修改http请求为https

lib/core/constants/api_constants.dart

@@ -0,0 +1,24 @@
+class ApiConstants {
+  // 开发环境
+  static const String baseUrl = 'https://afanai.top:10004';  // 实际restful接口地址
+  // static const String baseUrl = 'http://10.0.2.2:8000';  // Android模拟器
+  // static const String baseUrl = 'http://localhost:8000';  // iOS模拟器
+  
+  // 认证相关接口
+  static const String login = '/api/v1/auth/login';
+  static const String register = '/api/v1/auth/register';
+  static const String logout = '/api/v1/auth/logout';
+  static const String getCurrentUser = '/api/v1/auth/me';
+  
+  // 用户管理接口
+  static const String getUserProfile = '/api/v1/users/me';
+  static const String updateUserProfile = '/api/v1/users/me';
+  
+  // 工具方法
+  static String getLoginUrl() => '$baseUrl$login';
+  static String getRegisterUrl() => '$baseUrl$register';
+  static String getLogoutUrl() => '$baseUrl$logout';
+  static String getCurrentUserUrl() => '$baseUrl$getCurrentUser';
+  static String getUserProfileUrl() => '$baseUrl$getUserProfile';
+  static String getUpdateProfileUrl() => '$baseUrl$updateUserProfile';
+}

lib/core/utils/crypto_utils.dart

@@ -0,0 +1,44 @@
+// lib/core/utils/crypto_utils.dart
+import 'dart:convert';
+import 'package:crypto/crypto.dart';
+import 'package:encrypt/encrypt.dart' as encrypt;
+import 'dart:math';
+
+class CryptoUtils {
+  // 生成盐值
+  static String generateSalt([int length = 16]) {
+    final random = Random.secure();
+    final saltBytes = List<int>.generate(length, (i) => random.nextInt(256));
+    return base64.encode(saltBytes);
+  }
+  
+  // SHA256哈希（用于前端预处理）
+  static String sha256Hash(String input) {
+    final bytes = utf8.encode(input);
+    final digest = sha256.convert(bytes);
+    return digest.toString();
+  }
+  
+  // 生成客户端密钥（前端加密用）
+  static String generateClientKey() {
+    final random = Random.secure();
+    final keyBytes = List<int>.generate(32, (i) => random.nextInt(256));
+    return base64.encode(keyBytes);
+  }
+  
+  // AES加密（如果需要前端加密）
+  static Map<String, String> aesEncrypt(String plainText, String key) {
+    final iv = encrypt.IV.fromSecureRandom(16);
+    final encrypter = encrypt.Encrypter(
+      encrypt.AES(encrypt.Key.fromBase64(key))
+    );
+    
+    final encrypted = encrypter.encrypt(plainText, iv: iv);
+    
+    return {
+      'data': encrypted.base64,
+      'iv': iv.base64,
+      'key': key, // 实际项目中，key应该通过其他方式传输
+    };
+  }
+}

lib/data/datasources/remote/api_client.dart

@@ -0,0 +1,96 @@
+import 'dart:convert';
+import 'package:http/http.dart' as http;
+import 'package:shared_preferences/shared_preferences.dart';
+import './secure_http_client.dart';
+
+class ApiClient {
+  final http.Client _httpClient;
+  final SharedPreferences _prefs;
+  
+  ApiClient(this._prefs) : _httpClient = SecureHttpClient.createSecureClient();
+  
+  // 获取认证头
+  Map<String, String> _getHeaders({bool withAuth = true}) {
+    final headers = {
+      'Content-Type': 'application/json',
+      'Accept': 'application/json',
+    };
+    
+    if (withAuth) {
+      final token = _prefs.getString('access_token');
+      if (token != null && token.isNotEmpty) {
+        headers['Authorization'] = 'Bearer $token';
+      }
+    }
+    
+    return headers;
+  }
+  
+  // 通用POST请求
+  Future<http.Response> post(
+    String url, 
+    Map<String, dynamic> body, 
+    {bool withAuth = false}
+  ) async {
+    try {
+      final response = await _httpClient.post(
+        Uri.parse(url),
+        headers: _getHeaders(withAuth: withAuth),
+        body: json.encode(body),
+      );
+      return response;
+    } catch (e) {
+      throw Exception('网络请求失败: $e');
+    }
+  }
+  
+  // 通用GET请求
+  Future<http.Response> get(
+    String url, 
+    {bool withAuth = true}
+  ) async {
+    try {
+      final response = await _httpClient.get(
+        Uri.parse(url),
+        headers: _getHeaders(withAuth: withAuth),
+      );
+      return response;
+    } catch (e) {
+      throw Exception('网络请求失败: $e');
+    }
+  }
+  
+  // 通用PUT请求
+  Future<http.Response> put(
+    String url, 
+    Map<String, dynamic> body, 
+    {bool withAuth = true}
+  ) async {
+    try {
+      final response = await _httpClient.put(
+        Uri.parse(url),
+        headers: _getHeaders(withAuth: withAuth),
+        body: json.encode(body),
+      );
+      return response;
+    } catch (e) {
+      throw Exception('网络请求失败: $e');
+    }
+  }
+  
+  // 保存token
+  Future<void> saveToken(String token) async {
+    await _prefs.setString('access_token', token);
+  }
+  
+  // 清除token
+  Future<void> clearToken() async {
+    await _prefs.remove('access_token');
+  }
+  
+  // 检查是否已登录
+  bool isLoggedIn() {
+    final token = _prefs.getString('access_token');
+    return token != null && token.isNotEmpty;
+  }
+}

lib/data/datasources/remote/secure_http_client.dart

@@ -0,0 +1,40 @@
+// lib/data/datasources/remote/secure_http_client.dart
+import 'dart:io';
+import 'package:http/http.dart' as http;
+import 'package:http/io_client.dart' as http;
+
+class SecureHttpClient {
+  static http.Client createSecureClient() {
+    // 生产环境：严格的证书验证
+    if (const bool.fromEnvironment('dart.vm.product')) {
+      final securityContext = SecurityContext.defaultContext;
+      
+      // 你可以添加自定义根证书（如果需要）
+      // securityContext.setTrustedCertificates('path/to/certificate.pem');
+      
+      final httpClient = HttpClient(context: securityContext);
+      
+      // 配置安全策略
+      httpClient.badCertificateCallback = 
+        (X509Certificate cert, String host, int port) {
+          // 生产环境严格验证
+          return false; // 拒绝无效证书
+        };
+      
+      return http.IOClient(httpClient);
+    } 
+    // 开发环境：宽松的验证
+    else {
+      final httpClient = HttpClient();
+      
+      httpClient.badCertificateCallback = 
+        (X509Certificate cert, String host, int port) {
+          // 开发环境允许自签名证书
+          // print('警告：使用自签名证书 - $host:$port');
+          return true;
+        };
+      
+      return http.IOClient(httpClient);
+    }
+  }
+}

lib/data/models/auth/login_request.dart

@@ -1,15 +1,15 @@
 class LoginRequest {
-  final String email;
+  final String username;  // 改为username
   final String password;
 
   LoginRequest({
-    required this.email,
+    required this.username,
     required this.password,
   });
 
   Map<String, dynamic> toJson() {
     return {
-      'email': email,
+      'username': username,
       'password': password,
     };
   }

lib/data/models/auth/register_request.dart

@@ -1,22 +1,25 @@
 class RegisterRequest {
+  final String username;
   final String email;
   final String password;
-  final String name;
-  final String? phone;
+  final String passwordConfirm;  // 添加密码确认
+  final String? fullName;  // 改为fullName
 
   RegisterRequest({
+    required this.username,
     required this.email,
     required this.password,
-    required this.name,
-    this.phone,
+    required this.passwordConfirm,
+    this.fullName,
   });
 
   Map<String, dynamic> toJson() {
     return {
+      'username': username,
       'email': email,
       'password': password,
-      'name': name,
-      'phone': phone,
+      'password_confirm': passwordConfirm,
+      'full_name': fullName,
     };
   }
 }

lib/data/models/auth/secure_login_request.dart

@@ -0,0 +1,47 @@
+import '../../../core/utils/crypto_utils.dart';
+
+class SecureLoginRequest {
+  final String username;
+  final String passwordHash; // 客户端哈希后的密码
+  final String salt; // 盐值
+  final String? clientKey; // 客户端密钥（用于加密传输）
+  
+  SecureLoginRequest({
+    required this.username,
+    required this.passwordHash,
+    required this.salt,
+    this.clientKey,
+  });
+  
+  Map<String, dynamic> toJson() {
+    return {
+      'username': username,
+      'password_hash': passwordHash,
+      'salt': salt,
+      'client_key': clientKey,
+    };
+  }
+  
+  // 工厂方法：创建安全的登录请求
+  factory SecureLoginRequest.create({
+    required String username,
+    required String password,
+  }) {
+    // 生成盐值
+    final salt = CryptoUtils.generateSalt();
+    
+    // 密码加盐哈希
+    final passwordWithSalt = password + salt;
+    final passwordHash = CryptoUtils.sha256Hash(passwordWithSalt);
+    
+    // 生成客户端密钥（可选，用于进一步加密）
+    final clientKey = CryptoUtils.generateClientKey();
+    
+    return SecureLoginRequest(
+      username: username,
+      passwordHash: passwordHash,
+      salt: salt,
+      clientKey: clientKey,
+    );
+  }
+}

lib/data/models/auth/token_response.dart

@@ -0,0 +1,27 @@
+import '../user.dart';
+
+class TokenResponse {
+  final String accessToken;
+  final String tokenType;
+  final int? expiresIn;
+  final String? refreshToken;
+  final User user;
+
+  TokenResponse({
+    required this.accessToken,
+    required this.user,
+    this.tokenType = 'bearer',
+    this.expiresIn,
+    this.refreshToken,
+  });
+
+  factory TokenResponse.fromJson(Map<String, dynamic> json) {
+    return TokenResponse(
+      accessToken: json['access_token'] ?? '',
+      tokenType: json['token_type'] ?? 'bearer',
+      expiresIn: json['expires_in'],
+      refreshToken: json['refresh_token'],
+      user: User.fromJson(json['user']),
+    );
+  }
+}

lib/data/models/user.dart

@@ -1,29 +1,43 @@
 class User {
-  final String id;
+  final int id;  // 改为int，匹配API
+  final String username;  // 改为username
   final String email;
-  final String name;
-  final String? avatarUrl;
+  final String? fullName;  // 改为fullName
+  final String? avatar;
   final String? phone;
-  final DateTime? createdAt;
+  final bool isActive;
+  final bool isVerified;
+  final DateTime createdAt;
+  final DateTime? lastLogin;
 
   User({
     required this.id,
+    required this.username,
     required this.email,
-    required this.name,
-    this.avatarUrl,
+    this.fullName,
+    this.avatar,
     this.phone,
-    this.createdAt,
+    this.isActive = true,
+    this.isVerified = false,
+    required this.createdAt,
+    this.lastLogin,
   });
 
   factory User.fromJson(Map<String, dynamic> json) {
     return User(
-      id: json['id'] ?? '',
+      id: json['id'] ?? 0,
+      username: json['username'] ?? '',
       email: json['email'] ?? '',
-      name: json['name'] ?? '',
-      avatarUrl: json['avatar_url'],
+      fullName: json['full_name'],
+      avatar: json['avatar'],
       phone: json['phone'],
+      isActive: json['is_active'] ?? true,
+      isVerified: json['is_verified'] ?? false,
       createdAt: json['created_at'] != null
           ? DateTime.parse(json['created_at'])
+          : DateTime.now(),
+      lastLogin: json['last_login'] != null
+          ? DateTime.parse(json['last_login'])
           : null,
     );
   }
@@ -31,29 +45,41 @@ class User {
   Map<String, dynamic> toJson() {
     return {
       'id': id,
+      'username': username,
       'email': email,
-      'name': name,
-      'avatar_url': avatarUrl,
-      'phone': phone,
-      'created_at': createdAt?.toIso8601String(),
+      'full_name': fullName,
+      'avatar': avatar,
+      'is_active': isActive,
+      'is_verified': isVerified,
+      'created_at': createdAt.toIso8601String(),
+      'last_login': lastLogin?.toIso8601String(),
     };
   }
 
+  // 添加一个getter来兼容之前的name字段
+  // String get name => fullName ?? username;
+
   User copyWith({
-    String? id,
+    int? id,
+    String? username,
     String? email,
-    String? name,
-    String? avatarUrl,
-    String? phone,
+    String? fullName,
+    String? avatar,
+    bool? isActive,
+    bool? isVerified,
     DateTime? createdAt,
+    DateTime? lastLogin,
   }) {
     return User(
       id: id ?? this.id,
+      username: username ?? this.username,
       email: email ?? this.email,
-      name: name ?? this.name,
-      avatarUrl: avatarUrl ?? this.avatarUrl,
-      phone: phone ?? this.phone,
+      fullName: fullName ?? this.fullName,
+      avatar: avatar ?? this.avatar,
+      isActive: isActive ?? this.isActive,
+      isVerified: isVerified ?? this.isVerified,
       createdAt: createdAt ?? this.createdAt,
+      lastLogin: lastLogin ?? this.lastLogin,
     );
   }
 }

lib/data/repositories/auth_repository.dart

@@ -1,97 +1,247 @@
-import '../datasources/local/shared_prefs.dart';
+import 'dart:convert';
+import 'package:shared_preferences/shared_preferences.dart';
+import '../../core/constants/api_constants.dart';
+import '../../core/utils/crypto_utils.dart';
+import '../datasources/remote/api_client.dart';
+import '../models/auth/secure_login_request.dart';
 import '../models/user.dart';
 import '../models/auth/login_request.dart';
 import '../models/auth/register_request.dart';
+import '../models/auth/token_response.dart';
 import '../models/api_response.dart';
 
 class AuthRepository {
-  final SharedPrefs localDataSource;
-
-  AuthRepository({required this.localDataSource});
-
-  // 模拟登录
+  final ApiClient _apiClient;
+  final SharedPreferences _prefs;
+  
+  AuthRepository({
+    required ApiClient apiClient,
+    required SharedPreferences prefs,
+  }) : _apiClient = apiClient, _prefs = prefs;
+  
+  // 登录（需要使用安全登录替代）
   Future<ApiResponse<User>> login(LoginRequest request) async {
-    await Future.delayed(const Duration(seconds: 1));
-    
-    // 模拟成功登录
-    if (request.email == 'test@example.com' && request.password == '123456') {
-      final user = User(
-        id: '1',
-        email: request.email,
-        name: '测试用户',
-        avatarUrl: 'https://ui-avatars.com/api/?name=测试用户',
-        phone: '13800138000',
-        createdAt: DateTime.now(),
+    try {
+      final response = await _apiClient.post(
+        ApiConstants.getLoginUrl(),
+        request.toJson(),
+        withAuth: false,
       );
       
-      // 保存token和用户数据
-      await localDataSource.setAuthToken('mock_jwt_token_${user.id}');
-      await localDataSource.setUserData(user.toJson().toString());
-      
+      if (response.statusCode == 200) {
+        final tokenResponse = TokenResponse.fromJson(
+          json.decode(response.body)
+        );
+        
+        // 保存token
+        await _apiClient.saveToken(tokenResponse.accessToken);
+        
+        return ApiResponse<User>(
+          success: true,
+          message: '登录成功',
+          data: tokenResponse.user,
+        );
+      } else {
+        final error = json.decode(response.body);
+        return ApiResponse<User>(
+          success: false,
+          message: error['detail'] ?? '登录失败',
+        );
+      }
+    } catch (e) {
       return ApiResponse<User>(
-        success: true,
-        message: '登录成功',
-        data: user,
+        success: false,
+        message: '登录失败: $e',
       );
-    } else {
+    }
+  }
+  
+  // 注册（需要使用安全注册替代）
+  Future<ApiResponse<User>> register(RegisterRequest request) async {
+    try {
+      final response = await _apiClient.post(
+        ApiConstants.getRegisterUrl(),
+        request.toJson(),
+        withAuth: false,
+      );
+      
+      if (response.statusCode == 201) {
+        final tokenResponse = TokenResponse.fromJson(
+          json.decode(response.body)
+        );
+        
+        // 保存token
+        await _apiClient.saveToken(tokenResponse.accessToken);
+        
+        return ApiResponse<User>(
+          success: true,
+          message: '注册成功',
+          data: tokenResponse.user,
+        );
+      } else {
+        final error = json.decode(response.body);
+        return ApiResponse<User>(
+          success: false,
+          message: error['detail'] ?? '注册失败',
+        );
+      }
+    } catch (e) {
       return ApiResponse<User>(
         success: false,
-        message: '邮箱或密码错误',
+        message: '注册失败: $e',
       );
     }
   }
+  
+  // 安全登录方法
+  Future<ApiResponse<User>> secureLogin(LoginRequest request) async {
+    try {
+      // 创建安全登录请求
+      final secureRequest = SecureLoginRequest.create(
+        username: request.username,
+        password: request.password,
+      );
 
