0
平台总览Platform Overview
3
核心子系统Core Systems
5
用户角色User Roles
11
内部工具Internal Tools
39
产品功能总数Total Features
15
n8n 自动化工作流n8n Workflows
● SR-Web-AS
主 Web 应用Primary Web App
React 19 + TypeScript + Vite 前端,Express.js 后端,Firebase Firestore 数据库,Google OAuth 认证。面向候选人、招聘专员、合作伙伴及管理员四类用户提供差异化体验。React 19 + TypeScript + Vite frontend, Express.js backend, Firebase Firestore database, Google OAuth auth. Differentiated experience for candidates, recruiters, partners, and admins.
REPO: seantan338/SR-Web-AS · DEPLOY: Zeabur
● sunrise-tools
内部员工工具套件Internal Staff Tool Suite
11 个独立 HTML 工具,无需构建步骤,直接在浏览器运行。通过 SSO token 从 SR-Web-AS 跳转访问,AI 推理请求经 sr-proxy 路由,API 密钥对浏览器完全透明。11 standalone HTML tools, no build step. Accessed via SSO token redirect from SR-Web-AS. AI inference routed through sr-proxy — API keys never exposed to the browser.
DEPLOY: sunriserecruittools.zeabur.app
● sr-proxy
AI 凭证代理服务器AI Credential Vault
轻量 Node.js HTTP 代理,无框架依赖。Anthropic Claude、Google Gemini、OpenAI GPT 的 API 密钥封存于服务器环境变量,通过 x-proxy-secret 头验证所有请求,无效请求返回 401。Lightweight Node.js HTTP proxy, no framework dependencies. API keys for Claude, Gemini, and OpenAI stored in server env vars only. All requests validated via x-proxy-secret; invalid → 401.
ROUTES: /proxy/anthropic · /proxy/gemini · /proxy/openai · /proxy/ai
💰
先变现,后功能Monetise Before Features
当前优先级是产生收入、实现团队授权,而非扩展功能范围。信用预付模型解决大公司账单延迟问题。Priority is generating revenue and enabling team delegation, not expanding features. Credit-based prepayment solves chronic invoice delay problems.
🔒
隐私架构是核心Privacy by Design
候选人姓名对招聘专员半匿名化(如"Tan W** S***"),防止挖角;自由招聘员看到匿名客户名(Client A/B/C),保护商业关系。Candidate names semi-masked for recruiters (e.g. "Tan W** S***") to prevent poaching. Freelancers see anonymised client names (Client A/B/C) to protect business relationships.
🤖
n8n 承载所有可自动化流程n8n for All Automation
刻意将自动化工作卸载到 n8n,释放 Sean 的精力用于战略和高价值工作。目前已有 2 个工作流上线。All automatable workflows deliberately offloaded to n8n to free Sean's attention for strategy. 2 workflows currently live.
🎓
Grab 式强制入门培训Mandatory Onboarding
合作伙伴和自由招聘员在获得平台访问权限前,必须完成强制视频培训并以 100% 正确率通过测验。Partners and freelance recruiters must complete mandatory video training and pass a 100%-correct quiz before gaining platform access.
