {
display: flex;
border-top: 1px solid var(--border);
text-align: left;
& > div {
flex: 1 1 0;
padding: 32px;
@media (max-width: 1024px) {
padding: 24px 20px;
}
}
.icon {
margin-bottom: 16px;
width: 22px;
height: 22px;
}
@media (max-width: 1024px) {
flex-direction: column;
text-align: center;
}
}
#docs {
border-right: 1px solid var(--border);
@media (max-width: 1024px) {
border-right: none;
border-bottom: 1px solid var(--border);
}
}
#next-steps ul {
list-style: none;
padding: 0;
display: flex;
gap: 8px;
margin: 32px 0 0;
.logo {
height: 18px;
}
a {
color: var(--text-h);
font-size: 16px;
border-radius: 6px;
background: var(--social-bg);
display: flex;
padding: 6px 12px;
align-items: center;
gap: 8px;
text-decoration: none;
transition: box-shadow 0.3s;
&:hover {
box-shadow: var(--shadow);
}
.button-icon {
height: 18px;
width: 18px;
}
}
@media (max-width: 1024px) {
margin-top: 20px;
flex-wrap: wrap;
justify-content: center;
li {
flex: 1 1 calc(50% - 8px);
}
a {
width: 100%;
justify-content: center;
box-sizing: border-box;
}
}
}
#spacer {
height: 88px;
border-top: 1px solid var(--border);
@media (max-width: 1024px) {
height: 48px;
}
}
.ticks {
position: relative;
width: 100%;
&::before,
&::after {
content: '';
position: absolute;
top: -4.5px;
border: 5px solid transparent;
}
&::before {
left: 0;
border-left-color: var(--border);
}
&::after {
right: 0;
border-right-color: var(--border);
}
}
apps/web/src/App.tsx
+386
View File
@@ -0,0 +1,386 @@
import { useEffect, useState } from "react";
import type { LucideIcon } from "lucide-react";
import {
Bell,
ChevronLeft,
ChevronRight,
LayoutDashboard,
ListTodo,
LogOut,
Menu,
Moon,
Settings,
Sparkles,
Sun,
X
} from "lucide-react";
import { Navigate, Route, Routes, useLocation, useNavigate } from "react-router-dom";
import { Button } from "@/components/ui/button";
import { cn } from "@/lib/utils";
import { AiChatPage } from "@/pages/ai-chat-page";
import { EmailLoginPage } from "@/pages/email-login-page";
import { OAuthCallbackPage } from "@/pages/oauth-callback-page";
import { PlaceholderPage } from "@/pages/placeholder-page";
import { SettingsPage } from "@/pages/settings-page";
import { TodoShellPage } from "@/pages/todo-shell-page";
import { revokeRefreshToken, type EmailLoginResult } from "@/services/auth-api";
import {
clearSession,
loadSession,
saveSession,
type WebSession
} from "@/services/session-storage";
import {
applyThemeMode,
loadThemeMode,
saveThemeMode,
type ThemeMode
} from "@/services/theme-storage";
type SidebarItem = {
key: string;
label: string;
icon: LucideIcon;
path: string;
};
const SIDEBAR_ITEMS: SidebarItem[] = [
{ key: "dashboard", label: "概览面板", icon: LayoutDashboard, path: "/dashboard" },
{ key: "todo", label: "待办事项", icon: ListTodo, path: "/todo" },
{ key: "ai", label: "AI 助手", icon: Sparkles, path: "/ai" },
{ key: "notice", label: "提醒中心", icon: Bell, path: "/notice" },
{ key: "settings", label: "系统设置", icon: Settings, path: "/settings" }
];
const READY_SIDEBAR_KEYS = new Set(["todo", "ai", "settings"]);
function toWebSession(payload: EmailLoginResult): WebSession {
return {
accessToken: payload.accessToken,
refreshToken: payload.refreshToken,
user: {
id: payload.user.id,
email: payload.user.email
}
};
}
function App() {
const [session, setSession] = useState<WebSession | null>(() => loadSession());
const [loggingOut, setLoggingOut] = useState(false);
const [themeMode, setThemeMode] = useState<ThemeMode>(() => loadThemeMode());
const [sidebarCollapsed, setSidebarCollapsed] = useState(false);
const [mobileSidebarOpen, setMobileSidebarOpen] = useState(false);
const navigate = useNavigate();
const location = useLocation();
const isAuthPage =
location.pathname === "/login/email" || location.pathname.startsWith("/auth/callback/");
useEffect(() => {
applyThemeMode(themeMode);
saveThemeMode(themeMode);
}, [themeMode]);
async function handleLogout(): Promise<void> {
if (!session || loggingOut) {
return;
}
try {
setLoggingOut(true);
await revokeRefreshToken(session.refreshToken);
} catch {
// 无论接口成功与否,都要清理本地会话,避免页面卡在登录态。
} finally {
clearSession();
setSession(null);
setLoggingOut(false);
setMobileSidebarOpen(false);
navigate("/login/email", { replace: true });
}
}
function handleToggleTheme(): void {
setThemeMode((currentTheme) => (currentTheme === "dark" ? "light" : "dark"));
}
function handleLoginSuccess(payload: EmailLoginResult): void {
const nextSession = toWebSession(payload);
saveSession(nextSession);
setSession(nextSession);
setMobileSidebarOpen(false);
navigate("/todo", { replace: true });
}
function handleBootstrapSession(nextSession: WebSession): void {
setSession(nextSession);
setMobileSidebarOpen(false);
}
function renderSidebarContent(options: { collapsed: boolean; mobile: boolean }) {
const { collapsed, mobile } = options;
return (
<div className="flex h-full min-h-0 flex-col">
{mobile ? (
<div className="flex h-14 shrink-0 items-center justify-end border-b border-border/70 px-3">
<Button
type="button"
size="icon-sm"
variant="ghost"
className="text-muted-foreground"
onClick={() => setMobileSidebarOpen(false)}
aria-label="关闭侧边栏"
>
<X className="size-4" />
</Button>
</div>
) : null}
<div className="min-h-0 flex-1 overflow-y-auto p-2">
<nav className="space-y-1">
{SIDEBAR_ITEMS.map((item) => {
const ItemIcon = item.icon;
const isActive =
location.pathname === item.path || location.pathname.startsWith(`${item.path}/`);
return (
<button
key={item.key}
type="button"
className={cn(
"group flex w-full items-center rounded-xl border border-transparent px-3 py-2.5 text-left transition-colors",
"gap-3 hover:border-primary/25 hover:bg-primary/10",
isActive ? "border-primary/25 bg-primary/10" : null
)}
onClick={() => {
navigate(item.path);
setMobileSidebarOpen(false);
}}
>
<ItemIcon className="size-5 shrink-0 text-primary" />
{collapsed ? null : (
<>
<span className="text-sm whitespace-nowrap text-foreground">
{item.label}
</span>
{READY_SIDEBAR_KEYS.has(item.key) ? null : (