-  // 模拟注册
-  Future<ApiResponse<User>> register(RegisterRequest request) async {
-    await Future.delayed(const Duration(seconds: 1));
-    
-    final user = User(
-      id: DateTime.now().millisecondsSinceEpoch.toString(),
-      email: request.email,
-      name: request.name,
-      phone: request.phone,
-      createdAt: DateTime.now(),
-    );
-    
-    // 保存token和用户数据
-    await localDataSource.setAuthToken('mock_jwt_token_${user.id}');
-    await localDataSource.setUserData(user.toJson().toString());
-    
-    return ApiResponse<User>(
-      success: true,
-      message: '注册成功',
-      data: user,
-    );
+      print(ApiConstants.getLoginUrl());
+      print(secureRequest.toJson());
+      
+      final response = await _apiClient.post(
+        ApiConstants.getLoginUrl(),
+        secureRequest.toJson(),
+        withAuth: false,
+      );
+      print(response.statusCode);
+      
+      // ... 处理响应
+      if (response.statusCode == 200) {
+        final tokenResponse = TokenResponse.fromJson(
+          json.decode(response.body)
+        );
+        
+        // 保存token
+        await _apiClient.saveToken(tokenResponse.accessToken);
+        
+        return ApiResponse<User>(
+          success: true,
+          message: '登录成功',
+          data: tokenResponse.user,
+        );
+      } else {
+        final error = json.decode(response.body);
+        return ApiResponse<User>(
+          success: false,
+          message: error['detail'] ?? '登录失败',
+        );
+      }
+    } catch (e) {
+      return ApiResponse<User>(
+        success: false,
+        message: '登录失败: $e',
+      );
+    }
   }
-
-  // 检查登录状态
-  Future<bool> isLoggedIn() async {
-    final token = localDataSource.getAuthToken();
-    return token != null && token.isNotEmpty;
+  
+  // 安全注册方法
+  Future<ApiResponse<User>> secureRegister(RegisterRequest request) async {
+    try {
+      // 创建安全注册数据
+      final salt = CryptoUtils.generateSalt();
+      final passwordHash = CryptoUtils.sha256Hash(request.password + salt);
+      
+      final registerData = {
+        'username': request.username,
+        'email': request.email,
+        'password_hash': passwordHash,
+        'salt': salt,
+        'full_name': request.fullName,
+        'password_confirm': request.passwordConfirm,
+      };
+      
+      final response = await _apiClient.post(
+        ApiConstants.getRegisterUrl(),
+        registerData,
+        withAuth: false,
+      );
+      
+      // ... 处理响应
+      if (response.statusCode == 201) {
+        final tokenResponse = TokenResponse.fromJson(
+          json.decode(response.body)
+        );
+        
+        // 保存token
+        await _apiClient.saveToken(tokenResponse.accessToken);
+        
+        return ApiResponse<User>(
+          success: true,
+          message: '注册成功',
+          data: tokenResponse.user,
+        );
+      } else {
+        final error = json.decode(response.body);
+        return ApiResponse<User>(
+          success: false,
+          message: error['detail'] ?? '注册失败',
+        );
+      }
+    } catch (e) {
+      return ApiResponse<User>(
+        success: false,
+        message: '注册失败: $e',
+      );
+    }
   }
 
   // 获取当前用户
-  Future<User?> getCurrentUser() async {
-    final userData = localDataSource.getUserData();
-    if (userData != null) {
-      try {
-        // 这里简单处理，实际应该解析JSON
-        return User(
-          id: '1',
-          email: 'test@example.com',
-          name: '测试用户',
+  Future<ApiResponse<User>> getCurrentUser() async {
+    try {
+      final response = await _apiClient.get(
+        ApiConstants.getCurrentUserUrl(),
+        withAuth: true,
+      );
+      
+      if (response.statusCode == 200) {
+        final userData = json.decode(response.body);
+        return ApiResponse<User>(
+          success: true,
+          message: '获取成功',
+          data: User.fromJson(userData),
+        );
+      } else {
+        return ApiResponse<User>(
+          success: false,
+          message: '获取用户信息失败',
         );
-      } catch (e) {
-        return null;
       }
+    } catch (e) {
+      return ApiResponse<User>(
+        success: false,
+        message: '获取失败: $e',
+      );
     }
-    return null;
   }
-
-  // 注销
+  
+  // 登出
   Future<bool> logout() async {
-    await localDataSource.removeAuthToken();
-    await localDataSource.removeUserData();
-    return true;
+    try {
+      final response = await _apiClient.post(
+        ApiConstants.getLogoutUrl(),
+        {},
+        withAuth: true,
+      );
+      
+      if (response.statusCode == 200) {
+        await _apiClient.clearToken();
+        return true;
+      }
+      return false;
+    } catch (e) {
+      return false;
+    }
+  }
+  
+  // 检查登录状态
+  Future<bool> isLoggedIn() async {
+    return _apiClient.isLoggedIn();
   }
 }

lib/data/repositories/user_repository.dart

@@ -1,50 +1,76 @@
-import '../datasources/local/shared_prefs.dart';
+import 'dart:convert';
+import '../../core/constants/api_constants.dart';
+import '../datasources/remote/api_client.dart';
 import '../models/user.dart';
 import '../models/api_response.dart';
 
 class UserRepository {
-  final SharedPrefs localDataSource;
-
-  UserRepository({required this.localDataSource});
-
-  // 模拟获取用户信息
+  final ApiClient _apiClient;
+  
+  UserRepository({required ApiClient apiClient}) : _apiClient = apiClient;
+  
+  // 获取用户资料
   Future<ApiResponse<User>> getUserProfile() async {
-    await Future.delayed(const Duration(seconds: 1));
-    
-    final userData = localDataSource.getUserData();
-    if (userData != null) {
-      final user = User(
-        id: '1',
-        email: 'test@example.com',
-        name: '测试用户',
-        avatarUrl: 'https://ui-avatars.com/api/?name=测试用户',
-        phone: '13800138000',
-        createdAt: DateTime.now(),
+    try {
+      final response = await _apiClient.get(
+        ApiConstants.getUserProfileUrl(),
+        withAuth: true,
       );
       
