github/claude-relay-service
1
0
Fork 0
mirror of https://github.com/Wei-Shaw/claude-relay-service.git synced 2026-01-22 16:43:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

resolve: 解决与upstream/dev的合并冲突

Browse Source 
- 合并admin.js中的groupIds和autoStopOnWarning参数
- 统一AccountForm.vue中的错误提示文案和平台判断逻辑
- 保留AccountsView.vue中的分组过滤和ungrouped功能
- 确保Azure OpenAI账户创建和更新逻辑完整性

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
sczheng189
2025-09-02 20:32:42 +08:00
parent 945e0ac198 1165427df0
commit 9c7ec8758d
66 changed files with 11527 additions and 1581 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
.env.example
View File

@@ -55,14 +55,45 @@ WEB_LOGO_URL=/assets/logo.png
# 🛠️ 开发配置 # 🛠️ 开发配置
DEBUG=false DEBUG=false
DEBUG_HTTP_TRAFFIC=false # 启用HTTP请求/响应调试日志(仅开发环境)
ENABLE_CORS=true ENABLE_CORS=true
TRUST_PROXY=true TRUST_PROXY=true
# 🔒 客户端限制(可选) # 🔒 客户端限制(可选)
# ALLOW_CUSTOM_CLIENTS=false # ALLOW_CUSTOM_CLIENTS=false
# 📢 Webhook 通知配置 # 🔐 LDAP 认证配置
WEBHOOK_ENABLED=true LDAP_ENABLED=false
WEBHOOK_URLS=https://your-webhook-url.com/notify,https://backup-webhook.com/notify LDAP_URL=ldaps://ldap-1.test1.bj.yxops.net:636
WEBHOOK_TIMEOUT=10000 LDAP_BIND_DN=cn=admin,dc=example,dc=com
WEBHOOK_RETRIES=3 LDAP_BIND_PASSWORD=admin_password
LDAP_SEARCH_BASE=dc=example,dc=com
LDAP_SEARCH_FILTER=(uid={{username}})
LDAP_SEARCH_ATTRIBUTES=dn,uid,cn,mail,givenName,sn
LDAP_TIMEOUT=5000
LDAP_CONNECT_TIMEOUT=10000
# 🔒 LDAP TLS/SSL 配置 (用于 ldaps:// URL)
# 是否忽略证书验证错误 (设置为false可忽略自签名证书错误)
LDAP_TLS_REJECT_UNAUTHORIZED=true
# CA 证书文件路径 (可选用于自定义CA证书)
# LDAP_TLS_CA_FILE=/path/to/ca-cert.pem
# 客户端证书文件路径 (可选,用于双向认证)
# LDAP_TLS_CERT_FILE=/path/to/client-cert.pem
# 客户端私钥文件路径 (可选,用于双向认证)
# LDAP_TLS_KEY_FILE=/path/to/client-key.pem
# 服务器名称 (可选,用于 SNI)
# LDAP_TLS_SERVERNAME=ldap.example.com
# 🗺️ LDAP 用户属性映射
LDAP_USER_ATTR_USERNAME=uid
LDAP_USER_ATTR_DISPLAY_NAME=cn
LDAP_USER_ATTR_EMAIL=mail
LDAP_USER_ATTR_FIRST_NAME=givenName
LDAP_USER_ATTR_LAST_NAME=sn
# 👥 用户管理配置
USER_MANAGEMENT_ENABLED=false
DEFAULT_USER_ROLE=user
USER_SESSION_TIMEOUT=86400000
MAX_API_KEYS_PER_USER=5

4
.gitignore vendored
View File

@@ -216,6 +216,10 @@ local/
debug.log debug.log
error.log error.log
access.log access.log
http-debug*.log
logs/http-debug-*.log
src/middleware/debugInterceptor.js
# Session files # Session files
sessions/ sessions/

66
README.md
View File

@@ -250,11 +250,6 @@ REDIS_HOST=localhost
REDIS_PORT=6379 REDIS_PORT=6379
REDIS_PASSWORD= REDIS_PASSWORD=
# Webhook通知配置可选
WEBHOOK_ENABLED=true
WEBHOOK_URLS=https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=your-key
WEBHOOK_TIMEOUT=10000
WEBHOOK_RETRIES=3
``` ```
**编辑 `config/config.js` 文件:** **编辑 `config/config.js` 文件:**
@@ -518,67 +513,6 @@ http://你的服务器:3000/openai/claude/v1/
--- ---
## 📢 Webhook 通知功能
### 功能说明
当系统检测到账号异常时,会自动发送 webhook 通知支持企业微信、钉钉、Slack 等平台。
### 通知触发场景
- **Claude OAuth 账户**: token 过期或未授权时
- **Claude Console 账户**: 系统检测到账户被封锁时
- **Gemini 账户**: token 刷新失败时
- **手动禁用账户**: 管理员手动禁用账户时
### 配置方法
**1. 环境变量配置**
```bash
# 启用 webhook 通知
WEBHOOK_ENABLED=true
# 企业微信 webhook 地址(替换为你的实际地址)
WEBHOOK_URLS=https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=your-key
# 多个地址用逗号分隔
WEBHOOK_URLS=https://webhook1.com,https://webhook2.com
# 请求超时时间毫秒默认10秒
WEBHOOK_TIMEOUT=10000
# 重试次数默认3次
WEBHOOK_RETRIES=3
```
**2. 企业微信设置**
1. 在企业微信群中添加「群机器人」
2. 获取 webhook 地址:`https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=xxx`
3. 将地址配置到 `WEBHOOK_URLS` 环境变量
### 通知内容格式
系统会发送结构化的通知消息:
```
账户名称 账号异常,异常代码 ERROR_CODE
平台claude-oauth
时间2025-08-14 17:30:00
原因Token expired
```
### 测试 Webhook
可以通过管理后台测试 webhook 连通性:
1. 登录管理后台:`http://你的服务器:3000/web`
2. 访问:`/admin/webhook/test`
3. 发送测试通知确认配置正确
---
## 🔧 日常维护 ## 🔧 日常维护
### 服务管理 ### 服务管理

2
VERSION
View File

@@ -1 +1 @@
1.1.120 1.1.124

51
config/config.example.js
View File

@@ -127,6 +127,57 @@ const config = {
allowCustomClients: process.env.ALLOW_CUSTOM_CLIENTS === 'true' allowCustomClients: process.env.ALLOW_CUSTOM_CLIENTS === 'true'
}, },
// 🔐 LDAP 认证配置
ldap: {
enabled: process.env.LDAP_ENABLED === 'true',
server: {
url: process.env.LDAP_URL || 'ldap://localhost:389',
bindDN: process.env.LDAP_BIND_DN || 'cn=admin,dc=example,dc=com',
bindCredentials: process.env.LDAP_BIND_PASSWORD || 'admin',
searchBase: process.env.LDAP_SEARCH_BASE || 'dc=example,dc=com',
searchFilter: process.env.LDAP_SEARCH_FILTER || '(uid={{username}})',
searchAttributes: process.env.LDAP_SEARCH_ATTRIBUTES
? process.env.LDAP_SEARCH_ATTRIBUTES.split(',')
: ['dn', 'uid', 'cn', 'mail', 'givenName', 'sn'],
timeout: parseInt(process.env.LDAP_TIMEOUT) || 5000,
connectTimeout: parseInt(process.env.LDAP_CONNECT_TIMEOUT) || 10000,
// TLS/SSL 配置
tls: {
// 是否忽略证书错误 (用于自签名证书)
rejectUnauthorized: process.env.LDAP_TLS_REJECT_UNAUTHORIZED !== 'false', // 默认验证证书设置为false则忽略
// CA证书文件路径 (可选用于自定义CA证书)
ca: process.env.LDAP_TLS_CA_FILE
? require('fs').readFileSync(process.env.LDAP_TLS_CA_FILE)
: undefined,
// 客户端证书文件路径 (可选,用于双向认证)
cert: process.env.LDAP_TLS_CERT_FILE
? require('fs').readFileSync(process.env.LDAP_TLS_CERT_FILE)
: undefined,
// 客户端私钥文件路径 (可选,用于双向认证)
key: process.env.LDAP_TLS_KEY_FILE
? require('fs').readFileSync(process.env.LDAP_TLS_KEY_FILE)
: undefined,
// 服务器名称 (用于SNI可选)
servername: process.env.LDAP_TLS_SERVERNAME || undefined
}
},
userMapping: {
username: process.env.LDAP_USER_ATTR_USERNAME || 'uid',
displayName: process.env.LDAP_USER_ATTR_DISPLAY_NAME || 'cn',
email: process.env.LDAP_USER_ATTR_EMAIL || 'mail',
firstName: process.env.LDAP_USER_ATTR_FIRST_NAME || 'givenName',
lastName: process.env.LDAP_USER_ATTR_LAST_NAME || 'sn'
}
},
// 👥 用户管理配置
userManagement: {
enabled: process.env.USER_MANAGEMENT_ENABLED === 'true',
defaultUserRole: process.env.DEFAULT_USER_ROLE || 'user',
userSessionTimeout: parseInt(process.env.USER_SESSION_TIMEOUT) || 86400000, // 24小时
maxApiKeysPerUser: parseInt(process.env.MAX_API_KEYS_PER_USER) || 5
},
// 📢 Webhook通知配置 // 📢 Webhook通知配置
webhook: { webhook: {
enabled: process.env.WEBHOOK_ENABLED !== 'false', // 默认启用 enabled: process.env.WEBHOOK_ENABLED !== 'false', // 默认启用

217
package-lock.json generated
View File

@@ -24,6 +24,7 @@
"https-proxy-agent": "^7.0.2", "https-proxy-agent": "^7.0.2",
"inquirer": "^8.2.6", "inquirer": "^8.2.6",
"ioredis": "^5.3.2", "ioredis": "^5.3.2",
"ldapjs": "^3.0.7",
"morgan": "^1.10.0", "morgan": "^1.10.0",
"ora": "^5.4.1", "ora": "^5.4.1",
"rate-limiter-flexible": "^5.0.5", "rate-limiter-flexible": "^5.0.5",
@@ -2048,6 +2049,101 @@
"@jridgewell/sourcemap-codec": "^1.4.14" "@jridgewell/sourcemap-codec": "^1.4.14"
} }
}, },
"node_modules/@ldapjs/asn1": {
"version": "2.0.0",
"resolved": "https://registry.npmmirror.com/@ldapjs/asn1/-/asn1-2.0.0.tgz",
"integrity": "sha512-G9+DkEOirNgdPmD0I8nu57ygQJKOOgFEMKknEuQvIHbGLwP3ny1mY+OTUYLCbCaGJP4sox5eYgBJRuSUpnAddA==",
"deprecated": "This package has been decomissioned. See https://github.com/ldapjs/node-ldapjs/blob/8ffd0bc9c149088a10ec4c1ec6a18450f76ad05d/README.md",
"license": "MIT"
},
"node_modules/@ldapjs/attribute": {
"version": "1.0.0",
"resolved": "https://registry.npmmirror.com/@ldapjs/attribute/-/attribute-1.0.0.tgz",
"integrity": "sha512-ptMl2d/5xJ0q+RgmnqOi3Zgwk/TMJYG7dYMC0Keko+yZU6n+oFM59MjQOUht5pxJeS4FWrImhu/LebX24vJNRQ==",
"deprecated": "This package has been decomissioned. See https://github.com/ldapjs/node-ldapjs/blob/8ffd0bc9c149088a10ec4c1ec6a18450f76ad05d/README.md",
"license": "MIT",
"dependencies": {
"@ldapjs/asn1": "2.0.0",
"@ldapjs/protocol": "^1.2.1",
"process-warning": "^2.1.0"
}
},
"node_modules/@ldapjs/change": {
"version": "1.0.0",
"resolved": "https://registry.npmmirror.com/@ldapjs/change/-/change-1.0.0.tgz",
"integrity": "sha512-EOQNFH1RIku3M1s0OAJOzGfAohuFYXFY4s73wOhRm4KFGhmQQ7MChOh2YtYu9Kwgvuq1B0xKciXVzHCGkB5V+Q==",
"deprecated": "This package has been decomissioned. See https://github.com/ldapjs/node-ldapjs/blob/8ffd0bc9c149088a10ec4c1ec6a18450f76ad05d/README.md",
"license": "MIT",
"dependencies": {
"@ldapjs/asn1": "2.0.0",
"@ldapjs/attribute": "1.0.0"
}
},
"node_modules/@ldapjs/controls": {
"version": "2.1.0",
"resolved": "https://registry.npmmirror.com/@ldapjs/controls/-/controls-2.1.0.tgz",
"integrity": "sha512-2pFdD1yRC9V9hXfAWvCCO2RRWK9OdIEcJIos/9cCVP9O4k72BY1bLDQQ4KpUoJnl4y/JoD4iFgM+YWT3IfITWw==",
"deprecated": "This package has been decomissioned. See https://github.com/ldapjs/node-ldapjs/blob/8ffd0bc9c149088a10ec4c1ec6a18450f76ad05d/README.md",
"license": "MIT",
"dependencies": {
"@ldapjs/asn1": "^1.2.0",
"@ldapjs/protocol": "^1.2.1"
}
},
"node_modules/@ldapjs/controls/node_modules/@ldapjs/asn1": {
"version": "1.2.0",
"resolved": "https://registry.npmmirror.com/@ldapjs/asn1/-/asn1-1.2.0.tgz",
"integrity": "sha512-KX/qQJ2xxzvO2/WOvr1UdQ+8P5dVvuOLk/C9b1bIkXxZss8BaR28njXdPgFCpj5aHaf1t8PmuVnea+N9YG9YMw==",
"deprecated": "This package has been decomissioned. See https://github.com/ldapjs/node-ldapjs/blob/8ffd0bc9c149088a10ec4c1ec6a18450f76ad05d/README.md",
"license": "MIT"
},
"node_modules/@ldapjs/dn": {
"version": "1.1.0",
"resolved": "https://registry.npmmirror.com/@ldapjs/dn/-/dn-1.1.0.tgz",
"integrity": "sha512-R72zH5ZeBj/Fujf/yBu78YzpJjJXG46YHFo5E4W1EqfNpo1UsVPqdLrRMXeKIsJT3x9dJVIfR6OpzgINlKpi0A==",
"deprecated": "This package has been decomissioned. See https://github.com/ldapjs/node-ldapjs/blob/8ffd0bc9c149088a10ec4c1ec6a18450f76ad05d/README.md",
"license": "MIT",
"dependencies": {
"@ldapjs/asn1": "2.0.0",
"process-warning": "^2.1.0"
}
},
"node_modules/@ldapjs/filter": {
"version": "2.1.1",
"resolved": "https://registry.npmmirror.com/@ldapjs/filter/-/filter-2.1.1.tgz",
"integrity": "sha512-TwPK5eEgNdUO1ABPBUQabcZ+h9heDORE4V9WNZqCtYLKc06+6+UAJ3IAbr0L0bYTnkkWC/JEQD2F+zAFsuikNw==",
"deprecated": "This package has been decomissioned. See https://github.com/ldapjs/node-ldapjs/blob/8ffd0bc9c149088a10ec4c1ec6a18450f76ad05d/README.md",
"license": "MIT",
"dependencies": {
"@ldapjs/asn1": "2.0.0",
"@ldapjs/protocol": "^1.2.1",
"process-warning": "^2.1.0"
}
},
"node_modules/@ldapjs/messages": {
"version": "1.3.0",
"resolved": "https://registry.npmmirror.com/@ldapjs/messages/-/messages-1.3.0.tgz",
"integrity": "sha512-K7xZpXJ21bj92jS35wtRbdcNrwmxAtPwy4myeh9duy/eR3xQKvikVycbdWVzkYEAVE5Ce520VXNOwCHjomjCZw==",
"deprecated": "This package has been decomissioned. See https://github.com/ldapjs/node-ldapjs/blob/8ffd0bc9c149088a10ec4c1ec6a18450f76ad05d/README.md",
"license": "MIT",
"dependencies": {
"@ldapjs/asn1": "^2.0.0",
"@ldapjs/attribute": "^1.0.0",
"@ldapjs/change": "^1.0.0",
"@ldapjs/controls": "^2.1.0",
"@ldapjs/dn": "^1.1.0",
"@ldapjs/filter": "^2.1.1",
"@ldapjs/protocol": "^1.2.1",
"process-warning": "^2.2.0"
}
},
"node_modules/@ldapjs/protocol": {
"version": "1.2.1",
"resolved": "https://registry.npmmirror.com/@ldapjs/protocol/-/protocol-1.2.1.tgz",
"integrity": "sha512-O89xFDLW2gBoZWNXuXpBSM32/KealKCTb3JGtJdtUQc7RjAk8XzrRgyz02cPAwGKwKPxy0ivuC7UP9bmN87egQ==",
"deprecated": "This package has been decomissioned. See https://github.com/ldapjs/node-ldapjs/blob/8ffd0bc9c149088a10ec4c1ec6a18450f76ad05d/README.md",
"license": "MIT"
},
"node_modules/@noble/hashes": { "node_modules/@noble/hashes": {
"version": "1.8.0", "version": "1.8.0",
"resolved": "https://registry.npmmirror.com/@noble/hashes/-/hashes-1.8.0.tgz", "resolved": "https://registry.npmmirror.com/@noble/hashes/-/hashes-1.8.0.tgz",
@@ -2921,6 +3017,12 @@
"dev": true, "dev": true,
"license": "ISC" "license": "ISC"
}, },
"node_modules/abstract-logging": {
"version": "2.0.1",
"resolved": "https://registry.npmmirror.com/abstract-logging/-/abstract-logging-2.0.1.tgz",
"integrity": "sha512-2BjRTZxTPvheOvGbBslFSYOUkr+SjPtOnrLP33f+VIWLzezQpZcqVg7ja3L4dBXmzzgwT+a029jRx5PCi3JuiA==",
"license": "MIT"
},
"node_modules/accepts": { "node_modules/accepts": {
"version": "1.3.8", "version": "1.3.8",
"resolved": "https://registry.npmmirror.com/accepts/-/accepts-1.3.8.tgz", "resolved": "https://registry.npmmirror.com/accepts/-/accepts-1.3.8.tgz",
@@ -3077,6 +3179,15 @@
"dev": true, "dev": true,
"license": "MIT" "license": "MIT"
}, },
"node_modules/assert-plus": {
"version": "1.0.0",
"resolved": "https://registry.npmmirror.com/assert-plus/-/assert-plus-1.0.0.tgz",
"integrity": "sha512-NfJ4UzBCcQGLDlQq7nHxH+tv3kyZ0hHQqF5BO6J7tNJeP5do1llPr8dZ8zHonfhAu0PHAdMkSo+8o0wxg9lZWw==",
"license": "MIT",
"engines": {
"node": ">=0.8"
}
},
"node_modules/astral-regex": { "node_modules/astral-regex": {
"version": "2.0.0", "version": "2.0.0",
"resolved": "https://registry.npmmirror.com/astral-regex/-/astral-regex-2.0.0.tgz", "resolved": "https://registry.npmmirror.com/astral-regex/-/astral-regex-2.0.0.tgz",
@@ -3225,6 +3336,18 @@
"@babel/core": "^7.0.0" "@babel/core": "^7.0.0"
} }
}, },
"node_modules/backoff": {
"version": "2.5.0",
"resolved": "https://registry.npmmirror.com/backoff/-/backoff-2.5.0.tgz",
"integrity": "sha512-wC5ihrnUXmR2douXmXLCe5O3zg3GKIyvRi/hi58a/XyRxVI+3/yM0PYueQOZXPXQ9pxBislYkw+sF9b7C/RuMA==",
"license": "MIT",
"dependencies": {
"precond": "0.2"
},
"engines": {
"node": ">= 0.6"
}
},
"node_modules/balanced-match": { "node_modules/balanced-match": {
"version": "1.0.2", "version": "1.0.2",
"resolved": "https://registry.npmmirror.com/balanced-match/-/balanced-match-1.0.2.tgz", "resolved": "https://registry.npmmirror.com/balanced-match/-/balanced-match-1.0.2.tgz",
@@ -3912,6 +4035,12 @@
"dev": true, "dev": true,
"license": "MIT" "license": "MIT"
}, },
"node_modules/core-util-is": {
"version": "1.0.2",
"resolved": "https://registry.npmmirror.com/core-util-is/-/core-util-is-1.0.2.tgz",
"integrity": "sha512-3lqz5YjWTYnW6dlDa5TLaTCcShfar1e40rmcJVwCBJC6mWlFuj0eCHIElmG1g5kyuJ/GD+8Wn4FFCcz4gJPfaQ==",
"license": "MIT"
},
"node_modules/cors": { "node_modules/cors": {
"version": "2.8.5", "version": "2.8.5",
"resolved": "https://registry.npmmirror.com/cors/-/cors-2.8.5.tgz", "resolved": "https://registry.npmmirror.com/cors/-/cors-2.8.5.tgz",
@@ -4633,6 +4762,15 @@
"node": ">=4" "node": ">=4"
} }
}, },
"node_modules/extsprintf": {
"version": "1.4.1",
"resolved": "https://registry.npmmirror.com/extsprintf/-/extsprintf-1.4.1.tgz",
"integrity": "sha512-Wrk35e8ydCKDj/ArClo1VrPVmN8zph5V4AtHwIuHhvMXsKf73UT3BOD+azBIW+3wOJ4FhEH7zyaJCFvChjYvMA==",
"engines": [
"node >=0.6.0"
],
"license": "MIT"
},
"node_modules/fast-deep-equal": { "node_modules/fast-deep-equal": {
"version": "3.1.3", "version": "3.1.3",
"resolved": "https://registry.npmmirror.com/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", "resolved": "https://registry.npmmirror.com/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
@@ -6524,6 +6662,29 @@
"integrity": "sha512-Xq9nH7KlWZmXAtodXDDRE7vs6DU1gTU8zYDHDiWLSip45Egwq3plLHzPn27NgvzL2r1LMPC1vdqh98sQxtqj4A==", "integrity": "sha512-Xq9nH7KlWZmXAtodXDDRE7vs6DU1gTU8zYDHDiWLSip45Egwq3plLHzPn27NgvzL2r1LMPC1vdqh98sQxtqj4A==",
"license": "MIT" "license": "MIT"
}, },
"node_modules/ldapjs": {
"version": "3.0.7",
"resolved": "https://registry.npmmirror.com/ldapjs/-/ldapjs-3.0.7.tgz",
"integrity": "sha512-1ky+WrN+4CFMuoekUOv7Y1037XWdjKpu0xAPwSP+9KdvmV9PG+qOKlssDV6a+U32apwxdD3is/BZcWOYzN30cg==",
"deprecated": "This package has been decomissioned. See https://github.com/ldapjs/node-ldapjs/blob/8ffd0bc9c149088a10ec4c1ec6a18450f76ad05d/README.md",
"license": "MIT",
"dependencies": {
"@ldapjs/asn1": "^2.0.0",
"@ldapjs/attribute": "^1.0.0",
"@ldapjs/change": "^1.0.0",
"@ldapjs/controls": "^2.1.0",
"@ldapjs/dn": "^1.1.0",
"@ldapjs/filter": "^2.1.1",
"@ldapjs/messages": "^1.3.0",
"@ldapjs/protocol": "^1.2.1",
"abstract-logging": "^2.0.1",
"assert-plus": "^1.0.0",
"backoff": "^2.5.0",
"once": "^1.4.0",
"vasync": "^2.2.1",
"verror": "^1.10.1"
}
},
"node_modules/leven": { "node_modules/leven": {
"version": "3.1.0", "version": "3.1.0",
"resolved": "https://registry.npmmirror.com/leven/-/leven-3.1.0.tgz", "resolved": "https://registry.npmmirror.com/leven/-/leven-3.1.0.tgz",
@@ -7096,7 +7257,6 @@
"version": "1.4.0", "version": "1.4.0",
"resolved": "https://registry.npmmirror.com/once/-/once-1.4.0.tgz", "resolved": "https://registry.npmmirror.com/once/-/once-1.4.0.tgz",
"integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==", "integrity": "sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==",
"dev": true,
"license": "ISC", "license": "ISC",
"dependencies": { "dependencies": {
"wrappy": "1" "wrappy": "1"
@@ -7401,6 +7561,14 @@
"node": ">=8" "node": ">=8"
} }
}, },
"node_modules/precond": {
"version": "0.2.3",
"resolved": "https://registry.npmmirror.com/precond/-/precond-0.2.3.tgz",
"integrity": "sha512-QCYG84SgGyGzqJ/vlMsxeXd/pgL/I94ixdNFyh1PusWmTCyVfPJjZ1K1jvHtsbfnXQs2TSkEP2fR7QiMZAnKFQ==",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/prelude-ls": { "node_modules/prelude-ls": {
"version": "1.2.1", "version": "1.2.1",
"resolved": "https://registry.npmmirror.com/prelude-ls/-/prelude-ls-1.2.1.tgz", "resolved": "https://registry.npmmirror.com/prelude-ls/-/prelude-ls-1.2.1.tgz",
@@ -7468,6 +7636,12 @@
"url": "https://github.com/chalk/ansi-styles?sponsor=1" "url": "https://github.com/chalk/ansi-styles?sponsor=1"
} }
}, },
"node_modules/process-warning": {
"version": "2.3.2",
"resolved": "https://registry.npmmirror.com/process-warning/-/process-warning-2.3.2.tgz",
"integrity": "sha512-n9wh8tvBe5sFmsqlg+XQhaQLumwpqoAUruLwjCopgTmUBjJ/fjtBsJzKleCaIGBOMXYEhp1YfKl4d7rJ5ZKJGA==",
"license": "MIT"
},
"node_modules/prompts": { "node_modules/prompts": {
"version": "2.4.2", "version": "2.4.2",
"resolved": "https://registry.npmmirror.com/prompts/-/prompts-2.4.2.tgz", "resolved": "https://registry.npmmirror.com/prompts/-/prompts-2.4.2.tgz",
@@ -8757,6 +8931,46 @@
"node": ">= 0.8" "node": ">= 0.8"
} }
}, },
"node_modules/vasync": {
"version": "2.2.1",
"resolved": "https://registry.npmmirror.com/vasync/-/vasync-2.2.1.tgz",
"integrity": "sha512-Hq72JaTpcTFdWiNA4Y22Amej2GH3BFmBaKPPlDZ4/oC8HNn2ISHLkFrJU4Ds8R3jcUi7oo5Y9jcMHKjES+N9wQ==",
"engines": [
"node >=0.6.0"
],
"license": "MIT",
"dependencies": {
"verror": "1.10.0"
}
},
"node_modules/vasync/node_modules/verror": {
"version": "1.10.0",
"resolved": "https://registry.npmmirror.com/verror/-/verror-1.10.0.tgz",
"integrity": "sha512-ZZKSmDAEFOijERBLkmYfJ+vmk3w+7hOLYDNkRCuRuMJGEmqYNCNLyBBFwWKVMhfwaEF3WOd0Zlw86U/WC/+nYw==",
"engines": [
"node >=0.6.0"
],
"license": "MIT",
"dependencies": {
"assert-plus": "^1.0.0",
"core-util-is": "1.0.2",
"extsprintf": "^1.2.0"
}
},
"node_modules/verror": {
"version": "1.10.1",
"resolved": "https://registry.npmmirror.com/verror/-/verror-1.10.1.tgz",
"integrity": "sha512-veufcmxri4e3XSrT0xwfUR7kguIkaxBeosDg00yDWhk49wdwkSUrvvsm7nc75e1PUyvIeZj6nS8VQRYz2/S4Xg==",
"license": "MIT",
"dependencies": {
"assert-plus": "^1.0.0",
"core-util-is": "1.0.2",
"extsprintf": "^1.2.0"
},
"engines": {
"node": ">=0.6.0"
}
},
"node_modules/walker": { "node_modules/walker": {
"version": "1.0.8", "version": "1.0.8",
"resolved": "https://registry.npmmirror.com/walker/-/walker-1.0.8.tgz", "resolved": "https://registry.npmmirror.com/walker/-/walker-1.0.8.tgz",
@@ -8911,7 +9125,6 @@
"version": "1.0.2", "version": "1.0.2",
"resolved": "https://registry.npmmirror.com/wrappy/-/wrappy-1.0.2.tgz", "resolved": "https://registry.npmmirror.com/wrappy/-/wrappy-1.0.2.tgz",
"integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==", "integrity": "sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==",
"dev": true,
"license": "ISC" "license": "ISC"
}, },
"node_modules/write-file-atomic": { "node_modules/write-file-atomic": {

1
package.json
View File

@@ -63,6 +63,7 @@
"https-proxy-agent": "^7.0.2", "https-proxy-agent": "^7.0.2",
"inquirer": "^8.2.6", "inquirer": "^8.2.6",
"ioredis": "^5.3.2", "ioredis": "^5.3.2",
"ldapjs": "^3.0.7",
"morgan": "^1.10.0", "morgan": "^1.10.0",
"ora": "^5.4.1", "ora": "^5.4.1",
"rate-limiter-flexible": "^5.0.5", "rate-limiter-flexible": "^5.0.5",

52
scripts/manage.sh
View File

@@ -937,15 +937,61 @@ stop_service() {
# 强制停止所有相关进程 # 强制停止所有相关进程
pkill -f "node.*src/app.js" 2>/dev/null || true pkill -f "node.*src/app.js" 2>/dev/null || true
# 等待进程完全退出最多等待10秒
local wait_count=0
while pgrep -f "node.*src/app.js" > /dev/null; do
if [ $wait_count -ge 10 ]; then
print_warning "进程停止超时,尝试强制终止..."
pkill -9 -f "node.*src/app.js" 2>/dev/null || true
sleep 1
break
fi
sleep 1
wait_count=$((wait_count + 1))
done
# 最终确认进程已停止
if pgrep -f "node.*src/app.js" > /dev/null; then
print_error "无法完全停止服务进程"
return 1
fi
print_success "服务已停止" print_success "服务已停止"
} }
# 重启服务 # 重启服务
restart_service() { restart_service() {
print_info "重启服务..." print_info "重启服务..."
stop_service
sleep 2 # 停止服务并检查结果
start_service if ! stop_service; then
print_error "停止服务失败"
return 1
fi
# 短暂等待,确保端口释放
sleep 1
# 启动服务,如果失败则重试
local retry_count=0
while [ $retry_count -lt 3 ]; do
# 清除可能的僵尸进程检测
if ! pgrep -f "node.*src/app.js" > /dev/null; then
# 进程确实已停止,可以启动
if start_service; then
return 0
fi
fi
retry_count=$((retry_count + 1))
if [ $retry_count -lt 3 ]; then
print_warning "启动失败等待2秒后重试$retry_count 次)..."