<span className="ml-auto whitespace-nowrap rounded-full border border-border bg-card px-2 py-0.5 text-[10px] text-muted-foreground">
线
</span>
)}
</>
)}
</button>
);
})}
</nav>
</div>
<div className="shrink-0 space-y-2 border-t border-border/70 p-2">
<Button
type="button"
variant="outline"
className="w-full justify-start gap-2 border-primary/25 px-3 text-primary hover:bg-primary/10"
onClick={handleToggleTheme}
>
{themeMode === "dark" ? <Sun className="size-4" /> : <Moon className="size-4" />}
{collapsed ? null : (
<span className="whitespace-nowrap">
{themeMode === "dark" ? "浅色模式" : "深色模式"}
</span>
)}
</Button>
<Button
type="button"
variant="outline"
className="w-full justify-start gap-2 border-primary/25 px-3 text-primary hover:bg-primary/10"
onClick={handleLogout}
disabled={!session || loggingOut}
>
<LogOut className="size-4" />
{collapsed ? null : (
<span className="whitespace-nowrap">{loggingOut ? "退出中..." : "退出登录"}</span>
)}
</Button>
</div>
</div>
);
}
if (isAuthPage) {
return (
<div className="min-h-dvh bg-background text-foreground md:min-h-screen">
<main className="flex min-h-dvh items-center justify-center px-4 py-8 md:min-h-screen md:px-6">
<div className="w-full max-w-md">
<Routes>
<Route
path="/login/email"
element={<EmailLoginPage onLoginSuccess={handleLoginSuccess} />}
/>
<Route
path="/auth/callback/:provider"
element={<OAuthCallbackPage onBootstrapSession={handleBootstrapSession} />}
/>
<Route
path="*"
element={<Navigate to={session ? "/todo" : "/login/email"} replace />}
/>
</Routes>
</div>
</main>
</div>
);
}
return (
<div className="h-dvh overflow-hidden bg-background text-foreground md:h-screen">
<header className="relative z-50 shrink-0 border-b border-border/70 bg-background/80 backdrop-blur-xl">
<div className="flex h-16 items-center justify-between px-4 md:px-6">
<div className="flex items-center gap-3">
<button
type="button"
className="text-primary md:hidden"
onClick={() => setMobileSidebarOpen(true)}
aria-label="打开侧边栏"
>
<Menu className="size-12" />
</button>
<img
src="/favicon.png"
alt="TodoList"
className="h-9 w-9 shrink-0 rounded-xl shadow-sm"
/>
<span className="text-base font-semibold tracking-tight text-foreground">TodoList</span>
</div>
<span className="hidden max-w-[280px] truncate text-sm text-muted-foreground md:block">
{session ? session.user.email : "未登录"}
</span>
</div>
</header>
{mobileSidebarOpen ? (
<button
type="button"
className="fixed inset-x-0 bottom-0 top-16 z-30 bg-black/40 backdrop-blur-[2px] md:hidden"
aria-label="关闭侧边栏遮罩"
onClick={() => setMobileSidebarOpen(false)}
/>
) : null}
<aside
className={cn(
"fixed bottom-0 left-0 top-16 z-40 w-72 border-r border-border/80 bg-card/95 backdrop-blur-xl transition-transform duration-300 md:hidden",
mobileSidebarOpen ? "translate-x-0" : "-translate-x-full"
)}
>
{renderSidebarContent({ collapsed: false, mobile: true })}
</aside>
<div className="flex h-[calc(100dvh-4rem)] min-h-0 md:h-[calc(100vh-4rem)]">
<aside
className={cn(
"relative hidden h-full border-r border-border/80 bg-card/88 backdrop-blur-xl transition-[width] duration-300 md:flex md:flex-col",
sidebarCollapsed ? "md:w-14" : "md:w-72"
)}
>
{renderSidebarContent({ collapsed: sidebarCollapsed, mobile: false })}
<Button
type="button"
size="icon-sm"
variant="outline"
className={cn(
"absolute left-full top-1/2 z-20 -ml-px h-14 w-6 -translate-y-1/2 rounded-none border border-border/80",
"bg-card/88 text-muted-foreground backdrop-blur-xl transition-colors duration-200 hover:bg-muted/80 hover:text-foreground",
"focus-visible:ring-2 focus-visible:ring-ring/45 focus-visible:ring-offset-0"
)}
onClick={() => setSidebarCollapsed((current) => !current)}
aria-label={sidebarCollapsed ? "展开侧边栏" : "收起侧边栏"}
>
{sidebarCollapsed ? (
<ChevronRight className="size-4" />
) : (
<ChevronLeft className="size-4" />
)}
</Button>
</aside>
<div className="flex min-h-0 min-w-0 flex-1 flex-col">
<main className="min-h-0 flex-1 overflow-y-auto px-4 py-6 md:px-6 md:py-8">
<div className="mx-auto w-full max-w-6xl">
<Routes>
<Route
path="/"
element={<Navigate to={session ? "/todo" : "/login/email"} replace />}
/>
<Route
path="/dashboard"
element={
session ? (
<PlaceholderPage
title="概览面板正在整理"
description="这里后续会放任务统计、今日重点、AI 使用概况和提醒概览。当前先把导航和页面结构拆清楚。"
/>
) : (
<Navigate to="/login/email" replace />
)
}
/>
<Route
path="/todo"
element={
session ? (
<TodoShellPage session={session} />
) : (
<Navigate to="/login/email" replace />
)
}
/>
<Route
path="/ai"
element={
session ? (
<AiChatPage session={session} />
) : (
<Navigate to="/login/email" replace />
)
}
/>
<Route
path="/notice"
element={
session ? (
<PlaceholderPage
title="提醒中心即将接入"
description="邮件提醒、Web Push 推送、任务到期前通知都会独立收敛到这里,而不是继续堆在任务页里。"
/>
) : (
<Navigate to="/login/email" replace />
)
}
/>
<Route
path="/settings"
element={
session ? (
<SettingsPage session={session} />
) : (
<Navigate to="/login/email" replace />
)
}
/>
<Route
path="*"
element={<Navigate to={session ? "/todo" : "/login/email"} replace />}
/>
</Routes>
</div>
</main>
</div>
</div>
</div>
);
}
export default App;
apps/web/src/assets/hero.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 44 KiB

