feat: enhance user API key management and implement soft delete

- Redirect users to API Keys tab after login instead of overview - Remove Token Limit and Daily Cost Limit from user API key details modal - Implement soft delete for API keys to preserve usage statistics - Add admin endpoint to view deleted API keys with metadata - Track deletion metadata (deletedBy, deletedAt, deletedByType) - Ensure deleted API keys cannot be restored - Include deleted key stats in user totals while excluding from active count 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-23 20:56:48 +00:00 · 2025-08-14 10:48:28 +08:00
parent c413fddec0
commit 8ea150a975
6 changed files with 70 additions and 31 deletions
--- a/src/routes/admin.js
+++ b/src/routes/admin.js
@@ -796,7 +796,7 @@ router.delete('/api-keys/:keyId', authenticateAdmin, async (req, res) => {
  try {
    const { keyId } = req.params

-    await apiKeyService.deleteApiKey(keyId)
+    await apiKeyService.deleteApiKey(keyId, req.admin.username, 'admin')

    logger.success(`🗑️ Admin deleted API key: ${keyId}`)
    return res.json({ success: true, message: 'API key deleted successfully' })
@@ -806,6 +806,32 @@ router.delete('/api-keys/:keyId', authenticateAdmin, async (req, res) => {
  }
 })

+// 📋 获取已删除的API Keys
+router.get('/api-keys/deleted', authenticateAdmin, async (req, res) => {
+  try {
+    const deletedApiKeys = await apiKeyService.getAllApiKeys(true) // Include deleted
+    const onlyDeleted = deletedApiKeys.filter((key) => key.isDeleted === 'true')
+
+    // Add additional metadata for deleted keys
+    const enrichedKeys = onlyDeleted.map((key) => ({
+      ...key,
+      isDeleted: key.isDeleted === 'true',
+      deletedAt: key.deletedAt,
+      deletedBy: key.deletedBy,
+      deletedByType: key.deletedByType,
+      canRestore: false // Deleted keys cannot be restored per requirement
+    }))
+
+    logger.success(`📋 Admin retrieved ${enrichedKeys.length} deleted API keys`)
+    return res.json({ success: true, apiKeys: enrichedKeys, total: enrichedKeys.length })
+  } catch (error) {
+    logger.error('❌ Failed to get deleted API keys:', error)
+    return res
+      .status(500)
+      .json({ error: 'Failed to retrieve deleted API keys', message: error.message })
+  }
+})
+
 // 👥 账户分组管理

 // 创建账户分组
--- a/src/routes/userRoutes.js
+++ b/src/routes/userRoutes.js
@@ -304,7 +304,7 @@ router.delete('/api-keys/:keyId', authenticateUser, async (req, res) => {
      })
    }

-    await apiKeyService.deleteApiKey(keyId)
+    await apiKeyService.deleteApiKey(keyId, req.user.username, 'user')

    // 更新用户API Key数量
    const userApiKeys = await apiKeyService.getUserApiKeys(req.user.id)