apps/server/docs/ai-context/verifications/admin-flux-grants.md
POST /api/admin/flux-grants 给一个邮箱发 100 FLUX,HTTP 同步返回 granted 数组 → 用户余额上升。TOKEN=... # admin 用户 access token
curl -s -X POST "http://localhost:3000/api/admin/flux-grants" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"description":"local verify","amount":100,"emails":["[email protected]"]}'
# 然后查余额
curl -s -H "Authorization: Bearer $TOKEN" http://localhost:3000/api/v1/flux
# 查 ledger
curl -s -H "Authorization: Bearer $TOKEN" 'http://localhost:3000/api/v1/flux/history?limit=3'
result.granted: [{ email, userId, fluxTransactionId, balanceAfter }],result.failed: [],result.skipped: []/api/v1/flux 返回的 flux 比之前增加 100/api/v1/flux/history 顶部一条 type='promo'、description='local verify'、metadata.issuedByUserId = admin 的 userIdpnpm -F @proj-airi/server dev,commit SHA 待补,ADMIN_EMAILS 含 admin 邮箱且 email_verified=true。?dryRun=true 看 4 个 email(valid + 大小写变体重复 + 找不到)的解析结果。curl -s -X POST 'http://localhost:3000/api/admin/flux-grants?dryRun=true' \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"description":"smoke","amount":100,"emails":["[email protected]","[email protected]","[email protected]","[email protected]"]}'
{ preview: { willGrant: 1, willSkip: { notFound: 1, userDeleted: 0, duplicateInInput: 2 }, totalFluxToIssue: 100, ... } }。flux_transaction 表无新增行。adminGuard 三种拒绝路径(401 无 session / 403 不在 allowlist / 403 邮箱未验证)。curl -s -w "%{http_code}\n" -X POST http://localhost:3000/api/admin/flux-grants -d '{}'
# 期望 401
admin-guard.test.ts 覆盖完整三条路径 + case-insensitive 匹配。Live 401/403 端到端验证⏳ 待补。flux_grant_batch 异步处理改成同步 POST /api/admin/flux-grants 后,旧的实测输出(含 mq-stream 日志、batch.status: completed 等)全部失效。Iron Law 要求至少跑一次路径 1 + 2 替换 ⏳ 占位。idempotencyKey 重发只补失败的"端到端。emails 上限 200 实际响应时间:估算 4–10s,没在生产 DB 上跑过。如果 creditFlux 单条 > 50ms(远端 Postgres + Redis),需要回头下调上限或加批处理优化。