apps/web/src/assets/react.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="35.93" height="32" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 228"><path fill="#00D8FF" d="M210.483 73.824a171.49 171.49 0 0 0-8.24-2.597c.465-1.9.893-3.777 1.273-5.621c6.238-30.281 2.16-54.676-11.769-62.708c-13.355-7.7-35.196.329-57.254 19.526a171.23 171.23 0 0 0-6.375 5.848a155.866 155.866 0 0 0-4.241-3.917C100.759 3.829 77.587-4.822 63.673 3.233C50.33 10.957 46.379 33.89 51.995 62.588a170.974 170.974 0 0 0 1.892 8.48c-3.28.932-6.445 1.924-9.474 2.98C17.309 83.498 0 98.307 0 113.668c0 15.865 18.582 31.778 46.812 41.427a145.52 145.52 0 0 0 6.921 2.165a167.467 167.467 0 0 0-2.01 9.138c-5.354 28.2-1.173 50.591 12.134 58.266c13.744 7.926 36.812-.22 59.273-19.855a145.567 145.567 0 0 0 5.342-4.923a168.064 168.064 0 0 0 6.92 6.314c21.758 18.722 43.246 26.282 56.54 18.586c13.731-7.949 18.194-32.003 12.4-61.268a145.016 145.016 0 0 0-1.535-6.842c1.62-.48 3.21-.974 4.76-1.488c29.348-9.723 48.443-25.443 48.443-41.52c0-15.417-17.868-30.326-45.517-39.844Zm-6.365 70.984c-1.4.463-2.836.91-4.3 1.345c-3.24-10.257-7.612-21.163-12.963-32.432c5.106-11 9.31-21.767 12.459-31.957c2.619.758 5.16 1.557 7.61 2.4c23.69 8.156 38.14 20.213 38.14 29.504c0 9.896-15.606 22.743-40.946 31.14Zm-10.514 20.834c2.562 12.94 2.927 24.64 1.23 33.787c-1.524 8.219-4.59 13.698-8.382 15.893c-8.067 4.67-25.32-1.4-43.927-17.412a156.726 156.726 0 0 1-6.437-5.87c7.214-7.889 14.423-17.06 21.459-27.246c12.376-1.098 24.068-2.894 34.671-5.345a134.17 134.17 0 0 1 1.386 6.193ZM87.276 214.515c-7.882 2.783-14.16 2.863-17.955.675c-8.075-4.657-11.432-22.636-6.853-46.752a156.923 156.923 0 0 1 1.869-8.499c10.486 2.32 22.093 3.988 34.498 4.994c7.084 9.967 14.501 19.128 21.976 27.15a134.668 134.668 0 0 1-4.877 4.492c-9.933 8.682-19.886 14.842-28.658 17.94ZM50.35 144.747c-12.483-4.267-22.792-9.812-29.858-15.863c-6.35-5.437-9.555-10.836-9.555-15.216c0-9.322 13.897-21.212 37.076-29.293c2.813-.98 5.757-1.905 8.812-2.773c3.204 10.42 7.406 21.315 12.477 32.332c-5.137 11.18-9.399 22.249-12.634 32.792a134.718 134.718 0 0 1-6.318-1.979Zm12.378-84.26c-4.811-24.587-1.616-43.134 6.425-47.789c8.564-4.958 27.502 2.111 47.463 19.835a144.318 144.318 0 0 1 3.841 3.545c-7.438 7.987-14.787 17.08-21.808 26.988c-12.04 1.116-23.565 2.908-34.161 5.309a160.342 160.342 0 0 1-1.76-7.887Zm110.427 27.268a347.8 347.8 0 0 0-7.785-12.803c8.168 1.033 15.994 2.404 23.343 4.08c-2.206 7.072-4.956 14.465-8.193 22.045a381.151 381.151 0 0 0-7.365-13.322Zm-45.032-43.861c5.044 5.465 10.096 11.566 15.065 18.186a322.04 322.04 0 0 0-30.257-.006c4.974-6.559 10.069-12.652 15.192-18.18ZM82.802 87.83a323.167 323.167 0 0 0-7.227 13.238c-3.184-7.553-5.909-14.98-8.134-22.152c7.304-1.634 15.093-2.97 23.209-3.984a321.524 321.524 0 0 0-7.848 12.897Zm8.081 65.352c-8.385-.936-16.291-2.203-23.593-3.793c2.26-7.3 5.045-14.885 8.298-22.6a321.187 321.187 0 0 0 7.257 13.246c2.594 4.48 5.28 8.868 8.038 13.147Zm37.542 31.03c-5.184-5.592-10.354-11.779-15.403-18.433c4.902.192 9.899.29 14.978.29c5.218 0 10.376-.117 15.453-.343c-4.985 6.774-10.018 12.97-15.028 18.486Zm52.198-57.817c3.422 7.8 6.306 15.345 8.596 22.52c-7.422 1.694-15.436 3.058-23.88 4.071a382.417 382.417 0 0 0 7.859-13.026a347.403 347.403 0 0 0 7.425-13.565Zm-16.898 8.101a358.557 358.557 0 0 1-12.281 19.815a329.4 329.4 0 0 1-23.444.823c-7.967 0-15.716-.248-23.178-.732a310.202 310.202 0 0 1-12.513-19.846h.001a307.41 307.41 0 0 1-10.923-20.627a310.278 310.278 0 0 1 10.89-20.637l-.001.001a307.318 307.318 0 0 1 12.413-19.761c7.613-.576 15.42-.876 23.31-.876H128c7.926 0 15.743.303 23.354.883a329.357 329.357 0 0 1 12.335 19.695a358.489 358.489 0 0 1 11.036 20.54a329.472 329.472 0 0 1-11 20.722Zm22.56-122.124c8.572 4.944 11.906 24.881 6.52 51.026c-.344 1.668-.73 3.367-1.15 5.09c-10.622-2.452-22.155-4.275-34.23-5.408c-7.034-10.017-14.323-19.124-21.64-27.008a160.789 160.789 0 0 1 5.888-5.4c18.9-16.447 36.564-22.941 44.612-18.3ZM128 90.808c12.625 0 22.86 10.235 22.86 22.86s-10.235 22.86-22.86 22.86s-22.86-10.235-22.86-22.86s10.235-22.86 22.86-22.86Z"></path></svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.0 KiB

apps/web/src/assets/vite.svg
+1
View File
File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 8.5 KiB

apps/web/src/components/ai/ai-shared.ts
+72
View File
@@ -0,0 +1,72 @@
import type { UpsertWebAiBindingInput, WebAiBindingSummary, WebAiChannel } from "@/services/ai-api";
export type AiBindingFormState = {
providerName: string;
model: string;
endpoint: string;
apiKey: string;
configId: string;
configName: string;
isEnabled: boolean;
};
export const CHANNEL_ORDER: WebAiChannel[] = ["USER_KEY", "ASTRBOT", "PUBLIC_POOL"];
export const CHANNEL_META: Record<
WebAiChannel,
{
title: string;
description: string;
accentClassName: string;
}
> = {
USER_KEY: {
title: "自备厂商",
description: "用户自行接入 OpenAI-Compatible 服务",
accentClassName: "from-sky-500/15 via-transparent to-sky-500/5"
},
ASTRBOT: {
title: "AstrBot",
description: "复用你在 AstrBot 中维护的模型配置",
accentClassName: "from-amber-500/15 via-transparent to-amber-500/5"
},
PUBLIC_POOL: {
title: "公共 AI",
description: "使用管理员开放的站点公共通道",
accentClassName: "from-emerald-500/15 via-transparent to-emerald-500/5"
}
};
export function createAiBindingFormState(binding?: WebAiBindingSummary | null): AiBindingFormState {
return {
providerName: binding?.providerName ?? "",
model: binding?.model ?? "",
endpoint: binding?.endpoint ?? "",
apiKey: "",
configId: binding?.configId ?? "",
configName: binding?.configName ?? "",
isEnabled: binding?.isEnabled ?? true
};
}
export function trimAiOptionalValue(value: string): string | undefined {
const normalized = value.trim();
return normalized.length > 0 ? normalized : undefined;
}
export function buildAiBindingPayload(
channel: Exclude<WebAiChannel, "PUBLIC_POOL">,
formState: AiBindingFormState,
currentBinding: WebAiBindingSummary | null
): UpsertWebAiBindingInput {
return {
channel,
providerName: trimAiOptionalValue(formState.providerName),
model: trimAiOptionalValue(formState.model),
endpoint: trimAiOptionalValue(formState.endpoint),
configId: trimAiOptionalValue(formState.configId),
configName: trimAiOptionalValue(formState.configName),
apiKey: trimAiOptionalValue(formState.apiKey) ?? undefined,
isEnabled: formState.isEnabled ?? currentBinding?.isEnabled ?? true
};
}
apps/web/src/components/editor/resizable-media-node-view.tsx
+283
View File
@@ -0,0 +1,283 @@
import { useEffect, useRef, useState } from "react";
import { NodeViewWrapper, type NodeViewProps } from "@tiptap/react";
import { cn } from "@/lib/utils";
type MediaAlign = "left" | "center" | "right";
type MediaKind = "image" | "video" | "youtube";
type ResizeSide = "left" | "right";
type ResizableMediaNodeViewProps = NodeViewProps & {
mediaKind: MediaKind;
};
type HandleDescriptor = {
