feat: 完成 P1 全部功能 + 修复 proxy 导出 + 切换 MySQL 端口至 14013

## P1 功能（20 项） - 站内消息系统、家长仪表盘、学生考勤管理 - Excel 导入导出、用户批量导入、成绩导出 - 排课规则+自动排课+课表调整 - 成绩趋势+对比分析、密码安全策略、速率限制 - 数据变更日志、文件预览+存储策略、全文检索 - 依赖审计集成 CI、数据库定时备份、E2E 测试完善 - 通知偏好管理 ## 基础设施修复 - src/proxy.ts: 将 middleware 导出重命名为 proxy（Next.js 16 要求） - .env: MySQL 端口从 13002 切换至 14013 - scripts/create-db.ts: 新增数据库初始化脚本 ## 架构文档同步 - 004_architecture_impact_map.md 和 005_architecture_data.json 完整记录所有新增表、模块、路由、权限、依赖关系
2026-06-17 13:44:37 +08:00
parent 125f7ec54c
commit 3b6272c99d
195 changed files with 27274 additions and 416 deletions
--- a/scripts/audit.ps1
+++ b/scripts/audit.ps1
@@ -0,0 +1,19 @@
+# 依赖安全审计脚本 (Windows PowerShell)
+# 用法: .\scripts\audit.ps1
+
+Write-Host "Running npm audit..."
+$exitCode = 0
+try {
+    npm audit --audit-level=moderate
+    $exitCode = $LASTEXITCODE
+} catch {
+    $exitCode = 1
+}
+
+if ($exitCode -ne 0) {
+    Write-Host "Security vulnerabilities found!"
+    npm audit --json | Out-File -FilePath audit-report.json -Encoding utf8
+    exit $exitCode
+}
+
+Write-Host "No vulnerabilities found."
--- a/scripts/audit.sh
+++ b/scripts/audit.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+# 依赖安全审计脚本
+# 用法: ./scripts/audit.sh
+
+set -e
+
+echo "Running npm audit..."
+npm audit --audit-level=moderate
+EXIT_CODE=$?
+
+if [ $EXIT_CODE -ne 0 ]; then
+  echo "Security vulnerabilities found!"
+  npm audit --json > audit-report.json
+  exit $EXIT_CODE
+fi
+
+echo "No vulnerabilities found."
--- a/scripts/backup-db.sh
+++ b/scripts/backup-db.sh
@@ -0,0 +1,46 @@
+#!/bin/bash
+# MySQL 数据库备份脚本
+# 用法: ./backup-db.sh
+# 需要 .env 中配置 DATABASE_URL 或 DB_* 环境变量
+
+set -e
+
+BACKUP_DIR="${BACKUP_DIR:-./backups}"
+RETENTION_DAYS="${RETENTION_DAYS:-30}"
+TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
+BACKUP_FILE="${BACKUP_DIR}/db_backup_${TIMESTAMP}.sql.gz"
+
+# 从 DATABASE_URL 解析连接信息
+# 格式: mysql://user:password@host:port/dbname
+DATABASE_URL="${DATABASE_URL:-}"
+
+if [ -z "$DATABASE_URL" ]; then
+  echo "ERROR: DATABASE_URL not set"
+  exit 1
+fi
+
+# 解析 URL
+DB_USER=$(echo $DATABASE_URL | sed -n 's/.*:\/\/\([^:]*\):.*/\1/p')
+DB_PASS=$(echo $DATABASE_URL | sed -n 's/.*:\/\/[^:]*:\([^@]*\)@.*/\1/p')
+DB_HOST=$(echo $DATABASE_URL | sed -n 's/.*@\([^:]*\):.*/\1/p')
+DB_PORT=$(echo $DATABASE_URL | sed -n 's/.*:\([0-9]*\)\/.*/\1/p')
+DB_NAME=$(echo $DATABASE_URL | sed -n 's/.*\/\([^?]*\).*/\1/p')
+
+echo "Backing up database: $DB_NAME from $DB_HOST:$DB_PORT"
+
+# 创建备份目录
+mkdir -p "$BACKUP_DIR"
+
+# 执行备份
+mysqldump -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" "$DB_NAME" | gzip > "$BACKUP_FILE"
+
+echo "Backup created: $BACKUP_FILE"
