feat: 实现分层架构，包含 domain、service、repository 和 pkg 层

- 新增 domain 层：model、provider、route、stats 实体
- 新增 service 层：models、providers、routing、stats 业务逻辑
- 新增 repository 层：models、providers、stats 数据访问
- 新增 pkg 工具包：errors、logger、validator
- 新增中间件：CORS、logging、recovery、request ID
- 新增数据库迁移：初始 schema 和索引
- 新增单元测试和集成测试
- 新增规范文档：config-management、database-migration、error-handling、layered-architecture、middleware-system、request-validation、structured-logging、test-coverage
- 移除 config 子包和 model_router（已迁移至分层架构）

backend/internal/handler/middleware/cors.go

@@ -0,0 +1,21 @@
+package middleware
+
+import (
+	"github.com/gin-gonic/gin"
+)
+
+// CORS 跨域中间件
+func CORS() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
+		c.Writer.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
+		c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization, X-Request-ID")
+
+		if c.Request.Method == "OPTIONS" {
+			c.AbortWithStatus(204)
+			return
+		}
+
+		c.Next()
+	}
+}

backend/internal/handler/middleware/logging.go

@@ -0,0 +1,40 @@
+package middleware
+
+import (
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"go.uber.org/zap"
+)
+
+// Logging 日志中间件
+func Logging(logger *zap.Logger) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		start := time.Now()
+		path := c.Request.URL.Path
+		query := c.Request.URL.RawQuery
+
+		requestID, _ := c.Get(RequestIDKey)
+		logger.Info("请求开始",
+			zap.String("method", c.Request.Method),
+			zap.String("path", path),
+			zap.String("query", query),
+			zap.String("client_ip", c.ClientIP()),
+			zap.Any("request_id", requestID),
+		)
+
+		c.Next()
+
+		latency := time.Since(start)
+		statusCode := c.Writer.Status()
+
+		logger.Info("请求结束",
+			zap.Int("status", statusCode),
+			zap.String("method", c.Request.Method),
+			zap.String("path", path),
+			zap.Duration("latency", latency),
+			zap.Int("body_size", c.Writer.Size()),
+			zap.Any("request_id", requestID),
+		)
+	}
+}

