fix(app): 家长同意验证流程 — PIPL 第28条合规
- 新增 ParentalConsentPage: 显示隐私政策要点 + 双重确认复选框 - 角色选择流程: 学生 → 家长同意确认 → 班级码输入 - Authenticated 状态: 添加 needsParentalConsent/parentalConsentAt/selectedRole - ParentalConsentAccepted 事件: 记录同意时间戳 - 路由守卫: 注册 /parental-consent 路径和重定向逻辑 - 非学生角色(老师/家长/独立用户)不需要经过同意流程 审计 ID: S-03
This commit is contained in:
iven
@@ -28,6 +28,7 @@ import '../../features/profile/views/profile_page.dart';
|
||||
import '../../features/editor/views/editor_page.dart';
|
||||
import '../../features/auth/views/login_page.dart';
|
||||
import '../../features/auth/views/role_selection_page.dart';
|
||||
import '../../features/auth/views/parental_consent_page.dart';
|
||||
import '../../features/auth/views/class_code_join_page.dart';
|
||||
import '../../features/onboarding/views/splash_page.dart';
|
||||
import '../../features/onboarding/views/onboarding_page.dart';
|
||||
@@ -49,7 +50,7 @@ final _rootNavigatorKey = GlobalKey<NavigatorState>();
|
||||
final _shellNavigatorKey = GlobalKey<NavigatorState>();
|
||||
|
||||
/// 不需要认证的白名单路径
|
||||
const _publicPaths = ['/splash', '/onboarding', '/login', '/role-selection', '/class-code'];
|
||||
const _publicPaths = ['/splash', '/onboarding', '/login', '/role-selection', '/parental-consent', '/class-code'];
|
||||
|
||||
/// 创建路由配置 — 需要注入 AuthBloc
|
||||
GoRouter createAppRouter(AuthBloc authBloc) {
|
||||
@@ -74,6 +75,7 @@ GoRouter createAppRouter(AuthBloc authBloc) {
|
||||
// 已认证 + 访问公开页面 → 根据状态重定向
|
||||
if (isAuthenticated && isPublicPath) {
|
||||
if (authState.needsRoleSelection) return '/role-selection';
|
||||
if (authState.needsParentalConsent) return '/parental-consent';
|
||||
if (authState.needsClassCode) return '/class-code';
|
||||
return '/home';
|
||||
}
|
||||
@@ -83,9 +85,14 @@ GoRouter createAppRouter(AuthBloc authBloc) {
|
||||
if (authState.needsRoleSelection && currentPath != '/role-selection') {
|
||||
return '/role-selection';
|
||||
}
|
||||
if (authState.needsParentalConsent &&
|
||||
currentPath != '/parental-consent') {
|
||||
return '/parental-consent';
|
||||
}
|
||||
if (authState.needsClassCode &&
|
||||
currentPath != '/class-code' &&
|
||||
currentPath != '/role-selection') {
|
||||
currentPath != '/role-selection' &&
|
||||
currentPath != '/parental-consent') {
|
||||
return '/class-code';
|
||||
}
|
||||
return null;
|
||||
@@ -125,6 +132,11 @@ GoRouter createAppRouter(AuthBloc authBloc) {
|
||||
name: 'roleSelection',
|
||||
builder: (context, state) => const RoleSelectionPage(),
|
||||
),
|
||||
GoRoute(
|
||||
path: '/parental-consent',
|
||||
name: 'parentalConsent',
|
||||
builder: (context, state) => const ParentalConsentPage(),
|
||||
),
|
||||
GoRoute(
|
||||
path: '/class-code',
|
||||
name: 'classCode',
|
||||
|
||||
@@ -34,6 +34,7 @@ class AuthBloc extends Bloc<AuthEvent, AuthState> {
|
||||
on<LoginRequested>(_onLoginRequested);
|
||||
on<RegisterRequested>(_onRegisterRequested);
|
||||
on<RoleSelected>(_onRoleSelected);
|
||||
on<ParentalConsentAccepted>(_onParentalConsentAccepted);
|
||||
on<ClassCodeSubmitted>(_onClassCodeSubmitted);
|
||||
on<LogoutRequested>(_onLogoutRequested);
|
||||
on<TokenRefreshed>(_onTokenRefreshed);
|
||||
@@ -124,16 +125,38 @@ class AuthBloc extends Bloc<AuthEvent, AuthState> {
|
||||
final currentState = state;
|
||||
if (currentState is! Authenticated) return;
|
||||
|
||||
// 学生角色需要先经过家长同意确认(PIPL 第28条)
|
||||
final needsParentalConsent = event.role == UserRoleType.student;
|
||||
|
||||