key: string;
side: ResizeSide;
className: string;
};
const HANDLE_DESCRIPTORS: HandleDescriptor[] = [
{
key: "top-left",
side: "left",
className: "-left-1.5 -top-1.5 cursor-ew-resize"
},
{
key: "bottom-left",
side: "left",
className: "-bottom-1.5 -left-1.5 cursor-ew-resize"
},
{
key: "top-right",
side: "right",
className: "-right-1.5 -top-1.5 cursor-ew-resize"
},
{
key: "bottom-right",
side: "right",
className: "-bottom-1.5 -right-1.5 cursor-ew-resize"
}
];
function clamp(value: number, min: number, max: number): number {
return Math.min(Math.max(value, min), max);
}
function readWidthPercent(value: unknown): number {
const numericValue = typeof value === "number" ? value : Number(value);
if (Number.isNaN(numericValue)) {
return 100;
}
return clamp(numericValue, 25, 100);
}
function readAlign(value: unknown): MediaAlign {
if (value === "left" || value === "right" || value === "center") {
return value;
}
return "center";
}
function resolveAlignClass(align: MediaAlign): string {
if (align === "left") {
return "mr-auto";
}
if (align === "right") {
return "ml-auto";
}
return "mx-auto";
}
function isStringValue(value: unknown): value is string {
return typeof value === "string" && value.trim().length > 0;
}
export function ResizableMediaNodeView({
editor,
getPos,
mediaKind,
node,
selected,
updateAttributes
}: ResizableMediaNodeViewProps) {
const [isResizing, setIsResizing] = useState(false);
const mediaFrameRef = useRef<HTMLDivElement | null>(null);
const cleanupResizeRef = useRef<(() => void) | null>(null);
const widthPercent = readWidthPercent(node.attrs.widthPercent);
const align = readAlign(node.attrs.align);
const src = isStringValue(node.attrs.src) ? node.attrs.src : "";
const alt = isStringValue(node.attrs.alt) ? node.attrs.alt : "";
const title = isStringValue(node.attrs.title) ? node.attrs.title : "";
const showControls = selected || isResizing;
useEffect(() => {
return () => {
cleanupResizeRef.current?.();
};
}, []);
function selectCurrentNode(): void {
const position = getPos();
if (typeof position !== "number") {
return;
}
editor.chain().focus().setNodeSelection(position).run();
}
function applyAlign(nextAlign: MediaAlign): void {
selectCurrentNode();
updateAttributes({ align: nextAlign });
}
function startResize(side: ResizeSide) {
return (event: React.PointerEvent<HTMLButtonElement>): void => {
event.preventDefault();
event.stopPropagation();
selectCurrentNode();
const mediaFrame = mediaFrameRef.current;
const editorRoot = mediaFrame?.closest(".ProseMirror") as HTMLElement | null;
if (!mediaFrame || !editorRoot) {
return;
}
const startX = event.clientX;
const startWidth = mediaFrame.getBoundingClientRect().width;
const maxWidth = Math.max(editorRoot.clientWidth - 24, 240);
const handlePointerMove = (moveEvent: PointerEvent): void => {
const delta = moveEvent.clientX - startX;
const resizedWidth = side === "right" ? startWidth + delta : startWidth - delta;
const nextWidth = clamp(resizedWidth, 180, maxWidth);
const nextWidthPercent = clamp((nextWidth / maxWidth) * 100, 25, 100);
updateAttributes({
widthPercent: Math.round(nextWidthPercent)
});
};
const handlePointerUp = (): void => {
cleanupResizeRef.current?.();
cleanupResizeRef.current = null;
setIsResizing(false);
};
cleanupResizeRef.current = () => {
window.removeEventListener("pointermove", handlePointerMove);
window.removeEventListener("pointerup", handlePointerUp);
};
window.addEventListener("pointermove", handlePointerMove);
window.addEventListener("pointerup", handlePointerUp, { once: true });
setIsResizing(true);
};
}
function renderMediaContent() {
if (mediaKind === "image") {
return (
<img
src={src}
alt={alt}
title={title}
draggable={false}
className="block h-auto w-full rounded-xl object-contain"
/>
);
}
if (mediaKind === "youtube") {
return (
<div className="aspect-video w-full overflow-hidden rounded-xl bg-black">
<iframe
src={src}
title={title || "????"}
allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share"
allowFullScreen
className="h-full w-full border-0"
/>
</div>
);
}
return (
<video src={src} title={title} controls className="block h-auto w-full rounded-xl bg-black" />
);
}
return (
<NodeViewWrapper className="my-4" contentEditable={false}>
<div
ref={mediaFrameRef}
className={cn("relative transition-[width] duration-150", resolveAlignClass(align))}
style={{ width: `${widthPercent}%` }}
onMouseDown={selectCurrentNode}
>
{showControls ? (
<div className="absolute left-0 top-0 z-20 flex -translate-y-[calc(100%+8px)] items-center gap-1 rounded-lg border border-border bg-card/95 px-2 py-1 shadow-sm backdrop-blur">
<button
type="button"
className={cn(
"rounded px-1.5 py-0.5 text-[11px] transition-colors",
align === "left"
? "bg-primary/10 text-primary"
: "text-muted-foreground hover:bg-muted hover:text-foreground"
)}
onClick={() => applyAlign("left")}
>
?
</button>
<button
type="button"
className={cn(
"rounded px-1.5 py-0.5 text-[11px] transition-colors",
align === "center"
? "bg-primary/10 text-primary"
: "text-muted-foreground hover:bg-muted hover:text-foreground"
)}
onClick={() => applyAlign("center")}
>
?
</button>
<button
type="button"
className={cn(
"rounded px-1.5 py-0.5 text-[11px] transition-colors",
align === "right"
? "bg-primary/10 text-primary"
: "text-muted-foreground hover:bg-muted hover:text-foreground"
)}
onClick={() => applyAlign("right")}
>
?
</button>
<span className="pl-1 text-[11px] text-muted-foreground">{widthPercent}%</span>
</div>
) : null}
<div
className={cn(
"relative rounded-xl border bg-muted/20 transition-colors",
showControls ? "border-primary/40 ring-2 ring-primary/20" : "border-border/70"
)}
>
{(mediaKind === "video" || mediaKind === "youtube") && !showControls ? (
<button
type="button"
aria-label="????"
className="absolute inset-0 z-10 rounded-xl"
onClick={selectCurrentNode}
/>
) : null}
{renderMediaContent()}
</div>
{showControls
? HANDLE_DESCRIPTORS.map((handle) => (
<button
key={handle.key}
type="button"
aria-label="??????"