sleep 2
fi
done
print_error "重启服务失败"
return 1
} }
# 更新模型价格 # 更新模型价格

16
src/app.js
View File

@@ -21,6 +21,7 @@ const geminiRoutes = require('./routes/geminiRoutes')
const openaiGeminiRoutes = require('./routes/openaiGeminiRoutes') const openaiGeminiRoutes = require('./routes/openaiGeminiRoutes')
const openaiClaudeRoutes = require('./routes/openaiClaudeRoutes') const openaiClaudeRoutes = require('./routes/openaiClaudeRoutes')
const openaiRoutes = require('./routes/openaiRoutes') const openaiRoutes = require('./routes/openaiRoutes')
const userRoutes = require('./routes/userRoutes')
const azureOpenaiRoutes = require('./routes/azureOpenaiRoutes') const azureOpenaiRoutes = require('./routes/azureOpenaiRoutes')
const webhookRoutes = require('./routes/webhook') const webhookRoutes = require('./routes/webhook')
@@ -133,6 +134,17 @@ class Application {
// 📝 请求日志使用自定义logger而不是morgan // 📝 请求日志使用自定义logger而不是morgan
this.app.use(requestLogger) this.app.use(requestLogger)
// 🐛 HTTP调试拦截器仅在启用调试时生效
if (process.env.DEBUG_HTTP_TRAFFIC === 'true') {
try {
const { debugInterceptor } = require('./middleware/debugInterceptor')
this.app.use(debugInterceptor)
logger.info('🐛 HTTP调试拦截器已启用 - 日志输出到 logs/http-debug-*.log')
} catch (error) {
logger.warn('⚠️ 无法加载HTTP调试拦截器:', error.message)
}
}
// 🔧 基础中间件 // 🔧 基础中间件
this.app.use( this.app.use(
express.json({ express.json({
@@ -235,6 +247,7 @@ class Application {
this.app.use('/api', apiRoutes) this.app.use('/api', apiRoutes)
this.app.use('/claude', apiRoutes) // /claude 路由别名,与 /api 功能相同 this.app.use('/claude', apiRoutes) // /claude 路由别名,与 /api 功能相同
this.app.use('/admin', adminRoutes) this.app.use('/admin', adminRoutes)
this.app.use('/users', userRoutes)
// 使用 web 路由(包含 auth 和页面重定向) // 使用 web 路由(包含 auth 和页面重定向)
this.app.use('/web', webRoutes) this.app.use('/web', webRoutes)
this.app.use('/apiStats', apiStatsRoutes) this.app.use('/apiStats', apiStatsRoutes)
@@ -507,7 +520,8 @@ class Application {
const [expiredKeys, errorAccounts] = await Promise.all([ const [expiredKeys, errorAccounts] = await Promise.all([
apiKeyService.cleanupExpiredKeys(), apiKeyService.cleanupExpiredKeys(),
claudeAccountService.cleanupErrorAccounts() claudeAccountService.cleanupErrorAccounts(),
claudeAccountService.cleanupTempErrorAccounts() // 新增:清理临时错误账户
]) ])
await redis.cleanup() await redis.cleanup()

405
src/middleware/auth.js
View File

@@ -1,7 +1,8 @@
const apiKeyService = require('../services/apiKeyService') const apiKeyService = require('../services/apiKeyService')
const userService = require('../services/userService')
const logger = require('../utils/logger') const logger = require('../utils/logger')
const redis = require('../models/redis') const redis = require('../models/redis')
const { RateLimiterRedis } = require('rate-limiter-flexible') // const { RateLimiterRedis } = require('rate-limiter-flexible') // 暂时未使用
const config = require('../../config/config') const config = require('../../config/config')
// 🔑 API Key验证中间件优化版 // 🔑 API Key验证中间件优化版
@@ -182,11 +183,18 @@ const authenticateApiKey = async (req, res, next) => {
// 检查时间窗口限流 // 检查时间窗口限流
const rateLimitWindow = validation.keyData.rateLimitWindow || 0 const rateLimitWindow = validation.keyData.rateLimitWindow || 0
const rateLimitRequests = validation.keyData.rateLimitRequests || 0 const rateLimitRequests = validation.keyData.rateLimitRequests || 0
const rateLimitCost = validation.keyData.rateLimitCost || 0 // 新增:费用限制
if (rateLimitWindow > 0 && (rateLimitRequests > 0 || validation.keyData.tokenLimit > 0)) { // 兼容性检查如果tokenLimit仍有值使用tokenLimit否则使用rateLimitCost
const hasRateLimits =
rateLimitWindow > 0 &&
(rateLimitRequests > 0 || validation.keyData.tokenLimit > 0 || rateLimitCost > 0)
if (hasRateLimits) {
const windowStartKey = `rate_limit:window_start:${validation.keyData.id}` const windowStartKey = `rate_limit:window_start:${validation.keyData.id}`
const requestCountKey = `rate_limit:requests:${validation.keyData.id}` const requestCountKey = `rate_limit:requests:${validation.keyData.id}`
const tokenCountKey = `rate_limit:tokens:${validation.keyData.id}` const tokenCountKey = `rate_limit:tokens:${validation.keyData.id}`
const costCountKey = `rate_limit:cost:${validation.keyData.id}` // 新增:费用计数器
const now = Date.now() const now = Date.now()
const windowDuration = rateLimitWindow * 60 * 1000 // 转换为毫秒 const windowDuration = rateLimitWindow * 60 * 1000 // 转换为毫秒
@@ -199,6 +207,7 @@ const authenticateApiKey = async (req, res, next) => {
await redis.getClient().set(windowStartKey, now, 'PX', windowDuration) await redis.getClient().set(windowStartKey, now, 'PX', windowDuration)
await redis.getClient().set(requestCountKey, 0, 'PX', windowDuration) await redis.getClient().set(requestCountKey, 0, 'PX', windowDuration)
await redis.getClient().set(tokenCountKey, 0, 'PX', windowDuration) await redis.getClient().set(tokenCountKey, 0, 'PX', windowDuration)
await redis.getClient().set(costCountKey, 0, 'PX', windowDuration) // 新增:重置费用
windowStart = now windowStart = now
} else { } else {
windowStart = parseInt(windowStart) windowStart = parseInt(windowStart)
@@ -209,6 +218,7 @@ const authenticateApiKey = async (req, res, next) => {
await redis.getClient().set(windowStartKey, now, 'PX', windowDuration) await redis.getClient().set(windowStartKey, now, 'PX', windowDuration)
await redis.getClient().set(requestCountKey, 0, 'PX', windowDuration) await redis.getClient().set(requestCountKey, 0, 'PX', windowDuration)
await redis.getClient().set(tokenCountKey, 0, 'PX', windowDuration) await redis.getClient().set(tokenCountKey, 0, 'PX', windowDuration)
await redis.getClient().set(costCountKey, 0, 'PX', windowDuration) // 新增:重置费用
windowStart = now windowStart = now
} }
} }
@@ -216,6 +226,7 @@ const authenticateApiKey = async (req, res, next) => {
// 获取当前计数 // 获取当前计数
const currentRequests = parseInt((await redis.getClient().get(requestCountKey)) || '0') const currentRequests = parseInt((await redis.getClient().get(requestCountKey)) || '0')
const currentTokens = parseInt((await redis.getClient().get(tokenCountKey)) || '0') const currentTokens = parseInt((await redis.getClient().get(tokenCountKey)) || '0')
const currentCost = parseFloat((await redis.getClient().get(costCountKey)) || '0') // 新增:当前费用
// 检查请求次数限制 // 检查请求次数限制
if (rateLimitRequests > 0 && currentRequests >= rateLimitRequests) { if (rateLimitRequests > 0 && currentRequests >= rateLimitRequests) {
@@ -236,24 +247,46 @@ const authenticateApiKey = async (req, res, next) => {
}) })
} }
// 检查Token使用量限制 // 兼容性检查优先使用Token限制历史数据否则使用费用限制
const tokenLimit = parseInt(validation.keyData.tokenLimit) const tokenLimit = parseInt(validation.keyData.tokenLimit)
if (tokenLimit > 0 && currentTokens >= tokenLimit) { if (tokenLimit > 0) {
const resetTime = new Date(windowStart + windowDuration) // 使用Token限制向后兼容
const remainingMinutes = Math.ceil((resetTime - now) / 60000) if (currentTokens >= tokenLimit) {
const resetTime = new Date(windowStart + windowDuration)
const remainingMinutes = Math.ceil((resetTime - now) / 60000)
logger.security( logger.security(
`🚦 Rate limit exceeded (tokens) for key: ${validation.keyData.id} (${validation.keyData.name}), tokens: ${currentTokens}/${tokenLimit}` `🚦 Rate limit exceeded (tokens) for key: ${validation.keyData.id} (${validation.keyData.name}), tokens: ${currentTokens}/${tokenLimit}`
) )
return res.status(429).json({ return res.status(429).json({
error: 'Rate limit exceeded', error: 'Rate limit exceeded',
message: `已达到 Token 使用限制 (${tokenLimit} tokens),将在 ${remainingMinutes} 分钟后重置`, message: `已达到 Token 使用限制 (${tokenLimit} tokens),将在 ${remainingMinutes} 分钟后重置`,
currentTokens, currentTokens,
tokenLimit, tokenLimit,
resetAt: resetTime.toISOString(), resetAt: resetTime.toISOString(),
remainingMinutes remainingMinutes
}) })
}
} else if (rateLimitCost > 0) {
// 使用费用限制(新功能)
if (currentCost >= rateLimitCost) {
const resetTime = new Date(windowStart + windowDuration)
const remainingMinutes = Math.ceil((resetTime - now) / 60000)
logger.security(
`💰 Rate limit exceeded (cost) for key: ${validation.keyData.id} (${validation.keyData.name}), cost: $${currentCost.toFixed(2)}/$${rateLimitCost}`
)
return res.status(429).json({
error: 'Rate limit exceeded',
message: `已达到费用限制 ($${rateLimitCost}),将在 ${remainingMinutes} 分钟后重置`,
currentCost,
costLimit: rateLimitCost,
resetAt: resetTime.toISOString(),
remainingMinutes
})
}
} }
// 增加请求计数 // 增加请求计数
@@ -265,10 +298,13 @@ const authenticateApiKey = async (req, res, next) => {
windowDuration, windowDuration,
requestCountKey, requestCountKey,
tokenCountKey, tokenCountKey,
costCountKey, // 新增:费用计数器
currentRequests: currentRequests + 1, currentRequests: currentRequests + 1,
currentTokens, currentTokens,
currentCost, // 新增:当前费用
rateLimitRequests, rateLimitRequests,
tokenLimit tokenLimit,
rateLimitCost // 新增:费用限制
} }
} }
@@ -297,6 +333,46 @@ const authenticateApiKey = async (req, res, next) => {
) )
} }
// 检查 Opus 周费用限制(仅对 Opus 模型生效)
const weeklyOpusCostLimit = validation.keyData.weeklyOpusCostLimit || 0
if (weeklyOpusCostLimit > 0) {
// 从请求中获取模型信息
const requestBody = req.body || {}
const model = requestBody.model || ''
// 判断是否为 Opus 模型
if (model && model.toLowerCase().includes('claude-opus')) {
const weeklyOpusCost = validation.keyData.weeklyOpusCost || 0
if (weeklyOpusCost >= weeklyOpusCostLimit) {
logger.security(
`💰 Weekly Opus cost limit exceeded for key: ${validation.keyData.id} (${validation.keyData.name}), cost: $${weeklyOpusCost.toFixed(2)}/$${weeklyOpusCostLimit}`
)
// 计算下周一的重置时间
const now = new Date()
const dayOfWeek = now.getDay()
const daysUntilMonday = dayOfWeek === 0 ? 1 : (8 - dayOfWeek) % 7 || 7
const resetDate = new Date(now)
resetDate.setDate(now.getDate() + daysUntilMonday)
resetDate.setHours(0, 0, 0, 0)
return res.status(429).json({
error: 'Weekly Opus cost limit exceeded',
message: `已达到 Opus 模型周费用限制 ($${weeklyOpusCostLimit})`,
currentCost: weeklyOpusCost,
costLimit: weeklyOpusCostLimit,
resetAt: resetDate.toISOString() // 下周一重置
})
}
// 记录当前 Opus 费用使用情况
logger.api(
`💰 Opus weekly cost usage for key: ${validation.keyData.id} (${validation.keyData.name}), current: $${weeklyOpusCost.toFixed(2)}/$${weeklyOpusCostLimit}`
)
}
}
// 将验证信息添加到请求对象(只包含必要信息) // 将验证信息添加到请求对象(只包含必要信息)
req.apiKey = { req.apiKey = {
id: validation.keyData.id, id: validation.keyData.id,
@@ -311,6 +387,7 @@ const authenticateApiKey = async (req, res, next) => {
concurrencyLimit: validation.keyData.concurrencyLimit, concurrencyLimit: validation.keyData.concurrencyLimit,
rateLimitWindow: validation.keyData.rateLimitWindow, rateLimitWindow: validation.keyData.rateLimitWindow,
rateLimitRequests: validation.keyData.rateLimitRequests, rateLimitRequests: validation.keyData.rateLimitRequests,
rateLimitCost: validation.keyData.rateLimitCost, // 新增:费用限制
enableModelRestriction: validation.keyData.enableModelRestriction, enableModelRestriction: validation.keyData.enableModelRestriction,
restrictedModels: validation.keyData.restrictedModels, restrictedModels: validation.keyData.restrictedModels,
enableClientRestriction: validation.keyData.enableClientRestriction, enableClientRestriction: validation.keyData.enableClientRestriction,
@@ -449,6 +526,234 @@ const authenticateAdmin = async (req, res, next) => {
} }
} }
// 👤 用户验证中间件
const authenticateUser = async (req, res, next) => {
const startTime = Date.now()
try {
// 安全提取用户session token支持多种方式
const sessionToken =
req.headers['authorization']?.replace(/^Bearer\s+/i, '') ||
req.cookies?.userToken ||
req.headers['x-user-token']
if (!sessionToken) {
logger.security(`🔒 Missing user session token attempt from ${req.ip || 'unknown'}`)
return res.status(401).json({
error: 'Missing user session token',
message: 'Please login to access this resource'
})
}
// 基本token格式验证
if (typeof sessionToken !== 'string' || sessionToken.length < 32 || sessionToken.length > 128) {
logger.security(`🔒 Invalid user session token format from ${req.ip || 'unknown'}`)
return res.status(401).json({
error: 'Invalid session token format',
message: 'Session token format is invalid'
})
}
// 验证用户会话
const sessionValidation = await userService.validateUserSession(sessionToken)
if (!sessionValidation) {
logger.security(`🔒 Invalid user session token attempt from ${req.ip || 'unknown'}`)
return res.status(401).json({
error: 'Invalid session token',
message: 'Invalid or expired user session'
})
}
const { session, user } = sessionValidation
// 检查用户是否被禁用
if (!user.isActive) {
logger.security(
`🔒 Disabled user login attempt: ${user.username} from ${req.ip || 'unknown'}`
)
return res.status(403).json({
error: 'Account disabled',
message: 'Your account has been disabled. Please contact administrator.'
})
}
// 设置用户信息(只包含必要信息)
req.user = {
id: user.id,
username: user.username,
email: user.email,
displayName: user.displayName,
firstName: user.firstName,
lastName: user.lastName,
role: user.role,
sessionToken,
sessionCreatedAt: session.createdAt
}
const authDuration = Date.now() - startTime
logger.info(`👤 User authenticated: ${user.username} (${user.id}) in ${authDuration}ms`)
return next()
} catch (error) {
const authDuration = Date.now() - startTime
logger.error(`❌ User authentication error (${authDuration}ms):`, {
error: error.message,
ip: req.ip,
userAgent: req.get('User-Agent'),
url: req.originalUrl
})
return res.status(500).json({
error: 'Authentication error',
message: 'Internal server error during user authentication'
})
}
}
// 👤 用户或管理员验证中间件(支持两种身份)
const authenticateUserOrAdmin = async (req, res, next) => {
const startTime = Date.now()
try {
// 检查是否有管理员token
const adminToken =
req.headers['authorization']?.replace(/^Bearer\s+/i, '') ||
req.cookies?.adminToken ||
req.headers['x-admin-token']
// 检查是否有用户session token
const userToken =
req.headers['x-user-token'] ||
req.cookies?.userToken ||
(!adminToken ? req.headers['authorization']?.replace(/^Bearer\s+/i, '') : null)
// 优先尝试管理员认证
if (adminToken) {
try {
const adminSession = await redis.getSession(adminToken)
if (adminSession && Object.keys(adminSession).length > 0) {
req.admin = {
id: adminSession.adminId || 'admin',
username: adminSession.username,
sessionId: adminToken,
loginTime: adminSession.loginTime
}
req.userType = 'admin'
const authDuration = Date.now() - startTime
logger.security(`🔐 Admin authenticated: ${adminSession.username} in ${authDuration}ms`)
return next()
}
} catch (error) {
logger.debug('Admin authentication failed, trying user authentication:', error.message)
}
}
// 尝试用户认证
if (userToken) {
try {
const sessionValidation = await userService.validateUserSession(userToken)
if (sessionValidation) {
const { session, user } = sessionValidation
if (user.isActive) {
req.user = {
id: user.id,
username: user.username,
email: user.email,
displayName: user.displayName,
firstName: user.firstName,
lastName: user.lastName,
role: user.role,
sessionToken: userToken,
sessionCreatedAt: session.createdAt
}
req.userType = 'user'
const authDuration = Date.now() - startTime
logger.info(`👤 User authenticated: ${user.username} (${user.id}) in ${authDuration}ms`)
return next()
}
}
} catch (error) {
logger.debug('User authentication failed:', error.message)
}
}
// 如果都失败了,返回未授权
logger.security(`🔒 Authentication failed from ${req.ip || 'unknown'}`)
return res.status(401).json({
error: 'Authentication required',
message: 'Please login as user or admin to access this resource'
})
} catch (error) {
const authDuration = Date.now() - startTime
logger.error(`❌ User/Admin authentication error (${authDuration}ms):`, {
error: error.message,
ip: req.ip,
userAgent: req.get('User-Agent'),
url: req.originalUrl
})
return res.status(500).json({
error: 'Authentication error',
message: 'Internal server error during authentication'
})
}
}
// 🛡️ 权限检查中间件
const requireRole = (allowedRoles) => (req, res, next) => {
// 管理员始终有权限
if (req.admin) {
return next()
}
// 检查用户角色
if (req.user) {
const userRole = req.user.role
const allowed = Array.isArray(allowedRoles) ? allowedRoles : [allowedRoles]
if (allowed.includes(userRole)) {
return next()
} else {
logger.security(
`🚫 Access denied for user ${req.user.username} (role: ${userRole}) to ${req.originalUrl}`
)
return res.status(403).json({
error: 'Insufficient permissions',
message: `This resource requires one of the following roles: ${allowed.join(', ')}`
})
}
}
return res.status(401).json({
error: 'Authentication required',
message: 'Please login to access this resource'
})
}
// 🔒 管理员权限检查中间件
const requireAdmin = (req, res, next) => {
if (req.admin) {
return next()
}
// 检查是否是admin角色的用户
if (req.user && req.user.role === 'admin') {
return next()
}
logger.security(
`🚫 Admin access denied for ${req.user?.username || 'unknown'} from ${req.ip || 'unknown'}`
)
return res.status(403).json({
error: 'Admin access required',
message: 'This resource requires administrator privileges'
})
}
// 注意:使用统计现在直接在/api/v1/messages路由中处理 // 注意:使用统计现在直接在/api/v1/messages路由中处理
// 以便从Claude API响应中提取真实的usage数据 // 以便从Claude API响应中提取真实的usage数据
@@ -713,35 +1018,41 @@ const errorHandler = (error, req, res, _next) => {
} }
// 🌐 全局速率限制中间件(延迟初始化) // 🌐 全局速率限制中间件(延迟初始化)
let rateLimiter = null // const rateLimiter = null // 暂时未使用
const getRateLimiter = () => { // 暂时注释掉未使用的函数
if (!rateLimiter) { // const getRateLimiter = () => {
try { // if (!rateLimiter) {
const client = redis.getClient() // try {
if (!client) { // const client = redis.getClient()
logger.warn('⚠️ Redis client not available for rate limiter') // if (!client) {
return null // logger.warn('⚠️ Redis client not available for rate limiter')
} // return null
// }
//
// rateLimiter = new RateLimiterRedis({
// storeClient: client,
// keyPrefix: 'global_rate_limit',
// points: 1000, // 请求数量
// duration: 900, // 15分钟 (900秒)
// blockDuration: 900 // 阻塞时间15分钟
// })
//
// logger.info('✅ Rate limiter initialized successfully')
// } catch (error) {
// logger.warn('⚠️ Rate limiter initialization failed, using fallback', { error: error.message })
// return null
// }
// }
// return rateLimiter
// }
rateLimiter = new RateLimiterRedis({ const globalRateLimit = async (req, res, next) =>
storeClient: client, // 已禁用全局IP限流 - 直接跳过所有请求
keyPrefix: 'global_rate_limit', next()
points: 1000, // 请求数量
duration: 900, // 15分钟 (900秒)
blockDuration: 900 // 阻塞时间15分钟
})
logger.info('✅ Rate limiter initialized successfully') // 以下代码已被禁用
} catch (error) { /*
logger.warn('⚠️ Rate limiter initialization failed, using fallback', { error: error.message })
return null
}
}
return rateLimiter
}
const globalRateLimit = async (req, res, next) => {
// 跳过健康检查和内部请求 // 跳过健康检查和内部请求
if (req.path === '/health' || req.path === '/api/health') { if (req.path === '/health' || req.path === '/api/health') {
return next() return next()
@@ -777,7 +1088,7 @@ const globalRateLimit = async (req, res, next) => {
retryAfter: Math.round(msBeforeNext / 1000) retryAfter: Math.round(msBeforeNext / 1000)
}) })
} }
} */
// 📊 请求大小限制中间件 // 📊 请求大小限制中间件
const requestSizeLimit = (req, res, next) => { const requestSizeLimit = (req, res, next) => {
@@ -799,6 +1110,10 @@ const requestSizeLimit = (req, res, next) => {
module.exports = { module.exports = {
authenticateApiKey, authenticateApiKey,
authenticateAdmin, authenticateAdmin,
authenticateUser,
authenticateUserOrAdmin,
requireRole,
requireAdmin,
corsMiddleware, corsMiddleware,
requestLogger, requestLogger,
securityMiddleware, securityMiddleware,

345
src/models/redis.js
View File

@@ -29,6 +29,25 @@ function getHourInTimezone(date = new Date()) {
return tzDate.getUTCHours() return tzDate.getUTCHours()
} }
// 获取配置时区的 ISO 周YYYY-Wxx 格式,周一到周日)
function getWeekStringInTimezone(date = new Date()) {
const tzDate = getDateInTimezone(date)
// 获取年份
const year = tzDate.getUTCFullYear()
// 计算 ISO 周数(周一为第一天)
const dateObj = new Date(tzDate)
const dayOfWeek = dateObj.getUTCDay() || 7 // 将周日(0)转换为7
const firstThursday = new Date(dateObj)
firstThursday.setUTCDate(dateObj.getUTCDate() + 4 - dayOfWeek) // 找到这周的周四
const yearStart = new Date(firstThursday.getUTCFullYear(), 0, 1)
const weekNumber = Math.ceil(((firstThursday - yearStart) / 86400000 + 1) / 7)
return `${year}-W${String(weekNumber).padStart(2, '0')}`
}
class RedisClient { class RedisClient {
constructor() { constructor() {
this.client = null this.client = null
@@ -193,7 +212,8 @@ class RedisClient {
cacheReadTokens = 0, cacheReadTokens = 0,
model = 'unknown', model = 'unknown',
ephemeral5mTokens = 0, // 新增5分钟缓存 tokens ephemeral5mTokens = 0, // 新增5分钟缓存 tokens
ephemeral1hTokens = 0 // 新增1小时缓存 tokens ephemeral1hTokens = 0, // 新增1小时缓存 tokens
isLongContextRequest = false // 新增:是否为 1M 上下文请求超过200k
) { ) {
const key = `usage:${keyId}` const key = `usage:${keyId}`
const now = new Date() const now = new Date()
@@ -250,6 +270,12 @@ class RedisClient {
// 详细缓存类型统计(新增) // 详细缓存类型统计(新增)
pipeline.hincrby(key, 'totalEphemeral5mTokens', ephemeral5mTokens) pipeline.hincrby(key, 'totalEphemeral5mTokens', ephemeral5mTokens)
pipeline.hincrby(key, 'totalEphemeral1hTokens', ephemeral1hTokens) pipeline.hincrby(key, 'totalEphemeral1hTokens', ephemeral1hTokens)
// 1M 上下文请求统计(新增)
if (isLongContextRequest) {
pipeline.hincrby(key, 'totalLongContextInputTokens', finalInputTokens)
pipeline.hincrby(key, 'totalLongContextOutputTokens', finalOutputTokens)
pipeline.hincrby(key, 'totalLongContextRequests', 1)
}
// 请求计数 // 请求计数
pipeline.hincrby(key, 'totalRequests', 1) pipeline.hincrby(key, 'totalRequests', 1)
@@ -264,6 +290,12 @@ class RedisClient {
// 详细缓存类型统计 // 详细缓存类型统计
pipeline.hincrby(daily, 'ephemeral5mTokens', ephemeral5mTokens) pipeline.hincrby(daily, 'ephemeral5mTokens', ephemeral5mTokens)
pipeline.hincrby(daily, 'ephemeral1hTokens', ephemeral1hTokens) pipeline.hincrby(daily, 'ephemeral1hTokens', ephemeral1hTokens)
// 1M 上下文请求统计
if (isLongContextRequest) {
pipeline.hincrby(daily, 'longContextInputTokens', finalInputTokens)
pipeline.hincrby(daily, 'longContextOutputTokens', finalOutputTokens)
pipeline.hincrby(daily, 'longContextRequests', 1)
}
// 每月统计 // 每月统计
pipeline.hincrby(monthly, 'tokens', coreTokens) pipeline.hincrby(monthly, 'tokens', coreTokens)
@@ -376,7 +408,8 @@ class RedisClient {
outputTokens = 0, outputTokens = 0,
cacheCreateTokens = 0, cacheCreateTokens = 0,
cacheReadTokens = 0, cacheReadTokens = 0,
model = 'unknown' model = 'unknown',
isLongContextRequest = false
) { ) {
const now = new Date() const now = new Date()
const today = getDateStringInTimezone(now) const today = getDateStringInTimezone(now)
@@ -407,7 +440,8 @@ class RedisClient {
finalInputTokens + finalOutputTokens + finalCacheCreateTokens + finalCacheReadTokens finalInputTokens + finalOutputTokens + finalCacheCreateTokens + finalCacheReadTokens
const coreTokens = finalInputTokens + finalOutputTokens const coreTokens = finalInputTokens + finalOutputTokens
await Promise.all([ // 构建统计操作数组
const operations = [
// 账户总体统计 // 账户总体统计
this.client.hincrby(accountKey, 'totalTokens', coreTokens), this.client.hincrby(accountKey, 'totalTokens', coreTokens),
this.client.hincrby(accountKey, 'totalInputTokens', finalInputTokens), this.client.hincrby(accountKey, 'totalInputTokens', finalInputTokens),
@@ -444,6 +478,26 @@ class RedisClient {
this.client.hincrby(accountHourly, 'allTokens', actualTotalTokens), this.client.hincrby(accountHourly, 'allTokens', actualTotalTokens),
this.client.hincrby(accountHourly, 'requests', 1), this.client.hincrby(accountHourly, 'requests', 1),
// 添加模型级别的数据到hourly键中以支持会话窗口的统计
this.client.hincrby(accountHourly, `model:${normalizedModel}:inputTokens`, finalInputTokens),
this.client.hincrby(
accountHourly,
`model:${normalizedModel}:outputTokens`,
finalOutputTokens
),
this.client.hincrby(
accountHourly,
`model:${normalizedModel}:cacheCreateTokens`,
finalCacheCreateTokens
),
this.client.hincrby(
accountHourly,
`model:${normalizedModel}:cacheReadTokens`,
finalCacheReadTokens
),
this.client.hincrby(accountHourly, `model:${normalizedModel}:allTokens`, actualTotalTokens),
this.client.hincrby(accountHourly, `model:${normalizedModel}:requests`, 1),
// 账户按模型统计 - 每日 // 账户按模型统计 - 每日
this.client.hincrby(accountModelDaily, 'inputTokens', finalInputTokens), this.client.hincrby(accountModelDaily, 'inputTokens', finalInputTokens),
this.client.hincrby(accountModelDaily, 'outputTokens', finalOutputTokens), this.client.hincrby(accountModelDaily, 'outputTokens', finalOutputTokens),
@@ -475,7 +529,21 @@ class RedisClient {
this.client.expire(accountModelDaily, 86400 * 32), // 32天过期 this.client.expire(accountModelDaily, 86400 * 32), // 32天过期
this.client.expire(accountModelMonthly, 86400 * 365), // 1年过期 this.client.expire(accountModelMonthly, 86400 * 365), // 1年过期
this.client.expire(accountModelHourly, 86400 * 7) // 7天过期 this.client.expire(accountModelHourly, 86400 * 7) // 7天过期
]) ]
// 如果是 1M 上下文请求,添加额外的统计
if (isLongContextRequest) {
operations.push(
this.client.hincrby(accountKey, 'totalLongContextInputTokens', finalInputTokens),
this.client.hincrby(accountKey, 'totalLongContextOutputTokens', finalOutputTokens),
this.client.hincrby(accountKey, 'totalLongContextRequests', 1),
this.client.hincrby(accountDaily, 'longContextInputTokens', finalInputTokens),
this.client.hincrby(accountDaily, 'longContextOutputTokens', finalOutputTokens),
this.client.hincrby(accountDaily, 'longContextRequests', 1)
)
}
await Promise.all(operations)
} }
async getUsageStats(keyId) { async getUsageStats(keyId) {
@@ -632,6 +700,85 @@ class RedisClient {
} }
} }
// 💰 获取本周 Opus 费用
async getWeeklyOpusCost(keyId) {
const currentWeek = getWeekStringInTimezone()
const costKey = `usage:opus:weekly:${keyId}:${currentWeek}`
const cost = await this.client.get(costKey)
const result = parseFloat(cost || 0)
logger.debug(
`💰 Getting weekly Opus cost for ${keyId}, week: ${currentWeek}, key: ${costKey}, value: ${cost}, result: ${result}`
)
return result
}
// 💰 增加本周 Opus 费用
async incrementWeeklyOpusCost(keyId, amount) {
const currentWeek = getWeekStringInTimezone()
const weeklyKey = `usage:opus:weekly:${keyId}:${currentWeek}`
const totalKey = `usage:opus:total:${keyId}`
logger.debug(
`💰 Incrementing weekly Opus cost for ${keyId}, week: ${currentWeek}, amount: $${amount}`
)
// 使用 pipeline 批量执行,提高性能
const pipeline = this.client.pipeline()
pipeline.incrbyfloat(weeklyKey, amount)
pipeline.incrbyfloat(totalKey, amount)
// 设置周费用键的过期时间为 2 周
pipeline.expire(weeklyKey, 14 * 24 * 3600)
const results = await pipeline.exec()
logger.debug(`💰 Opus cost incremented successfully, new weekly total: $${results[0][1]}`)
}
// 💰 计算账户的每日费用(基于模型使用)
async getAccountDailyCost(accountId) {
const CostCalculator = require('../utils/costCalculator')
const today = getDateStringInTimezone()
// 获取账户今日所有模型的使用数据
const pattern = `account_usage:model:daily:${accountId}:*:${today}`
const modelKeys = await this.client.keys(pattern)
if (!modelKeys || modelKeys.length === 0) {
return 0
}
let totalCost = 0
for (const key of modelKeys) {
// 从key中解析模型名称
// 格式account_usage:model:daily:{accountId}:{model}:{date}
const parts = key.split(':')
const model = parts[4] // 模型名在第5个位置索引4
// 获取该模型的使用数据
const modelUsage = await this.client.hgetall(key)
if (modelUsage && (modelUsage.inputTokens || modelUsage.outputTokens)) {
const usage = {
input_tokens: parseInt(modelUsage.inputTokens || 0),
output_tokens: parseInt(modelUsage.outputTokens || 0),
cache_creation_input_tokens: parseInt(modelUsage.cacheCreateTokens || 0),
cache_read_input_tokens: parseInt(modelUsage.cacheReadTokens || 0)
}
// 使用CostCalculator计算费用
const costResult = CostCalculator.calculateCost(usage, model)
totalCost += costResult.costs.total
logger.debug(
`💰 Account ${accountId} daily cost for model ${model}: $${costResult.costs.total}`
)
}
}
logger.debug(`💰 Account ${accountId} total daily cost: $${totalCost}`)
return totalCost
}
// 📊 获取账户使用统计 // 📊 获取账户使用统计
async getAccountUsageStats(accountId) { async getAccountUsageStats(accountId) {
const accountKey = `account_usage:${accountId}` const accountKey = `account_usage:${accountId}`
@@ -691,10 +838,16 @@ class RedisClient {
const dailyData = handleAccountData(daily) const dailyData = handleAccountData(daily)
const monthlyData = handleAccountData(monthly) const monthlyData = handleAccountData(monthly)
// 获取每日费用(基于模型使用)
const dailyCost = await this.getAccountDailyCost(accountId)
return { return {
accountId, accountId,
total: totalData, total: totalData,
daily: dailyData, daily: {
...dailyData,
cost: dailyCost
},
monthly: monthlyData, monthly: monthlyData,
averages: { averages: {
rpm: Math.round(avgRPM * 100) / 100, rpm: Math.round(avgRPM * 100) / 100,
@@ -1276,7 +1429,7 @@ class RedisClient {
const luaScript = ` const luaScript = `
local key = KEYS[1] local key = KEYS[1]
local current = tonumber(redis.call('get', key) or "0") local current = tonumber(redis.call('get', key) or "0")
if current <= 0 then if current <= 0 then
redis.call('del', key) redis.call('del', key)
return 0 return 0
@@ -1311,6 +1464,185 @@ class RedisClient {
return 0 return 0
} }
} }
// 🔧 Basic Redis operations wrapper methods for convenience
async get(key) {
const client = this.getClientSafe()
return await client.get(key)
}
async set(key, value, ...args) {
const client = this.getClientSafe()
return await client.set(key, value, ...args)
}
async setex(key, ttl, value) {
const client = this.getClientSafe()
return await client.setex(key, ttl, value)
}
async del(...keys) {
const client = this.getClientSafe()
return await client.del(...keys)
}
async keys(pattern) {
const client = this.getClientSafe()
return await client.keys(pattern)
}
// 📊 获取账户会话窗口内的使用统计(包含模型细分)
async getAccountSessionWindowUsage(accountId, windowStart, windowEnd) {
try {
if (!windowStart || !windowEnd) {
return {
totalInputTokens: 0,
totalOutputTokens: 0,
totalCacheCreateTokens: 0,
totalCacheReadTokens: 0,
totalAllTokens: 0,
totalRequests: 0,
modelUsage: {}
}
}
const startDate = new Date(windowStart)
const endDate = new Date(windowEnd)
// 添加日志以调试时间窗口
logger.debug(`📊 Getting session window usage for account ${accountId}`)
logger.debug(` Window: ${windowStart} to ${windowEnd}`)
logger.debug(` Start UTC: ${startDate.toISOString()}, End UTC: ${endDate.toISOString()}`)
// 获取窗口内所有可能的小时键
// 重要:需要使用配置的时区来构建键名,因为数据存储时使用的是配置时区
const hourlyKeys = []
const currentHour = new Date(startDate)
currentHour.setMinutes(0)
currentHour.setSeconds(0)
currentHour.setMilliseconds(0)
while (currentHour <= endDate) {
// 使用时区转换函数来获取正确的日期和小时
const tzDateStr = getDateStringInTimezone(currentHour)
const tzHour = String(getHourInTimezone(currentHour)).padStart(2, '0')
const key = `account_usage:hourly:${accountId}:${tzDateStr}:${tzHour}`
logger.debug(` Adding hourly key: ${key}`)
hourlyKeys.push(key)
currentHour.setHours(currentHour.getHours() + 1)
}
// 批量获取所有小时的数据
const pipeline = this.client.pipeline()
for (const key of hourlyKeys) {
pipeline.hgetall(key)
}
const results = await pipeline.exec()
// 聚合所有数据
let totalInputTokens = 0
let totalOutputTokens = 0
let totalCacheCreateTokens = 0
let totalCacheReadTokens = 0
let totalAllTokens = 0
let totalRequests = 0
const modelUsage = {}
logger.debug(` Processing ${results.length} hourly results`)
for (const [error, data] of results) {
if (error || !data || Object.keys(data).length === 0) {
continue
}
// 处理总计数据
const hourInputTokens = parseInt(data.inputTokens || 0)
const hourOutputTokens = parseInt(data.outputTokens || 0)
const hourCacheCreateTokens = parseInt(data.cacheCreateTokens || 0)
const hourCacheReadTokens = parseInt(data.cacheReadTokens || 0)
const hourAllTokens = parseInt(data.allTokens || 0)
const hourRequests = parseInt(data.requests || 0)
totalInputTokens += hourInputTokens
totalOutputTokens += hourOutputTokens
totalCacheCreateTokens += hourCacheCreateTokens
totalCacheReadTokens += hourCacheReadTokens
totalAllTokens += hourAllTokens
totalRequests += hourRequests
if (hourAllTokens > 0) {
logger.debug(` Hour data: allTokens=${hourAllTokens}, requests=${hourRequests}`)
}
// 处理每个模型的数据
for (const [key, value] of Object.entries(data)) {
// 查找模型相关的键(格式: model:{modelName}:{metric}
if (key.startsWith('model:')) {
const parts = key.split(':')
if (parts.length >= 3) {
const modelName = parts[1]
const metric = parts.slice(2).join(':')
if (!modelUsage[modelName]) {
modelUsage[modelName] = {
inputTokens: 0,
outputTokens: 0,
cacheCreateTokens: 0,
cacheReadTokens: 0,
allTokens: 0,
requests: 0
}
}
if (metric === 'inputTokens') {
modelUsage[modelName].inputTokens += parseInt(value || 0)
} else if (metric === 'outputTokens') {
modelUsage[modelName].outputTokens += parseInt(value || 0)
} else if (metric === 'cacheCreateTokens') {
modelUsage[modelName].cacheCreateTokens += parseInt(value || 0)
} else if (metric === 'cacheReadTokens') {
modelUsage[modelName].cacheReadTokens += parseInt(value || 0)
} else if (metric === 'allTokens') {
modelUsage[modelName].allTokens += parseInt(value || 0)
} else if (metric === 'requests') {
modelUsage[modelName].requests += parseInt(value || 0)
}
}
}
}
}
logger.debug(`📊 Session window usage summary:`)
logger.debug(` Total allTokens: ${totalAllTokens}`)
logger.debug(` Total requests: ${totalRequests}`)
logger.debug(` Input: ${totalInputTokens}, Output: ${totalOutputTokens}`)
logger.debug(
` Cache Create: ${totalCacheCreateTokens}, Cache Read: ${totalCacheReadTokens}`
)
return {
totalInputTokens,
totalOutputTokens,
totalCacheCreateTokens,
totalCacheReadTokens,
totalAllTokens,
totalRequests,
modelUsage
}
} catch (error) {
logger.error(`❌ Failed to get session window usage for account ${accountId}:`, error)
return {
totalInputTokens: 0,
totalOutputTokens: 0,
totalCacheCreateTokens: 0,
totalCacheReadTokens: 0,
totalAllTokens: 0,
totalRequests: 0,
modelUsage: {}
}
}
}
} }
const redisClient = new RedisClient() const redisClient = new RedisClient()
@@ -1319,5 +1651,6 @@ const redisClient = new RedisClient()
redisClient.getDateInTimezone = getDateInTimezone redisClient.getDateInTimezone = getDateInTimezone
redisClient.getDateStringInTimezone = getDateStringInTimezone redisClient.getDateStringInTimezone = getDateStringInTimezone
redisClient.getHourInTimezone = getHourInTimezone redisClient.getHourInTimezone = getHourInTimezone
redisClient.getWeekStringInTimezone = getWeekStringInTimezone
module.exports = redisClient module.exports = redisClient

132
src/routes/admin.js
View File

@@ -397,11 +397,13 @@ router.post('/api-keys', authenticateAdmin, async (req, res) => {
concurrencyLimit, concurrencyLimit,
rateLimitWindow, rateLimitWindow,
rateLimitRequests, rateLimitRequests,
rateLimitCost,
enableModelRestriction, enableModelRestriction,
restrictedModels, restrictedModels,
enableClientRestriction, enableClientRestriction,
allowedClients, allowedClients,
dailyCostLimit, dailyCostLimit,
weeklyOpusCostLimit,
tags tags
} = req.body } = req.body
@@ -494,11 +496,13 @@ router.post('/api-keys', authenticateAdmin, async (req, res) => {
concurrencyLimit, concurrencyLimit,
rateLimitWindow, rateLimitWindow,
rateLimitRequests, rateLimitRequests,
rateLimitCost,
enableModelRestriction, enableModelRestriction,
restrictedModels, restrictedModels,
enableClientRestriction, enableClientRestriction,
allowedClients, allowedClients,
dailyCostLimit, dailyCostLimit,
weeklyOpusCostLimit,
tags tags
}) })
@@ -532,6 +536,7 @@ router.post('/api-keys/batch', authenticateAdmin, async (req, res) => {
enableClientRestriction, enableClientRestriction,
allowedClients, allowedClients,
dailyCostLimit, dailyCostLimit,
weeklyOpusCostLimit,
tags tags
} = req.body } = req.body
@@ -575,6 +580,7 @@ router.post('/api-keys/batch', authenticateAdmin, async (req, res) => {
enableClientRestriction, enableClientRestriction,
allowedClients, allowedClients,
dailyCostLimit, dailyCostLimit,
weeklyOpusCostLimit,
tags tags
}) })
@@ -685,6 +691,9 @@ router.put('/api-keys/batch', authenticateAdmin, async (req, res) => {
if (updates.dailyCostLimit !== undefined) { if (updates.dailyCostLimit !== undefined) {
finalUpdates.dailyCostLimit = updates.dailyCostLimit finalUpdates.dailyCostLimit = updates.dailyCostLimit
} }
if (updates.weeklyOpusCostLimit !== undefined) {
finalUpdates.weeklyOpusCostLimit = updates.weeklyOpusCostLimit
}
if (updates.permissions !== undefined) { if (updates.permissions !== undefined) {
finalUpdates.permissions = updates.permissions finalUpdates.permissions = updates.permissions
} }
@@ -795,6 +804,7 @@ router.put('/api-keys/:keyId', authenticateAdmin, async (req, res) => {
concurrencyLimit, concurrencyLimit,
rateLimitWindow, rateLimitWindow,
rateLimitRequests, rateLimitRequests,
rateLimitCost,
isActive, isActive,
claudeAccountId, claudeAccountId,
claudeConsoleAccountId, claudeConsoleAccountId,
@@ -808,6 +818,7 @@ router.put('/api-keys/:keyId', authenticateAdmin, async (req, res) => {
allowedClients, allowedClients,
expiresAt, expiresAt,
dailyCostLimit, dailyCostLimit,
weeklyOpusCostLimit,
tags tags
} = req.body } = req.body
@@ -844,6 +855,14 @@ router.put('/api-keys/:keyId', authenticateAdmin, async (req, res) => {
updates.rateLimitRequests = Number(rateLimitRequests) updates.rateLimitRequests = Number(rateLimitRequests)
} }
