docs: 添加 SDK API 重设计、安全设计规范和测试进度跟踪文档

- 新增 SDK API 重设计规范文档，统一各端 SDK 初始化、登录、消息接口 - 新增安全设计规范文档，涵盖密码安全、AppSecret 验证、令牌存储等安全要点 - 新增 Bug 跟踪记录文档，记录已修复问题和开放问题 - 新增测试进度跟踪文档，记录各模块测试覆盖情况和验证结果
2026-05-02 11:45:43 +08:00 · 2026-05-02 11:45:43 +08:00 · af253f688a
--- a/README.md
+++ b/README.md
@ -44,7 +44,6 @@ yarn workspace ops-platform dev
 | `/apps/:id` | AppDetailView | 应用详情（需登录） |
 | `/security` | SecurityCenterView | 安全中心（需登录） |
 | `/docs` | DocsCenterView | 接入文档（需登录） |
-| `/packages` | BillingView | 服务套餐 / 配额（需登录） |
 | `/accounts` | SubAccountView | 子账号管理（需登录） |

 ### 认证流程
@ -94,11 +93,10 @@ JWT Payload 由 `atob(token.split('.')[1])` 解析，无需额外请求。
 - 每个平台下显示 `IM` / `推送` / `版本管理` 三个服务卡片
 - 支持一键开关服务、复制 secretKey、重新生成 secretKey

-### 安全中心 / 接入文档 / 服务套餐
+### 安全中心 / 接入文档

 - 安全中心提供 AppSecret 查看/重置入口，直接复用邮箱验证码流程
 - 接入文档页提供 RN、Android / iOS 和服务端的最短接入示例
- 服务套餐页展示当前租户的配额和服务开通概览，不涉及费用计费

 ### 子账号管理（SubAccountView）

--- a/docs-site/docs/android/index.md
+++ b/docs-site/docs/android/index.md
@ -52,7 +52,7 @@ XuqmSDK.initialize(

 ```kotlin
 // 登录（协程 suspend 函数）
-// 只需要 userId + userSig，不需要 nickname / avatar / 过期字段
+// 只需要 userId + userSig，不需要 nickname / avatar / 生命周期字段
 lifecycleScope.launch {
    XuqmSDK.login(
        userId = "user_001",
@ -160,7 +160,7 @@ XuqmSDK.logout()
 // ↓ 自动触发所有模块清理
 ```

-> **注意**：`userSig` 由业务服务端签发，SDK 侧不做续签。若需更新登录态，请直接重新登录；如需撤销权限，可在租户平台重置 `appSecret` 或拉黑账号。
+> **注意**：`userSig` 由业务服务端签发。若需更新登录态，请直接重新登录；如需撤销权限，可在租户平台重置 `appSecret` 或拉黑账号。

 ### 8. 版本更新

--- a/docs-site/docs/ios/index.md
+++ b/docs-site/docs/ios/index.md
@ -62,7 +62,7 @@ XuqmSDK.shared.initialize(config: config)
 import XuqmIM

 // 使用 UserSig 登录（推荐生产环境）
-// 只需要 userId + userSig，不需要 nickname / avatar / 过期字段
+// 只需要 userId + userSig，不需要 nickname / avatar / 生命周期字段
 try await XuqmSDK.shared.login(userId: "user_001", userSig: "your_user_sig_jwt")

 // 设置事件代理
@ -203,7 +203,7 @@ try await XuqmSDK.shared.login(userId: "user_001", userSig: userSig)
 XuqmSDK.shared.logout()
 ```

-> **注意**：`userSig` 由业务服务端签发，SDK 侧不做续签。若需更新登录态，请直接重新登录。
+> **注意**：`userSig` 由业务服务端签发。若需更新登录态，请直接重新登录。

 ### 10. 检查更新

--- a/docs-site/docs/rn/index.md
+++ b/docs-site/docs/rn/index.md
@ -280,7 +280,7 @@ UserSig 生成方式见 [安全设计文档](../../design/02-security-design.md)
 XuqmGroup 是托管平台，服务地址统一管理，与腾讯云 IM 等平台的设计一致，开发者只需关心业务逻辑。

 **Q: UserSig 是什么？**
-UserSig 是您的业务服务端用 AppSecret 为用户签发的安全凭证，有效期可配置。AppSecret 绝不下发到客户端。
+UserSig 是您的业务服务端用 AppSecret 为用户签发的安全凭证。当前项目的 IM 登录不做过期功能，只校验 `userId + UserSig` 是否匹配。AppSecret 绝不下发到客户端。

 **Q: 本地消息存储在哪里？**
 使用 WatermelonDB（SQLite），按 `appKey + userId` 自动隔离，多账号切换安全。
--- a/docs-site/docs/server/api.md
+++ b/docs-site/docs/server/api.md
@ -50,7 +50,7 @@ POST /api/im/auth/login
 { "token": "eyJ..." }
 ```