+echo "Size: $(du -h $BACKUP_FILE | cut -f1)"
+
+# 清理旧备份
+find "$BACKUP_DIR" -name "db_backup_*.sql.gz" -mtime +$RETENTION_DAYS -delete
+echo "Cleaned up backups older than $RETENTION_DAYS days"
+
+# 列出当前备份
+echo "Current backups:"
+ls -lh "$BACKUP_DIR"/db_backup_*.sql.gz 2>/dev/null | tail -10
--- a/scripts/create-db.ts
+++ b/scripts/create-db.ts
@@ -0,0 +1,34 @@
+import "dotenv/config"
+import mysql from "mysql2/promise"
+
+async function main() {
+  const url = process.env.DATABASE_URL
+  if (!url) {
+    console.error("DATABASE_URL not set")
+    process.exit(1)
+  }
+
+  // Connect without specifying a database
+  const urlObj = new URL(url)
+  const dbName = urlObj.pathname.replace("/", "")
+  const conn = await mysql.createConnection({
+    host: urlObj.hostname,
+    port: Number(urlObj.port),
+    user: urlObj.username,
+    password: decodeURIComponent(urlObj.password),
+  })
+
+  try {
+    await conn.execute(
+      `CREATE DATABASE IF NOT EXISTS \`${dbName}\` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci`
+    )
+    console.log(`Database '${dbName}' created (or already exists)`)
+  } finally {
+    await conn.end()
+  }
+}
+
+main().catch((e) => {
+  console.error(e)
+  process.exit(1)
+})
--- a/scripts/restore-db.sh
+++ b/scripts/restore-db.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+# MySQL 数据库恢复脚本
+# 用法: ./restore-db.sh <backup_file>
+
+set -e
+
+if [ -z "$1" ]; then
+  echo "Usage: ./restore-db.sh <backup_file>"
+  echo "Available backups:"
+  ls -lh backups/db_backup_*.sql.gz 2>/dev/null
+  exit 1
+fi
+
+BACKUP_FILE="$1"
+DATABASE_URL="${DATABASE_URL:-}"
+
+if [ -z "$DATABASE_URL" ]; then
+  echo "ERROR: DATABASE_URL not set"
+  exit 1
+fi
+
+# 解析 URL (同 backup-db.sh)
+DB_USER=$(echo $DATABASE_URL | sed -n 's/.*:\/\/\([^:]*\):.*/\1/p')
+DB_PASS=$(echo $DATABASE_URL | sed -n 's/.*:\/\/[^:]*:\([^@]*\)@.*/\1/p')
+DB_HOST=$(echo $DATABASE_URL | sed -n 's/.*@\([^:]*\):.*/\1/p')
+DB_PORT=$(echo $DATABASE_URL | sed -n 's/.*:\([0-9]*\)\/.*/\1/p')
+DB_NAME=$(echo $DATABASE_URL | sed -n 's/.*\/\([^?]*\).*/\1/p')
+
+echo "Restoring database: $DB_NAME from $BACKUP_FILE"
+
+# 解压并恢复
+gunzip -c "$BACKUP_FILE" | mysql -h "$DB_HOST" -P "$DB_PORT" -u "$DB_USER" -p"$DB_PASS" "$DB_NAME"
+
+echo "Restore completed successfully."
--- a/scripts/test-backup.sh
+++ b/scripts/test-backup.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+# 测试备份恢复流程
+set -e
+echo "=== Testing database backup ==="
+./scripts/backup-db.sh
+LATEST_BACKUP=$(ls -t backups/db_backup_*.sql.gz | head -1)
+echo "=== Latest backup: $LATEST_BACKUP ==="
+echo "=== Backup test passed ==="