if (rateLimitCost !== undefined && rateLimitCost !== null && rateLimitCost !== '') {
const cost = Number(rateLimitCost)
if (isNaN(cost) || cost < 0) {
return res.status(400).json({ error: 'Rate limit cost must be a non-negative number' })
}
updates.rateLimitCost = cost
}
if (claudeAccountId !== undefined) { if (claudeAccountId !== undefined) {
// 空字符串表示解绑null或空字符串都设置为空字符串 // 空字符串表示解绑null或空字符串都设置为空字符串
updates.claudeAccountId = claudeAccountId || '' updates.claudeAccountId = claudeAccountId || ''
@@ -935,6 +954,22 @@ router.put('/api-keys/:keyId', authenticateAdmin, async (req, res) => {
updates.dailyCostLimit = costLimit updates.dailyCostLimit = costLimit
} }
// 处理 Opus 周费用限制
if (
weeklyOpusCostLimit !== undefined &&
weeklyOpusCostLimit !== null &&
weeklyOpusCostLimit !== ''
) {
const costLimit = Number(weeklyOpusCostLimit)
// 明确验证非负数0 表示禁用,负数无意义)
if (isNaN(costLimit) || costLimit < 0) {
return res
.status(400)
.json({ error: 'Weekly Opus cost limit must be a non-negative number' })
}
updates.weeklyOpusCostLimit = costLimit
}
// 处理标签 // 处理标签
if (tags !== undefined) { if (tags !== undefined) {
if (!Array.isArray(tags)) { if (!Array.isArray(tags)) {
@@ -1067,7 +1102,7 @@ router.delete('/api-keys/:keyId', authenticateAdmin, async (req, res) => {
try { try {
const { keyId } = req.params const { keyId } = req.params
await apiKeyService.deleteApiKey(keyId) await apiKeyService.deleteApiKey(keyId, req.admin.username, 'admin')
logger.success(`🗑️ Admin deleted API key: ${keyId}`) logger.success(`🗑️ Admin deleted API key: ${keyId}`)
return res.json({ success: true, message: 'API key deleted successfully' }) return res.json({ success: true, message: 'API key deleted successfully' })
@@ -1077,6 +1112,32 @@ router.delete('/api-keys/:keyId', authenticateAdmin, async (req, res) => {
} }
}) })
// 📋 获取已删除的API Keys
router.get('/api-keys/deleted', authenticateAdmin, async (req, res) => {
try {
const deletedApiKeys = await apiKeyService.getAllApiKeys(true) // Include deleted
const onlyDeleted = deletedApiKeys.filter((key) => key.isDeleted === 'true')
// Add additional metadata for deleted keys
const enrichedKeys = onlyDeleted.map((key) => ({
...key,
isDeleted: key.isDeleted === 'true',
deletedAt: key.deletedAt,
deletedBy: key.deletedBy,
deletedByType: key.deletedByType,
canRestore: false // Deleted keys cannot be restored per requirement
}))
logger.success(`📋 Admin retrieved ${enrichedKeys.length} deleted API keys`)
return res.json({ success: true, apiKeys: enrichedKeys, total: enrichedKeys.length })
} catch (error) {
logger.error('❌ Failed to get deleted API keys:', error)
return res
.status(500)
.json({ error: 'Failed to retrieve deleted API keys', message: error.message })
}
})
// 👥 账户分组管理 // 👥 账户分组管理
// 创建账户分组 // 创建账户分组
@@ -1471,13 +1532,56 @@ router.get('/claude-accounts', authenticateAdmin, async (req, res) => {
const usageStats = await redis.getAccountUsageStats(account.id) const usageStats = await redis.getAccountUsageStats(account.id)
const groupInfos = await accountGroupService.getAccountGroups(account.id) const groupInfos = await accountGroupService.getAccountGroups(account.id)
// 获取会话窗口使用统计(仅对有活跃窗口的账户)
let sessionWindowUsage = null
if (account.sessionWindow && account.sessionWindow.hasActiveWindow) {
const windowUsage = await redis.getAccountSessionWindowUsage(
account.id,
account.sessionWindow.windowStart,
account.sessionWindow.windowEnd
)
// 计算会话窗口的总费用
let totalCost = 0
const modelCosts = {}
for (const [modelName, usage] of Object.entries(windowUsage.modelUsage)) {
const usageData = {
input_tokens: usage.inputTokens,
output_tokens: usage.outputTokens,
cache_creation_input_tokens: usage.cacheCreateTokens,
cache_read_input_tokens: usage.cacheReadTokens
}
logger.debug(`💰 Calculating cost for model ${modelName}:`, JSON.stringify(usageData))
const costResult = CostCalculator.calculateCost(usageData, modelName)
logger.debug(`💰 Cost result for ${modelName}: total=${costResult.costs.total}`)
modelCosts[modelName] = {
...usage,
cost: costResult.costs.total
}
totalCost += costResult.costs.total
}
sessionWindowUsage = {
totalTokens: windowUsage.totalAllTokens,
totalRequests: windowUsage.totalRequests,
totalCost,
modelUsage: modelCosts
}
}
return { return {
...account, ...account,
// 转换schedulable为布尔值
schedulable: account.schedulable === 'true' || account.schedulable === true,
groupInfos, groupInfos,
usage: { usage: {
daily: usageStats.daily, daily: usageStats.daily,
total: usageStats.total, total: usageStats.total,
averages: usageStats.averages averages: usageStats.averages,
sessionWindow: sessionWindowUsage
} }
} }
} catch (statsError) { } catch (statsError) {
@@ -1491,7 +1595,8 @@ router.get('/claude-accounts', authenticateAdmin, async (req, res) => {
usage: { usage: {
daily: { tokens: 0, requests: 0, allTokens: 0 }, daily: { tokens: 0, requests: 0, allTokens: 0 },
total: { tokens: 0, requests: 0, allTokens: 0 }, total: { tokens: 0, requests: 0, allTokens: 0 },
averages: { rpm: 0, tpm: 0 } averages: { rpm: 0, tpm: 0 },
sessionWindow: null
} }
} }
} catch (groupError) { } catch (groupError) {
@@ -1505,7 +1610,8 @@ router.get('/claude-accounts', authenticateAdmin, async (req, res) => {
usage: { usage: {
daily: { tokens: 0, requests: 0, allTokens: 0 }, daily: { tokens: 0, requests: 0, allTokens: 0 },
total: { tokens: 0, requests: 0, allTokens: 0 }, total: { tokens: 0, requests: 0, allTokens: 0 },
averages: { rpm: 0, tpm: 0 } averages: { rpm: 0, tpm: 0 },
sessionWindow: null
} }
} }
} }
@@ -1535,7 +1641,8 @@ router.post('/claude-accounts', authenticateAdmin, async (req, res) => {
platform = 'claude', platform = 'claude',
priority, priority,
groupId, groupId,
groupIds groupIds,
autoStopOnWarning
} = req.body } = req.body
if (!name) { if (!name) {
@@ -1574,7 +1681,8 @@ router.post('/claude-accounts', authenticateAdmin, async (req, res) => {
proxy, proxy,
accountType: accountType || 'shared', // 默认为共享类型 accountType: accountType || 'shared', // 默认为共享类型
platform, platform,
priority: priority || 50 // 默认优先级为50 priority: priority || 50, // 默认优先级为50
autoStopOnWarning: autoStopOnWarning === true // 默认为false
}) })
// 如果是分组类型,将账户添加到分组 // 如果是分组类型,将账户添加到分组
@@ -1855,6 +1963,8 @@ router.get('/claude-console-accounts', authenticateAdmin, async (req, res) => {
return { return {
...account, ...account,
// 转换schedulable为布尔值
schedulable: account.schedulable === 'true' || account.schedulable === true,
groupInfos, groupInfos,
usage: { usage: {
daily: usageStats.daily, daily: usageStats.daily,
@@ -1871,6 +1981,8 @@ router.get('/claude-console-accounts', authenticateAdmin, async (req, res) => {
const groupInfos = await accountGroupService.getAccountGroups(account.id) const groupInfos = await accountGroupService.getAccountGroups(account.id)
return { return {
...account, ...account,
// 转换schedulable为布尔值
schedulable: account.schedulable === 'true' || account.schedulable === true,
groupInfos, groupInfos,
usage: { usage: {
daily: { tokens: 0, requests: 0, allTokens: 0 }, daily: { tokens: 0, requests: 0, allTokens: 0 },
@@ -2484,7 +2596,7 @@ router.post('/gemini-accounts/generate-auth-url', authenticateAdmin, async (req,
state: authState, state: authState,
codeVerifier, codeVerifier,
redirectUri: finalRedirectUri redirectUri: finalRedirectUri
} = await geminiAccountService.generateAuthUrl(state, redirectUri) } = await geminiAccountService.generateAuthUrl(state, redirectUri, proxy)
// 创建 OAuth 会话,包含 codeVerifier 和代理配置 // 创建 OAuth 会话,包含 codeVerifier 和代理配置
const sessionId = authState const sessionId = authState
@@ -4847,9 +4959,13 @@ router.get('/oem-settings', async (req, res) => {
} }
} }
// 添加 LDAP 启用状态到响应中
return res.json({ return res.json({
success: true, success: true,
data: settings data: {
...settings,
ldapEnabled: config.ldap && config.ldap.enabled === true
}
}) })
} catch (error) { } catch (error) {
logger.error('❌ Failed to get OEM settings:', error) logger.error('❌ Failed to get OEM settings:', error)

84
src/routes/api.js
View File

@@ -5,6 +5,7 @@ const bedrockRelayService = require('../services/bedrockRelayService')
const bedrockAccountService = require('../services/bedrockAccountService') const bedrockAccountService = require('../services/bedrockAccountService')
const unifiedClaudeScheduler = require('../services/unifiedClaudeScheduler') const unifiedClaudeScheduler = require('../services/unifiedClaudeScheduler')
const apiKeyService = require('../services/apiKeyService') const apiKeyService = require('../services/apiKeyService')
const pricingService = require('../services/pricingService')
const { authenticateApiKey } = require('../middleware/auth') const { authenticateApiKey } = require('../middleware/auth')
const logger = require('../utils/logger') const logger = require('../utils/logger')
const redis = require('../models/redis') const redis = require('../models/redis')
@@ -131,14 +132,16 @@ async function handleMessagesRequest(req, res) {
} }
apiKeyService apiKeyService
.recordUsageWithDetails(req.apiKey.id, usageObject, model, usageAccountId) .recordUsageWithDetails(req.apiKey.id, usageObject, model, usageAccountId, 'claude')
.catch((error) => { .catch((error) => {
logger.error('❌ Failed to record stream usage:', error) logger.error('❌ Failed to record stream usage:', error)
}) })
// 更新时间窗口内的token计数 // 更新时间窗口内的token计数和费用
if (req.rateLimitInfo) { if (req.rateLimitInfo) {
const totalTokens = inputTokens + outputTokens + cacheCreateTokens + cacheReadTokens const totalTokens = inputTokens + outputTokens + cacheCreateTokens + cacheReadTokens
// 更新Token计数向后兼容
redis redis
.getClient() .getClient()
.incrby(req.rateLimitInfo.tokenCountKey, totalTokens) .incrby(req.rateLimitInfo.tokenCountKey, totalTokens)
@@ -146,6 +149,22 @@ async function handleMessagesRequest(req, res) {
logger.error('❌ Failed to update rate limit token count:', error) logger.error('❌ Failed to update rate limit token count:', error)
}) })
logger.api(`📊 Updated rate limit token count: +${totalTokens} tokens`) logger.api(`📊 Updated rate limit token count: +${totalTokens} tokens`)
// 计算并更新费用计数(新功能)
if (req.rateLimitInfo.costCountKey) {
const costInfo = pricingService.calculateCost(usageData, model)
if (costInfo.totalCost > 0) {
redis
.getClient()
.incrbyfloat(req.rateLimitInfo.costCountKey, costInfo.totalCost)
.catch((error) => {
logger.error('❌ Failed to update rate limit cost count:', error)
})
logger.api(
`💰 Updated rate limit cost count: +$${costInfo.totalCost.toFixed(6)}`
)
}
}
} }
usageDataCaptured = true usageDataCaptured = true
@@ -216,14 +235,22 @@ async function handleMessagesRequest(req, res) {
} }
apiKeyService apiKeyService
.recordUsageWithDetails(req.apiKey.id, usageObject, model, usageAccountId) .recordUsageWithDetails(
req.apiKey.id,
usageObject,
model,
usageAccountId,
'claude-console'
)
.catch((error) => { .catch((error) => {
logger.error('❌ Failed to record stream usage:', error) logger.error('❌ Failed to record stream usage:', error)
}) })
// 更新时间窗口内的token计数 // 更新时间窗口内的token计数和费用
if (req.rateLimitInfo) { if (req.rateLimitInfo) {
const totalTokens = inputTokens + outputTokens + cacheCreateTokens + cacheReadTokens const totalTokens = inputTokens + outputTokens + cacheCreateTokens + cacheReadTokens
// 更新Token计数向后兼容
redis redis
.getClient() .getClient()
.incrby(req.rateLimitInfo.tokenCountKey, totalTokens) .incrby(req.rateLimitInfo.tokenCountKey, totalTokens)
@@ -231,6 +258,22 @@ async function handleMessagesRequest(req, res) {
logger.error('❌ Failed to update rate limit token count:', error) logger.error('❌ Failed to update rate limit token count:', error)
}) })
logger.api(`📊 Updated rate limit token count: +${totalTokens} tokens`) logger.api(`📊 Updated rate limit token count: +${totalTokens} tokens`)
// 计算并更新费用计数(新功能)
if (req.rateLimitInfo.costCountKey) {
const costInfo = pricingService.calculateCost(usageData, model)
if (costInfo.totalCost > 0) {
redis
.getClient()
.incrbyfloat(req.rateLimitInfo.costCountKey, costInfo.totalCost)
.catch((error) => {
logger.error('❌ Failed to update rate limit cost count:', error)
})
logger.api(
`💰 Updated rate limit cost count: +$${costInfo.totalCost.toFixed(6)}`
)
}
}
} }
usageDataCaptured = true usageDataCaptured = true
@@ -271,9 +314,11 @@ async function handleMessagesRequest(req, res) {
logger.error('❌ Failed to record Bedrock stream usage:', error) logger.error('❌ Failed to record Bedrock stream usage:', error)
}) })
// 更新时间窗口内的token计数 // 更新时间窗口内的token计数和费用
if (req.rateLimitInfo) { if (req.rateLimitInfo) {
const totalTokens = inputTokens + outputTokens const totalTokens = inputTokens + outputTokens
// 更新Token计数向后兼容
redis redis
.getClient() .getClient()
.incrby(req.rateLimitInfo.tokenCountKey, totalTokens) .incrby(req.rateLimitInfo.tokenCountKey, totalTokens)
@@ -281,6 +326,20 @@ async function handleMessagesRequest(req, res) {
logger.error('❌ Failed to update rate limit token count:', error) logger.error('❌ Failed to update rate limit token count:', error)
}) })
logger.api(`📊 Updated rate limit token count: +${totalTokens} tokens`) logger.api(`📊 Updated rate limit token count: +${totalTokens} tokens`)
// 计算并更新费用计数(新功能)
if (req.rateLimitInfo.costCountKey) {
const costInfo = pricingService.calculateCost(result.usage, result.model)
if (costInfo.totalCost > 0) {
redis
.getClient()
.incrbyfloat(req.rateLimitInfo.costCountKey, costInfo.totalCost)
.catch((error) => {
logger.error('❌ Failed to update rate limit cost count:', error)
})
logger.api(`💰 Updated rate limit cost count: +$${costInfo.totalCost.toFixed(6)}`)
}
}
} }
usageDataCaptured = true usageDataCaptured = true
@@ -438,11 +497,24 @@ async function handleMessagesRequest(req, res) {
responseAccountId responseAccountId
) )
// 更新时间窗口内的token计数 // 更新时间窗口内的token计数和费用
if (req.rateLimitInfo) { if (req.rateLimitInfo) {
const totalTokens = inputTokens + outputTokens + cacheCreateTokens + cacheReadTokens const totalTokens = inputTokens + outputTokens + cacheCreateTokens + cacheReadTokens
// 更新Token计数向后兼容
await redis.getClient().incrby(req.rateLimitInfo.tokenCountKey, totalTokens) await redis.getClient().incrby(req.rateLimitInfo.tokenCountKey, totalTokens)
logger.api(`📊 Updated rate limit token count: +${totalTokens} tokens`) logger.api(`📊 Updated rate limit token count: +${totalTokens} tokens`)
// 计算并更新费用计数(新功能)
if (req.rateLimitInfo.costCountKey) {
const costInfo = pricingService.calculateCost(jsonData.usage, model)
if (costInfo.totalCost > 0) {
await redis
.getClient()
.incrbyfloat(req.rateLimitInfo.costCountKey, costInfo.totalCost)
logger.api(`💰 Updated rate limit cost count: +$${costInfo.totalCost.toFixed(6)}`)
}
}
} }
usageRecorded = true usageRecorded = true

8
src/routes/apiStats.js
View File

@@ -278,21 +278,24 @@ router.post('/api/user-stats', async (req, res) => {
// 获取当前使用量 // 获取当前使用量
let currentWindowRequests = 0 let currentWindowRequests = 0
let currentWindowTokens = 0 let currentWindowTokens = 0
let currentWindowCost = 0 // 新增:当前窗口费用
let currentDailyCost = 0 let currentDailyCost = 0
let windowStartTime = null let windowStartTime = null
let windowEndTime = null let windowEndTime = null
let windowRemainingSeconds = null let windowRemainingSeconds = null
try { try {
// 获取当前时间窗口的请求次数Token使用量 // 获取当前时间窗口的请求次数Token使用量和费用
if (fullKeyData.rateLimitWindow > 0) { if (fullKeyData.rateLimitWindow > 0) {
const client = redis.getClientSafe() const client = redis.getClientSafe()
const requestCountKey = `rate_limit:requests:${keyId}` const requestCountKey = `rate_limit:requests:${keyId}`
const tokenCountKey = `rate_limit:tokens:${keyId}` const tokenCountKey = `rate_limit:tokens:${keyId}`
const costCountKey = `rate_limit:cost:${keyId}` // 新增费用计数key
const windowStartKey = `rate_limit:window_start:${keyId}` const windowStartKey = `rate_limit:window_start:${keyId}`
currentWindowRequests = parseInt((await client.get(requestCountKey)) || '0') currentWindowRequests = parseInt((await client.get(requestCountKey)) || '0')
currentWindowTokens = parseInt((await client.get(tokenCountKey)) || '0') currentWindowTokens = parseInt((await client.get(tokenCountKey)) || '0')
currentWindowCost = parseFloat((await client.get(costCountKey)) || '0') // 新增:获取当前窗口费用
// 获取窗口开始时间和计算剩余时间 // 获取窗口开始时间和计算剩余时间
const windowStart = await client.get(windowStartKey) const windowStart = await client.get(windowStartKey)
@@ -313,6 +316,7 @@ router.post('/api/user-stats', async (req, res) => {
// 重置计数为0因为窗口已过期 // 重置计数为0因为窗口已过期
currentWindowRequests = 0 currentWindowRequests = 0
currentWindowTokens = 0 currentWindowTokens = 0
currentWindowCost = 0 // 新增:重置窗口费用
} }
} }
} }
@@ -356,10 +360,12 @@ router.post('/api/user-stats', async (req, res) => {
concurrencyLimit: fullKeyData.concurrencyLimit || 0, concurrencyLimit: fullKeyData.concurrencyLimit || 0,
rateLimitWindow: fullKeyData.rateLimitWindow || 0, rateLimitWindow: fullKeyData.rateLimitWindow || 0,
rateLimitRequests: fullKeyData.rateLimitRequests || 0, rateLimitRequests: fullKeyData.rateLimitRequests || 0,
rateLimitCost: parseFloat(fullKeyData.rateLimitCost) || 0, // 新增:费用限制
dailyCostLimit: fullKeyData.dailyCostLimit || 0, dailyCostLimit: fullKeyData.dailyCostLimit || 0,
// 当前使用量 // 当前使用量
currentWindowRequests, currentWindowRequests,
currentWindowTokens, currentWindowTokens,
currentWindowCost, // 新增:当前窗口费用
currentDailyCost, currentDailyCost,
// 时间窗口信息 // 时间窗口信息
windowStartTime, windowStartTime,

98
src/routes/azureOpenaiRoutes.js
View File

@@ -14,8 +14,11 @@ const ALLOWED_MODELS = {
'gpt-4-turbo', 'gpt-4-turbo',
'gpt-4o', 'gpt-4o',
'gpt-4o-mini', 'gpt-4o-mini',
'gpt-5',
'gpt-5-mini',
'gpt-35-turbo', 'gpt-35-turbo',
'gpt-35-turbo-16k' 'gpt-35-turbo-16k',
'codex-mini'
], ],
EMBEDDING_MODELS: ['text-embedding-ada-002', 'text-embedding-3-small', 'text-embedding-3-large'] EMBEDDING_MODELS: ['text-embedding-ada-002', 'text-embedding-3-small', 'text-embedding-3-large']
} }
@@ -234,6 +237,99 @@ router.post('/chat/completions', authenticateApiKey, async (req, res) => {
} }
}) })
// 处理响应请求 (gpt-5, gpt-5-mini, codex-mini models)
router.post('/responses', authenticateApiKey, async (req, res) => {
const requestId = `azure_resp_${Date.now()}_${crypto.randomBytes(8).toString('hex')}`
const sessionId = req.sessionId || req.headers['x-session-id'] || null
logger.info(`🚀 Azure OpenAI Responses Request ${requestId}`, {
apiKeyId: req.apiKey?.id,
sessionId,
model: req.body.model,
stream: req.body.stream || false,
messages: req.body.messages?.length || 0
})
try {
// 获取绑定的 Azure OpenAI 账户
let account = null
if (req.apiKey?.azureOpenaiAccountId) {
account = await azureOpenaiAccountService.getAccount(req.apiKey.azureOpenaiAccountId)
if (!account) {
logger.warn(`Bound Azure OpenAI account not found: ${req.apiKey.azureOpenaiAccountId}`)
}
}
// 如果没有绑定账户或账户不可用,选择一个可用账户
if (!account || account.isActive !== 'true') {
account = await azureOpenaiAccountService.selectAvailableAccount(sessionId)
}
// 发送请求到 Azure OpenAI
const response = await azureOpenaiRelayService.handleAzureOpenAIRequest({
account,
requestBody: req.body,
headers: req.headers,
isStream: req.body.stream || false,
endpoint: 'responses'
})
// 处理流式响应
if (req.body.stream) {
await azureOpenaiRelayService.handleStreamResponse(response, res, {
onEnd: async ({ usageData, actualModel }) => {
if (usageData) {
const modelToRecord = actualModel || req.body.model || 'unknown'
await usageReporter.reportOnce(
requestId,
usageData,
req.apiKey.id,
modelToRecord,
account.id
)
}
},
onError: (error) => {
logger.error(`Stream error for request ${requestId}:`, error)
}
})
} else {
// 处理非流式响应
const { usageData, actualModel } = azureOpenaiRelayService.handleNonStreamResponse(
response,
res
)
if (usageData) {
const modelToRecord = actualModel || req.body.model || 'unknown'
await usageReporter.reportOnce(
requestId,
usageData,
req.apiKey.id,
modelToRecord,
account.id
)
}
}
} catch (error) {
logger.error(`Azure OpenAI responses request failed ${requestId}:`, error)
if (!res.headersSent) {
const statusCode = error.response?.status || 500
const errorMessage =
error.response?.data?.error?.message || error.message || 'Internal server error'
res.status(statusCode).json({
error: {
message: errorMessage,
type: 'azure_openai_error',
code: error.code || 'unknown'
}
})
}
}
})
// 处理嵌入请求 // 处理嵌入请求
router.post('/embeddings', authenticateApiKey, async (req, res) => { router.post('/embeddings', authenticateApiKey, async (req, res) => {
const requestId = `azure_embed_${Date.now()}_${crypto.randomBytes(8).toString('hex')}` const requestId = `azure_embed_${Date.now()}_${crypto.randomBytes(8).toString('hex')}`

175
src/routes/geminiRoutes.js
View File

@@ -50,7 +50,7 @@ router.post('/messages', authenticateApiKey, async (req, res) => {
// 提取请求参数 // 提取请求参数
const { const {
messages, messages,
model = 'gemini-2.0-flash-exp', model = 'gemini-2.5-flash',
temperature = 0.7, temperature = 0.7,
max_tokens = 4096, max_tokens = 4096,
stream = false stream = false
@@ -217,7 +217,7 @@ router.get('/models', authenticateApiKey, async (req, res) => {
object: 'list', object: 'list',
data: [ data: [
{ {
id: 'gemini-2.0-flash-exp', id: 'gemini-2.5-flash',
object: 'model', object: 'model',
created: Date.now() / 1000, created: Date.now() / 1000,
owned_by: 'google' owned_by: 'google'
@@ -311,8 +311,8 @@ async function handleLoadCodeAssist(req, res) {
try { try {
const sessionHash = sessionHelper.generateSessionHash(req.body) const sessionHash = sessionHelper.generateSessionHash(req.body)
// 使用统一调度选择账号(传递请求的模型 // 从路径参数或请求体中获取模型
const requestedModel = req.body.model const requestedModel = req.body.model || req.params.modelName || 'gemini-2.5-flash'
const { accountId } = await unifiedGeminiScheduler.selectAccountForApiKey( const { accountId } = await unifiedGeminiScheduler.selectAccountForApiKey(
req.apiKey, req.apiKey,
sessionHash, sessionHash,
@@ -331,7 +331,17 @@ async function handleLoadCodeAssist(req, res) {
apiKeyId: req.apiKey?.id || 'unknown' apiKeyId: req.apiKey?.id || 'unknown'
}) })
const client = await geminiAccountService.getOauthClient(accessToken, refreshToken) // 解析账户的代理配置
let proxyConfig = null
if (account.proxy) {
try {
proxyConfig = typeof account.proxy === 'string' ? JSON.parse(account.proxy) : account.proxy
} catch (e) {
logger.warn('Failed to parse proxy configuration:', e)
}
}
const client = await geminiAccountService.getOauthClient(accessToken, refreshToken, proxyConfig)
// 根据账户配置决定项目ID // 根据账户配置决定项目ID
// 1. 如果账户有项目ID -> 使用账户的项目ID强制覆盖 // 1. 如果账户有项目ID -> 使用账户的项目ID强制覆盖
@@ -348,7 +358,11 @@ async function handleLoadCodeAssist(req, res) {
logger.info('No project ID in account for loadCodeAssist, removing project parameter') logger.info('No project ID in account for loadCodeAssist, removing project parameter')
} }
const response = await geminiAccountService.loadCodeAssist(client, effectiveProjectId) const response = await geminiAccountService.loadCodeAssist(
client,
effectiveProjectId,
proxyConfig
)
res.json(response) res.json(response)
} catch (error) { } catch (error) {
@@ -368,8 +382,8 @@ async function handleOnboardUser(req, res) {
const { tierId, cloudaicompanionProject, metadata } = req.body const { tierId, cloudaicompanionProject, metadata } = req.body
const sessionHash = sessionHelper.generateSessionHash(req.body) const sessionHash = sessionHelper.generateSessionHash(req.body)
// 使用统一调度选择账号(传递请求的模型 // 从路径参数或请求体中获取模型
const requestedModel = req.body.model const requestedModel = req.body.model || req.params.modelName || 'gemini-2.5-flash'
const { accountId } = await unifiedGeminiScheduler.selectAccountForApiKey( const { accountId } = await unifiedGeminiScheduler.selectAccountForApiKey(
req.apiKey, req.apiKey,
sessionHash, sessionHash,
@@ -387,7 +401,17 @@ async function handleOnboardUser(req, res) {
apiKeyId: req.apiKey?.id || 'unknown' apiKeyId: req.apiKey?.id || 'unknown'
}) })
const client = await geminiAccountService.getOauthClient(accessToken, refreshToken) // 解析账户的代理配置
let proxyConfig = null
if (account.proxy) {
try {
proxyConfig = typeof account.proxy === 'string' ? JSON.parse(account.proxy) : account.proxy
} catch (e) {
logger.warn('Failed to parse proxy configuration:', e)
}
}
const client = await geminiAccountService.getOauthClient(accessToken, refreshToken, proxyConfig)
// 根据账户配置决定项目ID // 根据账户配置决定项目ID
// 1. 如果账户有项目ID -> 使用账户的项目ID强制覆盖 // 1. 如果账户有项目ID -> 使用账户的项目ID强制覆盖
@@ -410,7 +434,8 @@ async function handleOnboardUser(req, res) {
client, client,
tierId, tierId,
effectiveProjectId, // 使用处理后的项目ID effectiveProjectId, // 使用处理后的项目ID
metadata metadata,
proxyConfig
) )
res.json(response) res.json(response)
@@ -419,7 +444,8 @@ async function handleOnboardUser(req, res) {
const response = await geminiAccountService.setupUser( const response = await geminiAccountService.setupUser(
client, client,
effectiveProjectId, // 使用处理后的项目ID effectiveProjectId, // 使用处理后的项目ID
metadata metadata,
proxyConfig
) )
res.json(response) res.json(response)
@@ -439,7 +465,9 @@ async function handleCountTokens(req, res) {
try { try {
// 处理请求体结构,支持直接 contents 或 request.contents // 处理请求体结构,支持直接 contents 或 request.contents
const requestData = req.body.request || req.body const requestData = req.body.request || req.body
const { contents, model = 'gemini-2.0-flash-exp' } = requestData const { contents } = requestData
// 从路径参数或请求体中获取模型名
const model = requestData.model || req.params.modelName || 'gemini-2.5-flash'
const sessionHash = sessionHelper.generateSessionHash(req.body) const sessionHash = sessionHelper.generateSessionHash(req.body)
// 验证必需参数 // 验证必需参数
@@ -458,7 +486,8 @@ async function handleCountTokens(req, res) {
sessionHash, sessionHash,
model model
) )
const { accessToken, refreshToken } = await geminiAccountService.getAccount(accountId) const account = await geminiAccountService.getAccount(accountId)
const { accessToken, refreshToken } = account
const version = req.path.includes('v1beta') ? 'v1beta' : 'v1internal' const version = req.path.includes('v1beta') ? 'v1beta' : 'v1internal'
logger.info(`CountTokens request (${version})`, { logger.info(`CountTokens request (${version})`, {
@@ -467,8 +496,18 @@ async function handleCountTokens(req, res) {
apiKeyId: req.apiKey?.id || 'unknown' apiKeyId: req.apiKey?.id || 'unknown'
}) })
const client = await geminiAccountService.getOauthClient(accessToken, refreshToken) // 解析账户的代理配置
const response = await geminiAccountService.countTokens(client, contents, model) let proxyConfig = null
if (account.proxy) {
try {
proxyConfig = typeof account.proxy === 'string' ? JSON.parse(account.proxy) : account.proxy
} catch (e) {
logger.warn('Failed to parse proxy configuration:', e)
}
}
const client = await geminiAccountService.getOauthClient(accessToken, refreshToken, proxyConfig)
const response = await geminiAccountService.countTokens(client, contents, model, proxyConfig)
res.json(response) res.json(response)
} catch (error) { } catch (error) {
@@ -487,7 +526,9 @@ async function handleCountTokens(req, res) {
// 共用的 generateContent 处理函数 // 共用的 generateContent 处理函数
async function handleGenerateContent(req, res) { async function handleGenerateContent(req, res) {
try { try {
const { model, project, user_prompt_id, request: requestData } = req.body const { project, user_prompt_id, request: requestData } = req.body
// 从路径参数或请求体中获取模型名
const model = req.body.model || req.params.modelName || 'gemini-2.5-flash'
const sessionHash = sessionHelper.generateSessionHash(req.body) const sessionHash = sessionHelper.generateSessionHash(req.body)
// 处理不同格式的请求 // 处理不同格式的请求
@@ -540,8 +581,6 @@ async function handleGenerateContent(req, res) {
apiKeyId: req.apiKey?.id || 'unknown' apiKeyId: req.apiKey?.id || 'unknown'
}) })
const client = await geminiAccountService.getOauthClient(accessToken, refreshToken)
// 解析账户的代理配置 // 解析账户的代理配置
let proxyConfig = null let proxyConfig = null
if (account.proxy) { if (account.proxy) {
@@ -552,6 +591,8 @@ async function handleGenerateContent(req, res) {
} }
} }
const client = await geminiAccountService.getOauthClient(accessToken, refreshToken, proxyConfig)
const response = await geminiAccountService.generateContent( const response = await geminiAccountService.generateContent(
client, client,
{ model, request: actualRequestData }, { model, request: actualRequestData },
@@ -582,7 +623,7 @@ async function handleGenerateContent(req, res) {
} }
} }
res.json(response) res.json(version === 'v1beta' ? response.response : response)
} catch (error) { } catch (error) {
const version = req.path.includes('v1beta') ? 'v1beta' : 'v1internal' const version = req.path.includes('v1beta') ? 'v1beta' : 'v1internal'
// 打印详细的错误信息 // 打印详细的错误信息
@@ -610,7 +651,9 @@ async function handleStreamGenerateContent(req, res) {
let abortController = null let abortController = null
try { try {
const { model, project, user_prompt_id, request: requestData } = req.body const { project, user_prompt_id, request: requestData } = req.body
// 从路径参数或请求体中获取模型名
const model = req.body.model || req.params.modelName || 'gemini-2.5-flash'
const sessionHash = sessionHelper.generateSessionHash(req.body) const sessionHash = sessionHelper.generateSessionHash(req.body)
// 处理不同格式的请求 // 处理不同格式的请求
@@ -674,8 +717,6 @@ async function handleStreamGenerateContent(req, res) {
} }
}) })
const client = await geminiAccountService.getOauthClient(accessToken, refreshToken)
// 解析账户的代理配置 // 解析账户的代理配置
let proxyConfig = null let proxyConfig = null
if (account.proxy) { if (account.proxy) {
@@ -686,6 +727,8 @@ async function handleStreamGenerateContent(req, res) {
} }
} }
const client = await geminiAccountService.getOauthClient(accessToken, refreshToken, proxyConfig)
const streamResponse = await geminiAccountService.generateContentStream( const streamResponse = await geminiAccountService.generateContentStream(
client, client,
{ model, request: actualRequestData }, { model, request: actualRequestData },
@@ -702,8 +745,28 @@ async function handleStreamGenerateContent(req, res) {
res.setHeader('Connection', 'keep-alive') res.setHeader('Connection', 'keep-alive')
res.setHeader('X-Accel-Buffering', 'no') res.setHeader('X-Accel-Buffering', 'no')
// SSE 解析函数
const parseSSELine = (line) => {
if (!line.startsWith('data: ')) {
return { type: 'other', line, data: null }
}
const jsonStr = line.substring(6).trim()
if (!jsonStr || jsonStr === '[DONE]') {
return { type: 'control', line, data: null, jsonStr }
}
try {
const data = JSON.parse(jsonStr)
return { type: 'data', line, data, jsonStr }
} catch (e) {
return { type: 'invalid', line, data: null, jsonStr, error: e }
}
}
// 处理流式响应并捕获usage数据 // 处理流式响应并捕获usage数据
let buffer = '' let streamBuffer = '' // 统一的流处理缓冲区
let totalUsage = { let totalUsage = {
promptTokenCount: 0, promptTokenCount: 0,
candidatesTokenCount: 0, candidatesTokenCount: 0,
@@ -715,32 +778,60 @@ async function handleStreamGenerateContent(req, res) {
try { try {
const chunkStr = chunk.toString() const chunkStr = chunk.toString()
// 直接转发数据到客户端 if (!chunkStr.trim()) {
if (!res.destroyed) { return
res.write(chunkStr)
} }
// 同时解析数据以捕获usage信息 // 使用统一缓冲区处理不完整的行
buffer += chunkStr streamBuffer += chunkStr
const lines = buffer.split('\n') const lines = streamBuffer.split('\n')
buffer = lines.pop() || '' streamBuffer = lines.pop() || '' // 保留最后一个不完整的行
const processedLines = []
for (const line of lines) { for (const line of lines) {
if (line.startsWith('data: ') && line.length > 6) { if (!line.trim()) {
try { continue // 跳过空行,不添加到处理队列
const jsonStr = line.slice(6) }
if (jsonStr && jsonStr !== '[DONE]') {
const data = JSON.parse(jsonStr)
// 从响应中提取usage数据 // 解析 SSE 行
if (data.response?.usageMetadata) { const parsed = parseSSELine(line)
totalUsage = data.response.usageMetadata
logger.debug('📊 Captured Gemini usage data:', totalUsage) // 提取 usage 数据(适用于所有版本)
} if (parsed.type === 'data' && parsed.data.response?.usageMetadata) {
totalUsage = parsed.data.response.usageMetadata
logger.debug('📊 Captured Gemini usage data:', totalUsage)
}
// 根据版本处理输出
if (version === 'v1beta') {
if (parsed.type === 'data') {
if (parsed.data.response) {
// 有 response 字段,只返回 response 的内容
processedLines.push(`data: ${JSON.stringify(parsed.data.response)}`)
} else {
// 没有 response 字段,返回整个数据对象
processedLines.push(`data: ${JSON.stringify(parsed.data)}`)
} }
} catch (e) { } else if (parsed.type === 'control') {
// 忽略解析错误 // 控制消息(如 [DONE])保持原样
processedLines.push(line)
} }
// 跳过其他类型的行('other', 'invalid'
}
}
// 发送数据到客户端
if (version === 'v1beta') {
for (const line of processedLines) {
if (!res.destroyed) {
res.write(`${line}\n\n`)
}
}
} else {
// v1internal 直接转发原始数据
if (!res.destroyed) {
res.write(chunkStr)
} }
} }
} catch (error) { } catch (error) {

19
src/routes/openaiGeminiRoutes.js
View File

@@ -311,6 +311,16 @@ router.post('/v1/chat/completions', authenticateApiKey, async (req, res) => {
// 标记账户被使用 // 标记账户被使用
await geminiAccountService.markAccountUsed(account.id) await geminiAccountService.markAccountUsed(account.id)
// 解析账户的代理配置
let proxyConfig = null
if (account.proxy) {
try {
proxyConfig = typeof account.proxy === 'string' ? JSON.parse(account.proxy) : account.proxy
} catch (e) {
logger.warn('Failed to parse proxy configuration:', e)
}
}
// 创建中止控制器 // 创建中止控制器
abortController = new AbortController() abortController = new AbortController()
@@ -325,7 +335,8 @@ router.post('/v1/chat/completions', authenticateApiKey, async (req, res) => {
// 获取OAuth客户端 // 获取OAuth客户端
const client = await geminiAccountService.getOauthClient( const client = await geminiAccountService.getOauthClient(
account.accessToken, account.accessToken,
account.refreshToken account.refreshToken,
proxyConfig
) )
if (actualStream) { if (actualStream) {
// 流式响应 // 流式响应
@@ -341,7 +352,8 @@ router.post('/v1/chat/completions', authenticateApiKey, async (req, res) => {
null, // user_prompt_id null, // user_prompt_id
account.projectId, // 使用有权限的项目ID account.projectId, // 使用有权限的项目ID
apiKeyData.id, // 使用 API Key ID 作为 session ID apiKeyData.id, // 使用 API Key ID 作为 session ID
abortController.signal // 传递中止信号 abortController.signal, // 传递中止信号
proxyConfig // 传递代理配置
) )
// 设置流式响应头 // 设置流式响应头
@@ -541,7 +553,8 @@ router.post('/v1/chat/completions', authenticateApiKey, async (req, res) => {
{ model, request: geminiRequestBody }, { model, request: geminiRequestBody },
null, // user_prompt_id null, // user_prompt_id
account.projectId, // 使用有权限的项目ID account.projectId, // 使用有权限的项目ID
apiKeyData.id // 使用 API Key ID 作为 session ID apiKeyData.id, // 使用 API Key ID 作为 session ID
proxyConfig // 传递代理配置
) )
// 转换为 OpenAI 格式并返回 // 转换为 OpenAI 格式并返回

737
src/routes/userRoutes.js Normal file
View File

@@ -0,0 +1,737 @@
const express = require('express')
const router = express.Router()
const ldapService = require('../services/ldapService')
const userService = require('../services/userService')
const apiKeyService = require('../services/apiKeyService')
const logger = require('../utils/logger')
const config = require('../../config/config')
const inputValidator = require('../utils/inputValidator')
const { RateLimiterRedis } = require('rate-limiter-flexible')
const redis = require('../models/redis')
const { authenticateUser, authenticateUserOrAdmin, requireAdmin } = require('../middleware/auth')
// 🚦 配置登录速率限制
// 只基于IP地址限制避免攻击者恶意锁定特定账户
// 延迟初始化速率限制器,确保 Redis 已连接
let ipRateLimiter = null
let strictIpRateLimiter = null
// 初始化速率限制器函数
function initRateLimiters() {
if (!ipRateLimiter) {
try {
const redisClient = redis.getClientSafe()
// IP地址速率限制 - 正常限制
ipRateLimiter = new RateLimiterRedis({
storeClient: redisClient,
keyPrefix: 'login_ip_limiter',
points: 30, // 每个IP允许30次尝试
duration: 900, // 15分钟窗口期
blockDuration: 900 // 超限后封禁15分钟
})
// IP地址速率限制 - 严格限制(用于检测暴力破解)
strictIpRateLimiter = new RateLimiterRedis({
storeClient: redisClient,
keyPrefix: 'login_ip_strict',
points: 100, // 每个IP允许100次尝试
duration: 3600, // 1小时窗口期
blockDuration: 3600 // 超限后封禁1小时
})
} catch (error) {
logger.error('❌ 初始化速率限制器失败:', error)
// 速率限制器初始化失败时继续运行,但记录错误
}
}
return { ipRateLimiter, strictIpRateLimiter }
}
// 🔐 用户登录端点
router.post('/login', async (req, res) => {
try {
const { username, password } = req.body
const clientIp = req.ip || req.connection.remoteAddress || 'unknown'
// 初始化速率限制器(如果尚未初始化)
const limiters = initRateLimiters()
// 检查IP速率限制 - 基础限制
if (limiters.ipRateLimiter) {
try {
await limiters.ipRateLimiter.consume(clientIp)
} catch (rateLimiterRes) {
const retryAfter = Math.round(rateLimiterRes.msBeforeNext / 1000) || 900
logger.security(`🚫 Login rate limit exceeded for IP: ${clientIp}`)
res.set('Retry-After', String(retryAfter))
return res.status(429).json({
error: 'Too many requests',
message: `Too many login attempts from this IP. Please try again later.`
})
}
}
// 检查IP速率限制 - 严格限制(防止暴力破解)
if (limiters.strictIpRateLimiter) {
try {
await limiters.strictIpRateLimiter.consume(clientIp)
} catch (rateLimiterRes) {
const retryAfter = Math.round(rateLimiterRes.msBeforeNext / 1000) || 3600
logger.security(`🚫 Strict rate limit exceeded for IP: ${clientIp} - possible brute force`)
res.set('Retry-After', String(retryAfter))
return res.status(429).json({
error: 'Too many requests',
message: 'Too many login attempts detected. Access temporarily blocked.'
