1. Add 登陆功能

2. 调整字体大小
3. 新增部分功能

backend/app/api/main.py

@@ -8,6 +8,7 @@ from fastapi.middleware.cors import CORSMiddleware
 from fastapi.responses import JSONResponse
 from loguru import logger
 
+from app.api.middleware.audit import AuditMiddleware
 from app.api.models import ErrorResponse
 from app.api.routes import api_router
 from app.config.logging import setup_logging
@@ -46,14 +47,23 @@ app = FastAPI(
     redoc_url="/redoc",
 )
 
+# Tighten CORS — only allow configured origins.
+# Set CORS_ALLOW_ORIGINS in .env to the real frontend URL in production.
+_ORIGINS = [o.strip() for o in settings.cors_allow_origins.split(",") if o.strip()]
+if not _ORIGINS:
+    _ORIGINS = ["http://localhost:5173"]
+
 app.add_middleware(
     CORSMiddleware,
-    allow_origins=["*"],
+    allow_origins=_ORIGINS,
     allow_credentials=True,
     allow_methods=["*"],
     allow_headers=["*"],
 )
 
+# Audit middleware logs every authenticated API call for compliance traceability.
+app.add_middleware(AuditMiddleware)
+
 app.include_router(api_router, prefix="/api/v1")