// 根据角色决定下一步
|
||||
final needsClassCode =
|
||||
event.role == UserRoleType.student || event.role == UserRoleType.parent;
|
||||
|
||||
emit(currentState.copyWith(
|
||||
needsRoleSelection: false,
|
||||
needsClassCode: needsClassCode,
|
||||
needsParentalConsent: needsParentalConsent,
|
||||
needsClassCode: needsClassCode && !needsParentalConsent,
|
||||
selectedRole: event.role,
|
||||
));
|
||||
|
||||
_logger.i('角色选择: ${event.role.name}, 需要班级码: $needsClassCode');
|
||||
_logger.i('角色选择: ${event.role.name}, 需要家长同意: $needsParentalConsent');
|
||||
}
|
||||
|
||||
/// 家长/监护人同意信息收集(PIPL 合规)
|
||||
Future<void> _onParentalConsentAccepted(
|
||||
ParentalConsentAccepted event,
|
||||
Emitter<AuthState> emit,
|
||||
) async {
|
||||
final currentState = state;
|
||||
if (currentState is! Authenticated) return;
|
||||
|
||||
_logger.i('家长同意已确认: ${event.consentAt}');
|
||||
|
||||
emit(currentState.copyWith(
|
||||
needsParentalConsent: false,
|
||||
needsClassCode: true,
|
||||
parentalConsentAt: event.consentAt,
|
||||
));
|
||||
}
|
||||
|
||||
/// 班级码加入
|
||||
|
||||
@@ -43,6 +43,12 @@ final class RoleSelected extends AuthEvent {
|
||||
const RoleSelected(this.role);
|
||||
}
|
||||
|
||||
/// 家长/监护人同意 PIPL 信息收集(审计 S-03)
|
||||
final class ParentalConsentAccepted extends AuthEvent {
|
||||
final DateTime consentAt;
|
||||
const ParentalConsentAccepted(this.consentAt);
|
||||
}
|
||||
|
||||
/// 班级码加入(学生/家长加入班级)
|
||||
final class ClassCodeSubmitted extends AuthEvent {
|
||||
final String classCode;
|
||||
|
||||
@@ -37,6 +37,9 @@ final class Authenticated extends AuthState {
|
||||
/// 是否需要角色选择(新注册用户还没有角色)
|
||||
final bool needsRoleSelection;
|
||||
|
||||
/// 是否需要家长/监护人同意(PIPL 第28条 — 学生角色)
|
||||
final bool needsParentalConsent;
|
||||
|
||||
/// 是否需要班级码加入(学生/家长角色)
|
||||
final bool needsClassCode;
|
||||
|
||||
@@ -46,27 +49,43 @@ final class Authenticated extends AuthState {
|
||||
/// 班级码验证错误信息
|
||||
final String? classCodeError;
|
||||
|
||||
/// 已选择的角色(角色选择后暂存)
|
||||
final UserRoleType? selectedRole;
|
||||
|
||||
/// 家长同意时间戳
|
||||
final DateTime? parentalConsentAt;
|
||||
|
||||
const Authenticated({
|
||||
required this.user,
|
||||
this.needsRoleSelection = false,
|
||||
this.needsParentalConsent = false,
|
||||
this.needsClassCode = false,
|
||||
this.isLoading = false,
|
||||
this.classCodeError,
|
||||
this.selectedRole,
|
||||
this.parentalConsentAt,
|
||||
});
|
||||
|
||||
Authenticated copyWith({
|
||||
User? user,
|
||||
bool? needsRoleSelection,
|
||||
bool? needsParentalConsent,
|
||||
bool? needsClassCode,
|
||||
bool? isLoading,
|
||||
String? classCodeError,
|
||||
UserRoleType? selectedRole,
|
||||
DateTime? parentalConsentAt,
|
||||
}) =>
|
||||
Authenticated(
|
||||
user: user ?? this.user,
|
||||
needsRoleSelection: needsRoleSelection ?? this.needsRoleSelection,
|
||||
needsParentalConsent:
|
||||
needsParentalConsent ?? this.needsParentalConsent,
|
||||
needsClassCode: needsClassCode ?? this.needsClassCode,
|
||||
isLoading: isLoading ?? this.isLoading,
|
||||
classCodeError: classCodeError,
|
||||
selectedRole: selectedRole ?? this.selectedRole,
|
||||
parentalConsentAt: parentalConsentAt ?? this.parentalConsentAt,
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
254
app/lib/features/auth/views/parental_consent_page.dart
Normal file
254
app/lib/features/auth/views/parental_consent_page.dart
Normal file
@@ -0,0 +1,254 @@
|
||||
// 家长同意确认页面 — PIPL 第28条合规
|
||||
//
|
||||
