a620906209/CFDivePlatform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat:實作 Member Portal MVP 前端與後端整合

Browse Source 
後端:
- 新增 DivingOffer Model / DivingOfferController(列表+詳情 API,支援搜尋/篩選/分頁)
- 修正 Google OAuth callback 改為 redirect 至前端(SocialAuthController)
- 新增 config/cors.php 允許前端 origin
- .gitignore 新增 frontend/ 排除規則

前端(frontend/):
- Vue 3 + Vite + Tailwind CSS + Pinia + Vue Router
- 頁面:首頁、課程列表、課程詳情、登入、註冊、個人資料、OAuth callback
- 整合至 Docker(multi-stage build,nginx 靜態服務於 port 5173)

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Hank
2026-05-10 01:41:28 +08:00
parent 725c86f434
commit 550e2fc97a
48 changed files with 5887 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitignore
+8
View File
@@ -17,3 +17,11 @@ yarn-error.log
/.fleet
/.idea
/.vscode
/.claude
/.opensp
# Frontend
/frontend/node_modules
/frontend/dist
/frontend/.env
app/Http/Controllers/API/DivingOfferController.php
+63
View File
@@ -0,0 +1,63 @@
<?php
namespace App\Http\Controllers\API;
use App\Http\Controllers\Controller;
use App\Models\DivingOffer;
use Illuminate\Http\Request;
class DivingOfferController extends Controller
{
public function index(Request $request)
{
$perPage = min((int) $request->query('per_page', 12), 50);
$query = DivingOffer::query();
if ($q = $request->query('q')) {
$query->where(function ($sub) use ($q) {
$sub->where('title', 'like', "%{$q}%")
->orWhere('location', 'like', "%{$q}%")
->orWhere('spot', 'like', "%{$q}%");
});
}
if ($region = $request->query('region')) {
$query->where('region', $region);
}
if ($tag = $request->query('tag')) {
$query->where('tag', 'like', "%{$tag}%");
}
$paginated = $query->paginate($perPage);
return response()->json([
'status' => true,
'data' => $paginated->items(),
'meta' => [
'total' => $paginated->total(),
'per_page' => $paginated->perPage(),
'current_page' => $paginated->currentPage(),
'last_page' => $paginated->lastPage(),
],
]);
}
public function show(int $id)
{
$offer = DivingOffer::find($id);
if (!$offer) {
return response()->json([
'status' => false,
'message' => '課程不存在',
], 404);
}
return response()->json([
'status' => true,
'data' => $offer,
]);
}
}
app/Http/Controllers/API/SocialAuthController.php
+3 -17
View File
@@ -105,24 +105,10 @@ class SocialAuthController extends Controller
// 生成 Sanctum token
$token = $user->createToken('google-auth')->plainTextToken;
// 載入會員資料
$user->load('memberProfile');
return response()->json([
'status' => true,
'message' => 'Google 登入成功',
'data' => [
'user' => $user,
'token' => $token,
'token_type' => 'Bearer',
]
]);
return redirect(env('FRONTEND_URL') . '/auth/callback?token=' . $token);
} catch (\Exception $e) {
return response()->json([
'status' => false,
'message' => 'Google 登入失敗:' . $e->getMessage()
], 500);
return redirect(env('FRONTEND_URL') . '/login?error=oauth_failed');
}
}
}
app/Models/DivingOffer.php
+32
View File
@@ -0,0 +1,32 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
class DivingOffer extends Model
{
public $timestamps = false;
protected $table = 'diving_offers';
protected $fillable = [
'title',
'location',
'spot',
'rating',
'reviews',
'price',
'badges',
'description',
'tag',
'region',
];
protected $casts = [
'badges' => 'array',
'rating' => 'float',
'price' => 'integer',
'reviews'=> 'integer',
];
}
config/cors.php
+34
View File
@@ -0,0 +1,34 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Cross-Origin Resource Sharing (CORS) Configuration
|--------------------------------------------------------------------------
|
| Here you may configure your settings for cross-origin resource sharing
| or "CORS". This determines what cross-origin operations may execute
| in web browsers. You are free to adjust these settings as needed.
|
| To learn more: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
|
*/
'paths' => ['api/*', 'sanctum/csrf-cookie'],
'allowed_methods' => ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
'allowed_origins' => [env('FRONTEND_URL', 'http://localhost:5173')],
'allowed_origins_patterns' => [],
'allowed_headers' => ['Content-Type', 'Authorization', 'Accept', 'X-Requested-With'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => false,
];
docker-compose.yml
+14
View File
@@ -66,6 +66,20 @@ services:
timeout: 10s
retries: 3
frontend:
build:
context: ./frontend
dockerfile: Dockerfile
args:
VITE_API_URL: http://localhost:8080
image: cfdive-frontend
container_name: cfdive-frontend
restart: unless-stopped
ports:
- "5173:80"
networks:
- cfdive-network
db:
image: mysql:8.0
container_name: cfdive-db
frontend/.gitignore
+24
View File
@@ -0,0 +1,24 @@
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
lerna-debug.log*
node_modules
dist
dist-ssr
*.local
# Editor directories and files
.vscode/*
!.vscode/extensions.json
.idea
.DS_Store
*.suo
*.ntvs*
*.njsproj
*.sln
*.sw?
frontend/.vscode/extensions.json
Vendored
+3
View File
@@ -0,0 +1,3 @@
{
"recommendations": ["Vue.volar"]
}
frontend/Dockerfile
+20
View File
@@ -0,0 +1,20 @@
FROM node:22-alpine AS build
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
ARG VITE_API_URL=http://localhost:8080
ENV VITE_API_URL=$VITE_API_URL
RUN npm run build
FROM nginx:alpine
COPY --from=build /app/dist /usr/share/nginx/html
COPY nginx.conf /etc/nginx/conf.d/default.conf
EXPOSE 80
frontend/README.md
+5
View File
@@ -0,0 +1,5 @@
# Vue 3 + Vite
This template should help get you started developing with Vue 3 in Vite. The template uses Vue 3 `<script setup>` SFCs, check out the [script setup docs](https://v3.vuejs.org/api/sfc-script-setup.html#sfc-script-setup) to learn more.
Learn more about IDE Support for Vue in the [Vue Docs Scaling up Guide](https://vuejs.org/guide/scaling-up/tooling.html#ide-support).
frontend/index.html
+13
View File
@@ -0,0 +1,13 @@
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<link rel="icon" type="image/svg+xml" href="/favicon.svg" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>cf-dive-frontend</title>
</head>
<body>
<div id="app"></div>
<script type="module" src="/src/main.js"></script>
</body>
</html>
frontend/nginx.conf
+13
View File
@@ -0,0 +1,13 @@
server {
listen 80;
root /usr/share/nginx/html;
index index.html;
location / {
try_files $uri $uri/ /index.html;
}
gzip on;
gzip_types text/css application/javascript application/json image/svg+xml;
}
frontend/package-lock.json
Generated
+3855
View File
File diff suppressed because it is too large Load Diff
frontend/package.json
+24
View File
@@ -0,0 +1,24 @@
{
"name": "cf-dive-frontend",
"private": true,
"version": "0.0.0",
"type": "module",
"scripts": {
"dev": "vite",
"build": "vite build",
"preview": "vite preview"
},
"dependencies": {
"axios": "^1.16.0",
"pinia": "^3.0.4",
"vue": "^3.5.32",
"vue-router": "^4.6.4"
},
"devDependencies": {
"@vitejs/plugin-vue": "^6.0.6",
"autoprefixer": "^10.5.0",
"postcss": "^8.5.14",
"tailwindcss": "^3.4.19",
"vite": "^8.0.10"
}
}
frontend/postcss.config.js
+6
View File
@@ -0,0 +1,6 @@
export default {
plugins: {
tailwindcss: {},
autoprefixer: {},
},
}
frontend/public/favicon.svg
+1
View File
File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 9.3 KiB

frontend/public/icons.svg
+24
View File
@@ -0,0 +1,24 @@
<svg xmlns="http://www.w3.org/2000/svg">
<symbol id="bluesky-icon" viewBox="0 0 16 17">
<g clip-path="url(#bluesky-clip)"><path fill="#08060d" d="M7.75 7.735c-.693-1.348-2.58-3.86-4.334-5.097-1.68-1.187-2.32-.981-2.74-.79C.188 2.065.1 2.812.1 3.251s.241 3.602.398 4.13c.52 1.744 2.367 2.333 4.07 2.145-2.495.37-4.71 1.278-1.805 4.512 3.196 3.309 4.38-.71 4.987-2.746.608 2.036 1.307 5.91 4.93 2.746 2.72-2.746.747-4.143-1.747-4.512 1.702.189 3.55-.4 4.07-2.145.156-.528.397-3.691.397-4.13s-.088-1.186-.575-1.406c-.42-.19-1.06-.395-2.741.79-1.755 1.24-3.64 3.752-4.334 5.099"/></g>
<defs><clipPath id="bluesky-clip"><path fill="#fff" d="M.1.85h15.3v15.3H.1z"/></clipPath></defs>
</symbol>
<symbol id="discord-icon" viewBox="0 0 20 19">
<path fill="#08060d" d="M16.224 3.768a14.5 14.5 0 0 0-3.67-1.153c-.158.286-.343.67-.47.976a13.5 13.5 0 0 0-4.067 0c-.128-.306-.317-.69-.476-.976A14.4 14.4 0 0 0 3.868 3.77C1.546 7.28.916 10.703 1.231 14.077a14.7 14.7 0 0 0 4.5 2.306q.545-.748.965-1.587a9.5 9.5 0 0 1-1.518-.74q.191-.14.372-.293c2.927 1.369 6.107 1.369 8.999 0q.183.152.372.294-.723.437-1.52.74.418.838.963 1.588a14.6 14.6 0 0 0 4.504-2.308c.37-3.911-.63-7.302-2.644-10.309m-9.13 8.234c-.878 0-1.599-.82-1.599-1.82 0-.998.705-1.82 1.6-1.82.894 0 1.614.82 1.599 1.82.001 1-.705 1.82-1.6 1.82m5.91 0c-.878 0-1.599-.82-1.599-1.82 0-.998.705-1.82 1.6-1.82.893 0 1.614.82 1.599 1.82 0 1-.706 1.82-1.6 1.82"/>
