feat: HR Portal - Complete Multi-Tenant System with Redis Session Storage

Major Features: - ✅ Multi-tenant architecture (tenant isolation) - ✅ Employee CRUD with lifecycle management (onboarding/offboarding) - ✅ Department tree structure with email domain management - ✅ Company info management (single-record editing) - ✅ System functions CRUD (permission management) - ✅ Email account management (multi-account per employee) - ✅ Keycloak SSO integration (auth.lab.taipei) - ✅ Redis session storage (10.1.0.254:6379) - Solves Cookie 4KB limitation - Cross-system session sharing - Sliding expiration (8 hours) - Automatic token refresh Technical Stack: Backend: - FastAPI + SQLAlchemy - PostgreSQL 16 (10.1.0.20:5433) - Keycloak Admin API integration - Docker Mailserver integration (SSH) - Alembic migrations Frontend: - Next.js 14 (App Router) - NextAuth 4 with Keycloak Provider - Redis session storage (ioredis) - Tailwind CSS Infrastructure: - Redis 7 (10.1.0.254:6379) - Session + Cache - Keycloak 26.1.0 (auth.lab.taipei) - Docker Mailserver (10.1.0.254) Architecture Highlights: - Session管理由 Keycloak + Redis 統一控制 - 支援多系統 (HR/WebMail/Calendar/Drive/Office) 共享 session - Token 自動刷新,異質服務整合 - 未來可無縫遷移到雲端 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-23 20:12:43 +08:00
commit 360533393f
386 changed files with 70353 additions and 0 deletions
--- a/frontend/services/employees.ts
+++ b/frontend/services/employees.ts
@@ -0,0 +1,75 @@
+/**
+ * 員工管理 API 服務
+ */
+import { apiClient } from '@/lib/api-client'
+import type {
+  Employee,
+  CreateEmployeeInput,
+  UpdateEmployeeInput,
+  PaginatedResponse,
+  EmailAccount,
+} from '@/types'
+
+export const employeesService = {
+  /**
+   * 取得員工列表
+   */
+  getEmployees: async (params?: {
+    page?: number
+    page_size?: number
+    status?: string
+    department_id?: string
+    search?: string
+  }): Promise<PaginatedResponse<Employee>> => {
+    return apiClient.get('/employees', { params })
+  },
+
+  /**
+   * 取得單一員工詳情
+   */
+  getEmployee: async (id: string): Promise<Employee> => {
+    return apiClient.get(`/employees/${id}`)
+  },
+
+  /**
+   * 建立員工
+   */
+  createEmployee: async (data: CreateEmployeeInput): Promise<Employee> => {
+    return apiClient.post('/employees', data)
+  },
+
+  /**
+   * 更新員工資料
+   */
+  updateEmployee: async (id: string, data: UpdateEmployeeInput): Promise<Employee> => {
+    return apiClient.put(`/employees/${id}`, data)
+  },
+
+  /**
+   * 刪除員工
+   */
+  deleteEmployee: async (id: string): Promise<void> => {
+    return apiClient.delete(`/employees/${id}`)
+  },
+
+  /**
+   * 取得員工的郵件帳號列表 (符合 WebMail 設計規範)
+   */
+  getEmployeeEmailAccounts: async (userId: string): Promise<{ user_id: string; email_accounts: EmailAccount[] }> => {
+    return apiClient.get(`/employees/${userId}/email-accounts`)
+  },
+
+  /**
+   * 員工離職處理
+   */
+  resignEmployee: async (id: string, resignationDate: string): Promise<Employee> => {
+    return apiClient.post(`/employees/${id}/resign`, { resignation_date: resignationDate })
+  },
+
+  /**
+   * 員工復職處理
+   */
+  reactivateEmployee: async (id: string): Promise<Employee> => {
+    return apiClient.post(`/employees/${id}/reactivate`)
+  },
+}