+      if (response.statusCode == 200) {
+        final userData = json.decode(response.body);
+        return ApiResponse<User>(
+          success: true,
+          message: '获取成功',
+          data: User.fromJson(userData),
+        );
+      } else {
+        return ApiResponse<User>(
+          success: false,
+          message: '获取用户资料失败',
+        );
+      }
+    } catch (e) {
       return ApiResponse<User>(
-        success: true,
-        message: '获取成功',
-        data: user,
+        success: false,
+        message: '获取失败: $e',
       );
     }
-    
-    return ApiResponse<User>(
-      success: false,
-      message: '未登录',
-    );
   }
-
-  // 模拟更新用户信息
+  
+  // 更新用户资料
   Future<ApiResponse<User>> updateUserProfile(User user) async {
-    await Future.delayed(const Duration(seconds: 1));
-    
-    await localDataSource.setUserData(user.toJson().toString());
-    
-    return ApiResponse<User>(
-      success: true,
-      message: '更新成功',
-      data: user,
-    );
+    try {
+      final updateData = {
+        'full_name': user.fullName,
+        'email': user.email,
+      };
+      
+      final response = await _apiClient.put(
+        ApiConstants.getUpdateProfileUrl(),
+        updateData,
+        withAuth: true,
+      );
+      
+      if (response.statusCode == 200) {
+        final userData = json.decode(response.body);
+        return ApiResponse<User>(
+          success: true,
+          message: '更新成功',
+          data: User.fromJson(userData),
+        );
+      } else {
+        final error = json.decode(response.body);
+        return ApiResponse<User>(
+          success: false,
+          message: error['detail'] ?? '更新失败',
+        );
+      }
+    } catch (e) {
+      return ApiResponse<User>(
+        success: false,
+        message: '更新失败: $e',
+      );
+    }
   }
 }

lib/injection_container.dart

@@ -1,6 +1,8 @@
 import 'package:get_it/get_it.dart';
 import 'package:shared_preferences/shared_preferences.dart';
+import 'package:http/http.dart' as http;
 import 'data/datasources/local/shared_prefs.dart';
+import 'data/datasources/remote/api_client.dart';
 import 'data/repositories/auth_repository.dart';
 import 'data/repositories/user_repository.dart';
 import 'presentation/providers/auth_provider.dart';
@@ -13,12 +15,21 @@ Future<void> init() async {
   final sharedPreferences = await SharedPreferences.getInstance();
   sl.registerLazySingleton(() => sharedPreferences);
   
+  // HTTP Client
+  sl.registerLazySingleton(() => http.Client());
+  
   // Data sources
   sl.registerLazySingleton(() => SharedPrefs(sl()));
+  sl.registerLazySingleton(() => ApiClient(sl()));
   
   // Repositories
-  sl.registerLazySingleton(() => AuthRepository(localDataSource: sl()));
-  sl.registerLazySingleton(() => UserRepository(localDataSource: sl()));
+  sl.registerLazySingleton(() => AuthRepository(
+    apiClient: sl(),
+    prefs: sl(),
+  ));
+  sl.registerLazySingleton(() => UserRepository(
+    apiClient: sl(),
+  ));
   
   // Providers
   sl.registerFactory(() => AuthProvider(authRepository: sl()));

lib/presentation/providers/auth_provider.dart

@@ -23,19 +23,19 @@ class AuthProvider with ChangeNotifier {
   Future<void> _loadCurrentUser() async {
     final user = await authRepository.getCurrentUser();
     if (user != null) {
-      _user = user;
+      _user = user.data;
       notifyListeners();
     }
   }
   
-  Future<void> login(String email, String password) async {
+  Future<void> login(String username, String password) async {
     _isLoading = true;
     _error = null;
     notifyListeners();
     
     try {
       final response = await authRepository.login(
-        LoginRequest(email: email, password: password),
+        LoginRequest(username: username, password: password),
       );
       
       if (response.success && response.data != null) {
@@ -52,14 +52,14 @@ class AuthProvider with ChangeNotifier {
     }
   }
   