className={cn(
"absolute z-20 h-3 w-3 rounded-full border border-background bg-primary shadow-sm",
handle.className
)}
onPointerDown={startResize(handle.side)}
/>
))
: null}
</div>
</NodeViewWrapper>
);
}
apps/web/src/components/task-rich-editor.tsx
+608
View File
@@ -0,0 +1,608 @@
import { memo, useEffect, useRef, useState, type ChangeEvent } from "react";
import imageCompression from "browser-image-compression";
import type { Editor as TiptapEditor } from "@tiptap/core";
import Link from "@tiptap/extension-link";
import StarterKit from "@tiptap/starter-kit";
import { EditorContent, type JSONContent, useEditor, useEditorState } from "@tiptap/react";
import { ResizableImage } from "@/extensions/resizable-image";
import { ResizableVideo } from "@/extensions/resizable-video";
import { ResizableYoutube } from "@/extensions/resizable-youtube";
import { cn } from "@/lib/utils";
const MAX_IMAGE_UPLOAD_BYTES = 20 * 1024 * 1024;
const MAX_VIDEO_UPLOAD_BYTES = 10 * 1024 * 1024;
const EDITOR_CHANGE_DEBOUNCE_MS = 120;
type TaskRichEditorProps = {
valueJson: string | null;
textFallback: string;
onChange: (payload: { json: string | null; text: string }) => void;
};
type ToolbarButtonProps = {
label: string;
disabled?: boolean;
active?: boolean;
onClick: () => void;
};
type ToolbarState = {
bold: boolean;
italic: boolean;
heading: boolean;
bulletList: boolean;
link: boolean;
};
type EditorToolbarProps = {
editor: TiptapEditor | null;
onInsertImageUrl: () => void;
onOpenImageUpload: () => void;
onInsertVideoUrl: () => void;
onOpenVideoUpload: () => void;
onSetLink: () => void;
};
const DEFAULT_TOOLBAR_STATE: ToolbarState = {
bold: false,
italic: false,
heading: false,
bulletList: false,
link: false
};
const ToolbarButton = memo(function ToolbarButton({
label,
disabled = false,
active = false,
onClick
}: ToolbarButtonProps) {
return (
<button
type="button"
className={cn(
"rounded-md border px-2 py-1 text-xs transition-colors",
active
? "border-primary/50 bg-primary/10 text-primary"
: "border-border bg-background text-foreground hover:border-primary/25 hover:bg-primary/5",
disabled && "cursor-not-allowed opacity-50"
)}
onClick={onClick}
disabled={disabled}
>
{label}
</button>
);
});
const EditorToolbar = memo(function EditorToolbar({
editor,
onInsertImageUrl,
onOpenImageUpload,
onInsertVideoUrl,
onOpenVideoUpload,
onSetLink
}: EditorToolbarProps) {
const toolbarState =
useEditorState({
editor,
selector: ({ editor: currentEditor }) => {
if (!currentEditor) {
return DEFAULT_TOOLBAR_STATE;
}
return {
bold: currentEditor.isActive("bold"),
italic: currentEditor.isActive("italic"),
heading: currentEditor.isActive("heading", { level: 2 }),
bulletList: currentEditor.isActive("bulletList"),
link: currentEditor.isActive("link")
};
}
}) ?? DEFAULT_TOOLBAR_STATE;
const disabled = !editor;
return (
<div className="flex flex-wrap gap-1 rounded-t-lg border border-input border-b-0 bg-muted/30 px-2 py-2">
<ToolbarButton
label={"\u7c97\u4f53"}
disabled={disabled}
active={toolbarState.bold}
onClick={() => editor?.chain().focus().toggleBold().run()}
/>
<ToolbarButton
label={"\u659c\u4f53"}
disabled={disabled}
active={toolbarState.italic}
onClick={() => editor?.chain().focus().toggleItalic().run()}
/>
<ToolbarButton
label={"\u6807\u9898"}
disabled={disabled}
active={toolbarState.heading}
onClick={() => editor?.chain().focus().toggleHeading({ level: 2 }).run()}
/>
<ToolbarButton
label={"\u65e0\u5e8f\u5217\u8868"}
disabled={disabled}
active={toolbarState.bulletList}
onClick={() => editor?.chain().focus().toggleBulletList().run()}
/>
<ToolbarButton
label={"\u94fe\u63a5"}
disabled={disabled}
active={toolbarState.link}
onClick={onSetLink}
/>
<ToolbarButton label={"\u56fe\u7247 URL"} disabled={disabled} onClick={onInsertImageUrl} />
<ToolbarButton
label={"\u4e0a\u4f20\u56fe\u7247"}
disabled={disabled}
onClick={onOpenImageUpload}
/>
<ToolbarButton label={"\u89c6\u9891 URL"} disabled={disabled} onClick={onInsertVideoUrl} />
<ToolbarButton
label={"\u4e0a\u4f20\u89c6\u9891"}
disabled={disabled}
onClick={onOpenVideoUpload}
/>
</div>
);
});
function resolveEditorContent(
valueJson: string | null,
textFallback: string
): JSONContent | string {
if (valueJson) {
try {
return JSON.parse(valueJson) as JSONContent;
} catch {
return textFallback;
}
}
return textFallback;
}
function parseEditorJson(valueJson: string): JSONContent | null {
try {
return JSON.parse(valueJson) as JSONContent;
} catch {
return null;
}
}
function formatBytes(bytes: number): string {
if (bytes < 1024) {
return `${bytes} B`;
}
if (bytes < 1024 * 1024) {
return `${(bytes / 1024).toFixed(1)} KB`;
}
return `${(bytes / (1024 * 1024)).toFixed(2)} MB`;
}
function isYoutubeUrl(url: string): boolean {
return /(youtube\.com|youtu\.be)/i.test(url);
}
function readFileAsDataUrl(file: File): Promise<string> {
return new Promise((resolve, reject) => {
const reader = new FileReader();
reader.onload = () => {
if (typeof reader.result === "string") {
resolve(reader.result);
return;
}
reject(new Error("读取文件失败"));
};
reader.onerror = () => {
reject(new Error("读取文件失败"));
};
reader.readAsDataURL(file);
});
}
function createUploadToken(): string {
if (typeof crypto !== "undefined" && typeof crypto.randomUUID === "function") {
return crypto.randomUUID();
}
return `upload-${Date.now()}-${Math.random().toString(16).slice(2)}`;
}
function replaceMediaSourceByUploadToken(
editor: TiptapEditor,
uploadToken: string,
attributes: Record<string, string | number | null>
): boolean {
return editor.commands.command(({ tr, state }) => {
let updated = false;
state.doc.descendants((node, position) => {
if (node.attrs.uploadToken !== uploadToken) {
return true;
}
tr.setNodeMarkup(position, undefined, {
...node.attrs,
...attributes
});
updated = true;
return false;
});
return updated;
});
}
function removeMediaByUploadToken(editor: TiptapEditor, uploadToken: string): boolean {
return editor.commands.command(({ tr, state }) => {
let removed = false;
state.doc.descendants((node, position) => {
if (node.attrs.uploadToken !== uploadToken) {
return true;
}
tr.delete(position, position + node.nodeSize);
removed = true;
return false;
});
return removed;
});
}
export const TaskRichEditor = memo(function TaskRichEditor({
valueJson,
textFallback,
onChange
}: TaskRichEditorProps) {
const [mediaHint, setMediaHint] = useState<string | null>(null);
const imageInputRef = useRef<HTMLInputElement | null>(null);
const videoInputRef = useRef<HTMLInputElement | null>(null);
const changeTimeoutRef = useRef<number | null>(null);
const latestOnChangeRef = useRef(onChange);
const lastSyncedPayloadRef = useRef<{
json: string | null;
text: string;
}>({
json: valueJson,
text: textFallback
});
useEffect(() => {
latestOnChangeRef.current = onChange;
}, [onChange]);
function flushEditorChange(currentEditor: TiptapEditor): void {
const nextPayload = {
json: JSON.stringify(currentEditor.getJSON()),
text: currentEditor.getText()
};
if (
nextPayload.json === lastSyncedPayloadRef.current.json &&
nextPayload.text === lastSyncedPayloadRef.current.text
) {
return;
}
lastSyncedPayloadRef.current = nextPayload;
latestOnChangeRef.current(nextPayload);
