- Add Nginx Proxy Manager guidance for X-Forwarded-Proto when secure session cookies are enabled
- Document login Cookie troubleshooting for public HTTPS reverse proxy deployments
- Clarify nginx.conf forwarded-proto behavior for generic and appliance packages
- Add a NAS-specific frpc template that forwards to tuwen_web:80 over the compose network.
- Make docker-compose-Nas.yaml create tuwen_frpc by default instead of relying on Compose profiles, which Container Station may not enable.
- Remove host networking from the NAS frpc service so the tunnel works through Docker service DNS.
- Update README and Docker docs to explain the NAS frpc behavior and logs command.
- Rework docker-compose-Nas.yaml as a QNAP/NAS-friendly generic template with placeholders for NAS IP, public domain, proxy, and secrets.
- Preserve QNAP-specific fixes including relative build context, api network alias, NAS persistent paths, and 127.0.0.1 health checks.
- Keep optional frpc profile while avoiding real server addresses or tokens in the reusable template.
- Replace residual deployment examples with generic your-domain.example, NAS_IP, PROXY_IP, and LAN_CIDR placeholders in README and Docker docs.
- Preserve upstream AI provider HTTP status codes and expose AI-specific error codes for overload, rate limit, unavailable, and generic provider failures.
- Add short retries for transient AI provider 429/5xx chat completion responses, with configurable retry delays.
- Show friendly AI busy/unavailable messages in the report editor instead of raw provider JSON.
- Preserve custom backend error codes in the shared API exception filter.
- Add AI service tests for retry behavior and overload error mapping.
- Update API, feature, and testing documentation for AI proxy retry and error handling.
- Add docker-compose-Nas.yaml for QNAP/威联通 deployment with NAS persistent data paths, API aliasing, and health checks tailored for NAS firmware.
- Parameterize NAS ports, data root, database credentials, proxy variables, CORS, session security, TRUST_PROXY, migrations, and seed settings.
- Include an optional frpc profile in the NAS compose file so port 4002 can be exposed through the existing frpc/frpc.toml workflow.
- Document NAS startup, health checks, public HTTPS settings, proxy settings, and frpc commands in README.
- Update Docker deployment documentation with the NAS compose workflow and the reminder to expose only 4002 publicly.
- Add frpc/frpc.toml template for mapping the local Docker web entry on port 4002 to the public frps server.
- Add an optional Docker Compose frpc service behind the frpc profile, mounting the reusable frpc.toml configuration.
- Document how to enable the frpc profile, inspect frpc logs, and keep normal local startup unchanged.
- Clarify that public deployments should map only port 4002 and let Nginx Proxy Manager provide HTTPS for sstwbg.example.com instead of exposing 4443.
- Update Docker and deployment docs to match the reusable frpc workflow.
- Add README instructions for deploying the full report system through local Docker port 4002, frpc, Nginx Proxy Manager, and sstwbg.example.com.
- Document required HTTPS, WebSocket, request-size, timeout, health-check, login, AI, video-frame, and speech verification steps.
- Add TRUST_PROXY support so secure session cookies work behind public HTTPS reverse proxies.
- Preserve upstream X-Forwarded-Proto through the container Nginx API proxy.
- Allow Docker Compose session and trust-proxy variables to be overridden for public deployments.
- Update deployment and Docker docs with the same public reverse-proxy guidance.
- Convert non-binary upstream Xunfei WebSocket messages to UTF-8 strings before forwarding them to browser clients.
- Export and test raw WebSocket data to text conversion for speech proxy forwarding.
- Log unparseable speech responses in the report editor instead of silently swallowing them.
- Update report editor, progress, and testing documentation for text-message forwarding.
- Resample microphone input from the actual browser AudioContext sample rate to 16k before sending it to the speech proxy.
- Encode speech input as 16-bit PCM and send it in small 1280-byte frames instead of relying on the browser to create a 16k audio context.
- Flush pending audio before sending the standard Xunfei IAT end frame.
- Extract PCM helpers and cover downsampling, PCM encoding, base64 conversion, and byte concatenation with unit tests.
- Update report editor, testing, and progress documentation for the corrected speech audio pipeline.
- Keep Web Audio source and processor nodes in refs so microphone processing is not lost during speech recognition.
- Explicitly resume the AudioContext before sending PCM frames to the speech WebSocket proxy.
- Disconnect audio nodes and clear speech state when listening stops or the WebSocket closes.