-> SDK 侧不做续签；登录态更新由业务侧重新登录完成。
+> 登录态更新由业务侧重新登录完成。

 ---

--- a/tenant-platform/src/router/index.ts
+++ b/tenant-platform/src/router/index.ts
@ -41,10 +41,6 @@ const router = createRouter({
          path: 'docs',
          component: () => import('@/views/docs/DocsCenterView.vue'),
        },
-        {
-          path: 'packages',
-          component: () => import('@/views/billing/BillingView.vue'),
-        },
        {
          path: 'operation-logs',
          component: () => import('@/views/logs/OperationLogView.vue'),
--- a/tenant-platform/src/views/billing/BillingView.vue
+++ b/tenant-platform/src/views/billing/BillingView.vue
@ -1,323 +0,0 @@
-<template>
-  <div>
-    <div class="page-header">
-      <div>
-        <h2>服务套餐</h2>
-        <p class="subtitle">查看当前租户已开通能力和配额使用情况。</p>
-      </div>
-      <el-button type="primary" plain @click="$router.push('/apps')">前往应用管理</el-button>
-    </div>
-
-    <!-- 套餐卡片 -->
-    <el-row :gutter="16" style="margin-bottom: 16px">
-      <el-col :xs="24" :sm="8" v-for="plan in planCards" :key="plan.name">
-        <el-card
-          shadow="hover"
-          :class="['plan-card', plan.current ? 'plan-card-current' : '']"
-        >
-          <div class="plan-header">
-            <h3 class="plan-name">{{ plan.name }}</h3>
-            <el-tag v-if="plan.current" type="success" effect="dark">当前套餐</el-tag>
-          </div>
-          <div class="plan-price">
-            <span class="price-num">{{ plan.price }}</span>
-            <span class="price-unit">{{ plan.priceUnit }}</span>
-          </div>
-          <ul class="plan-features">
-            <li v-for="(f, idx) in plan.features" :key="idx">
-              <el-icon color="#67c23a"><CircleCheck /></el-icon>
-              <span>{{ f }}</span>
-            </li>
-          </ul>
-          <div class="plan-quota">
-            <div class="quota-row">
-              <span>应用上限</span>
-              <span class="quota-value">{{ plan.apps }}</span>
-            </div>
-            <div class="quota-row">
-              <span>子账号上限</span>
-              <span class="quota-value">{{ plan.subAccounts }}</span>
-            </div>
-          </div>
-          <el-button
-            v-if="!plan.current"
-            type="primary"
-            plain
-            class="plan-action"
-            @click="upgradePlan(plan.name)"
-          >
-            升级套餐
-          </el-button>
-        </el-card>
-      </el-col>
-    </el-row>
-
-    <!-- 用量统计 -->
-    <el-row :gutter="16" style="margin-bottom: 16px">
-      <el-col :xs="24" :sm="8">
-        <el-card shadow="hover">
-          <el-statistic title="应用数量" :value="summary.appCount" />
-          <div class="usage-bar">
-            <el-progress
-              :percentage="calcPercent(summary.appCount, currentPlan.appsNum)"
-              :status="calcStatus(summary.appCount, currentPlan.appsNum)"
-            />
-            <div class="usage-text">
-              {{ summary.appCount }} / {{ currentPlan.apps }}
-            </div>
-          </div>
-        </el-card>
-      </el-col>
-      <el-col :xs="24" :sm="8">
-        <el-card shadow="hover">
-          <el-statistic title="已开通服务" :value="summary.serviceCount" />
-          <div class="usage-bar">
-            <el-progress :percentage="100" status="success" />
-            <div class="usage-text">全部可用</div>
-          </div>
-        </el-card>
-      </el-col>
-      <el-col :xs="24" :sm="8">
-        <el-card shadow="hover">
-          <el-statistic title="子账号数量" :value="summary.subAccountCount" />