1
系统架构System Architecture
SR-Web-AS
React 19 + TypeScript
Express.js + Firebase
Google OAuth
app.sunriserecruitment.com.au
Express.js + Firebase
Google OAuth
app.sunriserecruitment.com.au
SSO →
→
?sso=token
sunrise-tools
11 standalone HTML
localStorage config
No build step
tools.sunriserecruitment.com.au
localStorage config
No build step
tools.sunriserecruitment.com.au
AI →
→
x-proxy-secret
sr-proxy
Node.js credential vault
Routes to AI providers
API keys in env vars
proxy.sunriserecruitment.com.au
Routes to AI providers
API keys in env vars
proxy.sunriserecruitment.com.au
FIREBASE STACK
Firestore (NoSQL DB)Firebase Auth
Firebase Storage
Security Rules
LOCAL STORAGE
sr_proxy_url → proxy URLsso_token → auto-set
运行时读取Read at runtime
AI PROVIDERS
Anthropic ClaudeGoogle Gemini
OpenAI GPT
+ /proxy/ai unified
ALL THREE SYSTEMS ON ZEABUR CLOUD · AUTO TLS · GIT CI/CD · ENV VAR MANAGEMENT
SSO 认证流程(7步)SSO Auth Flow (7 Steps)
1
User/Browser
通过 Google OAuth 登录 SR-Web-AS(Firebase Auth)User logs in to SR-Web-AS via Google OAuth (Firebase Auth)
2
Firebase Auth
返回包含 uid 和 email 的已验证 ID Token(JWT)Returns verified ID Token (JWT) with uid and email
3
SR-Web-AS BE
服务端验证 ID Token,从 Firestore 解析用户角色Verifies ID token server-side; resolves user role from Firestore
4
SR-Web-AS BE
用共享密钥 Generates signed SSO payload using SR_SSO_2025 生成签名 SSO Payload
5
SR-Web-AS FE
重定向至 Redirects to tool.html?sso=<token>
6
sunrise-tools
读取 ?sso=,对照 Reads ?sso=, validates against SR_SSO_2025
7
sunrise-tools
有效→授权;无效→阻止重认证;验证后从 URL 移除 tokenValid → grant access; invalid → block + re-auth prompt; token removed from URL after validation
AI 推理数据流(6步)AI Inference Data Flow (6 Steps)
1
Browser Tool
触发 AI 功能,从 localStorage 读取 Triggers AI action, reads sr_proxy_url 端点
2
Browser Tool
POST {sr_proxy_url}/proxy/anthropic,携带 with x-proxy-secret 头
3
sr-proxy
验证 x-proxy-secret 对照 PROXY_SECRET 环境变量;无效→401Validates x-proxy-secret against PROXY_SECRET env var; invalid → 401
4
sr-proxy
从环境变量注入真实 API 密钥,路由至对应 AI 提供商Injects real API key from env vars, routes to correct AI provider
5
AI Provider
处理请求,流式/返回补全内容Processes request, streams or returns completion
6
sr-proxy
将响应中继回浏览器工具,渲染结果给用户Relays response back to browser tool; result rendered to user
⚠ CORS 仅限 sunrise-tools 域名 · HTTPS 全站强制 · SSO Token 15分钟过期CORS restricted to sunrise-tools origin · HTTPS enforced everywhere · SSO Token 15min expiry
2
用户角色与权限User Roles & Permissions
👑
Admin
Sean / 机构所有人Sean / Agency Owner
✓全量访问所有数据Full access to all data
✓添加/管理客户账户Add/manage client accounts
✓查看完整候选人姓名See full candidate names
✓分配招聘专员权限Assign recruiter permissions
✓变更所有职位状态Change all job statuses
✓管理用户账号Manage user accounts
🎯
Manager
高级招聘/团队负责人Senior Recruiter / Team Lead
✓变更所有状态(含 Cancelled)All statuses incl. Cancelled
✓查看完整候选人姓名See full candidate names
✓管理分配客户Manage assigned clients
✓新增笔记 & 生成广告Add notes & generate ads
✗添加/删除客户Add/delete clients
✗管理用户账号Manage user accounts
🔍
Recruiter
全职招聘专员Full-time Recruiter
✓新增候选人笔记Add candidate notes
✓生成招聘广告Generate job ads
✓查看真实客户名称See real client names
✗变更职位状态Change job status
✗查看完整候选人名See full candidate names
✗添加/编辑职位Add/edit vacancies
🌐
Freelance
自由招聘/数字游民Freelance / Digital Nomad