})
}
}
if (!username || !password) {
return res.status(400).json({
error: 'Missing credentials',
message: 'Username and password are required'
})
}
// 验证输入格式
let validatedUsername
try {
validatedUsername = inputValidator.validateUsername(username)
inputValidator.validatePassword(password)
} catch (validationError) {
return res.status(400).json({
error: 'Invalid input',
message: validationError.message
})
}
// 检查用户管理是否启用
if (!config.userManagement.enabled) {
return res.status(503).json({
error: 'Service unavailable',
message: 'User management is not enabled'
})
}
// 检查LDAP是否启用
if (!config.ldap || !config.ldap.enabled) {
return res.status(503).json({
error: 'Service unavailable',
message: 'LDAP authentication is not enabled'
})
}
// 尝试LDAP认证
const authResult = await ldapService.authenticateUserCredentials(validatedUsername, password)
if (!authResult.success) {
// 登录失败
logger.info(`🚫 Failed login attempt for user: ${validatedUsername} from IP: ${clientIp}`)
return res.status(401).json({
error: 'Authentication failed',
message: authResult.message
})
}
// 登录成功
logger.info(`✅ User login successful: ${validatedUsername} from IP: ${clientIp}`)
res.json({
success: true,
message: 'Login successful',
user: {
id: authResult.user.id,
username: authResult.user.username,
email: authResult.user.email,
displayName: authResult.user.displayName,
firstName: authResult.user.firstName,
lastName: authResult.user.lastName,
role: authResult.user.role
},
sessionToken: authResult.sessionToken
})
} catch (error) {
logger.error('❌ User login error:', error)
res.status(500).json({
error: 'Login error',
message: 'Internal server error during login'
})
}
})
// 🚪 用户登出端点
router.post('/logout', authenticateUser, async (req, res) => {
try {
await userService.invalidateUserSession(req.user.sessionToken)
logger.info(`👋 User logout: ${req.user.username}`)
res.json({
success: true,
message: 'Logout successful'
})
} catch (error) {
logger.error('❌ User logout error:', error)
res.status(500).json({
error: 'Logout error',
message: 'Internal server error during logout'
})
}
})
// 👤 获取当前用户信息
router.get('/profile', authenticateUser, async (req, res) => {
try {
const user = await userService.getUserById(req.user.id)
if (!user) {
return res.status(404).json({
error: 'User not found',
message: 'User profile not found'
})
}
res.json({
success: true,
user: {
id: user.id,
username: user.username,
email: user.email,
displayName: user.displayName,
firstName: user.firstName,
lastName: user.lastName,
role: user.role,
isActive: user.isActive,
createdAt: user.createdAt,
lastLoginAt: user.lastLoginAt,
apiKeyCount: user.apiKeyCount,
totalUsage: user.totalUsage
},
config: {
maxApiKeysPerUser: config.userManagement.maxApiKeysPerUser
}
})
} catch (error) {
logger.error('❌ Get user profile error:', error)
res.status(500).json({
error: 'Profile error',
message: 'Failed to retrieve user profile'
})
}
})
// 🔑 获取用户的API Keys
router.get('/api-keys', authenticateUser, async (req, res) => {
try {
const { includeDeleted = 'false' } = req.query
const apiKeys = await apiKeyService.getUserApiKeys(req.user.id, includeDeleted === 'true')
// 移除敏感信息并格式化usage数据
const safeApiKeys = apiKeys.map((key) => {
// Flatten usage structure for frontend compatibility
let flatUsage = {
requests: 0,
inputTokens: 0,
outputTokens: 0,
totalCost: 0
}
if (key.usage && key.usage.total) {
flatUsage = {
requests: key.usage.total.requests || 0,
inputTokens: key.usage.total.inputTokens || 0,
outputTokens: key.usage.total.outputTokens || 0,
totalCost: key.totalCost || 0
}
}
return {
id: key.id,
name: key.name,
description: key.description,
tokenLimit: key.tokenLimit,
isActive: key.isActive,
createdAt: key.createdAt,
lastUsedAt: key.lastUsedAt,
expiresAt: key.expiresAt,
usage: flatUsage,
dailyCost: key.dailyCost,
dailyCostLimit: key.dailyCostLimit,
// 不返回实际的key值只返回前缀和后几位
keyPreview: key.key
? `${key.key.substring(0, 8)}...${key.key.substring(key.key.length - 4)}`
: null,
// Include deletion fields for deleted keys
isDeleted: key.isDeleted,
deletedAt: key.deletedAt,
deletedBy: key.deletedBy,
deletedByType: key.deletedByType
}
})
res.json({
success: true,
apiKeys: safeApiKeys,
total: safeApiKeys.length
})
} catch (error) {
logger.error('❌ Get user API keys error:', error)
res.status(500).json({
error: 'API Keys error',
message: 'Failed to retrieve API keys'
})
}
})
// 🔑 创建新的API Key
router.post('/api-keys', authenticateUser, async (req, res) => {
try {
const { name, description, tokenLimit, expiresAt, dailyCostLimit } = req.body
if (!name || !name.trim()) {
return res.status(400).json({
error: 'Missing name',
message: 'API key name is required'
})
}
// 检查用户API Key数量限制
const userApiKeys = await apiKeyService.getUserApiKeys(req.user.id)
if (userApiKeys.length >= config.userManagement.maxApiKeysPerUser) {
return res.status(400).json({
error: 'API key limit exceeded',
message: `You can only have up to ${config.userManagement.maxApiKeysPerUser} API keys`
})
}
// 创建API Key数据
const apiKeyData = {
name: name.trim(),
description: description?.trim() || '',
userId: req.user.id,
userUsername: req.user.username,
tokenLimit: tokenLimit || null,
expiresAt: expiresAt || null,
dailyCostLimit: dailyCostLimit || null,
createdBy: 'user',
permissions: ['messages'] // 用户创建的API Key默认只有messages权限
}
const newApiKey = await apiKeyService.createApiKey(apiKeyData)
// 更新用户API Key数量
await userService.updateUserApiKeyCount(req.user.id, userApiKeys.length + 1)
logger.info(`🔑 User ${req.user.username} created API key: ${name}`)
res.status(201).json({
success: true,
message: 'API key created successfully',
apiKey: {
id: newApiKey.id,
name: newApiKey.name,
description: newApiKey.description,
key: newApiKey.apiKey, // 只在创建时返回完整key
tokenLimit: newApiKey.tokenLimit,
expiresAt: newApiKey.expiresAt,
dailyCostLimit: newApiKey.dailyCostLimit,
createdAt: newApiKey.createdAt
}
})
} catch (error) {
logger.error('❌ Create user API key error:', error)
res.status(500).json({
error: 'API Key creation error',
message: 'Failed to create API key'
})
}
})
// 🗑️ 删除API Key
router.delete('/api-keys/:keyId', authenticateUser, async (req, res) => {
try {
const { keyId } = req.params
// 检查API Key是否属于当前用户
const existingKey = await apiKeyService.getApiKeyById(keyId)
if (!existingKey || existingKey.userId !== req.user.id) {
return res.status(404).json({
error: 'API key not found',
message: 'API key not found or you do not have permission to access it'
})
}
await apiKeyService.deleteApiKey(keyId, req.user.username, 'user')
// 更新用户API Key数量
const userApiKeys = await apiKeyService.getUserApiKeys(req.user.id)
await userService.updateUserApiKeyCount(req.user.id, userApiKeys.length)
logger.info(`🗑️ User ${req.user.username} deleted API key: ${existingKey.name}`)
res.json({
success: true,
message: 'API key deleted successfully'
})
} catch (error) {
logger.error('❌ Delete user API key error:', error)
res.status(500).json({
error: 'API Key deletion error',
message: 'Failed to delete API key'
})
}
})
// 📊 获取用户使用统计
router.get('/usage-stats', authenticateUser, async (req, res) => {
try {
const { period = 'week', model } = req.query
// 获取用户的API Keys (including deleted ones for complete usage stats)
const userApiKeys = await apiKeyService.getUserApiKeys(req.user.id, true)
const apiKeyIds = userApiKeys.map((key) => key.id)
if (apiKeyIds.length === 0) {
return res.json({
success: true,
stats: {
totalRequests: 0,
totalInputTokens: 0,
totalOutputTokens: 0,
totalCost: 0,
dailyStats: [],
modelStats: []
}
})
}
// 获取使用统计
const stats = await apiKeyService.getAggregatedUsageStats(apiKeyIds, { period, model })
res.json({
success: true,
stats
})
} catch (error) {
logger.error('❌ Get user usage stats error:', error)
res.status(500).json({
error: 'Usage stats error',
message: 'Failed to retrieve usage statistics'
})
}
})
// === 管理员用户管理端点 ===
// 📋 获取用户列表(管理员)
router.get('/', authenticateUserOrAdmin, requireAdmin, async (req, res) => {
try {
const { page = 1, limit = 20, role, isActive, search } = req.query
const options = {
page: parseInt(page),
limit: parseInt(limit),
role,
isActive: isActive === 'true' ? true : isActive === 'false' ? false : undefined
}
const result = await userService.getAllUsers(options)
// 如果有搜索条件,进行过滤
let filteredUsers = result.users
if (search) {
const searchLower = search.toLowerCase()
filteredUsers = result.users.filter(
(user) =>
user.username.toLowerCase().includes(searchLower) ||
user.displayName.toLowerCase().includes(searchLower) ||
user.email.toLowerCase().includes(searchLower)
)
}
res.json({
success: true,
users: filteredUsers,
pagination: {
total: result.total,
page: result.page,
limit: result.limit,
totalPages: result.totalPages
}
})
} catch (error) {
logger.error('❌ Get users list error:', error)
res.status(500).json({
error: 'Users list error',
message: 'Failed to retrieve users list'
})
}
})
// 👤 获取特定用户信息(管理员)
router.get('/:userId', authenticateUserOrAdmin, requireAdmin, async (req, res) => {
try {
const { userId } = req.params
const user = await userService.getUserById(userId)
if (!user) {
return res.status(404).json({
error: 'User not found',
message: 'User not found'
})
}
// 获取用户的API Keys包括已删除的以保留统计数据
const apiKeys = await apiKeyService.getUserApiKeys(userId, true)
res.json({
success: true,
user: {
...user,
apiKeys: apiKeys.map((key) => {
// Flatten usage structure for frontend compatibility
let flatUsage = {
requests: 0,
inputTokens: 0,
outputTokens: 0,
totalCost: 0
}
if (key.usage && key.usage.total) {
flatUsage = {
requests: key.usage.total.requests || 0,
inputTokens: key.usage.total.inputTokens || 0,
outputTokens: key.usage.total.outputTokens || 0,
totalCost: key.totalCost || 0
}
}
return {
id: key.id,
name: key.name,
description: key.description,
isActive: key.isActive,
createdAt: key.createdAt,
lastUsedAt: key.lastUsedAt,
usage: flatUsage,
keyPreview: key.key
? `${key.key.substring(0, 8)}...${key.key.substring(key.key.length - 4)}`
: null
}
})
}
})
} catch (error) {
logger.error('❌ Get user details error:', error)
res.status(500).json({
error: 'User details error',
message: 'Failed to retrieve user details'
})
}
})
// 🔄 更新用户状态(管理员)
router.patch('/:userId/status', authenticateUserOrAdmin, requireAdmin, async (req, res) => {
try {
const { userId } = req.params
const { isActive } = req.body
if (typeof isActive !== 'boolean') {
return res.status(400).json({
error: 'Invalid status',
message: 'isActive must be a boolean value'
})
}
const updatedUser = await userService.updateUserStatus(userId, isActive)
const adminUser = req.admin?.username || req.user?.username
logger.info(
`🔄 Admin ${adminUser} ${isActive ? 'enabled' : 'disabled'} user: ${updatedUser.username}`
)
res.json({
success: true,
message: `User ${isActive ? 'enabled' : 'disabled'} successfully`,
user: {
id: updatedUser.id,
username: updatedUser.username,
isActive: updatedUser.isActive,
updatedAt: updatedUser.updatedAt
}
})
} catch (error) {
logger.error('❌ Update user status error:', error)
res.status(500).json({
error: 'Update status error',
message: error.message || 'Failed to update user status'
})
}
})
// 🔄 更新用户角色(管理员)
router.patch('/:userId/role', authenticateUserOrAdmin, requireAdmin, async (req, res) => {
try {
const { userId } = req.params
const { role } = req.body
const validRoles = ['user', 'admin']
if (!role || !validRoles.includes(role)) {
return res.status(400).json({
error: 'Invalid role',
message: `Role must be one of: ${validRoles.join(', ')}`
})
}
const updatedUser = await userService.updateUserRole(userId, role)
const adminUser = req.admin?.username || req.user?.username
logger.info(`🔄 Admin ${adminUser} changed user ${updatedUser.username} role to: ${role}`)
res.json({
success: true,
message: `User role updated to ${role} successfully`,
user: {
id: updatedUser.id,
username: updatedUser.username,
role: updatedUser.role,
updatedAt: updatedUser.updatedAt
}
})
} catch (error) {
logger.error('❌ Update user role error:', error)
res.status(500).json({
error: 'Update role error',
message: error.message || 'Failed to update user role'
})
}
})
// 🔑 禁用用户的所有API Keys管理员
router.post('/:userId/disable-keys', authenticateUserOrAdmin, requireAdmin, async (req, res) => {
try {
const { userId } = req.params
const user = await userService.getUserById(userId)
if (!user) {
return res.status(404).json({
error: 'User not found',
message: 'User not found'
})
}
const result = await apiKeyService.disableUserApiKeys(userId)
const adminUser = req.admin?.username || req.user?.username
logger.info(`🔑 Admin ${adminUser} disabled all API keys for user: ${user.username}`)
res.json({
success: true,
message: `Disabled ${result.count} API keys for user ${user.username}`,
disabledCount: result.count
})
} catch (error) {
logger.error('❌ Disable user API keys error:', error)
res.status(500).json({
error: 'Disable keys error',
message: 'Failed to disable user API keys'
})
}
})
// 📊 获取用户使用统计(管理员)
router.get('/:userId/usage-stats', authenticateUserOrAdmin, requireAdmin, async (req, res) => {
try {
const { userId } = req.params
const { period = 'week', model } = req.query
const user = await userService.getUserById(userId)
if (!user) {
return res.status(404).json({
error: 'User not found',
message: 'User not found'
})
}
// 获取用户的API Keys包括已删除的以保留统计数据
const userApiKeys = await apiKeyService.getUserApiKeys(userId, true)
const apiKeyIds = userApiKeys.map((key) => key.id)
if (apiKeyIds.length === 0) {
return res.json({
success: true,
user: {
id: user.id,
username: user.username,
displayName: user.displayName
},
stats: {
totalRequests: 0,
totalInputTokens: 0,
totalOutputTokens: 0,
totalCost: 0,
dailyStats: [],
modelStats: []
}
})
}
// 获取使用统计
const stats = await apiKeyService.getAggregatedUsageStats(apiKeyIds, { period, model })
res.json({
success: true,
user: {
id: user.id,
username: user.username,
displayName: user.displayName
},
stats
})
} catch (error) {
logger.error('❌ Get user usage stats (admin) error:', error)
res.status(500).json({
error: 'Usage stats error',
message: 'Failed to retrieve user usage statistics'
})
}
})
// 📊 获取用户管理统计(管理员)
router.get('/stats/overview', authenticateUserOrAdmin, requireAdmin, async (req, res) => {
try {
const stats = await userService.getUserStats()
res.json({
success: true,
stats
})
} catch (error) {
logger.error('❌ Get user stats overview error:', error)
res.status(500).json({
error: 'Stats error',
message: 'Failed to retrieve user statistics'
})
}
})
// 🔧 测试LDAP连接管理员
router.get('/admin/ldap-test', authenticateUserOrAdmin, requireAdmin, async (req, res) => {
try {
const testResult = await ldapService.testConnection()
res.json({
success: true,
ldapTest: testResult,
config: ldapService.getConfigInfo()
})
} catch (error) {
logger.error('❌ LDAP test error:', error)
res.status(500).json({
error: 'LDAP test error',
message: 'Failed to test LDAP connection'
})
}
})
module.exports = router

95
src/routes/webhook.js
View File

@@ -4,6 +4,7 @@ const logger = require('../utils/logger')
const webhookService = require('../services/webhookService') const webhookService = require('../services/webhookService')
const webhookConfigService = require('../services/webhookConfigService') const webhookConfigService = require('../services/webhookConfigService')
const { authenticateAdmin } = require('../middleware/auth') const { authenticateAdmin } = require('../middleware/auth')
const { getISOStringWithTimezone } = require('../utils/dateHelper')
// 获取webhook配置 // 获取webhook配置
router.get('/config', authenticateAdmin, async (req, res) => { router.get('/config', authenticateAdmin, async (req, res) => {
@@ -114,27 +115,62 @@ router.post('/platforms/:id/toggle', authenticateAdmin, async (req, res) => {
// 测试Webhook连通性 // 测试Webhook连通性
router.post('/test', authenticateAdmin, async (req, res) => { router.post('/test', authenticateAdmin, async (req, res) => {
try { try {
const { url, type = 'custom', secret, enableSign } = req.body const {
url,
type = 'custom',
secret,
enableSign,
deviceKey,
serverUrl,
level,
sound,
group
} = req.body
if (!url) { // Bark平台特殊处理
return res.status(400).json({ if (type === 'bark') {
error: 'Missing webhook URL', if (!deviceKey) {
message: '请提供webhook URL' return res.status(400).json({
}) error: 'Missing device key',
message: '请提供Bark设备密钥'
})
}
// 验证服务器URL如果提供
if (serverUrl) {
try {
new URL(serverUrl)
} catch (urlError) {
return res.status(400).json({
error: 'Invalid server URL format',
message: '请提供有效的Bark服务器URL'
})
}
}
logger.info(`🧪 测试webhook: ${type} - Device Key: ${deviceKey.substring(0, 8)}...`)
} else {
// 其他平台验证URL
if (!url) {
return res.status(400).json({
error: 'Missing webhook URL',
message: '请提供webhook URL'
})
}
// 验证URL格式
try {
new URL(url)
} catch (urlError) {
return res.status(400).json({
error: 'Invalid URL format',
message: '请提供有效的webhook URL'
})
}
logger.info(`🧪 测试webhook: ${type} - ${url}`)
} }
// 验证URL格式
try {
new URL(url)
} catch (urlError) {
return res.status(400).json({
error: 'Invalid URL format',
message: '请提供有效的webhook URL'
})
}
logger.info(`🧪 测试webhook: ${type} - ${url}`)
// 创建临时平台配置 // 创建临时平台配置
const platform = { const platform = {
type, type,
@@ -145,21 +181,34 @@ router.post('/test', authenticateAdmin, async (req, res) => {
timeout: 10000 timeout: 10000
} }
// 添加Bark特有字段
if (type === 'bark') {
platform.deviceKey = deviceKey
platform.serverUrl = serverUrl
platform.level = level
platform.sound = sound
platform.group = group
}
const result = await webhookService.testWebhook(platform) const result = await webhookService.testWebhook(platform)
if (result.success) { if (result.success) {
logger.info(`✅ Webhook测试成功: ${url}`) const identifier = type === 'bark' ? `Device: ${deviceKey.substring(0, 8)}...` : url
logger.info(`✅ Webhook测试成功: ${identifier}`)
res.json({ res.json({
success: true, success: true,
message: 'Webhook测试成功', message: 'Webhook测试成功',
url url: type === 'bark' ? undefined : url,
deviceKey: type === 'bark' ? `${deviceKey.substring(0, 8)}...` : undefined
}) })
} else { } else {
logger.warn(`❌ Webhook测试失败: ${url} - ${result.error}`) const identifier = type === 'bark' ? `Device: ${deviceKey.substring(0, 8)}...` : url
logger.warn(`❌ Webhook测试失败: ${identifier} - ${result.error}`)
res.status(400).json({ res.status(400).json({
success: false, success: false,
message: 'Webhook测试失败', message: 'Webhook测试失败',
url, url: type === 'bark' ? undefined : url,
deviceKey: type === 'bark' ? `${deviceKey.substring(0, 8)}...` : undefined,
error: result.error error: result.error
}) })
} }
@@ -218,7 +267,7 @@ router.post('/test-notification', authenticateAdmin, async (req, res) => {
errorCode, errorCode,
reason, reason,
message, message,
timestamp: new Date().toISOString() timestamp: getISOStringWithTimezone(new Date())
} }
const result = await webhookService.sendNotification(type, testData) const result = await webhookService.sendNotification(type, testData)

360
src/services/apiKeyService.js
View File

@@ -14,7 +14,7 @@ class ApiKeyService {
const { const {
name = 'Unnamed Key', name = 'Unnamed Key',
description = '', description = '',
tokenLimit = config.limits.defaultTokenLimit, tokenLimit = 0, // 默认为0不再使用token限制
expiresAt = null, expiresAt = null,
claudeAccountId = null, claudeAccountId = null,
claudeConsoleAccountId = null, claudeConsoleAccountId = null,
@@ -27,11 +27,13 @@ class ApiKeyService {
concurrencyLimit = 0, concurrencyLimit = 0,
rateLimitWindow = null, rateLimitWindow = null,
rateLimitRequests = null, rateLimitRequests = null,
rateLimitCost = null, // 新增:速率限制费用字段
enableModelRestriction = false, enableModelRestriction = false,
restrictedModels = [], restrictedModels = [],
enableClientRestriction = false, enableClientRestriction = false,
allowedClients = [], allowedClients = [],
dailyCostLimit = 0, dailyCostLimit = 0,
weeklyOpusCostLimit = 0,
tags = [] tags = []
} = options } = options
@@ -49,6 +51,7 @@ class ApiKeyService {
concurrencyLimit: String(concurrencyLimit ?? 0), concurrencyLimit: String(concurrencyLimit ?? 0),
rateLimitWindow: String(rateLimitWindow ?? 0), rateLimitWindow: String(rateLimitWindow ?? 0),
rateLimitRequests: String(rateLimitRequests ?? 0), rateLimitRequests: String(rateLimitRequests ?? 0),
rateLimitCost: String(rateLimitCost ?? 0), // 新增:速率限制费用字段
isActive: String(isActive), isActive: String(isActive),
claudeAccountId: claudeAccountId || '', claudeAccountId: claudeAccountId || '',
claudeConsoleAccountId: claudeConsoleAccountId || '', claudeConsoleAccountId: claudeConsoleAccountId || '',
@@ -62,11 +65,14 @@ class ApiKeyService {
enableClientRestriction: String(enableClientRestriction || false), enableClientRestriction: String(enableClientRestriction || false),
allowedClients: JSON.stringify(allowedClients || []), allowedClients: JSON.stringify(allowedClients || []),
dailyCostLimit: String(dailyCostLimit || 0), dailyCostLimit: String(dailyCostLimit || 0),
weeklyOpusCostLimit: String(weeklyOpusCostLimit || 0),
tags: JSON.stringify(tags || []), tags: JSON.stringify(tags || []),
createdAt: new Date().toISOString(), createdAt: new Date().toISOString(),
lastUsedAt: '', lastUsedAt: '',
expiresAt: expiresAt || '', expiresAt: expiresAt || '',
createdBy: 'admin' // 可以根据需要扩展用户系统 createdBy: options.createdBy || 'admin',
userId: options.userId || '',
userUsername: options.userUsername || ''
} }
// 保存API Key数据并建立哈希映射 // 保存API Key数据并建立哈希映射
@@ -83,6 +89,7 @@ class ApiKeyService {
concurrencyLimit: parseInt(keyData.concurrencyLimit), concurrencyLimit: parseInt(keyData.concurrencyLimit),
rateLimitWindow: parseInt(keyData.rateLimitWindow || 0), rateLimitWindow: parseInt(keyData.rateLimitWindow || 0),
rateLimitRequests: parseInt(keyData.rateLimitRequests || 0), rateLimitRequests: parseInt(keyData.rateLimitRequests || 0),
rateLimitCost: parseFloat(keyData.rateLimitCost || 0), // 新增:速率限制费用字段
isActive: keyData.isActive === 'true', isActive: keyData.isActive === 'true',
claudeAccountId: keyData.claudeAccountId, claudeAccountId: keyData.claudeAccountId,
claudeConsoleAccountId: keyData.claudeConsoleAccountId, claudeConsoleAccountId: keyData.claudeConsoleAccountId,
@@ -96,6 +103,7 @@ class ApiKeyService {
enableClientRestriction: keyData.enableClientRestriction === 'true', enableClientRestriction: keyData.enableClientRestriction === 'true',
allowedClients: JSON.parse(keyData.allowedClients || '[]'), allowedClients: JSON.parse(keyData.allowedClients || '[]'),
dailyCostLimit: parseFloat(keyData.dailyCostLimit || 0), dailyCostLimit: parseFloat(keyData.dailyCostLimit || 0),
weeklyOpusCostLimit: parseFloat(keyData.weeklyOpusCostLimit || 0),
tags: JSON.parse(keyData.tags || '[]'), tags: JSON.parse(keyData.tags || '[]'),
createdAt: keyData.createdAt, createdAt: keyData.createdAt,
expiresAt: keyData.expiresAt, expiresAt: keyData.expiresAt,
@@ -130,6 +138,20 @@ class ApiKeyService {
return { valid: false, error: 'API key has expired' } return { valid: false, error: 'API key has expired' }
} }
// 如果API Key属于某个用户检查用户是否被禁用
if (keyData.userId) {
try {
const userService = require('./userService')
const user = await userService.getUserById(keyData.userId, false)
if (!user || !user.isActive) {
return { valid: false, error: 'User account is disabled' }
}
} catch (error) {
logger.error('❌ Error checking user status during API key validation:', error)
return { valid: false, error: 'Unable to validate user status' }
}
}
// 获取使用统计(供返回数据使用) // 获取使用统计(供返回数据使用)
const usage = await redis.getUsageStats(keyData.id) const usage = await redis.getUsageStats(keyData.id)
@@ -184,12 +206,15 @@ class ApiKeyService {
concurrencyLimit: parseInt(keyData.concurrencyLimit || 0), concurrencyLimit: parseInt(keyData.concurrencyLimit || 0),
rateLimitWindow: parseInt(keyData.rateLimitWindow || 0), rateLimitWindow: parseInt(keyData.rateLimitWindow || 0),