-          <div class="usage-bar">
-            <el-progress
-              :percentage="calcPercent(summary.subAccountCount, currentPlan.subAccountsNum)"
-              :status="calcStatus(summary.subAccountCount, currentPlan.subAccountsNum)"
-            />
-            <div class="usage-text">
-              {{ summary.subAccountCount }} / {{ currentPlan.subAccounts }}
-            </div>
-          </div>
-        </el-card>
-      </el-col>
-    </el-row>
-
-    <el-card style="margin-bottom: 16px">
-      <template #header>套餐与配额</template>
-      <el-table :data="plans" border stripe>
-        <el-table-column prop="name" label="套餐" width="160" />
-        <el-table-column prop="apps" label="应用上限" width="120" />
-        <el-table-column prop="subAccounts" label="子账号上限" width="120" />
-        <el-table-column prop="services" label="服务能力" min-width="320" />
-      </el-table>
-    </el-card>
-
-    <el-card>
-      <template #header>应用服务明细</template>
-      <el-table :data="appRows" v-loading="loading" border stripe>
-        <el-table-column prop="name" label="应用名称" min-width="160" />
-        <el-table-column prop="packageName" label="包名" min-width="180" />
-        <el-table-column prop="enabledServiceCount" label="已开通服务" width="120" />
-        <el-table-column prop="availableServices" label="服务类型" min-width="260" />
-        <el-table-column prop="createdAt" label="创建时间" width="180">
-          <template #default="{ row }">{{ fmt(row.createdAt) }}</template>
-        </el-table-column>
-      </el-table>
-    </el-card>
-  </div>
-</template>
-
-<script setup lang="ts">
-import { onMounted, reactive, ref, computed } from 'vue'
-import { ElMessage } from 'element-plus'
-import { CircleCheck } from '@element-plus/icons-vue'
-import { appApi, type App } from '@/api/app'
-import { dashboardApi } from '@/api/dashboard'
-
-const loading = ref(false)
-const apps = ref<App[]>([])
-const summary = reactive({
-  appCount: 0,
-  serviceCount: 0,
-  subAccountCount: 0,
-})
-
-const planCards = [
-  {
-    name: '免费版',
-    price: '¥0',
-    priceUnit: '/月',
-    current: true,
-    apps: '3',
-    appsNum: 3,
-    subAccounts: '5',
-    subAccountsNum: 5,
-    features: ['IM 基础功能', 'Push 推送', 'Update 更新', '社区支持'],
-  },
-  {
-    name: '专业版',
-    price: '¥299',
-    priceUnit: '/月',
-    current: false,
-    apps: '20',
-    appsNum: 20,
-    subAccounts: '20',
-    subAccountsNum: 20,
-    features: ['全部基础功能', 'Webhook 支持', '灰度发布', '优先客服'],
-  },
-  {
-    name: '企业版',
-    price: '¥999',
-    priceUnit: '/月',
-    current: false,
-    apps: '不限',
-    appsNum: Infinity,
-    subAccounts: '不限',
-    subAccountsNum: Infinity,
-    features: ['全部专业功能', '运营白名单', '专属客户经理', 'SLA 保障'],
-  },
-]
-
-const currentPlan = computed(() => planCards.find(p => p.current) || planCards[0])
-
-const plans = [
-  { name: '基础套餐', apps: '3', subAccounts: '5', services: 'IM / Push / Update 基础开通' },
-  { name: '标准套餐', apps: '20', subAccounts: '20', services: 'IM / Push / Update + Webhook + 灰度' },
-  { name: '企业套餐', apps: '不限', subAccounts: '不限', services: '全部能力 + 运营白名单' },
-]
-
-const appRows = ref<Array<App & { enabledServiceCount: number; availableServices: string }>>([])
-
-async function loadData() {
-  loading.value = true
-  try {
-    const [dashRes, appsRes] = await Promise.all([dashboardApi.stats(), appApi.list()])
-    summary.appCount = dashRes.data.data.appCount
-    summary.serviceCount = dashRes.data.data.serviceCount
-    summary.subAccountCount = dashRes.data.data.subAccountCount
-    apps.value = appsRes.data.data
