feat(integration): 完善外部 API 對接邏輯與安全性

1. 新增 API Rate Limiting (每分鐘 60 次) 2. 實作 ProductServiceInterface 與 findOrCreateWarehouseByName 解決跨模組耦合問題 3. 強化 OrderSync API 驗證 (price 欄位限制最小 0、payment_method 加上允許白名單) 4. 實作 OrderSync API 冪等性處理，重複訂單直接回傳現有資訊 5. 修正 ProductSync API 同步邏輯，每次同步皆會更新產品分類與單位 6. 完善 integration API 對接手冊內容與 UI 排版
2026-02-23 10:10:03 +08:00
parent 29cdf37b71
commit a05acd96dc
13 changed files with 303 additions and 37 deletions
--- a/app/Modules/Integration/Routes/api.php
+++ b/app/Modules/Integration/Routes/api.php
@@ -5,7 +5,7 @@ use App\Modules\Integration\Controllers\ProductSyncController;
 use App\Modules\Integration\Controllers\OrderSyncController;

 Route::prefix('api/v1/integration')
-    ->middleware(['api', 'integration.tenant', 'auth:sanctum']) // integration.tenant middleware to identify tenant
+    ->middleware(['api', 'throttle:integration', 'integration.tenant', 'auth:sanctum'])
    ->group(function () {
        Route::post('products/upsert', [ProductSyncController::class, 'upsert']);
        Route::post('orders', [OrderSyncController::class, 'store']);