✓新增候选人笔记Add candidate notes
✓生成招聘广告Generate job ads
✓查看职位完整详情See full job details
✗真实客户名 → Client A/B/CReal client names → Client A/B/C
✗变更职位状态Change job status
🏢
Client
雇主 / HR 经理Employer / HR Manager
✓添加/编辑本公司职位Add/edit own vacancies
✓上传/粘贴 JD(AI 解析)Upload/paste JD (AI parse)
✓设置 On Hold / FilledSet On Hold / Filled
✗查看候选人笔记See candidate notes
✗设置 Cancelled/ActiveSet Cancelled/Active
候选人隐私 · 姓名脱敏机制Candidate Privacy · Name Masking System
| 查看者角色Viewer Role | 实际录入姓名Name Entered | 显示方式Displayed As | 设计原因Reason |
|---|---|---|---|
| Admin | Tan Wei Sheng | Tan Wei Sheng | 完整访问权限Full access |
| Manager | Tan Wei Sheng | Tan Wei Sheng | 监管职责需要Oversight responsibility |
| Recruiter | Tan Wei Sheng | Tan W** S*** | 防止其他专员直接接触候选人Prevent direct candidate contact by peers |
| Freelance | Tan Wei Sheng | Tan W** S*** | 同上,额外保护业务关系Same, plus protects business relationships |
| Client | Tan Wei Sheng | (不显示)(not shown) | 保密原则Confidentiality |
3
核心工作流Core Workflows
职位状态流转Job Status Lifecycle
● Active
开放,积极招募中Open, recruiting
Admin/Manager/Client
Admin/Manager/Client
→
◆ Interviewing
候选人进入面试阶段In interview stages
Admin/Manager/Client
Admin/Manager/Client
→
● Offer Out
已向候选人发出 OfferOffer extended
Admin/Manager/Client
Admin/Manager/Client
→
✓ Filled
职位已录用,触发开票Placed, trigger invoice
Admin/Manager/Client
Admin/Manager/Client
⏸ On Hold职位暂停(预算冻结/内部变动),由客户主动重新激活Position paused (budget freeze/internal change). Client reactivates when ready.
✕ Cancelled职位完全撤销。仅 Admin 和 Manager 可设置,归档后无后续操作Position withdrawn entirely. Admin and Manager only. Archive — no further action.
⚠ 全职及自由招聘专员无法直接变更状态——需添加候选人笔记注明情况,再通知 Manager/Admin 更新。Full-time and freelance recruiters cannot change status directly. They add a candidate note, then notify Manager/Admin to update.
AI 招聘广告生成器 · 6 平台 · 2 AI 引擎 · 双语输出AI Job Ad Generator · 6 Platforms · 2 AI Engines · Bilingual Output
平台Platform
LinkedInFacebookThreadsInstagramX (Twitter)WhatsApp
语气Tone
ProfessionalCasualUrgentExciting
语言 & AI 引擎Language & AI Engine
English中文Bilingual
ClaudeGemini
| 平台Platform | 字数Length | Hashtag | 适用场景Best For |
|---|---|---|---|
| 150–220 words | 3–5 | 专业职位、金融、科技、管理岗Professional, finance, tech, management | |
| 120–160 words | 2–3 | 本地招聘、运营、医疗、餐饮Local hires, operations, healthcare, hospitality | |
| Threads | ≤ 450 chars | 2 | 快速触达、年轻受众Quick reach, casual roles, younger audience |
| 80–110 words | 5+ | 创意、生活方式、餐饮Creative, lifestyle, hospitality roles | |
| X (Twitter) | ≤ 270 chars | 1–2 | 科技、初创、快速响应Tech, startup, fast turnaround |
| 4–6 lines | 无None | 直接外联、社群、推荐Direct outreach, community, referrals |
sunrise-tools · 11 个内部工具(全部通过 SSO 访问,AI 经 sr-proxy 路由)Internal Tools (all via SSO auth, AI via sr-proxy)
01
JD Generator
AI 驱动的职位描述生成工具AI-powered JD drafting from role inputs
02
CV Screener
解析简历并对比职位要求,生成匹配评分Parses and scores CVs against a job brief
03
Interview Question Builder
按职位/级别生成结构化面试题库Generates structured interview questions by role/level
04
WhatsApp Templates
候选人外联预设消息模板,一键复制Pre-built message templates for candidate outreach
05
Candidate Tracker (Kanban)
候选人跨招聘阶段的拖拽式看板视图Drag-and-drop pipeline view across hiring stages
06
PDF Quotation Generator
