From 27b3c495c4a5391c9c2319eb01c6b780dd5aec9b Mon Sep 17 00:00:00 2001
From: Chris <wtc.justin82@gmail.com>
Date: Tue, 31 Mar 2026 22:32:48 +0800
Subject: [PATCH] refactor(identity): rename authentik_sub to user_sub and
 authentik_user_id to idp_user_id

---
 src/api/members.js                            | 12 ++++-----
 src/pages/admin/MembersPage.vue               | 24 ++++++++---------
 src/pages/admin/ModulesPage.vue               |  2 +-
 src/pages/admin/PermissionGroupsPage.vue      |  6 ++---
 src/pages/admin/SystemsPage.vue               |  2 +-
 src/pages/permissions/PermissionAdminPage.vue | 26 +++++++++----------
 .../permissions/PermissionSnapshotPage.vue    |  2 +-
 7 files changed, 37 insertions(+), 37 deletions(-)

diff --git a/src/api/members.js b/src/api/members.js
index d7a5b10..06e426d 100644
--- a/src/api/members.js
+++ b/src/api/members.js
@@ -2,9 +2,9 @@ import { adminHttp } from './http'
 
 export const getMembers = () => adminHttp.get('/admin/members')
 export const upsertMember = (data) => adminHttp.post('/admin/members/upsert', data)
-export const updateMember = (authentikSub, data) => adminHttp.patch(`/admin/members/${authentikSub}`, data)
-export const deleteMember = (authentikSub) => adminHttp.delete(`/admin/members/${authentikSub}`)
-export const resetMemberPassword = (authentikSub) => adminHttp.post(`/admin/members/${authentikSub}/password/reset`)
-export const getMemberPermissionGroups = (authentikSub) => adminHttp.get(`/admin/members/${authentikSub}/permission-groups`)
-export const setMemberPermissionGroups = (authentikSub, groupKeys) =>
-  adminHttp.put(`/admin/members/${authentikSub}/permission-groups`, { group_keys: groupKeys })
+export const updateMember = (userSub, data) => adminHttp.patch(`/admin/members/${userSub}`, data)
+export const deleteMember = (userSub) => adminHttp.delete(`/admin/members/${userSub}`)
+export const resetMemberPassword = (userSub) => adminHttp.post(`/admin/members/${userSub}/password/reset`)
+export const getMemberPermissionGroups = (userSub) => adminHttp.get(`/admin/members/${userSub}/permission-groups`)
+export const setMemberPermissionGroups = (userSub, groupKeys) =>
+  adminHttp.put(`/admin/members/${userSub}/permission-groups`, { group_keys: groupKeys })
diff --git a/src/pages/admin/MembersPage.vue b/src/pages/admin/MembersPage.vue
index 8e9b051..24ba723 100644
--- a/src/pages/admin/MembersPage.vue
+++ b/src/pages/admin/MembersPage.vue
@@ -13,7 +13,7 @@
 
     <el-table v-else :data="members" stripe border class="w-full shadow-sm">
       <template #empty><el-empty description="目前無會員" /></template>
-      <el-table-column prop="authentik_sub" label="Authentik Sub" min-width="260" />
+      <el-table-column prop="user_sub" label="User Sub" min-width="260" />
       <el-table-column prop="username" label="Username" min-width="160" />
       <el-table-column prop="email" label="Email" min-width="220" />
       <el-table-column prop="display_name" label="顯示名稱" min-width="180" />
@@ -50,7 +50,7 @@
 
     <el-dialog v-model="showEditDialog" title="編輯會員" @close="resetEditForm">
       <el-form :model="editForm" label-width="120px">
-        <el-form-item label="Authentik Sub"><el-input :model-value="editForm.authentik_sub" disabled /></el-form-item>
+        <el-form-item label="User Sub"><el-input :model-value="editForm.user_sub" disabled /></el-form-item>
         <el-form-item label="Username"><el-input v-model="editForm.username" /></el-form-item>
         <el-form-item label="Email"><el-input v-model="editForm.email" /></el-form-item>
         <el-form-item label="顯示名稱"><el-input v-model="editForm.display_name" /></el-form-item>
@@ -110,7 +110,7 @@ const createRules = {
 const showEditDialog = ref(false)
 const saving = ref(false)
 const editForm = ref({
-  authentik_sub: '',
+  user_sub: '',
   username: '',
   email: '',
   display_name: '',
@@ -147,7 +147,7 @@ function resetCreateForm() {
 
 async function openEdit(row) {
   editForm.value = {
-    authentik_sub: row.authentik_sub,
+    user_sub: row.user_sub,
     username: row.username || '',
     email: row.email || '',
     display_name: row.display_name || '',
@@ -156,7 +156,7 @@ async function openEdit(row) {
     sync_to_authentik: true
   }
   try {
-    const res = await getMemberPermissionGroups(row.authentik_sub)
+    const res = await getMemberPermissionGroups(row.user_sub)
     editForm.value.group_keys = res.data?.group_keys || []
   } catch (err) {
     ElMessage.warning('載入會員群組失敗，仍可先編輯基本資料')
@@ -166,7 +166,7 @@ async function openEdit(row) {
 
