feat(auth): switch signup to OTP verification flow

Replace legacy signup with start/verify/resend endpoints, add OTP-focused mail templates and auth rate limits, and align compose/env/runbook for local self-hosted Supabase OTP behavior.
2026-02-25 13:34:02 +08:00
parent 02e5e52e1f
commit 1cc8fa1abf
16 changed files with 707 additions and 112 deletions
@@ -12,7 +12,6 @@ SOCIAL_RUNTIME__SQL_LOG_QUERIES=false
 ############
 # Web 服务器配置（显式参数控制）
 ############
-SOCIAL_WEB__SERVER=gunicorn               # uvicorn | gunicorn (新键优先于 runtime.environment)
 SOCIAL_WEB__HOST=0.0.0.0
 SOCIAL_WEB__PORT=8000
 SOCIAL_WEB__RELOAD=false
@@ -115,8 +114,16 @@ SOCIAL_SUPABASE__SMTP_PORT=
 SOCIAL_SUPABASE__SMTP_USER=
 SOCIAL_SUPABASE__SMTP_PASS=
 SOCIAL_SUPABASE__SMTP_SENDER_NAME=
-SOCIAL_SUPABASE__MAILER_SUBJECTS_CONFIRMATION=Your verification code
-SOCIAL_SUPABASE__MAILER_SUBJECTS_RECOVERY=Reset your password
+
+#######
+# Auth 邮件模板 URL（本地默认走 mail-templates 静态服务）
+SOCIAL_SUPABASE__MAILER_TEMPLATES_CONFIRMATION=http://mail-templates/confirmation.html
+SOCIAL_SUPABASE__MAILER_TEMPLATES_RECOVERY=http://mail-templates/recovery.html
+
+#######
+# Auth 邮件主题（仅保留注册确认与重置密码）
+SOCIAL_SUPABASE__MAILER_SUBJECTS_CONFIRMATION=请确认你的注册邮箱
+SOCIAL_SUPABASE__MAILER_SUBJECTS_RECOVERY=重置你的账户密码
 SOCIAL_SUPABASE__MAILER_OTP_LENGTH=6
 SOCIAL_SUPABASE__MAILER_OTP_EXP=300