生成客户可用的招聘费用报价单 PDFProduces client-ready recruitment fee quote PDFs
07
SOP Library
标准操作程序可搜索知识库Searchable repository of standard operating procedures
08
Staff Attendance
内部员工每日出勤与排班记录追踪Daily attendance and shift records for internal staff
09
Document Scanner
实体招聘文件的 OCR 识别与数字化OCR and digitisation of physical recruitment documents
4
产品路线图Product Roadmap
PHASE 1
基础建设Foundation
当前冲刺Current Sprint
6 功能features
M
候选人档案 CRUD — 完整创建/读取/更新/删除,含头像上传和档案完整度评分Candidate Profile CRUD — Full CRUD with avatar upload and completeness scoring
Candidate-facing
S
简历上传 — PDF/DOCX 上传至 Firebase Storage,触发解析和 AI 匹配管道Resume Upload — PDF/DOCX upload to Firebase Storage with parse trigger
Candidate-facing
M
Firestore 安全规则 — 数据库层面基于角色的读写规则,防止数据泄露Firestore Security Rules — Role-based read/write rules at database layer
Admin / Internal
M
SSO 集成 — SR-Web-AS 生成签名 token,sunrise-tools 验证后授权SSO Integration — SR-Web-AS generates signed token; sunrise-tools validates before granting access
Internal
S
sr-proxy 请求认证 — 所有 AI 推理请求必须携带有效 x-proxy-secret 头sr-proxy Auth — All AI inference requests must include valid x-proxy-secret header
Internal
M
Admin 真实数据分析 — 用 Firestore 实时聚合替换仪表板占位指标Admin Real Analytics — Replace placeholder dashboard metrics with live Firestore aggregations
Admin
PHASE 2
核心工作流Core Workflows
4–6 周weeks · Planned
6 功能features
M
候选人搜索 — Firestore 多条件筛选(技能/地区/可用性/经验),含已保存搜索Candidate Search — Firestore multi-filter: skills, location, availability, experience. Saved filters.
Recruiter-facing
L
应用管道看板 — 拖拽式 Kanban(已获取→已筛选→已提交→面试→Offer→已录用)Application Pipeline Kanban — Drag-and-drop: Sourced → Screened → Submitted → Interview → Offer → Placed
Recruiter-facing
M
应用内通知 — Firestore 实时推送:新申请、状态变更、面试确认In-App Notifications — Real-time Firestore listeners: applications, status changes, interview confirmations
All roles
M
邮件通知系统 — SendGrid/Resend 事务邮件:欢迎、状态更新、面试提醒、Offer 函Email Notification System — Transactional email via SendGrid/Resend: welcome, status, reminders, offer letters
Candidate / Recruiter
L
合作伙伴门户工作流 — 提交职位单、查看候选人提交、审批/拒绝、追踪录用状态Partner Portal Workflows — Submit job orders, view submissions, approve/reject, track placement status
Partner-facing
L
面试日程安排 — 应用内预约时段,Google Calendar 整合,自动提醒双方Interview Scheduling — In-app booking, Google Calendar integration, automated reminders
Recruiter / Candidate
PHASE 3
增长功能Growth Features
2–3 个月months · Backlog
5 功能features
L
站内消息系统 — 招聘专员与候选人直接消息,含已读回执、附件、Firestore 历史Messaging System — In-app DM with read receipts, file attachments, message history in Firestore
Recruiter / Candidate
L
佣金与录用追踪 — 录用记录、费用条款、佣金分配、PDF 发票、付款状态Commission & Placement Tracking — Records, fees, splits, PDF invoices, payment status
Admin / Recruiter
M
Google Sheets 数据迁移 — 员工考勤、佣金、SOP 日志迁移至 FirestoreGoogle Sheets Migration — Migrate attendance, commissions, SOP logs into Firestore
Internal / Admin
M
移动端响应式审计 + PWA — 修复所有屏幕断点,添加 PWA manifest 和 Service WorkerMobile Responsive Audit + PWA — Fix all breakpoints. Add PWA manifest and service worker.
All roles
L
AI 候选人匹配 — 用 Claude 评分候选人-职位适配度,在职位视图展示 Top 匹配AI Candidate Matching — Claude scores candidate-job fit. Surface top matches on job order view.