}
function scheduleEditorChange(currentEditor: TiptapEditor): void {
if (changeTimeoutRef.current !== null) {
window.clearTimeout(changeTimeoutRef.current);
}
changeTimeoutRef.current = window.setTimeout(() => {
flushEditorChange(currentEditor);
changeTimeoutRef.current = null;
}, EDITOR_CHANGE_DEBOUNCE_MS);
}
const editor = useEditor({
extensions: [
StarterKit,
Link.configure({
openOnClick: true,
autolink: true,
linkOnPaste: true,
HTMLAttributes: {
rel: "noopener noreferrer",
target: "_blank"
}
}),
ResizableImage,
ResizableVideo,
ResizableYoutube.configure({
controls: true
})
],
content: resolveEditorContent(valueJson, textFallback),
editorProps: {
attributes: {
class:
"min-h-40 rounded-b-lg border border-t-0 border-input bg-background px-3 py-2 text-sm text-foreground outline-none"
}
},
shouldRerenderOnTransaction: false,
onUpdate({ editor: currentEditor }) {
scheduleEditorChange(currentEditor);
},
onBlur({ editor: currentEditor }) {
if (changeTimeoutRef.current !== null) {
window.clearTimeout(changeTimeoutRef.current);
changeTimeoutRef.current = null;
}
flushEditorChange(currentEditor);
}
});
useEffect(() => {
if (!editor) {
return;
}
if (
valueJson === lastSyncedPayloadRef.current.json &&
textFallback === lastSyncedPayloadRef.current.text
) {
return;
}
if (changeTimeoutRef.current !== null) {
window.clearTimeout(changeTimeoutRef.current);
changeTimeoutRef.current = null;
}
if (valueJson) {
const nextJson = parseEditorJson(valueJson);
if (!nextJson) {
if (editor.getText() !== textFallback) {
editor.commands.setContent(textFallback, { emitUpdate: false });
}
return;
}
editor.commands.setContent(nextJson, { emitUpdate: false });
lastSyncedPayloadRef.current = {
json: valueJson,
text: textFallback
};
return;
}
if (editor.getText() !== textFallback) {
editor.commands.setContent(textFallback, { emitUpdate: false });
}
lastSyncedPayloadRef.current = {
json: valueJson,
text: textFallback
};
}, [editor, textFallback, valueJson]);
useEffect(() => {
return () => {
if (changeTimeoutRef.current !== null) {
window.clearTimeout(changeTimeoutRef.current);
}
};
}, []);
async function handleImageFileChange(event: ChangeEvent<HTMLInputElement>): Promise<void> {
const file = event.target.files?.[0];
event.target.value = "";
if (!file || !editor) {
return;
}
if (file.size > MAX_IMAGE_UPLOAD_BYTES) {
setMediaHint(`图片过大,请选择小于 ${formatBytes(MAX_IMAGE_UPLOAD_BYTES)} 的文件。`);
return;
}
const uploadToken = createUploadToken();
const previewUrl = URL.createObjectURL(file);
editor
.chain()
.focus()
.insertContent({
type: "image",
attrs: {
src: previewUrl,
alt: file.name,
title: file.name,
widthPercent: 100,
align: "center",
uploadToken
}
})
.run();
try {
const compressedImage = await imageCompression(file, {
maxSizeMB: 1,
maxWidthOrHeight: 1920,
useWebWorker: true,
initialQuality: 0.8
});
const imageSource = await imageCompression.getDataUrlFromFile(compressedImage);
replaceMediaSourceByUploadToken(editor, uploadToken, {
src: imageSource,
alt: file.name,
title: file.name,
uploadToken: null
});
setMediaHint(null);
} catch {
removeMediaByUploadToken(editor, uploadToken);
setMediaHint("图片处理失败,请重试。");
} finally {
URL.revokeObjectURL(previewUrl);
}
}
async function handleVideoFileChange(event: ChangeEvent<HTMLInputElement>): Promise<void> {
const file = event.target.files?.[0];
event.target.value = "";
if (!file || !editor) {
return;
}
if (file.size > MAX_VIDEO_UPLOAD_BYTES) {
setMediaHint(`视频过大,请选择小于 ${formatBytes(MAX_VIDEO_UPLOAD_BYTES)} 的文件。`);
return;
}
const uploadToken = createUploadToken();
const previewUrl = URL.createObjectURL(file);
editor
.chain()
.focus()
.insertContent({
type: "video",
attrs: {
src: previewUrl,
title: file.name,
widthPercent: 100,
align: "center",
uploadToken
}
})
.run();
try {
const videoSource = await readFileAsDataUrl(file);
replaceMediaSourceByUploadToken(editor, uploadToken, {
src: videoSource,
title: file.name,
uploadToken: null
});
setMediaHint(null);
} catch {
removeMediaByUploadToken(editor, uploadToken);
setMediaHint("视频处理失败,请重试。");
} finally {
URL.revokeObjectURL(previewUrl);
}
}
function handleInsertImageUrl(): void {
if (!editor) {
return;
}
const url = window.prompt("请输入图片 URL");
if (!url) {
return;
}
editor
.chain()
.focus()
.setImage({
src: url
})
.run();
setMediaHint(null);
}
function handleInsertVideoUrl(): void {
if (!editor) {
return;
}
const url = window.prompt("请输入视频 URL");
if (!url) {
return;
}
if (isYoutubeUrl(url)) {
editor
.chain()
.focus()
.setYoutubeVideo({
src: url,
width: 640,
height: 360
})
.run();
setMediaHint(null);
return;
}
editor
.chain()
.focus()
.setVideo({
src: url
})
.run();
setMediaHint(null);
}
return (
<div>
<input
ref={imageInputRef}
type="file"
accept="image/*"
className="hidden"
onChange={handleImageFileChange}
/>
<input
ref={videoInputRef}
type="file"
accept="video/*"
className="hidden"
onChange={handleVideoFileChange}
/>
<EditorToolbar
editor={editor}
onInsertImageUrl={handleInsertImageUrl}
onOpenImageUpload={() => imageInputRef.current?.click()}
onInsertVideoUrl={handleInsertVideoUrl}
onOpenVideoUpload={() => videoInputRef.current?.click()}
onSetLink={() => {
if (!editor) {
return;
}
const url = window.prompt("\u8bf7\u8f93\u5165\u94fe\u63a5\u5730\u5740");
if (!url) {
return;
}
editor.chain().focus().setLink({ href: url }).run();
}}
/>
<EditorContent editor={editor} />
{mediaHint ? <p className="mt-2 text-xs text-muted-foreground">{mediaHint}</p> : null}
</div>
);
});
apps/web/src/components/ui/button.tsx
+59
View File
@@ -0,0 +1,59 @@
/* eslint-disable react-refresh/only-export-components */
import { Button as ButtonPrimitive } from "@base-ui/react/button";
import { cva, type VariantProps } from "class-variance-authority";
import { cn } from "@/lib/utils";
const buttonVariants = cva(
"group/button inline-flex shrink-0 items-center justify-center rounded-lg border border-transparent bg-clip-padding text-sm font-medium whitespace-nowrap transition-all outline-none select-none focus-visible:border-ring focus-visible:ring-3 focus-visible:ring-ring/50 active:not-aria-[haspopup]:translate-y-px disabled:pointer-events-none disabled:opacity-50 aria-invalid:border-destructive aria-invalid:ring-3 aria-invalid:ring-destructive/20 dark:aria-invalid:border-destructive/50 dark:aria-invalid:ring-destructive/40 [&_svg]:pointer-events-none [&_svg]:shrink-0 [&_svg:not([class*='size-'])]:size-4",
{
variants: {
variant: {
default: "bg-primary text-primary-foreground [a]:hover:bg-primary/80",
outline:
"border-border bg-background hover:bg-muted hover:text-foreground aria-expanded:bg-muted aria-expanded:text-foreground dark:border-input dark:bg-input/30 dark:hover:bg-input/50",
secondary:
"bg-secondary text-secondary-foreground hover:bg-secondary/80 aria-expanded:bg-secondary aria-expanded:text-secondary-foreground",
ghost:
"hover:bg-muted hover:text-foreground aria-expanded:bg-muted aria-expanded:text-foreground dark:hover:bg-muted/50",
destructive:
"bg-destructive/10 text-destructive hover:bg-destructive/20 focus-visible:border-destructive/40 focus-visible:ring-destructive/20 dark:bg-destructive/20 dark:hover:bg-destructive/30 dark:focus-visible:ring-destructive/40",
