feat: 实现Vue驱动的云存储系统初始功能

- 后端: Node.js + Express + SQLite架构
- 前端: Vue 3 + Axios实现
- 功能: 用户认证、文件上传/下载、分享链接、密码重置
- 安全: 密码加密、分享链接过期机制、缓存一致性
- 部署: Docker + Nginx容器化配置
- 测试: 完整的边界测试、并发测试和状态一致性测试

nginx/nginx.conf.example

@@ -0,0 +1,129 @@
+# ============================================
+# 玩玩云 Nginx 配置模板
+# ============================================
+# 使用说明:
+# 1. 将 your-domain.com 替换为你的实际域名
+# 2. 将 /usr/share/nginx/html 替换为前端文件实际路径
+# 3. 如使用非 Docker 部署，将 backend:40001 改为 127.0.0.1:40001
+# ============================================
+
+# HTTP 重定向到 HTTPS
+server {
+    listen 80;
+    server_name your-domain.com;
+
+    # Let's Encrypt 验证
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    # 重定向到 HTTPS
+    location / {
+        return 301 https://$server_name$request_uri;
+    }
+}
+
+# HTTPS 主配置
+server {
+    listen 443 ssl http2;
+    server_name your-domain.com;
+
+    # ============================================
+    # SSL 证书配置
+    # ============================================
+    ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
+
+    # SSL 安全配置
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
+    ssl_prefer_server_ciphers off;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 1d;
+    ssl_session_tickets off;
+
+    # ============================================
+    # 安全响应头
+    # ============================================
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+
+    # 隐藏 Nginx 版本
+    server_tokens off;
+
+    # ============================================
+    # 上传文件大小限制（10GB）
+    # ============================================
+    client_max_body_size 10G;
+
+    # ============================================
+    # 禁止访问隐藏文件和敏感文件
+    # ============================================
+    location ~ /\. {
+        deny all;
+        return 404;
+    }
+
+    location ~ \.(env|git|config|key|pem|crt)$ {
+        deny all;
+        return 404;
+    }
+
+    # ============================================
+    # 前端静态文件
+    # ============================================
+    location / {
+        root /usr/share/nginx/html;
+        index index.html;
+        try_files $uri $uri/ =404;
+
+        # 静态资源缓存
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2)$ {
+            expires 30d;
+            add_header Cache-Control "public, immutable";
+        }
+    }
+
+    # ============================================
+    # 后端 API 反向代理
+    # ============================================
+    location /api/ {
+        proxy_pass http://backend:40001;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_cache_bypass $http_upgrade;
+
+        # Cookie 传递配置（验证码 session 需要）
+        proxy_set_header Cookie $http_cookie;
+        proxy_pass_header Set-Cookie;
+
+        # 大文件上传超时配置（30分钟）
+        proxy_connect_timeout 1800;
+        proxy_send_timeout 1800;
+        proxy_read_timeout 1800;
+        send_timeout 1800;
+
+        # 大文件上传缓冲优化
+        proxy_request_buffering off;
+        proxy_buffering off;
+        client_body_buffer_size 128k;
+    }
+
+    # ============================================
+    # 分享链接代理
+    # ============================================
+    location /s/ {
+        proxy_pass http://backend:40001;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}