feat(client): bio editor

Signed-off-by: Noa Virellia <noa@requiem.garden>
WIP
2026-01-21 14:49:49 +08:00 · 2026-01-21 14:49:49 +08:00 · 2026-01-21 14:49:49 +08:00 · 2026-01-21 14:49:49 +08:00 · 2026-01-21 14:42:52 +08:00 · 2026-01-21 14:34:09 +08:00
48 changed files with 1609 additions and 369 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -46,3 +46,6 @@ go.work.sum
 .DS_Store
 __MACOSX
 ._*
+
+# go gen
+*_gen.go
--- a/client/cms/eslint.config.js
+++ b/client/cms/eslint.config.js
@@ -3,7 +3,7 @@ import pluginQuery from '@tanstack/eslint-plugin-query';

 export default antfu({
  gitignore: true,
-  ignores: ['**/node_modules/**', '**/dist/**', 'bun.lock', '**/routeTree.gen.ts', '**/ui/**'],
+  ignores: ['**/node_modules/**', '**/dist/**', 'bun.lock', '**/routeTree.gen.ts', '**/ui/**', 'src/components/editor/**/*'],
  react: true,
  stylistic: {
    semi: true,
--- a/client/cms/package.json
+++ b/client/cms/package.json
@@ -37,6 +37,7 @@
    "@tanstack/react-table": "^8.21.3",
    "@tanstack/zod-adapter": "^1.143.4",
    "@tanstack/zod-form-adapter": "^0.42.1",
+    "@uiw/react-md-editor": "^4.0.11",
    "axios": "^1.13.2",
    "base-64": "^1.0.0",
    "buffer": "^6.0.3",
@@ -44,6 +45,7 @@
    "clsx": "^2.1.1",
    "culori": "^4.0.2",
    "immer": "^11.1.0",
+    "lodash-es": "^4.17.22",
    "lucide-react": "^0.562.0",
    "next-themes": "^0.4.6",
    "qrcode": "^1.5.4",
@@ -69,6 +71,7 @@
    "@tanstack/router-plugin": "^1.141.7",
    "@types/base-64": "^1.0.2",
    "@types/culori": "^4.0.1",
+    "@types/lodash-es": "^4.17.12",
    "@types/node": "^25.0.3",
    "@types/qrcode": "^1.5.6",
    "@types/react": "^19.2.5",
@@ -82,6 +85,7 @@
    "lint-staged": "^16.2.7",
    "simple-git-hooks": "^2.13.1",
    "tw-animate-css": "^1.4.0",
+    "type-fest": "^5.4.1",
    "typescript": "~5.9.3",
    "typescript-eslint": "^8.46.4",
    "vite": "^7.2.4",
--- a/client/cms/pnpm-lock.yaml
+++ b/client/cms/pnpm-lock.yaml
@@ -89,6 +89,9 @@ importers:
      '@tanstack/zod-form-adapter':
        specifier: ^0.42.1
        version: 0.42.1(zod@4.3.5)
+      '@uiw/react-md-editor':
+        specifier: ^4.0.11
+        version: 4.0.11(@types/react@19.2.8)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
      axios:
        specifier: ^1.13.2
        version: 1.13.2
@@ -110,6 +113,9 @@ importers:
      immer:
        specifier: ^11.1.0
        version: 11.1.3
+      lodash-es:
+        specifier: ^4.17.22
+        version: 4.17.22
      lucide-react:
        specifier: ^0.562.0
        version: 0.562.0(react@19.2.3)
@@ -180,6 +186,9 @@ importers:
      '@types/culori':
        specifier: ^4.0.1
        version: 4.0.1
+      '@types/lodash-es':
+        specifier: ^4.17.12
+        version: 4.17.12
      '@types/node':
        specifier: ^25.0.3
        version: 25.0.9
@@ -219,6 +228,9 @@ importers:
      tw-animate-css:
        specifier: ^1.4.0
        version: 1.4.0
+      type-fest:
+        specifier: ^5.4.1
+        version: 5.4.1
      typescript:
        specifier: ~5.9.3
        version: 5.9.3
@@ -1254,66 +1266,79 @@ packages:
    resolution: {integrity: sha512-AEXMESUDWWGqD6LwO/HkqCZgUE1VCJ1OhbvYGsfqX2Y6w5quSXuyoy/Fg3nRqiwro+cJYFxiw5v4kB2ZDLhxrw==}
    cpu: [arm]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-arm-musleabihf@4.55.2':
    resolution: {integrity: sha512-ZV7EljjBDwBBBSv570VWj0hiNTdHt9uGznDtznBB4Caj3ch5rgD4I2K1GQrtbvJ/QiB+663lLgOdcADMNVC29Q==}
    cpu: [arm]
    os: [linux]
+    libc: [musl]

  '@rollup/rollup-linux-arm64-gnu@4.55.2':
    resolution: {integrity: sha512-uvjwc8NtQVPAJtq4Tt7Q49FOodjfbf6NpqXyW/rjXoV+iZ3EJAHLNAnKT5UJBc6ffQVgmXTUL2ifYiLABlGFqA==}
    cpu: [arm64]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-arm64-musl@4.55.2':
    resolution: {integrity: sha512-s3KoWVNnye9mm/2WpOZ3JeUiediUVw6AvY/H7jNA6qgKA2V2aM25lMkVarTDfiicn/DLq3O0a81jncXszoyCFA==}
    cpu: [arm64]
    os: [linux]
+    libc: [musl]

  '@rollup/rollup-linux-loong64-gnu@4.55.2':
    resolution: {integrity: sha512-gi21faacK+J8aVSyAUptML9VQN26JRxe484IbF+h3hpG+sNVoMXPduhREz2CcYr5my0NE3MjVvQ5bMKX71pfVA==}
    cpu: [loong64]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-loong64-musl@4.55.2':
    resolution: {integrity: sha512-qSlWiXnVaS/ceqXNfnoFZh4IiCA0EwvCivivTGbEu1qv2o+WTHpn1zNmCTAoOG5QaVr2/yhCoLScQtc/7RxshA==}
    cpu: [loong64]
    os: [linux]
+    libc: [musl]

  '@rollup/rollup-linux-ppc64-gnu@4.55.2':
    resolution: {integrity: sha512-rPyuLFNoF1B0+wolH277E780NUKf+KoEDb3OyoLbAO18BbeKi++YN6gC/zuJoPPDlQRL3fIxHxCxVEWiem2yXw==}
    cpu: [ppc64]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-ppc64-musl@4.55.2':
    resolution: {integrity: sha512-g+0ZLMook31iWV4PvqKU0i9E78gaZgYpSrYPed/4Bu+nGTgfOPtfs1h11tSSRPXSjC5EzLTjV/1A7L2Vr8pJoQ==}
    cpu: [ppc64]
    os: [linux]
+    libc: [musl]

  '@rollup/rollup-linux-riscv64-gnu@4.55.2':
    resolution: {integrity: sha512-i+sGeRGsjKZcQRh3BRfpLsM3LX3bi4AoEVqmGDyc50L6KfYsN45wVCSz70iQMwPWr3E5opSiLOwsC9WB4/1pqg==}
    cpu: [riscv64]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-riscv64-musl@4.55.2':
    resolution: {integrity: sha512-C1vLcKc4MfFV6I0aWsC7B2Y9QcsiEcvKkfxprwkPfLaN8hQf0/fKHwSF2lcYzA9g4imqnhic729VB9Fo70HO3Q==}
    cpu: [riscv64]
    os: [linux]
+    libc: [musl]

  '@rollup/rollup-linux-s390x-gnu@4.55.2':
    resolution: {integrity: sha512-68gHUK/howpQjh7g7hlD9DvTTt4sNLp1Bb+Yzw2Ki0xvscm2cOdCLZNJNhd2jW8lsTPrHAHuF751BygifW4bkQ==}
    cpu: [s390x]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-x64-gnu@4.55.2':
    resolution: {integrity: sha512-1e30XAuaBP1MAizaOBApsgeGZge2/Byd6wV4a8oa6jPdHELbRHBiw7wvo4dp7Ie2PE8TZT4pj9RLGZv9N4qwlw==}
    cpu: [x64]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-x64-musl@4.55.2':
    resolution: {integrity: sha512-4BJucJBGbuGnH6q7kpPqGJGzZnYrpAzRd60HQSt3OpX/6/YVgSsJnNzR8Ot74io50SeVT4CtCWe/RYIAymFPwA==}
    cpu: [x64]
    os: [linux]
+    libc: [musl]

  '@rollup/rollup-openbsd-x64@4.55.2':
    resolution: {integrity: sha512-cT2MmXySMo58ENv8p6/O6wI/h/gLnD3D6JoajwXFZH6X9jz4hARqUhWpGuQhOgLNXscfZYRQMJvZDtWNzMAIDw==}
@@ -1472,24 +1497,28 @@ packages:
    engines: {node: '>= 10'}
    cpu: [arm64]
    os: [linux]
+    libc: [glibc]

  '@tailwindcss/oxide-linux-arm64-musl@4.1.18':
    resolution: {integrity: sha512-1px92582HkPQlaaCkdRcio71p8bc8i/ap5807tPRDK/uw953cauQBT8c5tVGkOwrHMfc2Yh6UuxaH4vtTjGvHg==}
    engines: {node: '>= 10'}
    cpu: [arm64]
    os: [linux]
+    libc: [musl]

  '@tailwindcss/oxide-linux-x64-gnu@4.1.18':
    resolution: {integrity: sha512-v3gyT0ivkfBLoZGF9LyHmts0Isc8jHZyVcbzio6Wpzifg/+5ZJpDiRiUhDLkcr7f/r38SWNe7ucxmGW3j3Kb/g==}
    engines: {node: '>= 10'}
    cpu: [x64]
    os: [linux]
+    libc: [glibc]

  '@tailwindcss/oxide-linux-x64-musl@4.1.18':
    resolution: {integrity: sha512-bhJ2y2OQNlcRwwgOAGMY0xTFStt4/wyU6pvI6LSuZpRgKQwxTec0/3Scu91O8ir7qCR3AuepQKLU/kX99FouqQ==}
    engines: {node: '>= 10'}
    cpu: [x64]
    os: [linux]
+    libc: [musl]

  '@tailwindcss/oxide-wasm32-wasi@4.1.18':
    resolution: {integrity: sha512-LffYTvPjODiP6PT16oNeUQJzNVyJl1cjIebq/rWWBF+3eDst5JGEFSc5cWxyRCJ0Mxl+KyIkqRxk1XPEs9x8TA==}
@@ -1724,12 +1753,21 @@ packages:
  '@types/estree@1.0.8':
    resolution: {integrity: sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w==}

+  '@types/hast@2.3.10':
+    resolution: {integrity: sha512-McWspRw8xx8J9HurkVBfYj0xKoE25tOFlHGdx4MJ5xORQrMGZNqJhVQWaIbm6Oyla5kYOXtDiopzKRJzEOkwJw==}
+
  '@types/hast@3.0.4':
    resolution: {integrity: sha512-WPs+bbQw5aCj+x6laNGWLH3wviHtoCv/P3+otBhbOhJgG8qtpdAMlTCxLtsTWA7LH1Oh/bFCHsBn0TPS5m30EQ==}

  '@types/json-schema@7.0.15':
    resolution: {integrity: sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==}

+  '@types/lodash-es@4.17.12':
+    resolution: {integrity: sha512-0NgftHUcV4v34VhXm8QBSftKVXtbkBG3ViCjs6+eJ5a6y6Mi/jiFGPc1sC7QK+9BFhWrURE3EOggmWaSxL9OzQ==}
+
+  '@types/lodash@4.17.23':
+    resolution: {integrity: sha512-RDvF6wTulMPjrNdCoYRC8gNR880JNGT8uB+REUpC2Ns4pRqQJhGz90wh7rgdXDPpCczF3VGktDuFGVnz8zP7HA==}
+
  '@types/mdast@4.0.4':
    resolution: {integrity: sha512-kGaNbPh1k7AFzgpud/gMdvIm5xuECykRR+JnWKQno9TAXVa6WIVCGTPvYGekIDL4uwCZQSYbUxNBSb1aUo79oA==}

@@ -1739,6 +1777,9 @@ packages:
  '@types/node@25.0.9':
    resolution: {integrity: sha512-/rpCXHlCWeqClNBwUhDcusJxXYDjZTyE8v5oTO7WbL8eij2nKhUeU89/6xgjU7N4/Vh3He0BtyhJdQbDyhiXAw==}

+  '@types/prismjs@1.26.5':
+    resolution: {integrity: sha512-AUZTa7hQ2KY5L7AmtSiqxlhWxb4ina0yd8hNbl4TWuqnv/pFP0nDMb3YrfSBf4hJVGLh2YEIBfKaBW/9UEl6IQ==}
+
  '@types/qrcode@1.5.6':
    resolution: {integrity: sha512-te7NQcV2BOvdj2b1hCAHzAoMNuj65kNBMz0KBaxM6c3VGBOhU0dURQKOtH8CFNI/dsKkwlv32p26qYQTWoB5bw==}

@@ -1818,6 +1859,21 @@ packages:
    resolution: {integrity: sha512-oy+wV7xDKFPRyNggmXuZQSBzvoLnpmJs+GhzRhPjrxl2b/jIlyjVokzm47CZCDUdXKr2zd7ZLodPfOBpOPyPlg==}
    engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0}

+  '@uiw/copy-to-clipboard@1.0.19':
+    resolution: {integrity: sha512-AYxzFUBkZrhtExb2QC0C4lFH2+BSx6JVId9iqeGHakBuosqiQHUQaNZCvIBeM97Ucp+nJ22flOh8FBT2pKRRAA==}
+
+  '@uiw/react-markdown-preview@5.1.5':
+    resolution: {integrity: sha512-DNOqx1a6gJR7Btt57zpGEKTfHRlb7rWbtctMRO2f82wWcuoJsxPBrM+JWebDdOD0LfD8oe2CQvW2ICQJKHQhZg==}
+    peerDependencies:
+      react: '>=16.8.0'
+      react-dom: '>=16.8.0'
+
+  '@uiw/react-md-editor@4.0.11':
+    resolution: {integrity: sha512-F0OR5O1v54EkZYvJj3ew0I7UqLiPeU34hMAY4MdXS3hI86rruYi5DHVkG/VuvLkUZW7wIETM2QFtZ459gKIjQA==}
+    peerDependencies:
+      react: '>=16.8.0'
+      react-dom: '>=16.8.0'
+
  '@ungap/structured-clone@1.3.0':
    resolution: {integrity: sha512-WmoN8qaIAo7WTYWbAZuG8PYEhn5fkz7dZrqTBZ7dtt//lL2Gwms1IcnQ5yHqjDfX8Ft5j4YzDM23f87zBfDe9g==}

