# Changelog All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). --- ## [Unreleased] ### Planned Features - [ ] CSV import/export for all tables - [ ] Column sorting on list pages - [ ] Multi-LLM support (Gemini, DeepSeek, OpenAI) - [ ] PDF report generation - [ ] Batch analysis functionality - [ ] Email notifications - [ ] Two-factor authentication --- ## [1.0.0] - 2025-12-05 ### Added (Phase 5: 管理者功能與前端整合) - ✅ Complete React Frontend Architecture - `src/services/api.js` - API client service (198 lines, 17 endpoints) - `src/contexts/AuthContext.jsx` - Authentication context & hooks - `src/components/Layout.jsx` - Responsive application layout - ✅ Authentication & User Interface - `src/pages/LoginPage.jsx` - Beautiful login page with gradient design - Session-based authentication with cookies - Auto-login on page refresh - Role-based UI rendering (user, admin, super_admin) - User profile dropdown menu - ✅ Core Analysis Features - `src/pages/AnalyzePage.jsx` - Complete 5 Why analysis tool (210 lines) - Finding + job content input form - 7 language support (繁中, 簡中, EN, JP, KR, VN, TH) - Real-time AI analysis with loading indicator - Results display with 3 perspectives (technical, process, human) - Full 5 Why chain visualization with root cause & solutions - Usage guidelines - `src/pages/HistoryPage.jsx` - Analysis history (210 lines) - Paginated table of user analyses - View detail modal with full analysis - Delete functionality - Status badges (pending, processing, completed, failed) - Pagination controls - ✅ Admin Dashboard - `src/pages/AdminPage.jsx` - Complete admin interface (450 lines) - Dashboard tab: Statistics cards (users, analyses, monthly stats) - Users tab: User management table with create/delete - Analyses tab: All system analyses across all users - Audit tab: Security audit logs with IP tracking - Create user modal with role selection - Role-based access control - ✅ Main Application Integration - `src/App.jsx` - Complete app router (48 lines) - AuthProvider wrapper for global auth state - Loading screen with spinner - Conditional rendering (Login page vs Main app) - Page navigation state management ### Added (Phase 4: 核心程式開發) - ✅ Complete Models layer - `models/User.js` - User management with authentication - `models/Analysis.js` - Analysis records with full CRUD - `models/AuditLog.js` - Security audit logging - ✅ Middleware layer - `middleware/auth.js` - Authentication & authorization (requireAuth, requireAdmin, etc.) - `middleware/errorHandler.js` - Centralized error handling - ✅ Complete API Routes - `routes/auth.js` - Login, logout, session management - `routes/analyze.js` - 5 Why analysis creation, history, translation - `routes/admin.js` - User management, dashboard, audit logs - ✅ Updated server.js - Added helmet security headers - Added express-session authentication - Added rate limiting (15 min window, 100 requests max) - Integrated all routes - Health check endpoints - Graceful shutdown handling - ✅ API Testing - Fixed SQL parameter binding issues in User.getAll and Analysis.getByUserId/getAll - Tested authentication flow (login/logout) - Tested protected endpoints with sessions - Verified database integration ### Added (Phase 0: 專案初始化) - ✅ Project folder structure created - `models/` - Database models directory - `routes/` - API routes directory - `templates/` - Frontend templates directory - `static/` - Static assets (css, js, images) - `docs/` - Documentation directory - `scripts/` - Utility scripts directory - ✅ Environment configuration - Created `.env.example` with all required environment variables - Created `.env` with actual configuration - Added `dotenv` package for environment management - ✅ Version control setup - Created `.gitignore` for Node.js, Python, and IDE files - Excluded sensitive files (.env, security_audit.md) - Ready for Git initialization - ✅ Dependencies management - Updated `package.json` with enterprise-grade packages: - Security: `bcryptjs`, `helmet`, `express-rate-limit` - Database: `mysql2` with connection pooling - Session: `express-session` - CSV: `csv-parser`, `json2csv` - Added scripts: `db:init`, `db:test` - ✅ Documentation - Created comprehensive `README_FULL.md` - Created `docs/user_command_log.md` for tracking user requests - Documented all completed Phase 0 tasks ### Added (Phase 2: 資料庫架構) - ✅ Database configuration - Created `config.js` with database connection pool - MySQL connection details configured - Connection testing functionality - ✅ Database schema design - Created `docs/db_schema.sql` with complete table definitions: - `users` - User management with 3-tier permissions - `analyses` - Analysis records with JSON storage - `analysis_perspectives` - Multiple perspective