feat: 切换邮箱认证并重构前后端启动与门禁
This commit is contained in:
qzl
@@ -0,0 +1,20 @@
|
||||
# HTTP Error Codes
|
||||
|
||||
This document is the source of truth for backend RFC7807 `code` values consumed by frontend.
|
||||
|
||||
## Auth
|
||||
|
||||
| code | status | meaning | frontend handling |
|
||||
|---|---:|---|---|
|
||||
| `AUTH_SERVICE_UNAVAILABLE` | 503 | Auth upstream unavailable | Show retry message and allow retry |
|
||||
| `AUTH_TOO_MANY_REQUESTS` | 429 | OTP request throttled | Show wait message |
|
||||
| `AUTH_VERIFICATION_CODE_INVALID` | 401 | Invalid OTP code | Prompt user to re-enter code |
|
||||
| `AUTH_REFRESH_TOKEN_INVALID` | 401 | Invalid/expired refresh token | Clear local session and return login |
|
||||
| `AUTH_REFRESH_TOKEN_MISSING` | 401 | Refresh token missing on logout | Treat as local logout and clear session |
|
||||
| `AUTH_USER_NOT_FOUND` | 404 | User not found | Show not-found message where applicable |
|
||||
|
||||
Compatibility strategy:
|
||||
|
||||
- Additive changes only for new codes.
|
||||
- Existing codes must keep semantic meaning.
|
||||
- Frontend must map by `code`, not by `detail` text.
|
||||
Reference in New Issue
Block a user