@@ -1936,6 +1992,9 @@ packages:
    resolution: {integrity: sha512-kX8h7K2srmDyYnXRIppo4AH/wYgzWVCs+eKr3RusRSQ5PvRYoEFmR/I0PbdTjKFAoKqp5+kbxnNTFO9jOfSVJg==}
    hasBin: true

+  bcp-47-match@2.0.3:
+    resolution: {integrity: sha512-JtTezzbAibu8G0R9op9zb3vcWZd9JF6M0xOYGPn0fNCd7wOpRB1mU2mH9T8gaBGbAAyIIVgB2G7xG0GP98zMAQ==}
+
  binary-extensions@2.3.0:
    resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==}
    engines: {node: '>=8'}
@@ -2106,6 +2165,9 @@ packages:
    resolution: {integrity: sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==}
    engines: {node: '>= 8'}

+  css-selector-parser@3.3.0:
+    resolution: {integrity: sha512-Y2asgMGFqJKF4fq4xHDSlFYIkeVfRsm69lQC1q9kbEsH5XtnINTMrweLkjYMeaUgiXBy/uvKeO/a1JHTNnmB2g==}
+
  cssesc@3.0.0:
    resolution: {integrity: sha512-/Tb/JcjK111nNScGob5MNtsntNM1aCNUDipB/TkwZFhyDrrE47SOx/18wF2bbjgc3ZzCSKW1T5nt5EbFoAz/Vg==}
    engines: {node: '>=4'}
@@ -2213,6 +2275,10 @@ packages:
  dijkstrajs@1.0.3:
    resolution: {integrity: sha512-qiSlmBq9+BCdCA/L46dw8Uy93mloxsPSbwnm5yrKn2vMPiy8KyAskTF6zuV/j5BMsmOGZDPs7KjU+mjb670kfA==}

+  direction@2.0.1:
+    resolution: {integrity: sha512-9S6m9Sukh1cZNknO1CWAr2QAWsbKLafQiyM5gZ7VgXHeuaoUwffKN4q6NC4A/Mf9iiPlOXQEKW/Mv/mh9/3YFA==}
+    hasBin: true
+
  dom-helpers@5.2.1:
    resolution: {integrity: sha512-nRCa7CK3VTrM2NmGkIy4cbK7IZlgBE/PYMn55rrXefr5xXDP0LdtfPnblFDoVdcAfslJ7or6iqAUnx0CCGIWQA==}

@@ -2244,6 +2310,10 @@ packages:
    resolution: {integrity: sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==}
    engines: {node: '>=0.12'}

+  entities@6.0.1:
+    resolution: {integrity: sha512-aN97NXWF6AWBTahfVOIrB/NShkzi5H7F9r1s9mD3cDj4Ko5f2qhhVoYMibXF7GlLveb/D2ioWay8lxI97Ven3g==}
+    engines: {node: '>=0.12'}
+
  entities@7.0.0:
    resolution: {integrity: sha512-FDWG5cmEYf2Z00IkYRhbFrwIwvdFKH07uV8dvNy0omp/Qb1xcyCWp2UDtcwJF4QZZvk0sLudP6/hAu42TaqVhQ==}
    engines: {node: '>=0.12'}
@@ -2724,12 +2794,54 @@ packages:
    resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==}
    engines: {node: '>= 0.4'}

+  hast-util-from-html@2.0.3:
+    resolution: {integrity: sha512-CUSRHXyKjzHov8yKsQjGOElXy/3EKpyX56ELnkHH34vDVw1N1XSQ1ZcAvTyAPtGqLTuKP/uxM+aLkSPqF/EtMw==}
+
+  hast-util-from-parse5@8.0.3:
+    resolution: {integrity: sha512-3kxEVkEKt0zvcZ3hCRYI8rqrgwtlIOFMWkbclACvjlDw8Li9S2hk/d51OI0nr/gIpdMHNepwgOKqZ/sy0Clpyg==}
+
+  hast-util-has-property@3.0.0:
+    resolution: {integrity: sha512-MNilsvEKLFpV604hwfhVStK0usFY/QmM5zX16bo7EjnAEGofr5YyI37kzopBlZJkHD4t887i+q/C8/tr5Q94cA==}
+
+  hast-util-heading-rank@3.0.0:
+    resolution: {integrity: sha512-EJKb8oMUXVHcWZTDepnr+WNbfnXKFNf9duMesmr4S8SXTJBJ9M4Yok08pu9vxdJwdlGRhVumk9mEhkEvKGifwA==}
+
+  hast-util-is-element@3.0.0:
+    resolution: {integrity: sha512-Val9mnv2IWpLbNPqc/pUem+a7Ipj2aHacCwgNfTiK0vJKl0LF+4Ba4+v1oPHFpf3bLYmreq0/l3Gud9S5OH42g==}
+
+  hast-util-parse-selector@3.1.1:
+    resolution: {integrity: sha512-jdlwBjEexy1oGz0aJ2f4GKMaVKkA9jwjr4MjAAI22E5fM/TXVZHuS5OpONtdeIkRKqAaryQ2E9xNQxijoThSZA==}
+
+  hast-util-parse-selector@4.0.0:
+    resolution: {integrity: sha512-wkQCkSYoOGCRKERFWcxMVMOcYE2K1AaNLU8DXS9arxnLOUEWbOXKXiJUNzEpqZ3JOKpnha3jkFrumEjVliDe7A==}
+
+  hast-util-raw@9.1.0:
+    resolution: {integrity: sha512-Y8/SBAHkZGoNkpzqqfCldijcuUKh7/su31kEBp67cFY09Wy0mTRgtsLYsiIxMJxlu0f6AA5SUTbDR8K0rxnbUw==}
+
+  hast-util-select@6.0.4:
+    resolution: {integrity: sha512-RqGS1ZgI0MwxLaKLDxjprynNzINEkRHY2i8ln4DDjgv9ZhcYVIHN9rlpiYsqtFwrgpYU361SyWDQcGNIBVu3lw==}
+
+  hast-util-to-html@9.0.5:
+    resolution: {integrity: sha512-OguPdidb+fbHQSU4Q4ZiLKnzWo8Wwsf5bZfbvu7//a9oTYoqD/fWpe96NuHkoS9h0ccGOTe0C4NGXdtS0iObOw==}
+
  hast-util-to-jsx-runtime@2.3.6:
    resolution: {integrity: sha512-zl6s8LwNyo1P9uw+XJGvZtdFF1GdAkOg8ujOw+4Pyb76874fLps4ueHXDhXWdk6YHQ6OgUtinliG7RsYvCbbBg==}

+  hast-util-to-parse5@8.0.1:
+    resolution: {integrity: sha512-MlWT6Pjt4CG9lFCjiz4BH7l9wmrMkfkJYCxFwKQic8+RTZgWPuWxwAfjJElsXkex7DJjfSJsQIt931ilUgmwdA==}
+
+  hast-util-to-string@3.0.1:
+    resolution: {integrity: sha512-XelQVTDWvqcl3axRfI0xSeoVKzyIFPwsAGSLIsKdJKQMXDYJS4WYrBNF/8J7RdhIcFI2BOHgAifggsvsxp/3+A==}
+
  hast-util-whitespace@3.0.0:
    resolution: {integrity: sha512-88JUN06ipLwsnv+dVn+OIYOvAuvBMy/Qoi6O7mQHxdPXpjy+Cd6xRkWwux7DKO+4sYILtLBRIKgsdpS2gQc7qw==}

+  hastscript@7.2.0:
+    resolution: {integrity: sha512-TtYPq24IldU8iKoJQqvZOuhi5CyCQRAbvDOX0x1eW6rsHSxa/1i2CCiptNTotGHJ3VoHRGmqiv6/D3q113ikkw==}
+
+  hastscript@9.0.1:
+    resolution: {integrity: sha512-g7df9rMFX/SPi34tyGCyUBREQoKkapwdY/T04Qn9TDWfHhAYt4/I0gMVirzK5wEzeUqIjEB+LXC/ypb7Aqno5w==}
+
  hermes-estree@0.25.1:
    resolution: {integrity: sha512-0wUoCcLp+5Ev5pDW2OriHC2MJCbwLwuRx+gAqMTOkGKJJiBCLjtrvy4PWUGn6MIVefecRpzoOZ/UV6iGdOr+Cw==}

@@ -2742,6 +2854,9 @@ packages:
  html-url-attributes@3.0.1:
    resolution: {integrity: sha512-ol6UPyBWqsrO6EJySPz2O7ZSr856WDrEzM5zMqp+FJJLGMW35cLYmmZnl0vztAZxRUoNZJFTCohfjuIJ8I4QBQ==}

+  html-void-elements@3.0.0:
+    resolution: {integrity: sha512-bEqo66MRXsUGxWHV5IP0PUiAWwoEjba4VCzg0LjFJBpchPaTfyfCKTG6bc5F8ucKec3q5y6qOdGyYTSBEvhCrg==}
+
  ieee754@1.2.1:
    resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==}

@@ -2922,24 +3037,28 @@ packages:
    engines: {node: '>= 12.0.0'}
    cpu: [arm64]
    os: [linux]
+    libc: [glibc]

  lightningcss-linux-arm64-musl@1.30.2:
    resolution: {integrity: sha512-5Vh9dGeblpTxWHpOx8iauV02popZDsCYMPIgiuw97OJ5uaDsL86cnqSFs5LZkG3ghHoX5isLgWzMs+eD1YzrnA==}
    engines: {node: '>= 12.0.0'}
    cpu: [arm64]
    os: [linux]
+    libc: [musl]

  lightningcss-linux-x64-gnu@1.30.2:
    resolution: {integrity: sha512-Cfd46gdmj1vQ+lR6VRTTadNHu6ALuw2pKR9lYq4FnhvgBc4zWY1EtZcAc6EffShbb1MFrIPfLDXD6Xprbnni4w==}
    engines: {node: '>= 12.0.0'}
    cpu: [x64]
    os: [linux]
+    libc: [glibc]

  lightningcss-linux-x64-musl@1.30.2:
    resolution: {integrity: sha512-XJaLUUFXb6/QG2lGIW6aIk6jKdtjtcffUT0NKvIqhSBY3hh9Ch+1LCeH80dR9q9LBjG3ewbDjnumefsLsP6aiA==}
    engines: {node: '>= 12.0.0'}
    cpu: [x64]
    os: [linux]
+    libc: [musl]

  lightningcss-win32-arm64-msvc@1.30.2:
    resolution: {integrity: sha512-FZn+vaj7zLv//D/192WFFVA0RgHawIcHqLX9xuWiQt7P0PtdFEVaxgF9rjM/IRYHQXNnk61/H/gb2Ei+kUQ4xQ==}
@@ -2981,6 +3100,9 @@ packages:
    resolution: {integrity: sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==}
    engines: {node: '>=10'}

+  lodash-es@4.17.22:
+    resolution: {integrity: sha512-XEawp1t0gxSi9x01glktRZ5HDy0HXqrM0x5pXQM98EaI0NxO6jVM7omDOxsuEo5UIASAnm2bRp1Jt/e0a2XU8Q==}
+
  lodash.merge@4.6.2:
    resolution: {integrity: sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==}

@@ -3274,9 +3396,15 @@ packages:
    resolution: {integrity: sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==}
    engines: {node: '>=8'}

+  parse-numeric-range@1.3.0:
+    resolution: {integrity: sha512-twN+njEipszzlMJd4ONUYgSfZPDxgHhT9Ahed5uTigpQn90FggW4SA/AIPq/6a149fTbE9qBEcSwE3FAEp6wQQ==}
+
  parse-statements@1.0.11:
    resolution: {integrity: sha512-HlsyYdMBnbPQ9Jr/VgJ1YF4scnldvJpJxCVx6KgqPL4dxppsWrJHCIIxQXMJrqGnsRkNPATbeMJ8Yxu7JMsYcA==}

+  parse5@7.3.0:
+    resolution: {integrity: sha512-IInvU7fabl34qmi9gY8XOVxhYyMyuH2xUNpb2q8/Y+7552KlejkRvqvD19nMoUW/uQGGbqNpA6Tufu5FL5BZgw==}
+
  path-exists@4.0.0:
    resolution: {integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==}
    engines: {node: '>=8'}
@@ -3349,6 +3477,9 @@ packages:
  prop-types@15.8.1:
    resolution: {integrity: sha512-oj87CgZICdulUohogVAR7AjlC0327U4el4L6eAvOqCeudMDVU0NThNaV+b9Df4dXgSP1gXMTnPdhfe/2qDH5cg==}

+  property-information@6.5.0:
+    resolution: {integrity: sha512-PgTgs/BlvHxOu8QuEN7wi5A0OmXaBcHpmCSTehcs6Uuu9IkDIEo13Hy7n898RHfrQ49vKCoGeWZSaAK01nwVig==}
+
  property-information@7.1.0:
    resolution: {integrity: sha512-TwEZ+X+yCJmYfL7TPUOcvBZ4QfoT5YenQiJuX//0th53DE6w0xxLEtfK3iyryQFddXuvkIk51EEgrJQ0WJkOmQ==}

@@ -3390,6 +3521,12 @@ packages:
      '@types/react': '>=18'
      react: '>=18'

+  react-markdown@9.0.3:
+    resolution: {integrity: sha512-Yk7Z94dbgYTOrdk41Z74GoKA7rThnsbbqBTRYuxoe08qvfQ9tJVhmAKw6BJS/ZORG7kTy/s1QvYzSuaoBA1qfw==}
+    peerDependencies:
+      '@types/react': '>=18'
+      react: '>=18'
+
  react-refresh@0.18.0:
    resolution: {integrity: sha512-QgT5//D3jfjJb6Gsjxv0Slpj23ip+HtOpnNgnb2S5zU3CB26G/IDPGoy4RJB42wzFE46DRsstbW6tKHoKbhAxw==}
    engines: {node: '>=0.10.0'}
@@ -3462,6 +3599,9 @@ packages:
    resolution: {integrity: sha512-J8rn6v4DBb2nnFqkqwy6/NnTYMcgLA+sLr0iIO41qpv0n+ngb7ksag2tMRl0inb1bbO/esUwzW1vbJi7K0sI0g==}
    engines: {node: ^12.0.0 || ^14.0.0 || >=16.0.0}

+  refractor@4.9.0:
+    resolution: {integrity: sha512-nEG1SPXFoGGx+dcjftjv8cAjEusIh6ED1xhf5DG3C0x/k+rmZ2duKnc3QLpt6qeHv5fPb8uwN3VWN2BT7fr3Og==}
+
  regexp-ast-analysis@0.7.1:
    resolution: {integrity: sha512-sZuz1dYW/ZsfG17WSAG7eS85r5a0dDsvg+7BiiYR5o6lKCAtUrEwdmRmaGF6rwVj3LcmAeYkOWKEPlbPzN3Y3A==}
    engines: {node: ^12.0.0 || ^14.0.0 || >=16.0.0}
@@ -3474,12 +3614,58 @@ packages:
    resolution: {integrity: sha512-NZQZdC5wOE/H3UT28fVGL+ikOZcEzfMGk/c3iN9UGxzWHMa1op7274oyiUVrAG4B2EuFhus8SvkaYnhvW92p9Q==}
    hasBin: true