Recruiter / Internal
PHASE 4
规模扩张Scale
3–6 个月months · Future
5 功能features
L
分析仪表板 — 招聘时效、候选人来源归因、管道速度、招聘专员绩效、录用收入Analytics Dashboard — Time-to-hire, source attribution, pipeline velocity, recruiter performance, revenue
Admin / Recruiter
L
合作伙伴 API — REST API 供企业合作伙伴以编程方式提交职位单、查询候选人状态Partner API — REST API for approved partners to submit job orders, query candidate status, receive webhooks
Partner / Internal
L
白标选项 — 可配置品牌层(Logo、颜色、域名),企业客户可用自有品牌使用平台White-Label Option — Configurable branding (logo, colours, domain) for enterprise clients
Admin / Internal
M
自动邮件序列 — 注册后培育、状态更新、面试准备 Tips、Offer 后续、重激活序列Automated Email Sequences — Post-registration nurture, status updates, interview prep, offer follow-ups, re-engagement
Candidate / Recruiter
L
视频面试集成 — 嵌入式单向和实时视频面试(Daily.co 或类似 API),录像关联候选人档案Video Interview Integration — Embedded one-way and live video (Daily.co or similar). Recordings linked to candidate profiles.
Recruiter / Candidate
5
n8n 自动化工作流n8n Automation Workflows
已上线Live
下一批次 (n8n P1)Next (n8n P1)
后期规划 (n8n P2)Later (n8n P2)
n8n P0 · LIVE
SR Job Order Auto Entry
Telegram 消息→语义提取职位单→自动录入主表、触发通知Telegram → semantic extract job order → auto-enter master sheet, trigger notification
n8n P0 · LIVE
Sunrise CV Automated Pipeline
CV 上传→白名单过滤→Gemini 解析→Auto-debug→回传给招聘专员CV upload → whitelist filter → Gemini parse → auto-debug → relay to recruiter
n8n P0 · PLANNED
Unified Lead Capture & Dedup
统一捕获线索(WhatsApp/Web/FB/Telegram),去重,自动分配Unified lead capture from all channels, deduplicate, auto-assign
n8n P0 · PLANNED
Auto Scheduling — Calls & Clients
候选人自助预约日历,0~1 小时内自动发提醒Candidate self-schedule calendar, auto reminder within 0–1hr
n8n P0 · PLANNED
Candidate Onboarding Doc
自动收集 IC、CV、证书、A 级消息;驱动入职培训流程Auto-collect IC, CV, certs, A-grade messages; drive onboarding flow
n8n P0 · PLANNED
Job Order Intake + Auto-Qualification
规范化客户 JD,AI 评分后发往主表,待批准后分配Standardise client JD briefs, AI score → master sheet → approval → assign
n8n P0 · PLANNED
KYC / Employer Verification
收集 SSM、董事明细、账单,自动合规检查,内部批准Collect SSM, director details; auto compliance check; internal approval
n8n P0 · PLANNED
Quote + Contract Auto-Generation
拉取客户+角色+完整模板,填充费用,触发审批窗口,待签名Pull client + role + template, fill fees, trigger approval window, await signature
n8n P0 · PLANNED
Client Status Updates (Auto)
候选人阶段变更→语义草拟状态更新→发至 WhatsApp/邮件→待批准Stage change → semantic draft status update → send to WhatsApp/email → await approval
n8n P1 · NEXT
Candidate-to-Job Matching + Shortlist
基于 JD 评分候选人数据库,关键词筛选,自动生成名单发至客户Score candidate DB against JD, keyword filter, auto-generate shortlist to client
n8n P1 · NEXT
Interview Coordination + Confirmation
提议时段、确认日历、发送候选人+客户确认邮件、追踪面试阶段Propose time slots, confirm calendar, send confirmations to both parties, track stage
n8n P1 · NEXT
SG Work Pass / Visa Checklist (EP/SP/WP)
根据 Pass 类型确定所需文件,追踪收集清单,发送截止提醒Determine docs by pass type, track collection checklist, send deadline reminders
n8n P2 · LATER
Revenue + Consultant KPI + Shortlist Builder
多维度追踪:计算佣金、收入、KPI;聚合推荐表格,包含 AI 评分Multi-dim tracking: commission, revenue, KPI; aggregate shortlist with AI scoring
