add md

Register.md

@@ -0,0 +1,191 @@
+# 注册流程
+
+## 1. 发送验证码
+    url: /register/sendVerfiyCode
+    method: POST
+    params: {
+        username: $username,
+        account_type: "email|phone_num"
+    }
+    
+    result: 
+        success: {code: 0, data: {"session_id": int}}
+        error: {code: -1, message: "操作失败"}    
+
+## 2. 提及验证码
+    url: /register/verfiyCode
+    method: POST
+    params: {
+        session_id: $session_id,
+        code: int
+    }
+    
+    result: 
+        success: {code: 0, data: "ok"}
+        error: {code: -1, message: "验证码错误"}  
+
+## 3. 注册
+    url: /register/submit
+    method: POST
+    params: {
+        session_id: $session_id,
+        password: $password
+    }
+    
+    result: 
+        success: {code: 0, data: "ok"}
+        error: {code: -1, message: "注册失败"}
+
+
+# 找回密码流程
+
+## 1. 发送验证码
+    url: /password/sendVerfiyCode
+    method: POST
+    params: {
+        username: $username,
+        account_type: "email|phone_num"
+    }
+    
+    result: 
+        success: {code: 0, data: {"session_id": int}}
+        error: {code: -1, message: "操作失败"}    
+
+## 2. 提及验证码
+    url: /password/verfiyCode
+    method: POST
+    params: {
+        session_id: $session_id,
+        code: int
+    }
+    
+    result: 
+        success: {code: 0, data: "ok"}
+        error: {code: -1, message: "验证码错误"}  
+
+## 3. 注册
+    url: /password/reset
+    method: POST
+    params: {
+        session_id: $session_id,
+        new_password: $new_password
+    }
+    
+    result: 
+        success: {code: 0, data: "ok"}
+        error: {code: -1, message: "注册失败"}
+
+# 注册和找回密码公用的session的结构
+
+```text
+    session:
+    {
+    session_id,
+    username,
+    code,
+    verified,
+    expire_at,
+    used
+    }
+
+    ✅ 3. 必须有过期时间
+
+    建议：
+
+    验证码：5分钟
+
+    session：10分钟
+
+    ✅ 4. 限流（强烈建议）
+    sendVerifyCode
+
+    每个 username：60 秒一次
+
+    每个 IP：限制
+
+    ✅ 5. 防枚举（重要）
+
+    错误返回统一：
+
+    "操作失败"
+
+    不要区分：
+
+    用户存在
+
+    用户不存在
+```
+
+# app相关的接口
+
+## 1. 检查版本
+    url: /app/checkUpdate
+    method: POST
+
+    params: {
+        app_id: "your_app",           // 应用标识
+        platform: "macos",            // 平台
+        version: "1.2.3",             // 当前版本
+        build: 123,                   // 构建号（非常重要）
+        channel: "appstore|direct",   // 渠道（可选）
+    }
+
+    result:
+        success: {
+            code: 0,
+            data: {
+                has_update: true,
+                latest_version: "1.3.0",
+                latest_build: 150,
+                
+                force_update: false,
+                
+                download_url: "https://xxx.com/app.pkg",
+                release_notes: "修复了一些问题",
+                
+                min_supported_version: "1.0.0",
+                
+                publish_time: 1710000000
+            }
+        }
+
+        error: {
+            code: -1,
+            message: "检查失败"
+        }
+
+## 2. app当前隐私政策和服务条款
+    url: /app/policies
+    method: POST
+    params: {
+        platform: "macos"
+    }
+
+    result: 
+    {
+        code: 0,
+        data: {
+            privacy_policy_url: "https://xxx.com/privacy",
+            terms_of_service_url: "https://xxx.com/terms",
+            
+            privacy_policy_version: "2026-01-01",
+            terms_version: "2026-01-01"
+        }
+    }
+
+## 3. 用户反馈
+    url: /app/issue
+    method: POST
+    params: {
+        username: $username,
+        // 联系方式
+        contact: $contact,
+        platform: "macos",
+        content: $content
+    }
+
+    result: 
+    {
+        code: 0,
+        data: "ok"
+    }