+  rehype-attr@3.0.3:
+    resolution: {integrity: sha512-Up50Xfra8tyxnkJdCzLBIBtxOcB2M1xdeKe1324U06RAvSjYm7ULSeoM+b/nYPQPVd7jsXJ9+39IG1WAJPXONw==}
+    engines: {node: '>=16'}
+
+  rehype-autolink-headings@7.1.0:
+    resolution: {integrity: sha512-rItO/pSdvnvsP4QRB1pmPiNHUskikqtPojZKJPPPAVx9Hj8i8TwMBhofrrAYRhYOOBZH9tgmG5lPqDLuIWPWmw==}
+
+  rehype-ignore@2.0.3:
+    resolution: {integrity: sha512-IzhP6/u/6sm49sdktuYSmeIuObWB+5yC/5eqVws8BhuGA9kY25/byz6uCy/Ravj6lXUShEd2ofHM5MyAIj86Sg==}
+    engines: {node: '>=16'}
+
+  rehype-parse@9.0.1:
+    resolution: {integrity: sha512-ksCzCD0Fgfh7trPDxr2rSylbwq9iYDkSn8TCDmEJ49ljEUBxDVCzCHv7QNzZOfODanX4+bWQ4WZqLCRWYLfhag==}
+
+  rehype-prism-plus@2.0.0:
+    resolution: {integrity: sha512-FeM/9V2N7EvDZVdR2dqhAzlw5YI49m9Tgn7ZrYJeYHIahM6gcXpH0K1y2gNnKanZCydOMluJvX2cB9z3lhY8XQ==}
+
+  rehype-prism-plus@2.0.1:
+    resolution: {integrity: sha512-Wglct0OW12tksTUseAPyWPo3srjBOY7xKlql/DPKi7HbsdZTyaLCAoO58QBKSczFQxElTsQlOY3JDOFzB/K++Q==}
+
+  rehype-raw@7.0.0:
+    resolution: {integrity: sha512-/aE8hCfKlQeA8LmyeyQvQF3eBiLRGNlfBJEvWH7ivp9sBqs7TNqBL5X3v157rM4IFETqDnIOO+z5M/biZbo9Ww==}
+
+  rehype-rewrite@4.0.4:
+    resolution: {integrity: sha512-L/FO96EOzSA6bzOam4DVu61/PB3AGKcSPXpa53yMIozoxH4qg1+bVZDF8zh1EsuxtSauAhzt5cCnvoplAaSLrw==}
+    engines: {node: '>=16.0.0'}
+
+  rehype-slug@6.0.0:
+    resolution: {integrity: sha512-lWyvf/jwu+oS5+hL5eClVd3hNdmwM1kAC0BUvEGD19pajQMIzcNUd/k9GsfQ+FfECvX+JE+e9/btsKH0EjJT6A==}
+
+  rehype-stringify@10.0.1:
+    resolution: {integrity: sha512-k9ecfXHmIPuFVI61B9DeLPN0qFHfawM6RsuX48hoqlaKSF61RskNjSm1lI8PhBEM0MRdLxVVm4WmTqJQccH9mA==}
+
+  rehype@13.0.2:
+    resolution: {integrity: sha512-j31mdaRFrwFRUIlxGeuPXXKWQxet52RBQRvCmzl5eCefn/KGbomK5GMHNMsOJf55fgo3qw5tST5neDuarDYR2A==}
+
+  remark-gfm@4.0.1:
+    resolution: {integrity: sha512-1quofZ2RQ9EWdeN34S79+KExV1764+wCUGop5CPL1WGdD0ocPpu91lzPGbwWMECpEpd42kJGQwzRfyov9j4yNg==}
+
+  remark-github-blockquote-alert@1.3.1:
+    resolution: {integrity: sha512-OPNnimcKeozWN1w8KVQEuHOxgN3L4rah8geMOLhA5vN9wITqU4FWD+G26tkEsCGHiOVDbISx+Se5rGZ+D1p0Jg==}
+    engines: {node: '>=16'}
+
  remark-parse@11.0.0:
    resolution: {integrity: sha512-FCxlKLNGknS5ba/1lmpYijMUzX2esxW5xQqjWxw2eHFfS2MSdaHVINFmhjo+qN1WhZhNimq0dZATN9pH0IDrpA==}

  remark-rehype@11.1.2:
    resolution: {integrity: sha512-Dh7l57ianaEoIpzbp0PC9UKAdCSVklD8E5Rpw7ETfbTl3FqcOOgq5q2LVDhgGCkaBv7p24JXikPdvhhmHvKMsw==}

+  remark-stringify@11.0.0:
+    resolution: {integrity: sha512-1OSmLd3awB/t8qdoEOMazZkNsfVTeY4fTsgzcQFdXNq8ToTN4ZGwrMnlda4K6smTFKD+GRV6O48i6Z4iKgPPpw==}
+
  require-directory@2.1.1:
    resolution: {integrity: sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==}
    engines: {node: '>=0.10.0'}
@@ -3650,6 +3836,10 @@ packages:
    resolution: {integrity: sha512-Bh7QjT8/SuKUIfObSXNHNSK6WHo6J1tHCqJsuaFDP7gP0fkzSfTxI8y85JrppZ0h8l0maIgc2tfuZQ6/t3GtnQ==}
    engines: {node: ^14.18.0 || >=16.0.0}

+  tagged-tag@1.0.0:
+    resolution: {integrity: sha512-yEFYrVhod+hdNyx7g5Bnkkb0G6si8HJurOoOEgC8B/O0uXLHlaey/65KRv6cuWBNhBgHKAROVpc7QyYqE5gFng==}
+    engines: {node: '>=20'}
+
  tailwind-merge@3.4.0:
    resolution: {integrity: sha512-uSaO4gnW+b3Y2aWoWfFpX62vn2sR3skfhbjsEnaBI81WD1wBLlHZe5sWf0AqjksNdYTbGBEd0UasQMT3SNV15g==}

@@ -3721,6 +3911,10 @@ packages:
    resolution: {integrity: sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==}
    engines: {node: '>= 0.8.0'}

+  type-fest@5.4.1:
+    resolution: {integrity: sha512-xygQcmneDyzsEuKZrFbRMne5HDqMs++aFzefrJTgEIKjQ3rekM+RPfFCVq2Gp1VIDqddoYeppCj4Pcb+RZW0GQ==}
+    engines: {node: '>=20'}
+
  typescript-eslint@8.53.1:
    resolution: {integrity: sha512-gB+EVQfP5RDElh9ittfXlhZJdjSU4jUSTyE2+ia8CYyNvet4ElfaLlAIqDvQV9JPknKx0jQH1racTYe/4LaLSg==}
    engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0}
@@ -3742,6 +3936,9 @@ packages:
  unified@11.0.5:
    resolution: {integrity: sha512-xKvGhPWw3k84Qjh8bI3ZeJjqnyadK+GEFtazSfZv/rKeTkTjOJho6mFqh2SM96iIcZokxiOpg78GazTSg8+KHA==}

+  unist-util-filter@5.0.1:
+    resolution: {integrity: sha512-pHx7D4Zt6+TsfwylH9+lYhBhzyhEnCXs/lbq/Hstxno5z4gVdyc2WEW0asfjGKPyG4pEKrnBv5hdkO6+aRnQJw==}
+
  unist-util-is@6.0.1:
    resolution: {integrity: sha512-LsiILbtBETkDz8I9p1dQ0uyRUWuaQzd/cuEeS1hoRSyW5E5XGmTzlwY1OrNzzakGowI9Dr/I8HVaw4hTtnxy8g==}

@@ -3807,6 +4004,9 @@ packages:
      react: ^16.8 || ^17.0 || ^18.0 || ^19.0.0 || ^19.0.0-rc
      react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0.0 || ^19.0.0-rc

+  vfile-location@5.0.3:
+    resolution: {integrity: sha512-5yXvWDEgqeiYiBe1lbxYF7UMAIm/IcopxMHrMQDq3nvKcjPKIhZklUKL+AE7J7uApI4kwe2snsK+eI6UTj9EHg==}
+
  vfile-message@4.0.3:
    resolution: {integrity: sha512-QTHzsGd1EhbZs4AsQ20JX1rC3cOlt/IWJruk893DfLRr57lcnOeMaWG4K0JrRta4mIJZKth2Au3mM3u03/JWKw==}

@@ -3867,6 +4067,9 @@ packages:
    peerDependencies:
      eslint: ^8.57.0 || ^9.0.0

+  web-namespaces@2.0.1:
+    resolution: {integrity: sha512-bKr1DkiNa2krS7qxNtdrtHAmzuYGFQLiQ13TsorsdT6ULTkPLKuu5+GsFpDlg6JFjUTwX2DyhMPG2be8uPrqsQ==}
+
  webpack-virtual-modules@0.6.2:
    resolution: {integrity: sha512-66/V2i5hQanC51vBQKPH4aI8NMAcBW59FVBs+rC7eGHupMyfn34q7rZIE+ETlJ+XTevqfUhVVBgSUNSW2flEUQ==}

@@ -5386,12 +5589,22 @@ snapshots:

  '@types/estree@1.0.8': {}

+  '@types/hast@2.3.10':
+    dependencies:
+      '@types/unist': 2.0.11
+
  '@types/hast@3.0.4':
    dependencies:
      '@types/unist': 3.0.3

  '@types/json-schema@7.0.15': {}

+  '@types/lodash-es@4.17.12':
+    dependencies:
+      '@types/lodash': 4.17.23
+
+  '@types/lodash@4.17.23': {}
+
  '@types/mdast@4.0.4':
    dependencies:
      '@types/unist': 3.0.3
@@ -5402,6 +5615,8 @@ snapshots:
    dependencies:
      undici-types: 7.16.0

+  '@types/prismjs@1.26.5': {}
+
  '@types/qrcode@1.5.6':
    dependencies:
      '@types/node': 25.0.9
@@ -5511,6 +5726,41 @@ snapshots:
      '@typescript-eslint/types': 8.53.1
      eslint-visitor-keys: 4.2.1

+  '@uiw/copy-to-clipboard@1.0.19': {}
+
+  '@uiw/react-markdown-preview@5.1.5(@types/react@19.2.8)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)':
+    dependencies:
+      '@babel/runtime': 7.28.6
+      '@uiw/copy-to-clipboard': 1.0.19
+      react: 19.2.3
+      react-dom: 19.2.3(react@19.2.3)
+      react-markdown: 9.0.3(@types/react@19.2.8)(react@19.2.3)
+      rehype-attr: 3.0.3
+      rehype-autolink-headings: 7.1.0
+      rehype-ignore: 2.0.3
+      rehype-prism-plus: 2.0.0
+      rehype-raw: 7.0.0
+      rehype-rewrite: 4.0.4
+      rehype-slug: 6.0.0
+      remark-gfm: 4.0.1
+      remark-github-blockquote-alert: 1.3.1
+      unist-util-visit: 5.0.0
+    transitivePeerDependencies:
+      - '@types/react'
+      - supports-color
+
+  '@uiw/react-md-editor@4.0.11(@types/react@19.2.8)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)':
+    dependencies:
+      '@babel/runtime': 7.28.6
+      '@uiw/react-markdown-preview': 5.1.5(@types/react@19.2.8)(react-dom@19.2.3(react@19.2.3))(react@19.2.3)
+      react: 19.2.3
+      react-dom: 19.2.3(react@19.2.3)
+      rehype: 13.0.2
+      rehype-prism-plus: 2.0.1
+    transitivePeerDependencies:
+      - '@types/react'
+      - supports-color
+
  '@ungap/structured-clone@1.3.0': {}

  '@vitejs/plugin-react@5.1.2(vite@7.3.1(@types/node@25.0.9)(jiti@2.6.1)(lightningcss@1.30.2)(tsx@4.21.0)(yaml@2.8.2))':
@@ -5642,6 +5892,8 @@ snapshots:

  baseline-browser-mapping@2.9.15: {}

+  bcp-47-match@2.0.3: {}
+
  binary-extensions@2.3.0: {}

  birecord@0.1.1: {}
@@ -5798,6 +6050,8 @@ snapshots:
      shebang-command: 2.0.0
      which: 2.0.2

+  css-selector-parser@3.3.0: {}
+
  cssesc@3.0.0: {}

  csstype@3.2.3: {}
@@ -5874,6 +6128,8 @@ snapshots:

  dijkstrajs@1.0.3: {}

+  direction@2.0.1: {}
+
  dom-helpers@5.2.1:
    dependencies:
      '@babel/runtime': 7.28.6
@@ -5905,6 +6161,8 @@ snapshots:

  entities@4.5.0: {}

+  entities@6.0.1: {}
+
  entities@7.0.0: {}

  environment@1.1.0: {}
@@ -6503,6 +6761,94 @@ snapshots:
    dependencies:
      function-bind: 1.1.2

+  hast-util-from-html@2.0.3:
+    dependencies:
+      '@types/hast': 3.0.4
+      devlop: 1.1.0
+      hast-util-from-parse5: 8.0.3
+      parse5: 7.3.0
+      vfile: 6.0.3
+      vfile-message: 4.0.3
+
+  hast-util-from-parse5@8.0.3:
+    dependencies:
+      '@types/hast': 3.0.4
+      '@types/unist': 3.0.3
+      devlop: 1.1.0
+      hastscript: 9.0.1
+      property-information: 7.1.0
+      vfile: 6.0.3
+      vfile-location: 5.0.3
+      web-namespaces: 2.0.1
+
+  hast-util-has-property@3.0.0:
+    dependencies:
+      '@types/hast': 3.0.4
+
+  hast-util-heading-rank@3.0.0:
+    dependencies:
+      '@types/hast': 3.0.4
+
+  hast-util-is-element@3.0.0:
+    dependencies:
+      '@types/hast': 3.0.4
+
+  hast-util-parse-selector@3.1.1:
+    dependencies:
+      '@types/hast': 2.3.10
+
+  hast-util-parse-selector@4.0.0:
+    dependencies:
+      '@types/hast': 3.0.4
+
+  hast-util-raw@9.1.0:
+    dependencies:
+      '@types/hast': 3.0.4
+      '@types/unist': 3.0.3
+      '@ungap/structured-clone': 1.3.0
+      hast-util-from-parse5: 8.0.3
+      hast-util-to-parse5: 8.0.1
+      html-void-elements: 3.0.0
+      mdast-util-to-hast: 13.2.1
+      parse5: 7.3.0
+      unist-util-position: 5.0.0
+      unist-util-visit: 5.0.0
+      vfile: 6.0.3
+      web-namespaces: 2.0.1
+      zwitch: 2.0.4
+
+  hast-util-select@6.0.4:
+    dependencies:
+      '@types/hast': 3.0.4
+      '@types/unist': 3.0.3
+      bcp-47-match: 2.0.3
+      comma-separated-tokens: 2.0.3
+      css-selector-parser: 3.3.0
+      devlop: 1.1.0
+      direction: 2.0.1
+      hast-util-has-property: 3.0.0
+      hast-util-to-string: 3.0.1
+      hast-util-whitespace: 3.0.0
+      nth-check: 2.1.1
+      property-information: 7.1.0
+      space-separated-tokens: 2.0.2
+      unist-util-visit: 5.0.0
+      zwitch: 2.0.4
+
+  hast-util-to-html@9.0.5:
+    dependencies:
+      '@types/hast': 3.0.4
+      '@types/unist': 3.0.3
+      ccount: 2.0.1
+      comma-separated-tokens: 2.0.3
+      hast-util-whitespace: 3.0.0
+      html-void-elements: 3.0.0
+      mdast-util-to-hast: 13.2.1
+      property-information: 7.1.0
+      space-separated-tokens: 2.0.2
+      stringify-entities: 4.0.4
+      zwitch: 2.0.4
+
  hast-util-to-jsx-runtime@2.3.6:
    dependencies:
      '@types/estree': 1.0.8
@@ -6523,10 +6869,40 @@ snapshots:
    transitivePeerDependencies:
      - supports-color

