feat: 累积功能变更 — 聊天集成、租户管理、小程序更新、ETL 增强、迁移脚本

包含多个会话的累积代码变更： - backend: AI 聊天服务、触发器调度、认证增强、WebSocket、调度器最小间隔 - admin-web: ETL 状态页、任务管理、调度配置、登录优化 - miniprogram: 看板页面、聊天集成、UI 组件、导航更新 - etl: DWS 新任务（finance_area_daily/board_cache）、连接器增强 - tenant-admin: 项目初始化 - db: 19 个迁移脚本（etl_feiqiu 11 + zqyy_app 8） - packages/shared: 枚举和工具函数更新 - tools: 数据库工具、报表生成、健康检查 - docs: PRD/架构/部署/合约文档更新 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-06 00:03:48 +08:00
parent 70324d8542
commit 6f8f12314f
515 changed files with 76604 additions and 7456 deletions
--- a/apps/backend/app/routers/auth.py
+++ b/apps/backend/app/routers/auth.py
@@ -37,7 +37,7 @@ async def login(body: LoginRequest):
    try:
        with conn.cursor() as cur:
            cur.execute(
-                "SELECT id, password_hash, site_id, is_active "
+                "SELECT id, password_hash, site_id, is_active, roles "
                "FROM admin_users WHERE username = %s",
                (body.username,),
            )
@@ -51,7 +51,7 @@ async def login(body: LoginRequest):
            detail="用户名或密码错误",
        )

-    user_id, password_hash, site_id, is_active = row
+    user_id, password_hash, site_id, is_active, roles = row

    if not is_active:
        raise HTTPException(
@@ -65,7 +65,7 @@ async def login(body: LoginRequest):
            detail="用户名或密码错误",
        )

-    tokens = create_token_pair(user_id, site_id)
+    tokens = create_token_pair(user_id, site_id, roles=roles or [])
    return TokenResponse(**tokens)


@@ -88,8 +88,22 @@ async def refresh(body: RefreshRequest):
    user_id = int(payload["sub"])
    site_id = payload["site_id"]

+    # CHANGE 2026-03-24 | Prompt: 修复 refresh 丢失 roles | 刷新前查询数据库获取最新 roles
+    conn = get_connection()
+    try:
+        with conn.cursor() as cur:
+            cur.execute(
+                "SELECT roles FROM admin_users WHERE id = %s",
+                (user_id,),
+            )
+            row = cur.fetchone()
+    finally:
+        conn.close()
+
+    roles = row[0] if row else []
+
    # 生成新的 access_token，refresh_token 原样返回
-    new_access = create_access_token(user_id, site_id)
+    new_access = create_access_token(user_id, site_id, roles=roles or [])
    return TokenResponse(
        access_token=new_access,
        refresh_token=body.refresh_token,