n8n P2 · LATER
AI Recruiter Copilot (Internal Chatbot)
内部 AI 助理:"这个候选人符合什么职位?" / 起草消息 / 搜索 SOPInternal AI assistant: candidate-to-job matching queries / draft messages / search SOPs
n8n P2 · LATER
4U Employer Dashboard + Token Payment
实时/财务仪表板,用 Order 短链接跳转,通过 Firebase dash 扣除 TokenReal-time/financial dashboard, Order shortlink navigation, Token deduction via Firebase dash
6
技术参考Technical Reference
SR-Web-AS · 环境变量Env Variables
| 变量Variable | 描述Description |
|---|---|
| VITE_FIREBASE_API_KEY | Firebase 项目 API Key(公开,Vite 前缀)Firebase project API key (public, Vite prefix) |
| VITE_FIREBASE_AUTH_DOMAIN | Firebase Auth 域名Firebase Auth domain |
| VITE_FIREBASE_PROJECT_ID | Firestore 项目 IDFirestore project ID |
| VITE_FIREBASE_STORAGE_BUCKET | Firebase Storage bucketFirebase Storage bucket |
| VITE_FIREBASE_APP_ID | Firebase 应用 IDFirebase app ID |
| SR_SSO_SECRET | SSO token 签名共享密钥(SR_SSO_2025)SSO token signing shared secret (SR_SSO_2025) |
| SESSION_SECRET | Express session 密钥(32+ 字符随机串)Express session secret (32+ random chars) |
| PORT | Express 服务器端口(默认 3000)Express server port (default 3000) |
sr-proxy · 环境变量Env Variables
| 变量Variable | 描述Description |
|---|---|
| PROXY_SECRET | x-proxy-secret 头验证密钥(32+ 字符)x-proxy-secret header validation secret (32+ chars) |
| ANTHROPIC_API_KEY | Anthropic Claude API 密钥Anthropic Claude API key |
| GEMINI_API_KEY | Google Gemini API 密钥Google Gemini API key |
| OPENAI_API_KEY | OpenAI GPT API 密钥OpenAI GPT API key |
| ALLOWED_ORIGIN | CORS 白名单(仅限 sunrise-tools 域名)CORS whitelist (sunrise-tools origin only) |
| PORT | 服务器监听端口(默认 8080)Server listen port (default 8080) |
sunrise-tools · localStorage
| Key | 说明Description |
|---|---|
| sr_proxy_url | sr-proxy 基础 URL(每台员工电脑设置一次)sr-proxy base URL (set once per staff browser) |
| sso_token | 从 ?sso= 参数自动写入,验证后从 URL 移除Auto-set from ?sso= param; removed from URL after validation |
集成检查清单Integration Checklist
✓Firebase Auth Google OAuthWeb
○Firestore 安全规则Firestore Security RulesWeb
✓SSO Token 生成GenerationWeb
✓SSO 重定向RedirectWeb
◈SR-Web-AS 环境变量Env VarsWeb
✓sr-proxy 已部署DeployedProxy
✓x-proxy-secret 认证AuthProxy
✓/proxy/anthropicProxy
✓/proxy/geminiProxy
✓/proxy/openaiProxy
○/proxy/ai 统一路由Unified RouteProxy
◈CORS 限制RestrictionProxy
○Tools SSO 验证逻辑ValidationTools
✓localStorage sr_proxy_urlTools
✓11 个工具已部署Tools DeployedTools
○自定义子域名Custom SubdomainsAll
✓HTTPS / TLSAll
○SSO Token 15分钟过期15min ExpiryWeb+Tools
✓ 已完成Done
○ 待完成Pending
◈ 需确认Check
CORS 配置 · sr-proxyConfiguration · sr-proxy
Access-Control-Allow-Origin
https://sunriserecruittools.zeabur.app
(或自定义子域名)(or custom subdomain)
Access-Control-Allow-Methods
POST, OPTIONS
Access-Control-Allow-Headers
Content-Type, x-proxy-secret
Sunrise Recruit 平台知识地图Sunrise Recruit Platform Knowledge Map
V1.0 · April 2026 · 保密 — 仅限内部使用Confidential — Internal Use Only · Malaysia & Singapore
来源:产品路线图 · 架构文档 · 招聘OS用户手册 · 4U BlueprintSources: Product Roadmap · Architecture Doc · Recruitment OS User Guide · 4U Blueprint
seantan338/SR-Web-AS · Zeabur