+  hast-util-to-parse5@8.0.1:
+    dependencies:
+      '@types/hast': 3.0.4
+      comma-separated-tokens: 2.0.3
+      devlop: 1.1.0
+      property-information: 7.1.0
+      space-separated-tokens: 2.0.2
+      web-namespaces: 2.0.1
+      zwitch: 2.0.4
+
+  hast-util-to-string@3.0.1:
+    dependencies:
+      '@types/hast': 3.0.4
+
  hast-util-whitespace@3.0.0:
    dependencies:
      '@types/hast': 3.0.4

+  hastscript@7.2.0:
+    dependencies:
+      '@types/hast': 2.3.10
+      comma-separated-tokens: 2.0.3
+      hast-util-parse-selector: 3.1.1
+      property-information: 6.5.0
+      space-separated-tokens: 2.0.2
+
+  hastscript@9.0.1:
+    dependencies:
+      '@types/hast': 3.0.4
+      comma-separated-tokens: 2.0.3
+      hast-util-parse-selector: 4.0.0
+      property-information: 7.1.0
+      space-separated-tokens: 2.0.2
+
  hermes-estree@0.25.1: {}

  hermes-parser@0.25.1:
@@ -6537,6 +6913,8 @@ snapshots:

  html-url-attributes@3.0.1: {}

+  html-void-elements@3.0.0: {}
+
  ieee754@1.2.1: {}

  ignore@5.3.2: {}
@@ -6733,6 +7111,8 @@ snapshots:
    dependencies:
      p-locate: 5.0.0

+  lodash-es@4.17.22: {}
+
  lodash.merge@4.6.2: {}

  lodash@4.17.21: {}
@@ -7253,8 +7633,14 @@ snapshots:
      json-parse-even-better-errors: 2.3.1
      lines-and-columns: 1.2.4

+  parse-numeric-range@1.3.0: {}
+
  parse-statements@1.0.11: {}

+  parse5@7.3.0:
+    dependencies:
+      entities: 6.0.1
+
  path-exists@4.0.0: {}

  path-key@3.1.1: {}
@@ -7317,6 +7703,8 @@ snapshots:
      object-assign: 4.1.1
      react-is: 16.13.1

+  property-information@6.5.0: {}
+
  property-information@7.1.0: {}

  proxy-from-env@1.1.0: {}
@@ -7362,6 +7750,23 @@ snapshots:
    transitivePeerDependencies:
      - supports-color

+  react-markdown@9.0.3(@types/react@19.2.8)(react@19.2.3):
+    dependencies:
+      '@types/hast': 3.0.4
+      '@types/react': 19.2.8
+      devlop: 1.1.0
+      hast-util-to-jsx-runtime: 2.3.6
+      html-url-attributes: 3.0.1
+      mdast-util-to-hast: 13.2.1
+      react: 19.2.3
+      remark-parse: 11.0.0
+      remark-rehype: 11.1.2
+      unified: 11.0.5
+      unist-util-visit: 5.0.0
+      vfile: 6.0.3
+    transitivePeerDependencies:
+      - supports-color
+
  react-refresh@0.18.0: {}

  react-remove-scroll-bar@2.3.8(@types/react@19.2.8)(react@19.2.3):
@@ -7443,6 +7848,13 @@ snapshots:
    dependencies:
      '@eslint-community/regexpp': 4.12.2

+  refractor@4.9.0:
+    dependencies:
+      '@types/hast': 2.3.10
+      '@types/prismjs': 1.26.5
+      hastscript: 7.2.0
+      parse-entities: 4.0.2
+
  regexp-ast-analysis@0.7.1:
    dependencies:
      '@eslint-community/regexpp': 4.12.2
@@ -7454,6 +7866,98 @@ snapshots:
    dependencies:
      jsesc: 3.1.0

+  rehype-attr@3.0.3:
+    dependencies:
+      unified: 11.0.5
+      unist-util-visit: 5.0.0
+
+  rehype-autolink-headings@7.1.0:
+    dependencies:
+      '@types/hast': 3.0.4
+      '@ungap/structured-clone': 1.3.0
+      hast-util-heading-rank: 3.0.0
+      hast-util-is-element: 3.0.0
+      unified: 11.0.5
+      unist-util-visit: 5.0.0
+
+  rehype-ignore@2.0.3:
+    dependencies:
+      hast-util-select: 6.0.4
+      unified: 11.0.5
+      unist-util-visit: 5.0.0
+
+  rehype-parse@9.0.1:
+    dependencies:
+      '@types/hast': 3.0.4
+      hast-util-from-html: 2.0.3
+      unified: 11.0.5
+
+  rehype-prism-plus@2.0.0:
+    dependencies:
+      hast-util-to-string: 3.0.1
+      parse-numeric-range: 1.3.0
+      refractor: 4.9.0
+      rehype-parse: 9.0.1
+      unist-util-filter: 5.0.1
+      unist-util-visit: 5.0.0
+
+  rehype-prism-plus@2.0.1:
+    dependencies:
+      hast-util-to-string: 3.0.1
+      parse-numeric-range: 1.3.0
+      refractor: 4.9.0
+      rehype-parse: 9.0.1
+      unist-util-filter: 5.0.1
+      unist-util-visit: 5.0.0
+
+  rehype-raw@7.0.0:
+    dependencies:
+      '@types/hast': 3.0.4
+      hast-util-raw: 9.1.0
+      vfile: 6.0.3
+
+  rehype-rewrite@4.0.4:
+    dependencies:
+      hast-util-select: 6.0.4
+      unified: 11.0.5
+      unist-util-visit: 5.0.0
+
+  rehype-slug@6.0.0:
+    dependencies:
+      '@types/hast': 3.0.4
+      github-slugger: 2.0.0
+      hast-util-heading-rank: 3.0.0
+      hast-util-to-string: 3.0.1
+      unist-util-visit: 5.0.0
+
+  rehype-stringify@10.0.1:
+    dependencies:
+      '@types/hast': 3.0.4
+      hast-util-to-html: 9.0.5
+      unified: 11.0.5
+
+  rehype@13.0.2:
+    dependencies:
+      '@types/hast': 3.0.4
+      rehype-parse: 9.0.1
+      rehype-stringify: 10.0.1
+      unified: 11.0.5
+
+  remark-gfm@4.0.1:
+    dependencies:
+      '@types/mdast': 4.0.4
+      mdast-util-gfm: 3.1.0
+      micromark-extension-gfm: 3.0.0
+      remark-parse: 11.0.0
+      remark-stringify: 11.0.0
+      unified: 11.0.5
+    transitivePeerDependencies:
+      - supports-color
+
+  remark-github-blockquote-alert@1.3.1:
+    dependencies:
+      unist-util-visit: 5.0.0
+
  remark-parse@11.0.0:
    dependencies:
      '@types/mdast': 4.0.4
@@ -7471,6 +7975,12 @@ snapshots:
      unified: 11.0.5
      vfile: 6.0.3

+  remark-stringify@11.0.0:
+    dependencies:
+      '@types/mdast': 4.0.4
+      mdast-util-to-markdown: 2.1.2
+      unified: 11.0.5
+
  require-directory@2.1.1: {}

  require-main-filename@2.0.0: {}
@@ -7639,6 +8149,8 @@ snapshots:
    dependencies:
      '@pkgr/core': 0.2.9

+  tagged-tag@1.0.0: {}
+
  tailwind-merge@3.4.0: {}

  tailwindcss@4.1.18: {}
@@ -7699,6 +8211,10 @@ snapshots:
    dependencies:
      prelude-ls: 1.2.1

+  type-fest@5.4.1:
+    dependencies:
+      tagged-tag: 1.0.0
+
  typescript-eslint@8.53.1(eslint@9.39.2(jiti@2.6.1))(typescript@5.9.3):
    dependencies:
      '@typescript-eslint/eslint-plugin': 8.53.1(@typescript-eslint/parser@8.53.1(eslint@9.39.2(jiti@2.6.1))(typescript@5.9.3))(eslint@9.39.2(jiti@2.6.1))(typescript@5.9.3)
@@ -7726,6 +8242,12 @@ snapshots:
      trough: 2.2.0
      vfile: 6.0.3

+  unist-util-filter@5.0.1:
+    dependencies:
+      '@types/unist': 3.0.3
+      unist-util-is: 6.0.1
+      unist-util-visit-parents: 6.0.2
+
  unist-util-is@6.0.1:
    dependencies:
      '@types/unist': 3.0.3
@@ -7798,6 +8320,11 @@ snapshots:
      - '@types/react'
      - '@types/react-dom'

+  vfile-location@5.0.3:
+    dependencies:
+      '@types/unist': 3.0.3
+      vfile: 6.0.3
+
  vfile-message@4.0.3:
    dependencies:
      '@types/unist': 3.0.3
@@ -7864,6 +8391,8 @@ snapshots:
    transitivePeerDependencies:
      - supports-color

+  web-namespaces@2.0.1: {}
+
  webpack-virtual-modules@0.6.2: {}

  which-module@2.0.1: {}
--- a/client/cms/src/components/profile/edit-profile-dialog.tsx
+++ b/client/cms/src/components/profile/edit-profile-dialog.tsx
@@ -19,18 +19,25 @@ import {
 import {
  Input,
 } from '@/components/ui/input';
+import { useUpdateUser } from '@/hooks/data/useUpdateUser';
+import { useUserInfo } from '@/hooks/data/useUserInfo';

