1. Add 登陆功能

2. 调整字体大小
3. 新增部分功能

backend/app/config/settings.py

@@ -82,6 +82,10 @@ class Settings(BaseSettings):
     parser_backend: str = Field(default="aliyun", description="解析后端(local/aliyun)")
     chunk_backend: str = Field(default="aliyun", description="分块后端(local/aliyun)")
     document_repository_backend: str = Field(default="json", description="文档元数据存储后端 (json/postgres)")
+    # When True, document processing is enqueued to Celery workers via Redis.
+    # When False (default), processing runs in a FastAPI BackgroundTask in the same process —
+    # no external worker needed. Switch to True only when a Celery worker is running.
+    use_celery_worker: bool = Field(default=False, description="使用 Celery Worker 异步处理文档 (需要 Worker 运行中)")
 
     # Keep configuration setup explicit so runtime behavior is easy to reason about.
     api_host: str = Field(default="0.0.0.0", description="API服务地址")
@@ -109,6 +113,7 @@ class Settings(BaseSettings):
     rag_retrieval_top_k: int = Field(default=20, description="精排前召回候选数量（reranker 启用时生效）")
     rag_max_context_tokens: int = Field(default=2000, description="RAG最大上下文token数")
     rag_summary_max_tokens: int = Field(default=10240, description="文档摘要最大token数")
+    rag_skills_max_tokens: int = Field(default=2048, description="技能类 RAG 最大 token 数")
 
     reranker_enabled: bool = Field(default=False, description="是否启用 Cross-Encoder 精排")
     reranker_base_url: str = Field(default="", description="Reranker API 地址")
@@ -124,6 +129,26 @@ class Settings(BaseSettings):
     # Keep configuration setup explicit so runtime behavior is easy to reason about.
     session_max_sessions: int = Field(default=100, description="最大会话数量")
     session_timeout_minutes: int = Field(default=30, description="会话超时时间(分钟)")
+    session_backend: str = Field(
+        default="memory",
+        description="会话存储后端 (memory | redis)。redis 需要 Redis 可用。",
+    )
+
+    # ── Auth ──────────────────────────────────────────────────────────────────
+    # Generate a strong secret: python -c "import secrets; print(secrets.token_hex(32))"
+    auth_secret_key: str = Field(
+        default="change-me-in-production-must-be-32-or-more-characters-long",
+        description="JWT signing secret. MUST be changed in production.",
+    )
+    auth_algorithm: str = Field(default="HS256", description="JWT signing algorithm.")
+    auth_token_expire_minutes: int = Field(default=480, description="JWT TTL in minutes (default 8 hours).")
+    auth_enabled: bool = Field(default=True, description="Set False to bypass auth (development only).")
+
+    # ── CORS ──────────────────────────────────────────────────────────────────
+    cors_allow_origins: str = Field(
+        default="http://localhost:5173",
+        description="Comma-separated allowed CORS origins. Never use * in production.",
+    )
 
 @lru_cache
 def get_settings() -> Settings: