39 lines
2.1 KiB
Markdown
39 lines
2.1 KiB
Markdown
# module-auth 独立模块 crate 占位说明
|
||
|
||
日期:`2026-04-20`
|
||
|
||
## 1. crate 职责
|
||
|
||
`module-auth` 是鉴权与会话模块 crate,后续负责:
|
||
|
||
1. 用户身份、会话、风控、审计相关领域模型
|
||
2. 手机验证码、微信登录、密码登录的模块内用例编排
|
||
3. 与 `crates/api-server` 的鉴权接口装配对接
|
||
4. 与 `crates/spacetime-module` 的身份表、会话表聚合对接
|
||
|
||
## 2. 当前阶段说明
|
||
|
||
当前阶段已冻结前六张鉴权基础表设计,剩余 `wechat_auth_state` 与 token 细节仍按顺序继续展开。
|
||
|
||
后续与本 crate 直接相关的任务包括:
|
||
|
||
1. 设计 `user_account`、`auth_identity`、`refresh_session`
|
||
2. 设计 `auth_audit_log`、`auth_risk_block`
|
||
3. 设计 `sms_auth_event`、`wechat_auth_state`
|
||
4. 落地 JWT claims、refresh cookie 与旧接口兼容
|
||
|
||
当前已冻结文档:
|
||
|
||
1. [../../../docs/technical/SPACETIMEDB_AUTH_USER_ACCOUNT_TABLE_DESIGN_2026-04-21.md](../../../docs/technical/SPACETIMEDB_AUTH_USER_ACCOUNT_TABLE_DESIGN_2026-04-21.md)
|
||
2. [../../../docs/technical/SPACETIMEDB_AUTH_IDENTITY_TABLE_DESIGN_2026-04-21.md](../../../docs/technical/SPACETIMEDB_AUTH_IDENTITY_TABLE_DESIGN_2026-04-21.md)
|
||
3. [../../../docs/technical/SPACETIMEDB_REFRESH_SESSION_TABLE_DESIGN_2026-04-21.md](../../../docs/technical/SPACETIMEDB_REFRESH_SESSION_TABLE_DESIGN_2026-04-21.md)
|
||
4. [../../../docs/technical/SPACETIMEDB_AUTH_AUDIT_LOG_TABLE_DESIGN_2026-04-21.md](../../../docs/technical/SPACETIMEDB_AUTH_AUDIT_LOG_TABLE_DESIGN_2026-04-21.md)
|
||
5. [../../../docs/technical/SPACETIMEDB_AUTH_RISK_BLOCK_TABLE_DESIGN_2026-04-21.md](../../../docs/technical/SPACETIMEDB_AUTH_RISK_BLOCK_TABLE_DESIGN_2026-04-21.md)
|
||
6. [../../../docs/technical/SPACETIMEDB_SMS_AUTH_EVENT_TABLE_DESIGN_2026-04-21.md](../../../docs/technical/SPACETIMEDB_SMS_AUTH_EVENT_TABLE_DESIGN_2026-04-21.md)
|
||
|
||
## 3. 边界约束
|
||
|
||
1. `module-auth` 负责鉴权领域规则与模块级编排,不直接把供应商 SDK 逻辑写进主工程。
|
||
2. 短信、微信、JWT、Cookie 等平台适配优先通过 `crates/platform-auth` 承接。
|
||
3. 身份与会话状态最终由 `crates/spacetime-module` 聚合,前端接口由 `crates/api-server` 暴露。
|