feat: Airwallex 发卡管理后台完整实现

- 后端: FastAPI + SQLAlchemy + SQLite, JWT认证, 代理支持的AirwallexClient - 前端: React 18 + Vite + Ant Design 5, 中文界面 - 功能: 卡片管理, 持卡人管理, 交易记录, API令牌, 系统设置, 审计日志 - 第三方API: X-API-Key认证, 权限控制 - Docker部署: docker-compose编排前后端
2026-03-15 23:05:08 +08:00
commit 4f53889a8e
98 changed files with 10847 additions and 0 deletions
--- a/backend/app/routers/settings.py
+++ b/backend/app/routers/settings.py
@@ -0,0 +1,85 @@
+"""System settings router."""
+from typing import List
+
+from fastapi import APIRouter, Depends, Request
+from sqlalchemy.orm import Session
+
+from app.auth import get_current_user, AdminUser
+from app.database import get_db
+from app.models.db_models import SystemSetting
+from app.services import airwallex_service
+from app.services.audit_log import create_audit_log
+
+router = APIRouter(prefix="/api/settings", tags=["settings"])
+
+# Keys that should have their values masked in responses
+SENSITIVE_KEYS = {"airwallex_api_key", "proxy_password"}
+
+
+@router.get("")
+def get_settings(
+    db: Session = Depends(get_db),
+    user: AdminUser = Depends(get_current_user),
+):
+    """Get all system settings."""
+    settings = db.query(SystemSetting).all()
+    result = []
+    for s in settings:
+        value = "********" if s.key in SENSITIVE_KEYS and s.value else s.value
+        result.append({
+            "key": s.key,
+            "value": value,
+            "encrypted": s.encrypted,
+            "updated_at": s.updated_at.isoformat() if s.updated_at else None,
+        })
+    return result
+
+
+@router.put("")
+def update_settings(
+    updates: List[dict],
+    request: Request,
+    db: Session = Depends(get_db),
+    user: AdminUser = Depends(get_current_user),
+):
+    """Update system settings. Accepts a list of {key, value} objects."""
+    for item in updates:
+        key = item.get("key")
+        value = item.get("value")
+        if not key:
+            continue
+        # Skip if masked value sent back unchanged
+        if value == "********":
+            continue
+
+        existing = db.query(SystemSetting).filter(SystemSetting.key == key).first()
+        if existing:
+            existing.value = str(value)
+            existing.encrypted = key in SENSITIVE_KEYS
+        else:
+            db.add(SystemSetting(
+                key=key,
+                value=str(value),
+                encrypted=key in SENSITIVE_KEYS,
+            ))
+
+    db.commit()
+
+    create_audit_log(
+        db,
+        action="update_settings",
+        resource_type="settings",
+        operator=user.username,
+        ip_address=request.client.host if request.client else "",
+        details=f"Updated keys: {[item.get('key') for item in updates]}",
+    )
+    return {"message": "Settings updated"}
+
+
+@router.post("/test-connection")
+def test_connection(
+    db: Session = Depends(get_db),
+    user: AdminUser = Depends(get_current_user),
+):
+    """Test Airwallex API connection with current settings."""
+    return airwallex_service.test_connection(db)