rateLimitRequests: parseInt(keyData.rateLimitRequests || 0), rateLimitRequests: parseInt(keyData.rateLimitRequests || 0),
rateLimitCost: parseFloat(keyData.rateLimitCost || 0), // 新增:速率限制费用字段
enableModelRestriction: keyData.enableModelRestriction === 'true', enableModelRestriction: keyData.enableModelRestriction === 'true',
restrictedModels, restrictedModels,
enableClientRestriction: keyData.enableClientRestriction === 'true', enableClientRestriction: keyData.enableClientRestriction === 'true',
allowedClients, allowedClients,
dailyCostLimit: parseFloat(keyData.dailyCostLimit || 0), dailyCostLimit: parseFloat(keyData.dailyCostLimit || 0),
weeklyOpusCostLimit: parseFloat(keyData.weeklyOpusCostLimit || 0),
dailyCost: dailyCost || 0, dailyCost: dailyCost || 0,
weeklyOpusCost: (await redis.getWeeklyOpusCost(keyData.id)) || 0,
tags, tags,
usage usage
} }
@@ -201,34 +226,52 @@ class ApiKeyService {
} }
// 📋 获取所有API Keys // 📋 获取所有API Keys
async getAllApiKeys() { async getAllApiKeys(includeDeleted = false) {
try { try {
const apiKeys = await redis.getAllApiKeys() let apiKeys = await redis.getAllApiKeys()
const client = redis.getClientSafe() const client = redis.getClientSafe()
// 默认过滤掉已删除的API Keys
if (!includeDeleted) {
apiKeys = apiKeys.filter((key) => key.isDeleted !== 'true')
}
// 为每个key添加使用统计和当前并发数 // 为每个key添加使用统计和当前并发数
for (const key of apiKeys) { for (const key of apiKeys) {
key.usage = await redis.getUsageStats(key.id) key.usage = await redis.getUsageStats(key.id)
const costStats = await redis.getCostStats(key.id)
// Add cost information to usage object for frontend compatibility
if (key.usage && costStats) {
key.usage.total = key.usage.total || {}
key.usage.total.cost = costStats.total
key.usage.totalCost = costStats.total
}
key.totalCost = costStats ? costStats.total : 0
key.tokenLimit = parseInt(key.tokenLimit) key.tokenLimit = parseInt(key.tokenLimit)
key.concurrencyLimit = parseInt(key.concurrencyLimit || 0) key.concurrencyLimit = parseInt(key.concurrencyLimit || 0)
key.rateLimitWindow = parseInt(key.rateLimitWindow || 0) key.rateLimitWindow = parseInt(key.rateLimitWindow || 0)
key.rateLimitRequests = parseInt(key.rateLimitRequests || 0) key.rateLimitRequests = parseInt(key.rateLimitRequests || 0)
key.rateLimitCost = parseFloat(key.rateLimitCost || 0) // 新增:速率限制费用字段
key.currentConcurrency = await redis.getConcurrency(key.id) key.currentConcurrency = await redis.getConcurrency(key.id)
key.isActive = key.isActive === 'true' key.isActive = key.isActive === 'true'
key.enableModelRestriction = key.enableModelRestriction === 'true' key.enableModelRestriction = key.enableModelRestriction === 'true'
key.enableClientRestriction = key.enableClientRestriction === 'true' key.enableClientRestriction = key.enableClientRestriction === 'true'
key.permissions = key.permissions || 'all' // 兼容旧数据 key.permissions = key.permissions || 'all' // 兼容旧数据
key.dailyCostLimit = parseFloat(key.dailyCostLimit || 0) key.dailyCostLimit = parseFloat(key.dailyCostLimit || 0)
key.weeklyOpusCostLimit = parseFloat(key.weeklyOpusCostLimit || 0)
key.dailyCost = (await redis.getDailyCost(key.id)) || 0 key.dailyCost = (await redis.getDailyCost(key.id)) || 0
key.weeklyOpusCost = (await redis.getWeeklyOpusCost(key.id)) || 0
// 获取当前时间窗口的请求次数Token使用量 // 获取当前时间窗口的请求次数Token使用量和费用
if (key.rateLimitWindow > 0) { if (key.rateLimitWindow > 0) {
const requestCountKey = `rate_limit:requests:${key.id}` const requestCountKey = `rate_limit:requests:${key.id}`
const tokenCountKey = `rate_limit:tokens:${key.id}` const tokenCountKey = `rate_limit:tokens:${key.id}`
const costCountKey = `rate_limit:cost:${key.id}` // 新增:费用计数器
const windowStartKey = `rate_limit:window_start:${key.id}` const windowStartKey = `rate_limit:window_start:${key.id}`
key.currentWindowRequests = parseInt((await client.get(requestCountKey)) || '0') key.currentWindowRequests = parseInt((await client.get(requestCountKey)) || '0')
key.currentWindowTokens = parseInt((await client.get(tokenCountKey)) || '0') key.currentWindowTokens = parseInt((await client.get(tokenCountKey)) || '0')
key.currentWindowCost = parseFloat((await client.get(costCountKey)) || '0') // 新增:当前窗口费用
// 获取窗口开始时间和计算剩余时间 // 获取窗口开始时间和计算剩余时间
const windowStart = await client.get(windowStartKey) const windowStart = await client.get(windowStartKey)
@@ -251,6 +294,7 @@ class ApiKeyService {
// 重置计数为0因为窗口已过期 // 重置计数为0因为窗口已过期
key.currentWindowRequests = 0 key.currentWindowRequests = 0
key.currentWindowTokens = 0 key.currentWindowTokens = 0
key.currentWindowCost = 0 // 新增:重置费用
} }
} else { } else {
// 窗口还未开始(没有任何请求) // 窗口还未开始(没有任何请求)
@@ -261,6 +305,7 @@ class ApiKeyService {
} else { } else {
key.currentWindowRequests = 0 key.currentWindowRequests = 0
key.currentWindowTokens = 0 key.currentWindowTokens = 0
key.currentWindowCost = 0 // 新增:重置费用
key.windowStartTime = null key.windowStartTime = null
key.windowEndTime = null key.windowEndTime = null
key.windowRemainingSeconds = null key.windowRemainingSeconds = null
@@ -307,6 +352,7 @@ class ApiKeyService {
'concurrencyLimit', 'concurrencyLimit',
'rateLimitWindow', 'rateLimitWindow',
'rateLimitRequests', 'rateLimitRequests',
'rateLimitCost', // 新增:速率限制费用字段
'isActive', 'isActive',
'claudeAccountId', 'claudeAccountId',
'claudeConsoleAccountId', 'claudeConsoleAccountId',
@@ -321,6 +367,7 @@ class ApiKeyService {
'enableClientRestriction', 'enableClientRestriction',
'allowedClients', 'allowedClients',
'dailyCostLimit', 'dailyCostLimit',
'weeklyOpusCostLimit',
'tags' 'tags'
] ]
const updatedData = { ...keyData } const updatedData = { ...keyData }
@@ -353,16 +400,32 @@ class ApiKeyService {
} }
} }
// 🗑️ 删除API Key // 🗑️ 删除API Key (保留使用统计)
async deleteApiKey(keyId) { async deleteApiKey(keyId, deletedBy = 'system', deletedByType = 'system') {
try { try {
const result = await redis.deleteApiKey(keyId) const keyData = await redis.getApiKey(keyId)
if (!keyData || Object.keys(keyData).length === 0) {
if (result === 0) {
throw new Error('API key not found') throw new Error('API key not found')
} }
logger.success(`🗑️ Deleted API key: ${keyId}`) // 标记为已删除,保留所有数据和统计信息
const updatedData = {
...keyData,
isDeleted: 'true',
deletedAt: new Date().toISOString(),
deletedBy,
deletedByType, // 'user', 'admin', 'system'
isActive: 'false' // 同时禁用
}
await redis.setApiKey(keyId, updatedData)
// 从哈希映射中移除这样就不能再使用这个key进行API调用
if (keyData.apiKey) {
await redis.deleteApiKeyHash(keyData.apiKey)
}
logger.success(`🗑️ Soft deleted API key: ${keyId} by ${deletedBy} (${deletedByType})`)
return { success: true } return { success: true }
} catch (error) { } catch (error) {
@@ -396,6 +459,13 @@ class ApiKeyService {
model model
) )
// 检查是否为 1M 上下文请求
let isLongContextRequest = false
if (model && model.includes('[1m]')) {
const totalInputTokens = inputTokens + cacheCreateTokens + cacheReadTokens
isLongContextRequest = totalInputTokens > 200000
}
// 记录API Key级别的使用统计 // 记录API Key级别的使用统计
await redis.incrementTokenUsage( await redis.incrementTokenUsage(
keyId, keyId,
@@ -404,7 +474,10 @@ class ApiKeyService {
outputTokens, outputTokens,
cacheCreateTokens, cacheCreateTokens,
cacheReadTokens, cacheReadTokens,
model model,
0, // ephemeral5mTokens - 暂时为0后续处理
0, // ephemeral1hTokens - 暂时为0后续处理
isLongContextRequest
) )
// 记录费用统计 // 记录费用统计
@@ -433,7 +506,8 @@ class ApiKeyService {
outputTokens, outputTokens,
cacheCreateTokens, cacheCreateTokens,
cacheReadTokens, cacheReadTokens,
model model,
isLongContextRequest
) )
logger.database( logger.database(
`📊 Recorded account usage: ${accountId} - ${totalTokens} tokens (API Key: ${keyId})` `📊 Recorded account usage: ${accountId} - ${totalTokens} tokens (API Key: ${keyId})`
@@ -460,8 +534,38 @@ class ApiKeyService {
} }
} }
// 📊 记录 Opus 模型费用(仅限 claude 和 claude-console 账户)
async recordOpusCost(keyId, cost, model, accountType) {
try {
// 判断是否为 Opus 模型
if (!model || !model.toLowerCase().includes('claude-opus')) {
return // 不是 Opus 模型,直接返回
}
// 判断是否为 claude 或 claude-console 账户
if (!accountType || (accountType !== 'claude' && accountType !== 'claude-console')) {
logger.debug(`⚠️ Skipping Opus cost recording for non-Claude account type: ${accountType}`)
return // 不是 claude 账户,直接返回
}
// 记录 Opus 周费用
await redis.incrementWeeklyOpusCost(keyId, cost)
logger.database(
`💰 Recorded Opus weekly cost for ${keyId}: $${cost.toFixed(6)}, model: ${model}, account type: ${accountType}`
)
} catch (error) {
logger.error('❌ Failed to record Opus cost:', error)
}
}
// 📊 记录使用情况(新版本,支持详细的缓存类型) // 📊 记录使用情况(新版本,支持详细的缓存类型)
async recordUsageWithDetails(keyId, usageObject, model = 'unknown', accountId = null) { async recordUsageWithDetails(
keyId,
usageObject,
model = 'unknown',
accountId = null,
accountType = null
) {
try { try {
// 提取 token 数量 // 提取 token 数量
const inputTokens = usageObject.input_tokens || 0 const inputTokens = usageObject.input_tokens || 0
@@ -505,7 +609,8 @@ class ApiKeyService {
cacheReadTokens, cacheReadTokens,
model, model,
ephemeral5mTokens, // 传递5分钟缓存 tokens ephemeral5mTokens, // 传递5分钟缓存 tokens
ephemeral1hTokens // 传递1小时缓存 tokens ephemeral1hTokens, // 传递1小时缓存 tokens
costInfo.isLongContextRequest || false // 传递 1M 上下文请求标记
) )
// 记录费用统计 // 记录费用统计
@@ -515,6 +620,9 @@ class ApiKeyService {
`💰 Recorded cost for ${keyId}: $${costInfo.totalCost.toFixed(6)}, model: ${model}` `💰 Recorded cost for ${keyId}: $${costInfo.totalCost.toFixed(6)}, model: ${model}`
) )
// 记录 Opus 周费用(如果适用)
await this.recordOpusCost(keyId, costInfo.totalCost, model, accountType)
// 记录详细的缓存费用(如果有) // 记录详细的缓存费用(如果有)
if (costInfo.ephemeral5mCost > 0 || costInfo.ephemeral1hCost > 0) { if (costInfo.ephemeral5mCost > 0 || costInfo.ephemeral1hCost > 0) {
logger.database( logger.database(
@@ -541,7 +649,8 @@ class ApiKeyService {
outputTokens, outputTokens,
cacheCreateTokens, cacheCreateTokens,
cacheReadTokens, cacheReadTokens,
model model,
costInfo.isLongContextRequest || false
) )
logger.database( logger.database(
`📊 Recorded account usage: ${accountId} - ${totalTokens} tokens (API Key: ${keyId})` `📊 Recorded account usage: ${accountId} - ${totalTokens} tokens (API Key: ${keyId})`
@@ -608,6 +717,225 @@ class ApiKeyService {
return await redis.getAllAccountsUsageStats() return await redis.getAllAccountsUsageStats()
} }
// === 用户相关方法 ===
// 🔑 创建API Key支持用户
async createApiKey(options = {}) {
return await this.generateApiKey(options)
}
// 👤 获取用户的API Keys
async getUserApiKeys(userId, includeDeleted = false) {
try {
const allKeys = await redis.getAllApiKeys()
let userKeys = allKeys.filter((key) => key.userId === userId)
// 默认过滤掉已删除的API Keys
if (!includeDeleted) {
userKeys = userKeys.filter((key) => key.isDeleted !== 'true')
}
// Populate usage stats for each user's API key (same as getAllApiKeys does)
const userKeysWithUsage = []
for (const key of userKeys) {
const usage = await redis.getUsageStats(key.id)
const dailyCost = (await redis.getDailyCost(key.id)) || 0
const costStats = await redis.getCostStats(key.id)
userKeysWithUsage.push({
id: key.id,
name: key.name,
description: key.description,
key: key.apiKey ? `${this.prefix}****${key.apiKey.slice(-4)}` : null, // 只显示前缀和后4位
tokenLimit: parseInt(key.tokenLimit || 0),
isActive: key.isActive === 'true',
createdAt: key.createdAt,
lastUsedAt: key.lastUsedAt,
expiresAt: key.expiresAt,
usage,
dailyCost,
totalCost: costStats.total,
dailyCostLimit: parseFloat(key.dailyCostLimit || 0),
userId: key.userId,
userUsername: key.userUsername,
createdBy: key.createdBy,
// Include deletion fields for deleted keys
isDeleted: key.isDeleted,
deletedAt: key.deletedAt,
deletedBy: key.deletedBy,
deletedByType: key.deletedByType
})
}
return userKeysWithUsage
} catch (error) {
logger.error('❌ Failed to get user API keys:', error)
return []
}
}
// 🔍 通过ID获取API Key检查权限
async getApiKeyById(keyId, userId = null) {
try {
const keyData = await redis.getApiKey(keyId)
if (!keyData) {
return null
}
// 如果指定了用户ID检查权限
if (userId && keyData.userId !== userId) {
return null
}
return {
id: keyData.id,
name: keyData.name,
description: keyData.description,
key: keyData.apiKey,
tokenLimit: parseInt(keyData.tokenLimit || 0),
isActive: keyData.isActive === 'true',
createdAt: keyData.createdAt,
lastUsedAt: keyData.lastUsedAt,
expiresAt: keyData.expiresAt,
userId: keyData.userId,
userUsername: keyData.userUsername,
createdBy: keyData.createdBy,
permissions: keyData.permissions,
dailyCostLimit: parseFloat(keyData.dailyCostLimit || 0)
}
} catch (error) {
logger.error('❌ Failed to get API key by ID:', error)
return null
}
}
// 🔄 重新生成API Key
async regenerateApiKey(keyId) {
try {
const existingKey = await redis.getApiKey(keyId)
if (!existingKey) {
throw new Error('API key not found')
}
// 生成新的key
const newApiKey = `${this.prefix}${this._generateSecretKey()}`
const newHashedKey = this._hashApiKey(newApiKey)
// 删除旧的哈希映射
const oldHashedKey = existingKey.apiKey
await redis.deleteApiKeyHash(oldHashedKey)
// 更新key数据
const updatedKeyData = {
...existingKey,
apiKey: newHashedKey,
updatedAt: new Date().toISOString()
}
// 保存新数据并建立新的哈希映射
await redis.setApiKey(keyId, updatedKeyData, newHashedKey)
logger.info(`🔄 Regenerated API key: ${existingKey.name} (${keyId})`)
return {
id: keyId,
name: existingKey.name,
key: newApiKey, // 返回完整的新key
updatedAt: updatedKeyData.updatedAt
}
} catch (error) {
logger.error('❌ Failed to regenerate API key:', error)
throw error
}
}
// 🗑️ 硬删除API Key (完全移除)
async hardDeleteApiKey(keyId) {
try {
const keyData = await redis.getApiKey(keyId)
if (!keyData) {
throw new Error('API key not found')
}
// 删除key数据和哈希映射
await redis.deleteApiKey(keyId)
await redis.deleteApiKeyHash(keyData.apiKey)
logger.info(`🗑️ Deleted API key: ${keyData.name} (${keyId})`)
return true
} catch (error) {
logger.error('❌ Failed to delete API key:', error)
throw error
}
}
// 🚫 禁用用户的所有API Keys
async disableUserApiKeys(userId) {
try {
const userKeys = await this.getUserApiKeys(userId)
let disabledCount = 0
for (const key of userKeys) {
if (key.isActive) {
await this.updateApiKey(key.id, { isActive: false })
disabledCount++
}
}
logger.info(`🚫 Disabled ${disabledCount} API keys for user: ${userId}`)
return { count: disabledCount }
} catch (error) {
logger.error('❌ Failed to disable user API keys:', error)
throw error
}
}
// 📊 获取聚合使用统计支持多个API Key
async getAggregatedUsageStats(keyIds, options = {}) {
try {
if (!Array.isArray(keyIds)) {
keyIds = [keyIds]
}
const { period: _period = 'week', model: _model } = options
const stats = {
totalRequests: 0,
totalInputTokens: 0,
totalOutputTokens: 0,
totalCost: 0,
dailyStats: [],
modelStats: []
}
// 汇总所有API Key的统计数据
for (const keyId of keyIds) {
const keyStats = await redis.getUsageStats(keyId)
const costStats = await redis.getCostStats(keyId)
if (keyStats && keyStats.total) {
stats.totalRequests += keyStats.total.requests || 0
stats.totalInputTokens += keyStats.total.inputTokens || 0
stats.totalOutputTokens += keyStats.total.outputTokens || 0
stats.totalCost += costStats?.total || 0
}
}
// TODO: 实现日期范围和模型统计
// 这里可以根据需要添加更详细的统计逻辑
return stats
} catch (error) {
logger.error('❌ Failed to get usage stats:', error)
return {
totalRequests: 0,
totalInputTokens: 0,
totalOutputTokens: 0,
totalCost: 0,
dailyStats: [],
modelStats: []
}
}
}
// 🧹 清理过期的API Keys // 🧹 清理过期的API Keys
async cleanupExpiredKeys() { async cleanupExpiredKeys() {
try { try {

6
src/services/azureOpenaiAccountService.js
View File

@@ -300,7 +300,11 @@ async function getAllAccounts() {
} }
} }
accounts.push(accountData) accounts.push({
...accountData,
isActive: accountData.isActive === 'true',
schedulable: accountData.schedulable !== 'false'
})
} }
} }

285
src/services/azureOpenaiRelayService.js
View File

@@ -273,6 +273,11 @@ function handleStreamResponse(upstreamResponse, clientResponse, options = {}) {
let eventCount = 0 let eventCount = 0
const maxEvents = 10000 // 最大事件数量限制 const maxEvents = 10000 // 最大事件数量限制
// 专门用于保存最后几个chunks以提取usage数据
let finalChunksBuffer = ''
const FINAL_CHUNKS_SIZE = 32 * 1024 // 32KB保留最终chunks
const allParsedEvents = [] // 存储所有解析的事件用于最终usage提取
// 设置响应头 // 设置响应头
clientResponse.setHeader('Content-Type', 'text/event-stream') clientResponse.setHeader('Content-Type', 'text/event-stream')
clientResponse.setHeader('Cache-Control', 'no-cache') clientResponse.setHeader('Cache-Control', 'no-cache')
@@ -297,8 +302,8 @@ function handleStreamResponse(upstreamResponse, clientResponse, options = {}) {
clientResponse.flushHeaders() clientResponse.flushHeaders()
} }
// 解析 SSE 事件以捕获 usage 数据 // 强化的SSE事件解析,保存所有事件用于最终处理
const parseSSEForUsage = (data) => { const parseSSEForUsage = (data, isFromFinalBuffer = false) => {
const lines = data.split('\n') const lines = data.split('\n')
for (const line of lines) { for (const line of lines) {
@@ -310,34 +315,54 @@ function handleStreamResponse(upstreamResponse, clientResponse, options = {}) {
} }
const eventData = JSON.parse(jsonStr) const eventData = JSON.parse(jsonStr)
// 保存所有成功解析的事件
allParsedEvents.push(eventData)
// 获取模型信息 // 获取模型信息
if (eventData.model) { if (eventData.model) {
actualModel = eventData.model actualModel = eventData.model
} }
// 获取使用统计Responses API: response.completed -> response.usage // 使用强化的usage提取函数
if (eventData.type === 'response.completed' && eventData.response) { const { usageData: extractedUsage, actualModel: extractedModel } =
if (eventData.response.model) { extractUsageDataRobust(
actualModel = eventData.response.model eventData,
} `stream-event-${isFromFinalBuffer ? 'final' : 'normal'}`
if (eventData.response.usage) { )
usageData = eventData.response.usage
logger.debug('Captured Azure OpenAI nested usage (response.usage):', usageData) if (extractedUsage && !usageData) {
usageData = extractedUsage
if (extractedModel) {
actualModel = extractedModel
} }
logger.debug(`🎯 Stream usage captured via robust extraction`, {
isFromFinalBuffer,
usageData,
actualModel
})
} }
// 兼容 Chat Completions 风格(顶层 usage // 原有的简单提取作为备用
if (!usageData && eventData.usage) { if (!usageData) {
usageData = eventData.usage // 获取使用统计Responses API: response.completed -> response.usage
logger.debug('Captured Azure OpenAI usage (top-level):', usageData) if (eventData.type === 'response.completed' && eventData.response) {
} if (eventData.response.model) {
actualModel = eventData.response.model
}
if (eventData.response.usage) {
usageData = eventData.response.usage
logger.debug('🎯 Stream usage (backup method - response.usage):', usageData)
}
}
// 检查是否是完成事件 // 兼容 Chat Completions 风格(顶层 usage
if (eventData.choices && eventData.choices[0] && eventData.choices[0].finish_reason) { if (!usageData && eventData.usage) {
// 这是最后一个 chunk usageData = eventData.usage
logger.debug('🎯 Stream usage (backup method - top-level):', usageData)
}
} }
} catch (e) { } catch (e) {
// 忽略解析错误 logger.debug('SSE parsing error (expected for incomplete chunks):', e.message)
} }
} }
} }
@@ -387,10 +412,19 @@ function handleStreamResponse(upstreamResponse, clientResponse, options = {}) {
// 同时解析数据以捕获 usage 信息,带缓冲区大小限制 // 同时解析数据以捕获 usage 信息,带缓冲区大小限制
buffer += chunkStr buffer += chunkStr
// 防止缓冲区过大 // 保留最后的chunks用于最终usage提取不被truncate影响
finalChunksBuffer += chunkStr
if (finalChunksBuffer.length > FINAL_CHUNKS_SIZE) {
finalChunksBuffer = finalChunksBuffer.slice(-FINAL_CHUNKS_SIZE)
}
// 防止主缓冲区过大 - 但保持最后部分用于usage解析
if (buffer.length > MAX_BUFFER_SIZE) { if (buffer.length > MAX_BUFFER_SIZE) {
logger.warn(`Stream ${streamId} buffer exceeded limit, truncating`) logger.warn(
buffer = buffer.slice(-MAX_BUFFER_SIZE / 2) // 保留后一半 `Stream ${streamId} buffer exceeded limit, truncating main buffer but preserving final chunks`
)
// 保留最后1/4而不是1/2为usage数据留更多空间
buffer = buffer.slice(-MAX_BUFFER_SIZE / 4)
} }
// 处理完整的 SSE 事件 // 处理完整的 SSE 事件
@@ -426,9 +460,91 @@ function handleStreamResponse(upstreamResponse, clientResponse, options = {}) {
hasEnded = true hasEnded = true
try { try {
// 处理剩余的 buffer logger.debug(`🔚 Stream ended, performing comprehensive usage extraction for ${streamId}`, {
if (buffer.trim() && buffer.length <= MAX_EVENT_SIZE) { mainBufferSize: buffer.length,
parseSSEForUsage(buffer) finalChunksBufferSize: finalChunksBuffer.length,
parsedEventsCount: allParsedEvents.length,
hasUsageData: !!usageData
})
// 多层次的最终usage提取策略
if (!usageData) {
logger.debug('🔍 No usage found during stream, trying final extraction methods...')
// 方法1: 解析剩余的主buffer
if (buffer.trim() && buffer.length <= MAX_EVENT_SIZE) {
parseSSEForUsage(buffer, false)
}
// 方法2: 解析保留的final chunks buffer
if (!usageData && finalChunksBuffer.trim()) {
logger.debug('🔍 Trying final chunks buffer for usage extraction...')
parseSSEForUsage(finalChunksBuffer, true)
}
// 方法3: 从所有解析的事件中重新搜索usage
if (!usageData && allParsedEvents.length > 0) {
logger.debug('🔍 Searching through all parsed events for usage...')
// 倒序查找因为usage通常在最后
for (let i = allParsedEvents.length - 1; i >= 0; i--) {
const { usageData: foundUsage, actualModel: foundModel } = extractUsageDataRobust(
allParsedEvents[i],
`final-event-scan-${i}`
)
if (foundUsage) {
usageData = foundUsage
if (foundModel) {
actualModel = foundModel
}
logger.debug(`🎯 Usage found in event ${i} during final scan!`)
break
}
}
}
// 方法4: 尝试合并所有事件并搜索
if (!usageData && allParsedEvents.length > 0) {
logger.debug('🔍 Trying combined events analysis...')
const combinedData = {
events: allParsedEvents,
lastEvent: allParsedEvents[allParsedEvents.length - 1],
eventCount: allParsedEvents.length
}
const { usageData: combinedUsage } = extractUsageDataRobust(
combinedData,
'combined-events'
)
if (combinedUsage) {
usageData = combinedUsage
logger.debug('🎯 Usage found via combined events analysis!')
}
}
}
// 最终usage状态报告
if (usageData) {
logger.debug('✅ Final stream usage extraction SUCCESS', {
streamId,
usageData,
actualModel,
totalEvents: allParsedEvents.length,
finalBufferSize: finalChunksBuffer.length
})
} else {
logger.warn('❌ Final stream usage extraction FAILED', {
streamId,
totalEvents: allParsedEvents.length,
finalBufferSize: finalChunksBuffer.length,
mainBufferSize: buffer.length,
lastFewEvents: allParsedEvents.slice(-3).map((e) => ({
type: e.type,
hasUsage: !!e.usage,
hasResponse: !!e.response,
keys: Object.keys(e)
}))
})
} }
if (onEnd) { if (onEnd) {
@@ -484,6 +600,120 @@ function handleStreamResponse(upstreamResponse, clientResponse, options = {}) {
}) })
} }
// 强化的用量数据提取函数
function extractUsageDataRobust(responseData, context = 'unknown') {
logger.debug(`🔍 Attempting usage extraction for ${context}`, {
responseDataKeys: Object.keys(responseData || {}),
responseDataType: typeof responseData,
hasUsage: !!responseData?.usage,
hasResponse: !!responseData?.response
})
let usageData = null
let actualModel = null
try {
// 策略 1: 顶层 usage (标准 Chat Completions)
if (responseData?.usage) {
usageData = responseData.usage
actualModel = responseData.model
logger.debug('✅ Usage extracted via Strategy 1 (top-level)', { usageData, actualModel })
}
// 策略 2: response.usage (Responses API)
else if (responseData?.response?.usage) {
usageData = responseData.response.usage
actualModel = responseData.response.model || responseData.model
logger.debug('✅ Usage extracted via Strategy 2 (response.usage)', { usageData, actualModel })
}
// 策略 3: 嵌套搜索 - 深度查找 usage 字段
else {
const findUsageRecursive = (obj, path = '') => {
if (!obj || typeof obj !== 'object') {
return null
}
for (const [key, value] of Object.entries(obj)) {
const currentPath = path ? `${path}.${key}` : key
if (key === 'usage' && value && typeof value === 'object') {
logger.debug(`✅ Usage found at path: ${currentPath}`, value)
return { usage: value, path: currentPath }
}
if (typeof value === 'object' && value !== null) {
const nested = findUsageRecursive(value, currentPath)
if (nested) {
return nested
}
}
}
return null
}
const found = findUsageRecursive(responseData)
if (found) {
usageData = found.usage
// Try to find model in the same parent object
const pathParts = found.path.split('.')