</symbol>
<symbol id="documentation-icon" viewBox="0 0 21 20">
<path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="m15.5 13.333 1.533 1.322c.645.555.967.833.967 1.178s-.322.623-.967 1.179L15.5 18.333m-3.333-5-1.534 1.322c-.644.555-.966.833-.966 1.178s.322.623.966 1.179l1.534 1.321"/>
<path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="M17.167 10.836v-4.32c0-1.41 0-2.117-.224-2.68-.359-.906-1.118-1.621-2.08-1.96-.599-.21-1.349-.21-2.848-.21-2.623 0-3.935 0-4.983.369-1.684.591-3.013 1.842-3.641 3.428C3 6.449 3 7.684 3 10.154v2.122c0 2.558 0 3.838.706 4.726q.306.383.713.671c.76.536 1.79.64 3.581.66"/>
<path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="M3 10a2.78 2.78 0 0 1 2.778-2.778c.555 0 1.209.097 1.748-.047.48-.129.854-.503.982-.982.145-.54.048-1.194.048-1.749a2.78 2.78 0 0 1 2.777-2.777"/>
</symbol>
<symbol id="github-icon" viewBox="0 0 19 19">
<path fill="#08060d" fill-rule="evenodd" d="M9.356 1.85C5.05 1.85 1.57 5.356 1.57 9.694a7.84 7.84 0 0 0 5.324 7.44c.387.079.528-.168.528-.376 0-.182-.013-.805-.013-1.454-2.165.467-2.616-.935-2.616-.935-.349-.91-.864-1.143-.864-1.143-.71-.48.051-.48.051-.48.787.051 1.2.805 1.2.805.695 1.194 1.817.857 2.268.649.064-.507.27-.857.49-1.052-1.728-.182-3.545-.857-3.545-3.87 0-.857.31-1.558.8-2.104-.078-.195-.349-1 .077-2.078 0 0 .657-.208 2.14.805a7.5 7.5 0 0 1 1.946-.26c.657 0 1.328.092 1.946.26 1.483-1.013 2.14-.805 2.14-.805.426 1.078.155 1.883.078 2.078.502.546.799 1.247.799 2.104 0 3.013-1.818 3.675-3.558 3.87.284.247.528.714.528 1.454 0 1.052-.012 1.896-.012 2.156 0 .208.142.455.528.377a7.84 7.84 0 0 0 5.324-7.441c.013-4.338-3.48-7.844-7.773-7.844" clip-rule="evenodd"/>
</symbol>
<symbol id="social-icon" viewBox="0 0 20 20">
<path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="M12.5 6.667a4.167 4.167 0 1 0-8.334 0 4.167 4.167 0 0 0 8.334 0"/>
<path fill="none" stroke="#aa3bff" stroke-linecap="round" stroke-linejoin="round" stroke-width="1.35" d="M2.5 16.667a5.833 5.833 0 0 1 8.75-5.053m3.837.474.513 1.035c.07.144.257.282.414.309l.93.155c.596.1.736.536.307.965l-.723.73a.64.64 0 0 0-.152.531l.207.903c.164.715-.213.991-.84.618l-.872-.52a.63.63 0 0 0-.577 0l-.872.52c-.624.373-1.003.094-.84-.618l.207-.903a.64.64 0 0 0-.152-.532l-.723-.729c-.426-.43-.289-.864.306-.964l.93-.156a.64.64 0 0 0 .412-.31l.513-1.034c.28-.562.735-.562 1.012 0"/>
</symbol>
<symbol id="x-icon" viewBox="0 0 19 19">
<path fill="#08060d" fill-rule="evenodd" d="M1.893 1.98c.052.072 1.245 1.769 2.653 3.77l2.892 4.114c.183.261.333.48.333.486s-.068.089-.152.183l-.522.593-.765.867-3.597 4.087c-.375.426-.734.834-.798.905a1 1 0 0 0-.118.148c0 .01.236.017.664.017h.663l.729-.83c.4-.457.796-.906.879-.999a692 692 0 0 0 1.794-2.038c.034-.037.301-.34.594-.675l.551-.624.345-.392a7 7 0 0 1 .34-.374c.006 0 .93 1.306 2.052 2.903l2.084 2.965.045.063h2.275c1.87 0 2.273-.003 2.266-.021-.008-.02-1.098-1.572-3.894-5.547-2.013-2.862-2.28-3.246-2.273-3.266.008-.019.282-.332 2.085-2.38l2-2.274 1.567-1.782c.022-.028-.016-.03-.65-.03h-.674l-.3.342a871 871 0 0 1-1.782 2.025c-.067.075-.405.458-.75.852a100 100 0 0 1-.803.91c-.148.172-.299.344-.99 1.127-.304.343-.32.358-.345.327-.015-.019-.904-1.282-1.976-2.808L6.365 1.85H1.8zm1.782.91 8.078 11.294c.772 1.08 1.413 1.973 1.425 1.984.016.017.241.02 1.05.017l1.03-.004-2.694-3.766L7.796 5.75 5.722 2.852l-1.039-.004-1.039-.004z" clip-rule="evenodd"/>
</symbol>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 4.9 KiB

frontend/src/App.vue
+15
View File
@@ -0,0 +1,15 @@
<script setup>
import { onMounted } from 'vue'
import { useAuthStore } from './stores/auth'
import NavBar from './components/NavBar.vue'
const auth = useAuthStore()
onMounted(() => auth.init())
</script>
<template>
<div class="min-h-screen bg-gray-50">
<NavBar />
<RouterView />
</div>
</template>
frontend/src/api/axios.js
+16
View File
@@ -0,0 +1,16 @@
import axios from 'axios'
const api = axios.create({
baseURL: import.meta.env.VITE_API_URL + '/api',
headers: { Accept: 'application/json' },
})
api.interceptors.request.use((config) => {
const token = localStorage.getItem('token')
if (token) {
config.headers.Authorization = `Bearer ${token}`
}
return config
})
export default api
frontend/src/assets/hero.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 13 KiB

frontend/src/assets/vite.svg
+1
View File
File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 8.5 KiB

frontend/src/assets/vue.svg
+1
View File
@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="37.07" height="36" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 198"><path fill="#41B883" d="M204.8 0H256L128 220.8L0 0h97.92L128 51.2L157.44 0h47.36Z"></path><path fill="#41B883" d="m0 0l128 220.8L256 0h-51.2L128 132.48L50.56 0H0Z"></path><path fill="#35495E" d="M50.56 0L128 133.12L204.8 0h-47.36L128 51.2L97.92 0H50.56Z"></path></svg>
Side by Side

After

Width:  |  Height:  |  Size: 496 B

frontend/src/components/CourseCard.vue
+42
View File
@@ -0,0 +1,42 @@
<script setup>
defineProps({
offer: { type: Object, required: true },
})
</script>
<template>
<RouterLink
:to="`/courses/${offer.id}`"
class="bg-white rounded-2xl shadow hover:shadow-lg transition overflow-hidden flex flex-col"
>
<div class="bg-ocean-700 h-40 flex items-center justify-center text-white text-5xl">🤿</div>
<div class="p-4 flex flex-col gap-2 flex-1">
<div class="flex gap-2 flex-wrap">
<span
v-for="badge in (offer.badges || [])"
:key="badge"
class="text-xs bg-ocean-100 text-ocean-700 px-2 py-0.5 rounded-full"
>
{{ badge }}
</span>
<span v-if="offer.tag" class="text-xs bg-gray-100 text-gray-600 px-2 py-0.5 rounded-full">
{{ offer.tag }}
</span>
</div>
<h3 class="font-semibold text-gray-800 line-clamp-2 leading-snug">{{ offer.title }}</h3>
<p class="text-sm text-gray-500 flex items-center gap-1">
📍 {{ offer.location }}
</p>
<div class="mt-auto flex items-center justify-between pt-2 border-t border-gray-100">
<span class="text-sm text-amber-500 font-medium">
{{ offer.rating }} <span class="text-gray-400">({{ offer.reviews }})</span>
</span>
<span class="text-ocean-700 font-bold">NT$ {{ offer.price.toLocaleString() }}</span>
</div>
</div>
</RouterLink>
</template>
frontend/src/components/HelloWorld.vue
+95
View File
@@ -0,0 +1,95 @@
<script setup>
import { ref } from 'vue'
import viteLogo from '../assets/vite.svg'
import heroImg from '../assets/hero.png'
import vueLogo from '../assets/vue.svg'
const count = ref(0)
</script>
<template>
<section id="center">
<div class="hero">
<img :src="heroImg" class="base" width="170" height="179" alt="" />
<img :src="vueLogo" class="framework" alt="Vue logo" />
<img :src="viteLogo" class="vite" alt="Vite logo" />
</div>
<div>
<h1>Get started</h1>
<p>Edit <code>src/App.vue</code> and save to test <code>HMR</code></p>
</div>
<button type="button" class="counter" @click="count++">
Count is {{ count }}
</button>
</section>
<div class="ticks"></div>
<section id="next-steps">
<div id="docs">
<svg class="icon" role="presentation" aria-hidden="true">
<use href="/icons.svg#documentation-icon"></use>
</svg>
<h2>Documentation</h2>
<p>Your questions, answered</p>
<ul>
<li>
<a href="https://vite.dev/" target="_blank">
<img class="logo" :src="viteLogo" alt="" />
Explore Vite
</a>
</li>
<li>
<a href="https://vuejs.org/" target="_blank">
<img class="button-icon" :src="vueLogo" alt="" />
Learn more
</a>
</li>
</ul>
</div>
<div id="social">
<svg class="icon" role="presentation" aria-hidden="true">
<use href="/icons.svg#social-icon"></use>
</svg>
<h2>Connect with us</h2>
<p>Join the Vite community</p>
<ul>
<li>
<a href="https://github.com/vitejs/vite" target="_blank">
<svg class="button-icon" role="presentation" aria-hidden="true">
<use href="/icons.svg#github-icon"></use>
</svg>
GitHub
</a>
</li>
<li>
<a href="https://chat.vite.dev/" target="_blank">
<svg class="button-icon" role="presentation" aria-hidden="true">
<use href="/icons.svg#discord-icon"></use>
</svg>
Discord
</a>
</li>
<li>
<a href="https://x.com/vite_js" target="_blank">
<svg class="button-icon" role="presentation" aria-hidden="true">
<use href="/icons.svg#x-icon"></use>
</svg>
X.com
</a>
</li>
<li>