-  Future<void> register(String email, String password, String name, String? phone) async {
+  Future<void> register(String username, String email, String password, String passwordConfirm, String? phone) async {
     _isLoading = true;
     _error = null;
     notifyListeners();
     
     try {
       final response = await authRepository.register(
-        RegisterRequest(email: email, password: password, name: name, phone: phone),
+        RegisterRequest(username: username, email: email, password: password, passwordConfirm: passwordConfirm),
       );
       
       if (response.success && response.data != null) {

lib/presentation/screens/auth/login_screen.dart

@@ -65,17 +65,13 @@ class _LoginScreenState extends State<LoginScreen> {
                 ),
                 const SizedBox(height: 40),
                 AppTextField(
-                  controller: _emailController,
-                  labelText: '邮箱地址',
-                  hintText: '请输入邮箱',
-                  keyboardType: TextInputType.emailAddress,
-                  prefixIcon: const Icon(Icons.email_outlined),
+                  controller: _emailController,  // 改为username
+                  labelText: '用户名',
+                  hintText: '请输入用户名',
+                  prefixIcon: const Icon(Icons.person_outline),
                   validator: (value) {
                     if (value == null || value.isEmpty) {
-                      return '请输入邮箱地址';
-                    }
-                    if (!value.contains('@')) {
-                      return '请输入有效的邮箱地址';
+                      return '请输入用户名';
                     }
                     return null;
                   },

lib/presentation/screens/auth/register_screen.dart

@@ -155,9 +155,10 @@ class _RegisterScreenState extends State<RegisterScreen> {
                     onPressed: () async {
                       if (_formKey.currentState!.validate()) {
                         await authProvider.register(
+                          _nameController.text,
                           _emailController.text.trim(),
                           _passwordController.text,
-                          _nameController.text,
+                          _passwordController.text,
                           _phoneController.text.isNotEmpty
                               ? _phoneController.text
                               : null,

lib/presentation/screens/home/home_screen.dart

@@ -58,7 +58,7 @@ class HomeScreen extends StatelessWidget {
                               children: [
                                 Text(
                                   authProvider.isAuthenticated
-                                      ? '您好，${authProvider.user?.name}'
+                                      ? '您好，${authProvider.user?.fullName}'
                                       : '您好，游客',
                                   style: const TextStyle(
                                     fontSize: 18,

lib/presentation/screens/profile/profile_detail_screen.dart

@@ -23,8 +23,8 @@ class _ProfileDetailScreenState extends State<ProfileDetailScreen> {
   void initState() {
     super.initState();
     final userProvider = Provider.of<UserProvider>(context, listen: false);
-    _currentUser = userProvider.user ?? User(id: '', email: '', name: '');
-    _nameController = TextEditingController(text: _currentUser.name);
+    _currentUser = userProvider.user ?? User(id: -1, email: '', username: '', createdAt: DateTime.now());
+    _nameController = TextEditingController(text: _currentUser.username);
     _emailController = TextEditingController(text: _currentUser.email);
     _phoneController = TextEditingController(text: _currentUser.phone ?? '');
   }
@@ -75,10 +75,10 @@ class _ProfileDetailScreenState extends State<ProfileDetailScreen> {
                     CircleAvatar(
                       radius: 60,
                       backgroundColor: Colors.blue[100],
-                      backgroundImage: _currentUser.avatarUrl != null
-                          ? NetworkImage(_currentUser.avatarUrl!)
+                      backgroundImage: _currentUser.avatar != null
+                          ? NetworkImage(_currentUser.avatar!)
                           : null,
-                      child: _currentUser.avatarUrl == null
+                      child: _currentUser.avatar == null
                           ? const Icon(
                               Icons.person,
                               size: 80,
@@ -175,10 +175,10 @@ class _ProfileDetailScreenState extends State<ProfileDetailScreen> {
                 onPressed: () async {
                   if (_formKey.currentState!.validate()) {
                     final updatedUser = _currentUser.copyWith(
-                      name: _nameController.text.trim(),
-                      phone: _phoneController.text.trim().isNotEmpty
-                          ? _phoneController.text.trim()
-                          : null,
+                      fullName: _nameController.text.trim(),
+                      // phone: _phoneController.text.trim().isNotEmpty
+                      //     ? _phoneController.text.trim()
+                      //     : null,
                     );
                     
                     await userProvider.updateUserProfile(updatedUser);