pathParts.pop() // remove 'usage'
let modelParent = responseData
for (const part of pathParts) {
modelParent = modelParent?.[part]
}
actualModel = modelParent?.model || responseData?.model
logger.debug('✅ Usage extracted via Strategy 3 (recursive)', {
usageData,
actualModel,
foundPath: found.path
})
}
}
// 策略 4: 特殊响应格式处理
if (!usageData) {
// 检查是否有 choices 数组usage 可能在最后一个 choice 中
if (responseData?.choices?.length > 0) {
const lastChoice = responseData.choices[responseData.choices.length - 1]
if (lastChoice?.usage) {
usageData = lastChoice.usage
actualModel = responseData.model || lastChoice.model
logger.debug('✅ Usage extracted via Strategy 4 (choices)', { usageData, actualModel })
}
}
}
// 最终验证和记录
if (usageData) {
logger.debug('🎯 Final usage extraction result', {
context,
usageData,
actualModel,
inputTokens: usageData.prompt_tokens || usageData.input_tokens || 0,
outputTokens: usageData.completion_tokens || usageData.output_tokens || 0,
totalTokens: usageData.total_tokens || 0
})
} else {
logger.warn('❌ Failed to extract usage data', {
context,
responseDataStructure: `${JSON.stringify(responseData, null, 2).substring(0, 1000)}...`,
availableKeys: Object.keys(responseData || {}),
responseSize: JSON.stringify(responseData || {}).length
})
}
} catch (extractionError) {
logger.error('🚨 Error during usage extraction', {
context,
error: extractionError.message,
stack: extractionError.stack,
responseDataType: typeof responseData
})
}
return { usageData, actualModel }
}
// 处理非流式响应 // 处理非流式响应
function handleNonStreamResponse(upstreamResponse, clientResponse) { function handleNonStreamResponse(upstreamResponse, clientResponse) {
try { try {
@@ -510,9 +740,8 @@ function handleNonStreamResponse(upstreamResponse, clientResponse) {
const responseData = upstreamResponse.data const responseData = upstreamResponse.data
clientResponse.json(responseData) clientResponse.json(responseData)
// 提取 usage 数据 // 使用强化的用量提取
const usageData = responseData.usage const { usageData, actualModel } = extractUsageDataRobust(responseData, 'non-stream')
const actualModel = responseData.model
return { usageData, actualModel, responseData } return { usageData, actualModel, responseData }
} catch (error) { } catch (error) {

290
src/services/claudeAccountService.js
View File

@@ -15,6 +15,7 @@ const {
} = require('../utils/tokenRefreshLogger') } = require('../utils/tokenRefreshLogger')
const tokenRefreshService = require('./tokenRefreshService') const tokenRefreshService = require('./tokenRefreshService')
const LRUCache = require('../utils/lruCache') const LRUCache = require('../utils/lruCache')
const { formatDateWithTimezone, getISOStringWithTimezone } = require('../utils/dateHelper')
class ClaudeAccountService { class ClaudeAccountService {
constructor() { constructor() {
@@ -57,7 +58,8 @@ class ClaudeAccountService {
platform = 'claude', platform = 'claude',
priority = 50, // 调度优先级 (1-100数字越小优先级越高) priority = 50, // 调度优先级 (1-100数字越小优先级越高)
schedulable = true, // 是否可被调度 schedulable = true, // 是否可被调度
subscriptionInfo = null // 手动设置的订阅信息 subscriptionInfo = null, // 手动设置的订阅信息
autoStopOnWarning = false // 5小时使用量接近限制时自动停止调度
} = options } = options
const accountId = uuidv4() const accountId = uuidv4()
@@ -88,6 +90,7 @@ class ClaudeAccountService {
status: 'active', // 有OAuth数据的账户直接设为active status: 'active', // 有OAuth数据的账户直接设为active
errorMessage: '', errorMessage: '',
schedulable: schedulable.toString(), // 是否可被调度 schedulable: schedulable.toString(), // 是否可被调度
autoStopOnWarning: autoStopOnWarning.toString(), // 5小时使用量接近限制时自动停止调度
// 优先使用手动设置的订阅信息否则使用OAuth数据中的否则默认为空 // 优先使用手动设置的订阅信息否则使用OAuth数据中的否则默认为空
subscriptionInfo: subscriptionInfo subscriptionInfo: subscriptionInfo
? JSON.stringify(subscriptionInfo) ? JSON.stringify(subscriptionInfo)
@@ -118,6 +121,7 @@ class ClaudeAccountService {
status: 'created', // created, active, expired, error status: 'created', // created, active, expired, error
errorMessage: '', errorMessage: '',
schedulable: schedulable.toString(), // 是否可被调度 schedulable: schedulable.toString(), // 是否可被调度
autoStopOnWarning: autoStopOnWarning.toString(), // 5小时使用量接近限制时自动停止调度
// 手动设置的订阅信息 // 手动设置的订阅信息
subscriptionInfo: subscriptionInfo ? JSON.stringify(subscriptionInfo) : '' subscriptionInfo: subscriptionInfo ? JSON.stringify(subscriptionInfo) : ''
} }
@@ -158,7 +162,8 @@ class ClaudeAccountService {
status: accountData.status, status: accountData.status,
createdAt: accountData.createdAt, createdAt: accountData.createdAt,
expiresAt: accountData.expiresAt, expiresAt: accountData.expiresAt,
scopes: claudeAiOauth ? claudeAiOauth.scopes : [] scopes: claudeAiOauth ? claudeAiOauth.scopes : [],
autoStopOnWarning
} }
} }
@@ -479,7 +484,11 @@ class ClaudeAccountService {
lastRequestTime: null lastRequestTime: null
}, },
// 添加调度状态 // 添加调度状态
schedulable: account.schedulable !== 'false' // 默认为true兼容历史数据 schedulable: account.schedulable !== 'false', // 默认为true兼容历史数据
// 添加自动停止调度设置
autoStopOnWarning: account.autoStopOnWarning === 'true', // 默认为false
// 添加停止原因
stoppedReason: account.stoppedReason || null
} }
}) })
) )
@@ -512,7 +521,8 @@ class ClaudeAccountService {
'accountType', 'accountType',
'priority', 'priority',
'schedulable', 'schedulable',
'subscriptionInfo' 'subscriptionInfo',
'autoStopOnWarning'
] ]
const updatedData = { ...accountData } const updatedData = { ...accountData }
@@ -634,7 +644,10 @@ class ClaudeAccountService {
const accounts = await redis.getAllClaudeAccounts() const accounts = await redis.getAllClaudeAccounts()
let activeAccounts = accounts.filter( let activeAccounts = accounts.filter(
(account) => account.isActive === 'true' && account.status !== 'error' (account) =>
account.isActive === 'true' &&
account.status !== 'error' &&
account.schedulable !== 'false'
) )
// 如果请求的是 Opus 模型,过滤掉 Pro 和 Free 账号 // 如果请求的是 Opus 模型,过滤掉 Pro 和 Free 账号
@@ -721,7 +734,12 @@ class ClaudeAccountService {
// 如果API Key绑定了专属账户优先使用 // 如果API Key绑定了专属账户优先使用
if (apiKeyData.claudeAccountId) { if (apiKeyData.claudeAccountId) {
const boundAccount = await redis.getClaudeAccount(apiKeyData.claudeAccountId) const boundAccount = await redis.getClaudeAccount(apiKeyData.claudeAccountId)
if (boundAccount && boundAccount.isActive === 'true' && boundAccount.status !== 'error') { if (
boundAccount &&
boundAccount.isActive === 'true' &&
boundAccount.status !== 'error' &&
boundAccount.schedulable !== 'false'
) {
logger.info( logger.info(
`🎯 Using bound dedicated account: ${boundAccount.name} (${apiKeyData.claudeAccountId}) for API key ${apiKeyData.name}` `🎯 Using bound dedicated account: ${boundAccount.name} (${apiKeyData.claudeAccountId}) for API key ${apiKeyData.name}`
) )
@@ -740,6 +758,7 @@ class ClaudeAccountService {
(account) => (account) =>
account.isActive === 'true' && account.isActive === 'true' &&
account.status !== 'error' && account.status !== 'error' &&
account.schedulable !== 'false' &&
(account.accountType === 'shared' || !account.accountType) // 兼容旧数据 (account.accountType === 'shared' || !account.accountType) // 兼容旧数据
) )
@@ -1100,8 +1119,8 @@ class ClaudeAccountService {
platform: 'claude-oauth', platform: 'claude-oauth',
status: 'error', status: 'error',
errorCode: 'CLAUDE_OAUTH_RATE_LIMITED', errorCode: 'CLAUDE_OAUTH_RATE_LIMITED',
reason: `Account rate limited (429 error). ${rateLimitResetTimestamp ? `Reset at: ${new Date(rateLimitResetTimestamp * 1000).toISOString()}` : 'Estimated reset in 1-5 hours'}`, reason: `Account rate limited (429 error). ${rateLimitResetTimestamp ? `Reset at: ${formatDateWithTimezone(rateLimitResetTimestamp)}` : 'Estimated reset in 1-5 hours'}`,
timestamp: new Date().toISOString() timestamp: getISOStringWithTimezone(new Date())
}) })
} catch (webhookError) { } catch (webhookError) {
logger.error('Failed to send rate limit webhook notification:', webhookError) logger.error('Failed to send rate limit webhook notification:', webhookError)
@@ -1272,6 +1291,42 @@ class ClaudeAccountService {
accountData.sessionWindowEnd = windowEnd.toISOString() accountData.sessionWindowEnd = windowEnd.toISOString()
accountData.lastRequestTime = now.toISOString() accountData.lastRequestTime = now.toISOString()
// 清除会话窗口状态,因为进入了新窗口
if (accountData.sessionWindowStatus) {
delete accountData.sessionWindowStatus
delete accountData.sessionWindowStatusUpdatedAt
}
// 如果账户因为5小时限制被自动停止现在恢复调度
if (
accountData.autoStoppedAt &&
accountData.schedulable === 'false' &&
accountData.stoppedReason === '5小时使用量接近限制自动停止调度'
) {
logger.info(
`✅ Auto-resuming scheduling for account ${accountData.name} (${accountId}) - new session window started`
)
accountData.schedulable = 'true'
delete accountData.stoppedReason
delete accountData.autoStoppedAt
// 发送Webhook通知
try {
const webhookNotifier = require('../utils/webhookNotifier')
await webhookNotifier.sendAccountAnomalyNotification({
accountId,
accountName: accountData.name || 'Claude Account',
platform: 'claude',
status: 'resumed',
errorCode: 'CLAUDE_5H_LIMIT_RESUMED',
reason: '进入新的5小时窗口已自动恢复调度',
timestamp: getISOStringWithTimezone(new Date())
})
} catch (webhookError) {
logger.error('Failed to send webhook notification:', webhookError)
}
}
logger.info( logger.info(
`🕐 Created new session window for account ${accountData.name} (${accountId}): ${windowStart.toISOString()} - ${windowEnd.toISOString()} (from current time)` `🕐 Created new session window for account ${accountData.name} (${accountId}): ${windowStart.toISOString()} - ${windowEnd.toISOString()} (from current time)`
) )
@@ -1317,7 +1372,8 @@ class ClaudeAccountService {
windowEnd: null, windowEnd: null,
progress: 0, progress: 0,
remainingTime: null, remainingTime: null,
lastRequestTime: accountData.lastRequestTime || null lastRequestTime: accountData.lastRequestTime || null,
sessionWindowStatus: accountData.sessionWindowStatus || null
} }
} }
@@ -1334,7 +1390,8 @@ class ClaudeAccountService {
windowEnd: accountData.sessionWindowEnd, windowEnd: accountData.sessionWindowEnd,
progress: 100, progress: 100,
remainingTime: 0, remainingTime: 0,
lastRequestTime: accountData.lastRequestTime || null lastRequestTime: accountData.lastRequestTime || null,
sessionWindowStatus: accountData.sessionWindowStatus || null
} }
} }
@@ -1352,7 +1409,8 @@ class ClaudeAccountService {
windowEnd: accountData.sessionWindowEnd, windowEnd: accountData.sessionWindowEnd,
progress, progress,
remainingTime, remainingTime,
lastRequestTime: accountData.lastRequestTime || null lastRequestTime: accountData.lastRequestTime || null,
sessionWindowStatus: accountData.sessionWindowStatus || null
} }
} catch (error) { } catch (error) {
logger.error(`❌ Failed to get session window info for account ${accountId}:`, error) logger.error(`❌ Failed to get session window info for account ${accountId}:`, error)
@@ -1708,6 +1766,9 @@ class ClaudeAccountService {
delete updatedAccountData.rateLimitedAt delete updatedAccountData.rateLimitedAt
delete updatedAccountData.rateLimitStatus delete updatedAccountData.rateLimitStatus
delete updatedAccountData.rateLimitEndAt delete updatedAccountData.rateLimitEndAt
delete updatedAccountData.tempErrorAt
delete updatedAccountData.sessionWindowStart
delete updatedAccountData.sessionWindowEnd
// 保存更新后的账户数据 // 保存更新后的账户数据
await redis.setClaudeAccount(accountId, updatedAccountData) await redis.setClaudeAccount(accountId, updatedAccountData)
@@ -1720,6 +1781,10 @@ class ClaudeAccountService {
const rateLimitKey = `ratelimit:${accountId}` const rateLimitKey = `ratelimit:${accountId}`
await redis.client.del(rateLimitKey) await redis.client.del(rateLimitKey)
// 清除5xx错误计数
const serverErrorKey = `claude_account:${accountId}:5xx_errors`
await redis.client.del(serverErrorKey)
logger.info( logger.info(
`✅ Successfully reset all error states for account ${accountData.name} (${accountId})` `✅ Successfully reset all error states for account ${accountData.name} (${accountId})`
) )
@@ -1738,6 +1803,209 @@ class ClaudeAccountService {
throw error throw error
} }
} }
// 🧹 清理临时错误账户
async cleanupTempErrorAccounts() {
try {
const accounts = await redis.getAllClaudeAccounts()
let cleanedCount = 0
const TEMP_ERROR_RECOVERY_MINUTES = 5 // 临时错误状态恢复时间(分钟)
for (const account of accounts) {
if (account.status === 'temp_error' && account.tempErrorAt) {
const tempErrorAt = new Date(account.tempErrorAt)
const now = new Date()
const minutesSinceTempError = (now - tempErrorAt) / (1000 * 60)
// 如果临时错误状态超过指定时间,尝试重新激活
if (minutesSinceTempError > TEMP_ERROR_RECOVERY_MINUTES) {
account.status = 'active' // 恢复为 active 状态
account.schedulable = 'true' // 恢复为可调度
delete account.errorMessage
delete account.tempErrorAt
await redis.setClaudeAccount(account.id, account)
// 同时清除500错误计数
await this.clearInternalErrors(account.id)
cleanedCount++
logger.success(`🧹 Reset temp_error status for account ${account.name} (${account.id})`)
}
}
}
if (cleanedCount > 0) {
logger.success(`🧹 Reset ${cleanedCount} temp_error accounts`)
}
return cleanedCount
} catch (error) {
logger.error('❌ Failed to cleanup temp_error accounts:', error)
return 0
}
}
// 记录5xx服务器错误
async recordServerError(accountId, statusCode) {
try {
const key = `claude_account:${accountId}:5xx_errors`
// 增加错误计数设置5分钟过期时间
await redis.client.incr(key)
await redis.client.expire(key, 300) // 5分钟
logger.info(`📝 Recorded ${statusCode} error for account ${accountId}`)
} catch (error) {
logger.error(`❌ Failed to record ${statusCode} error for account ${accountId}:`, error)
}
}
// 记录500内部错误(保留以便向后兼容)
async recordInternalError(accountId) {
return this.recordServerError(accountId, 500)
}
// 获取5xx错误计数
async getServerErrorCount(accountId) {
try {
const key = `claude_account:${accountId}:5xx_errors`
const count = await redis.client.get(key)
return parseInt(count) || 0
} catch (error) {
logger.error(`❌ Failed to get 5xx error count for account ${accountId}:`, error)
return 0
}
}
// 获取500错误计数(保留以便向后兼容)
async getInternalErrorCount(accountId) {
return this.getServerErrorCount(accountId)
}
// 清除500错误计数
async clearInternalErrors(accountId) {
try {
const key = `claude_account:${accountId}:5xx_errors`
await redis.client.del(key)
logger.info(`✅ Cleared 5xx error count for account ${accountId}`)
} catch (error) {
logger.error(`❌ Failed to clear 5xx errors for account ${accountId}:`, error)
}
}
// 标记账号为临时错误状态
async markAccountTempError(accountId, sessionHash = null) {
try {
const accountData = await redis.getClaudeAccount(accountId)
if (!accountData || Object.keys(accountData).length === 0) {
throw new Error('Account not found')
}
// 更新账户状态
const updatedAccountData = { ...accountData }
updatedAccountData.status = 'temp_error' // 新增的临时错误状态
updatedAccountData.schedulable = 'false' // 设置为不可调度
updatedAccountData.errorMessage = 'Account temporarily disabled due to consecutive 500 errors'
updatedAccountData.tempErrorAt = new Date().toISOString()
// 保存更新后的账户数据
await redis.setClaudeAccount(accountId, updatedAccountData)
// 如果有sessionHash删除粘性会话映射
if (sessionHash) {
await redis.client.del(`sticky_session:${sessionHash}`)
logger.info(`🗑️ Deleted sticky session mapping for hash: ${sessionHash}`)
}
logger.warn(
`⚠️ Account ${accountData.name} (${accountId}) marked as temp_error and disabled for scheduling`
)
// 发送Webhook通知
try {
const webhookNotifier = require('../utils/webhookNotifier')
await webhookNotifier.sendAccountAnomalyNotification({
accountId,
accountName: accountData.name,
platform: 'claude-oauth',
status: 'temp_error',
errorCode: 'CLAUDE_OAUTH_TEMP_ERROR',
reason: 'Account temporarily disabled due to consecutive 500 errors'
})
} catch (webhookError) {
logger.error('Failed to send webhook notification:', webhookError)
}
return { success: true }
} catch (error) {
logger.error(`❌ Failed to mark account ${accountId} as temp_error:`, error)
throw error
}
}
// 更新会话窗口状态allowed, allowed_warning, rejected
async updateSessionWindowStatus(accountId, status) {
try {
// 参数验证
if (!accountId || !status) {
logger.warn(
`Invalid parameters for updateSessionWindowStatus: accountId=${accountId}, status=${status}`
)
return
}
const accountData = await redis.getClaudeAccount(accountId)
if (!accountData || Object.keys(accountData).length === 0) {
logger.warn(`Account not found: ${accountId}`)
return
}
// 验证状态值是否有效
const validStatuses = ['allowed', 'allowed_warning', 'rejected']
if (!validStatuses.includes(status)) {
logger.warn(`Invalid session window status: ${status} for account ${accountId}`)
return
}
// 更新会话窗口状态
accountData.sessionWindowStatus = status
accountData.sessionWindowStatusUpdatedAt = new Date().toISOString()
// 如果状态是 allowed_warning 且账户设置了自动停止调度
if (status === 'allowed_warning' && accountData.autoStopOnWarning === 'true') {
logger.warn(
`⚠️ Account ${accountData.name} (${accountId}) approaching 5h limit, auto-stopping scheduling`
)
accountData.schedulable = 'false'
accountData.stoppedReason = '5小时使用量接近限制自动停止调度'
accountData.autoStoppedAt = new Date().toISOString()
// 发送Webhook通知
try {
const webhookNotifier = require('../utils/webhookNotifier')
await webhookNotifier.sendAccountAnomalyNotification({
accountId,
accountName: accountData.name || 'Claude Account',
platform: 'claude',
status: 'warning',
errorCode: 'CLAUDE_5H_LIMIT_WARNING',
reason: '5小时使用量接近限制已自动停止调度',
timestamp: getISOStringWithTimezone(new Date())
})
} catch (webhookError) {
logger.error('Failed to send webhook notification:', webhookError)
}
}
await redis.setClaudeAccount(accountId, accountData)
logger.info(
`📊 Updated session window status for account ${accountData.name} (${accountId}): ${status}`
)
} catch (error) {
logger.error(`❌ Failed to update session window status for account ${accountId}:`, error)
}
}
} }
module.exports = new ClaudeAccountService() module.exports = new ClaudeAccountService()

141
src/services/claudeConsoleAccountService.js
View File

@@ -369,6 +369,7 @@ class ClaudeConsoleAccountService {
// 发送Webhook通知 // 发送Webhook通知
try { try {
const webhookNotifier = require('../utils/webhookNotifier') const webhookNotifier = require('../utils/webhookNotifier')
const { getISOStringWithTimezone } = require('../utils/dateHelper')
await webhookNotifier.sendAccountAnomalyNotification({ await webhookNotifier.sendAccountAnomalyNotification({
accountId, accountId,
accountName: account.name || 'Claude Console Account', accountName: account.name || 'Claude Console Account',
@@ -376,7 +377,7 @@ class ClaudeConsoleAccountService {
status: 'error', status: 'error',
errorCode: 'CLAUDE_CONSOLE_RATE_LIMITED', errorCode: 'CLAUDE_CONSOLE_RATE_LIMITED',
reason: `Account rate limited (429 error). ${account.rateLimitDuration ? `Will be blocked for ${account.rateLimitDuration} hours` : 'Temporary rate limit'}`, reason: `Account rate limited (429 error). ${account.rateLimitDuration ? `Will be blocked for ${account.rateLimitDuration} hours` : 'Temporary rate limit'}`,
timestamp: new Date().toISOString() timestamp: getISOStringWithTimezone(new Date())
}) })
} catch (webhookError) { } catch (webhookError) {
logger.error('Failed to send rate limit webhook notification:', webhookError) logger.error('Failed to send rate limit webhook notification:', webhookError)
@@ -453,6 +454,144 @@ class ClaudeConsoleAccountService {
} }
} }
// 🚫 标记账号为未授权状态401错误
async markAccountUnauthorized(accountId) {
try {
const client = redis.getClientSafe()
const account = await this.getAccount(accountId)
if (!account) {
throw new Error('Account not found')
}
const updates = {
schedulable: 'false',
status: 'unauthorized',
errorMessage: 'API Key无效或已过期401错误',
unauthorizedAt: new Date().toISOString(),
unauthorizedCount: String((parseInt(account.unauthorizedCount || '0') || 0) + 1)
}
await client.hset(`${this.ACCOUNT_KEY_PREFIX}${accountId}`, updates)
// 发送Webhook通知
try {
const webhookNotifier = require('../utils/webhookNotifier')
await webhookNotifier.sendAccountAnomalyNotification({
accountId,
accountName: account.name || 'Claude Console Account',
platform: 'claude-console',
status: 'error',
errorCode: 'CLAUDE_CONSOLE_UNAUTHORIZED',
reason: 'API Key无效或已过期401错误账户已停止调度',
timestamp: new Date().toISOString()
})
} catch (webhookError) {
logger.error('Failed to send unauthorized webhook notification:', webhookError)
}
logger.warn(
`🚫 Claude Console account marked as unauthorized: ${account.name} (${accountId})`
)
return { success: true }
} catch (error) {
logger.error(`❌ Failed to mark Claude Console account as unauthorized: ${accountId}`, error)
throw error
}
}
// 🚫 标记账号为过载状态529错误
async markAccountOverloaded(accountId) {
try {
const client = redis.getClientSafe()
const account = await this.getAccount(accountId)
if (!account) {
throw new Error('Account not found')
}
const updates = {
overloadedAt: new Date().toISOString(),
overloadStatus: 'overloaded',
errorMessage: '服务过载529错误'
}
await client.hset(`${this.ACCOUNT_KEY_PREFIX}${accountId}`, updates)
// 发送Webhook通知
try {
const webhookNotifier = require('../utils/webhookNotifier')
await webhookNotifier.sendAccountAnomalyNotification({
accountId,
accountName: account.name || 'Claude Console Account',
platform: 'claude-console',
status: 'error',
errorCode: 'CLAUDE_CONSOLE_OVERLOADED',
reason: '服务过载529错误。账户将暂时停止调度',
timestamp: new Date().toISOString()
})
} catch (webhookError) {
logger.error('Failed to send overload webhook notification:', webhookError)
}
logger.warn(`🚫 Claude Console account marked as overloaded: ${account.name} (${accountId})`)
return { success: true }
} catch (error) {
logger.error(`❌ Failed to mark Claude Console account as overloaded: ${accountId}`, error)
throw error
}
}
// ✅ 移除账号的过载状态
async removeAccountOverload(accountId) {
try {
const client = redis.getClientSafe()
await client.hdel(`${this.ACCOUNT_KEY_PREFIX}${accountId}`, 'overloadedAt', 'overloadStatus')
logger.success(`✅ Overload status removed for Claude Console account: ${accountId}`)
return { success: true }
} catch (error) {
logger.error(
`❌ Failed to remove overload status for Claude Console account: ${accountId}`,
error
)
throw error
}
}
// 🔍 检查账号是否处于过载状态
async isAccountOverloaded(accountId) {
try {
const account = await this.getAccount(accountId)
if (!account) {
return false
}
if (account.overloadStatus === 'overloaded' && account.overloadedAt) {
const overloadedAt = new Date(account.overloadedAt)
const now = new Date()
const minutesSinceOverload = (now - overloadedAt) / (1000 * 60)
// 过载状态持续10分钟后自动恢复
if (minutesSinceOverload >= 10) {
await this.removeAccountOverload(accountId)
return false
}
return true
}
return false
} catch (error) {
logger.error(
`❌ Failed to check overload status for Claude Console account: ${accountId}`,
error
)
return false
}
}
// 🚫 标记账号为封锁状态(模型不支持等原因) // 🚫 标记账号为封锁状态(模型不支持等原因)
async blockAccount(accountId, reason) { async blockAccount(accountId, reason) {
try { try {

41
src/services/claudeConsoleRelayService.js
View File

@@ -175,16 +175,26 @@ class ClaudeConsoleRelayService {
`[DEBUG] Response data preview: ${typeof response.data === 'string' ? response.data.substring(0, 200) : JSON.stringify(response.data).substring(0, 200)}` `[DEBUG] Response data preview: ${typeof response.data === 'string' ? response.data.substring(0, 200) : JSON.stringify(response.data).substring(0, 200)}`
) )
// 检查是否为限流错误 // 检查错误状态并相应处理
if (response.status === 429) { if (response.status === 401) {
logger.warn(`🚫 Unauthorized error detected for Claude Console account ${accountId}`)
await claudeConsoleAccountService.markAccountUnauthorized(accountId)
} else if (response.status === 429) {
logger.warn(`🚫 Rate limit detected for Claude Console account ${accountId}`) logger.warn(`🚫 Rate limit detected for Claude Console account ${accountId}`)
await claudeConsoleAccountService.markAccountRateLimited(accountId) await claudeConsoleAccountService.markAccountRateLimited(accountId)
} else if (response.status === 529) {
logger.warn(`🚫 Overload error detected for Claude Console account ${accountId}`)
await claudeConsoleAccountService.markAccountOverloaded(accountId)
} else if (response.status === 200 || response.status === 201) { } else if (response.status === 200 || response.status === 201) {
// 如果请求成功,检查并移除限流状态 // 如果请求成功,检查并移除错误状态
const isRateLimited = await claudeConsoleAccountService.isAccountRateLimited(accountId) const isRateLimited = await claudeConsoleAccountService.isAccountRateLimited(accountId)
if (isRateLimited) { if (isRateLimited) {
await claudeConsoleAccountService.removeAccountRateLimit(accountId) await claudeConsoleAccountService.removeAccountRateLimit(accountId)
} }
const isOverloaded = await claudeConsoleAccountService.isAccountOverloaded(accountId)
if (isOverloaded) {
await claudeConsoleAccountService.removeAccountOverload(accountId)
}
} }
// 更新最后使用时间 // 更新最后使用时间
@@ -363,8 +373,12 @@ class ClaudeConsoleRelayService {
if (response.status !== 200) { if (response.status !== 200) {
logger.error(`❌ Claude Console API returned error status: ${response.status}`) logger.error(`❌ Claude Console API returned error status: ${response.status}`)
if (response.status === 429) { if (response.status === 401) {
claudeConsoleAccountService.markAccountUnauthorized(accountId)
} else if (response.status === 429) {
claudeConsoleAccountService.markAccountRateLimited(accountId) claudeConsoleAccountService.markAccountRateLimited(accountId)
} else if (response.status === 529) {
claudeConsoleAccountService.markAccountOverloaded(accountId)
} }
// 设置错误响应的状态码和响应头 // 设置错误响应的状态码和响应头
@@ -396,12 +410,17 @@ class ClaudeConsoleRelayService {
return return
} }
// 成功响应,检查并移除限流状态 // 成功响应,检查并移除错误状态
claudeConsoleAccountService.isAccountRateLimited(accountId).then((isRateLimited) => { claudeConsoleAccountService.isAccountRateLimited(accountId).then((isRateLimited) => {
if (isRateLimited) { if (isRateLimited) {
claudeConsoleAccountService.removeAccountRateLimit(accountId) claudeConsoleAccountService.removeAccountRateLimit(accountId)
} }
}) })
claudeConsoleAccountService.isAccountOverloaded(accountId).then((isOverloaded) => {
if (isOverloaded) {
claudeConsoleAccountService.removeAccountOverload(accountId)
}
})
// 设置响应头 // 设置响应头
if (!responseStream.headersSent) { if (!responseStream.headersSent) {
@@ -564,9 +583,15 @@ class ClaudeConsoleRelayService {
logger.error('❌ Claude Console Claude stream request error:', error.message) logger.error('❌ Claude Console Claude stream request error:', error.message)
// 检查是否是429错误 // 检查错误状态
if (error.response && error.response.status === 429) { if (error.response) {
claudeConsoleAccountService.markAccountRateLimited(accountId) if (error.response.status === 401) {
claudeConsoleAccountService.markAccountUnauthorized(accountId)
} else if (error.response.status === 429) {
claudeConsoleAccountService.markAccountRateLimited(accountId)
} else if (error.response.status === 529) {
claudeConsoleAccountService.markAccountOverloaded(accountId)
}
} }
// 发送错误响应 // 发送错误响应

104
src/services/claudeRelayService.js
View File

@@ -180,15 +180,15 @@ class ClaudeRelayService {
// 记录401错误 // 记录401错误
await this.recordUnauthorizedError(accountId) await this.recordUnauthorizedError(accountId)
// 检查是否需要标记为异常(连续3次401 // 检查是否需要标记为异常(遇到1次401就停止调度
const errorCount = await this.getUnauthorizedErrorCount(accountId) const errorCount = await this.getUnauthorizedErrorCount(accountId)
logger.info( logger.info(
`🔐 Account ${accountId} has ${errorCount} consecutive 401 errors in the last 5 minutes` `🔐 Account ${accountId} has ${errorCount} consecutive 401 errors in the last 5 minutes`
) )
if (errorCount >= 3) { if (errorCount >= 1) {
logger.error( logger.error(
`❌ Account ${accountId} exceeded 401 error threshold (${errorCount} errors), marking as unauthorized` `❌ Account ${accountId} encountered 401 error (${errorCount} errors), marking as unauthorized`
) )
await unifiedClaudeScheduler.markAccountUnauthorized( await unifiedClaudeScheduler.markAccountUnauthorized(
accountId, accountId,
@@ -197,6 +197,23 @@ class ClaudeRelayService {
) )
} }
} }
// 检查是否为5xx状态码
else if (response.statusCode >= 500 && response.statusCode < 600) {
logger.warn(`🔥 Server error (${response.statusCode}) detected for account ${accountId}`)
// 记录5xx错误
await claudeAccountService.recordServerError(accountId, response.statusCode)
// 检查是否需要标记为临时错误状态连续3次500
const errorCount = await claudeAccountService.getServerErrorCount(accountId)
logger.info(
`🔥 Account ${accountId} has ${errorCount} consecutive 5xx errors in the last 5 minutes`
)
if (errorCount > 10) {
logger.error(
`❌ Account ${accountId} exceeded 5xx error threshold (${errorCount} errors), marking as temp_error`
)
await claudeAccountService.markAccountTempError(accountId, sessionHash)
}
}
// 检查是否为429状态码 // 检查是否为429状态码
else if (response.statusCode === 429) { else if (response.statusCode === 429) {
isRateLimited = true isRateLimited = true
@@ -247,8 +264,30 @@ class ClaudeRelayService {
) )
} }
} else if (response.statusCode === 200 || response.statusCode === 201) { } else if (response.statusCode === 200 || response.statusCode === 201) {
// 请求成功清除401错误计数 // 提取5小时会话窗口状态
// 使用大小写不敏感的方式获取响应头
const get5hStatus = (headers) => {
if (!headers) {
return null
}
// HTTP头部名称不区分大小写需要处理不同情况
return (
headers['anthropic-ratelimit-unified-5h-status'] ||
headers['Anthropic-Ratelimit-Unified-5h-Status'] ||
headers['ANTHROPIC-RATELIMIT-UNIFIED-5H-STATUS']
)
}
const sessionWindowStatus = get5hStatus(response.headers)
if (sessionWindowStatus) {
logger.info(`📊 Session window status for account ${accountId}: ${sessionWindowStatus}`)
// 保存会话窗口状态到账户数据
await claudeAccountService.updateSessionWindowStatus(accountId, sessionWindowStatus)
}
// 请求成功清除401和500错误计数
await this.clearUnauthorizedErrors(accountId) await this.clearUnauthorizedErrors(accountId)
await claudeAccountService.clearInternalErrors(accountId)
// 如果请求成功,检查并移除限流状态 // 如果请求成功,检查并移除限流状态
const isRateLimited = await unifiedClaudeScheduler.isAccountRateLimited( const isRateLimited = await unifiedClaudeScheduler.isAccountRateLimited(
accountId, accountId,
@@ -436,7 +475,10 @@ class ClaudeRelayService {
const modelConfig = pricingData[model] const modelConfig = pricingData[model]
if (!modelConfig) { if (!modelConfig) {
logger.debug(`🔍 Model ${model} not found in pricing file, skipping max_tokens validation`) // 如果找不到模型配置,直接透传客户端参数,不进行任何干预
logger.info(
`📝 Model ${model} not found in pricing file, passing through client parameters without modification`
)
return return
} }
@@ -883,6 +925,34 @@ class ClaudeRelayService {
// 错误响应处理 // 错误响应处理
if (res.statusCode !== 200) { if (res.statusCode !== 200) {
// 将错误处理逻辑封装在一个异步函数中
const handleErrorResponse = async () => {
// 增加对5xx错误的处理
if (res.statusCode >= 500 && res.statusCode < 600) {
logger.warn(
`🔥 [Stream] Server error (${res.statusCode}) detected for account ${accountId}`
)
// 记录5xx错误
await claudeAccountService.recordServerError(accountId, res.statusCode)
// 检查是否需要标记为临时错误状态连续3次500
const errorCount = await claudeAccountService.getServerErrorCount(accountId)
logger.info(
`🔥 [Stream] Account ${accountId} has ${errorCount} consecutive 5xx errors in the last 5 minutes`
)
if (errorCount > 10) {
logger.error(
`❌ [Stream] Account ${accountId} exceeded 5xx error threshold (${errorCount} errors), marking as temp_error`
)
await claudeAccountService.markAccountTempError(accountId, sessionHash)
}
}
}
// 调用异步错误处理函数
handleErrorResponse().catch((err) => {
logger.error('❌ Error in stream error handler:', err)
})
logger.error(`❌ Claude API returned error status: ${res.statusCode}`) logger.error(`❌ Claude API returned error status: ${res.statusCode}`)
let errorData = '' let errorData = ''
@@ -1143,6 +1213,27 @@ class ClaudeRelayService {
usageCallback(finalUsage) usageCallback(finalUsage)
} }
// 提取5小时会话窗口状态
// 使用大小写不敏感的方式获取响应头
const get5hStatus = (headers) => {
if (!headers) {
return null
}
// HTTP头部名称不区分大小写需要处理不同情况
return (
headers['anthropic-ratelimit-unified-5h-status'] ||
headers['Anthropic-Ratelimit-Unified-5h-Status'] ||
headers['ANTHROPIC-RATELIMIT-UNIFIED-5H-STATUS']
)
}
const sessionWindowStatus = get5hStatus(res.headers)
if (sessionWindowStatus) {
logger.info(`📊 Session window status for account ${accountId}: ${sessionWindowStatus}`)
// 保存会话窗口状态到账户数据
await claudeAccountService.updateSessionWindowStatus(accountId, sessionWindowStatus)
}
// 处理限流状态 // 处理限流状态
if (rateLimitDetected || res.statusCode === 429) { if (rateLimitDetected || res.statusCode === 429) {
// 提取限流重置时间戳 // 提取限流重置时间戳
@@ -1162,6 +1253,9 @@ class ClaudeRelayService {
rateLimitResetTimestamp rateLimitResetTimestamp
) )
} else if (res.statusCode === 200) { } else if (res.statusCode === 200) {
// 请求成功清除401和500错误计数
await this.clearUnauthorizedErrors(accountId)
await claudeAccountService.clearInternalErrors(accountId)
// 如果请求成功,检查并移除限流状态 // 如果请求成功,检查并移除限流状态
const isRateLimited = await unifiedClaudeScheduler.isAccountRateLimited( const isRateLimited = await unifiedClaudeScheduler.isAccountRateLimited(
accountId, accountId,

135
src/services/geminiAccountService.js
View File

@@ -138,11 +138,19 @@ function createOAuth2Client(redirectUri = null, proxyConfig = null) {
return new OAuth2Client(clientOptions) return new OAuth2Client(clientOptions)
} }
// 生成授权 URL (支持 PKCE) // 生成授权 URL (支持 PKCE 和代理)
async function generateAuthUrl(state = null, redirectUri = null) { async function generateAuthUrl(state = null, redirectUri = null, proxyConfig = null) {
// 使用新的 redirect URI // 使用新的 redirect URI
const finalRedirectUri = redirectUri || 'https://codeassist.google.com/authcode' const finalRedirectUri = redirectUri || 'https://codeassist.google.com/authcode'
const oAuth2Client = createOAuth2Client(finalRedirectUri) const oAuth2Client = createOAuth2Client(finalRedirectUri, proxyConfig)
if (proxyConfig) {
logger.info(
`🌐 Using proxy for Gemini auth URL generation: ${ProxyHelper.getProxyDescription(proxyConfig)}`
)
} else {
logger.debug('🌐 No proxy configured for Gemini auth URL generation')
}
// 生成 PKCE code verifier // 生成 PKCE code verifier
const codeVerifier = await oAuth2Client.generateCodeVerifierAsync() const codeVerifier = await oAuth2Client.generateCodeVerifierAsync()
@@ -965,12 +973,10 @@ async function getAccountRateLimitInfo(accountId) {
} }
} }
// 获取配置的OAuth客户端 - 参考GeminiCliSimulator的getOauthClient方法 // 获取配置的OAuth客户端 - 参考GeminiCliSimulator的getOauthClient方法(支持代理)
async function getOauthClient(accessToken, refreshToken) { async function getOauthClient(accessToken, refreshToken, proxyConfig = null) {
const client = new OAuth2Client({ const client = createOAuth2Client(null, proxyConfig)
clientId: OAUTH_CLIENT_ID,
clientSecret: OAUTH_CLIENT_SECRET
})
const creds = { const creds = {
access_token: accessToken, access_token: accessToken,
refresh_token: refreshToken, refresh_token: refreshToken,
@@ -980,6 +986,14 @@ async function getOauthClient(accessToken, refreshToken) {
expiry_date: 1754269905646 expiry_date: 1754269905646
} }
if (proxyConfig) {
logger.info(
`🌐 Using proxy for Gemini OAuth client: ${ProxyHelper.getProxyDescription(proxyConfig)}`
)
} else {
logger.debug('🌐 No proxy configured for Gemini OAuth client')
}
// 设置凭据 // 设置凭据
client.setCredentials(creds) client.setCredentials(creds)
@@ -996,8 +1010,8 @@ async function getOauthClient(accessToken, refreshToken) {
return client return client
} }
// 调用 Google Code Assist API 的 loadCodeAssist 方法 // 调用 Google Code Assist API 的 loadCodeAssist 方法(支持代理)
async function loadCodeAssist(client, projectId = null) { async function loadCodeAssist(client, projectId = null, proxyConfig = null) {
const axios = require('axios') const axios = require('axios')
const CODE_ASSIST_ENDPOINT = 'https://cloudcode-pa.googleapis.com' const CODE_ASSIST_ENDPOINT = 'https://cloudcode-pa.googleapis.com'
const CODE_ASSIST_API_VERSION = 'v1internal' const CODE_ASSIST_API_VERSION = 'v1internal'
@@ -1017,7 +1031,7 @@ async function loadCodeAssist(client, projectId = null) {
metadata: clientMetadata metadata: clientMetadata
} }
const response = await axios({ const axiosConfig = {
url: `${CODE_ASSIST_ENDPOINT}/${CODE_ASSIST_API_VERSION}:loadCodeAssist`, url: `${CODE_ASSIST_ENDPOINT}/${CODE_ASSIST_API_VERSION}:loadCodeAssist`,
method: 'POST', method: 'POST',
headers: { headers: {
@@ -1026,7 +1040,20 @@ async function loadCodeAssist(client, projectId = null) {
}, },
data: request, data: request,
timeout: 30000 timeout: 30000
}) }
// 添加代理配置
const proxyAgent = ProxyHelper.createProxyAgent(proxyConfig)
if (proxyAgent) {
axiosConfig.httpsAgent = proxyAgent
logger.info(
`🌐 Using proxy for Gemini loadCodeAssist: ${ProxyHelper.getProxyDescription(proxyConfig)}`
)
} else {
logger.debug('🌐 No proxy configured for Gemini loadCodeAssist')
}
const response = await axios(axiosConfig)
logger.info('📋 loadCodeAssist API调用成功') logger.info('📋 loadCodeAssist API调用成功')
return response.data return response.data
@@ -1059,8 +1086,8 @@ function getOnboardTier(loadRes) {
} }
} }
// 调用 Google Code Assist API 的 onboardUser 方法(包含轮询逻辑) // 调用 Google Code Assist API 的 onboardUser 方法(包含轮询逻辑,支持代理
async function onboardUser(client, tierId, projectId, clientMetadata) { async function onboardUser(client, tierId, projectId, clientMetadata, proxyConfig = null) {
const axios = require('axios') const axios = require('axios')
const CODE_ASSIST_ENDPOINT = 'https://cloudcode-pa.googleapis.com' const CODE_ASSIST_ENDPOINT = 'https://cloudcode-pa.googleapis.com'
const CODE_ASSIST_API_VERSION = 'v1internal' const CODE_ASSIST_API_VERSION = 'v1internal'
@@ -1073,15 +1100,8 @@ async function onboardUser(client, tierId, projectId, clientMetadata) {
metadata: clientMetadata metadata: clientMetadata
} }
logger.info('📋 开始onboardUser API调用', { // 创建基础axios配置
tierId, const baseAxiosConfig = {
projectId,
hasProjectId: !!projectId,
isFreeTier: tierId === 'free-tier' || tierId === 'FREE'
})
// 轮询onboardUser直到长运行操作完成
let lroRes = await axios({
url: `${CODE_ASSIST_ENDPOINT}/${CODE_ASSIST_API_VERSION}:onboardUser`, url: `${CODE_ASSIST_ENDPOINT}/${CODE_ASSIST_API_VERSION}:onboardUser`,
method: 'POST', method: 'POST',
headers: { headers: {
@@ -1090,8 +1110,29 @@ async function onboardUser(client, tierId, projectId, clientMetadata) {
}, },
data: onboardReq, data: onboardReq,
timeout: 30000 timeout: 30000
}
// 添加代理配置
const proxyAgent = ProxyHelper.createProxyAgent(proxyConfig)
if (proxyAgent) {
baseAxiosConfig.httpsAgent = proxyAgent
logger.info(
`🌐 Using proxy for Gemini onboardUser: ${ProxyHelper.getProxyDescription(proxyConfig)}`
)
} else {
logger.debug('🌐 No proxy configured for Gemini onboardUser')
}
logger.info('📋 开始onboardUser API调用', {
tierId,
projectId,
hasProjectId: !!projectId,
isFreeTier: tierId === 'free-tier' || tierId === 'FREE'
}) })
// 轮询onboardUser直到长运行操作完成
let lroRes = await axios(baseAxiosConfig)
let attempts = 0 let attempts = 0
const maxAttempts = 12 // 最多等待1分钟5秒 * 12次 const maxAttempts = 12 // 最多等待1分钟5秒 * 12次
@@ -1099,17 +1140,7 @@ async function onboardUser(client, tierId, projectId, clientMetadata) {
logger.info(`⏳ 等待onboardUser完成... (${attempts + 1}/${maxAttempts})`) logger.info(`⏳ 等待onboardUser完成... (${attempts + 1}/${maxAttempts})`)
await new Promise((resolve) => setTimeout(resolve, 5000)) await new Promise((resolve) => setTimeout(resolve, 5000))
lroRes = await axios({ lroRes = await axios(baseAxiosConfig)
url: `${CODE_ASSIST_ENDPOINT}/${CODE_ASSIST_API_VERSION}:onboardUser`,
method: 'POST',
headers: {
Authorization: `Bearer ${token}`,
'Content-Type': 'application/json'
},
data: onboardReq,
timeout: 30000
})
attempts++ attempts++
} }
@@ -1121,8 +1152,13 @@ async function onboardUser(client, tierId, projectId, clientMetadata) {
return lroRes.data return lroRes.data
} }
// 完整的用户设置流程 - 参考setup.ts的逻辑 // 完整的用户设置流程 - 参考setup.ts的逻辑(支持代理)
async function setupUser(client, initialProjectId = null, clientMetadata = null) { async function setupUser(
client,
initialProjectId = null,
clientMetadata = null,
proxyConfig = null
) {
logger.info('🚀 setupUser 开始', { initialProjectId, hasClientMetadata: !!clientMetadata }) logger.info('🚀 setupUser 开始', { initialProjectId, hasClientMetadata: !!clientMetadata })
let projectId = initialProjectId || process.env.GOOGLE_CLOUD_PROJECT || null let projectId = initialProjectId || process.env.GOOGLE_CLOUD_PROJECT || null
@@ -1141,7 +1177,7 @@ async function setupUser(client, initialProjectId = null, clientMetadata = null)
// 调用loadCodeAssist // 调用loadCodeAssist
logger.info('📞 调用 loadCodeAssist...') logger.info('📞 调用 loadCodeAssist...')