<a href="https://bsky.app/profile/vite.dev" target="_blank">
<svg class="button-icon" role="presentation" aria-hidden="true">
<use href="/icons.svg#bluesky-icon"></use>
</svg>
Bluesky
</a>
</li>
</ul>
</div>
</section>
<div class="ticks"></div>
<section id="spacer"></section>
</template>
frontend/src/components/NavBar.vue
+48
View File
@@ -0,0 +1,48 @@
<script setup>
import { useAuthStore } from '../stores/auth'
import { useRouter } from 'vue-router'
const auth = useAuthStore()
const router = useRouter()
async function handleLogout() {
await auth.logout()
router.push('/login')
}
</script>
<template>
<nav class="bg-ocean-800 text-white shadow-md">
<div class="max-w-6xl mx-auto px-4 h-16 flex items-center justify-between">
<RouterLink to="/" class="text-xl font-bold tracking-wide hover:text-ocean-100 transition">
🤿 CFDive
</RouterLink>
<div class="flex items-center gap-6 text-sm font-medium">
<RouterLink to="/courses" class="hover:text-ocean-100 transition">探索課程</RouterLink>
<template v-if="auth.isLoggedIn">
<span class="text-ocean-200 hidden sm:inline">
👤 {{ auth.user?.name }}
</span>
<RouterLink to="/profile" class="hover:text-ocean-100 transition">個人資料</RouterLink>
<button
@click="handleLogout"
class="bg-ocean-600 hover:bg-ocean-500 px-4 py-1.5 rounded-full transition"
>
登出
</button>
</template>
<template v-else>
<RouterLink to="/login" class="hover:text-ocean-100 transition">登入</RouterLink>
<RouterLink
to="/register"
class="bg-ocean-600 hover:bg-ocean-500 px-4 py-1.5 rounded-full transition"
>
註冊
</RouterLink>
</template>
</div>
</div>
</nav>
</template>
frontend/src/main.js
+10
View File
@@ -0,0 +1,10 @@
import { createApp } from 'vue'
import { createPinia } from 'pinia'
import './style.css'
import App from './App.vue'
import router from './router'
const app = createApp(App)
app.use(createPinia())
app.use(router)
app.mount('#app')
frontend/src/router/index.js
+26
View File
@@ -0,0 +1,26 @@
import { createRouter, createWebHistory } from 'vue-router'
import { useAuthStore } from '../stores/auth'
const routes = [
{ path: '/', component: () => import('../views/HomeView.vue') },
{ path: '/courses', component: () => import('../views/CoursesView.vue') },
{ path: '/courses/:id', component: () => import('../views/CourseDetailView.vue') },
{ path: '/login', component: () => import('../views/LoginView.vue') },
{ path: '/register', component: () => import('../views/RegisterView.vue') },
{ path: '/auth/callback', component: () => import('../views/AuthCallbackView.vue') },
{ path: '/profile', component: () => import('../views/ProfileView.vue'), meta: { requiresAuth: true } },
]
const router = createRouter({
history: createWebHistory(),
routes,
})
router.beforeEach((to) => {
const auth = useAuthStore()
if (to.meta.requiresAuth && !auth.isLoggedIn) {
return { path: '/login' }
}
})
export default router
frontend/src/stores/auth.js
+38
View File
@@ -0,0 +1,38 @@
import { defineStore } from 'pinia'
import { ref, computed } from 'vue'
import api from '../api/axios'
export const useAuthStore = defineStore('auth', () => {
const user = ref(null)
const token = ref(null)
const isLoggedIn = computed(() => !!token.value)
function init() {
const saved = localStorage.getItem('token')
const savedUser = localStorage.getItem('user')
if (saved) {
token.value = saved
user.value = savedUser ? JSON.parse(savedUser) : null
}
}
function setAuth(userData, tokenValue) {
user.value = userData
token.value = tokenValue
localStorage.setItem('token', tokenValue)
localStorage.setItem('user', JSON.stringify(userData))
}
async function logout() {
try {
await api.post('/member/logout')
} catch {}
user.value = null
token.value = null
localStorage.removeItem('token')
localStorage.removeItem('user')
}
return { user, token, isLoggedIn, init, setAuth, logout }
})
frontend/src/style.css
+9
View File
@@ -0,0 +1,9 @@
@tailwind base;
@tailwind components;
@tailwind utilities;
body {
margin: 0;
font-family: system-ui, 'Segoe UI', Roboto, sans-serif;
-webkit-font-smoothing: antialiased;
}
frontend/src/views/AuthCallbackView.vue
+39
View File
@@ -0,0 +1,39 @@
<script setup>
import { onMounted } from 'vue'
import { useRouter, useRoute } from 'vue-router'
import { useAuthStore } from '../stores/auth'
import api from '../api/axios'
const router = useRouter()
const route = useRoute()
const auth = useAuthStore()
onMounted(async () => {
const token = route.query.token
const error = route.query.error
if (error || !token) {
router.push('/login?error=oauth_failed')
return
}
// 存 token 先,再拉 profile
localStorage.setItem('token', token)
try {
const res = await api.get('/member/profile')
auth.setAuth(res.data.data, token)
} catch {
auth.setAuth(null, token)
}
// 清除 URL 上的 token
history.replaceState({}, '', '/auth/callback')
router.push('/courses')
})
</script>
<template>
<main class="min-h-[80vh] flex items-center justify-center text-gray-400">
正在完成登入請稍候...
</main>
</template>
frontend/src/views/CourseDetailView.vue
+80
View File
@@ -0,0 +1,80 @@
<script setup>
import { ref, onMounted } from 'vue'
import { useRoute, useRouter } from 'vue-router'
import api from '../api/axios'
const route = useRoute()
const router = useRouter()
const offer = ref(null)
const loading = ref(true)
const notFound = ref(false)
onMounted(async () => {
try {
const res = await api.get(`/diving-offers/${route.params.id}`)
offer.value = res.data.data
} catch (e) {
notFound.value = true
} finally {
loading.value = false
}
})
</script>
<template>
<main class="max-w-4xl mx-auto px-4 py-10">
<div v-if="loading" class="text-center text-gray-400 py-20">載入中...</div>
<div v-else-if="notFound" class="text-center py-20">
<p class="text-5xl mb-4">🌊</p>
<p class="text-gray-500 text-lg mb-6">課程不存在或已下架</p>
<RouterLink to="/courses" class="text-ocean-600 hover:underline"> 返回課程列表</RouterLink>
</div>
<template v-else-if="offer">
<RouterLink to="/courses" class="text-ocean-600 hover:underline text-sm mb-6 inline-block">
返回課程列表
</RouterLink>
<div class="bg-ocean-700 rounded-2xl h-56 flex items-center justify-center text-white text-7xl mb-6">🤿</div>
<div class="flex flex-wrap gap-2 mb-3">
<span
v-for="badge in (offer.badges || [])"
:key="badge"
class="text-sm bg-ocean-100 text-ocean-700 px-3 py-1 rounded-full"
>
{{ badge }}
</span>
<span v-if="offer.tag" class="text-sm bg-gray-100 text-gray-600 px-3 py-1 rounded-full">
{{ offer.tag }}
</span>
</div>
<h1 class="text-3xl font-bold text-gray-800 mb-2">{{ offer.title }}</h1>
<div class="flex flex-wrap gap-6 text-sm text-gray-500 mb-6">
<span>📍 {{ offer.location }}{{ offer.spot }}</span>
<span>🗺 {{ offer.region }}</span>
<span> {{ offer.rating }} {{ offer.reviews }} 則評論</span>
</div>
<div class="bg-white rounded-2xl shadow p-6 mb-6">
<p class="text-gray-700 leading-relaxed whitespace-pre-wrap">{{ offer.description || '暫無課程說明。' }}</p>
</div>
<div class="flex items-center justify-between bg-ocean-50 rounded-2xl p-6">
<div>
<p class="text-sm text-gray-500">課程費用</p>
<p class="text-3xl font-bold text-ocean-800">NT$ {{ offer.price.toLocaleString() }}</p>
</div>
<button class="bg-ocean-700 hover:bg-ocean-600 text-white font-semibold px-8 py-3 rounded-full transition">
立即洽詢
</button>
</div>
</template>
</main>
</template>
frontend/src/views/CoursesView.vue
+96
View File
@@ -0,0 +1,96 @@
<script setup>
import { ref, onMounted } from 'vue'
import api from '../api/axios'
import CourseCard from '../components/CourseCard.vue'
const offers = ref([])
const meta = ref(null)
const loading = ref(false)
const error = ref('')
const search = ref('')
const region = ref('')
const REGIONS = ['北部', '中部', '南部', '東部', '離島']
async function fetchOffers(page = 1) {
loading.value = true
error.value = ''
try {
const params = { page, per_page: 12 }
if (search.value) params.q = search.value
if (region.value) params.region = region.value
const res = await api.get('/diving-offers', { params })
offers.value = res.data.data
meta.value = res.data.meta
} catch {
error.value = '無法載入課程,請稍後再試。'
} finally {
loading.value = false
}
}
function onSearch() { fetchOffers(1) }
function onRegion() { fetchOffers(1) }
onMounted(() => fetchOffers())
</script>
<template>
<main class="max-w-6xl mx-auto px-4 py-10">
<h1 class="text-3xl font-bold text-gray-800 mb-6">探索潛水課程</h1>
<div class="flex flex-col sm:flex-row gap-3 mb-8">
<input
v-model="search"
@keyup.enter="onSearch"
type="text"
placeholder="搜尋課程名稱、地點..."
