feat: add Space aggregate login

db/schema.py

@@ -246,11 +246,52 @@ def ensure_schema(conn) -> None:
             kdocs_admin_notify_email TEXT DEFAULT '',
             kdocs_row_start INTEGER DEFAULT 0,
             kdocs_row_end INTEGER DEFAULT 0,
+            social_login_enabled INTEGER DEFAULT 0,
+            social_login_endpoint TEXT DEFAULT 'https://www.spacezs.cn/connect.php',
+            social_login_appid TEXT DEFAULT '',
+            social_login_appkey TEXT DEFAULT '',
+            social_login_providers TEXT DEFAULT 'qq,wx,alipay',
             updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
         )
         """
     )
 
+    # 聚合登录绑定表
+    cursor.execute(
+        """
+        CREATE TABLE IF NOT EXISTS social_login_bindings (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            user_id INTEGER NOT NULL,
+            provider TEXT NOT NULL,
+            social_uid TEXT NOT NULL,
+            nickname TEXT DEFAULT '',
+            avatar_url TEXT DEFAULT '',
+            created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+            updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+            last_login_at TIMESTAMP,
+            UNIQUE (provider, social_uid),
+            UNIQUE (user_id, provider),
+            FOREIGN KEY (user_id) REFERENCES users (id) ON DELETE CASCADE
+        )
+        """
+    )
+
+    # 聚合登录短期待绑定凭证表
+    cursor.execute(
+        """
+        CREATE TABLE IF NOT EXISTS social_pending_binds (
+            id INTEGER PRIMARY KEY AUTOINCREMENT,
+            token TEXT NOT NULL UNIQUE,
+            provider TEXT NOT NULL,
+            social_uid TEXT NOT NULL,
+            nickname TEXT DEFAULT '',
+            avatar_url TEXT DEFAULT '',
+            created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+            expires_at TIMESTAMP NOT NULL
+        )
+        """
+    )
+
     # 任务日志表
     cursor.execute(
         """
@@ -389,6 +430,11 @@ def ensure_schema(conn) -> None:
     cursor.execute("CREATE INDEX IF NOT EXISTS idx_login_ips_user ON login_ips(user_id)")
     cursor.execute("CREATE INDEX IF NOT EXISTS idx_passkeys_owner ON passkeys(owner_type, owner_id)")
     cursor.execute("CREATE INDEX IF NOT EXISTS idx_passkeys_owner_last_used ON passkeys(owner_type, owner_id, last_used_at)")
+    cursor.execute("CREATE INDEX IF NOT EXISTS idx_social_login_bindings_user ON social_login_bindings(user_id)")
+    cursor.execute("CREATE INDEX IF NOT EXISTS idx_social_login_bindings_provider_uid ON social_login_bindings(provider, social_uid)")
+    cursor.execute("CREATE INDEX IF NOT EXISTS idx_social_pending_binds_token ON social_pending_binds(token)")
+    cursor.execute("CREATE INDEX IF NOT EXISTS idx_social_pending_binds_provider_uid ON social_pending_binds(provider, social_uid)")
+    cursor.execute("CREATE INDEX IF NOT EXISTS idx_social_pending_binds_expires ON social_pending_binds(expires_at)")
 
     cursor.execute("CREATE INDEX IF NOT EXISTS idx_threat_events_created_at ON threat_events(created_at)")
     cursor.execute("CREATE INDEX IF NOT EXISTS idx_threat_events_ip ON threat_events(ip)")