- Show a clear prompt when audio frames were captured but no recognizable text was returned.
- Update progress documentation for the speech capture hardening.
- Add an API container entrypoint that waits for PostgreSQL, runs Prisma migrations, seeds demo data, and then starts NestJS.
- Keep Prisma CLI and seed dependencies available in the API runtime image and copy seed source dependencies into the container.
- Add Docker Compose healthchecks and health-based startup ordering for PostgreSQL, API, and Nginx web services.
- Add Docker initialization environment switches for migrations, seed, and startup retries.
- Add a dedicated Docker deployment guide covering services, ports, initialization, HTTPS, production variables, backup, restore, and troubleshooting.
- Update README, AGENTS, installation, deployment, progress, and environment example docs for the Dockerized workflow.
- Allow system frame position percentages to keep two decimal places without reordering saved values.
- Stop frontend and backend settings normalization from sorting framePositions on load or save.
- Capture automatic video frames in timeline order while retaining each configured position index.
- Insert automatically selected frames into report placeholders according to the configured percentage order.
- Add frame position utilities and unit coverage for two-decimal rounding, clamping, order preservation, and timeline capture planning.
- Update README, AGENTS, feature, requirement, report editor, system settings, progress, and testing docs for the new frame ordering behavior.
- Extract AI region scanning into a reusable utility with unit coverage.
- Refresh AI region dropdown state after drafts, reports, default templates, and selected templates write HTML into the editor.
- Keep the existing MutationObserver path for later DOM edits and inserted AI regions.
- Add E2E coverage for existing template AI regions appearing on initial report editor load.
- Update README, AGENTS, report editor, progress, and testing docs for AI region synchronization behavior.
- Extract AI prompt construction into a tested utility for report editor generation.
- Make doctor instructions and structured report fields higher priority than old template body and target-region HTML.
- Tell the AI not to carry over default gallbladder or liver descriptions when the doctor asks for another procedure or body part.
- Limit old full-report context length to reduce anchoring on default template content.
- Update README, AGENTS, report editor, design, progress, and testing docs for the AI prompt priority model.
- Add unit tests covering AI prompt priority and old-content truncation.
- Add fieldLibrary metadata to HTML template packages, including form fields, custom time formats, multi-select options, and anesthesia options.
- Restore imported template field metadata into local compatibility caches and the backend field library API when available.
- Preserve legacy JSON template import compatibility while keeping user-facing exports on HTML packages.
- Prevent template field saves from overwriting stored multi-select and anesthesia options with empty values.
- Update README, AGENTS, feature, requirement, design, module, progress, component, and testing docs for complete template export behavior.
- Extend template export tests to cover field library metadata round-tripping.
- Track report editor AI regions in React state instead of only scanning contentEditable DOM during render.
- Observe editor AI region mutations and refresh the AI writing target dropdown without requiring page navigation or refresh.
- Select newly inserted AI regions immediately after insertion and keep a live DOM fallback for generation.
- Harden AI region insertion so it still appends the region if execCommand has no active editor selection.
- Escape AI region names before injecting template HTML and add an accessible label for the insert button.
- Add Playwright coverage for inserting an AI region and seeing it immediately in the AI writing dropdown.
- Update report editor, feature, progress, testing, and AGENTS documentation for AI region synchronization.
- Add template export utilities for standard JSON packages and standalone HTML template packages.
- Make the top-level JSON export use the standard surclaw template package format so it can be imported again.
- Add an HTML template package export that embeds A4/print styling and template metadata for visual preview and round-trip import.
- Extend template import to accept both JSON and HTML template package files while keeping old raw template JSON compatible.
- Add tests for package creation, HTML round-trip import, legacy JSON import, and file name cleanup.
- Update template management, feature, progress, testing, and AGENTS documentation for the new export formats.
- Update TemplateManage save flows to use the current in-memory template list instead of stale localStorage as the source of truth.
- Merge current templates back into the compatibility cache so newly created backend templates are not dropped on content save.
- Add an accessible label for the new-template button to support reliable E2E coverage.
- Add template list merge unit tests covering stale-cache replacement and newly created templates.
- Add Playwright coverage for creating a template, saving template content, and confirming it remains visible and persisted.
- Update feature, progress, testing, and AGENTS documentation for the template management fix.
- Add a self-signed HTTPS Nginx entrypoint on Docker port 4443 so browser microphone APIs can run in demo mode.
- Keep the existing HTTP port 4002 unchanged while exposing container port 443 and generating the demo certificate during image build.