class="flex-1 border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
/>
<button
@click="onSearch"
class="bg-ocean-700 text-white px-6 py-2 rounded-lg hover:bg-ocean-600 transition"
>
搜尋
</button>
<select
v-model="region"
@change="onRegion"
class="border border-gray-300 rounded-lg px-3 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
>
<option value="">所有地區</option>
<option v-for="r in REGIONS" :key="r" :value="r">{{ r }}</option>
</select>
</div>
<div v-if="loading" class="text-center text-gray-400 py-20">載入中...</div>
<div v-else-if="error" class="text-center text-red-500 py-20">{{ error }}</div>
<div v-else-if="offers.length === 0" class="text-center text-gray-400 py-20">
😢 找不到符合的課程試試其他關鍵字
</div>
<div v-else class="grid sm:grid-cols-2 lg:grid-cols-3 gap-6">
<CourseCard v-for="offer in offers" :key="offer.id" :offer="offer" />
</div>
<div v-if="meta && meta.last_page > 1" class="flex justify-center gap-2 mt-10">
<button
v-for="p in meta.last_page"
:key="p"
@click="fetchOffers(p)"
:class="[
'px-3 py-1 rounded-lg border transition',
p === meta.current_page
? 'bg-ocean-700 text-white border-ocean-700'
: 'border-gray-300 text-gray-600 hover:bg-gray-100'
]"
>
{{ p }}
</button>
</div>
</main>
</template>
frontend/src/views/HomeView.vue
+37
View File
@@ -0,0 +1,37 @@
<template>
<main>
<section class="bg-gradient-to-br from-ocean-900 to-ocean-600 text-white py-28 px-4 text-center">
<p class="text-ocean-100 text-sm uppercase tracking-widest mb-4">探索台灣最美的海底世界</p>
<h1 class="text-5xl font-bold mb-6 leading-tight">
找到你的<br class="sm:hidden" />完美潛水課程
</h1>
<p class="text-ocean-100 text-lg max-w-xl mx-auto mb-10">
連結優質潛水教練與愛好者無論初學者還是進階玩家都能找到最適合的課程體驗
</p>
<RouterLink
to="/courses"
class="inline-block bg-white text-ocean-800 font-semibold px-8 py-3 rounded-full text-lg hover:bg-ocean-50 transition shadow-lg"
>
探索課程
</RouterLink>
</section>
<section class="max-w-6xl mx-auto px-4 py-16 grid sm:grid-cols-3 gap-8 text-center">
<div class="p-6 bg-white rounded-2xl shadow">
<div class="text-4xl mb-3">🏅</div>
<h3 class="font-semibold text-gray-800 mb-1">認證教練</h3>
<p class="text-sm text-gray-500">所有教練皆具備 PADI / SSI 國際認證</p>
</div>
<div class="p-6 bg-white rounded-2xl shadow">
<div class="text-4xl mb-3">🗺</div>
<h3 class="font-semibold text-gray-800 mb-1">全台潛點</h3>
<p class="text-sm text-gray-500">墾丁小琉球綠島蘭嶼等多地課程</p>
</div>
<div class="p-6 bg-white rounded-2xl shadow">
<div class="text-4xl mb-3">🛡</div>
<h3 class="font-semibold text-gray-800 mb-1">安心保障</h3>
<p class="text-sm text-gray-500">完整保險與安全設備讓你無後顧之憂</p>
</div>
</section>
</main>
</template>
frontend/src/views/LoginView.vue
+110
View File
@@ -0,0 +1,110 @@
<script setup>
import { ref } from 'vue'
import { useRouter, useRoute } from 'vue-router'
import api from '../api/axios'
import { useAuthStore } from '../stores/auth'
const router = useRouter()
const route = useRoute()
const auth = useAuthStore()
const email = ref('')
const password = ref('')
const error = ref('')
const loading = ref(false)
const oauthError = route.query.error === 'oauth_failed'
? 'Google 登入失敗,請重試。'
: ''
const successMsg = route.query.registered ? '註冊成功,請登入。' : ''
async function submit() {
error.value = ''
loading.value = true
try {
const res = await api.post('/member/login', {
email: email.value,
password: password.value,
})
auth.setAuth(res.data.data.user, res.data.data.token)
router.push('/courses')
} catch (e) {
error.value = e.response?.data?.message || '帳號或密碼錯誤'
} finally {
loading.value = false
}
}
function loginWithGoogle() {
window.location.href = import.meta.env.VITE_API_URL + '/api/auth/google/redirect'
}
</script>
<template>
<main class="min-h-[80vh] flex items-center justify-center px-4">
<div class="bg-white rounded-2xl shadow-lg w-full max-w-md p-8">
<h1 class="text-2xl font-bold text-gray-800 mb-6 text-center">會員登入</h1>
<div v-if="successMsg" class="bg-green-50 text-green-700 text-sm rounded-lg px-4 py-3 mb-4">
{{ successMsg }}
</div>
<div v-if="oauthError || error" class="bg-red-50 text-red-600 text-sm rounded-lg px-4 py-3 mb-4">
{{ oauthError || error }}
</div>
<form @submit.prevent="submit" class="flex flex-col gap-4">
<div>
<label class="block text-sm text-gray-600 mb-1">Email</label>
<input
v-model="email"
type="email"
required
class="w-full border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
/>
</div>
<div>
<label class="block text-sm text-gray-600 mb-1">密碼</label>
<input
v-model="password"
type="password"
required
class="w-full border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
/>
</div>
<button
type="submit"
:disabled="loading"
class="bg-ocean-700 hover:bg-ocean-600 text-white font-semibold py-2.5 rounded-lg transition disabled:opacity-60"
>
{{ loading ? '登入中...' : '登入' }}
</button>
</form>
<div class="relative my-5 flex items-center">
<div class="flex-1 border-t border-gray-200"></div>
<span class="mx-3 text-sm text-gray-400"></span>
<div class="flex-1 border-t border-gray-200"></div>
</div>
<button
@click="loginWithGoogle"
class="w-full flex items-center justify-center gap-3 border border-gray-300 rounded-lg py-2.5 hover:bg-gray-50 transition text-sm font-medium text-gray-700"
>
<svg class="w-5 h-5" viewBox="0 0 48 48">
<path fill="#EA4335" d="M24 9.5c3.5 0 6.6 1.2 9 3.2l6.7-6.7C35.8 2.5 30.2 0 24 0 14.6 0 6.6 5.4 2.5 13.3l7.8 6C12.3 13.1 17.7 9.5 24 9.5z"/>
<path fill="#4285F4" d="M46.5 24.5c0-1.6-.1-3.2-.4-4.7H24v9h12.7c-.6 3-2.3 5.5-4.8 7.2l7.6 5.9C43.8 37.6 46.5 31.5 46.5 24.5z"/>
<path fill="#FBBC05" d="M10.3 28.7A14.7 14.7 0 0 1 9.5 24c0-1.6.3-3.2.8-4.7l-7.8-6A23.9 23.9 0 0 0 0 24c0 3.9.9 7.5 2.5 10.7l7.8-6z"/>
<path fill="#34A853" d="M24 48c6.2 0 11.4-2 15.2-5.5l-7.6-5.9c-2 1.4-4.7 2.2-7.6 2.2-6.3 0-11.7-3.6-13.7-9.1l-7.8 6C6.6 42.6 14.6 48 24 48z"/>
</svg>
Google 帳號登入
</button>
<p class="text-center text-sm text-gray-500 mt-6">
還沒有帳號
<RouterLink to="/register" class="text-ocean-600 hover:underline">立即註冊</RouterLink>
</p>
</div>
</main>
</template>
frontend/src/views/ProfileView.vue
+138
View File
@@ -0,0 +1,138 @@
<script setup>
import { ref, onMounted } from 'vue'
import api from '../api/axios'
import { useAuthStore } from '../stores/auth'
const auth = useAuthStore()
const loading = ref(true)
const saving = ref(false)
const success = ref(false)
const error = ref('')
const form = ref({
name: '',
birthday: '',
gender: '',
address: '',
emergency_contact: '',
emergency_phone: '',
})
onMounted(async () => {
try {
const res = await api.get('/member/profile')
const d = res.data.data
form.value.name = d.name || ''
form.value.birthday = d.profile?.birthday || ''
form.value.gender = d.profile?.gender || ''
form.value.address = d.profile?.address || ''
form.value.emergency_contact = d.profile?.emergency_contact|| ''
form.value.emergency_phone = d.profile?.emergency_phone || ''
} catch {
error.value = '無法載入個人資料'
} finally {
loading.value = false
}
})
async function save() {
saving.value = true
success.value = false
error.value = ''
try {
await api.put('/member/profile', form.value)
auth.user = { ...auth.user, name: form.value.name }
success.value = true
setTimeout(() => (success.value = false), 3000)
} catch (e) {
error.value = e.response?.data?.message || '儲存失敗,請稍後再試'
} finally {
saving.value = false
}
}
</script>
<template>
<main class="max-w-2xl mx-auto px-4 py-10">
