porsche/hr-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
360533393f6c449a50cbf9ce59712d5867cfce42
hr-portal/backend/app/schemas/audit_log.py
Porsche Chen 360533393f feat: HR Portal - Complete Multi-Tenant System with Redis Session Storage 
Major Features:
-  Multi-tenant architecture (tenant isolation)
-  Employee CRUD with lifecycle management (onboarding/offboarding)
-  Department tree structure with email domain management
-  Company info management (single-record editing)
-  System functions CRUD (permission management)
-  Email account management (multi-account per employee)
-  Keycloak SSO integration (auth.lab.taipei)
-  Redis session storage (10.1.0.254:6379)
  - Solves Cookie 4KB limitation
  - Cross-system session sharing
  - Sliding expiration (8 hours)
  - Automatic token refresh

Technical Stack:
Backend:
- FastAPI + SQLAlchemy
- PostgreSQL 16 (10.1.0.20:5433)
- Keycloak Admin API integration
- Docker Mailserver integration (SSH)
- Alembic migrations

Frontend:
- Next.js 14 (App Router)
- NextAuth 4 with Keycloak Provider
- Redis session storage (ioredis)
- Tailwind CSS

Infrastructure:
- Redis 7 (10.1.0.254:6379) - Session + Cache
- Keycloak 26.1.0 (auth.lab.taipei)
- Docker Mailserver (10.1.0.254)

Architecture Highlights:
- Session管理由 Keycloak + Redis 統一控制
- 支援多系統 (HR/WebMail/Calendar/Drive/Office) 共享 session
- Token 自動刷新,異質服務整合
- 未來可無縫遷移到雲端

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-23 20:12:43 +08:00

108 lines
3.0 KiB
Python
Raw Blame History

"""
審計日誌 Schemas
"""
from datetime import datetime
from typing import Optional, Dict, Any
from pydantic import Field, ConfigDict
from app.schemas.base import BaseSchema
class AuditLogBase(BaseSchema):
"""審計日誌基礎 Schema"""
action: str = Field(..., max_length=50, description="操作類型 (create/update/delete/login)")
resource_type: str = Field(..., max_length=50, description="資源類型 (employee/identity/department)")
resource_id: Optional[int] = Field(None, description="資源 ID")
performed_by: str = Field(..., max_length=100, description="操作者 SSO 帳號")
details: Optional[Dict[str, Any]] = Field(None, description="詳細變更內容")
ip_address: Optional[str] = Field(None, max_length=45, description="IP 位址")
class AuditLogCreate(AuditLogBase):
"""創建審計日誌 Schema"""
model_config = ConfigDict(
json_schema_extra={
"example": {
"action": "create",
"resource_type": "employee",
"resource_id": 1,
"performed_by": "porsche.chen@lab.taipei",
"details": {
"employee_id": "EMP001",
"legal_name": "陳保時",
"username_base": "porsche.chen"
},
"ip_address": "10.1.0.245"
}
}
)
class AuditLogInDB(AuditLogBase):
"""資料庫中的審計日誌 Schema"""
id: int
performed_at: datetime
model_config = ConfigDict(from_attributes=True)
class AuditLogResponse(AuditLogInDB):
"""審計日誌響應 Schema"""
model_config = ConfigDict(
json_schema_extra={
"example": {
"id": 1,
"action": "create",
"resource_type": "employee",
"resource_id": 1,
"performed_by": "porsche.chen@lab.taipei",
"performed_at": "2020-01-01T12:00:00",
"details": {
"employee_id": "EMP001",
"legal_name": "陳保時",
"username_base": "porsche.chen"
},
"ip_address": "10.1.0.245"
}
}
)
class AuditLogListItem(BaseSchema):
"""審計日誌列表項 Schema"""
id: int
action: str
resource_type: str
resource_id: Optional[int] = None
performed_by: str
performed_at: datetime
model_config = ConfigDict(from_attributes=True)
class AuditLogFilter(BaseSchema):
"""審計日誌篩選參數"""
action: Optional[str] = None
resource_type: Optional[str] = None
resource_id: Optional[int] = None
performed_by: Optional[str] = None
start_date: Optional[datetime] = None
end_date: Optional[datetime] = None
model_config = ConfigDict(
json_schema_extra={
"example": {
"action": "create",
"resource_type": "employee",
"start_date": "2020-01-01T00:00:00",
"end_date": "2020-12-31T23:59:59"
}
}
)
Reference in New Issue View Git Blame Copy Permalink