# 注册流程

## 1. 发送验证码
    url: /register/sendVerfiyCode
    method: POST
    params: {
        username: $username,
        account_type: "email|phone_num"
    }
    
    result: 
        success: {code: 0, data: {"session_id": int}}
        error: {code: -1, message: "操作失败"}    

## 2. 提及验证码
    url: /register/verfiyCode
    method: POST
    params: {
        session_id: $session_id,
        code: int
    }
    
    result: 
        success: {code: 0, data: "ok"}
        error: {code: -1, message: "验证码错误"}  

## 3. 注册
    url: /register/submit
    method: POST
    params: {
        session_id: $session_id,
        password: $password
    }
    
    result: 
        success: {code: 0, data: "ok"}
        error: {code: -1, message: "注册失败"}


# 找回密码流程

## 1. 发送验证码
    url: /password/sendVerfiyCode
    method: POST
    params: {
        username: $username,
        account_type: "email|phone_num"
    }
    
    result: 
        success: {code: 0, data: {"session_id": int}}
        error: {code: -1, message: "操作失败"}    

## 2. 提及验证码
    url: /password/verfiyCode
    method: POST
    params: {
        session_id: $session_id,
        code: int
    }
    
    result: 
        success: {code: 0, data: "ok"}
        error: {code: -1, message: "验证码错误"}  

## 3. 注册
    url: /password/reset
    method: POST
    params: {
        session_id: $session_id,
        new_password: $new_password
    }
    
    result: 
        success: {code: 0, data: "ok"}
        error: {code: -1, message: "注册失败"}

# 注册和找回密码公用的session的结构

```text
    session:
    {
    session_id,
    username,
    code,
    verified,
    expire_at,
    used
    }

    ✅ 3. 必须有过期时间

    建议：

    验证码：5分钟

    session：10分钟

    ✅ 4. 限流（强烈建议）
    sendVerifyCode

    每个 username：60 秒一次

    每个 IP：限制

    ✅ 5. 防枚举（重要）

    错误返回统一：

    "操作失败"

    不要区分：

    用户存在

    用户不存在
```

# app相关的接口

## 1. 检查版本
    url: /app/checkUpdate
    method: POST

    params: {
        app_id: "your_app",           // 应用标识
        platform: "macos",            // 平台
        version: "1.2.3",             // 当前版本
        build: 123,                   // 构建号（非常重要）
        channel: "appstore|direct",   // 渠道（可选）
    }

    result:
        success: {
            code: 0,
            data: {
                has_update: true,
                latest_version: "1.3.0",
                latest_build: 150,
                
                force_update: false,
                
                download_url: "https://xxx.com/app.pkg",
                release_notes: "修复了一些问题",
                
                min_supported_version: "1.0.0",
                
                publish_time: 1710000000
            }
        }

        error: {
            code: -1,
            message: "检查失败"
        }

## 2. app当前隐私政策和服务条款
    url: /app/policies
    method: POST
    params: {
        platform: "macos"
    }

    result: 
    {
        code: 0,
        data: {
            privacy_policy_url: "https://xxx.com/privacy",
            terms_of_service_url: "https://xxx.com/terms",
            
            privacy_policy_version: "2026-01-01",
            terms_version: "2026-01-01"
        }
    }

## 3. 用户反馈
    url: /app/issue
    method: POST
    params: {
        username: $username,
        // 联系方式
        contact: $contact,
        platform: "macos",
        content: $content
    }

    result: 
    {
        code: 0,
        data: "ok"
    }