analysis - `analysis_whys` - Detailed 5 Why records - `llm_configs` - LLM API configurations - `system_settings` - System parameters - `audit_logs` - Security audit trail - `sessions` - User session management - Created views: - `user_analysis_stats` - User statistics dashboard - `recent_analyses` - Recent 100 analyses - ✅ Database documentation - Created comprehensive `docs/db_schema.md` - Detailed table descriptions with field explanations - Entity relationship diagrams - Index strategy documentation - Data dictionary with code mappings - ✅ Database initialization - Created `scripts/init-database.js` for schema setup - Created `scripts/init-database-simple.js` (simplified version) - Created `scripts/test-db-connection.js` for testing - Successfully initialized 8 core tables + 2 views - Inserted default data: - 3 demo users (admin, user001, user002) - 1 Ollama LLM configuration - 6 system settings ### Technical Details - **Database**: MySQL 9.4.0 at mysql.theaken.com:33306 - **Database Name**: db_A102 - **Character Set**: utf8mb4_unicode_ci - **Engine**: InnoDB with foreign key constraints - **Default Admin**: admin@example.com (password in .env) ### Files Added ``` 5why/ ├── .env # Environment variables ├── .env.example # Environment template ├── .gitignore # Git ignore rules ├── config.js # Configuration module ├── package.json # Updated with new dependencies ├── docs/ │ ├── db_schema.sql # Database schema SQL │ ├── db_schema.md # Database documentation │ ├── user_command_log.md # User command tracking │ └── CHANGELOG.md # This file ├── scripts/ │ ├── init-database.js # DB initialization script │ ├── init-database-simple.js # Simplified DB init │ └── test-db-connection.js # DB connection test └── README_FULL.md # Comprehensive README ``` ### Database Tables Created 1. `users` - 3 rows (1 admin, 2 test users) 2. `analyses` - 0 rows 3. `analysis_perspectives` - 0 rows 4. `analysis_whys` - 0 rows 5. `llm_configs` - 1 row (Ollama config) 6. `system_settings` - 6 rows 7. `audit_logs` - 0 rows 8. `sessions` - 0 rows 9. `user_analysis_stats` (view) 10. `recent_analyses` (view) ### Dependencies Added - `dotenv@^16.3.1` - Environment variables - `bcryptjs@^2.4.3` - Password encryption - `express-session@^1.17.3` - Session management - `express-rate-limit@^7.1.5` - API rate limiting - `mysql2@^3.6.5` - MySQL database driver - `helmet@^7.1.0` - Security headers - `csv-parser@^3.0.0` - CSV import - `json2csv@^6.0.0-alpha.2` - CSV export ### Configuration - Gitea Repository: https://gitea.theaken.com/ - Gitea User: donald - Database Host: mysql.theaken.com:33306 - Ollama API: https://ollama_pjapi.theaken.com - Model: qwen2.5:3b --- ## Next Steps (Phase 1-9) ### Phase 1: 版本控制設定 (Pending) - [ ] Initialize Git repository - [ ] Create Gitea remote repository - [ ] Configure Git remote origin - [ ] Create `.gitkeep` in empty folders - [ ] Initial commit and push ### Phase 3: UI/UX 預覽確認 (Pending) - [ ] Create `preview.html` (frontend only, no database) - [ ] Confirm UI/UX design with user - [ ] Get user approval before proceeding ### Phase 4: 核心程式開發 (Pending) - [ ] Create `app.js` or enhanced `server.js` - [ ] Implement database models in `models/` - [ ] Implement API routes in `routes/` - [ ] Integrate with database - [ ] Add error handling - [ ] Add logging ### Phase 5: 管理者功能開發 (Pending) - [ ] Admin dashboard at `/admin` - [ ] User management (CRUD) - [ ] LLM configuration interface - [ ] System settings interface - [ ] Audit log viewer ### Phase 6: 通用功能實作 (Pending) - [ ] Error handling modal - [ ] CSV import/export for all tables - [ ] Column sorting on list pages - [ ] Loading indicators - [ ] Success/failure notifications ### Phase 7: 資安檢視 (Pending) - [ ] Create `security_audit.md` - [ ] Check SQL Injection protection - [ ] Check XSS protection - [ ] Verify CSRF tokens - [ ] Verify password encryption - [ ] Verify API rate limiting - [ ] Check for sensitive information leaks - [ ] Verify session security ### Phase 8: 文件維護 (Pending) - [ ] Create/update `SDD.md` with version number - [ ] Update `user_command_log.md` - [ ] Update `CHANGELOG.md` (this file) - [ ] Create `API_DOC.md` ### Phase 9: 部署前檢查 (Pending) - [ ] Verify `.env.example` is complete - [ ] Update `requirements.txt` or `package.json` - [ ] Remove sensitive information from code - [ ] Run functionality tests - [ ] Final commit and push to Gitea --- ## Version History | Version | Date | Status | Description | |---------|------|--------|-------------| | 1.0.0 | 2025-12-05 | In Progress | Initial version with Phase 0 & 2 completed | | 0.1.0 | 2025-12-05 | Prototype | Basic React frontend with Ollama API | --- **Maintainer**: System Administrator **Last Updated**: 2025-12-05 **Document Version**: 1.0.0