sub2api-cn-relay-manager/internal/store/sqlite at 4e2ee087fd5286f6e5cd9d9d0287b0e6ec147d53 - sub2api-cn-relay-manager - Gitea: Git with a cup of tea

niuniu/sub2api-cn-relay-manager

Files

History

phamnazage-jpg 4e2ee087fd feat(vNext.4): implement trusted-subject security chain for portal user key self-service

- Add portal_auth.go: Portal user session auth with HMAC-signed cookies
- Add /api/portal/session/{login,logout,state} endpoints
- Update nginx config template: cookie-to-header trusted proxy pattern
- Update frontend: sync CRM session on login/logout
- Add TRUSTED_SUBJECT_DEPLOY_GUIDE.md with remote43 deployment steps
- Update EXECUTION_BOARD.md: mark trusted-subject blocking issue as resolved

This implements the secure chain:
  Browser → Portal → nginx (cookie→header) → CRM (verify proxy secret)

Required remote43 actions:
1. Generate 64-char hex secret
2. Update .env.crm with TRUSTED_* config
3. Update nginx with cookie map and header injection
4. Restart services

Fixes EXECUTION_BOARD.md 2026-06-08 blocking issue

2026-06-09 07:48:03 +08:00

..

access_closure_records_repo_test.go

Expand coverage for runtime and sqlite paths

2026-05-23 10:55:57 +08:00

access_closure_records_repo.go

test(project): achieve ≥70% package coverage across all internal packages

2026-05-15 19:26:25 +08:00

db_test.go

feat(accounts): add provider account inventory api

2026-05-29 14:43:34 +08:00

db.go

feat(vnext2): close user key self-service on real host

2026-06-05 19:58:02 +08:00

edge_cases_test.go

test: 修 build-broken edge-case 测试

2026-06-02 20:38:29 +08:00

hosts_repo_test.go

Harden host deletion and test stability

2026-05-25 07:30:07 +08:00

hosts_repo.go

Harden host deletion and test stability

2026-05-25 07:30:07 +08:00

import_batches_repo_test.go

Expand coverage for runtime and sqlite paths

2026-05-23 10:55:57 +08:00

import_batches_repo.go

Complete batch import v2 runtime and host capability recovery

2026-05-23 09:18:02 +08:00

import_run_item_events_repo_test.go

Expand coverage for runtime and sqlite paths

2026-05-23 10:55:57 +08:00

import_run_item_events_repo.go

feat(store): complete v2 runtime state repositories

2026-05-22 14:37:08 +08:00

import_run_items_repo.go

Complete batch import v2 runtime and host capability recovery

2026-05-23 09:18:02 +08:00

import_runs_repo_test.go

test(quality): cover upsert validation and redis open branches

2026-05-30 18:48:20 +08:00

import_runs_repo.go

Complete batch import v2 runtime and host capability recovery

2026-05-23 09:18:02 +08:00

logical_group_models_repo.go

feat(routing): add logical group admin api

2026-05-28 15:57:34 +08:00

logical_group_route_models_repo.go

feat(routing): add logical group admin api

2026-05-28 15:57:34 +08:00

logical_group_routes_repo.go

feat(accounts): add explicit route binding workflow

2026-05-29 19:07:01 +08:00

logical_groups_repo_test.go

feat(portal): add logical group packaging config

2026-05-30 10:54:32 +08:00

logical_groups_repo.go

feat(portal): add logical group packaging config

2026-05-30 10:54:32 +08:00

managed_resources_repo.go

feat(control-plane): harden host-scoped reconcile and acceptance evidence

2026-05-18 22:22:22 +08:00

packs_repo_test.go

test: M-03 添加边界测试

2026-06-02 06:58:45 +08:00

packs_repo.go

feat(control-plane): harden host-scoped reconcile and acceptance evidence

2026-05-18 22:22:22 +08:00

probe_results_repo.go

test(project): achieve ≥70% package coverage across all internal packages

2026-05-15 19:26:25 +08:00

provider_accounts_repo_test.go

test(quality): cover sqlite redis and overlay edge branches

2026-05-30 18:28:03 +08:00

provider_accounts_repo.go

feat(accounts): add explicit route binding workflow

2026-05-29 19:07:01 +08:00

provider_accounts_sync.go

feat(status): suppress false negative provider readiness

2026-05-30 14:42:51 +08:00

provider_drafts_repo_test.go

feat(admin): persist provider drafts in crm

2026-05-27 21:49:12 +08:00

provider_drafts_repo.go

feat(admin): persist provider drafts in crm

2026-05-27 21:49:12 +08:00

providers_repo_test.go

test: M-01 替换测试代码中的 panic 为 t.Fatal

2026-06-02 06:56:30 +08:00

providers_repo.go

feat(batch): add live reuse admin verification flow

2026-05-27 20:23:42 +08:00

reconcile_runs_repo_test.go

Complete batch import v2 runtime and host capability recovery

2026-05-23 09:18:02 +08:00

reconcile_runs_repo.go

Complete batch import v2 runtime and host capability recovery

2026-05-23 09:18:02 +08:00

route_decision_logs_repo.go

feat(routing): add route log writer and admin api

2026-05-28 21:24:05 +08:00

route_failover_events_repo.go

feat(routing): add route log writer and admin api

2026-05-28 21:24:05 +08:00

route_logging_helpers.go

feat(routing): add route log writer and admin api

2026-05-28 21:24:05 +08:00

route_logging_repos_test.go

feat(routing): add route log writer and admin api

2026-05-28 21:24:05 +08:00

route_sticky_audit_repo.go

feat(routing): add route log writer and admin api

2026-05-28 21:24:05 +08:00

subject_rate_limits_repo.go

feat(vnext2): close user key self-service on real host

2026-06-05 19:58:02 +08:00

user_key_audit_events_repo.go

feat(vnext2): close user key self-service on real host

2026-06-05 19:58:02 +08:00

user_key_control_plane_repo_test.go

feat(vNext.4): implement trusted-subject security chain for portal user key self-service

2026-06-09 07:48:03 +08:00

user_keys_repo_test.go

feat(vnext2): add user key self-service skeleton

2026-06-05 11:45:17 +08:00

user_keys_repo.go

feat(vNext.4): implement trusted-subject security chain for portal user key self-service

2026-06-09 07:48:03 +08:00