 const formSchema = z.object({
-  email: z.string(),
+  username: z.string().min(5),
  nickname: z.string().min(1),
  subtitle: z.string().min(1),
+  avatar: z.url().min(1),
 });
 export function EditProfileDialog() {
+  const { data: user } = useUserInfo();
+  const { mutateAsync } = useUpdateUser();
+
  const form = useForm({
    defaultValues: {
-      email: '',
-      nickname: '',
-      subtitle: '',
+      avatar: user.avatar,
+      username: user.username,
+      nickname: user.nickname,
+      subtitle: user.subtitle,
    },
    validators: {
      onBlur: formSchema,
@@ -39,13 +46,12 @@ export function EditProfileDialog() {
      value,
    }) => {
      try {
-        toast(
-          <code className="text-white">{JSON.stringify(value, null, 2)}</code>,
-        );
+        await mutateAsync(value);
+        toast.success('个人资料更新成功');
      }
      catch (error) {
        console.error('Form submission error', error);
-        toast.error('Failed to submit the form. Please try again.');
+        toast.error('更新个人资料失败，请重试');
      }
    },
  });
@@ -53,60 +59,94 @@ export function EditProfileDialog() {
  return (
    <Dialog>
      <DialogTrigger asChild>
-        <Button variant="outline" className="w-full mt-4" size="lg">编辑个人资料</Button>
+        <Button variant="outline" className="w-full" size="lg">编辑个人资料</Button>
      </DialogTrigger>
-      <form
-        onSubmit={(e) => {
-          e.preventDefault();
-          e.stopPropagation();
-          void form.handleSubmit();
-        }}
-      >
-        <DialogContent className="sm:max-w-[425px]">
+      <DialogContent className="sm:max-w-[425px]">
+        <form
+          onSubmit={(e) => {
+            e.preventDefault();
+            e.stopPropagation();
+            void form.handleSubmit();
+          }}
+          className="grid gap-4"
+        >
          <DialogHeader>
            <DialogTitle>编辑个人资料</DialogTitle>
          </DialogHeader>
-          <Field>
-            <FieldLabel htmlFor="email">Email</FieldLabel>
-            <Input
-              id="email"
-              name="email"
-              placeholder="noa@requiem.garden"
-              value={form.getFieldValue('email')}
-              onChange={e => form.setFieldValue('email', e.target.value)}
-            />
-            <FieldError />
-          </Field>
-          <Field>
-            <FieldLabel htmlFor="nickname">昵称</FieldLabel>
-            <Input
-              id="nickname"
-              name="nickname"
-              placeholder="Noa Virellia"
-              value={form.getFieldValue('nickname')}
-              onChange={e => form.setFieldValue('nickname', e.target.value)}
-            />
-            <FieldError />
-          </Field>
-          <Field>
-            <FieldLabel htmlFor="subtitle">副标题</FieldLabel>
-            <Input
-              id="subtitle"
-              name="subtitle"
-              placeholder="天生骄傲"
-              value={form.getFieldValue('subtitle')}
-              onChange={e => form.setFieldValue('subtitle', e.target.value)}
-            />
-            <FieldError />
-          </Field>
+          <form.Field name="username">
+            {field => (
+              <Field>
+                <FieldLabel htmlFor="username">用户名</FieldLabel>
+                <Input
+                  id="username"
+                  name="username"
+                  placeholder={user.username}
+                  value={field.state.value}
+                  onBlur={field.handleBlur}
+                  onChange={e => field.handleChange(e.target.value)}
+                />
+                <FieldError errors={field.state.meta.errors} />
+              </Field>
+            )}
+          </form.Field>
+          <form.Field name="nickname">
+            {field => (
+              <Field>
+                <FieldLabel htmlFor="nickname">昵称</FieldLabel>
+                <Input
+                  id="nickname"
+                  name="nickname"
+                  placeholder={user.nickname}
+                  value={field.state.value}
+                  onBlur={field.handleBlur}
+                  onChange={e => field.handleChange(e.target.value)}
+                />
+                <FieldError errors={field.state.meta.errors} />
+              </Field>
+            )}
+          </form.Field>
+          <form.Field name="subtitle">
+            {field => (
+              <Field>
+                <FieldLabel htmlFor="subtitle">副标题</FieldLabel>
+                <Input
+                  id="subtitle"
+                  name="subtitle"
+                  placeholder={user.subtitle}
+                  value={field.state.value}
+                  onBlur={field.handleBlur}
+                  onChange={e => field.handleChange(e.target.value)}
+                />
+                <FieldError errors={field.state.meta.errors} />
+              </Field>
+            )}
+          </form.Field>
+          <form.Field name="avatar">
+            {field => (
+              <Field>
+                <FieldLabel htmlFor="avatar">头像链接</FieldLabel>
+                <Input
+                  id="avatar"
+                  name="avatar"
+                  placeholder={user.avatar}
+                  value={field.state.value}
+                  onBlur={field.handleBlur}
+                  onChange={e => field.handleChange(e.target.value)}
+                />
+                <FieldError errors={field.state.meta.errors} />
+              </Field>
+            )}
+          </form.Field>
          <DialogFooter>
            <DialogClose asChild>
              <Button variant="outline">取消</Button>
            </DialogClose>
-            <Button type="submit">保存</Button>
+            <DialogClose asChild>
+              <Button type="submit">保存</Button>
+            </DialogClose>
          </DialogFooter>
-        </DialogContent>
-      </form>
+        </form>
+      </DialogContent>
    </Dialog>
  );
 }
--- a/client/cms/src/components/profile/edit-profile-form.tsx
+++ b/client/cms/src/components/profile/edit-profile-form.tsx
@@ -1,102 +0,0 @@
-import {
-  useForm,
-} from '@tanstack/react-form';
-import {
-  toast,
-} from 'sonner';
-import {
-  z,
-} from 'zod';
-import {
-  Button,
-} from '@/components/ui/button';
-import {
-  Field,
-  FieldError,
-  FieldLabel,
-} from '@/components/ui/field';
-import {
-  Input,
-} from '@/components/ui/input';
-
-const formSchema = z.object({
-  email: z.string(),
-  nickname: z.string().min(1),
-  subtitle: z.string().min(1),
-});
-
-export default function EditProfileForm() {
-  const form = useForm({
-    defaultValues: {
-      email: '',
-      nickname: '',
-      subtitle: '',
-    },
-    validators: {
-      onBlur: formSchema,
-    },
-    onSubmit: async ({
-      value,
-    }) => {
-      try {
-        toast(
-          <code className="text-white">{JSON.stringify(value, null, 2)}</code>,
-        );
-      }
-      catch (error) {
-        console.error('Form submission error', error);
-        toast.error('Failed to submit the form. Please try again.');
-      }
-    },
-  });
-
-  return (
-    <form
-      onSubmit={(e) => {
-        e.preventDefault();
-        e.stopPropagation();
-        void form.handleSubmit();
-      }}
-    >
-      <Field>
-        <FieldLabel htmlFor="email">Email</FieldLabel>
-        <Input
-          id="email"
-          name="email"
-          placeholder="noa@requiem.garden"
-
-          value={form.getFieldValue('email')}
-          onChange={e => form.setFieldValue('email', e.target.value)}
-        />
-        <FieldError />
-      </Field>
-      <Field>
-        <FieldLabel htmlFor="nickname">昵称</FieldLabel>
-        <Input
-          id="nickname"
-          name="nickname"
-          placeholder="Noa Virellia"
-
-          value={form.getFieldValue('nickname')}
-          onChange={e => form.setFieldValue('nickname', e.target.value)}
-        />
-
-        <FieldError />
-      </Field>
-      <Field>
-        <FieldLabel htmlFor="subtitle">副标题</FieldLabel>
-        <Input
-          id="subtitle"
-          name="subtitle"
-          placeholder="天生骄傲"
-
-          value={form.getFieldValue('subtitle')}
-          onChange={e => form.setFieldValue('subtitle', e.target.value)}
-        />
-
-        <FieldError />
-      </Field>
-      <Button type="submit">提交</Button>
-    </form>
-  );
-}
--- a/client/cms/src/components/profile/main-profile.tsx
+++ b/client/cms/src/components/profile/main-profile.tsx
@@ -1,34 +1,81 @@
-import { Mail } from 'lucide-react';
+import MDEditor from '@uiw/react-md-editor';
+import { isNil } from 'lodash-es';
+import { Mail, Pencil } from 'lucide-react';
+import { useState } from 'react';
 import Markdown from 'react-markdown';
+import { toast } from 'sonner';
 import { Avatar, AvatarFallback, AvatarImage } from '@/components/ui/avatar';
+import { useUpdateUser } from '@/hooks/data/useUpdateUser';
 import { useUserInfo } from '@/hooks/data/useUserInfo';
-import { base64ToUtf8 } from '@/lib/utils';
+import { base64ToUtf8, utf8ToBase64 } from '@/lib/utils';
+import { Button } from '../ui/button';
 import { EditProfileDialog } from './edit-profile-dialog';

 export function MainProfile() {
  const { data: user } = useUserInfo();
+  const [bio, setBio] = useState<string | undefined>(() => base64ToUtf8(user.bio));
+  const [enableBioEdit, setEnableBioEdit] = useState(false);
+  const { mutateAsync } = useUpdateUser();
+
  return (
-    <div className="flex flex-col w-full">
-      <div className="flex w-full flex-row gap-4 mt-2">
-        <Avatar className="size-16 rounded-full border-2 border-muted">
-          <AvatarImage src={user.avatar} alt={user.nickname} />
-          <AvatarFallback className="rounded-lg">CN</AvatarFallback>
-        </Avatar>
-        <div className="flex flex-1 flex-col justify-center">
-          <span className="font-semibold text-2xl" aria-hidden="true">{user.nickname}</span>
-          <span className="text-[20px] text-muted-foreground" aria-hidden="true">{user.subtitle}</span>
+    <div className="flex flex-col justify-center w-full lg:w-auto h-full lg:h-auto lg:flex-row lg:gap-8">
+      <div className="flex w-full flex-row mt-2 lg:mt-0 lg:flex-col lg:w-max">
+        <div className="flex flex-col w-full gap-3">
+          <div className="flex flex-col w-full gap-3">
+            <div className="flex flex-row gap-3 w-full lg:flex-col">
+              <Avatar className="size-16 rounded-full border-2 border-muted lg:size-64">
+                <AvatarImage src={user.avatar} alt={user.nickname} />
+                <AvatarFallback className="rounded-lg">CN</AvatarFallback>
+              </Avatar>
+              <div className="flex flex-1 flex-col justify-center lg:mt-3">
+                <span className="font-semibold text-2xl" aria-hidden="true">{user.nickname}</span>
+                <span className="text-[20px] text-muted-foreground" aria-hidden="true">{user.subtitle}</span>
+              </div>
+            </div>
+            <div className="flex flex-row gap-2 items-center text-sm px-1 lg:px-0">
+              <Mail className="h-4 w-4 stroke-muted-foreground" />
+              {user.email}
+            </div>
+          </div>
+          <EditProfileDialog />
        </div>
      </div>
-      <EditProfileDialog />
-      <section className="px-2 mt-4">
-        <div className="flex flex-row gap-2 items-center text-sm">
-          <Mail className="h-4 w-4 stroke-muted-foreground" />
-          {user.email}
-        </div>
-      </section>
-      <section className="rounded-md border border-muted w-full min-h-72 mt-4 p-6 prose dark:prose-invert max-w-[1012px] self-center">
+      <section className="relative rounded-md border border-muted w-full flex-1 lg:flex-auto min-h-72 lg:h-full mt-4 lg:mt-0 prose dark:prose-invert max-w-[1012px] self-center">
        {/* Bio */}
-        <Markdown>{base64ToUtf8(user.bio)}</Markdown>
+        {enableBioEdit
+          ? (
+            <MDEditor
+              value={bio}
+              onChange={setBio}
+              height="100%"
+            />
+          )
+          : <div className="p-6 prose dark:prose-invert"><Markdown>{bio}</Markdown></div>}
+        <Button
+          className="absolute bottom-4 right-4"
+          // eslint-disable-next-line ts/no-misused-promises
+          onClick={async () => {
+            if (!enableBioEdit) {
+              setEnableBioEdit(true);
+            }
+            else {
+              if (!isNil(bio)) {
+                try {
+                  await mutateAsync({ bio: utf8ToBase64(bio) });
+                  setEnableBioEdit(false);
+                }
+                catch (error) {
+                  console.error(error);
+                  toast.error('个人简介更新失败');
+                }
+              }
+            }
+          }}
+          size="icon-sm"
+          variant={enableBioEdit ? 'default' : 'outline'}
+        >
+          <Pencil />
+        </Button>
      </section>
    </div>
  );
--- a/client/cms/src/hooks/data/useUpdateUser.ts
+++ b/client/cms/src/hooks/data/useUpdateUser.ts
@@ -0,0 +1,22 @@
+import { useMutation, useQueryClient } from '@tanstack/react-query';
+import { axiosClient } from '@/lib/axios';
+
+interface UpdateUserPayload {
+  avatar?: string;
+  bio?: string;
+  nickname?: string;
+  subtitle?: string;
+  username?: string;
+}
+
+export function useUpdateUser() {
+  const queryClient = useQueryClient();
+  return useMutation({
+    mutationFn: async (payload: UpdateUserPayload) => {
+      return axiosClient.patch<{ status: string }>('/user/update', payload);
+    },
+    onSuccess: async () => {
+      await queryClient.invalidateQueries({ queryKey: ['userInfo'] });
+    },
+  });
+}
--- a/client/cms/src/hooks/data/useUserInfo.ts
+++ b/client/cms/src/hooks/data/useUserInfo.ts
@@ -6,6 +6,7 @@ export function useUserInfo() {
    queryKey: ['userInfo'],
    queryFn: async () => {
      const response = await axiosClient.get<{
+        username: string;
        user_id: string;
        email: string;
        type: string;
--- a/client/cms/src/lib/axios.ts
+++ b/client/cms/src/lib/axios.ts
@@ -1,10 +1,17 @@
-import type { AxiosRequestConfig } from 'axios';
-import axios, { AxiosError } from 'axios';
+import type { AxiosError, AxiosRequestConfig } from 'axios';
+import type { JsonValue } from 'type-fest';
+import axios from 'axios';
+import { isNil } from 'lodash-es';
 import { router } from '@/lib/router';
-import { doRefreshToken, getRefreshToken, getToken, setRefreshToken, setToken } from './token';
+import { clearTokens, doRefreshToken, getRefreshToken, getToken, setRefreshToken, setToken } from './token';
+
+export const HEADER_API_VERSION = {
+  'X-Api-Version': 'latest',
+};

 export const axiosClient = axios.create({
  baseURL: '/api/v1/',
+  headers: HEADER_API_VERSION,
 });

 axiosClient.interceptors.request.use((config) => {
@@ -18,27 +25,43 @@ axiosClient.interceptors.request.use((config) => {

 type RetryConfig = AxiosRequestConfig & { _retry?: boolean };

-axiosClient.interceptors.response.use(undefined, async (error: AxiosError) => {
+interface ResponseData {
+  code: number;
+  error_id: string;
+  status: string;
+  data: JsonValue;
+}
+
+axiosClient.interceptors.response.use(async (response) => {
+  const data = response.data as ResponseData;
+  if (data.code !== 200) {
+    return Promise.reject(data);
+  }
+  response.data = data.data;
+  return response;
+}, async (error: AxiosError) => {
  const originalRequest = error.config as RetryConfig | undefined;
  if (!error.response || error.response.status !== 401 || !originalRequest) {
    return Promise.reject(error);
  }
-
-  if (error.response.status === 401 && getRefreshToken() !== null) {
+  if (error.response.status === 401 && originalRequest.url !== '/auth/refresh' && !isNil(getRefreshToken())) {
    try {
-      const maybeRefreshTokenValue = await doRefreshToken();
-      const { access_token, refresh_token } = maybeRefreshTokenValue.data;
+      const maybeRefreshTokenResponse = await doRefreshToken();
+      if (maybeRefreshTokenResponse.status !== 200) {
+        throw new Error('Failed to refresh token');
+      }
+      const { access_token, refresh_token } = maybeRefreshTokenResponse.data;
      originalRequest.headers = originalRequest.headers ?? {};
      originalRequest.headers.Authorization = `Bearer ${access_token}`;
      setToken(access_token);
      setRefreshToken(refresh_token);
      return await axiosClient(originalRequest);
    }
+    // eslint-disable-next-line unused-imports/no-unused-vars
    catch (e) {
-      if (e instanceof AxiosError && e.status === 401) {
-        await router.navigate({ to: '/authorize' });
-        return Promise.reject(error);
-      }
+      // Should remove token (tokens are out of date)
+      clearTokens();
+      await router.navigate({ to: '/authorize' });
    }
  }
 });
--- a/client/cms/src/lib/token.ts
+++ b/client/cms/src/lib/token.ts
@@ -1,4 +1,4 @@
-import axios from 'axios';
+import { axiosClient, HEADER_API_VERSION } from './axios';

 export function setToken(token: string) {
  localStorage.setItem('token', token);
@@ -30,11 +30,11 @@ export function clearTokens() {
 }

 export async function doSetTokenByCode(code: string) {
-  const { data } = await axios.post<{ access_token: string; refresh_token: string }>('/api/v1/auth/token', { code });
+  const { data } = await axiosClient.post<{ access_token: string; refresh_token: string }>('/auth/token', { code }, { headers: HEADER_API_VERSION });
  setToken(data.access_token);
  setRefreshToken(data.refresh_token);
 }

 export async function doRefreshToken() {
-  return axios.post<{ access_token: string; refresh_token: string }>('/api/v1/auth/refresh', { refresh_token: getRefreshToken() });
+  return axiosClient.post<{ access_token: string; refresh_token: string }>('/auth/refresh', { refresh_token: getRefreshToken() }, { headers: HEADER_API_VERSION });
 }
--- a/client/cms/src/routes/_sidebarLayout/profile.tsx
+++ b/client/cms/src/routes/_sidebarLayout/profile.tsx
@@ -7,7 +7,7 @@ export const Route = createFileRoute('/_sidebarLayout/profile')({

 function RouteComponent() {
  return (
-    <div className="flex min-h-[560px] flex-col gap-6 px-4 py-6">
+    <div className="flex h-full flex-col gap-6 px-4 py-6">
      <MainProfile />
    </div>
  );
--- a/client/cms/src/routes/authorize.tsx
+++ b/client/cms/src/routes/authorize.tsx
@@ -1,7 +1,9 @@
 import { createFileRoute } from '@tanstack/react-router';
 import { zodValidator } from '@tanstack/zod-adapter';
+import { isNil } from 'lodash-es';
 import z from 'zod';
 import { LoginForm } from '@/components/login-form';
+import { axiosClient } from '@/lib/axios';
 import { generateOAuthState } from '@/lib/random';
 import { getToken } from '@/lib/token';