<h1 class="text-2xl font-bold text-gray-800 mb-6">個人資料</h1>
<div v-if="loading" class="text-center text-gray-400 py-20">載入中...</div>
<form v-else @submit.prevent="save" class="bg-white rounded-2xl shadow p-6 flex flex-col gap-5">
<div v-if="success" class="bg-green-50 text-green-700 text-sm rounded-lg px-4 py-3">
資料已更新
</div>
<div v-if="error" class="bg-red-50 text-red-600 text-sm rounded-lg px-4 py-3">
{{ error }}
</div>
<div>
<label class="block text-sm text-gray-600 mb-1">姓名</label>
<input
v-model="form.name"
type="text"
class="w-full border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
/>
</div>
<div>
<label class="block text-sm text-gray-600 mb-1">生日</label>
<input
v-model="form.birthday"
type="date"
class="w-full border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
/>
</div>
<div>
<label class="block text-sm text-gray-600 mb-1">性別</label>
<select
v-model="form.gender"
class="w-full border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
>
<option value="">請選擇</option>
<option value="male"></option>
<option value="female"></option>
<option value="other">其他</option>
</select>
</div>
<div>
<label class="block text-sm text-gray-600 mb-1">地址</label>
<input
v-model="form.address"
type="text"
class="w-full border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
/>
</div>
<div class="grid grid-cols-2 gap-4">
<div>
<label class="block text-sm text-gray-600 mb-1">緊急聯絡人</label>
<input
v-model="form.emergency_contact"
type="text"
class="w-full border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
/>
</div>
<div>
<label class="block text-sm text-gray-600 mb-1">緊急聯絡電話</label>
<input
v-model="form.emergency_phone"
type="tel"
class="w-full border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
/>
</div>
</div>
<button
type="submit"
:disabled="saving"
class="bg-ocean-700 hover:bg-ocean-600 text-white font-semibold py-2.5 rounded-lg transition disabled:opacity-60"
>
{{ saving ? '儲存中...' : '儲存變更' }}
</button>
</form>
</main>
</template>
frontend/src/views/RegisterView.vue
+101
View File
@@ -0,0 +1,101 @@
<script setup>
import { ref } from 'vue'
import { useRouter } from 'vue-router'
import api from '../api/axios'
const router = useRouter()
const name = ref('')
const email = ref('')
const password = ref('')
const confirm = ref('')
const error = ref('')
const loading = ref(false)
async function submit() {
error.value = ''
if (password.value !== confirm.value) {
error.value = '兩次密碼輸入不一致'
return
}
loading.value = true
try {
await api.post('/member/register', {
name: name.value,
email: email.value,
password: password.value,
password_confirmation: confirm.value,
})
router.push('/login?registered=1')
} catch (e) {
error.value = e.response?.data?.message || '註冊失敗,請稍後再試'
} finally {
loading.value = false
}
}
</script>
<template>
<main class="min-h-[80vh] flex items-center justify-center px-4">
<div class="bg-white rounded-2xl shadow-lg w-full max-w-md p-8">
<h1 class="text-2xl font-bold text-gray-800 mb-6 text-center">建立帳號</h1>
<div v-if="error" class="bg-red-50 text-red-600 text-sm rounded-lg px-4 py-3 mb-4">
{{ error }}
</div>
<form @submit.prevent="submit" class="flex flex-col gap-4">
<div>
<label class="block text-sm text-gray-600 mb-1">姓名</label>
<input
v-model="name"
type="text"
required
class="w-full border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
/>
</div>
<div>
<label class="block text-sm text-gray-600 mb-1">Email</label>
<input
v-model="email"
type="email"
required
class="w-full border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
/>
</div>
<div>
<label class="block text-sm text-gray-600 mb-1">密碼</label>
<input
v-model="password"
type="password"
required
minlength="8"
class="w-full border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
/>
</div>
<div>
<label class="block text-sm text-gray-600 mb-1">確認密碼</label>
<input
v-model="confirm"
type="password"
required
class="w-full border border-gray-300 rounded-lg px-4 py-2 focus:outline-none focus:ring-2 focus:ring-ocean-400"
/>
</div>
<button
type="submit"
:disabled="loading"
class="bg-ocean-700 hover:bg-ocean-600 text-white font-semibold py-2.5 rounded-lg transition disabled:opacity-60"
>
{{ loading ? '處理中...' : '建立帳號' }}
</button>
</form>
<p class="text-center text-sm text-gray-500 mt-6">
已有帳號
<RouterLink to="/login" class="text-ocean-600 hover:underline">立即登入</RouterLink>
</p>
</div>
</main>
</template>
frontend/tailwind.config.js
+25
View File
@@ -0,0 +1,25 @@
/** @type {import('tailwindcss').Config} */
export default {
content: [
'./index.html',
'./src/**/*.{vue,js,ts}',
],
theme: {
extend: {
colors: {
ocean: {
50: '#f0f9ff',
100: '#e0f2fe',
400: '#38bdf8',
500: '#0ea5e9',
600: '#0284c7',
700: '#0369a1',
800: '#075985',
900: '#0c4a6e',
},
},
},
},
plugins: [],
}
frontend/vite.config.js
+7
View File
@@ -0,0 +1,7 @@
import { defineConfig } from 'vite'
import vue from '@vitejs/plugin-vue'
// https://vite.dev/config/
export default defineConfig({
plugins: [vue()],
})
openspec/changes/archive/2026-05-10-member-portal-mvp/.openspec.yaml
+2
View File
@@ -0,0 +1,2 @@
schema: spec-driven
created: 2026-05-09
openspec/changes/archive/2026-05-10-member-portal-mvp/design.md
+349
View File
@@ -0,0 +1,349 @@
## Context
後端(Laravel + Sanctum)已有會員認證、個人資料、Google OAuth 等 API,但 `diving_offers` 表雖已建立,尚無對應的公開 API。前端完全從零開始,需建立獨立 repo,透過 HTTP 呼叫後端 API。兩端分離部署,前端在開發期間以 `http://localhost:5173` 運行,後端以 `http://localhost:80`Laragon)運行。
## Goals / Non-Goals
**Goals:**
- 建立可運行的 Vue 3 前端 MVP,讓會員能瀏覽和搜尋潛水課程
- 後端補齊 `diving-offers` 公開 API(列表 + 詳情)
- 整合現有 Auth API(登入、註冊、Google OAuth
- 會員個人資料頁可讀取與更新
**Non-Goals:**
- 預約/訂單系統(本次不做)
- 金流整合
- Provider 端介面
- Admin 後台
- SSR / SEO 優化
- 自動化測試
## Decisions
### D1:前端獨立 repo,不用 Inertia.js
**決定**:前端為獨立 Vue 3 SPA repo,透過 REST API 與後端溝通。
**理由**:前後端分離讓未來可獨立部署、擴展。Inertia.js 雖整合方便,但綁定 Laravel monolith,不符長期架構方向。
**替代方案**Inertia.jsLaravel + Vue 同 repo)→ 捨棄,因為部署彈性不足。
---
### D2Auth 策略 — Sanctum TokenBearer
**決定**:前端登入後儲存 Bearer token 於 `localStorage`,每次請求附加 `Authorization: Bearer <token>` header。
**理由**Sanctum 在 SPA 跨域場景下有兩種模式(cookie-based SPA 和 token-based API)。Token 模式對跨 origin 最簡單,不需設定 session cookie、CSRF。
**替代方案**Sanctum SPA cookie 模式 → 需要同 domain 或複雜 CORS cookie 設定,開發期間繁瑣。
---
### D3:樣式策略 — Tailwind CSS,無 UI 框架
**決定**:純 Tailwind CSS 配合自定義 Vue 組件。
**理由**:設計彈性最高,不被 Element Plus / Naive UI 的元件語言綁定,適合建立品牌識別感強的潛水平台。
---
### D4:狀態管理 — Pinia(只管 Auth 狀態)
**決定**:僅用 Pinia 管理認證狀態(user、token、isLoggedIn)。課程列表等資料用組件本地 `ref` + Axios 取得,不過度使用全域 store。
**理由**:MVP 階段避免過早引入複雜的全域狀態。
---
### D5Google OAuth Callback 改為 Redirect
**決定**`SocialAuthController::handleGoogleCallback()` 現行實作回傳 JSON response,但前後端分離時瀏覽器停在後端 origin(`:80`),前端無法取得 token。**必須改為 redirect 至前端 callback 頁面。**
**OAuth 完整流程契約:**
```
cf-dive-frontend (:5173) CFDivePlatform (:80) Google
| | |
| 點擊「Google 登入」 | |
| window.location = | |
| :80/api/auth/google/ | |
| redirect | |
|──────────────────────────▶| |
| | stateless()->redirect()|
| |──────────────────────▶|
| | 302 → Google 同意頁 |
|◀──────────────────────────| |
| (使用者在 Google 同意) | |
| |◀──────────────────────|
| | callback?code=xxx |
| | |
| | 1. 取得 Google user |
| | 2. 建立/查詢 User |
| | 3. 建立 Sanctum token |
| | |
| [成功] 302 redirect → | |
| :5173/auth/callback | |
| ?token=<sanctum_token> | |
|◀──────────────────────────| |