// 未满 14 岁用户选择"学生"角色后,必须经过家长/监护人确认。
|
||||
// 页面展示隐私政策要点,要求家长勾选同意并确认。
|
||||
|
||||
import 'package:flutter/material.dart';
|
||||
import 'package:flutter_bloc/flutter_bloc.dart';
|
||||
import 'package:go_router/go_router.dart';
|
||||
|
||||
import '../../../core/constants/design_tokens.dart';
|
||||
import '../../../core/theme/app_radius.dart';
|
||||
import '../bloc/auth_bloc.dart';
|
||||
|
||||
/// 家长同意确认页面
|
||||
class ParentalConsentPage extends StatefulWidget {
|
||||
const ParentalConsentPage({super.key});
|
||||
|
||||
@override
|
||||
State<ParentalConsentPage> createState() => _ParentalConsentPageState();
|
||||
}
|
||||
|
||||
class _ParentalConsentPageState extends State<ParentalConsentPage> {
|
||||
bool _consentGiven = false;
|
||||
bool _privacyPolicyAccepted = false;
|
||||
|
||||
@override
|
||||
Widget build(BuildContext context) {
|
||||
final theme = Theme.of(context);
|
||||
final canProceed = _consentGiven && _privacyPolicyAccepted;
|
||||
|
||||
return Scaffold(
|
||||
backgroundColor: theme.colorScheme.surface,
|
||||
appBar: AppBar(
|
||||
title: const Text('家长/监护人确认'),
|
||||
backgroundColor: theme.colorScheme.surface,
|
||||
),
|
||||
body: SafeArea(
|
||||
child: SingleChildScrollView(
|
||||
padding: const EdgeInsets.all(DesignTokens.spacing16),
|
||||
child: Column(
|
||||
crossAxisAlignment: CrossAxisAlignment.start,
|
||||
children: [
|
||||
// 标题
|
||||
Icon(
|
||||
Icons.shield_rounded,
|
||||
size: 48,
|
||||
color: theme.colorScheme.primary,
|
||||
),
|
||||
const SizedBox(height: DesignTokens.spacing12),
|
||||
Text(
|
||||
'儿童个人信息保护',
|
||||
style: theme.textTheme.headlineSmall?.copyWith(
|
||||
fontWeight: FontWeight.bold,
|
||||
),
|
||||
),
|
||||
const SizedBox(height: DesignTokens.spacing8),
|
||||
Text(
|
||||
'根据《中华人民共和国个人信息保护法》第28条,'
|
||||
'未满14周岁未成年人的个人信息处理需要取得父母或监护人的同意。',
|
||||
style: theme.textTheme.bodyMedium?.copyWith(
|
||||
color: theme.colorScheme.onSurfaceVariant,
|
||||
),
|
||||
),
|
||||
const SizedBox(height: DesignTokens.spacing24),
|
||||
|
||||
// 信息收集说明卡片
|
||||
_buildInfoCard(
|
||||
context,
|
||||
icon: Icons.info_outline_rounded,
|
||||
title: '我们会收集哪些信息',
|
||||
items: const [
|
||||
'昵称和年级(不收集真实姓名和身份证号)',
|
||||
'日记内容和手写笔画',
|
||||
'心情标签和照片',
|
||||
],
|
||||
),
|
||||
const SizedBox(height: DesignTokens.spacing12),
|
||||
|
||||
// 用途说明卡片
|
||||
_buildInfoCard(
|
||||
context,
|
||||
icon: Icons.security_rounded,
|
||||
title: '信息如何保护',
|
||||
items: const [
|
||||
'所有数据加密存储和传输',
|
||||
'仅用于日记记录和班级互动',
|
||||
'不会用于商业广告或分享给第三方',
|
||||
'您可以随时查阅、更正或删除孩子数据',
|
||||
],
|
||||
),
|
||||
const SizedBox(height: DesignTokens.spacing24),
|
||||
|
||||
// 同意复选框
|
||||
_buildCheckbox(
|
||||
value: _privacyPolicyAccepted,
|
||||
onChanged: (v) =>
|
||||
setState(() => _privacyPolicyAccepted = v ?? false),
|
||||
text: '我已阅读并同意《暖记隐私政策》和《儿童个人信息保护规则》',
|
||||
),
|
||||
const SizedBox(height: DesignTokens.spacing4),
|
||||
|
||||
_buildCheckbox(
|
||||
value: _consentGiven,
|
||||
onChanged: (v) => setState(() => _consentGiven = v ?? false),
|
||||
text: '我是该用户的家长/监护人,同意暖记收集和处理上述信息',
|
||||
),
|
||||
const SizedBox(height: DesignTokens.spacing32),
|
||||
|
||||
// 确认按钮
|
||||
SizedBox(
|
||||
width: double.infinity,
|
||||
child: FilledButton(
|
||||
onPressed: canProceed ? _onConfirm : null,
|
||||
style: FilledButton.styleFrom(
|
||||
padding: const EdgeInsets.symmetric(
|
||||
vertical: DesignTokens.spacing12,
|
||||
),
|
||||
shape: RoundedRectangleBorder(