@@ -22,15 +24,21 @@ export const Route = createFileRoute('/authorize')({
 function RouteComponent() {
  const token = getToken();
  const oauthParams = Route.useSearch();
-  if (token !== null) {
-    const base = new URL(window.location.origin);
-    const url = new URL('/api/v1/auth/redirect', base);
-    url.searchParams.set('client_id', oauthParams.client_id);
-    url.searchParams.set('response_type', oauthParams.response_type);
-    url.searchParams.set('redirect_uri', oauthParams.redirect_uri);
-    url.searchParams.set('state', oauthParams.state);
-    window.location.href = url.toString();
-    return null;
+  /**
+   * Auth by Token Flow
+   */
+  if (!isNil(token)) {
+    axiosClient.post<{ redirect_uri: string }>('/auth/exchange', {
+      client_id: oauthParams.client_id,
+      redirect_uri: oauthParams.redirect_uri,
+      state: oauthParams.state,
+    }).then((res) => {
+      window.location.href = res.data.redirect_uri;
+    }).catch((e) => {
+      console.error(e);
+      return 'Token exchange failed';
+    });
+    return 'Redirecting';
  }
  return (
    <div className="bg-background flex min-h-svh flex-col items-center justify-center gap-6 p-6 md:p-10">
--- a/client/cms/vite.config.ts
+++ b/client/cms/vite.config.ts
@@ -1,15 +1,15 @@
-import path from "node:path";
-import tailwindcss from "@tailwindcss/vite";
-import { tanstackRouter } from "@tanstack/router-plugin/vite";
-import react from "@vitejs/plugin-react";
-import { defineConfig } from "vite";
-import svgr from "vite-plugin-svgr";
+import path from 'node:path';
+import tailwindcss from '@tailwindcss/vite';
+import { tanstackRouter } from '@tanstack/router-plugin/vite';
+import react from '@vitejs/plugin-react';
+import { defineConfig } from 'vite';
+import svgr from 'vite-plugin-svgr';

 // https://vite.dev/config/
 export default defineConfig({
  plugins: [
    tanstackRouter({
-      target: "react",
+      target: 'react',
      autoCodeSplitting: true,
    }),
    react(),
@@ -18,15 +18,15 @@ export default defineConfig({
  ],
  resolve: {
    alias: {
-      "@": path.resolve(__dirname, "./src"),
+      '@': path.resolve(__dirname, './src'),
    },
  },
  server: {
    proxy: {
-      "/api": "http://10.0.0.250:8000",
+      '/api': 'http://10.0.0.10:8000',
    },
-    host: "0.0.0.0",
+    host: '0.0.0.0',
    port: 5173,
-    allowedHosts: ["nix.org.cn", "nixos.party"],
+    allowedHosts: ['nix.org.cn', 'nixos.party'],
  },
 });
--- a/cmd/gen_exception/definitions/common.yaml
+++ b/cmd/gen_exception/definitions/common.yaml
@@ -0,0 +1,10 @@
+common:
+    error:
+        invalid_input: "00001"
+        unauthorized: "00002"
+        internal: "00003"
+        permission_denied: "00004"
+        uuid_parse_failed: "00005"
+        database: "00006"
+        missing_user_id: "00007"
+        user_not_found: "00008"
--- a/cmd/gen_exception/definitions/endpoint.yaml
+++ b/cmd/gen_exception/definitions/endpoint.yaml
@@ -0,0 +1,23 @@
+endpoint:
+    auth:
+        service:
+            redirect: "01"
+            magic: "02"
+            token: "03"
+            refresh: "04"
+            exchange: "05"
+    event:
+        service:
+            info: "01"
+            checkin: "02"
+            checkin_query: "03"
+            checkin_submit: "04"
+    user:
+        service:
+            info: "01"
+            update: "02"
+            list: "03"
+            full: "04"
+            create: "05"
+    middleware:
+        service: "01"
--- a/cmd/gen_exception/definitions/middleware.yaml
+++ b/cmd/gen_exception/definitions/middleware.yaml
@@ -0,0 +1,6 @@
+middleware:
+    service:
+        gin_logger: "901"
+        jwt: "902"
+        permission: "903"
+        api_version: "904"
--- a/cmd/gen_exception/definitions/service.yaml
+++ b/cmd/gen_exception/definitions/service.yaml
@@ -0,0 +1,4 @@
+service:
+    auth: "001"
+    user: "002"
+    event: "003"
--- a/cmd/gen_exception/definitions/specific.yaml
+++ b/cmd/gen_exception/definitions/specific.yaml
@@ -0,0 +1,34 @@
+api:
+    version:
+        not_found: "00001"
+auth:
+    redirect:
+        token_invalid: "00001"
+        client_not_found: "00002"
+        uri_mismatch: "00003"
+        invalid_uri: "00004"
+    magic:
+        turnstile_failed: "00001"
+        code_gen_failed: "00002"
+        invalid_external_url: "00003"
+        invalid_email_config: "00004"
+    token:
+        invalid_token: "00001"
+        gen_failed: "00002"
+    refresh:
+        invalid_token: "00001"
+        renew_failed: "00002"
+    exchange:
+        get_user_id_failed: "00001"
+        code_gen_failed: "00002"
+        invalid_redirect_uri: "00003"
+user:
+    list:
+        meilisearch_failed: "00001"
+event:
+    info:
+        not_found: "00001"
+    checkin:
+        gen_code_failed: "00001"
+    checkin_query:
+        record_not_found: "00001"
--- a/cmd/gen_exception/definitions/status.yaml
+++ b/cmd/gen_exception/definitions/status.yaml
@@ -0,0 +1,5 @@
+status:
+    success: "2"
+    user: "4"
+    server: "5"
+    client: "6"
--- a/cmd/gen_exception/definitions/types.yaml
+++ b/cmd/gen_exception/definitions/types.yaml
@@ -0,0 +1,3 @@
+type:
+    common: "1"
+    specific: "0"
--- a/cmd/gen_exception/exception.tmpl
+++ b/cmd/gen_exception/exception.tmpl
@@ -0,0 +1,8 @@
+// Code generated by gen-exception; DO NOT EDIT.
+package exception
+
+const (
+{{- range .Items }}
+	{{ .Name }} = "{{ .Value }}"
+{{- end }}
+)
--- a/cmd/gen_exception/main.go
+++ b/cmd/gen_exception/main.go
@@ -0,0 +1,95 @@
+package main
+
+import (
+	"fmt"
+	"log"
+	"os"
+	"path/filepath"
+	"strings"
+	"text/template"
+
+	"golang.org/x/text/cases"
+	"golang.org/x/text/language"
+	"gopkg.in/yaml.v3"
+)
+
+type ErrorItem struct {
+	Name  string
+	Value string
+}
+
+type TplData struct {
+	Items []ErrorItem
+}
+
+func toCamel(s string) string {
+	caser := cases.Title(language.English)
+	s = strings.ReplaceAll(s, "-", "_")
+	parts := strings.Split(s, "_")
+	for i := range parts {
+		parts[i] = caser.String(parts[i])
+	}
+	return strings.Join(parts, "")
+}
+
+func recursiveParse(prefix string, raw any, items *[]ErrorItem) {
+	switch v := raw.(type) {
+	case map[string]any:
+		for key, val := range v {
+			recursiveParse(prefix+toCamel(key), val, items)
+		}
+	case string:
+		*items = append(*items, ErrorItem{
+			Name:  prefix,
+			Value: v,
+		})
+	case int, int64:
+		*items = append(*items, ErrorItem{
+			Name:  prefix,
+			Value: fmt.Sprintf("%v", v),
+		})
+	}
+}
+
+func main() {
+	yamlDir := "cmd/gen_exception/definitions"
+	outputDir := "internal/exception"
+	tplPath := "cmd/gen_exception/exception.tmpl"
+
+	if _, err := os.Stat(tplPath); os.IsNotExist(err) {
+		log.Fatalf("Cannot found tmpl %s", tplPath)
+	}
+
+	funcMap := template.FuncMap{"ToCamel": toCamel}
+	tmpl := template.Must(template.New("exception.tmpl").Funcs(funcMap).ParseFiles(tplPath))
+
+	os.MkdirAll(outputDir, 0755)
+
+	files, _ := filepath.Glob(filepath.Join(yamlDir, "*.yaml"))
+	for _, yamlFile := range files {
+		content, err := os.ReadFile(yamlFile)
+		if err != nil {
+			log.Printf("Read file error: %v", err)
+			continue
+		}
+
+		var rawData any
+		if err := yaml.Unmarshal(content, &rawData); err != nil {
+			log.Printf("Unmarshal error in %s: %v", yamlFile, err)
+			continue
+		}
+
+		var items []ErrorItem
+		recursiveParse("", rawData, &items)
+
+		baseName := strings.TrimSuffix(filepath.Base(yamlFile), filepath.Ext(yamlFile))
+		outputFileName := baseName + "_gen.go"
+		outputPath := filepath.Join(outputDir, outputFileName)
+
+		f, _ := os.Create(outputPath)
+		tmpl.Execute(f, TplData{Items: items})
+		f.Close()
+
+		fmt.Printf("Generated: %s (%d constants)\n", outputPath, len(items))
+	}
+}
--- a/exception/common.go
+++ b/exception/common.go
@@ -1,6 +0,0 @@
-package exception
-
-const (
-	CommonErrorInvalidInput = "00001"
-	CommonErrorUnauthorized = "00002"
-)
--- a/exception/endpoints.go
+++ b/exception/endpoints.go
@@ -1,32 +0,0 @@
-package exception
-
-// Middleware Service Endpoints
-const (
-	MiddlewareEndpoint = "01"
-)
-
-// Auth Service Endpoints
-const (
-	AuthRedirectEndpoint = "01"
-	AuthMagicEndpoint    = "02"
-	AuthTokenEndpoint    = "03"
-	AuthRefreshEndpoint  = "04"
-	AuthExchangeEndpoint = "05"
-)
-
-// Event Service Endpoints
-const (
-	EventInfoEndpoint          = "01"
-	EventCheckinEndpoint       = "02"
-	EventCheckinQueryEndpoint  = "03"
-	EventCheckinSubmitEndpoint = "04"
-)
-
-// User Service Endpoints
-const (
-	UserInfoEndpoint   = "01"
-	UserUpdateEndpoint = "02"
-	UserListEndpoint   = "03"
-	UserFullEndpoint   = "04"
-	UserCreateEndpoint = "05"
-)
--- a/exception/services.go
+++ b/exception/services.go
@@ -1,16 +0,0 @@
-package exception
-
-// Middleware Services
-const (
-	MiddlewareGinLoggerService  = "901"
-	MiddlewareJwtService        = "902"
-	MiddlewarePermissionService = "903"
-	MiddlewareApiVersionService = "904"
-)
-
-// Application Services
-const (
-	AuthService  = "001"
-	UserService  = "002"
-	EventService = "003"
-)
--- a/exception/specific.go
+++ b/exception/specific.go
@@ -1,5 +0,0 @@
-package exception
-
-const (
-	ApiVersionNotFound = "00001"
-)
--- a/exception/status.go
+++ b/exception/status.go
@@ -1,8 +0,0 @@
-package exception
-
-const (
-	ErrorStatusSuccess = "2"
-	ErrorStatusUser    = "4"
-	ErrorStatusServer  = "5"
-	ErrorStatusClient  = "6"
-)
--- a/exception/types.go
+++ b/exception/types.go
@@ -1,6 +0,0 @@
-package exception
-
-const (
-	ErrorTypeCommon   = "0"
-	ErrorTypeSpecific = "1"
-)
--- a/generate.go
+++ b/generate.go
@@ -0,0 +1,3 @@
+package main
+
+//go:generate go run ./cmd/gen_exception/main.go
--- a/go.mod
+++ b/go.mod
@@ -17,7 +17,9 @@ require (
 	github.com/redis/go-redis/v9 v9.17.2
 	github.com/spf13/viper v1.21.0
 	golang.org/x/crypto v0.46.0
+	golang.org/x/text v0.33.0
 	gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df
+	gopkg.in/yaml.v3 v3.0.1
 	gorm.io/datatypes v1.2.7
 	gorm.io/driver/postgres v1.6.0
 	gorm.io/gorm v1.31.1
@@ -75,7 +77,6 @@ require (
 	golang.org/x/net v0.48.0 // indirect
 	golang.org/x/sync v0.19.0 // indirect
 	golang.org/x/sys v0.39.0 // indirect
-	golang.org/x/text v0.32.0 // indirect
 	google.golang.org/protobuf v1.36.11 // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
--- a/go.sum
+++ b/go.sum
@@ -346,8 +346,8 @@ golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
-golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU=
-golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY=
+golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE=
+golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8=
 golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE=
 golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
--- a/internal/exception/builder.go
+++ b/internal/exception/builder.go
@@ -2,6 +2,7 @@ package exception

 import (
 	"fmt"
+	"log/slog"
 )

 // 12 chars len
@@ -17,6 +18,7 @@ type Builder struct {
 	Endpoint string
 	Type     string
 	Original string
+	Error    error
 }

 func (self *Builder) SetStatus(s string) *Builder {
@@ -44,12 +46,21 @@ func (self *Builder) SetOriginal(s string) *Builder {
 	return self
 }

+func (self *Builder) SetError(e error) *Builder {
+	self.Error = e
+	return self
+}
+
 func (self *Builder) Build() string {
-	return fmt.Sprintf("%s%s%s%s%s",
+	errorCode := fmt.Sprintf("%s%s%s%s%s",
 		self.Status,
 		self.Service,
 		self.Endpoint,
 		self.Type,
 		self.Original,
 	)
+	if self.Error != nil {
+		slog.Warn("Service exception", "id", errorCode, "err", self.Error)
+	}
+	return errorCode
 }
--- a/14
+++ b/14
@@ -9,7 +9,9 @@ client_cms_dir := join(client_dir, "cms")
 server_exec_path := join(output_dir, project_name)
 server_entry := "main.go"

-install: install-cms
+install: install-cms install-back
+
+generate: gen-back

 install-cms:
    cd {{ client_cms_dir }} && {{ pnpm_cmd }} install
@@ -24,20 +26,26 @@ build-client-cms:
 build-back:
    {{ go_cmd }} build -o {{ server_exec_path }}{{ if os() == "windows" { ".exe" } else { "" } }} {{ server_entry }}

+install-back:
+    cd {{ project_dir }} && go mod tidy
+
 run-back:
    cd {{ output_dir }} && CONFIG_PATH={{ output_dir }} {{ server_exec_path }}{{ if os() == "windows" { ".exe" } else { "" } }}

 test-back:
    cd {{ output_dir }} && CONFIG_PATH={{ output_dir }} GO_ENV=test go test -C .. ./...

