192d0a15ec
feat(02-01): 新增 CredentialSlotAdminView(GET 脱敏 / PUT 全字段覆写)
...
- 1:1 复刻 RTCChatHistoryAPIView 单 URL 多方法 APIView 风格(不走 RetrieveUpdateAPIView)
- authentication_classes=[RedisTokenAuthentication]
- permission_classes=[IsAuthenticated] + view 内 _ensure_admin 二次校验 is_staff
(per RESEARCH.md:仓库零处 IsAdminTokenAuthenticated 类,沿用 AdminEmailLoginView 模式)
- _build_response_data helper 强制脱敏:data['access_token'] = mask_token(instance.access_token)
- GET / PUT 都走 _build_response_data,避免 PUT 直接 return success_response(data=serializer.data)
导致明文回显(CONTEXT.md / Pitfall 3 锁定)
- @swagger_auto_schema method-level 装饰:access_token 字段 description 显式标注脱敏掩码
- 顶部 import 追加:CredentialSlot / CredentialSlotSerializer / mask_token /
get_standardized_response_schema
2026-05-07 22:53:38 +08:00
6820fe7fd4
feat(02-01): 新增 CredentialSlotSerializer
...
- ModelSerializer 三字段: app_id / access_token / updated_at
- updated_at read_only 双重保险(模型层 auto_now=True 已兜底)
- app_id / access_token allow_blank=True / allow_null=False / required=False
与模型层 blank=True / default='' 对齐
- 脱敏不在 serializer 层做(per CONTEXT.md), 由 view 层 mask_token 完成
2026-05-07 22:52:12 +08:00
653f057b51
feat(01-02): aiapp/admin.py 注册 CredentialSlotAdmin(脱敏 + 单例新增 + 禁删)
...
- import 追加 CredentialSlot 与 common.utils.mask_token
- 新增 CredentialSlotAdmin(覆盖 CRED-02):
- list_display 含计算字段 access_token_masked(仅末 4 位明文)
- fieldsets 分「凭据信息」明文可写 + 「元数据」updated_at 只读折叠
- has_add_permission 已存在记录时返回 False(隐藏增加按钮)
- has_delete_permission 永远返回 False(含批量动作)
- 不修改既有 BotAdmin / ChatMessage 注册块
2026-05-07 17:42:36 +08:00
a475fe4600
feat(01-01): 自动生成并应用 0004_credentialslot 迁移
...
- 由 python manage.py makemigrations aiapp 自动生成(未手写)
- CreateModel(name='CredentialSlot') 含 id/app_id/access_token/updated_at 四列
- python manage.py migrate aiapp 退出码 0;showmigrations 显示 [X]
- shell 自检:首访 created=True app_id='' / 二次 save 后 count=1 obj2.pk=1
- N 次 save 守恒断言通过:CredentialSlot.objects.count() == 1
- 探针数据已写入 DB:pk=1 / app_id='probe_app' / access_token='probe_secret_xxxx'
(Plan 02 Task 2 浏览器 checkpoint 依赖此值,对应脱敏期望串 *************xxxx)
- 覆盖需求 CRED-01 数据库 schema 落地
2026-05-07 17:35:58 +08:00
30c7caff41
feat(01-01): aiapp 新增 CredentialSlot 单例模型
...
- 在 aiapp/models.py 末尾追加 CredentialSlot(不动 Bot / ChatMessage)
- 字段:app_id CharField(128) / access_token CharField(512) / updated_at auto_now
- 单例三件套:pk=1 + save() 钩子重定向 + get_solo() 类方法(1:1 复刻 AffinitySetting)
- 不引入 gettext_lazy / created_at,沿用仓库中文 verbose_name 实操约定
- 覆盖需求 CRED-01 模型层
2026-05-07 17:34:38 +08:00
c1722413ad
feat: update AI app, device interaction, and docs
...
- Update aiapp views
- Update device_interaction consumers and views
- Update docs
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 11:55:42 +08:00
29b4913723
feat: update RTC bot migration and device interaction consumers
...
Build and Deploy LTY / build-and-deploy (push) Successful in 9m19s
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-10 18:08:05 +08:00
59b178f8f4
feat: update AI app views/urls and add RTC bot migration
...
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-10 11:55:52 +08:00
bd95ba470c
feat: update admin panel, API modules, and add migrations
...
- Update food, outfits, props, home-decor pages and components
- Add permissions page and sidebar updates
- Update API client and all API modules (auth, food, dances, etc.)
- Add card model migrations for optional fields
- Update Django views, serializers, and authentication
- Add affinity level migrations and user app updates
- Add project documentation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-20 13:06:50 +08:00
0c610c1e49
first commit
2026-03-17 13:17:02 +08:00