| | |
| [失敗] 302 redirect → | |
| :5173/login | |
| ?error=oauth_failed | |
|◀──────────────────────────| |
| | |
| /auth/callback 頁面: | |
| 讀取 ?token= | |
| 存入 Pinia + localStorage | |
| 導向 /courses | |
```
**後端改動**`handleGoogleCallback()` 末段改為:
```php
// 成功
return redirect(env('FRONTEND_URL') . '/auth/callback?token=' . $token);
// 失敗(catch 區塊)
return redirect(env('FRONTEND_URL') . '/login?error=oauth_failed');
```
**前端新增**`/auth/callback` 路由對應 `AuthCallbackView.vue`,讀取 `?token=` 後存入 store,再導向 `/courses`
---
## Contracts
### Contract 1 — API Schema
所有 API response 遵循統一結構:
```
成功:{ "status": true, "message": "...", "data": {...} 或 [...] }
失敗:{ "status": false, "message": "錯誤說明" }
```
---
#### `GET /api/diving-offers`(公開,無需 auth
```
Query Parameters:
q : string 搜尋 title / location / spotLIKE 模糊匹配)
region : string 完全匹配 region 欄位
tag : string LIKE 匹配 tag 欄位
per_page : integer default=12, max=50
page : integer default=1
Response 200:
{
"status": true,
"data": [
{
"id": 1,
"title": "墾丁海底探險",
"location": "屏東縣",
"spot": "龍坑生態保護區",
"rating": 4.8,
"reviews": 32,
"price": 2500,
"badges": ["PADI認證", "含裝備"], ← JSON decode 後為陣列
"description": "課程描述文字...",
"tag": "初學者",
"region": "南部",
"created_at": "2025-05-01T00:00:00.000000Z"
}
],
"meta": {
"total": 48,
"per_page": 12,
"current_page": 1,
"last_page": 4
}
}
```
---
#### `GET /api/diving-offers/{id}`(公開,無需 auth
```
Response 200:
{
"status": true,
"data": {
"id": 1,
"title": "墾丁海底探險",
"location": "屏東縣",
"spot": "龍坑生態保護區",
"rating": 4.8,
"reviews": 32,
"price": 2500,
"badges": ["PADI認證", "含裝備"],
"description": "課程描述文字...",
"tag": "初學者",
"region": "南部",
"created_at": "2025-05-01T00:00:00.000000Z"
}
}
Response 404:
{ "status": false, "message": "課程不存在" }
```
---
#### `POST /api/member/login`(現有 API,前端需遵守)
```
Request Body (application/json):
{ "email": "user@example.com", "password": "password123" }
Response 200:
{
"status": true,
"message": "登入成功",
"data": {
"user": {
"id": 1,
"name": "王小明",
"email": "user@example.com",
"role": "member"
},
"token": "1|abcdef...",
"token_type": "Bearer"
}
}
Response 401/422:
{ "status": false, "message": "帳號或密碼錯誤" }
```
---
#### `POST /api/member/register`(現有 API
```
Request Body (application/json):
{ "name": "王小明", "email": "user@example.com", "password": "password123", "password_confirmation": "password123" }
Response 201:
{
"status": true,
"message": "註冊成功",
"data": { "user": { "id": 1, "name": "王小明", "email": "...", "role": "member" } }
}
Response 422:
{ "status": false, "message": "此 Email 已被使用" }
```
---
#### `GET /api/member/profile`(需 Bearer token
```
Request Header: Authorization: Bearer <token>
Response 200:
{
"status": true,
"data": {
"id": 1,
"name": "王小明",
"email": "user@example.com",
"role": "member",
"profile": {
"birthday": "1990-01-01",
"gender": "male",
"address": "台北市信義區...",
"emergency_contact": "王大明",
"emergency_phone": "0987654321"
}
}
}
```
---
#### `PUT /api/member/profile`(需 Bearer token
```
Request Header: Authorization: Bearer <token>
Request Body (application/json):
{
"name": "王小明",
"birthday": "1990-01-01",
"gender": "male",
"address": "台北市信義區...",
"emergency_contact": "王大明",
"emergency_phone": "0987654321"
}
Response 200:
{ "status": true, "message": "資料已更新", "data": { ...同 GET profile } }
```
---
#### `POST /api/member/logout`(需 Bearer token
```
Request Header: Authorization: Bearer <token>
Response 200:
{ "status": true, "message": "已登出" }
```
---
### Contract 2 — 環境變數
#### 後端(`CFDivePlatform/.env`)需新增
```
# Google OAuth
GOOGLE_CLIENT_ID=<從 Google Cloud Console 取得>
GOOGLE_CLIENT_SECRET=<從 Google Cloud Console 取得>
GOOGLE_REDIRECT_URI=http://localhost:80/api/auth/google/callback
# 前端 URLOAuth callback redirect 用)
FRONTEND_URL=http://localhost:5173
```
#### 前端(`cf-dive-frontend/.env`
```
VITE_API_URL=http://localhost:80
```
---
### Contract 3 — CORS 設定
`config/cors.php`(Laravel 11 預設不存在,需執行 `php artisan config:publish cors` 建立後修改):
```php
'allowed_origins' => [env('FRONTEND_URL', 'http://localhost:5173')],
'allowed_origins_patterns'=> [],
'allowed_methods' => ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
'allowed_headers' => ['Content-Type', 'Authorization', 'Accept', 'X-Requested-With'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => false, // Token 模式不需要 cookiefalse 即可
```
> `supports_credentials: false` 是刻意的決定。若改用 Sanctum cookie 模式才需設為 true,但會帶來 SameSite / CSRF 複雜度。Token 模式維持 false 最簡單。
---
## Risks / Trade-offs
| 風險 | 緩解策略 |
|------|----------|
| `localStorage` 存 token 有 XSS 風險 | MVP 階段接受,未來可改用 httpOnly cookie |
| `diving_offers` 表無 `provider_id`,課程無法關聯教練 | MVP 不處理,僅展示靜態課程資料 |
| Google OAuth callback redirect 帶 token 在 URL 中,有 Referer 洩漏風險 | token 在 query param 僅短暫存在,前端取得後立即存 localStorage 並清除 URL`history.replaceState` |
| 前端 repo 與 Laravel repo 分開,OpenSpec tasks 橫跨兩個位置 | Tasks 以 `[後端]` / `[前端]` 標記,分別在對應 repo 操作 |
## Open Questions
- [x] **Google OAuth callback 邏輯**`SocialAuthController::handleGoogleCallback()` 現行回傳 JSON**確認需改為 redirect 至 `FRONTEND_URL/auth/callback?token=<token>`**。失敗時 redirect 至 `FRONTEND_URL/login?error=oauth_failed`
- [x] **前端 repo 名稱**:確認為 `cf-dive-frontend`
openspec/changes/archive/2026-05-10-member-portal-mvp/proposal.md
+32
View File
@@ -0,0 +1,32 @@
## Why
CFDivePlatform 後端 API 已具備會員認證與基礎資料管理能力,但目前缺乏任何前端介面,使用者無法透過瀏覽器使用平台。建立獨立的會員端前端 MVP,讓潛水愛好者能瀏覽、搜尋課程,是平台從「有 API」走向「可用產品」的第一步。
## What Changes
- **新建獨立前端 repo**Vue 3 + Vite + Tailwind CSS),與此 Laravel repo 分開部署
- **後端新增 Diving Offers 公開 API**:課程列表(含搜尋/篩選)與課程詳情兩支 endpoint
- 前端實作六個頁面:首頁、課程列表、課程詳情、登入、註冊、會員個人資料
- 前端整合現有 Auth APISanctum token)與 Google OAuth redirect 流程
## Capabilities
### New Capabilities
- `diving-offers-api`:後端提供公開的潛水課程列表與詳情 API,支援關鍵字搜尋、地區與標籤篩選
- `member-portal-ui`:獨立前端應用,包含課程瀏覽、認證流程、會員個人資料等完整使用者介面
### Modified Capabilities
(無)
## Impact
**後端(此 Laravel repo**
- 新增 `DivingOfferController` 與兩條 API 路由
- `diving_offers` 資料表已存在,僅需新增 Model fillable 與 Controller
**前端(新 repo**
- 獨立 Vue 3 repo,需另行建立專案結構
- 依賴後端 API base URL(透過 `.env` 設定)
- CORS 需在 Laravel 端設定允許前端 origin
openspec/changes/archive/2026-05-10-member-portal-mvp/specs/diving-offers-api/spec.md
+46
View File
@@ -0,0 +1,46 @@
## ADDED Requirements
### Requirement: 課程列表 API
後端 SHALL 提供公開的 `GET /api/diving-offers` endpoint,回傳分頁的潛水課程列表,支援關鍵字搜尋與篩選,無需認證即可存取。
#### Scenario: 取得全部課程列表
- **WHEN** 客戶端發送 `GET /api/diving-offers` 且不帶任何參數
- **THEN** 回傳 HTTP 200body 包含 `{ data: [...], meta: { total, per_page, current_page } }`,預設每頁 12 筆
#### Scenario: 依關鍵字搜尋課程
- **WHEN** 客戶端發送 `GET /api/diving-offers?q=墾丁`
- **THEN** 回傳 `title``location` 包含「墾丁」的課程列表
#### Scenario: 依地區篩選課程
- **WHEN** 客戶端發送 `GET /api/diving-offers?region=南部`
- **THEN** 只回傳 `region` 欄位等於「南部」的課程
#### Scenario: 依標籤篩選課程
- **WHEN** 客戶端發送 `GET /api/diving-offers?tag=初學者`
- **THEN** 只回傳 `tag` 欄位包含「初學者」的課程
#### Scenario: 分頁參數
- **WHEN** 客戶端發送 `GET /api/diving-offers?page=2&per_page=6`
- **THEN** 回傳第 2 頁資料,每頁 6 筆,`meta` 包含正確的分頁資訊
---
### Requirement: 課程詳情 API
後端 SHALL 提供公開的 `GET /api/diving-offers/{id}` endpoint,回傳單一課程完整資訊,無需認證即可存取。
#### Scenario: 取得存在的課程詳情
- **WHEN** 客戶端發送 `GET /api/diving-offers/1`(該 id 存在)
- **THEN** 回傳 HTTP 200body 包含 `{ data: { id, title, location, spot, rating, reviews, price, badges, description, tag, region, created_at } }`
#### Scenario: 課程不存在
- **WHEN** 客戶端發送 `GET /api/diving-offers/99999`(該 id 不存在)
