Improve local auth env handling and fallbacks

Allow local env files to reliably override authentication feature flags (SMS/WeChat) by whitelisting keys in scripts/dev-utils.mjs and adding a unit test. Add SMS checks to scripts/check-api-server-env.mjs. Make server config.parse_bool tolerant of shell-wrapped quoted values (e.g. '"true"') and add tests so SMS_AUTH_ENABLED is parsed correctly when shells supply quotes. Update docs to clarify SMS env behaviour, restart requirements, and add guidance + a CSS fallback for old mobile browsers (QQ/X5) so public cover images render even when aspect-ratio is unsupported. Also include related frontend test and component adjustments and add puzzle onboarding handlers/endpoints in server-rs/crates/api-server/src/puzzle.rs.
2026-05-18 23:13:49 +08:00
parent 4c10c181e3
commit d1adfa3406
22 changed files with 4309 additions and 52 deletions
--- a/scripts/check-api-server-env.mjs
+++ b/scripts/check-api-server-env.mjs
@@ -27,6 +27,10 @@ function printStatus(key, present) {
 const env = mergeApiServerEnv(process.cwd(), process.env);
 const missing = [];

+console.log('[api-server-env] 认证短信配置检查');
+printStatus('SMS_AUTH_ENABLED', env.SMS_AUTH_ENABLED === 'true');
+printStatus('SMS_AUTH_PROVIDER', hasValue(env.SMS_AUTH_PROVIDER));
+
 console.log('[api-server-env] 拼图真实生成配置检查');
 for (const key of REQUIRED_FOR_PUZZLE_GENERATION) {
  const present = hasValue(env[key]);
--- a/scripts/dev-utils.mjs
+++ b/scripts/dev-utils.mjs
@@ -2,6 +2,13 @@ import {existsSync, mkdirSync, readFileSync} from 'node:fs';
 import {dirname, isAbsolute, resolve} from 'node:path';

 export const LOCAL_ENV_FILES = ['.env', '.env.local', '.env.secrets.local'];
+const LOCAL_ENV_OVERRIDE_KEYS = new Set([
+  'SMS_AUTH_ENABLED',
+  'SMS_AUTH_PROVIDER',
+  'SMS_AUTH_MOCK_VERIFY_CODE',
+  'WECHAT_AUTH_ENABLED',
+  'WECHAT_AUTH_PROVIDER',
+]);

 export function buildProtectedEnvKeys(baseEnv) {
  return new Set(
@@ -29,7 +36,7 @@ export function loadEnvFile(path, target, protectedKeys) {
    }

    const [, key, rawValue] = match;
-    if (protectedKeys.has(key)) {
+    if (protectedKeys.has(key) && !LOCAL_ENV_OVERRIDE_KEYS.has(key)) {
      continue;
    }

--- a/scripts/dev-utils.test.ts
+++ b/scripts/dev-utils.test.ts
@@ -68,6 +68,26 @@ describe('dev utils env merge', () => {
    );
  });

+  test('本地认证开关覆盖外层 shell 旧值', () => {
+    withTempEnvFiles(
+      {
+        '.env.local': [
+          'SMS_AUTH_ENABLED=true',
+          'SMS_AUTH_PROVIDER=aliyun',
+        ].join('\n'),
+      },
+      (_env, tempDir) => {
+        const env = mergeApiServerEnv(tempDir, {
+          SMS_AUTH_ENABLED: 'false',
+          SMS_AUTH_PROVIDER: 'mock',
+        });
+
+        expect(env.SMS_AUTH_ENABLED).toBe('true');
+        expect(env.SMS_AUTH_PROVIDER).toBe('aliyun');
+      },
+    );
+  });
+
  test('空外层 shell 变量不会遮蔽本地私密配置', () => {
    withTempEnvFiles(
      {