link: "text-primary underline-offset-4 hover:underline"
},
size: {
default:
"h-8 gap-1.5 px-2.5 has-data-[icon=inline-end]:pr-2 has-data-[icon=inline-start]:pl-2",
xs: "h-6 gap-1 rounded-[min(var(--radius-md),10px)] px-2 text-xs in-data-[slot=button-group]:rounded-lg has-data-[icon=inline-end]:pr-1.5 has-data-[icon=inline-start]:pl-1.5 [&_svg:not([class*='size-'])]:size-3",
sm: "h-7 gap-1 rounded-[min(var(--radius-md),12px)] px-2.5 text-[0.8rem] in-data-[slot=button-group]:rounded-lg has-data-[icon=inline-end]:pr-1.5 has-data-[icon=inline-start]:pl-1.5 [&_svg:not([class*='size-'])]:size-3.5",
lg: "h-9 gap-1.5 px-2.5 has-data-[icon=inline-end]:pr-2 has-data-[icon=inline-start]:pl-2",
icon: "size-8",
"icon-xs":
"size-6 rounded-[min(var(--radius-md),10px)] in-data-[slot=button-group]:rounded-lg [&_svg:not([class*='size-'])]:size-3",
"icon-sm":
"size-7 rounded-[min(var(--radius-md),12px)] in-data-[slot=button-group]:rounded-lg",
"icon-lg": "size-9"
}
},
defaultVariants: {
variant: "default",
size: "default"
}
}
);
function Button({
className,
variant = "default",
size = "default",
...props
}: ButtonPrimitive.Props & VariantProps<typeof buttonVariants>) {
return (
<ButtonPrimitive
data-slot="button"
className={cn(buttonVariants({ variant, size, className }))}
{...props}
/>
);
}
export { Button, buttonVariants };
apps/web/src/extensions/resizable-image.tsx
+42
View File
@@ -0,0 +1,42 @@
import Image from "@tiptap/extension-image";
import { ReactNodeViewRenderer } from "@tiptap/react";
import { ResizableMediaNodeView } from "@/components/editor/resizable-media-node-view";
export const ResizableImage = Image.extend({
addAttributes() {
return {
...(this.parent?.() ?? {}),
widthPercent: {
default: 100,
parseHTML: (element: HTMLElement) =>
Number(element.getAttribute("data-width-percent") ?? 100),
renderHTML: (attributes: { widthPercent?: number }) => ({
"data-width-percent": attributes.widthPercent ?? 100
})
},
align: {
default: "center",
parseHTML: (element: HTMLElement) => element.getAttribute("data-align") ?? "center",
renderHTML: (attributes: { align?: string }) => ({
"data-align": attributes.align ?? "center"
})
},
uploadToken: {
default: null,
parseHTML: (element: HTMLElement) => element.getAttribute("data-upload-token"),
renderHTML: (attributes: { uploadToken?: string | null }) =>
attributes.uploadToken
? {
"data-upload-token": attributes.uploadToken
}
: {}
}
};
},
addNodeView() {
return ReactNodeViewRenderer((props) => (
<ResizableMediaNodeView {...props} mediaKind="image" />
));
}
});
apps/web/src/extensions/resizable-video.tsx
+99
View File
@@ -0,0 +1,99 @@
import { Node, mergeAttributes } from "@tiptap/core";
import { ReactNodeViewRenderer } from "@tiptap/react";
import { ResizableMediaNodeView } from "@/components/editor/resizable-media-node-view";
declare module "@tiptap/core" {
interface Commands<ReturnType> {
video: {
setVideo: (attributes: {
src: string;
title?: string | null;
widthPercent?: number;
align?: "left" | "center" | "right";
}) => ReturnType;
};
}
}
export const ResizableVideo = Node.create({
name: "video",
group: "block",
atom: true,
selectable: true,
draggable: true,
addAttributes() {
return {
src: {
default: null
},
title: {
default: null
},
widthPercent: {
default: 100,
parseHTML: (element: HTMLElement) =>
Number(element.getAttribute("data-width-percent") ?? 100),
renderHTML: (attributes: { widthPercent?: number }) => ({
"data-width-percent": attributes.widthPercent ?? 100
})
},
align: {
default: "center",
parseHTML: (element: HTMLElement) => element.getAttribute("data-align") ?? "center",
renderHTML: (attributes: { align?: string }) => ({
"data-align": attributes.align ?? "center"
})
},
uploadToken: {
default: null,
parseHTML: (element: HTMLElement) => element.getAttribute("data-upload-token"),
renderHTML: (attributes: { uploadToken?: string | null }) =>
attributes.uploadToken
? {
"data-upload-token": attributes.uploadToken
}
: {}
}
};
},
parseHTML() {
return [
{
tag: "video[src]"
}
];
},
renderHTML({ HTMLAttributes }) {
return [
"video",
mergeAttributes(HTMLAttributes, {
controls: "true"
})
];
},
addCommands() {
return {
setVideo:
(attributes) =>
({ commands }) =>
commands.insertContent({
type: this.name,
attrs: {
align: "center",
widthPercent: 100,
...attributes
}
})
};
},
addNodeView() {
return ReactNodeViewRenderer((props) => (
<ResizableMediaNodeView {...props} mediaKind="video" />
));
}
});
apps/web/src/extensions/resizable-youtube.tsx
+32
View File
@@ -0,0 +1,32 @@
import Youtube from "@tiptap/extension-youtube";
import { ReactNodeViewRenderer } from "@tiptap/react";
import { ResizableMediaNodeView } from "@/components/editor/resizable-media-node-view";
export const ResizableYoutube = Youtube.extend({
addAttributes() {
return {
...(this.parent?.() ?? {}),
widthPercent: {
default: 100,
parseHTML: (element: HTMLElement) =>
Number(element.getAttribute("data-width-percent") ?? 100),
renderHTML: (attributes: { widthPercent?: number }) => ({
"data-width-percent": attributes.widthPercent ?? 100
})
},
align: {
default: "center",
parseHTML: (element: HTMLElement) => element.getAttribute("data-align") ?? "center",
renderHTML: (attributes: { align?: string }) => ({
"data-align": attributes.align ?? "center"
})
}
};
},
addNodeView() {
return ReactNodeViewRenderer((props) => (
<ResizableMediaNodeView {...props} mediaKind="youtube" />
));
}
});
apps/web/src/hooks/use-sync-engine.ts
+296
View File
@@ -0,0 +1,296 @@
import { useCallback, useEffect, useMemo, useRef, useState } from "react";
import { useLiveQuery } from "dexie-react-hooks";
import {
countBlockedSyncOperations,
countPendingRemoteOperations,
countPendingSyncOperations,
getLocalSyncState
} from "@/services/local-sync-repo";
import type { WebSession } from "@/services/session-storage";
import { applyPendingRemoteOperations } from "@/services/sync-merge";
import { runSyncWorkerCycle } from "@/services/sync-worker";
const PERIODIC_SYNC_INTERVAL_MS = 30_000;
const MAX_RETRY_DELAY_MS = 60_000;
const BASE_RETRY_DELAY_MS = 2_000;
export type SyncEngineStatus = {
isOnline: boolean;
phase: "idle" | "syncing" | "offline" | "backoff" | "attention";
pendingCount: number;
blockedCount: number;
pendingRemoteCount: number;
lastSyncedAt: number | null;
nextRetryAt: number | null;
lastError: string | null;
};
function getErrorMessage(error: unknown): string {
if (error instanceof Error && error.message.trim()) {
return error.message;
}
return "同步失败,请稍后重试";
}
function calculateRetryDelay(attempt: number): number {
return Math.min(BASE_RETRY_DELAY_MS * 2 ** Math.max(attempt - 1, 0), MAX_RETRY_DELAY_MS);
}
export function useSyncEngine(session: WebSession | null): {
status: SyncEngineStatus;
triggerSync: () => void;
} {
const userId = session?.user.id ?? "";
const pendingCount = useLiveQuery(async () => countPendingSyncOperations(), [userId]) ?? 0;
const blockedCount = useLiveQuery(async () => countBlockedSyncOperations(), [userId]) ?? 0;
const pendingRemoteCount =
useLiveQuery(async () => {
if (!userId) {
return 0;
}
return countPendingRemoteOperations(userId);
}, [userId]) ?? 0;
const storedSyncState =
useLiveQuery(async () => {