- **THEN** 回傳 HTTP 404body 包含 `{ message: "課程不存在" }`
---
### Requirement: CORS 允許前端 Origin
後端 SHALL 在 `config/cors.php` 中允許來自前端開發 origin`http://localhost:5173`)的跨域請求。
#### Scenario: 前端跨域請求課程列表
- **WHEN** 瀏覽器從 `http://localhost:5173` 發送 `GET /api/diving-offers`
- **THEN** 後端回應包含正確的 CORS header,瀏覽器不阻擋請求
openspec/changes/archive/2026-05-10-member-portal-mvp/specs/member-portal-ui/spec.md
+119
View File
@@ -0,0 +1,119 @@
## ADDED Requirements
### Requirement: 專案基礎建設
前端 SHALL 建立於獨立 repo,使用 Vue 3 + Vite + Tailwind CSS + Vue Router 4 + Pinia + Axios,並設定 `.env` 指定後端 API base URL。
#### Scenario: 開發環境啟動
- **WHEN** 開發者執行 `npm run dev`
- **THEN** 應用在 `http://localhost:5173` 啟動,無編譯錯誤
#### Scenario: API base URL 設定
- **WHEN** `.env` 中設定 `VITE_API_URL=http://localhost:80`
- **THEN** 所有 Axios 請求以此為 base URL
---
### Requirement: 首頁 Landing Page
前端 SHALL 提供靜態首頁,展示平台品牌、簡介,以及引導至課程列表的 CTA(Call to Action)按鈕。
#### Scenario: 訪客瀏覽首頁
- **WHEN** 使用者訪問 `/`
- **THEN** 看到平台名稱、簡介文字、「探索課程」按鈕
#### Scenario: 點擊 CTA 跳轉
- **WHEN** 使用者點擊「探索課程」按鈕
- **THEN** 導航至 `/courses`(課程列表頁)
---
### Requirement: 課程列表頁
前端 SHALL 提供 `/courses` 頁面,顯示從後端取得的潛水課程卡片列表,並支援搜尋與篩選。
#### Scenario: 載入課程列表
- **WHEN** 使用者訪問 `/courses`
- **THEN** 頁面呼叫 `GET /api/diving-offers` 並渲染課程卡片(含標題、地點、價格、評分、標籤)
#### Scenario: 搜尋課程
- **WHEN** 使用者在搜尋框輸入關鍵字後按 Enter 或點搜尋
- **THEN**`?q=<keyword>` 重新呼叫 API,列表更新
#### Scenario: 地區篩選
- **WHEN** 使用者從地區下拉選單選擇某地區
- **THEN**`?region=<region>` 重新呼叫 API,列表更新
#### Scenario: 無結果
- **WHEN** 搜尋/篩選後後端回傳空陣列
- **THEN** 頁面顯示「找不到符合的課程」提示訊息
---
### Requirement: 課程詳情頁
前端 SHALL 提供 `/courses/:id` 頁面,顯示單一課程的完整資訊。
#### Scenario: 載入課程詳情
- **WHEN** 使用者訪問 `/courses/1`
- **THEN** 頁面呼叫 `GET /api/diving-offers/1` 並顯示標題、地點、景點、價格、評分、評論數、描述、徽章、標籤
#### Scenario: 課程不存在
- **WHEN** 使用者訪問不存在的課程 id
- **THEN** 頁面顯示「課程不存在」並提供返回列表按鈕
---
### Requirement: 登入頁
前端 SHALL 提供 `/login` 頁面,供會員以 email/password 登入,以及 Google OAuth 登入入口。
#### Scenario: Email/Password 登入成功
- **WHEN** 使用者填入正確的 email 與 password 並送出
- **THEN** 呼叫 `POST /api/member/login`,儲存回傳的 token 至 localStorage,導航至 `/courses`
#### Scenario: 登入失敗
- **WHEN** 使用者填入錯誤的 email 或 password
- **THEN** 頁面顯示錯誤訊息,不跳轉
#### Scenario: Google OAuth 登入
- **WHEN** 使用者點擊「以 Google 登入」按鈕
- **THEN** 瀏覽器導航至後端 `GET /api/auth/google/redirect`,開始 OAuth 流程
---
### Requirement: 註冊頁
前端 SHALL 提供 `/register` 頁面,供訪客建立會員帳號。
#### Scenario: 註冊成功
- **WHEN** 使用者填入 name、email、password 並送出
- **THEN** 呼叫 `POST /api/member/register`,成功後導航至 `/login`,顯示「註冊成功,請登入」
#### Scenario: Email 已被使用
- **WHEN** 使用者填入已存在的 email 送出
- **THEN** 頁面顯示「此 Email 已被使用」錯誤訊息
---
### Requirement: 會員個人資料頁
前端 SHALL 提供 `/profile` 頁面,已登入會員可查看並更新個人資料。此頁面需登入後才能訪問。
#### Scenario: 已登入會員訪問個人資料
- **WHEN** 已登入使用者訪問 `/profile`
- **THEN** 頁面呼叫 `GET /api/member/profile` 並顯示姓名、email、生日、性別、地址、緊急聯絡人
#### Scenario: 未登入訪問個人資料
- **WHEN** 未登入使用者訪問 `/profile`
- **THEN** 自動導向 `/login`
#### Scenario: 更新個人資料成功
- **WHEN** 已登入使用者修改欄位後點擊儲存
- **THEN** 呼叫 `PUT /api/member/profile`,成功後顯示「資料已更新」提示
---
### Requirement: 認證狀態管理
前端 SHALL 使用 Pinia store 管理認證狀態,token 持久化至 localStorage,並在所有需認證的 API 請求自動附加 Bearer token。
#### Scenario: 頁面刷新後保持登入狀態
- **WHEN** 已登入使用者重新整理頁面
- **THEN** 從 localStorage 還原 token,使用者仍為登入狀態
#### Scenario: 登出
- **WHEN** 使用者點擊登出
- **THEN** 呼叫 `POST /api/member/logout`,清除 localStorage token,導向 `/login`
openspec/changes/archive/2026-05-10-member-portal-mvp/tasks.md
+73
View File
@@ -0,0 +1,73 @@
## 1. [後端] 環境與 CORS 設定
- [x] 1.1 在 `.env` 新增 `FRONTEND_URL=http://localhost:5173``GOOGLE_CLIENT_ID``GOOGLE_CLIENT_SECRET``GOOGLE_REDIRECT_URI=http://localhost:80/api/auth/google/callback`
- [x] 1.2 執行 `php artisan config:publish cors` 建立 `config/cors.php`,設定 `allowed_origins=[FRONTEND_URL]``allowed_methods``allowed_headers``supports_credentials=false`(參考 design.md Contract 3
- [x] 1.3 確認 `bootstrap/app.php`(或 `app/Http/Kernel.php`)已啟用 `HandleCors` middleware
## 2. [後端] 修正 Google OAuth Callback
- [x] 2.1 修改 `SocialAuthController::handleGoogleCallback()`:成功時改為 `redirect(env('FRONTEND_URL') . '/auth/callback?token=' . $token)`
- [x] 2.2 修改 catch 區塊:失敗時改為 `redirect(env('FRONTEND_URL') . '/login?error=oauth_failed')`
- [x] 2.3 手動測試 OAuth 流程:點擊 Google 登入後確認瀏覽器最終落在 `:5173/auth/callback?token=...`
## 3. [後端] Diving Offers API
- [x] 3.1 更新 `DivingOffer` Model:設定 `$fillable``$table``badges` 欄位加上 `$casts = ['badges' => 'array']` 自動 JSON decode
- [x] 3.2 建立 `DivingOfferController`,實作 `index()` 方法(支援 q / region / tag 篩選,分頁預設 12 筆,max 50)
- [x] 3.3 實作 `show($id)` 方法:找不到時回傳 `{ "status": false, "message": "課程不存在" }`HTTP 404
- [x] 3.4 在 `routes/api.php` 新增公開路由:`GET /diving-offers``GET /diving-offers/{id}`
- [x] 3.5 用 Postman 驗證:列表(含 q / region / tag / 分頁)、詳情、404 情境,確認 response 結構符合 design.md Contract 1
## 4. [前端] 專案初始化
- [x] 4.1 在 Laravel repo 外建立新目錄 `cf-dive-frontend`,執行 `npm create vite@latest . -- --template vue`
- [x] 4.2 安裝依賴:`npm install`,再安裝 `vue-router@4 pinia axios`
- [x] 4.3 安裝並設定 Tailwind CSS`tailwindcss postcss autoprefixer`,初始化 `tailwind.config.js`
- [x] 4.4 建立 `.env` 文件,設定 `VITE_API_URL=http://localhost:80`
- [x] 4.5 建立 `src/api/axios.js`:設定 Axios instancebase URL 讀自 `import.meta.env.VITE_API_URL`request interceptor 讀 localStorage token 並附加 `Authorization: Bearer <token>`
- [x] 4.6 建立 `src/stores/auth.js`Pinia store 管理 `user``token``isLoggedIn``init()` 從 localStorage 還原狀態
- [x] 4.7 設定 Vue Router`src/router/index.js`):定義所有路由(含 `/auth/callback`),`/profile` 加上 beforeEach navigation guard(未登入導向 `/login`
- [x] 4.8 在 `App.vue` 呼叫 `authStore.init()`,並加入 `<RouterView>`
- [x] 4.9 執行 `npm run dev`,確認開發環境正常啟動無錯誤
## 5. [前端] Layout 與共用組件
- [x] 5.1 建立 `src/components/NavBar.vue`:顯示 logo、「探索課程」連結,已登入顯示「個人資料」和「登出」,未登入顯示「登入」和「註冊」
- [x] 5.2 建立 `src/components/CourseCard.vue`:接收 offer 資料,顯示標題、地點、價格、評分、標籤
## 6. [前端] 首頁
- [x] 6.1 建立 `src/views/HomeView.vue`Hero section(平台名稱、簡介)+ 「探索課程」CTA 按鈕,點擊導向 `/courses`
## 7. [前端] 課程列表頁
- [x] 7.1 建立 `src/views/CoursesView.vue`,掛載時呼叫 `GET /api/diving-offers`,渲染 `CourseCard` 列表
- [x] 7.2 新增搜尋框:輸入後按 Enter 或點搜尋重新呼叫 API(帶 `q` 參數)
- [x] 7.3 新增地區下拉選單:選擇後以 `region` 參數重新呼叫 API
- [x] 7.4 處理無結果狀態:顯示「找不到符合的課程」提示
## 8. [前端] 課程詳情頁
- [x] 8.1 建立 `src/views/CourseDetailView.vue`,掛載時呼叫 `GET /api/diving-offers/:id`
- [x] 8.2 顯示課程完整資訊:標題、地點、景點、價格、評分、評論數、描述、徽章(badges 陣列)、標籤
- [x] 8.3 處理 404 情境:顯示「課程不存在」並提供「返回列表」按鈕
## 9. [前端] 認證頁面
- [x] 9.1 建立 `src/views/LoginView.vue`email/password 表單,送出呼叫 `POST /api/member/login`,成功存 token + user 至 Pinia 並導向 `/courses`,失敗顯示錯誤訊息
- [x] 9.2 在 `LoginView.vue` 加入「以 Google 登入」按鈕:點擊執行 `window.location.href = VITE_API_URL + '/api/auth/google/redirect'`
- [x] 9.3 建立 `src/views/AuthCallbackView.vue`(路由 `/auth/callback`):讀取 `?token=` query param → 存入 Pinia + localStorage → 呼叫 `history.replaceState` 清除 URL token → 導向 `/courses`;若 `?error=oauth_failed` 則導向 `/login` 並顯示錯誤提示
- [x] 9.4 建立 `src/views/RegisterView.vue`name / email / password / password_confirmation 表單,送出呼叫 `POST /api/member/register`,成功導向 `/login` 並顯示成功提示,失敗顯示錯誤
## 10. [前端] 會員個人資料頁
- [x] 10.1 建立 `src/views/ProfileView.vue`,掛載時呼叫 `GET /api/member/profile`,顯示姓名、email、生日、性別、地址、緊急聯絡人
- [x] 10.2 實作編輯表單:使用者修改後點擊「儲存」呼叫 `PUT /api/member/profile`,成功顯示「資料已更新」提示
## 11. [整合測試] 端對端驗證
- [x] 11.1 驗證訪客流程:首頁 → 課程列表(搜尋/篩選)→ 課程詳情(無需登入)
- [x] 11.2 驗證 Email 認證流程:註冊 → 登入 → 個人資料 → 登出
- [x] 11.3 驗證 Google OAuth 流程:點擊 Google 登入 → 同意 → 回到前端 `/auth/callback` → 自動存 token → 導向課程列表