lib/presentation/screens/profile/profile_screen.dart

@@ -75,10 +75,10 @@ class _ProfileContentState extends State<_ProfileContent> {
                           CircleAvatar(
                             radius: 50,
                             backgroundColor: Colors.blue[100],
-                            backgroundImage: authProvider.user?.avatarUrl != null
-                                ? NetworkImage(authProvider.user!.avatarUrl!)
+                            backgroundImage: authProvider.user?.avatar != null
+                                ? NetworkImage(authProvider.user!.avatar!)
                                 : null,
-                            child: authProvider.user?.avatarUrl == null
+                            child: authProvider.user?.avatar == null
                                 ? const Icon(
                                     Icons.person,
                                     size: 60,
@@ -111,7 +111,7 @@ class _ProfileContentState extends State<_ProfileContent> {
                     ),
                     const SizedBox(height: 16),
                     Text(
-                      authProvider.user?.name ?? '用户',
+                      authProvider.user?.fullName ?? '用户',
                       style: const TextStyle(
                         fontSize: 22,
                         fontWeight: FontWeight.bold,
@@ -232,7 +232,9 @@ class _ProfileContentState extends State<_ProfileContent> {
                         subtitle: '安全退出当前账号',
                         onTap: () async {
                           await authProvider.logout();
-                          Navigator.of(context).pushReplacementNamed('/');
+                          if (mounted) {
+                            Navigator.of(context).pushReplacementNamed('/');
+                          }
                         },
                       ),
                     ],

lib/presentation/screens/splash_screen.dart

@@ -14,7 +14,9 @@ class SplashScreenState extends State<SplashScreen> {
   @override
   void initState() {
     super.initState();
-    _initializeApp();
+    WidgetsBinding.instance.addPostFrameCallback((_) {
+      _initializeApp();
+    });
   }
 
   Future<void> _initializeApp() async {

pubspec.lock

@@ -9,6 +9,14 @@ packages:
       url: "https://pub.flutter-io.cn"
     source: hosted
     version: "2.7.0"
+  asn1lib:
+    dependency: transitive
+    description:
+      name: asn1lib
+      sha256: "9a8f69025044eb466b9b60ef3bc3ac99b4dc6c158ae9c56d25eeccf5bc56d024"
+      url: "https://pub.flutter-io.cn"
+    source: hosted
+    version: "1.6.5"
   async:
     dependency: transitive
     description:
@@ -49,6 +57,22 @@ packages:
       url: "https://pub.flutter-io.cn"
     source: hosted
     version: "1.19.1"
+  convert:
+    dependency: transitive
+    description:
+      name: convert
+      sha256: b30acd5944035672bc15c6b7a8b47d773e41e2f17de064350988c5d02adb1c68
+      url: "https://pub.flutter-io.cn"
+    source: hosted
+    version: "3.1.2"
+  crypto:
+    dependency: "direct main"
+    description:
+      name: crypto
+      sha256: c8ea0233063ba03258fbcf2ca4d6dadfefe14f02fab57702265467a19f27fadf
+      url: "https://pub.flutter-io.cn"
+    source: hosted
+    version: "3.0.7"
   cupertino_icons:
     dependency: "direct main"
     description:
@@ -57,6 +81,14 @@ packages:
       url: "https://pub.flutter-io.cn"
     source: hosted
     version: "1.0.8"
+  encrypt:
+    dependency: "direct main"
+    description:
+      name: encrypt
+      sha256: "62d9aa4670cc2a8798bab89b39fc71b6dfbacf615de6cf5001fb39f7e4a996a2"
+      url: "https://pub.flutter-io.cn"
+    source: hosted
+    version: "5.0.3"
   fake_async:
     dependency: transitive
     description:
@@ -144,6 +176,14 @@ packages:
       url: "https://pub.flutter-io.cn"
     source: hosted
     version: "0.18.1"
+  js:
+    dependency: transitive
+    description:
+      name: js
+      sha256: "53385261521cc4a0c4658fd0ad07a7d14591cf8fc33abbceae306ddb974888dc"
+      url: "https://pub.flutter-io.cn"
+    source: hosted
+    version: "0.7.2"
   leak_tracker:
     dependency: transitive
     description:
@@ -272,6 +312,14 @@ packages:
       url: "https://pub.flutter-io.cn"
     source: hosted
     version: "2.1.8"
+  pointycastle:
+    dependency: "direct main"
+    description:
+      name: pointycastle
+      sha256: "4be0097fcf3fd3e8449e53730c631200ebc7b88016acecab2b0da2f0149222fe"
+      url: "https://pub.flutter-io.cn"
+    source: hosted
+    version: "3.9.1"
   provider:
     dependency: "direct main"
     description:

pubspec.yaml

@@ -16,6 +16,10 @@ dependencies:
   flutter_svg: ^2.0.9
   intl: ^0.18.1
   get_it: ^7.6.4
+  # 安全相关依赖
+  crypto: ^3.0.3        # SHA256等哈希算法
+  encrypt: ^5.0.1       # AES加密
+  pointycastle: ^3.7.3  # 更多加密算法
 
 dev_dependencies:
   flutter_test: