Add authentication features for admin access

- Introduce a new `auth` module with login, logout, and user verification endpoints for a single admin user.
- Update backend routes to require admin authentication for sensitive operations, enhancing security.
- Modify frontend components to include an authentication provider and gate, ensuring only authorized users can access the application.
- Implement a login page for admin access, improving user experience and security management.
- Update API request handling to redirect unauthorized users to the login page, ensuring proper access control.
This commit is contained in:
Xin Wang
2026-07-09 23:27:50 +08:00
parent d857401ef3
commit 590cb33cbd
20 changed files with 534 additions and 29 deletions

View File

@@ -94,12 +94,15 @@ uv run --with-requirements requirements.txt \
### 4. 单独启动前端
前端也监听 `0.0.0.0``NEXT_PUBLIC_API_BASE_URL` 要写浏览器最终访问 nginx 的
https 地址,不要写 `:8000`:
前端也监听 `0.0.0.0``NEXT_PUBLIC_API_BASE_URL` 只有一个规则:
**写浏览器地址栏里访问 nginx 的同源地址**。如果地址栏带端口,这里也必须带端口;
如果地址栏不带端口,这里也不带端口。不要写后端直连端口 `:8000`
```bash
cd frontend
npm install
# nginx 使用默认 443 时:
NEXT_PUBLIC_API_BASE_URL=https://<远程机器IP或域名> \
npm run dev -- --hostname 0.0.0.0
```
@@ -146,7 +149,7 @@ docker run --rm --name ai-video-nginx \
访问:
```text
https://<远程机器IP或域名>
https://<远程机器IP或域名>:18189
```
### 6. 远程语音 / WebRTC 注意事项
@@ -174,11 +177,13 @@ TURN_SECRET=<同上>
## 前端怎么连后端
前端读环境变量 `NEXT_PUBLIC_API_BASE_URL`(compose 里已设)。走 nginx 后,
让它指向**同源**即可,ws 地址由它推导:
前端读环境变量 `NEXT_PUBLIC_API_BASE_URL`。走 nginx 后,让它等于浏览器访问
页面的 **origin** 即可。origin 包含协议、host 和可选端口:
```
NEXT_PUBLIC_API_BASE_URL = https://<访问用的host> # 同源,不再写 :8000
默认 443: NEXT_PUBLIC_API_BASE_URL=https://<访问用的host>
自定义端口: NEXT_PUBLIC_API_BASE_URL=https://<访问用的host>:18189
wsUrl = NEXT_PUBLIC_API_BASE_URL.replace(/^http/, 'ws') + '/ws/voice'
```