const loadRes = await loadCodeAssist(client, projectId) const loadRes = await loadCodeAssist(client, projectId, proxyConfig)
logger.info('✅ loadCodeAssist 完成', { logger.info('✅ loadCodeAssist 完成', {
hasCloudaicompanionProject: !!loadRes.cloudaicompanionProject hasCloudaicompanionProject: !!loadRes.cloudaicompanionProject
}) })
@@ -1164,7 +1200,7 @@ async function setupUser(client, initialProjectId = null, clientMetadata = null)
// 调用onboardUser // 调用onboardUser
logger.info('📞 调用 onboardUser...', { tierId: tier.id, projectId }) logger.info('📞 调用 onboardUser...', { tierId: tier.id, projectId })
const lroRes = await onboardUser(client, tier.id, projectId, clientMetadata) const lroRes = await onboardUser(client, tier.id, projectId, clientMetadata, proxyConfig)
logger.info('✅ onboardUser 完成', { hasDone: !!lroRes.done, hasResponse: !!lroRes.response }) logger.info('✅ onboardUser 完成', { hasDone: !!lroRes.done, hasResponse: !!lroRes.response })
const result = { const result = {
@@ -1178,8 +1214,8 @@ async function setupUser(client, initialProjectId = null, clientMetadata = null)
return result return result
} }
// 调用 Code Assist API 计算 token 数量 // 调用 Code Assist API 计算 token 数量(支持代理)
async function countTokens(client, contents, model = 'gemini-2.0-flash-exp') { async function countTokens(client, contents, model = 'gemini-2.0-flash-exp', proxyConfig = null) {
const axios = require('axios') const axios = require('axios')
const CODE_ASSIST_ENDPOINT = 'https://cloudcode-pa.googleapis.com' const CODE_ASSIST_ENDPOINT = 'https://cloudcode-pa.googleapis.com'
const CODE_ASSIST_API_VERSION = 'v1internal' const CODE_ASSIST_API_VERSION = 'v1internal'
@@ -1196,7 +1232,7 @@ async function countTokens(client, contents, model = 'gemini-2.0-flash-exp') {
logger.info('📊 countTokens API调用开始', { model, contentsLength: contents.length }) logger.info('📊 countTokens API调用开始', { model, contentsLength: contents.length })
const response = await axios({ const axiosConfig = {
url: `${CODE_ASSIST_ENDPOINT}/${CODE_ASSIST_API_VERSION}:countTokens`, url: `${CODE_ASSIST_ENDPOINT}/${CODE_ASSIST_API_VERSION}:countTokens`,
method: 'POST', method: 'POST',
headers: { headers: {
@@ -1205,7 +1241,20 @@ async function countTokens(client, contents, model = 'gemini-2.0-flash-exp') {
}, },
data: request, data: request,
timeout: 30000 timeout: 30000
}) }
// 添加代理配置
const proxyAgent = ProxyHelper.createProxyAgent(proxyConfig)
if (proxyAgent) {
axiosConfig.httpsAgent = proxyAgent
logger.info(
`🌐 Using proxy for Gemini countTokens: ${ProxyHelper.getProxyDescription(proxyConfig)}`
)
} else {
logger.debug('🌐 No proxy configured for Gemini countTokens')
}
const response = await axios(axiosConfig)
logger.info('✅ countTokens API调用成功', { totalTokens: response.data.totalTokens }) logger.info('✅ countTokens API调用成功', { totalTokens: response.data.totalTokens })
return response.data return response.data

626
src/services/ldapService.js Normal file
View File

@@ -0,0 +1,626 @@
const ldap = require('ldapjs')
const logger = require('../utils/logger')
const config = require('../../config/config')
const userService = require('./userService')
class LdapService {
constructor() {
this.config = config.ldap || {}
this.client = null
// 验证配置 - 只有在 LDAP 配置存在且启用时才验证
if (this.config && this.config.enabled) {
this.validateConfiguration()
}
}
// 🔍 验证LDAP配置
validateConfiguration() {
const errors = []
if (!this.config.server) {
errors.push('LDAP server configuration is missing')
} else {
if (!this.config.server.url || typeof this.config.server.url !== 'string') {
errors.push('LDAP server URL is not configured or invalid')
}
if (!this.config.server.bindDN || typeof this.config.server.bindDN !== 'string') {
errors.push('LDAP bind DN is not configured or invalid')
}
if (
!this.config.server.bindCredentials ||
typeof this.config.server.bindCredentials !== 'string'
) {
errors.push('LDAP bind credentials are not configured or invalid')
}
if (!this.config.server.searchBase || typeof this.config.server.searchBase !== 'string') {
errors.push('LDAP search base is not configured or invalid')
}
if (!this.config.server.searchFilter || typeof this.config.server.searchFilter !== 'string') {
errors.push('LDAP search filter is not configured or invalid')
}
}
if (errors.length > 0) {
logger.error('❌ LDAP configuration validation failed:', errors)
// Don't throw error during initialization, just log warnings
logger.warn('⚠️ LDAP authentication may not work properly due to configuration errors')
} else {
logger.info('✅ LDAP configuration validation passed')
}
}
// 🔍 提取LDAP条目的DN
extractDN(ldapEntry) {
if (!ldapEntry) {
return null
}
// Try different ways to get the DN
let dn = null
// Method 1: Direct dn property
if (ldapEntry.dn) {
;({ dn } = ldapEntry)
}
// Method 2: objectName property (common in some LDAP implementations)
else if (ldapEntry.objectName) {
dn = ldapEntry.objectName
}
// Method 3: distinguishedName property
else if (ldapEntry.distinguishedName) {
dn = ldapEntry.distinguishedName
}
// Method 4: Check if the entry itself is a DN string
else if (typeof ldapEntry === 'string' && ldapEntry.includes('=')) {
dn = ldapEntry
}
// Convert DN to string if it's an object
if (dn && typeof dn === 'object') {
if (dn.toString && typeof dn.toString === 'function') {
dn = dn.toString()
} else if (dn.dn && typeof dn.dn === 'string') {
;({ dn } = dn)
}
}
// Validate the DN format
if (typeof dn === 'string' && dn.trim() !== '' && dn.includes('=')) {
return dn.trim()
}
return null
}
// 🔗 创建LDAP客户端连接
createClient() {
try {
const clientOptions = {
url: this.config.server.url,
timeout: this.config.server.timeout,
connectTimeout: this.config.server.connectTimeout,
reconnect: true
}
// 如果使用 LDAPS (SSL/TLS),添加 TLS 选项
if (this.config.server.url.toLowerCase().startsWith('ldaps://')) {
const tlsOptions = {}
// 证书验证设置
if (this.config.server.tls) {
if (typeof this.config.server.tls.rejectUnauthorized === 'boolean') {
tlsOptions.rejectUnauthorized = this.config.server.tls.rejectUnauthorized
}
// CA 证书
if (this.config.server.tls.ca) {
tlsOptions.ca = this.config.server.tls.ca
}
// 客户端证书和私钥 (双向认证)
if (this.config.server.tls.cert) {
tlsOptions.cert = this.config.server.tls.cert
}
if (this.config.server.tls.key) {
tlsOptions.key = this.config.server.tls.key
}
// 服务器名称 (SNI)
if (this.config.server.tls.servername) {
tlsOptions.servername = this.config.server.tls.servername
}
}
clientOptions.tlsOptions = tlsOptions
logger.debug('🔒 Creating LDAPS client with TLS options:', {
url: this.config.server.url,
rejectUnauthorized: tlsOptions.rejectUnauthorized,
hasCA: !!tlsOptions.ca,
hasCert: !!tlsOptions.cert,
hasKey: !!tlsOptions.key,
servername: tlsOptions.servername
})
}
const client = ldap.createClient(clientOptions)
// 设置错误处理
client.on('error', (err) => {
if (err.code === 'CERT_HAS_EXPIRED' || err.code === 'UNABLE_TO_VERIFY_LEAF_SIGNATURE') {
logger.error('🔒 LDAP TLS certificate error:', {
code: err.code,
message: err.message,
hint: 'Consider setting LDAP_TLS_REJECT_UNAUTHORIZED=false for self-signed certificates'
})
} else {
logger.error('🔌 LDAP client error:', err)
}
})
client.on('connect', () => {
if (this.config.server.url.toLowerCase().startsWith('ldaps://')) {
logger.info('🔒 LDAPS client connected successfully')
} else {
logger.info('🔗 LDAP client connected successfully')
}
})
client.on('connectTimeout', () => {
logger.warn('⏱️ LDAP connection timeout')
})
return client
} catch (error) {
logger.error('❌ Failed to create LDAP client:', error)
throw error
}
}
// 🔒 绑定LDAP连接管理员认证
async bindClient(client) {
return new Promise((resolve, reject) => {
// 验证绑定凭据
const { bindDN } = this.config.server
const { bindCredentials } = this.config.server
if (!bindDN || typeof bindDN !== 'string') {
const error = new Error('LDAP bind DN is not configured or invalid')
logger.error('❌ LDAP configuration error:', error.message)
reject(error)
return
}
if (!bindCredentials || typeof bindCredentials !== 'string') {
const error = new Error('LDAP bind credentials are not configured or invalid')
logger.error('❌ LDAP configuration error:', error.message)
reject(error)
return
}
client.bind(bindDN, bindCredentials, (err) => {
if (err) {
logger.error('❌ LDAP bind failed:', err)
reject(err)
} else {
logger.debug('🔑 LDAP bind successful')
resolve()
}
})
})
}
// 🔍 搜索用户
async searchUser(client, username) {
return new Promise((resolve, reject) => {
// 防止LDAP注入转义特殊字符
// 根据RFC 4515需要转义的特殊字符* ( ) \ NUL
const escapedUsername = username
.replace(/\\/g, '\\5c') // 反斜杠必须先转义
.replace(/\*/g, '\\2a') // 星号
.replace(/\(/g, '\\28') // 左括号
.replace(/\)/g, '\\29') // 右括号
.replace(/\0/g, '\\00') // NUL字符
.replace(/\//g, '\\2f') // 斜杠
const searchFilter = this.config.server.searchFilter.replace('{{username}}', escapedUsername)
const searchOptions = {
scope: 'sub',
filter: searchFilter,
attributes: this.config.server.searchAttributes
}
logger.debug(`🔍 Searching for user: ${username} with filter: ${searchFilter}`)
const entries = []
client.search(this.config.server.searchBase, searchOptions, (err, res) => {
if (err) {
logger.error('❌ LDAP search error:', err)
reject(err)
return
}
res.on('searchEntry', (entry) => {
logger.debug('🔍 LDAP search entry received:', {
dn: entry.dn,
objectName: entry.objectName,
type: typeof entry.dn,
entryType: typeof entry,
hasAttributes: !!entry.attributes,
attributeCount: entry.attributes ? entry.attributes.length : 0
})
entries.push(entry)
})
res.on('searchReference', (referral) => {
logger.debug('🔗 LDAP search referral:', referral.uris)
})
res.on('error', (error) => {
logger.error('❌ LDAP search result error:', error)
reject(error)
})
res.on('end', (result) => {
logger.debug(
`✅ LDAP search completed. Status: ${result.status}, Found ${entries.length} entries`
)
if (entries.length === 0) {
resolve(null)
} else {
// Log the structure of the first entry for debugging
if (entries[0]) {
logger.debug('🔍 Full LDAP entry structure:', {
entryType: typeof entries[0],
entryConstructor: entries[0].constructor?.name,
entryKeys: Object.keys(entries[0]),
entryStringified: JSON.stringify(entries[0], null, 2).substring(0, 500)
})
}
if (entries.length === 1) {
resolve(entries[0])
} else {
logger.warn(`⚠️ Multiple LDAP entries found for username: ${username}`)
resolve(entries[0]) // 使用第一个结果
}
}
})
})
})
}
// 🔐 验证用户密码
async authenticateUser(userDN, password) {
return new Promise((resolve, reject) => {
// 验证输入参数
if (!userDN || typeof userDN !== 'string') {
const error = new Error('User DN is not provided or invalid')
logger.error('❌ LDAP authentication error:', error.message)
reject(error)
return
}
if (!password || typeof password !== 'string') {
logger.debug(`🚫 Invalid or empty password for DN: ${userDN}`)
resolve(false)
return
}
const authClient = this.createClient()
authClient.bind(userDN, password, (err) => {
authClient.unbind() // 立即关闭认证客户端
if (err) {
if (err.name === 'InvalidCredentialsError') {
logger.debug(`🚫 Invalid credentials for DN: ${userDN}`)
resolve(false)
} else {
logger.error('❌ LDAP authentication error:', err)
reject(err)
}
} else {
logger.debug(`✅ Authentication successful for DN: ${userDN}`)
resolve(true)
}
})
})
}
// 📝 提取用户信息
extractUserInfo(ldapEntry, username) {
try {
const attributes = ldapEntry.attributes || []
const userInfo = { username }
// 创建属性映射
const attrMap = {}
attributes.forEach((attr) => {
const name = attr.type || attr.name
const values = Array.isArray(attr.values) ? attr.values : [attr.values]
attrMap[name] = values.length === 1 ? values[0] : values
})
// 根据配置映射用户属性
const mapping = this.config.userMapping
userInfo.displayName = attrMap[mapping.displayName] || username
userInfo.email = attrMap[mapping.email] || ''
userInfo.firstName = attrMap[mapping.firstName] || ''
userInfo.lastName = attrMap[mapping.lastName] || ''
// 如果没有displayName尝试组合firstName和lastName
if (!userInfo.displayName || userInfo.displayName === username) {
if (userInfo.firstName || userInfo.lastName) {
userInfo.displayName = `${userInfo.firstName || ''} ${userInfo.lastName || ''}`.trim()
}
}
logger.debug('📋 Extracted user info:', {
username: userInfo.username,
displayName: userInfo.displayName,
email: userInfo.email
})
return userInfo
} catch (error) {
logger.error('❌ Error extracting user info:', error)
return { username }
}
}
// 🔍 验证和清理用户名
validateAndSanitizeUsername(username) {
if (!username || typeof username !== 'string' || username.trim() === '') {
throw new Error('Username is required and must be a non-empty string')
}
const trimmedUsername = username.trim()
// 用户名只能包含字母、数字、下划线和连字符
const usernameRegex = /^[a-zA-Z0-9_-]+$/
if (!usernameRegex.test(trimmedUsername)) {
throw new Error('Username can only contain letters, numbers, underscores, and hyphens')
}
// 长度限制 (防止过长的输入)
if (trimmedUsername.length > 64) {
throw new Error('Username cannot exceed 64 characters')
}
// 不能以连字符开头或结尾
if (trimmedUsername.startsWith('-') || trimmedUsername.endsWith('-')) {
throw new Error('Username cannot start or end with a hyphen')
}
return trimmedUsername
}
// 🔐 主要的登录验证方法
async authenticateUserCredentials(username, password) {
if (!this.config.enabled) {
throw new Error('LDAP authentication is not enabled')
}
// 验证和清理用户名 (防止LDAP注入)
const sanitizedUsername = this.validateAndSanitizeUsername(username)
if (!password || typeof password !== 'string' || password.trim() === '') {
throw new Error('Password is required and must be a non-empty string')
}
// 验证LDAP服务器配置
if (!this.config.server || !this.config.server.url) {
throw new Error('LDAP server URL is not configured')
}
if (!this.config.server.bindDN || typeof this.config.server.bindDN !== 'string') {
throw new Error('LDAP bind DN is not configured')
}
if (
!this.config.server.bindCredentials ||
typeof this.config.server.bindCredentials !== 'string'
) {
throw new Error('LDAP bind credentials are not configured')
}
if (!this.config.server.searchBase || typeof this.config.server.searchBase !== 'string') {
throw new Error('LDAP search base is not configured')
}
const client = this.createClient()
try {
// 1. 使用管理员凭据绑定
await this.bindClient(client)
// 2. 搜索用户 (使用已验证的用户名)
const ldapEntry = await this.searchUser(client, sanitizedUsername)
if (!ldapEntry) {
logger.info(`🚫 User not found in LDAP: ${sanitizedUsername}`)
return { success: false, message: 'Invalid username or password' }
}
// 3. 获取用户DN
logger.debug('🔍 LDAP entry details for DN extraction:', {
hasEntry: !!ldapEntry,
entryType: typeof ldapEntry,
entryKeys: Object.keys(ldapEntry || {}),
dn: ldapEntry.dn,
objectName: ldapEntry.objectName,
dnType: typeof ldapEntry.dn,
objectNameType: typeof ldapEntry.objectName
})
// Use the helper method to extract DN
const userDN = this.extractDN(ldapEntry)
logger.debug(`👤 Extracted user DN: ${userDN} (type: ${typeof userDN})`)
// 验证用户DN
if (!userDN) {
logger.error(`❌ Invalid or missing DN for user: ${sanitizedUsername}`, {
ldapEntryDn: ldapEntry.dn,
ldapEntryObjectName: ldapEntry.objectName,
ldapEntryType: typeof ldapEntry,
extractedDN: userDN
})
return { success: false, message: 'Authentication service error' }
}
// 4. 验证用户密码
const isPasswordValid = await this.authenticateUser(userDN, password)
if (!isPasswordValid) {
logger.info(`🚫 Invalid password for user: ${sanitizedUsername}`)
return { success: false, message: 'Invalid username or password' }
}
// 5. 提取用户信息
const userInfo = this.extractUserInfo(ldapEntry, sanitizedUsername)
// 6. 创建或更新本地用户
const user = await userService.createOrUpdateUser(userInfo)
// 7. 检查用户是否被禁用
if (!user.isActive) {
logger.security(
`🔒 Disabled user LDAP login attempt: ${sanitizedUsername} from LDAP authentication`
)
return {
success: false,
message: 'Your account has been disabled. Please contact administrator.'
}
}
// 8. 记录登录
await userService.recordUserLogin(user.id)
// 9. 创建用户会话
const sessionToken = await userService.createUserSession(user.id)
logger.info(`✅ LDAP authentication successful for user: ${sanitizedUsername}`)
return {
success: true,
user,
sessionToken,
message: 'Authentication successful'
}
} catch (error) {
// 记录详细错误供调试,但不向用户暴露
logger.error('❌ LDAP authentication error:', {
username: sanitizedUsername,
error: error.message,
stack: process.env.NODE_ENV === 'development' ? error.stack : undefined
})
// 返回通用错误消息,避免信息泄露
// 不要尝试解析具体的错误信息因为不同LDAP服务器返回的格式不同
return {
success: false,
message: 'Authentication service unavailable'
}
} finally {
// 确保客户端连接被关闭
if (client) {
client.unbind((err) => {
if (err) {
logger.debug('Error unbinding LDAP client:', err)
}
})
}
}
}
// 🔍 测试LDAP连接
async testConnection() {
if (!this.config.enabled) {
return { success: false, message: 'LDAP is not enabled' }
}
const client = this.createClient()
try {
await this.bindClient(client)
return {
success: true,
message: 'LDAP connection successful',
server: this.config.server.url,
searchBase: this.config.server.searchBase
}
} catch (error) {
logger.error('❌ LDAP connection test failed:', {
error: error.message,
server: this.config.server.url,
stack: process.env.NODE_ENV === 'development' ? error.stack : undefined
})
// 提供通用错误消息,避免泄露系统细节
let userMessage = 'LDAP connection failed'
// 对于某些已知错误类型,提供有用但不泄露细节的信息
if (error.code === 'ECONNREFUSED') {
userMessage = 'Unable to connect to LDAP server'
} else if (error.code === 'ETIMEDOUT') {
userMessage = 'LDAP server connection timeout'
} else if (error.name === 'InvalidCredentialsError') {
userMessage = 'LDAP bind credentials are invalid'
}
return {
success: false,
message: userMessage,
server: this.config.server.url.replace(/:[^:]*@/, ':***@') // 隐藏密码部分
}
} finally {
if (client) {
client.unbind((err) => {
if (err) {
logger.debug('Error unbinding test LDAP client:', err)
}
})
}
}
}
// 📊 获取LDAP配置信息不包含敏感信息
getConfigInfo() {
const configInfo = {
enabled: this.config.enabled,
server: {
url: this.config.server.url,
searchBase: this.config.server.searchBase,
searchFilter: this.config.server.searchFilter,
timeout: this.config.server.timeout,
connectTimeout: this.config.server.connectTimeout
},
userMapping: this.config.userMapping
}
// 添加 TLS 配置信息(不包含敏感数据)
if (this.config.server.url.toLowerCase().startsWith('ldaps://') && this.config.server.tls) {
configInfo.server.tls = {
rejectUnauthorized: this.config.server.tls.rejectUnauthorized,
hasCA: !!this.config.server.tls.ca,
hasCert: !!this.config.server.tls.cert,
hasKey: !!this.config.server.tls.key,
servername: this.config.server.tls.servername
}
}
return configInfo
}
}
module.exports = new LdapService()

2
src/services/openaiAccountService.js
View File

@@ -502,6 +502,8 @@ async function getAllAccounts() {
// 不解密敏感字段,只返回基本信息 // 不解密敏感字段,只返回基本信息
accounts.push({ accounts.push({
...accountData, ...accountData,
isActive: accountData.isActive === 'true',
schedulable: accountData.schedulable !== 'false',
openaiOauth: accountData.openaiOauth ? '[ENCRYPTED]' : '', openaiOauth: accountData.openaiOauth ? '[ENCRYPTED]' : '',
accessToken: accountData.accessToken ? '[ENCRYPTED]' : '', accessToken: accountData.accessToken ? '[ENCRYPTED]' : '',
refreshToken: accountData.refreshToken ? '[ENCRYPTED]' : '', refreshToken: accountData.refreshToken ? '[ENCRYPTED]' : '',

114
src/services/pricingService.js
View File

@@ -45,6 +45,7 @@ class PricingService {
'claude-sonnet-3-5': 0.000006, 'claude-sonnet-3-5': 0.000006,
'claude-sonnet-3-7': 0.000006, 'claude-sonnet-3-7': 0.000006,
'claude-sonnet-4': 0.000006, 'claude-sonnet-4': 0.000006,
'claude-sonnet-4-20250514': 0.000006,
// Haiku 系列: $1.6/MTok // Haiku 系列: $1.6/MTok
'claude-3-5-haiku': 0.0000016, 'claude-3-5-haiku': 0.0000016,
@@ -55,6 +56,17 @@ class PricingService {
'claude-haiku-3': 0.0000016, 'claude-haiku-3': 0.0000016,
'claude-haiku-3-5': 0.0000016 'claude-haiku-3-5': 0.0000016
} }
// 硬编码的 1M 上下文模型价格(美元/token
// 当总输入 tokens 超过 200k 时使用这些价格
this.longContextPricing = {
// claude-sonnet-4-20250514[1m] 模型的 1M 上下文价格
'claude-sonnet-4-20250514[1m]': {
input: 0.000006, // $6/MTok
output: 0.0000225 // $22.50/MTok
}
// 未来可以添加更多 1M 模型的价格
}
} }
// 初始化价格服务 // 初始化价格服务
@@ -249,6 +261,7 @@ class PricingService {
// 尝试直接匹配 // 尝试直接匹配
if (this.pricingData[modelName]) { if (this.pricingData[modelName]) {
logger.debug(`💰 Found exact pricing match for ${modelName}`)
return this.pricingData[modelName] return this.pricingData[modelName]
} }
@@ -293,6 +306,22 @@ class PricingService {
return null return null
} }
// 确保价格对象包含缓存价格
ensureCachePricing(pricing) {
if (!pricing) {
return pricing
}
// 如果缺少缓存价格根据输入价格计算缓存创建价格通常是输入价格的1.25倍缓存读取是0.1倍)
if (!pricing.cache_creation_input_token_cost && pricing.input_cost_per_token) {
pricing.cache_creation_input_token_cost = pricing.input_cost_per_token * 1.25
}
if (!pricing.cache_read_input_token_cost && pricing.input_cost_per_token) {
pricing.cache_read_input_token_cost = pricing.input_cost_per_token * 0.1
}
return pricing
}
// 获取 1 小时缓存价格 // 获取 1 小时缓存价格
getEphemeral1hPricing(modelName) { getEphemeral1hPricing(modelName) {
if (!modelName) { if (!modelName) {
@@ -329,9 +358,40 @@ class PricingService {
// 计算使用费用 // 计算使用费用
calculateCost(usage, modelName) { calculateCost(usage, modelName) {
// 检查是否为 1M 上下文模型
const isLongContextModel = modelName && modelName.includes('[1m]')
let isLongContextRequest = false
let useLongContextPricing = false
if (isLongContextModel) {
// 计算总输入 tokens
const inputTokens = usage.input_tokens || 0
const cacheCreationTokens = usage.cache_creation_input_tokens || 0
const cacheReadTokens = usage.cache_read_input_tokens || 0
const totalInputTokens = inputTokens + cacheCreationTokens + cacheReadTokens
// 如果总输入超过 200k使用 1M 上下文价格
if (totalInputTokens > 200000) {
isLongContextRequest = true
// 检查是否有硬编码的 1M 价格
if (this.longContextPricing[modelName]) {
useLongContextPricing = true
} else {
// 如果没有找到硬编码价格,使用第一个 1M 模型的价格作为默认
const defaultLongContextModel = Object.keys(this.longContextPricing)[0]
if (defaultLongContextModel) {
useLongContextPricing = true
logger.warn(
`⚠️ No specific 1M pricing for ${modelName}, using default from ${defaultLongContextModel}`
)
}
}
}
}
const pricing = this.getModelPricing(modelName) const pricing = this.getModelPricing(modelName)
if (!pricing) { if (!pricing && !useLongContextPricing) {
return { return {
inputCost: 0, inputCost: 0,
outputCost: 0, outputCost: 0,
@@ -340,14 +400,35 @@ class PricingService {
ephemeral5mCost: 0, ephemeral5mCost: 0,
ephemeral1hCost: 0, ephemeral1hCost: 0,
totalCost: 0, totalCost: 0,
hasPricing: false hasPricing: false,
isLongContextRequest: false
} }
} }
const inputCost = (usage.input_tokens || 0) * (pricing.input_cost_per_token || 0) let inputCost = 0
const outputCost = (usage.output_tokens || 0) * (pricing.output_cost_per_token || 0) let outputCost = 0
if (useLongContextPricing) {
// 使用 1M 上下文特殊价格(仅输入和输出价格改变)
const longContextPrices =
this.longContextPricing[modelName] ||
this.longContextPricing[Object.keys(this.longContextPricing)[0]]
inputCost = (usage.input_tokens || 0) * longContextPrices.input
outputCost = (usage.output_tokens || 0) * longContextPrices.output
logger.info(
`💰 Using 1M context pricing for ${modelName}: input=$${longContextPrices.input}/token, output=$${longContextPrices.output}/token`
)
} else {
// 使用正常价格
inputCost = (usage.input_tokens || 0) * (pricing?.input_cost_per_token || 0)
outputCost = (usage.output_tokens || 0) * (pricing?.output_cost_per_token || 0)
}
// 缓存价格保持不变(即使对于 1M 模型)
const cacheReadCost = const cacheReadCost =
(usage.cache_read_input_tokens || 0) * (pricing.cache_read_input_token_cost || 0) (usage.cache_read_input_tokens || 0) * (pricing?.cache_read_input_token_cost || 0)
// 处理缓存创建费用: // 处理缓存创建费用:
// 1. 如果有详细的 cache_creation 对象,使用它 // 1. 如果有详细的 cache_creation 对象,使用它
@@ -362,7 +443,7 @@ class PricingService {
const ephemeral1hTokens = usage.cache_creation.ephemeral_1h_input_tokens || 0 const ephemeral1hTokens = usage.cache_creation.ephemeral_1h_input_tokens || 0
// 5分钟缓存使用标准的 cache_creation_input_token_cost // 5分钟缓存使用标准的 cache_creation_input_token_cost
ephemeral5mCost = ephemeral5mTokens * (pricing.cache_creation_input_token_cost || 0) ephemeral5mCost = ephemeral5mTokens * (pricing?.cache_creation_input_token_cost || 0)
// 1小时缓存使用硬编码的价格 // 1小时缓存使用硬编码的价格
const ephemeral1hPrice = this.getEphemeral1hPricing(modelName) const ephemeral1hPrice = this.getEphemeral1hPricing(modelName)
@@ -373,7 +454,7 @@ class PricingService {
} else if (usage.cache_creation_input_tokens) { } else if (usage.cache_creation_input_tokens) {
// 旧格式,所有缓存创建 tokens 都按 5 分钟价格计算(向后兼容) // 旧格式,所有缓存创建 tokens 都按 5 分钟价格计算(向后兼容)
cacheCreateCost = cacheCreateCost =
(usage.cache_creation_input_tokens || 0) * (pricing.cache_creation_input_token_cost || 0) (usage.cache_creation_input_tokens || 0) * (pricing?.cache_creation_input_token_cost || 0)
ephemeral5mCost = cacheCreateCost ephemeral5mCost = cacheCreateCost
} }
@@ -386,11 +467,22 @@ class PricingService {
ephemeral1hCost, ephemeral1hCost,
totalCost: inputCost + outputCost + cacheCreateCost + cacheReadCost, totalCost: inputCost + outputCost + cacheCreateCost + cacheReadCost,
hasPricing: true, hasPricing: true,
isLongContextRequest,
pricing: { pricing: {
input: pricing.input_cost_per_token || 0, input: useLongContextPricing
output: pricing.output_cost_per_token || 0, ? (
cacheCreate: pricing.cache_creation_input_token_cost || 0, this.longContextPricing[modelName] ||
cacheRead: pricing.cache_read_input_token_cost || 0, this.longContextPricing[Object.keys(this.longContextPricing)[0]]
)?.input || 0
: pricing?.input_cost_per_token || 0,
output: useLongContextPricing
? (
this.longContextPricing[modelName] ||
this.longContextPricing[Object.keys(this.longContextPricing)[0]]
)?.output || 0
: pricing?.output_cost_per_token || 0,
cacheCreate: pricing?.cache_creation_input_token_cost || 0,
cacheRead: pricing?.cache_read_input_token_cost || 0,
ephemeral1h: this.getEphemeral1hPricing(modelName) ephemeral1h: this.getEphemeral1hPricing(modelName)
} }
} }

35
src/services/unifiedClaudeScheduler.js
View File

@@ -176,7 +176,8 @@ class UnifiedClaudeScheduler {
boundAccount && boundAccount &&
boundAccount.isActive === 'true' && boundAccount.isActive === 'true' &&
boundAccount.status !== 'error' && boundAccount.status !== 'error' &&
boundAccount.status !== 'blocked' boundAccount.status !== 'blocked' &&
boundAccount.status !== 'temp_error'
) { ) {
const isRateLimited = await claudeAccountService.isAccountRateLimited(boundAccount.id) const isRateLimited = await claudeAccountService.isAccountRateLimited(boundAccount.id)
if (!isRateLimited) { if (!isRateLimited) {
@@ -262,6 +263,7 @@ class UnifiedClaudeScheduler {
account.isActive === 'true' && account.isActive === 'true' &&
account.status !== 'error' && account.status !== 'error' &&
account.status !== 'blocked' && account.status !== 'blocked' &&
account.status !== 'temp_error' &&
(account.accountType === 'shared' || !account.accountType) && // 兼容旧数据 (account.accountType === 'shared' || !account.accountType) && // 兼容旧数据
this._isSchedulable(account.schedulable) this._isSchedulable(account.schedulable)
) { ) {
@@ -441,7 +443,12 @@ class UnifiedClaudeScheduler {
try { try {
if (accountType === 'claude-official') { if (accountType === 'claude-official') {
const account = await redis.getClaudeAccount(accountId) const account = await redis.getClaudeAccount(accountId)
if (!account || account.isActive !== 'true' || account.status === 'error') { if (
!account ||
account.isActive !== 'true' ||
account.status === 'error' ||
account.status === 'temp_error'
) {
return false return false
} }
// 检查是否可调度 // 检查是否可调度
@@ -452,7 +459,15 @@ class UnifiedClaudeScheduler {
return !(await claudeAccountService.isAccountRateLimited(accountId)) return !(await claudeAccountService.isAccountRateLimited(accountId))
} else if (accountType === 'claude-console') { } else if (accountType === 'claude-console') {
const account = await claudeConsoleAccountService.getAccount(accountId) const account = await claudeConsoleAccountService.getAccount(accountId)
if (!account || !account.isActive || account.status !== 'active') { if (!account || !account.isActive) {
return false
}
// 检查账户状态
if (
account.status !== 'active' &&
account.status !== 'unauthorized' &&
account.status !== 'overloaded'
) {
return false return false
} }
// 检查是否可调度 // 检查是否可调度
@@ -460,7 +475,19 @@ class UnifiedClaudeScheduler {
logger.info(`🚫 Claude Console account ${accountId} is not schedulable`) logger.info(`🚫 Claude Console account ${accountId} is not schedulable`)
return false return false
} }
return !(await claudeConsoleAccountService.isAccountRateLimited(accountId)) // 检查是否被限流
if (await claudeConsoleAccountService.isAccountRateLimited(accountId)) {
return false
}
// 检查是否未授权401错误
if (account.status === 'unauthorized') {
return false
}
// 检查是否过载529错误
if (await claudeConsoleAccountService.isAccountOverloaded(accountId)) {
return false
}
return true
} else if (accountType === 'bedrock') { } else if (accountType === 'bedrock') {
const accountResult = await bedrockAccountService.getAccount(accountId) const accountResult = await bedrockAccountService.getAccount(accountId)
if (!accountResult.success || !accountResult.data.isActive) { if (!accountResult.success || !accountResult.data.isActive) {

12
src/services/unifiedOpenAIScheduler.js
View File

@@ -34,7 +34,11 @@ class UnifiedOpenAIScheduler {
// 普通专属账户 // 普通专属账户
const boundAccount = await openaiAccountService.getAccount(apiKeyData.openaiAccountId) const boundAccount = await openaiAccountService.getAccount(apiKeyData.openaiAccountId)
if (boundAccount && boundAccount.isActive === 'true' && boundAccount.status !== 'error') { if (
boundAccount &&
(boundAccount.isActive === true || boundAccount.isActive === 'true') &&
boundAccount.status !== 'error'
) {
// 检查是否被限流 // 检查是否被限流
const isRateLimited = await this.isAccountRateLimited(boundAccount.id) const isRateLimited = await this.isAccountRateLimited(boundAccount.id)
if (isRateLimited) { if (isRateLimited) {
@@ -165,7 +169,7 @@ class UnifiedOpenAIScheduler {
const openaiAccounts = await openaiAccountService.getAllAccounts() const openaiAccounts = await openaiAccountService.getAllAccounts()
for (const account of openaiAccounts) { for (const account of openaiAccounts) {
if ( if (
account.isActive === 'true' && account.isActive &&
account.status !== 'error' && account.status !== 'error' &&
(account.accountType === 'shared' || !account.accountType) && // 兼容旧数据 (account.accountType === 'shared' || !account.accountType) && // 兼容旧数据