backend/internal/handler/middleware/middleware_test.go

@@ -0,0 +1,130 @@
+package middleware
+
+import (
+	"net/http/httptest"
+	"testing"
+
+	"github.com/gin-gonic/gin"
+	"github.com/stretchr/testify/assert"
+	"go.uber.org/zap"
+)
+
+func init() {
+	gin.SetMode(gin.TestMode)
+}
+
+func TestRequestID_GeneratesUUID(t *testing.T) {
+	r := gin.New()
+	r.Use(RequestID())
+	r.GET("/test", func(c *gin.Context) {
+		id, exists := c.Get(RequestIDKey)
+		assert.True(t, exists)
+		assert.NotEmpty(t, id)
+		c.Status(200)
+	})
+
+	w := httptest.NewRecorder()
+	req := httptest.NewRequest("GET", "/test", nil)
+	r.ServeHTTP(w, req)
+
+	assert.Equal(t, 200, w.Code)
+	assert.NotEmpty(t, w.Header().Get("X-Request-ID"))
+}
+
+func TestRequestID_UsesExistingHeader(t *testing.T) {
+	r := gin.New()
+	r.Use(RequestID())
+	r.GET("/test", func(c *gin.Context) {
+		id, _ := c.Get(RequestIDKey)
+		assert.Equal(t, "existing-id-123", id)
+		c.Status(200)
+	})
+
+	w := httptest.NewRecorder()
+	req := httptest.NewRequest("GET", "/test", nil)
+	req.Header.Set("X-Request-ID", "existing-id-123")
+	r.ServeHTTP(w, req)
+
+	assert.Equal(t, 200, w.Code)
+	assert.Equal(t, "existing-id-123", w.Header().Get("X-Request-ID"))
+}
+
+func TestLogging(t *testing.T) {
+	logger := zap.NewNop()
+
+	r := gin.New()
+	r.Use(Logging(logger))
+	r.GET("/test", func(c *gin.Context) {
+		c.Status(200)
+	})
+
+	w := httptest.NewRecorder()
+	req := httptest.NewRequest("GET", "/test?key=value", nil)
+	r.ServeHTTP(w, req)
+
+	assert.Equal(t, 200, w.Code)
+}
+
+func TestRecovery_NoPanic(t *testing.T) {
+	logger := zap.NewNop()
+
+	r := gin.New()
+	r.Use(Recovery(logger))
+	r.GET("/test", func(c *gin.Context) {
+		c.Status(200)
+	})
+
+	w := httptest.NewRecorder()
+	req := httptest.NewRequest("GET", "/test", nil)
+	r.ServeHTTP(w, req)
+
+	assert.Equal(t, 200, w.Code)
+}
+
+func TestRecovery_WithPanic(t *testing.T) {
+	logger := zap.NewNop()
+
+	r := gin.New()
+	r.Use(Recovery(logger))
+	r.GET("/test", func(c *gin.Context) {
+		panic("test panic")
+	})
+
+	w := httptest.NewRecorder()
+	req := httptest.NewRequest("GET", "/test", nil)
+	r.ServeHTTP(w, req)
+
+	assert.Equal(t, 500, w.Code)
+}
+
+func TestCORS_NormalRequest(t *testing.T) {
+	r := gin.New()
+	r.Use(CORS())
+	r.GET("/test", func(c *gin.Context) {
+		c.Status(200)
+	})
+
+	w := httptest.NewRecorder()
+	req := httptest.NewRequest("GET", "/test", nil)
+	r.ServeHTTP(w, req)
+
+	assert.Equal(t, 200, w.Code)
+	assert.Equal(t, "*", w.Header().Get("Access-Control-Allow-Origin"))
+	assert.Contains(t, w.Header().Get("Access-Control-Allow-Methods"), "GET")
+	assert.Contains(t, w.Header().Get("Access-Control-Allow-Methods"), "POST")
+}
+
+func TestCORS_PreflightRequest(t *testing.T) {
+	r := gin.New()
+	r.Use(CORS())
+	r.OPTIONS("/test", func(c *gin.Context) {
+		c.Status(200)
+	})
+
+	w := httptest.NewRecorder()
+	req := httptest.NewRequest("OPTIONS", "/test", nil)
+	r.ServeHTTP(w, req)
+
+	assert.Equal(t, 204, w.Code)
+	assert.Equal(t, "*", w.Header().Get("Access-Control-Allow-Origin"))
+}

backend/internal/handler/middleware/recovery.go

@@ -0,0 +1,29 @@
+package middleware
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	"go.uber.org/zap"
+)
+
+// Recovery 错误恢复中间件
+func Recovery(logger *zap.Logger) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		defer func() {
+			if err := recover(); err != nil {
+				requestID, _ := c.Get(RequestIDKey)
+				logger.Error("panic recovered",
+					zap.Any("error", err),
+					zap.Any("request_id", requestID),
+					zap.String("path", c.Request.URL.Path),
+					zap.Stack("stack"),
+				)
+				c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{
+					"error": "内部错误",
+				})
+			}
+		}()
+		c.Next()
+	}
+}

backend/internal/handler/middleware/request_id.go

@@ -0,0 +1,21 @@
+package middleware
+
+import (
+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+)
+
+const RequestIDKey = "request_id"
+
+// RequestID 请求 ID 中间件
+func RequestID() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		requestID := c.GetHeader("X-Request-ID")
+		if requestID == "" {
+			requestID = uuid.New().String()
+		}
+		c.Set(RequestIDKey, requestID)
+		c.Header("X-Request-ID", requestID)
+		c.Next()
+	}
+}