 function resetEditForm() {
   editForm.value = {
-    authentik_sub: '',
+    user_sub: '',
     username: '',
     email: '',
     display_name: '',
@@ -182,7 +182,7 @@ async function handleCreate() {
   creating.value = true
   try {
     const created = await upsertMember({ ...createForm.value })
-    const createdSub = created.data?.authentik_sub
+    const createdSub = created.data?.user_sub
     if (createdSub && createForm.value.group_keys.length > 0) {
       await setMemberPermissionGroups(createdSub, createForm.value.group_keys)
     }
@@ -201,14 +201,14 @@ async function handleCreate() {
 async function handleEdit() {
   saving.value = true
   try {
-    await updateMember(editForm.value.authentik_sub, {
+    await updateMember(editForm.value.user_sub, {
       username: editForm.value.username || null,
       email: editForm.value.email || null,
       display_name: editForm.value.display_name || null,
       is_active: editForm.value.is_active,
       sync_to_authentik: editForm.value.sync_to_authentik
     })
-    await setMemberPermissionGroups(editForm.value.authentik_sub, editForm.value.group_keys || [])
+    await setMemberPermissionGroups(editForm.value.user_sub, editForm.value.group_keys || [])
     ElMessage.success('更新會員成功')
     showEditDialog.value = false
     await load()
@@ -222,7 +222,7 @@ async function handleEdit() {
 
 async function handleResetPassword(row) {
   try {
-    const res = await resetMemberPassword(row.authentik_sub)
+    const res = await resetMemberPassword(row.user_sub)
     const pwd = res.data?.temporary_password || ''
     if (!pwd) {
       ElMessage.success('密碼已重設')
@@ -239,11 +239,11 @@ async function handleResetPassword(row) {
 async function handleDelete(row) {
   try {
     await ElMessageBox.confirm(
-      `確認刪除會員 ${row.display_name || row.email || row.username || row.authentik_sub}？`,
+      `確認刪除會員 ${row.display_name || row.email || row.username || row.user_sub}？`,
       '刪除確認',
       { type: 'warning' }
     )
-    await deleteMember(row.authentik_sub)
+    await deleteMember(row.user_sub)
     ElMessage.success('刪除成功')
     await load()
   } catch (err) {
diff --git a/src/pages/admin/ModulesPage.vue b/src/pages/admin/ModulesPage.vue
index bc6271f..05426f9 100644
--- a/src/pages/admin/ModulesPage.vue
+++ b/src/pages/admin/ModulesPage.vue
@@ -85,7 +85,7 @@
         <el-tab-pane label="涉及會員" name="members">
           <el-table :data="relationMembers" border stripe v-loading="relationLoading">
             <template #empty><el-empty description="尚無關聯會員" /></template>
-            <el-table-column prop="authentik_sub" label="Authentik Sub" min-width="260" />
+            <el-table-column prop="user_sub" label="User Sub" min-width="260" />
             <el-table-column prop="email" label="Email" min-width="220" />
             <el-table-column prop="display_name" label="顯示名稱" min-width="160" />
             <el-table-column label="啟用" width="80">
diff --git a/src/pages/admin/PermissionGroupsPage.vue b/src/pages/admin/PermissionGroupsPage.vue
index a782f1d..f8525db 100644
--- a/src/pages/admin/PermissionGroupsPage.vue
+++ b/src/pages/admin/PermissionGroupsPage.vue
@@ -56,9 +56,9 @@
           <el-select v-model="bindingForm.member_subs" multiple filterable clearable style="width: 100%" placeholder="選擇會員">
             <el-option
               v-for="m in members"
-              :key="m.authentik_sub"
-              :label="`${m.display_name || m.email || '(no-name)'} (${m.authentik_sub})`"
-              :value="m.authentik_sub"
+              :key="m.user_sub"
+              :label="`${m.display_name || m.email || '(no-name)'} (${m.user_sub})`"
+              :value="m.user_sub"
             />
           </el-select>
         </el-form-item>
diff --git a/src/pages/admin/SystemsPage.vue b/src/pages/admin/SystemsPage.vue
index a37c1c8..f5d7fd9 100644
--- a/src/pages/admin/SystemsPage.vue
+++ b/src/pages/admin/SystemsPage.vue
@@ -77,7 +77,7 @@
         <el-tab-pane label="涉及會員" name="members">
           <el-table :data="relationMembers" border stripe v-loading="relationLoading">
             <template #empty><el-empty description="尚無關聯會員" /></template>
-            <el-table-column prop="authentik_sub" label="Authentik Sub" min-width="260" />
+            <el-table-column prop="user_sub" label="User Sub" min-width="260" />
             <el-table-column prop="email" label="Email" min-width="220" />
             <el-table-column prop="display_name" label="顯示名稱" min-width="160" />
             <el-table-column label="啟用" width="80">
diff --git a/src/pages/permissions/PermissionAdminPage.vue b/src/pages/permissions/PermissionAdminPage.vue
index 49bd5c1..95ffdb1 100644
--- a/src/pages/permissions/PermissionAdminPage.vue
+++ b/src/pages/permissions/PermissionAdminPage.vue
@@ -14,9 +14,9 @@
           class="max-w-xl mt-4"
           @submit.prevent="handleGrant"
         >
-          <el-form-item label="Authentik Sub" prop="authentik_sub">
-            <el-select v-model="grantForm.authentik_sub" filterable allow-create default-first-option placeholder="選擇會員或輸入 sub" style="width: 100%">
-              <el-option v-for="m in members" :key="m.authentik_sub" :label="`${m.display_name || m.email || '(no-name)'} (${m.authentik_sub})`" :value="m.authentik_sub" />
+          <el-form-item label="User Sub" prop="user_sub">
+            <el-select v-model="grantForm.user_sub" filterable allow-create default-first-option placeholder="選擇會員或輸入 sub" style="width: 100%">
+              <el-option v-for="m in members" :key="m.user_sub" :label="`${m.display_name || m.email || '(no-name)'} (${m.user_sub})`" :value="m.user_sub" />
             </el-select>
           </el-form-item>
           <el-form-item label="Email" prop="email">
@@ -91,9 +91,9 @@
           class="max-w-xl mt-4"
           @submit.prevent="handleRevoke"
         >
-          <el-form-item label="Authentik Sub" prop="authentik_sub">
-            <el-select v-model="revokeForm.authentik_sub" filterable allow-create default-first-option placeholder="選擇會員或輸入 sub" style="width: 100%">
-              <el-option v-for="m in members" :key="m.authentik_sub" :label="`${m.display_name || m.email || '(no-name)'} (${m.authentik_sub})`" :value="m.authentik_sub" />
+          <el-form-item label="User Sub" prop="user_sub">
+            <el-select v-model="revokeForm.user_sub" filterable allow-create default-first-option placeholder="選擇會員或輸入 sub" style="width: 100%">
+              <el-option v-for="m in members" :key="m.user_sub" :label="`${m.display_name || m.email || '(no-name)'} (${m.user_sub})`" :value="m.user_sub" />
             </el-select>
           </el-form-item>
           <el-form-item label="Scope 類型" prop="scope_type">
@@ -171,7 +171,7 @@
         <template #empty><el-empty description="目前沒有直接授權資料" /></template>
         <el-table-column prop="display_name" label="名稱" min-width="140" />
         <el-table-column prop="email" label="Email" min-width="200" />
-        <el-table-column prop="authentik_sub" label="Sub" min-width="200" />
+        <el-table-column prop="user_sub" label="Sub" min-width="200" />
         <el-table-column prop="scope_type" label="Scope" width="90" />
         <el-table-column prop="scope_id" label="Scope ID" min-width="120" />
         <el-table-column prop="system" label="系統" width="100" />
@@ -220,7 +220,7 @@ const grantError = ref('')
 const grantSuccess = ref('')
 