+gen-back:
+    cd {{ project_dir }} && go generate .
+
 watch-back:
    watchexec -r -e go,yaml,tpl -i '.devenv/**' -i '.direnv/**' -i 'client/**' -i 'vendor/**' 'go build -o {{ server_exec_path }} . && cd {{ output_dir }} && CONFIG_PATH={{ output_dir }} {{ server_exec_path }}'

-dev: clean install
+dev: clean install generate
    devenv up --verbose

 dev-client-cms: install-cms
    devenv up client-cms --verbose

-dev-back: clean
+dev-back: clean install-back gen-back
    devenv up backend postgres redis meilisearch --verbose
--- a/middleware/api_version.go
+++ b/middleware/api_version.go
@@ -1,7 +1,7 @@
 package middleware

 import (
-	"nixcn-cms/exception"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/utils"

 	"github.com/gin-gonic/gin"
@@ -12,10 +12,10 @@ func ApiVersionCheck() gin.HandlerFunc {
 		apiVersion := c.GetHeader("X-Api-Version")
 		if apiVersion == "" {
 			errorCode := new(exception.Builder).
-				SetStatus(exception.ErrorStatusServer).
-				SetService(exception.MiddlewareApiVersionService).
-				SetEndpoint(exception.MiddlewareEndpoint).
-				SetType(exception.ErrorTypeSpecific).
+				SetStatus(exception.StatusServer).
+				SetService(exception.MiddlewareServiceApiVersion).
+				SetEndpoint(exception.EndpointMiddlewareService).
+				SetType(exception.TypeSpecific).
 				SetOriginal(exception.ApiVersionNotFound).
 				Build()
 			utils.HttpAbort(c, 400, errorCode)
--- a/middleware/jwt.go
+++ b/middleware/jwt.go
@@ -1,7 +1,7 @@
 package middleware

 import (
-	"nixcn-cms/exception"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/pkgs/authtoken"
 	"nixcn-cms/utils"

@@ -17,11 +17,12 @@ func JWTAuth() gin.HandlerFunc {
 		uid, err := authtoken.HeaderVerify(auth)
 		if err != nil {
 			errorCode := new(exception.Builder).
-				SetStatus(exception.ErrorStatusServer).
-				SetService(exception.MiddlewareJwtService).
-				SetEndpoint(exception.MiddlewareEndpoint).
-				SetType(exception.ErrorTypeSpecific).
+				SetStatus(exception.StatusServer).
+				SetService(exception.MiddlewareServiceJwt).
+				SetEndpoint(exception.EndpointMiddlewareService).
+				SetType(exception.TypeCommon).
 				SetOriginal(exception.CommonErrorUnauthorized).
+				SetError(err).
 				Build()

 			utils.HttpAbort(c, 401, errorCode)
--- a/middleware/permission.go
+++ b/middleware/permission.go
@@ -2,6 +2,7 @@ package middleware

 import (
 	"nixcn-cms/data"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/utils"

 	"github.com/gin-gonic/gin"
@@ -15,19 +16,42 @@ func Permission(requiredLevel uint) gin.HandlerFunc {
 		if !ok {
 			userIdOrig, ok := c.Get("user_id")
 			if !ok || userIdOrig.(string) == "" {
-				utils.HttpAbort(c, 401, "", "missing user id")
+				errorCode := new(exception.Builder).
+					SetStatus(exception.StatusUser).
+					SetService(exception.MiddlewareServicePermission).
+					SetEndpoint(exception.EndpointMiddlewareService).
+					SetType(exception.TypeCommon).
+					SetOriginal(exception.CommonErrorMissingUserId).
+					Build()
+				utils.HttpAbort(c, 401, errorCode)
 				return
 			}

 			userId, err := uuid.Parse(userIdOrig.(string))
 			if err != nil {
-				utils.HttpAbort(c, 500, "", "error parsing user id")
+				errorCode := new(exception.Builder).
+					SetStatus(exception.StatusServer).
+					SetService(exception.MiddlewareServicePermission).
+					SetEndpoint(exception.EndpointMiddlewareService).
+					SetType(exception.TypeCommon).
+					SetOriginal(exception.CommonErrorUuidParseFailed).
+					SetError(err).
+					Build()
+				utils.HttpAbort(c, 500, errorCode)
 				return
 			}

 			userData, err := new(data.User).GetByUserId(userId)
 			if err != nil {
-				utils.HttpAbort(c, 404, "", "user not found")
+				errorCode := new(exception.Builder).
+					SetStatus(exception.StatusUser).
+					SetService(exception.MiddlewareServicePermission).
+					SetEndpoint(exception.EndpointMiddlewareService).
+					SetType(exception.TypeCommon).
+					SetOriginal(exception.CommonErrorUserNotFound).
+					SetError(err).
+					Build()
+				utils.HttpAbort(c, 404, errorCode)
 				return
 			}

@@ -38,7 +62,14 @@ func Permission(requiredLevel uint) gin.HandlerFunc {
 		}

 		if permissionLevel < requiredLevel {
-			utils.HttpAbort(c, 403, "", "permission denied")
+			errorCode := new(exception.Builder).
+				SetStatus(exception.StatusUser).
+				SetService(exception.MiddlewareServicePermission).
+				SetEndpoint(exception.EndpointMiddlewareService).
+				SetType(exception.TypeCommon).
+				SetOriginal(exception.CommonErrorPermissionDenied).
+				Build()
+			utils.HttpAbort(c, 403, errorCode)
 			return
 		}

--- a/service/auth/exchange.go
+++ b/service/auth/exchange.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"net/url"
 	"nixcn-cms/data"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/pkgs/authcode"
 	"nixcn-cms/utils"

@@ -23,38 +24,85 @@ func Exchange(c *gin.Context) {
 	err := c.ShouldBindJSON(&exchangeReq)
 	if err != nil {
 		fmt.Println(err)
-		utils.HttpResponse(c, 400, "", "invalid request")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceExchange).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

 	userIdOrig, ok := c.Get("user_id")
 	if !ok {
-		utils.HttpResponse(c, 401, "", "unauthorized")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceExchange).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorUnauthorized).
+			Build()
+		utils.HttpResponse(c, 401, errorCode)
 		return
 	}

 	userId, err := uuid.Parse(userIdOrig.(string))
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "failed to parse uuid")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceExchange).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorUuidParseFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

 	userData := new(data.User)
 	user, err := userData.GetByUserId(userId)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "failed to get user id")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceExchange).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthExchangeGetUserIdFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

 	code, err := authcode.NewAuthCode(exchangeReq.ClientId, user.Email)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "code gen failed")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceExchange).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthExchangeCodeGenFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

 	url, err := url.Parse(exchangeReq.RedirectUri)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "invalid redirect uri")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceExchange).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthExchangeInvalidRedirectUri).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}
 	query := url.Query()
--- a/service/auth/magic.go
+++ b/service/auth/magic.go
@@ -2,6 +2,7 @@ package auth

 import (
 	"net/url"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/pkgs/authcode"
 	"nixcn-cms/pkgs/email"
 	"nixcn-cms/pkgs/turnstile"
@@ -23,27 +24,59 @@ func Magic(c *gin.Context) {
 	// Parse request
 	var req MagicRequest
 	if err := c.ShouldBindJSON(&req); err != nil {
-		utils.HttpResponse(c, 400, "", "invalid request")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceMagic).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

 	// Cloudflare turnstile
 	ok, err := turnstile.VerifyTurnstile(req.TurnstileToken, c.ClientIP())
 	if err != nil || !ok {
-		utils.HttpResponse(c, 403, "", "turnstile failed")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceMagic).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthMagicTurnstileFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 403, errorCode)
 		return
 	}

 	code, err := authcode.NewAuthCode(req.ClientId, req.Email)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "code gen failed")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceMagic).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthMagicCodeGenFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

 	externalUrl := viper.GetString("server.external_url")
 	url, err := url.Parse(externalUrl)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "invalid external url")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceMagic).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthMagicInvalidExternalUrl).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

@@ -66,7 +99,15 @@ func Magic(c *gin.Context) {
 		// Send email using resend
 		emailClient, err := new(email.Client).NewSMTPClient()
 		if err != nil {
-			utils.HttpResponse(c, 500, "", "invalid email config")
+			errorCode := new(exception.Builder).
+				SetStatus(exception.StatusServer).
+				SetService(exception.ServiceAuth).
+				SetEndpoint(exception.EndpointAuthServiceMagic).
+				SetType(exception.TypeSpecific).
+				SetOriginal(exception.AuthMagicInvalidEmailConfig).
+				SetError(err).
+				Build()
+			utils.HttpResponse(c, 500, errorCode)
 			return
 		}
 		emailClient.Send(
--- a/service/auth/redirect.go
+++ b/service/auth/redirect.go
@@ -3,6 +3,7 @@ package auth
 import (
 	"net/url"
 	"nixcn-cms/data"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/pkgs/authcode"
 	"nixcn-cms/utils"

@@ -14,19 +15,40 @@ import (
 func Redirect(c *gin.Context) {
 	clientId := c.Query("client_id")
 	if clientId == "" {
-		utils.HttpResponse(c, 400, "", "invalid request")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceRedirect).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

 	redirectUri := c.Query("redirect_uri")
 	if redirectUri == "" {
-		utils.HttpResponse(c, 400, "", "invalid request")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceRedirect).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

 	state := c.Query("state")
 	if state == "" {
-		utils.HttpResponse(c, 400, "", "invalid request")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceRedirect).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

@@ -35,7 +57,14 @@ func Redirect(c *gin.Context) {
 	// Verify email token
 	authCode, ok := authcode.VerifyAuthCode(code)
 	if !ok {
-		utils.HttpResponse(c, 403, "", "invalid or expired token")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceRedirect).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthRedirectTokenInvalid).
+			Build()
+		utils.HttpResponse(c, 403, errorCode)
 		return
 	}

@@ -52,11 +81,27 @@ func Redirect(c *gin.Context) {
 			user.Username = user.UserId.String()
 			user.PermissionLevel = 10
 			if err := user.Create(); err != nil {
-				utils.HttpResponse(c, 500, "", "internal server error")
+				errorCode := new(exception.Builder).
+					SetStatus(exception.StatusServer).
+					SetService(exception.ServiceAuth).
+					SetEndpoint(exception.EndpointAuthServiceRedirect).
+					SetType(exception.TypeCommon).
+					SetOriginal(exception.CommonErrorInternal).
+					SetError(err).
+					Build()
+				utils.HttpResponse(c, 500, errorCode)
 				return
 			}
 		} else {
-			utils.HttpResponse(c, 500, "", "internal server error")
+			errorCode := new(exception.Builder).
+				SetStatus(exception.StatusServer).
+				SetService(exception.ServiceAuth).
+				SetEndpoint(exception.EndpointAuthServiceRedirect).
+				SetType(exception.TypeCommon).
+				SetOriginal(exception.CommonErrorInternal).
+				SetError(err).
+				Build()
+			utils.HttpResponse(c, 500, errorCode)
 			return
 		}
 	}
@@ -64,25 +109,57 @@ func Redirect(c *gin.Context) {
 	clientData := new(data.Client)
 	client, err := clientData.GetClientByClientId(clientId)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "client not found")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceRedirect).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthRedirectClientNotFound).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

 	err = client.ValidateRedirectURI(redirectUri)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "redirect uri not match")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceRedirect).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthRedirectUriMismatch).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

 	newCode, err := authcode.NewAuthCode(clientId, authCode.Email)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "internal server error")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceRedirect).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInternal).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

 	url, err := url.Parse(redirectUri)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "invalid redirect uri")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceRedirect).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthRedirectInvalidUri).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}
 	query := url.Query()
--- a/service/auth/refresh.go
+++ b/service/auth/refresh.go
@@ -1,6 +1,7 @@
 package auth

 import (
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/pkgs/authtoken"
 	"nixcn-cms/utils"

@@ -14,7 +15,15 @@ func Refresh(c *gin.Context) {
 	}

 	if err := c.ShouldBindJSON(&req); err != nil {
-		utils.HttpResponse(c, 400, "", "invalid request")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceRefresh).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

@@ -24,13 +33,29 @@ func Refresh(c *gin.Context) {

 	accessToken, err := JwtTool.RefreshAccessToken(req.RefreshToken)
 	if err != nil {
-		utils.HttpResponse(c, 401, "", "invalid refresh token")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceRefresh).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthRefreshInvalidToken).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 401, errorCode)
 		return
 	}

 	refreshToken, err := JwtTool.RenewRefreshToken(req.RefreshToken)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "error renew refresh token")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceRefresh).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthRefreshRenewFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

--- a/service/auth/token.go
+++ b/service/auth/token.go
@@ -2,6 +2,7 @@ package auth

 import (
 	"nixcn-cms/data"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/pkgs/authcode"
 	"nixcn-cms/pkgs/authtoken"
 	"nixcn-cms/utils"
@@ -19,20 +20,43 @@ func Token(c *gin.Context) {

 	err := c.ShouldBindJSON(&req)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "invalid request")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceToken).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

 	authCode, ok := authcode.VerifyAuthCode(req.Code)
 	if !ok {
-		utils.HttpResponse(c, 403, "", "invalid or expired token")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceToken).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthTokenInvalidToken).
+			Build()
+		utils.HttpResponse(c, 403, errorCode)
 		return
 	}

 	userData := new(data.User)
 	user, err := userData.GetByEmail(authCode.Email)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "internal server error")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceToken).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInternal).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

@@ -42,7 +66,15 @@ func Token(c *gin.Context) {
 	}
 	accessToken, refreshToken, err := JwtTool.IssueTokens(authCode.ClientId, user.UserId)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "error generating tokens")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceAuth).
+			SetEndpoint(exception.EndpointAuthServiceToken).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.AuthTokenGenFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

--- a/service/event/checkin.go
+++ b/service/event/checkin.go
@@ -2,6 +2,7 @@ package event

 import (
 	"nixcn-cms/data"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/utils"
 	"time"

@@ -13,31 +14,69 @@ func Checkin(c *gin.Context) {
 	data := new(data.Attendance)
 	userIdOrig, ok := c.Get("user_id")
 	if !ok {
-		utils.HttpResponse(c, 403, "", "userid error")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusUser).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceCheckin).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorMissingUserId).
+			Build()
+		utils.HttpResponse(c, 403, errorCode)
 		return
 	}
 	userId, err := uuid.Parse(userIdOrig.(string))
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "failed to parse uuid")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceCheckin).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorUuidParseFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 	}