if (!userId) {
return null;
}
return getLocalSyncState(userId);
}, [userId]) ?? null;
const [isOnline, setIsOnline] = useState(() => window.navigator.onLine);
const [phase, setPhase] = useState<SyncEngineStatus["phase"]>(
window.navigator.onLine ? "idle" : "offline"
);
const [lastError, setLastError] = useState<string | null>(null);
const [nextRetryAt, setNextRetryAt] = useState<number | null>(null);
const [lastSyncedAt, setLastSyncedAt] = useState<number | null>(null);
const retryAttemptRef = useRef(0);
const runningRef = useRef(false);
const mergeRunningRef = useRef(false);
useEffect(() => {
setLastSyncedAt(storedSyncState?.lastSyncedAt ?? null);
}, [storedSyncState]);
const runCycle = useCallback(async () => {
if (!userId || runningRef.current || !window.navigator.onLine) {
return;
}
runningRef.current = true;
setPhase("syncing");
setLastError(null);
setNextRetryAt(null);
try {
const result = await runSyncWorkerCycle(userId);
retryAttemptRef.current = 0;
setLastSyncedAt(result.lastSyncedAt);
if (result.hasFailures) {
const nextAttempt = retryAttemptRef.current + 1;
retryAttemptRef.current = nextAttempt;
const delay = calculateRetryDelay(nextAttempt);
setLastError(result.failureMessage ?? "同步失败");
setNextRetryAt(Date.now() + delay);
setPhase("backoff");
return;
}
setPhase(blockedCount > 0 ? "attention" : "idle");
} catch (error) {
const nextAttempt = retryAttemptRef.current + 1;
retryAttemptRef.current = nextAttempt;
const delay = calculateRetryDelay(nextAttempt);
setLastError(getErrorMessage(error));
setNextRetryAt(Date.now() + delay);
setPhase("backoff");
} finally {
runningRef.current = false;
}
}, [blockedCount, userId]);
const triggerSync = useCallback(() => {
void runCycle();
}, [runCycle]);
const runMerge = useCallback(async () => {
if (!userId || mergeRunningRef.current) {
return;
}
mergeRunningRef.current = true;
try {
await applyPendingRemoteOperations(userId);
if (!runningRef.current) {
setPhase((currentPhase) => {
if (!window.navigator.onLine) {
return "offline";
}
if (currentPhase === "backoff") {
return currentPhase;
}
return blockedCount > 0 ? "attention" : "idle";
});
}
} catch (error) {
setLastError(getErrorMessage(error));
setPhase("attention");
} finally {
mergeRunningRef.current = false;
}
}, [blockedCount, userId]);
useEffect(() => {
function handleOnline(): void {
setIsOnline(true);
setPhase(blockedCount > 0 ? "attention" : "idle");
void runCycle();
}
function handleOffline(): void {
setIsOnline(false);
setNextRetryAt(null);
setPhase("offline");
}
function handleVisibilityChange(): void {
if (document.visibilityState === "visible" && window.navigator.onLine) {
void runCycle();
}
}
window.addEventListener("online", handleOnline);
window.addEventListener("offline", handleOffline);
document.addEventListener("visibilitychange", handleVisibilityChange);
return () => {
window.removeEventListener("online", handleOnline);
window.removeEventListener("offline", handleOffline);
document.removeEventListener("visibilitychange", handleVisibilityChange);
};
}, [blockedCount, runCycle]);
useEffect(() => {
if (!userId || !isOnline) {
return;
}
if (pendingCount === 0 && pendingRemoteCount === 0) {
return;
}
void runCycle();
}, [isOnline, pendingCount, pendingRemoteCount, runCycle, userId]);
useEffect(() => {
if (!userId || !isOnline) {
return;
}
const intervalId = window.setInterval(() => {
void runCycle();
}, PERIODIC_SYNC_INTERVAL_MS);
return () => {
window.clearInterval(intervalId);
};
}, [isOnline, runCycle, userId]);
useEffect(() => {
if (!nextRetryAt || !isOnline) {
return;
}
const timeoutId = window.setTimeout(
() => {
void runCycle();
},
Math.max(nextRetryAt - Date.now(), 0)
);
return () => {
window.clearTimeout(timeoutId);
};
}, [isOnline, nextRetryAt, runCycle]);
useEffect(() => {
if (!userId || pendingRemoteCount === 0 || runningRef.current) {
return;
}
void runMerge();
}, [pendingRemoteCount, runMerge, userId]);
useEffect(() => {
if (!userId) {
setLastError(null);
setLastSyncedAt(null);
setNextRetryAt(null);
setPhase(window.navigator.onLine ? "idle" : "offline");
retryAttemptRef.current = 0;
}
}, [userId]);
const status = useMemo<SyncEngineStatus>(() => {
if (!isOnline) {
return {
isOnline,
phase: "offline",
pendingCount,
blockedCount,
pendingRemoteCount,
lastSyncedAt,
nextRetryAt: null,
lastError
};
}
if (blockedCount > 0 && phase !== "syncing") {
return {
isOnline,
phase: "attention",
pendingCount,
blockedCount,
pendingRemoteCount,
lastSyncedAt,
nextRetryAt,
lastError
};
}
return {
isOnline,
phase,
pendingCount,
blockedCount,
pendingRemoteCount,
lastSyncedAt,
nextRetryAt,
lastError
};
}, [
blockedCount,
isOnline,
lastError,
lastSyncedAt,
nextRetryAt,
pendingCount,
pendingRemoteCount,
phase
]);
return {
status,
triggerSync
};
}
apps/web/src/index.css
+77
View File
@@ -0,0 +1,77 @@
@import "@fontsource-variable/geist";
@tailwind base;
@tailwind components;
@tailwind utilities;
html {
height: 100%;
font-size: 120%;
}
:root {
--radius: 0.9rem;
--background: 246 100% 98%;
--foreground: 248 40% 18%;
--card: 0 0% 100%;
--border: 248 53% 89%;
--input: 248 48% 84%;
--ring: 246 53% 53%;
--primary: 246 53% 53%;
--primary-foreground: 0 0% 100%;
--secondary: 250 70% 94%;
--secondary-foreground: 248 40% 25%;
--muted: 249 78% 95%;
--muted-foreground: 248 17% 45%;
--accent: 173 56% 66%;
--accent-foreground: 248 40% 25%;
--destructive: 343 40% 50%;
--destructive-foreground: 0 0% 100%;
color-scheme: light;
font-family: "Geist Variable", "Noto Sans SC", sans-serif;
}
.dark {
--background: 248 46% 10%;
--foreground: 240 44% 96%;
--card: 249 41% 15%;
--border: 249 24% 30%;
--input: 249 23% 28%;
--ring: 246 76% 68%;
--primary: 246 76% 68%;
--primary-foreground: 248 43% 12%;
--secondary: 249 30% 24%;
--secondary-foreground: 240 38% 92%;
--muted: 249 29% 20%;
--muted-foreground: 247 16% 74%;
--accent: 173 52% 58%;
--accent-foreground: 248 43% 12%;
--destructive: 343 64% 58%;
--destructive-foreground: 0 0% 100%;
color-scheme: dark;
}
body {
margin: 0;
height: 100%;
overflow: hidden;
background:
radial-gradient(
1100px 620px at -12% -25%,
hsl(var(--primary) / 0.2),
hsl(var(--primary) / 0) 60%
),
radial-gradient(
900px 540px at 112% -14%,
hsl(var(--accent) / 0.35),
hsl(var(--accent) / 0) 58%
),
hsl(var(--background));
color: hsl(var(--foreground));
transition:
background-color 220ms ease,
color 220ms ease;
}
#root {
height: 100%;
}
apps/web/src/lib/utils.ts
+6
View File
@@ -0,0 +1,6 @@
import { clsx, type ClassValue } from "clsx";
import { twMerge } from "tailwind-merge";
export function cn(...inputs: ClassValue[]) {
return twMerge(clsx(inputs));
}
apps/web/src/main.tsx
+16
View File
@@ -0,0 +1,16 @@
import { StrictMode } from "react";
import { createRoot } from "react-dom/client";
import { BrowserRouter } from "react-router-dom";
import "./index.css";
import App from "./App.tsx";
import { applyThemeMode, loadThemeMode } from "@/services/theme-storage";
applyThemeMode(loadThemeMode());
createRoot(document.getElementById("root")!).render(
<StrictMode>
<BrowserRouter>
<App />
</BrowserRouter>
</StrictMode>
);

Some files were not shown because too many files have changed in this diff Show More