787e64d9a9
严重 BUG 修复: - 修复 Token 过期后 hash 重定向导致无法跳转登录页 - 修复文章编辑器新建后提交审核使用错误 ID 安全加固: - HTML 清理函数替换为 ammonia 专业库(替代自定义解析器) - 文件上传添加 magic bytes 校验(防 Content-Type 伪造) - 登录添加账户级失败锁定(5次失败→15分钟锁定) - 审计日志 9 个关键更新操作补充变更前后值(with_changes) 功能缺陷修复: - 登录/登出时清理 API 缓存(防多账户数据污染) - 文章编辑器上传改用统一 HTTP 客户端(自动 token 刷新) - 添加全局 HTTP 错误处理和后端错误消息展示 - PrivateRoute 增加路由级权限检查(系统管理页面) - 健康数据三个 Tab 添加编辑/删除功能 - 预约创建增加排班可用性校验提示 - 医生详情 API 返回解密后的原始执照号 代码清理: - 删除未使用的 auth.ts refresh() 函数 - 删除重复的 AuthGuard.tsx 组件 - 删除未使用的 getHealthSummary API
116 lines
2.6 KiB
TOML
116 lines
2.6 KiB
TOML
[workspace]
|
|
resolver = "2"
|
|
members = [
|
|
"crates/erp-core",
|
|
"crates/erp-server",
|
|
"crates/erp-auth",
|
|
"crates/erp-workflow",
|
|
"crates/erp-message",
|
|
"crates/erp-config",
|
|
"crates/erp-server/migration",
|
|
"crates/erp-plugin-prototype",
|
|
"crates/erp-plugin-test-sample",
|
|
"crates/erp-plugin",
|
|
"crates/erp-plugin-crm",
|
|
"crates/erp-plugin-inventory",
|
|
"crates/erp-plugin-freelance",
|
|
"crates/erp-plugin-itops",
|
|
"crates/erp-health",
|
|
"crates/erp-ai",
|
|
]
|
|
|
|
[workspace.package]
|
|
version = "0.1.0"
|
|
edition = "2024"
|
|
license = "MIT"
|
|
|
|
[workspace.dependencies]
|
|
# Async
|
|
tokio = { version = "1", features = ["full"] }
|
|
|
|
# Web
|
|
axum = { version = "0.8", features = ["multipart"] }
|
|
tower = "0.5"
|
|
tower-http = { version = "0.6", features = ["cors", "trace", "compression-gzip", "fs"] }
|
|
|
|
# Database
|
|
sea-orm = { version = "1.1", features = [
|
|
"sqlx-postgres", "runtime-tokio-rustls", "macros", "with-uuid", "with-chrono", "with-json"
|
|
] }
|
|
sea-orm-migration = { version = "1.1", features = ["sqlx-postgres", "runtime-tokio-rustls"] }
|
|
|
|
# Serialization
|
|
serde = { version = "1", features = ["derive"] }
|
|
serde_json = "1"
|
|
|
|
# UUID & Time
|
|
uuid = { version = "1", features = ["v7", "serde"] }
|
|
chrono = { version = "0.4", features = ["serde"] }
|
|
|
|
# Error handling
|
|
thiserror = "2"
|
|
anyhow = "1"
|
|
|
|
# Logging
|
|
tracing = "0.1"
|
|
tracing-subscriber = { version = "0.3", features = ["env-filter", "json"] }
|
|
|
|
# Config
|
|
config = "0.14"
|
|
|
|
# Redis
|
|
redis = { version = "0.27", features = ["tokio-comp", "connection-manager"] }
|
|
|
|
# JWT
|
|
jsonwebtoken = "9"
|
|
|
|
# Password hashing
|
|
argon2 = "0.5"
|
|
|
|
# Cryptographic hashing (token storage)
|
|
sha2 = "0.10"
|
|
|
|
# API docs
|
|
utoipa = { version = "5", features = ["axum_extras", "uuid", "chrono"] }
|
|
# utoipa-swagger-ui 需要下载 GitHub 资源,网络受限时暂不使用
|
|
# utoipa-swagger-ui = { version = "8", features = ["axum"] }
|
|
|
|
# Validation
|
|
validator = { version = "0.19", features = ["derive"] }
|
|
|
|
# Async trait
|
|
async-trait = "0.1"
|
|
|
|
# HTTP client
|
|
reqwest = { version = "0.12", features = ["json", "stream"] }
|
|
|
|
# Crypto
|
|
aes = "0.8"
|
|
cbc = "0.1"
|
|
hex = "0.4"
|
|
|
|
# CSV and Excel export
|
|
csv = "1"
|
|
rust_xlsxwriter = "0.82"
|
|
|
|
# Internal crates
|
|
erp-core = { path = "crates/erp-core" }
|
|
erp-auth = { path = "crates/erp-auth" }
|
|
erp-workflow = { path = "crates/erp-workflow" }
|
|
erp-message = { path = "crates/erp-message" }
|
|
erp-config = { path = "crates/erp-config" }
|
|
erp-plugin = { path = "crates/erp-plugin" }
|
|
erp-health = { path = "crates/erp-health" }
|
|
erp-ai = { path = "crates/erp-ai" }
|
|
|
|
# Async streaming
|
|
futures = "0.3"
|
|
tokio-stream = "0.1"
|
|
async-stream = "0.3"
|
|
|
|
# Template engine
|
|
handlebars = "6"
|
|
|
|
# HTML sanitization
|
|
ammonia = "4"
|