-    const serviceData = await Promise.all(apps.value.map(async (app) => {
-      const res = await appApi.getServices(app.id)
-      const services = res.data.data
-      return {
-        ...app,
-        enabledServiceCount: services.filter(item => item.enabled).length,
-        availableServices: services.map(item => `${item.platform}/${item.serviceType}`).join('，') || '-',
-      }
-    }))
-    appRows.value = serviceData
-  } finally {
-    loading.value = false
-  }
-}
-
-function calcPercent(current: number, limit: number) {
-  if (limit === Infinity) return 0
-  if (limit <= 0) return 0
-  const p = Math.round((current / limit) * 100)
-  return p > 100 ? 100 : p
-}
-
-function calcStatus(current: number, limit: number) {
-  if (limit === Infinity) return undefined
-  const p = current / limit
-  if (p >= 1) return 'exception'
-  if (p >= 0.8) return 'warning'
-  return undefined
-}
-
-function upgradePlan(name: string) {
-  ElMessage.info(`已选择「${name}」，请联系商务完成升级`)
-}
-
-function fmt(value: string) {
-  return value ? new Date(value).toLocaleString('zh-CN') : '-'
-}
-
-onMounted(loadData)
-</script>
-
-<style scoped>
-.page-header {
-  display: flex;
-  justify-content: space-between;
-  align-items: flex-start;
-  gap: 16px;
-  margin-bottom: 16px;
-}
-.subtitle {
-  margin: 6px 0 0;
-  color: #606266;
-}
-
-.plan-card {
-  height: 100%;
-  display: flex;
-  flex-direction: column;
-  position: relative;
-  transition: transform 0.2s;
-}
-.plan-card:hover {
-  transform: translateY(-4px);
-}
-.plan-card-current {
-  border: 2px solid #67c23a;
-}
-.plan-header {
-  display: flex;
-  justify-content: space-between;
-  align-items: center;
-  margin-bottom: 12px;
-}
-.plan-name {
-  margin: 0;
-  font-size: 18px;
-  color: #303133;
-}
-.plan-price {
-  margin-bottom: 16px;
-}
-.price-num {
-  font-size: 28px;
-  font-weight: 700;
-  color: #409eff;
-}
-.price-unit {
-  font-size: 14px;
-  color: #909399;
-}
-.plan-features {
-  list-style: none;
-  padding: 0;
-  margin: 0 0 16px;
-  flex: 1;
-}
-.plan-features li {
-  display: flex;
-  align-items: center;
-  gap: 6px;
-  margin-bottom: 8px;
-  font-size: 14px;
-  color: #606266;
-}
-.plan-quota {
-  margin-bottom: 12px;
-  padding-top: 12px;
-  border-top: 1px solid #ebeef5;
-}
-.quota-row {
-  display: flex;
-  justify-content: space-between;
-  font-size: 14px;
-  color: #606266;
-  margin-bottom: 6px;
-}
-.quota-value {
-  font-weight: 600;
-  color: #303133;
-}
-.plan-action {
-  width: 100%;
-}
-
-.usage-bar {
-  margin-top: 12px;
-}
-.usage-text {
-  margin-top: 6px;
-  font-size: 12px;
-  color: #909399;
-  text-align: right;
-}
-</style>
--- a/tenant-platform/src/views/layout/MainLayout.vue
+++ b/tenant-platform/src/views/layout/MainLayout.vue
@ -88,7 +88,7 @@
 import { computed, onBeforeUnmount, onMounted, ref, watch } from 'vue'
 import { useAuthStore } from '@/stores/auth'
 import { useRoute, useRouter } from 'vue-router'
-import { Coin, Document, Grid, Lock, Menu, Odometer, User } from '@element-plus/icons-vue'
+import { Document, Grid, Lock, Menu, Odometer, User } from '@element-plus/icons-vue'

 const auth = useAuthStore()
 const route = useRoute()
@ -102,7 +102,6 @@ const navItems = computed(() => {
    { path: '/apps', label: '我的应用', icon: Grid },
    { path: '/security', label: '安全中心', icon: Lock },
    { path: '/docs', label: '接入文档', icon: Document },
-    { path: '/packages', label: '服务套餐', icon: Coin },
    { path: '/operation-logs', label: '操作日志', icon: Document },
  ]
  if (auth.user?.type === 'MAIN') {