Chris
|
9da8a621b8
|
fix(login): switch frontend account login to oidc flow
|
2026-03-31 23:43:57 +08:00 |
|
Chris
|
2b303b18fc
|
feat(login): support both password and Google SSO entry on login page
|
2026-03-31 23:18:28 +08:00 |
|
Chris
|
27b3c495c4
|
refactor(identity): rename authentik_sub to user_sub and authentik_user_id to idp_user_id
|
2026-03-31 22:32:48 +08:00 |
|
Chris
|
22c71eff6f
|
feat(admin): add delete APIs and UI actions for all admin resources
|
2026-03-31 20:58:20 +08:00 |
|
Chris
|
c71003d244
|
fix(api-clients): fallback api-key hashing without argon2; show site/module parent display names
|
2026-03-31 20:35:04 +08:00 |
|
Chris
|
20a5973092
|
feat(admin): add api client management UI and backend CRUD/rotate endpoints
|
2026-03-30 23:28:27 +08:00 |
|
Chris
|
2fd202250d
|
feat(members): split username/display_name, sync updates to authentik, add password reset API and refresh docs
|
2026-03-30 22:15:41 +08:00 |
|
Chris
|
29e9d9fa28
|
refactor(auth): use group-only admin access and remove admin api-key flow from frontend/admin routes
|
2026-03-30 21:39:43 +08:00 |
|
Chris
|
d90862205c
|
feat(security): enforce admin allowlist guard on admin APIs and attach bearer for admin client
|
2026-03-30 21:25:57 +08:00 |
|
Chris
|
b9e9df350c
|
feat(keys): auto-generate entity keys and remove manual key input from admin create forms
|
2026-03-30 19:52:00 +08:00 |
|
Chris
|
ad09c8ff32
|
feat(admin): implement group-centric relations and system/module/company linkage views
|
2026-03-30 19:38:49 +08:00 |
|
Chris
|
4e23a5bff5
|
feat(flow): unify member-group-permission admin workflow and docs
|
2026-03-30 03:54:22 +08:00 |
|
Chris
|
5dd759d2cb
|
feat(flow): auto-resolve authentik sub and improve admin dropdown UX
|
2026-03-30 03:33:50 +08:00 |
|
Chris
|
0582b00f5f
|
feat(admin): add edit flows for all catalogs and member authentik sync
|
2026-03-30 03:25:53 +08:00 |
|
Chris
|
137861df1c
|
refactor(frontend): remove manual admin credential cards from permission pages
|
2026-03-30 03:06:31 +08:00 |
|
Chris
|
8f9abb52d4
|
fix(frontend): auto-attach admin api keys and normalize admin list payloads
|
2026-03-30 03:03:17 +08:00 |
|
Chris
|
653f856e18
|
refactor: Redesign navbar to single-row tab layout
- 單列 header(高度 56px),sticky top
- 左:logo 區(固定寬度,方便之後換圖)
- 中:tab 列,active 用藍色底線 + 淡藍底色
- 分隔用細豎線 | 區隔用戶與管理員 tab
- 右:輕量文字登出按鈕,不搶焦點
- NavTab 用行內 defineComponent 封裝,乾淨不額外建檔
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-03-30 02:58:38 +08:00 |
|
Chris
|
d80ab57795
|
refactor: Replace admin dropdown with flat tab navigation
導覽列重新設計:
- 上方 bar:品牌名 + 登出按鈕
- 下方 tab 列:我的資料、我的權限 | 權限管理、系統、模組、公司、站台、會員、群組
- 用戶 tab(藍色底線)與管理員 tab(靛色底線)視覺分組
- 支持 overflow-x scroll,小螢幕也可橫滑
- 移除 el-dropdown 依賴,改用純 router-link + button
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-03-30 02:56:19 +08:00 |
|
Chris
|
f3d5937d37
|
refactor: Fix UI/UX issues across admin pages
- App.vue: max-w-4xl → max-w-6xl(讓表格不被截斷)
- 新增 AdminCredsCard.vue 共用元件,消除兩個頁面的重複認證卡片
- PermissionAdminPage / PermissionGroupsPage 改用 AdminCredsCard
- 所有 el-table 的 slot="empty" 換成 <template #empty>(Vue 3 正確用法)
- 4 個管理頁 Dialog 補 el-form rules + formRef.validate()(取代手動 if 檢查)
- MembersPage: authentik_sub / email 欄位加 show-overflow-tooltip
- PermissionGroupsPage: 成功/失敗訊息由 <p> 改為 el-alert(統一樣式)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
2026-03-30 02:53:54 +08:00 |
|
Chris
|
e325642b5e
|
fix(frontend): validate oidc state in callback flow
|
2026-03-30 02:47:16 +08:00 |
|
Chris
|
7b3f5bd5b8
|
fix(frontend): harden auth routing and callback error handling
|
2026-03-30 02:46:35 +08:00 |
|
Chris
|
278c2b6c67
|
Upgrade frontend to Schema V2: Admin management pages
新增功能:
- OIDC 登入流程完整實現(LoginPage → AuthCallbackPage)
- 6 個管理頁面:系統、模組、公司、站台、會員、權限群組
- 權限群組管理:群組 CRUD + 綁定會員 + 群組授權/撤銷
- 新 API 層:systems、modules、companies、sites、members、permission-groups
- admin store:統一管理公共清單資料
調整既有頁面:
- PermissionSnapshotPage:表格新增 system 欄位
- PermissionAdminPage:
- 新增 system 必填欄位
- scope_type 改為 company/site 下拉選單
- module 改為選填(空值代表系統層權限)
- Router:補 6 條新管理路由
- App.vue:導覽列新增管理員群組下拉菜單
驗收條件達成:
✓ 可新增 system/module/company/site
✓ 可做用戶直接 grant/revoke(新 payload)
✓ 可建立 permission-group、加會員、群組 grant/revoke
✓ /me/permissions/snapshot 表格可顯示 system + module + action
Build:成功(0 errors)
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
|
2026-03-30 02:37:46 +08:00 |
|
Chris
|
2f064af689
|
fix: use stable callback redirect_uri for oidc login
|
2026-03-30 01:08:08 +08:00 |
|
Chris
|
eebb4beca6
|
fix: switch frontend login to authentik auth-code flow
|
2026-03-30 01:04:28 +08:00 |
|
Chris
|
b8652b76df
|
feat: add username-password login flow via authentik token endpoint
|
2026-03-30 00:52:09 +08:00 |
|
Chris
|
1884d2d947
|
chore: add local development env files and startup script
|
2026-03-29 23:34:34 +08:00 |
|
Chris
|
3d6b04d6e5
|
Init frontend: Vue 3 + Vite member.ose.tw
建立完整前端架構:
- 配置 Vite + Vue 3 + Element Plus + Tailwind
- 實作 API 模層(axios interceptor + Bearer/Key 認證)
- 狀態管理:auth store(用戶登入狀態)、permission store(權限快照 & Admin 認證)
- 路由守衛:/me* 需 Bearer token,/admin* 不強制
- 完成三個頁面:登入、我的資料、我的權限快照、權限 grant/revoke 管理
- 全面錯誤處理與 UI 提示(401/403/404/503 對應訊息)
Checklist 完成度:
✓ A.初始化(http.js、auth/permission store、.env)
✓ B.API 對接(/me、/me/permissions/snapshot、grant、revoke)
✓ C.頁面三組件
✓ D.行為驗證(Token 過期、自動刷新、錯誤提示)
✓ E.交付條件(獨立刷新、錯誤 UI、loading/success 狀態)
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
|
2026-03-29 23:26:58 +08:00 |
|