- Update CORS defaults and Compose environment for the HTTPS frontend origin.
- Clarify the report editor microphone message with localhost, HTTPS, and browser trusted-origin demo options.
- Document the browser HTTP microphone limitation, HTTPS demo URL, and Chrome/Edge insecure-origin workaround in README and docs.
- Configure NestJS with an explicit JSON and urlencoded body parser limit controlled by API_BODY_LIMIT.
- Set the default API body limit to 100mb for report HTML, key frames, template images, and Data URL file uploads.
- Add a matching Nginx client_max_body_size 100m limit so Docker web proxy no longer rejects large report saves first.
- Document the new request body limit in README, deployment docs, progress notes, environment example, and AGENTS context.
- Rebuild and verify Docker web/api with a large report save through the Nginx /api proxy.
- Allow draft reports to be saved without patient name or hospital ID while keeping completed reports strictly validated.
- Preserve completed-report identity validation when updating existing reports by checking merged old and new values.
- Show real API save errors in the report editor and send expired sessions back to login instead of reporting a generic backend outage.
- Guard speech startup for missing getUserMedia or AudioContext support and explain localhost/HTTPS microphone requirements.
- Add report schema tests covering draft identity fields and completed-report validation.
- Update AGENTS and docs for report editor behavior, feature status, progress, and testing coverage.
- Align the backend seeded default surgery template with the report editor's default report content.
- Add backend demo defaults for the default template, Kimi provider, and Xunfei speech proxy configuration.
- Change system reset into a super-admin demo mode factory reset that clears reports, audit logs, files, custom templates, and non-default users.
- Keep only the default admin, manager, doctor, and default surgery template after demo reset.
- Replace the old local-only reset all data button with a two-confirmation backend reset flow.
- Add tests covering demo default alignment and database-backed demo reset behavior.
- Update docs to describe demo mode reset semantics and production credential cautions.
- Add docs/component-structure.md covering the current React component hierarchy, page routes, public components, API/Auth/Utils boundaries, and data flow.
- Document the internal responsibilities and split risks for large pages including ReportEditor and TemplateManage.
- Link the new component structure guide from README, docs index, AGENTS file tree, and progress notes.
- Add docs/installation.md covering prerequisites, port usage, Docker startup, local development setup, default accounts, first-run validation, and common setup issues.
- Link the installation guide from the project README and docs index.
- Point deployment documentation to the installation guide for first-time setup.
- Update AGENTS.md and progress documentation to include the new installation guide.
- Remove the super-admin one-time migration from browser local settings into backend AI and speech settings.
- Delete the migration-specific SystemSettings unit test that no longer matches the desired behavior.
- Restore feature, module, testing, and progress docs so settings secrets are documented as backend-managed only.
- Add a super-admin-only settings merge that copies legacy local AI provider keys into an empty backend settings record.
- Add matching migration for legacy Xunfei APPID, APIKey, and APISecret without overwriting existing backend secrets.
- Cover the migration and secret-preservation behavior with SystemSettings unit tests.
- Update feature, module, progress, and testing docs for the settings migration behavior.
- Change the API default listen port from 3000 to 3100 and include the Docker frontend origin in default CORS.
- Point Vite's default API proxy, Docker API container port, and Nginx upstream to 3100.
- Keep Docker host ports on 4002 for web, 3002 for API, and 5433 for PostgreSQL.
- Update environment examples and documentation to remove stale localhost:3000 guidance.
- Add Auth Context route role guards so doctors cannot directly enter template management, user management, or audit logs.
- Add Audit Logs page, sidebar entry, frontend audit API client, and API client test.
- Add backend audit log query endpoint with super/admin visibility rules and query filtering.
- Extend PostgreSQL integration tests to cover audit log query permissions.
- Move Playwright E2E away from localStorage seed data to real backend API login and seed helpers.
- Add E2E coverage for route guards and audit log visibility.
- Run Playwright backend on port 3100 and proxy Vite API requests there to avoid local port conflicts.
- Make server:dev use the compiled NestJS server path, avoiding tsx parameter-property injection issues.
- Update README, AGENTS, feature, testing, security, deployment, progress, API, backendization, and auth/user module docs.
- Mark the user signature upload API as implemented in the backendization plan.
- Refresh the progress next-step list to focus on remaining E2E seed migration, fallback cleanup, audit visibility, export API, rate limits, data migration, and production operations.
