d760b9ca10
Phase 1.1: API Token 认证中间件 - auth_middleware 新增 zclaw_ 前缀 token 分支 (SHA-256 验证) - 合并 token 自身权限与角色权限,异步更新 last_used_at - 添加 GET /api/v1/auth/me 端点返回当前用户信息 - get_role_permissions 改为 pub(crate) 供中间件调用 Phase 1.2: 真实 SSE 流式中转 - RelayResponse::Sse 改为 axum::body::Body (bytes_stream) - 流式请求超时提升至 300s,转发 SSE headers (Cache-Control, Connection) - 添加 futures 依赖用于 StreamExt Phase 1.3: 滑动窗口速率限制中间件 - 按 account_id 做 per-minute 限流 (默认 60 rpm + 10 burst) - 超限返回 429 + Retry-After header - RateLimitConfig 支持配置化,DashMap 存储时间戳 21 tests passed, zero warnings.
45 lines
1.1 KiB
TOML
45 lines
1.1 KiB
TOML
[package]
|
|
name = "zclaw-saas"
|
|
version.workspace = true
|
|
edition.workspace = true
|
|
description = "ZCLAW SaaS backend - account, API config, relay, migration"
|
|
|
|
[[bin]]
|
|
name = "zclaw-saas"
|
|
path = "src/main.rs"
|
|
|
|
[dependencies]
|
|
zclaw-types = { workspace = true }
|
|
|
|
tokio = { workspace = true }
|
|
futures = { workspace = true }
|
|
serde = { workspace = true }
|
|
serde_json = { workspace = true }
|
|
toml = { workspace = true }
|
|
thiserror = { workspace = true }
|
|
anyhow = { workspace = true }
|
|
uuid = { workspace = true }
|
|
chrono = { workspace = true }
|
|
tracing = { workspace = true }
|
|
tracing-subscriber = { workspace = true }
|
|
sqlx = { workspace = true }
|
|
libsqlite3-sys = { workspace = true }
|
|
reqwest = { workspace = true }
|
|
secrecy = { workspace = true }
|
|
sha2 = { workspace = true }
|
|
rand = { workspace = true }
|
|
dashmap = { workspace = true }
|
|
hex = { workspace = true }
|
|
url = "2"
|
|
|
|
axum = { workspace = true }
|
|
axum-extra = { workspace = true }
|
|
tower = { workspace = true }
|
|
tower-http = { workspace = true }
|
|
jsonwebtoken = { workspace = true }
|
|
argon2 = { workspace = true }
|
|
totp-rs = { workspace = true }
|
|
|
|
[dev-dependencies]
|
|
tempfile = { workspace = true }
|