 const grantForm = reactive({
-  authentik_sub: '',
+  user_sub: '',
   email: '',
   display_name: '',
   scope_type: '',
@@ -251,7 +251,7 @@ const grantScopeOptions = computed(() => {
 
 const required = { required: true, message: '必填', trigger: 'blur' }
 const grantRules = {
-  authentik_sub: [required],
+  user_sub: [required],
   email: [required],
   display_name: [required],
   scope_type: [required],
@@ -291,7 +291,7 @@ const revokeError = ref('')
 const revokeSuccess = ref('')
 
 const revokeForm = reactive({
-  authentik_sub: '',
+  user_sub: '',
   scope_type: '',
   scope_id: '',
   system: '',
@@ -319,7 +319,7 @@ const revokeScopeOptions = computed(() => {
 })
 
 const revokeRules = {
-  authentik_sub: [required],
+  user_sub: [required],
   scope_type: [required],
   scope_id: [required],
   system: [required],
@@ -426,8 +426,8 @@ watch(() => grantForm.system, () => { grantForm.module = '' })
 watch(() => revokeForm.scope_type, () => { revokeForm.scope_id = '' })
 watch(() => revokeForm.system, () => { revokeForm.module = '' })
 
-watch(() => grantForm.authentik_sub, (sub) => {
-  const user = members.value.find(m => m.authentik_sub === sub)
+watch(() => grantForm.user_sub, (sub) => {
+  const user = members.value.find(m => m.user_sub === sub)
   if (!user) return
   grantForm.email = user.email || ''
   grantForm.display_name = user.display_name || ''
diff --git a/src/pages/permissions/PermissionSnapshotPage.vue b/src/pages/permissions/PermissionSnapshotPage.vue
index 59b5e94..69b543a 100644
--- a/src/pages/permissions/PermissionSnapshotPage.vue
+++ b/src/pages/permissions/PermissionSnapshotPage.vue
@@ -18,7 +18,7 @@
 
     <template v-if="snapshot">
       <p class="text-sm text-gray-500 mb-3">
-        Sub：<span class="font-mono">{{ snapshot.authentik_sub }}</span>
+        Sub：<span class="font-mono">{{ snapshot.user_sub }}</span>
       </p>
 
       <el-empty