main: 用户管理和会话功能初始实现

- 添加用户管理功能的测试，包括创建、更新、停用、激活用户及用户登录 JWT 测试
- 提供用户管理相关的请求验证类与控制器
- 引入 CORS 配置信息，支持跨域请求
- 添加数据库播种器以便创建根用户
- 配置 API 默认使用 JWT 认证
- 添加聊天会话和消息的模型、迁移文件及关联功能

app/Http/Controllers/AuthController.php

@@ -0,0 +1,40 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Requests\LoginRequest;
+use App\Models\User;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Support\Facades\Hash;
+
+class AuthController extends Controller
+{
+    public function login(LoginRequest $request): JsonResponse
+    {
+        $credentials = $request->validated();
+
+        $user = User::whereEmail($credentials['email'])->first();
+
+        if (! $user || ! Hash::check($credentials['password'], $user->password)) {
+            return response()->json(['message' => '凭证无效'], 401);
+        }
+
+        if (! $user->is_active) {
+            return response()->json(['message' => '用户已停用'], 403);
+        }
+
+        $token = auth('api')->login($user);
+
+        return response()->json([
+            'token' => $token,
+            'token_type' => 'bearer',
+            'expires_in' => auth('api')->factory()->getTTL() * 60,
+            'user' => [
+                'id' => $user->id,
+                'name' => $user->name,
+                'email' => $user->email,
+                'is_active' => $user->is_active,
+            ],
+        ]);
+    }
+}

app/Http/Controllers/ChatSessionController.php

@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Exceptions\ChatSessionStatusException;
+use App\Http\Requests\AppendMessageRequest;
+use App\Http\Requests\CreateSessionRequest;
+use App\Http\Resources\MessageResource;
+use App\Models\Message;
+use App\Services\ChatService;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+
+class ChatSessionController extends Controller
+{
+    public function __construct(private readonly ChatService $service)
+    {
+    }
+
+    public function store(CreateSessionRequest $request): JsonResponse
+    {
+        $session = $this->service->createSession($request->input('session_name'));
+
+        return response()->json($session, 201);
+    }
+
+    public function append(string $sessionId, AppendMessageRequest $request): JsonResponse
+    {
+        try {
+            $message = $this->service->appendMessage([
+                'session_id' => $sessionId,
+                ...$request->validated(),
+            ]);
+        } catch (ChatSessionStatusException $e) {
+            return response()->json(['message' => $e->getMessage()], 403);
+        }
+
+        return (new MessageResource($message))->response()->setStatusCode(201);
+    }
+
+    public function listMessages(Request $request, string $sessionId): JsonResponse
+    {
+        $afterSeq = (int) $request->query('after_seq', 0);
+        $limit = (int) $request->query('limit', 50);
+        $limit = $limit > 0 && $limit <= 200 ? $limit : 50;
+
+        $messages = $this->service->listMessagesBySeq($sessionId, $afterSeq, $limit);
+
+        return MessageResource::collection($messages)->response();
+    }
+}

app/Http/Controllers/UserController.php

@@ -0,0 +1,54 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Requests\StoreUserRequest;
+use App\Http\Requests\UpdateUserRequest;
+use App\Http\Resources\UserResource;
+use App\Models\User;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+
+class UserController extends Controller
+{
+    public function index(Request $request): JsonResponse
+    {
+        $perPage = (int) $request->query('per_page', 15);
+        $perPage = $perPage > 0 && $perPage <= 100 ? $perPage : 15;
+
+        $users = User::orderBy('id')->paginate($perPage);
+
+        return UserResource::collection($users)->response();
+    }
+
+    public function store(StoreUserRequest $request): JsonResponse
+    {
+        $payload = $request->validated();
+        $payload['is_active'] = true;
+
+        $user = User::create($payload);
+
+        return (new UserResource($user))->response()->setStatusCode(201);
+    }
+
+    public function update(UpdateUserRequest $request, User $user): JsonResponse
+    {
+        $user->update($request->validated());
+
+        return (new UserResource($user))->response();
+    }
+
+    public function deactivate(User $user): JsonResponse
+    {
+        $user->update(['is_active' => false]);
+
+        return (new UserResource($user))->response();
+    }
+
+    public function activate(User $user): JsonResponse
+    {
+        $user->update(['is_active' => true]);
+
+        return (new UserResource($user))->response();
+    }
+}

