feat: Initial commit - Task Reporter incident response system

Complete implementation of the production line incident response system (生產線異常即時反應系統) including: Backend (FastAPI): - User authentication with AD integration and session management - Chat room management (create, list, update, members, roles) - Real-time messaging via WebSocket (typing indicators, reactions) - File storage with MinIO (upload, download, image preview) Frontend (React + Vite): - Authentication flow with token management - Room list with filtering, search, and pagination - Real-time chat interface with WebSocket - File upload with drag-and-drop and image preview - Member management and room settings - Breadcrumb navigation - 53 unit tests (Vitest) Specifications: - authentication: AD auth, sessions, JWT tokens - chat-room: rooms, members, templates - realtime-messaging: WebSocket, messages, reactions - file-storage: MinIO integration, file management - frontend-core: React SPA structure 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-01 17:42:52 +08:00
commit c8966477b9
135 changed files with 23269 additions and 0 deletions
--- a/app/modules/auth/services/encryption.py
+++ b/app/modules/auth/services/encryption.py
@@ -0,0 +1,47 @@
+"""Password encryption service using Fernet (AES-256)
+
+安全性說明：
+- 使用 Fernet 對稱加密（基於 AES-256）
+- 加密金鑰從環境變數 FERNET_KEY 讀取
+- 密碼加密後儲存於資料庫，用於自動刷新 AD token
+"""
+from cryptography.fernet import Fernet
+from app.core.config import get_settings
+
+settings = get_settings()
+
+
+class EncryptionService:
+    """Password encryption/decryption service"""
+
+    def __init__(self):
+        """Initialize with Fernet key from settings"""
+        self._fernet = Fernet(settings.FERNET_KEY.encode())
+
+    def encrypt_password(self, plaintext: str) -> str:
+        """Encrypt password for storage
+
+        Args:
+            plaintext: Plain text password
+
+        Returns:
+            Encrypted password as base64 string
+        """
+        encrypted_bytes = self._fernet.encrypt(plaintext.encode())
+        return encrypted_bytes.decode()
+
+    def decrypt_password(self, ciphertext: str) -> str:
+        """Decrypt stored password
+
+        Args:
+            ciphertext: Encrypted password (base64 string)
+
+        Returns:
+            Decrypted plain text password
+        """
+        decrypted_bytes = self._fernet.decrypt(ciphertext.encode())
+        return decrypted_bytes.decode()
+
+
+# Singleton instance
+encryption_service = EncryptionService()