- [x] 11.4 驗證 navigation guard:未登入直接訪問 `/profile` 自動跳轉至 `/login`
- [x] 11.5 驗證 CORS:確認 Network tab 無 CORS 錯誤,所有 API 請求正常回應
openspec/config.yaml
+20
View File
@@ -0,0 +1,20 @@
schema: spec-driven
# Project context (optional)
# This is shown to AI when creating artifacts.
# Add your tech stack, conventions, style guides, domain knowledge, etc.
# Example:
# context: |
# Tech stack: TypeScript, React, Node.js
# We use conventional commits
# Domain: e-commerce platform
# Per-artifact rules (optional)
# Add custom rules for specific artifacts.
# Example:
# rules:
# proposal:
# - Keep proposals under 500 words
# - Always include a "Non-goals" section
# tasks:
# - Break tasks into chunks of max 2 hours
openspec/specs/diving-offers-api/spec.md
+46
View File
@@ -0,0 +1,46 @@
## ADDED Requirements
### Requirement: 課程列表 API
後端 SHALL 提供公開的 `GET /api/diving-offers` endpoint,回傳分頁的潛水課程列表,支援關鍵字搜尋與篩選,無需認證即可存取。
#### Scenario: 取得全部課程列表
- **WHEN** 客戶端發送 `GET /api/diving-offers` 且不帶任何參數
- **THEN** 回傳 HTTP 200body 包含 `{ data: [...], meta: { total, per_page, current_page } }`,預設每頁 12 筆
#### Scenario: 依關鍵字搜尋課程
- **WHEN** 客戶端發送 `GET /api/diving-offers?q=墾丁`
- **THEN** 回傳 `title``location` 包含「墾丁」的課程列表
#### Scenario: 依地區篩選課程
- **WHEN** 客戶端發送 `GET /api/diving-offers?region=南部`
- **THEN** 只回傳 `region` 欄位等於「南部」的課程
#### Scenario: 依標籤篩選課程
- **WHEN** 客戶端發送 `GET /api/diving-offers?tag=初學者`
- **THEN** 只回傳 `tag` 欄位包含「初學者」的課程
#### Scenario: 分頁參數
- **WHEN** 客戶端發送 `GET /api/diving-offers?page=2&per_page=6`
- **THEN** 回傳第 2 頁資料,每頁 6 筆,`meta` 包含正確的分頁資訊
---
### Requirement: 課程詳情 API
後端 SHALL 提供公開的 `GET /api/diving-offers/{id}` endpoint,回傳單一課程完整資訊,無需認證即可存取。
#### Scenario: 取得存在的課程詳情
- **WHEN** 客戶端發送 `GET /api/diving-offers/1`(該 id 存在)
- **THEN** 回傳 HTTP 200body 包含 `{ data: { id, title, location, spot, rating, reviews, price, badges, description, tag, region, created_at } }`
#### Scenario: 課程不存在
- **WHEN** 客戶端發送 `GET /api/diving-offers/99999`(該 id 不存在)
- **THEN** 回傳 HTTP 404body 包含 `{ message: "課程不存在" }`
---
### Requirement: CORS 允許前端 Origin
後端 SHALL 在 `config/cors.php` 中允許來自前端開發 origin`http://localhost:5173`)的跨域請求。
#### Scenario: 前端跨域請求課程列表
- **WHEN** 瀏覽器從 `http://localhost:5173` 發送 `GET /api/diving-offers`
- **THEN** 後端回應包含正確的 CORS header,瀏覽器不阻擋請求
openspec/specs/member-portal-ui/spec.md
+119
View File
@@ -0,0 +1,119 @@
## ADDED Requirements
### Requirement: 專案基礎建設
前端 SHALL 建立於獨立 repo,使用 Vue 3 + Vite + Tailwind CSS + Vue Router 4 + Pinia + Axios,並設定 `.env` 指定後端 API base URL。
#### Scenario: 開發環境啟動
- **WHEN** 開發者執行 `npm run dev`
- **THEN** 應用在 `http://localhost:5173` 啟動,無編譯錯誤
#### Scenario: API base URL 設定
- **WHEN** `.env` 中設定 `VITE_API_URL=http://localhost:80`
- **THEN** 所有 Axios 請求以此為 base URL
---
### Requirement: 首頁 Landing Page
前端 SHALL 提供靜態首頁,展示平台品牌、簡介,以及引導至課程列表的 CTA(Call to Action)按鈕。
#### Scenario: 訪客瀏覽首頁
- **WHEN** 使用者訪問 `/`
- **THEN** 看到平台名稱、簡介文字、「探索課程」按鈕
#### Scenario: 點擊 CTA 跳轉
- **WHEN** 使用者點擊「探索課程」按鈕
- **THEN** 導航至 `/courses`(課程列表頁)
---
### Requirement: 課程列表頁
前端 SHALL 提供 `/courses` 頁面,顯示從後端取得的潛水課程卡片列表,並支援搜尋與篩選。
#### Scenario: 載入課程列表
- **WHEN** 使用者訪問 `/courses`
- **THEN** 頁面呼叫 `GET /api/diving-offers` 並渲染課程卡片(含標題、地點、價格、評分、標籤)
#### Scenario: 搜尋課程
- **WHEN** 使用者在搜尋框輸入關鍵字後按 Enter 或點搜尋
- **THEN**`?q=<keyword>` 重新呼叫 API,列表更新
#### Scenario: 地區篩選
- **WHEN** 使用者從地區下拉選單選擇某地區
- **THEN**`?region=<region>` 重新呼叫 API,列表更新
#### Scenario: 無結果
- **WHEN** 搜尋/篩選後後端回傳空陣列
- **THEN** 頁面顯示「找不到符合的課程」提示訊息
---
### Requirement: 課程詳情頁
前端 SHALL 提供 `/courses/:id` 頁面,顯示單一課程的完整資訊。
#### Scenario: 載入課程詳情
- **WHEN** 使用者訪問 `/courses/1`
- **THEN** 頁面呼叫 `GET /api/diving-offers/1` 並顯示標題、地點、景點、價格、評分、評論數、描述、徽章、標籤
#### Scenario: 課程不存在
- **WHEN** 使用者訪問不存在的課程 id
- **THEN** 頁面顯示「課程不存在」並提供返回列表按鈕
---
### Requirement: 登入頁
前端 SHALL 提供 `/login` 頁面,供會員以 email/password 登入,以及 Google OAuth 登入入口。
#### Scenario: Email/Password 登入成功
- **WHEN** 使用者填入正確的 email 與 password 並送出
- **THEN** 呼叫 `POST /api/member/login`,儲存回傳的 token 至 localStorage,導航至 `/courses`
#### Scenario: 登入失敗
- **WHEN** 使用者填入錯誤的 email 或 password
- **THEN** 頁面顯示錯誤訊息,不跳轉
#### Scenario: Google OAuth 登入
- **WHEN** 使用者點擊「以 Google 登入」按鈕
- **THEN** 瀏覽器導航至後端 `GET /api/auth/google/redirect`,開始 OAuth 流程
---
### Requirement: 註冊頁
前端 SHALL 提供 `/register` 頁面,供訪客建立會員帳號。
#### Scenario: 註冊成功
- **WHEN** 使用者填入 name、email、password 並送出
- **THEN** 呼叫 `POST /api/member/register`,成功後導航至 `/login`,顯示「註冊成功,請登入」
#### Scenario: Email 已被使用
- **WHEN** 使用者填入已存在的 email 送出
- **THEN** 頁面顯示「此 Email 已被使用」錯誤訊息
---
### Requirement: 會員個人資料頁
前端 SHALL 提供 `/profile` 頁面,已登入會員可查看並更新個人資料。此頁面需登入後才能訪問。
#### Scenario: 已登入會員訪問個人資料
- **WHEN** 已登入使用者訪問 `/profile`
- **THEN** 頁面呼叫 `GET /api/member/profile` 並顯示姓名、email、生日、性別、地址、緊急聯絡人
#### Scenario: 未登入訪問個人資料
- **WHEN** 未登入使用者訪問 `/profile`
- **THEN** 自動導向 `/login`
#### Scenario: 更新個人資料成功
- **WHEN** 已登入使用者修改欄位後點擊儲存
- **THEN** 呼叫 `PUT /api/member/profile`,成功後顯示「資料已更新」提示
---
### Requirement: 認證狀態管理
前端 SHALL 使用 Pinia store 管理認證狀態,token 持久化至 localStorage,並在所有需認證的 API 請求自動附加 Bearer token。
#### Scenario: 頁面刷新後保持登入狀態
- **WHEN** 已登入使用者重新整理頁面
- **THEN** 從 localStorage 還原 token,使用者仍為登入狀態
#### Scenario: 登出
- **WHEN** 使用者點擊登出
- **THEN** 呼叫 `POST /api/member/logout`,清除 localStorage token,導向 `/login`
routes/api.php
+5
View File
@@ -2,12 +2,17 @@
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\API\AuthController;
use App\Http\Controllers\API\DivingOfferController;
// 這裡可以定義 API 路由,例如:
Route::get('/ping', function () {
return response()->json(['message' => 'pong']);
});
// 潛水課程(公開)
Route::get('/diving-offers', [DivingOfferController::class, 'index']);
Route::get('/diving-offers/{id}', [DivingOfferController::class, 'show']);
// 你可以在這裡繼續新增 API 路由
Route::post('/testpost', function () {
$data = request()->all(); // 取得所有POST資料(array