app/Http/Requests/AppendMessageRequest.php

@@ -0,0 +1,35 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Models\Message;
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Validation\Rule;
+
+class AppendMessageRequest extends FormRequest
+{
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * @return array<string, mixed>
+     */
+    public function rules(): array
+    {
+        return [
+            'role' => ['required', 'string', Rule::in([
+                Message::ROLE_USER,
+                Message::ROLE_AGENT,
+                Message::ROLE_TOOL,
+                Message::ROLE_SYSTEM,
+            ])],
+            'type' => ['required', 'string', 'max:64'],
+            'content' => ['nullable', 'string'],
+            'payload' => ['nullable', 'array'],
+            'reply_to' => ['nullable', 'uuid'],
+            'dedupe_key' => ['nullable', 'string', 'max:128'],
+        ];
+    }
+}

app/Http/Requests/CreateSessionRequest.php

@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class CreateSessionRequest extends FormRequest
+{
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * @return array<string, mixed>
+     */
+    public function rules(): array
+    {
+        return [
+            'session_name' => ['nullable', 'string', 'max:255'],
+        ];
+    }
+}

app/Http/Requests/LoginRequest.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class LoginRequest extends FormRequest
+{
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * @return array<string, mixed>
+     */
+    public function rules(): array
+    {
+        return [
+            'email' => ['required', 'email'],
+            'password' => ['required', 'string'],
+        ];
+    }
+}

app/Http/Requests/StoreUserRequest.php

@@ -0,0 +1,25 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class StoreUserRequest extends FormRequest
+{
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * @return array<string, mixed>
+     */
+    public function rules(): array
+    {
+        return [
+            'name' => ['required', 'string', 'max:255'],
+            'email' => ['required', 'email', 'max:255', 'unique:users,email'],
+            'password' => ['required', 'string', 'min:8'],
+        ];
+    }
+}

app/Http/Requests/UpdateUserRequest.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Requests;
+
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Validation\Rule;
+
+class UpdateUserRequest extends FormRequest
+{
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * @return array<string, mixed>
+     */
+    public function rules(): array
+    {
+        return [
+            'name' => ['sometimes', 'required', 'string', 'max:255'],
+            'email' => [
+                'sometimes',
+                'required',
+                'email',
+                'max:255',
+                Rule::unique('users', 'email')->ignore($this->route('user')),
+            ],
+            'password' => ['sometimes', 'required', 'string', 'min:8'],
+        ];
+    }
+}

app/Http/Resources/MessageResource.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Http\Resources;
+
+use Illuminate\Http\Request;
+use Illuminate\Http\Resources\Json\JsonResource;
+
+/** @mixin \App\Models\Message */
+class MessageResource extends JsonResource
+{
+    /**
+     * Transform the resource into an array.
+     *
+     * @return array<string, mixed>
+     */
+    public function toArray(Request $request): array
+    {
+        return [
+            'message_id' => $this->message_id,
+            'session_id' => $this->session_id,
+            'seq' => $this->seq,
+            'role' => $this->role,
+            'type' => $this->type,
+            'content' => $this->content,
+            'payload' => $this->payload,
+            'reply_to' => $this->reply_to,
+            'dedupe_key' => $this->dedupe_key,
+            'created_at' => $this->created_at,
+        ];
+    }
+}

app/Http/Resources/UserResource.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Resources;
+
+use Illuminate\Http\Request;
+use Illuminate\Http\Resources\Json\JsonResource;
+
+/** @mixin \App\Models\User */
+class UserResource extends JsonResource
+{
+    /**
+     * Transform the resource into an array.
+     *
+     * @return array<string, mixed>
+     */
+    public function toArray(Request $request): array
+    {
+        return [
+            'id' => $this->id,
+            'name' => $this->name,
+            'email' => $this->email,
+            'is_active' => $this->is_active,
+            'created_at' => $this->created_at,
+            'updated_at' => $this->updated_at,
+        ];
+    }
+}