qzl/social-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
152 Commits 2 Branches 0 Tags
30a4a1af5d8ccefac89257652f4853ee546ab0ab
Commit Graph

37 Commits

Author SHA1 Message Date
qzl 30a4a1af5d fix(agent): polish interrupt-resume flow for merge readiness 2026-03-03 17:26:04 +08:00
qzl 7be8669144 refactor(agent): extract magic numbers to constants 2026-03-03 16:28:12 +08:00
qzl 9aefb76c9e fix(agent): address CRITICAL/HIGH security and validation issues 
- Fix SSE JSON injection: use json.dumps for safe serialization
- Add tool validation to dispatcher with allowlist
- Add field validation to tool_registry with proper error handling
- Add run_id consistency check (409 on mismatch)
- Add RunAgentInput constraints: min_length, extra=forbid
- Fix crewai_flow: use Field(default_factory), prefix unused params
 2026-03-03 16:25:43 +08:00
qzl f7df9d679f fix(agent): enforce tool security checks and audit logging 2026-03-03 16:01:04 +08:00
qzl 5bac134506 feat(agent): add sse run/resume endpoints with auth 2026-03-03 15:55:38 +08:00
qzl c76d4d415f fix(agent): serialize crewai flow stages and remove nested asyncio.run 2026-03-03 15:49:03 +08:00
qzl 3a64410641 feat(agent): add interrupt-aware tool dispatcher 2026-03-03 15:44:41 +08:00
qzl dedd23fdf9 fix(agent): enforce idempotent resume transition 2026-03-03 15:43:10 +08:00
qzl cff1436bc6 feat(agent): persist pending tool call in session snapshot 2026-03-03 15:39:56 +08:00
qzl e03923e593 feat(agent): add tool registry domain validation 2026-03-03 15:30:53 +08:00
qzl 17e6de177c refactor(agent): align chat schema with full run agent input 2026-03-03 15:29:46 +08:00
qzl 99d540a18d refactor: 重命名 agent_chat 模块为 agent 2026-03-02 11:13:20 +08:00
qzl b417bc800a Merge branch 'feature-calendar-sharing' into dev 2026-02-28 13:28:49 +08:00
qzl 62500160ae fix: add type annotations to PermissionBits 2026-02-28 13:26:20 +08:00
qzl c22692ed1d refactor: simplify code - extract constants, reduce complexity 2026-02-28 12:48:01 +08:00
qzl ce8cd1d31f fix: address CRITICAL security issues - permission escalation and encoding inconsistency 2026-02-28 12:40:40 +08:00
qzl 330589f702 Merge remote-tracking branch 'origin/feature/friendship' into dev 2026-02-28 12:22:18 +08:00
qzl 7a49783156 feat: add share calendar API 2026-02-28 12:15:59 +08:00
qzl 4c4f253c11 feat(friendships): implement dependencies and router with CRUD endpoints 2026-02-28 12:10:03 +08:00
qzl 709ae5ab73 feat: add inbox messages module for calendar invitations 2026-02-28 12:09:34 +08:00
qzl ea4a50d79c feat(friendships): add structured logging to FriendshipService 2026-02-28 12:08:01 +08:00
qzl 17551d662b feat(friendships): implement FriendshipService with TDD 
- Add send_request(), accept_request(), decline_request(), cancel_request()
- Add get_inbox(), get_outgoing_requests(), get_friends_list(), remove_friend()
- Add unit tests for all service methods (14 tests)
- Update FriendRequestResponse schema to include 'canceled' status
- Follow async SQLAlchemy patterns and BaseService conventions
 2026-02-28 12:01:57 +08:00
qzl 0dfc52cbf7 fix: improve friendships schemas type safety and consistency 2026-02-28 11:35:13 +08:00
qzl 9b48939de8 fix: address code review issues and improve code quality 
- Add owner_id check in repository delete operation
- Fix time range validation for partial updates
- Wrap pre-query in try/except for consistent error handling
- Use default_factory instead of mutable defaults
- Add max_length constraint for timezone field
- Remove unused dependencies and empty validators
- Extract magic numbers to constants
- Simplify update logic with model_dump
 2026-02-28 11:34:49 +08:00
qzl 50b38de488 feat: add schedule items CRUD API 
- Add ScheduleItem Pydantic schemas with metadata support
- Add repository layer with CRUD operations
- Add service layer with authorization
- Add FastAPI router with all endpoints
- Add unit and integration tests
- Update API documentation
 2026-02-28 11:34:49 +08:00
qzl 598c6c2ec5 feat(friendships): create module structure and schemas 2026-02-28 11:30:18 +08:00
qzl 80d04688fc feat: add invite code feature (create, validate, referrer tracking) 2026-02-27 17:27:55 +08:00
qzl e4e995854d feat: 实现密码重置功能与用户搜索API,优化注册登录流程 
- 新增忘记密码页面与重置密码确认流程(前端+后端)
- 修复注册验证码页登录跳转路由
- 新增用户搜索API(按邮箱查询)
- 简化infra脚本,统一为app.sh
- 补充密码重置与用户API测试覆盖
- 更新runtime文档与AGENTS配置
 2026-02-27 15:22:42 +08:00
qzl 3cab7b03f7 refactor: Phase 2 - rename routes to RESTful style 2026-02-26 13:41:32 +08:00
qzl 4b707c7da1 fix: add missing get_user_repository function 2026-02-26 13:36:34 +08:00
qzl 04726b42cb refactor: Phase 1 - rename and simplify backend schemas 2026-02-26 13:33:02 +08:00
qzl 11666e6492 fix(auth): validation toast and rate limit adjustment 2026-02-26 12:07:40 +08:00
qzl cd40b2b4f4 feat(agent-chat): complete core workflow and strengthen auth rate limiting 2026-02-25 16:51:12 +08:00
qzl 1cc8fa1abf feat(auth): switch signup to OTP verification flow 
Replace legacy signup with start/verify/resend endpoints, add OTP-focused mail templates and auth rate limits, and align compose/env/runbook for local self-hosted Supabase OTP behavior.
 2026-02-25 13:34:02 +08:00
qzl 7d6dda57c1 feat: complete auth/profile username migration and runtime safeguards 2026-02-25 10:20:43 +08:00
qzl 105cf82d21 fix: 恢复Celery配置 + 修复测试文件 
- 恢复 CelerySettings 和相关计算属性
- 修复 celery/app.py 调用 configure_celery_app 参数
- 创建 core/initialization/init_data.py stub
- 删除不完整的 test_auth_supabase_gateway.py
 2026-02-24 16:38:30 +08:00
qzl ad06fe7de4 refactor: align backend layout and supabase infra 
Consolidate backend modules/tests under the backend package while syncing Supabase compose/env config and related plans.
 2026-02-05 15:13:06 +08:00