|
||||
borderRadius: BorderRadius.circular(AppRadius.pill),
|
||||
),
|
||||
),
|
||||
child: const Text('确认同意,继续'),
|
||||
),
|
||||
),
|
||||
const SizedBox(height: DesignTokens.spacing8),
|
||||
|
||||
// 拒绝按钮
|
||||
SizedBox(
|
||||
width: double.infinity,
|
||||
child: OutlinedButton(
|
||||
onPressed: () => context.pop(),
|
||||
style: OutlinedButton.styleFrom(
|
||||
padding: const EdgeInsets.symmetric(
|
||||
vertical: DesignTokens.spacing12,
|
||||
),
|
||||
shape: RoundedRectangleBorder(
|
||||
borderRadius: BorderRadius.circular(AppRadius.pill),
|
||||
),
|
||||
),
|
||||
child: const Text('不同意,返回'),
|
||||
),
|
||||
),
|
||||
],
|
||||
),
|
||||
),
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
Widget _buildInfoCard(
|
||||
BuildContext context, {
|
||||
required IconData icon,
|
||||
required String title,
|
||||
required List<String> items,
|
||||
}) {
|
||||
final theme = Theme.of(context);
|
||||
return Card(
|
||||
elevation: 0,
|
||||
color: theme.colorScheme.surfaceContainerLow,
|
||||
shape: RoundedRectangleBorder(
|
||||
borderRadius: BorderRadius.circular(AppRadius.lg),
|
||||
),
|
||||
child: Padding(
|
||||
padding: const EdgeInsets.all(DesignTokens.spacing12),
|
||||
child: Column(
|
||||
crossAxisAlignment: CrossAxisAlignment.start,
|
||||
children: [
|
||||
Row(
|
||||
children: [
|
||||
Icon(icon, size: 20, color: theme.colorScheme.primary),
|
||||
const SizedBox(width: DesignTokens.spacing8),
|
||||
Text(
|
||||
title,
|
||||
style: theme.textTheme.titleSmall?.copyWith(
|
||||
fontWeight: FontWeight.w600,
|
||||
),
|
||||
),
|
||||
],
|
||||
),
|
||||
const SizedBox(height: DesignTokens.spacing8),
|
||||
...items.map(
|
||||
(item) => Padding(
|
||||
padding: const EdgeInsets.only(
|
||||
bottom: DesignTokens.spacing4,
|
||||
left: DesignTokens.spacing12,
|
||||
),
|
||||
child: Row(
|
||||
crossAxisAlignment: CrossAxisAlignment.start,
|
||||
children: [
|
||||
Text(
|
||||
'• ',
|
||||
style: theme.textTheme.bodySmall?.copyWith(
|
||||
color: theme.colorScheme.primary,
|
||||
),
|
||||
),
|
||||
Expanded(
|
||||
child: Text(
|
||||
item,
|
||||
style: theme.textTheme.bodySmall,
|
||||
),
|
||||
),
|
||||
],
|
||||
),
|
||||
),
|
||||
),
|
||||
],
|
||||
),
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
Widget _buildCheckbox({
|
||||
required bool value,
|
||||
required ValueChanged<bool?> onChanged,
|
||||
required String text,
|
||||
}) {
|
||||
final theme = Theme.of(context);
|
||||
return InkWell(
|
||||
onTap: () => onChanged(!value),
|
||||
borderRadius: BorderRadius.circular(AppRadius.md),
|
||||
child: Padding(
|
||||
padding: const EdgeInsets.symmetric(
|
||||
vertical: DesignTokens.spacing4,
|
||||
),
|
||||
child: Row(
|
||||
crossAxisAlignment: CrossAxisAlignment.start,
|
||||
children: [
|
||||
Checkbox(
|
||||
value: value,
|
||||
onChanged: onChanged,
|
||||
materialTapTargetSize: MaterialTapTargetSize.shrinkWrap,
|
||||
),
|
||||
const SizedBox(width: DesignTokens.spacing4),
|
||||
Expanded(
|
||||
child: Padding(
|
||||
padding: const EdgeInsets.only(top: 12),
|
||||
child: Text(
|
||||
text,
|
||||
style: theme.textTheme.bodySmall,
|
||||
),
|
||||
),
|
||||
),
|
||||
],
|
||||
),
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
/// 确认同意 — 发出事件继续注册流程
|
||||
void _onConfirm() {
|
||||
final consentAt = DateTime.now();
|
||||
context.read<AuthBloc>().add(ParentalConsentAccepted(consentAt));
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user