 	// Get event id from query
 	eventIdOrig, ok := c.GetQuery("event_id")
 	if !ok {
-		utils.HttpResponse(c, 400, "", "undefinded event id")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceCheckin).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

 	// Parse event id to uuid
 	eventId, err := uuid.Parse(eventIdOrig)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "error parsing string to uuid")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceCheckin).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorUuidParseFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}
 	data.UserId = userId
 	code, err := data.GenCheckinCode(eventId)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "error generating code")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceCheckin).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.EventCheckinGenCodeFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

@@ -56,7 +95,15 @@ func CheckinSubmit(c *gin.Context) {
 	attendanceData := new(data.Attendance)
 	err := attendanceData.VerifyCheckinCode(req.ChekinCode)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "error verify checkin code")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceCheckinSubmit).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

@@ -66,23 +113,53 @@ func CheckinSubmit(c *gin.Context) {
 func CheckinQuery(c *gin.Context) {
 	userIdOrig, ok := c.Get("user_id")
 	if !ok {
-		utils.HttpResponse(c, 400, "", "userid error")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusUser).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceCheckinQuery).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorMissingUserId).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}
 	userId, err := uuid.Parse(userIdOrig.(string))
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "failed to parse uuid")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceCheckinQuery).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorUuidParseFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

 	eventIdOrig, ok := c.GetQuery("event_id")
 	if !ok {
-		utils.HttpResponse(c, 400, "", "could not found event_id")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceCheckinQuery).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}
 	eventId, err := uuid.Parse(eventIdOrig)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "event_id is not valid")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceCheckinQuery).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

@@ -90,10 +167,25 @@ func CheckinQuery(c *gin.Context) {
 	attendance, err := attendanceData.GetAttendance(userId, eventId)

 	if err != nil {
-		utils.HttpResponse(c, 500, "", "database error")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceCheckinQuery).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorDatabase).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	} else if attendance == nil {
-		utils.HttpResponse(c, 404, "", "event checkin record not found")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceCheckinQuery).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.EventCheckinQueryRecordNotFound).
+			Build()
+		utils.HttpResponse(c, 404, errorCode)
 		return
 	} else if attendance.CheckinAt.IsZero() {
 		utils.HttpResponse(c, 200, "", "success", gin.H{"checkin_at": nil})
--- a/service/event/info.go
+++ b/service/event/info.go
@@ -2,6 +2,7 @@ package event

 import (
 	"nixcn-cms/data"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/utils"
 	"time"

@@ -13,20 +14,43 @@ func Info(c *gin.Context) {
 	eventData := new(data.Event)
 	eventIdOrig, ok := c.GetQuery("event_id")
 	if !ok {
-		utils.HttpResponse(c, 400, "", "undefinded event id")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceInfo).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

 	// Parse event id
 	eventId, err := uuid.Parse(eventIdOrig)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "error parsing string to uuid")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceInfo).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorUuidParseFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

 	event, err := eventData.GetEventById(eventId)
 	if err != nil {
-		utils.HttpResponse(c, 404, "", "event id not found")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceEvent).
+			SetEndpoint(exception.EndpointEventServiceInfo).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.EventInfoNotFound).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 404, errorCode)
 		return
 	}

--- a/service/user/full.go
+++ b/service/user/full.go
@@ -2,6 +2,7 @@ package user

 import (
 	"nixcn-cms/data"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/utils"

 	"github.com/gin-gonic/gin"
@@ -11,24 +12,55 @@ import (
 func Full(c *gin.Context) {
 	userIdOrig, ok := c.Get("user_id")
 	if !ok {
-		utils.HttpResponse(c, 403, "", "userid error")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusUser).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceFull).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorMissingUserId).
+			Build()
+		utils.HttpResponse(c, 403, errorCode)
 		return
 	}
 	userId, err := uuid.Parse(userIdOrig.(string))
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "failed to parse uuid")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceFull).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorUuidParseFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

 	userData, err := new(data.User).GetByUserId(userId)
 	if err != nil {
-		utils.HttpResponse(c, 404, "", "user not found")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusUser).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceFull).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorUserNotFound).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 404, errorCode)
 		return
 	}

 	users, err := userData.GetFullTable()
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "database error")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceFull).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorDatabase).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

--- a/service/user/info.go
+++ b/service/user/info.go
@@ -2,6 +2,7 @@ package user

 import (
 	"nixcn-cms/data"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/utils"

 	"github.com/gin-gonic/gin"
@@ -12,19 +13,42 @@ func Info(c *gin.Context) {
 	userData := new(data.User)
 	userIdOrig, ok := c.Get("user_id")
 	if !ok {
-		utils.HttpResponse(c, 403, "", "userid error")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusUser).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceInfo).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorMissingUserId).
+			Build()
+		utils.HttpResponse(c, 403, errorCode)
 		return
 	}
 	userId, err := uuid.Parse(userIdOrig.(string))
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "failed to parse uuid")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceInfo).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorUuidParseFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

 	// Get user from database
 	user, err := userData.GetByUserId(userId)
 	if err != nil {
-		utils.HttpResponse(c, 404, "", "user not found")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusUser).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceInfo).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorUserNotFound).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 404, errorCode)
 		return
 	}

--- a/service/user/list.go
+++ b/service/user/list.go
@@ -2,6 +2,7 @@ package user

 import (
 	"nixcn-cms/data"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/utils"
 	"strconv"

@@ -16,26 +17,57 @@ func List(c *gin.Context) {
 	}
 	offset, ok := c.GetQuery("offset")
 	if !ok {
-		utils.HttpResponse(c, 400, "", "offset not found")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceList).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

 	// Parse string to int64
 	limitNum, err := strconv.ParseInt(limit, 10, 64)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "parse string to int error")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceList).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}
 	offsetNum, err := strconv.ParseInt(offset, 10, 64)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "parse string to int error")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceList).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

 	// Get user list from search engine
 	list, err := new(data.User).FastListUsers(limitNum, offsetNum)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "failed list users from meilisearch")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceList).
+			SetType(exception.TypeSpecific).
+			SetOriginal(exception.UserListMeilisearchFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 	}

 	userListResp := struct {
--- a/service/user/update.go
+++ b/service/user/update.go
@@ -4,6 +4,7 @@ import (
 	"net/url"
 	"nixcn-cms/data"
 	"nixcn-cms/internal/cryptography"
+	"nixcn-cms/internal/exception"
 	"nixcn-cms/utils"
 	"unicode/utf8"

@@ -15,26 +16,57 @@ func Update(c *gin.Context) {
 	// New user model
 	userIdOrig, ok := c.Get("user_id")
 	if !ok {
-		utils.HttpResponse(c, 403, "", "userid error")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusUser).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceUpdate).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorMissingUserId).
+			Build()
+		utils.HttpResponse(c, 403, errorCode)
 		return
 	}
 	userId, err := uuid.Parse(userIdOrig.(string))
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "failed to parse uuid")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusServer).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceUpdate).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorUuidParseFailed).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

 	var ReqInfo data.User
 	err = c.ShouldBindJSON(&ReqInfo)
 	if err != nil {
-		utils.HttpResponse(c, 400, "", "invilad request")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusClient).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceUpdate).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorInvalidInput).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 400, errorCode)
 		return
 	}

 	// Get user info
 	userData, err := new(data.User).GetByUserId(userId)
 	if err != nil {
-		utils.HttpResponse(c, 500, "", "failed to find user")
+		errorCode := new(exception.Builder).
+			SetStatus(exception.StatusUser).
+			SetService(exception.ServiceUser).
+			SetEndpoint(exception.EndpointUserServiceUpdate).
+			SetType(exception.TypeCommon).
+			SetOriginal(exception.CommonErrorUserNotFound).
+			SetError(err).
+			Build()
+		utils.HttpResponse(c, 500, errorCode)
 		return
 	}

@@ -49,7 +81,14 @@ func Update(c *gin.Context) {

 	if ReqInfo.Username != "" {
 		if len(ReqInfo.Username) < 5 || len(ReqInfo.Username) >= 255 {
-			utils.HttpResponse(c, 400, "", "invalid request")
+			errorCode := new(exception.Builder).
+				SetStatus(exception.StatusClient).
+				SetService(exception.ServiceUser).
+				SetEndpoint(exception.EndpointUserServiceUpdate).
+				SetType(exception.TypeCommon).
+				SetOriginal(exception.CommonErrorInvalidInput).
+				Build()
+			utils.HttpResponse(c, 400, errorCode)
 			return
 		}
 		userData.Username = ReqInfo.Username
@@ -57,7 +96,14 @@ func Update(c *gin.Context) {

 	if ReqInfo.Nickname != "" {
 		if utf8.RuneCountInString(ReqInfo.Nickname) > 24 {
-			utils.HttpResponse(c, 400, "", "invalid request")
+			errorCode := new(exception.Builder).
+				SetStatus(exception.StatusClient).
+				SetService(exception.ServiceUser).
+				SetEndpoint(exception.EndpointUserServiceUpdate).
+				SetType(exception.TypeCommon).
+				SetOriginal(exception.CommonErrorInvalidInput).
+				Build()
+			utils.HttpResponse(c, 400, errorCode)
 			return
 		}
 		userData.Nickname = ReqInfo.Nickname
@@ -65,7 +111,14 @@ func Update(c *gin.Context) {

 	if ReqInfo.Subtitle != "" {
 		if utf8.RuneCountInString(ReqInfo.Subtitle) > 32 {
-			utils.HttpResponse(c, 400, "", "invalid request")
+			errorCode := new(exception.Builder).
+				SetStatus(exception.StatusClient).
+				SetService(exception.ServiceUser).
+				SetEndpoint(exception.EndpointUserServiceUpdate).
+				SetType(exception.TypeCommon).
+				SetOriginal(exception.CommonErrorInvalidInput).
+				Build()
+			utils.HttpResponse(c, 400, errorCode)
 			return
 		}
 		userData.Subtitle = ReqInfo.Subtitle
@@ -74,7 +127,15 @@ func Update(c *gin.Context) {
 	if ReqInfo.Avatar != "" {
 		_, err := url.ParseRequestURI(ReqInfo.Avatar)
 		if err != nil {
-			utils.HttpResponse(c, 400, "", "invalid request")
+			errorCode := new(exception.Builder).
+				SetStatus(exception.StatusClient).
+				SetService(exception.ServiceUser).
+				SetEndpoint(exception.EndpointUserServiceUpdate).
+				SetType(exception.TypeCommon).
+				SetOriginal(exception.CommonErrorInvalidInput).
+				SetError(err).
+				Build()
+			utils.HttpResponse(c, 400, errorCode)
 			return
 		}
 		userData.Avatar = ReqInfo.Avatar
@@ -82,7 +143,14 @@ func Update(c *gin.Context) {

 	if ReqInfo.Bio != "" {
 		if !cryptography.IsBase64Std(ReqInfo.Bio) {
-			utils.HttpResponse(c, 400, "", "invalid request")
+			errorCode := new(exception.Builder).
+				SetStatus(exception.StatusClient).
+				SetService(exception.ServiceUser).
+				SetEndpoint(exception.EndpointUserServiceUpdate).
+				SetType(exception.TypeCommon).
+				SetOriginal(exception.CommonErrorInvalidInput).
+				Build()
+			utils.HttpResponse(c, 400, errorCode)
 			return
 		}
 		userData.Bio = ReqInfo.Bio
Author	SHA1	Message	Date
Noa Virellia	521f8df465	feat(client): bio editor Signed-off-by: Noa Virellia <noa@requiem.garden>	2026-01-21 14:49:49 +08:00
Noa Virellia	bbe03b36e0	WIP Signed-off-by: Noa Virellia <noa@requiem.garden>	2026-01-21 14:49:49 +08:00
Noa Virellia	4e45a9b6d0	feat(client): update userinfo Signed-off-by: Noa Virellia <noa@requiem.garden>	2026-01-21 14:49:49 +08:00
Noa Virellia	27ac4d9b4a	feat: sync api changes and fix auth-related bugs Signed-off-by: Noa Virellia <noa@requiem.garden>	2026-01-21 14:49:49 +08:00
Noa Virellia	a60a796345	refactor: use SetError in exception.Builder where errors are available Update multiple services and middlewares to pass the original error to exception.Builder before building the error code. Co-authored-by: Gemini <gemini@google.com>	2026-01-21 14:42:52 +08:00
Noa Virellia	14f50ecdb2	refactor: update exception constants to follow new naming convention - Update old ErrorStatus, ErrorType, and Service/Endpoint constants to new naming convention - Fix incorrect TypeSpecific usage in JWT middleware - Add missing event specific error definitions to specific.yaml - Regenerate exception constants Co-authored-by: Gemini <gemini@google.com>	2026-01-21 14:34:09 +08:00
Asai Neko	b1c78dce28	Add Build error hook (print exception) Signed-off-by: Asai Neko <sugar@sne.moe>	2026-01-21 14:28:23 +08:00
Asai Neko	585ec46282	Fix some type change bugs (error) Signed-off-by: Asai Neko <sugar@sne.moe>	2026-01-21 14:16:47 +08:00
Asai Neko	8f69b61799	Mod justfile Signed-off-by: Asai Neko <sugar@sne.moe>	2026-01-21 13:59:03 +08:00
Asai Neko	64bab332c9	Mod justfile Signed-off-by: Asai Neko <sugar@sne.moe>	2026-01-21 13:58:42 +08:00
Asai Neko	38401a5f69	Mod justfile Signed-off-by: Asai Neko <sugar@sne.moe>	2026-01-21 13:57:06 +08:00
Asai Neko	f03d472c30	Ignore generated go files Signed-off-by: Asai Neko <sugar@sne.moe>	2026-01-21 13:55:05 +08:00
Asai Neko	2d6f6700f0	Move definitions to gen_exception Signed-off-by: Asai Neko <sugar@sne.moe>	2026-01-21 13:53:28 +08:00
Asai Neko	2e11fc5d9c	Fix go mod Signed-off-by: Asai Neko <sugar@sne.moe>	2026-01-21 13:51:37 +08:00
Asai Neko	ac428946e7	Use generator to generate exceptions from yaml Signed-off-by: Asai Neko <sugar@sne.moe>	2026-01-21 13:48:37 +08:00
Noa Virellia	e4329dfc2b	refactor: standardize error handling with exception.Builder - Replace hardcoded error messages with structured error codes using exception.Builder. - Introduce new common error constants in exception/common.go (CommonErrorInvalidInput, CommonErrorUserNotFound, etc.). - Update exception/specific.go with domain-specific errors and remove redundant ones. - Apply consistent error handling across auth, event, user services and middleware. Co-authored-by: Gemini <gemini@google.com> Signed-off-by: Noa Virellia <noa@requiem.garden>	2026-01-21 12:47:49 +08:00