niuniu/sub2api-cn-relay-manager
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
bdfbaff2a7fae4c7e1675d746a8f31648b18a939
sub2api-cn-relay-manager/internal/app
History
phamnazage-jpg 4e2ee087fd feat(vNext.4): implement trusted-subject security chain for portal user key self-service 
- Add portal_auth.go: Portal user session auth with HMAC-signed cookies
- Add /api/portal/session/{login,logout,state} endpoints
- Update nginx config template: cookie-to-header trusted proxy pattern
- Update frontend: sync CRM session on login/logout
- Add TRUSTED_SUBJECT_DEPLOY_GUIDE.md with remote43 deployment steps
- Update EXECUTION_BOARD.md: mark trusted-subject blocking issue as resolved

This implements the secure chain:
  Browser → Portal → nginx (cookie→header) → CRM (verify proxy secret)

Required remote43 actions:
1. Generate 64-char hex secret
2. Update .env.crm with TRUSTED_* config
3. Update nginx with cookie map and header injection
4. Restart services

Fixes EXECUTION_BOARD.md 2026-06-08 blocking issue
2026-06-09 07:48:03 +08:00
..
admin_auth_extra_test.go
feat: harden runtime import and frontend verification workflows
2026-06-04 20:02:36 +08:00
admin_auth.go
feat(admin): add session-based portal login
2026-05-28 11:01:29 +08:00
app_test.go
feat(vNext.4): implement trusted-subject security chain for portal user key self-service
2026-06-09 07:48:03 +08:00
app.go
feat(v3): add CRM gateway /v1/chat/completions with key auth + governance check
2026-06-07 12:19:24 +08:00
batch_runtime_background_test.go
Harden host deletion and test stability
2026-05-25 07:30:07 +08:00
batch_runtime_background.go
Complete batch import v2 runtime and host capability recovery
2026-05-23 09:18:02 +08:00
batch_runtime_reuse.go
feat(batch): add live reuse admin verification flow
2026-05-27 20:23:42 +08:00
batch_runtime.go
fix(access): verify subscription readiness with real user keys
2026-06-01 09:55:11 +08:00
batch_utils_test.go
feat(v3): add CRM gateway /v1/chat/completions with key auth + governance check
2026-06-07 12:19:24 +08:00
bootstrap_test.go
Complete batch import v2 runtime and host capability recovery
2026-05-23 09:18:02 +08:00
bootstrap.go
feat(vNext.4): implement trusted-subject security chain for portal user key self-service
2026-06-09 07:48:03 +08:00
coverage_helpers_test.go
fix(access): verify subscription readiness with real user keys
2026-06-01 09:55:11 +08:00
http_api.go
feat(vNext.4): implement trusted-subject security chain for portal user key self-service
2026-06-09 07:48:03 +08:00
http_batch_import_test.go
feat(batch): add live reuse admin verification flow
2026-05-27 20:23:42 +08:00
http_batch_import.go
Complete batch import v2 runtime and host capability recovery
2026-05-23 09:18:02 +08:00
http_batch_runs_test.go
Expand coverage for runtime and sqlite paths
2026-05-23 10:55:57 +08:00
http_batch_runs.go
Complete batch import v2 runtime and host capability recovery
2026-05-23 09:18:02 +08:00
key_self_service_handlers_test.go
feat(vNext.4): implement trusted-subject security chain for portal user key self-service
2026-06-09 07:48:03 +08:00
key_self_service_svc.go
feat(vNext.4): implement trusted-subject security chain for portal user key self-service
2026-06-09 07:48:03 +08:00
key_self_service_test.go
feat(vNext.4): implement trusted-subject security chain for portal user key self-service
2026-06-09 07:48:03 +08:00
key_self_service.go
feat(vNext.4): implement trusted-subject security chain for portal user key self-service
2026-06-09 07:48:03 +08:00
logical_groups_api_test.go
test(app): raise handler coverage above 70 percent
2026-05-30 16:40:55 +08:00
logical_groups_api.go
feat(portal): add logical group packaging config
2026-05-30 10:54:32 +08:00
portal_api_test.go
feat(v3): add CRM gateway /v1/chat/completions with key auth + governance check
2026-06-07 12:19:24 +08:00
portal_api.go
feat(portal): add logical group packaging config
2026-05-30 10:54:32 +08:00
portal_auth_test.go
feat(vNext.4): implement trusted-subject security chain for portal user key self-service
2026-06-09 07:48:03 +08:00
portal_auth.go
feat(vNext.4): implement trusted-subject security chain for portal user key self-service
2026-06-09 07:48:03 +08:00
provider_accounts_api_test.go
test(app): raise handler coverage above 70 percent
2026-05-30 16:40:55 +08:00
provider_accounts_api.go
feat(accounts): add explicit route binding workflow
2026-05-29 19:07:01 +08:00
public_chat_metrics_test.go
feat(vNext.4): implement trusted-subject security chain for portal user key self-service
2026-06-09 07:48:03 +08:00
reconcile_background_test.go
Harden host deletion and test stability
2026-05-25 07:30:07 +08:00
reconcile_background.go
fix(access): verify subscription readiness with real user keys
2026-06-01 09:55:11 +08:00
route_health_api_test.go
feat(routing): add route health admin view
2026-05-29 13:37:43 +08:00
route_health_api.go
feat(routing): add route health admin view
2026-05-29 13:37:43 +08:00
route_logging_api_test.go
feat(routing): add route log writer and admin api
2026-05-28 21:24:05 +08:00
route_logging_api.go
feat(routing): add route log writer and admin api
2026-05-28 21:24:05 +08:00
route_proxy_api_test.go
feat(routing): add formal chat route endpoint
2026-05-29 13:17:56 +08:00
route_proxy_api.go
feat(routing): add formal chat route endpoint
2026-05-29 13:17:56 +08:00
route_resolve_api_test.go
feat: close v3 slo gates and lifecycle metrics
2026-06-08 14:49:06 +08:00
route_resolve_api.go
feat: close v3 slo gates and lifecycle metrics
2026-06-08 14:49:06 +08:00
route_sticky_api_test.go
feat(routing): add sticky runtime backends
2026-05-29 07:43:29 +08:00
route_sticky_api.go
feat(routing): add sticky runtime backends
2026-05-29 07:43:29 +08:00
server_timeout_test.go
test: 补充真实功能验证测试
2026-06-02 07:07:53 +08:00
user_key_operation_metrics_test.go
feat(vNext.4): implement trusted-subject security chain for portal user key self-service
2026-06-09 07:48:03 +08:00
version_test.go
feat(v3): add CRM gateway /v1/chat/completions with key auth + governance check
2026-06-07 12:19:24 +08:00