this._isSchedulable(account.schedulable) this._isSchedulable(account.schedulable)
@@ -233,7 +237,7 @@ class UnifiedOpenAIScheduler {
try { try {
if (accountType === 'openai') { if (accountType === 'openai') {
const account = await openaiAccountService.getAccount(accountId) const account = await openaiAccountService.getAccount(accountId)
if (!account || account.isActive !== 'true' || account.status === 'error') { if (!account || !account.isActive || account.status === 'error') {
return false return false
} }
// 检查是否可调度 // 检查是否可调度
@@ -395,7 +399,7 @@ class UnifiedOpenAIScheduler {
const account = await openaiAccountService.getAccount(memberId) const account = await openaiAccountService.getAccount(memberId)
if ( if (
account && account &&
account.isActive === 'true' && account.isActive &&
account.status !== 'error' && account.status !== 'error' &&
this._isSchedulable(account.schedulable) this._isSchedulable(account.schedulable)
) { ) {

514
src/services/userService.js Normal file
View File

@@ -0,0 +1,514 @@
const redis = require('../models/redis')
const crypto = require('crypto')
const logger = require('../utils/logger')
const config = require('../../config/config')
class UserService {
constructor() {
this.userPrefix = 'user:'
this.usernamePrefix = 'username:'
this.userSessionPrefix = 'user_session:'
}
// 🔑 生成用户ID
generateUserId() {
return crypto.randomBytes(16).toString('hex')
}
// 🔑 生成会话Token
generateSessionToken() {
return crypto.randomBytes(32).toString('hex')
}
// 👤 创建或更新用户
async createOrUpdateUser(userData) {
try {
const {
username,
email,
displayName,
firstName,
lastName,
role = config.userManagement.defaultUserRole,
isActive = true
} = userData
// 检查用户是否已存在
let user = await this.getUserByUsername(username)
const isNewUser = !user
if (isNewUser) {
const userId = this.generateUserId()
user = {
id: userId,
username,
email,
displayName,
firstName,
lastName,
role,
isActive,
createdAt: new Date().toISOString(),
updatedAt: new Date().toISOString(),
lastLoginAt: null,
apiKeyCount: 0,
totalUsage: {
requests: 0,
inputTokens: 0,
outputTokens: 0,
totalCost: 0
}
}
} else {
// 更新现有用户信息
user = {
...user,
email,
displayName,
firstName,
lastName,
updatedAt: new Date().toISOString()
}
}
// 保存用户信息
await redis.set(`${this.userPrefix}${user.id}`, JSON.stringify(user))
await redis.set(`${this.usernamePrefix}${username}`, user.id)
logger.info(`📝 ${isNewUser ? 'Created' : 'Updated'} user: ${username} (${user.id})`)
return user
} catch (error) {
logger.error('❌ Error creating/updating user:', error)
throw error
}
}
// 👤 通过用户名获取用户
async getUserByUsername(username) {
try {
const userId = await redis.get(`${this.usernamePrefix}${username}`)
if (!userId) {
return null
}
const userData = await redis.get(`${this.userPrefix}${userId}`)
return userData ? JSON.parse(userData) : null
} catch (error) {
logger.error('❌ Error getting user by username:', error)
throw error
}
}
// 👤 通过ID获取用户
async getUserById(userId, calculateUsage = true) {
try {
const userData = await redis.get(`${this.userPrefix}${userId}`)
if (!userData) {
return null
}
const user = JSON.parse(userData)
// Calculate totalUsage by aggregating user's API keys usage (if requested)
if (calculateUsage) {
try {
const usageStats = await this.calculateUserUsageStats(userId)
user.totalUsage = usageStats.totalUsage
user.apiKeyCount = usageStats.apiKeyCount
} catch (error) {
logger.error('❌ Error calculating user usage stats:', error)
// Fallback to stored values if calculation fails
user.totalUsage = user.totalUsage || {
requests: 0,
inputTokens: 0,
outputTokens: 0,
totalCost: 0
}
user.apiKeyCount = user.apiKeyCount || 0
}
}
return user
} catch (error) {
logger.error('❌ Error getting user by ID:', error)
throw error
}
}
// 📊 计算用户使用统计通过聚合API Keys
async calculateUserUsageStats(userId) {
try {
// Use the existing apiKeyService method which already includes usage stats
const apiKeyService = require('./apiKeyService')
const userApiKeys = await apiKeyService.getUserApiKeys(userId, true) // Include deleted keys for stats
const totalUsage = {
requests: 0,
inputTokens: 0,
outputTokens: 0,
totalCost: 0
}
for (const apiKey of userApiKeys) {
if (apiKey.usage && apiKey.usage.total) {
totalUsage.requests += apiKey.usage.total.requests || 0
totalUsage.inputTokens += apiKey.usage.total.inputTokens || 0
totalUsage.outputTokens += apiKey.usage.total.outputTokens || 0
totalUsage.totalCost += apiKey.totalCost || 0
}
}
logger.debug(
`📊 Calculated user ${userId} usage: ${totalUsage.requests} requests, ${totalUsage.inputTokens} input tokens, $${totalUsage.totalCost.toFixed(4)} total cost from ${userApiKeys.length} API keys`
)
// Count only non-deleted API keys for the user's active count
const activeApiKeyCount = userApiKeys.filter((key) => key.isDeleted !== 'true').length
return {
totalUsage,
apiKeyCount: activeApiKeyCount
}
} catch (error) {
logger.error('❌ Error calculating user usage stats:', error)
return {
totalUsage: {
requests: 0,
inputTokens: 0,
outputTokens: 0,
totalCost: 0
},
apiKeyCount: 0
}
}
}
// 📋 获取所有用户列表(管理员功能)
async getAllUsers(options = {}) {
try {
const client = redis.getClientSafe()
const { page = 1, limit = 20, role, isActive } = options
const pattern = `${this.userPrefix}*`
const keys = await client.keys(pattern)
const users = []
for (const key of keys) {
const userData = await client.get(key)
if (userData) {
const user = JSON.parse(userData)
// 应用过滤条件
if (role && user.role !== role) {
continue
}
if (typeof isActive === 'boolean' && user.isActive !== isActive) {
continue
}
// Calculate dynamic usage stats for each user
try {
const usageStats = await this.calculateUserUsageStats(user.id)
user.totalUsage = usageStats.totalUsage
user.apiKeyCount = usageStats.apiKeyCount
} catch (error) {
logger.error(`❌ Error calculating usage for user ${user.id}:`, error)
// Fallback to stored values
user.totalUsage = user.totalUsage || {
requests: 0,
inputTokens: 0,
outputTokens: 0,
totalCost: 0
}
user.apiKeyCount = user.apiKeyCount || 0
}
users.push(user)
}
}
// 排序和分页
users.sort((a, b) => new Date(b.createdAt) - new Date(a.createdAt))
const startIndex = (page - 1) * limit
const endIndex = startIndex + limit
const paginatedUsers = users.slice(startIndex, endIndex)
return {
users: paginatedUsers,
total: users.length,
page,
limit,
totalPages: Math.ceil(users.length / limit)
}
} catch (error) {
logger.error('❌ Error getting all users:', error)
throw error
}
}
// 🔄 更新用户状态
async updateUserStatus(userId, isActive) {
try {
const user = await this.getUserById(userId, false) // Skip usage calculation
if (!user) {
throw new Error('User not found')
}
user.isActive = isActive
user.updatedAt = new Date().toISOString()
await redis.set(`${this.userPrefix}${userId}`, JSON.stringify(user))
logger.info(`🔄 Updated user status: ${user.username} -> ${isActive ? 'active' : 'disabled'}`)
// 如果禁用用户删除所有会话并禁用其所有API Keys
if (!isActive) {
await this.invalidateUserSessions(userId)
// Disable all user's API keys when user is disabled
try {
const apiKeyService = require('./apiKeyService')
const result = await apiKeyService.disableUserApiKeys(userId)
logger.info(`🔑 Disabled ${result.count} API keys for disabled user: ${user.username}`)
} catch (error) {
logger.error('❌ Error disabling user API keys during user disable:', error)
}
}
return user
} catch (error) {
logger.error('❌ Error updating user status:', error)
throw error
}
}
// 🔄 更新用户角色
async updateUserRole(userId, role) {
try {
const user = await this.getUserById(userId, false) // Skip usage calculation
if (!user) {
throw new Error('User not found')
}
user.role = role
user.updatedAt = new Date().toISOString()
await redis.set(`${this.userPrefix}${userId}`, JSON.stringify(user))
logger.info(`🔄 Updated user role: ${user.username} -> ${role}`)
return user
} catch (error) {
logger.error('❌ Error updating user role:', error)
throw error
}
}
// 📊 更新用户API Key数量 (已废弃,现在通过聚合计算)
async updateUserApiKeyCount(userId, _count) {
// This method is deprecated since apiKeyCount is now calculated dynamically
// in getUserById by aggregating the user's API keys
logger.debug(
`📊 updateUserApiKeyCount called for ${userId} but is now deprecated (count auto-calculated)`
)
}
// 📝 记录用户登录
async recordUserLogin(userId) {
try {
const user = await this.getUserById(userId, false) // Skip usage calculation
if (!user) {
return
}
user.lastLoginAt = new Date().toISOString()
await redis.set(`${this.userPrefix}${userId}`, JSON.stringify(user))
} catch (error) {
logger.error('❌ Error recording user login:', error)
}
}
// 🎫 创建用户会话
async createUserSession(userId, sessionData = {}) {
try {
const sessionToken = this.generateSessionToken()
const session = {
token: sessionToken,
userId,
createdAt: new Date().toISOString(),
expiresAt: new Date(Date.now() + config.userManagement.userSessionTimeout).toISOString(),
...sessionData
}
const ttl = Math.floor(config.userManagement.userSessionTimeout / 1000)
await redis.setex(`${this.userSessionPrefix}${sessionToken}`, ttl, JSON.stringify(session))
logger.info(`🎫 Created session for user: ${userId}`)
return sessionToken
} catch (error) {
logger.error('❌ Error creating user session:', error)
throw error
}
}
// 🎫 验证用户会话
async validateUserSession(sessionToken) {
try {
const sessionData = await redis.get(`${this.userSessionPrefix}${sessionToken}`)
if (!sessionData) {
return null
}
const session = JSON.parse(sessionData)
// 检查会话是否过期
if (new Date() > new Date(session.expiresAt)) {
await this.invalidateUserSession(sessionToken)
return null
}
// 获取用户信息
const user = await this.getUserById(session.userId, false) // Skip usage calculation for validation
if (!user || !user.isActive) {
await this.invalidateUserSession(sessionToken)
return null
}
return { session, user }
} catch (error) {
logger.error('❌ Error validating user session:', error)
return null
}
}
// 🚫 使用户会话失效
async invalidateUserSession(sessionToken) {
try {
await redis.del(`${this.userSessionPrefix}${sessionToken}`)
logger.info(`🚫 Invalidated session: ${sessionToken}`)
} catch (error) {
logger.error('❌ Error invalidating user session:', error)
}
}
// 🚫 使用户所有会话失效
async invalidateUserSessions(userId) {
try {
const client = redis.getClientSafe()
const pattern = `${this.userSessionPrefix}*`
const keys = await client.keys(pattern)
for (const key of keys) {
const sessionData = await client.get(key)
if (sessionData) {
const session = JSON.parse(sessionData)
if (session.userId === userId) {
await client.del(key)
}
}
}
logger.info(`🚫 Invalidated all sessions for user: ${userId}`)
} catch (error) {
logger.error('❌ Error invalidating user sessions:', error)
}
}
// 🗑️ 删除用户(软删除,标记为不活跃)
async deleteUser(userId) {
try {
const user = await this.getUserById(userId, false) // Skip usage calculation
if (!user) {
throw new Error('User not found')
}
// 软删除:标记为不活跃并添加删除时间戳
user.isActive = false
user.deletedAt = new Date().toISOString()
user.updatedAt = new Date().toISOString()
await redis.set(`${this.userPrefix}${userId}`, JSON.stringify(user))
// 删除所有会话
await this.invalidateUserSessions(userId)
// Disable all user's API keys when user is deleted
try {
const apiKeyService = require('./apiKeyService')
const result = await apiKeyService.disableUserApiKeys(userId)
logger.info(`🔑 Disabled ${result.count} API keys for deleted user: ${user.username}`)
} catch (error) {
logger.error('❌ Error disabling user API keys during user deletion:', error)
}
logger.info(`🗑️ Soft deleted user: ${user.username} (${userId})`)
return user
} catch (error) {
logger.error('❌ Error deleting user:', error)
throw error
}
}
// 📊 获取用户统计信息
async getUserStats() {
try {
const client = redis.getClientSafe()
const pattern = `${this.userPrefix}*`
const keys = await client.keys(pattern)
const stats = {
totalUsers: 0,
activeUsers: 0,
adminUsers: 0,
regularUsers: 0,
totalApiKeys: 0,
totalUsage: {
requests: 0,
inputTokens: 0,
outputTokens: 0,
totalCost: 0
}
}
for (const key of keys) {
const userData = await client.get(key)
if (userData) {
const user = JSON.parse(userData)
stats.totalUsers++
if (user.isActive) {
stats.activeUsers++
}
if (user.role === 'admin') {
stats.adminUsers++
} else {
stats.regularUsers++
}
// Calculate dynamic usage stats for each user
try {
const usageStats = await this.calculateUserUsageStats(user.id)
stats.totalApiKeys += usageStats.apiKeyCount
stats.totalUsage.requests += usageStats.totalUsage.requests
stats.totalUsage.inputTokens += usageStats.totalUsage.inputTokens
stats.totalUsage.outputTokens += usageStats.totalUsage.outputTokens
stats.totalUsage.totalCost += usageStats.totalUsage.totalCost
} catch (error) {
logger.error(`❌ Error calculating usage for user ${user.id} in stats:`, error)
// Fallback to stored values if calculation fails
stats.totalApiKeys += user.apiKeyCount || 0
stats.totalUsage.requests += user.totalUsage?.requests || 0
stats.totalUsage.inputTokens += user.totalUsage?.inputTokens || 0
stats.totalUsage.outputTokens += user.totalUsage?.outputTokens || 0
stats.totalUsage.totalCost += user.totalUsage?.totalCost || 0
}
}
}
return stats
} catch (error) {
logger.error('❌ Error getting user stats:', error)
throw error
}
}
}
module.exports = new UserService()

99
src/services/webhookConfigService.js
View File

@@ -56,15 +56,26 @@ class WebhookConfigService {
// 验证平台配置 // 验证平台配置
if (config.platforms) { if (config.platforms) {
const validPlatforms = ['wechat_work', 'dingtalk', 'feishu', 'slack', 'discord', 'custom'] const validPlatforms = [
'wechat_work',
'dingtalk',
'feishu',
'slack',
'discord',
'custom',
'bark'
]
for (const platform of config.platforms) { for (const platform of config.platforms) {
if (!validPlatforms.includes(platform.type)) { if (!validPlatforms.includes(platform.type)) {
throw new Error(`不支持的平台类型: ${platform.type}`) throw new Error(`不支持的平台类型: ${platform.type}`)
} }
if (!platform.url || !this.isValidUrl(platform.url)) { // Bark平台使用deviceKey而不是url
throw new Error(`无效的webhook URL: ${platform.url}`) if (platform.type !== 'bark') {
if (!platform.url || !this.isValidUrl(platform.url)) {
throw new Error(`无效的webhook URL: ${platform.url}`)
}
} }
// 验证平台特定的配置 // 验证平台特定的配置
@@ -108,6 +119,88 @@ class WebhookConfigService {
case 'custom': case 'custom':
// 自定义webhook用户自行负责格式 // 自定义webhook用户自行负责格式
break break
case 'bark':
// 验证设备密钥
if (!platform.deviceKey) {
throw new Error('Bark平台必须提供设备密钥')
}
// 验证设备密钥格式通常是22-24位字符
if (platform.deviceKey.length < 20 || platform.deviceKey.length > 30) {
logger.warn('⚠️ Bark设备密钥长度可能不正确请检查是否完整复制')
}
// 验证服务器URL如果提供
if (platform.serverUrl) {
if (!this.isValidUrl(platform.serverUrl)) {
throw new Error('Bark服务器URL格式无效')
}
if (!platform.serverUrl.includes('/push')) {
logger.warn('⚠️ Bark服务器URL应该以/push结尾')
}
}
// 验证声音参数(如果提供)
if (platform.sound) {
const validSounds = [
'default',
'alarm',
'anticipate',
'bell',
'birdsong',
'bloom',
'calypso',
'chime',
'choo',
'descent',
'electronic',
'fanfare',
'glass',
'gotosleep',
'healthnotification',
'horn',
'ladder',
'mailsent',
'minuet',
'multiwayinvitation',
'newmail',
'newsflash',
'noir',
'paymentsuccess',
'shake',
'sherwoodforest',
'silence',
'spell',
'suspense',
'telegraph',
'tiptoes',
'typewriters',
'update',
'alert'
]
if (!validSounds.includes(platform.sound)) {
logger.warn(`⚠️ 未知的Bark声音: ${platform.sound}`)
}
}
// 验证级别参数
if (platform.level) {
const validLevels = ['active', 'timeSensitive', 'passive', 'critical']
if (!validLevels.includes(platform.level)) {
throw new Error(`无效的Bark通知级别: ${platform.level}`)
}
}
// 验证图标URL如果提供
if (platform.icon && !this.isValidUrl(platform.icon)) {
logger.warn('⚠️ Bark图标URL格式可能不正确')
}
// 验证点击跳转URL如果提供
if (platform.clickUrl && !this.isValidUrl(platform.clickUrl)) {
logger.warn('⚠️ Bark点击跳转URL格式可能不正确')
}
break
} }
} }

112
src/services/webhookService.js
View File

@@ -2,6 +2,7 @@ const axios = require('axios')
const crypto = require('crypto') const crypto = require('crypto')
const logger = require('../utils/logger') const logger = require('../utils/logger')
const webhookConfigService = require('./webhookConfigService') const webhookConfigService = require('./webhookConfigService')
const { getISOStringWithTimezone } = require('../utils/dateHelper')
class WebhookService { class WebhookService {
constructor() { constructor() {
@@ -11,7 +12,8 @@ class WebhookService {
feishu: this.sendToFeishu.bind(this), feishu: this.sendToFeishu.bind(this),
slack: this.sendToSlack.bind(this), slack: this.sendToSlack.bind(this),
discord: this.sendToDiscord.bind(this), discord: this.sendToDiscord.bind(this),
custom: this.sendToCustom.bind(this) custom: this.sendToCustom.bind(this),
bark: this.sendToBark.bind(this)
} }
} }
@@ -205,13 +207,40 @@ class WebhookService {
const payload = { const payload = {
type, type,
service: 'claude-relay-service', service: 'claude-relay-service',
timestamp: new Date().toISOString(), timestamp: getISOStringWithTimezone(new Date()),
data data
} }
await this.sendHttpRequest(platform.url, payload, platform.timeout || 10000) await this.sendHttpRequest(platform.url, payload, platform.timeout || 10000)
} }
/**
* Bark webhook
*/
async sendToBark(platform, type, data) {
const payload = {
device_key: platform.deviceKey,
title: this.getNotificationTitle(type),
body: this.formatMessageForBark(type, data),
level: platform.level || this.getBarkLevel(type),
sound: platform.sound || this.getBarkSound(type),
group: platform.group || 'claude-relay',
badge: 1
}
// 添加可选参数
if (platform.icon) {
payload.icon = platform.icon
}
if (platform.clickUrl) {
payload.url = platform.clickUrl
}
const url = platform.serverUrl || 'https://api.day.app/push'
await this.sendHttpRequest(url, payload, platform.timeout || 10000)
}
/** /**
* 发送HTTP请求 * 发送HTTP请求
*/ */
@@ -329,7 +358,7 @@ class WebhookService {
title, title,
color, color,
fields, fields,
timestamp: new Date().toISOString(), timestamp: getISOStringWithTimezone(new Date()),
footer: { footer: {
text: 'Claude Relay Service' text: 'Claude Relay Service'
} }
@@ -351,6 +380,81 @@ class WebhookService {
return titles[type] || '📢 系统通知' return titles[type] || '📢 系统通知'
} }
/**
* 获取Bark通知级别
*/
getBarkLevel(type) {
const levels = {
accountAnomaly: 'timeSensitive',
quotaWarning: 'active',
systemError: 'critical',
securityAlert: 'critical',
test: 'passive'
}
return levels[type] || 'active'
}
/**
* 获取Bark声音
*/
getBarkSound(type) {
const sounds = {
accountAnomaly: 'alarm',
quotaWarning: 'bell',
systemError: 'alert',
securityAlert: 'alarm',
test: 'default'
}
return sounds[type] || 'default'
}
/**
* 格式化Bark消息
*/
formatMessageForBark(type, data) {
const lines = []
if (data.accountName) {
lines.push(`账号: ${data.accountName}`)
}
if (data.platform) {
lines.push(`平台: ${data.platform}`)
}
if (data.status) {
lines.push(`状态: ${data.status}`)
}
if (data.errorCode) {
lines.push(`错误: ${data.errorCode}`)
}
if (data.reason) {
lines.push(`原因: ${data.reason}`)
}
if (data.message) {
lines.push(`消息: ${data.message}`)
}
if (data.quota) {
lines.push(`剩余配额: ${data.quota.remaining}/${data.quota.total}`)
}
if (data.usage) {
lines.push(`使用率: ${data.usage}%`)
}
// 添加服务标识和时间戳
lines.push(`\n服务: Claude Relay Service`)
lines.push(`时间: ${new Date().toLocaleString('zh-CN')}`)
return lines.join('\n')
}
/** /**
* 格式化通知详情 * 格式化通知详情
*/ */
@@ -477,7 +581,7 @@ class WebhookService {
try { try {
const testData = { const testData = {
message: 'Claude Relay Service webhook测试', message: 'Claude Relay Service webhook测试',
timestamp: new Date().toISOString() timestamp: getISOStringWithTimezone(new Date())
} }
await this.sendToPlatform(platform, 'test', testData, { maxRetries: 1, retryDelay: 1000 }) await this.sendToPlatform(platform, 'test', testData, { maxRetries: 1, retryDelay: 1000 })

62
src/utils/costCalculator.js
View File

@@ -32,6 +32,14 @@ const MODEL_PRICING = {
cacheRead: 1.5 cacheRead: 1.5
}, },
// Claude Opus 4.1 (新模型)
'claude-opus-4-1-20250805': {
input: 15.0,
output: 75.0,
cacheWrite: 18.75,
cacheRead: 1.5
},
// Claude 3 Sonnet // Claude 3 Sonnet
'claude-3-sonnet-20240229': { 'claude-3-sonnet-20240229': {
input: 3.0, input: 3.0,
@@ -69,9 +77,57 @@ class CostCalculator {
* @returns {Object} 费用详情 * @returns {Object} 费用详情
*/ */
static calculateCost(usage, model = 'unknown') { static calculateCost(usage, model = 'unknown') {
// 如果 usage 包含详细的 cache_creation 对象,使用 pricingService 来处理 // 如果 usage 包含详细的 cache_creation 对象或是 1M 模型,使用 pricingService 来处理
if (usage.cache_creation && typeof usage.cache_creation === 'object') { if (
return pricingService.calculateCost(usage, model) (usage.cache_creation && typeof usage.cache_creation === 'object') ||
(model && model.includes('[1m]'))
) {
const result = pricingService.calculateCost(usage, model)
// 转换 pricingService 返回的格式到 costCalculator 的格式
return {
model,
pricing: {
input: result.pricing.input * 1000000, // 转换为 per 1M tokens
output: result.pricing.output * 1000000,
cacheWrite: result.pricing.cacheCreate * 1000000,
cacheRead: result.pricing.cacheRead * 1000000
},
usingDynamicPricing: true,
isLongContextRequest: result.isLongContextRequest || false,
usage: {
inputTokens: usage.input_tokens || 0,
outputTokens: usage.output_tokens || 0,
cacheCreateTokens: usage.cache_creation_input_tokens || 0,
cacheReadTokens: usage.cache_read_input_tokens || 0,
totalTokens:
(usage.input_tokens || 0) +
(usage.output_tokens || 0) +
(usage.cache_creation_input_tokens || 0) +
(usage.cache_read_input_tokens || 0)
},
costs: {
input: result.inputCost,
output: result.outputCost,
cacheWrite: result.cacheCreateCost,
cacheRead: result.cacheReadCost,
total: result.totalCost
},
formatted: {
input: this.formatCost(result.inputCost),
output: this.formatCost(result.outputCost),
cacheWrite: this.formatCost(result.cacheCreateCost),
cacheRead: this.formatCost(result.cacheReadCost),
total: this.formatCost(result.totalCost)
},
debug: {
isOpenAIModel: model.includes('gpt') || model.includes('o1'),
hasCacheCreatePrice: !!result.pricing.cacheCreate,
cacheCreateTokens: usage.cache_creation_input_tokens || 0,
cacheWritePriceUsed: result.pricing.cacheCreate * 1000000,
isLongContextModel: model && model.includes('[1m]'),
isLongContextRequest: result.isLongContextRequest || false
}
}
} }
// 否则使用旧的逻辑(向后兼容) // 否则使用旧的逻辑(向后兼容)

100
src/utils/dateHelper.js Normal file
View File

@@ -0,0 +1,100 @@
const config = require('../../config/config')
/**
* 格式化日期时间为指定时区的本地时间字符串
* @param {Date|number} date - Date对象或时间戳秒或毫秒
* @param {boolean} includeTimezone - 是否在输出中包含时区信息
* @returns {string} 格式化后的时间字符串
*/
function formatDateWithTimezone(date, includeTimezone = true) {
// 处理不同类型的输入
let dateObj
if (typeof date === 'number') {
// 判断是秒还是毫秒时间戳
// Unix时间戳通常小于 10^10毫秒时间戳通常大于 10^12
if (date < 10000000000) {
dateObj = new Date(date * 1000) // 秒转毫秒
} else {
dateObj = new Date(date) // 已经是毫秒
}
} else if (date instanceof Date) {
dateObj = date
} else {
dateObj = new Date(date)
}
// 获取配置的时区偏移(小时)
const timezoneOffset = config.system.timezoneOffset || 8 // 默认 UTC+8
// 计算本地时间
const offsetMs = timezoneOffset * 3600000 // 转换为毫秒
const localTime = new Date(dateObj.getTime() + offsetMs)
// 格式化为 YYYY-MM-DD HH:mm:ss
const year = localTime.getUTCFullYear()
const month = String(localTime.getUTCMonth() + 1).padStart(2, '0')
const day = String(localTime.getUTCDate()).padStart(2, '0')
const hours = String(localTime.getUTCHours()).padStart(2, '0')
const minutes = String(localTime.getUTCMinutes()).padStart(2, '0')
const seconds = String(localTime.getUTCSeconds()).padStart(2, '0')
let formattedDate = `${year}-${month}-${day} ${hours}:${minutes}:${seconds}`
// 添加时区信息
if (includeTimezone) {
const sign = timezoneOffset >= 0 ? '+' : ''
formattedDate += ` (UTC${sign}${timezoneOffset})`
}
return formattedDate
}
/**
* 获取指定时区的ISO格式时间字符串
* @param {Date|number} date - Date对象或时间戳
* @returns {string} ISO格式的时间字符串
*/
function getISOStringWithTimezone(date) {
// 先获取本地格式的时间(不含时区后缀)
const localTimeStr = formatDateWithTimezone(date, false)
// 获取时区偏移
const timezoneOffset = config.system.timezoneOffset || 8
// 构建ISO格式添加时区偏移
const sign = timezoneOffset >= 0 ? '+' : '-'
const absOffset = Math.abs(timezoneOffset)
const offsetHours = String(Math.floor(absOffset)).padStart(2, '0')
const offsetMinutes = String(Math.round((absOffset % 1) * 60)).padStart(2, '0')
// 将空格替换为T并添加时区
return `${localTimeStr.replace(' ', 'T')}${sign}${offsetHours}:${offsetMinutes}`
}
/**
* 计算时间差并格式化为人类可读的字符串
* @param {number} seconds - 秒数
* @returns {string} 格式化的时间差字符串
*/
function formatDuration(seconds) {
if (seconds < 60) {
return `${seconds}`
} else if (seconds < 3600) {
const minutes = Math.floor(seconds / 60)
return `${minutes}分钟`
} else if (seconds < 86400) {
const hours = Math.floor(seconds / 3600)
const minutes = Math.floor((seconds % 3600) / 60)
return minutes > 0 ? `${hours}小时${minutes}分钟` : `${hours}小时`
} else {
const days = Math.floor(seconds / 86400)
const hours = Math.floor((seconds % 86400) / 3600)
return hours > 0 ? `${days}${hours}小时` : `${days}`
}
}
module.exports = {
formatDateWithTimezone,
getISOStringWithTimezone,
formatDuration
}

291
src/utils/inputValidator.js Normal file
View File

@@ -0,0 +1,291 @@
/**
* 输入验证工具类
* 提供各种输入验证和清理功能,防止注入攻击
*/
class InputValidator {
/**
* 验证用户名
* @param {string} username - 用户名
* @returns {string} 验证后的用户名
* @throws {Error} 如果用户名无效
*/
validateUsername(username) {
if (!username || typeof username !== 'string') {
throw new Error('用户名必须是非空字符串')
}
const trimmed = username.trim()
// 长度检查
if (trimmed.length < 3 || trimmed.length > 64) {
throw new Error('用户名长度必须在3-64个字符之间')
}
// 格式检查:只允许字母、数字、下划线、连字符
const usernameRegex = /^[a-zA-Z0-9_-]+$/
if (!usernameRegex.test(trimmed)) {
throw new Error('用户名只能包含字母、数字、下划线和连字符')
}
// 不能以连字符开头或结尾
if (trimmed.startsWith('-') || trimmed.endsWith('-')) {
throw new Error('用户名不能以连字符开头或结尾')
}
return trimmed
}
/**
* 验证电子邮件
* @param {string} email - 电子邮件地址
* @returns {string} 验证后的电子邮件
* @throws {Error} 如果电子邮件无效
*/
validateEmail(email) {
if (!email || typeof email !== 'string') {
throw new Error('电子邮件必须是非空字符串')
}
const trimmed = email.trim().toLowerCase()
// 基本格式验证
const emailRegex =
/^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/
if (!emailRegex.test(trimmed)) {
throw new Error('电子邮件格式无效')
}
// 长度限制
if (trimmed.length > 254) {
throw new Error('电子邮件地址过长')
}
return trimmed
}
/**
* 验证密码强度
* @param {string} password - 密码
* @returns {boolean} 验证结果
*/
validatePassword(password) {
if (!password || typeof password !== 'string') {
throw new Error('密码必须是非空字符串')
}
// 最小长度
if (password.length < 8) {
throw new Error('密码至少需要8个字符')
}
// 最大长度防止DoS攻击
if (password.length > 128) {
throw new Error('密码不能超过128个字符')
}
return true
}
/**
* 验证角色
* @param {string} role - 用户角色
* @returns {string} 验证后的角色
* @throws {Error} 如果角色无效
*/
validateRole(role) {
const validRoles = ['admin', 'user', 'viewer']
if (!role || typeof role !== 'string') {
throw new Error('角色必须是非空字符串')
}
const trimmed = role.trim().toLowerCase()
if (!validRoles.includes(trimmed)) {
throw new Error(`角色必须是以下之一: ${validRoles.join(', ')}`)
}
return trimmed
}
/**
* 验证Webhook URL
* @param {string} url - Webhook URL
* @returns {string} 验证后的URL
* @throws {Error} 如果URL无效
*/
validateWebhookUrl(url) {
if (!url || typeof url !== 'string') {
throw new Error('Webhook URL必须是非空字符串')
}
const trimmed = url.trim()
// URL格式验证
try {
const urlObj = new URL(trimmed)
// 只允许HTTP和HTTPS协议
if (!['http:', 'https:'].includes(urlObj.protocol)) {
throw new Error('Webhook URL必须使用HTTP或HTTPS协议')
}
// 防止SSRF攻击禁止访问内网地址
const hostname = urlObj.hostname.toLowerCase()
const dangerousHosts = [
'localhost',
'127.0.0.1',
'0.0.0.0',
'::1',
'169.254.169.254', // AWS元数据服务
'metadata.google.internal' // GCP元数据服务
]
if (dangerousHosts.includes(hostname)) {
throw new Error('Webhook URL不能指向内部服务')
}
// 检查是否是内网IP
const ipRegex = /^(\d{1,3}\.){3}\d{1,3}$/
if (ipRegex.test(hostname)) {
const parts = hostname.split('.').map(Number)
// 检查私有IP范围
if (
parts[0] === 10 || // 10.0.0.0/8
(parts[0] === 172 && parts[1] >= 16 && parts[1] <= 31) || // 172.16.0.0/12
(parts[0] === 192 && parts[1] === 168) // 192.168.0.0/16
) {
throw new Error('Webhook URL不能指向私有IP地址')
}
}
return trimmed
} catch (error) {
if (error.message.includes('Webhook URL')) {
throw error
}
throw new Error('Webhook URL格式无效')
}
}
/**
* 验证显示名称
* @param {string} displayName - 显示名称
* @returns {string} 验证后的显示名称
* @throws {Error} 如果显示名称无效
*/
validateDisplayName(displayName) {
if (!displayName || typeof displayName !== 'string') {
throw new Error('显示名称必须是非空字符串')
}
const trimmed = displayName.trim()
// 长度检查
if (trimmed.length < 1 || trimmed.length > 100) {
throw new Error('显示名称长度必须在1-100个字符之间')
}
// 禁止特殊控制字符(排除常见的换行和制表符)
// eslint-disable-next-line no-control-regex
const controlCharRegex = /[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/
if (controlCharRegex.test(trimmed)) {
throw new Error('显示名称不能包含控制字符')
}
return trimmed
}
/**
* 清理HTML标签防止XSS
* @param {string} input - 输入字符串
* @returns {string} 清理后的字符串
*/
sanitizeHtml(input) {
if (!input || typeof input !== 'string') {
return ''
}
return input
.replace(/&/g, '&amp;')
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;')
.replace(/"/g, '&quot;')
.replace(/'/g, '&#x27;')
.replace(/\//g, '&#x2F;')
}
/**
* 验证API Key名称
* @param {string} name - API Key名称
* @returns {string} 验证后的名称
* @throws {Error} 如果名称无效
*/
validateApiKeyName(name) {
if (!name || typeof name !== 'string') {
throw new Error('API Key名称必须是非空字符串')
}
const trimmed = name.trim()
// 长度检查
if (trimmed.length < 1 || trimmed.length > 100) {
throw new Error('API Key名称长度必须在1-100个字符之间')
}
// 禁止特殊控制字符(排除常见的换行和制表符)
// eslint-disable-next-line no-control-regex
const controlCharRegex = /[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/
if (controlCharRegex.test(trimmed)) {
throw new Error('API Key名称不能包含控制字符')
}
return trimmed
}
/**
* 验证分页参数
* @param {number} page - 页码
* @param {number} limit - 每页数量
* @returns {{page: number, limit: number}} 验证后的分页参数
*/
validatePagination(page, limit) {
const pageNum = parseInt(page, 10) || 1
const limitNum = parseInt(limit, 10) || 20
if (pageNum < 1) {
throw new Error('页码必须大于0')
}
if (limitNum < 1 || limitNum > 100) {
throw new Error('每页数量必须在1-100之间')
}
return {
page: pageNum,
limit: limitNum
}
}
/**
* 验证UUID格式
* @param {string} uuid - UUID字符串
* @returns {string} 验证后的UUID
* @throws {Error} 如果UUID无效
*/
validateUuid(uuid) {
if (!uuid || typeof uuid !== 'string') {
throw new Error('UUID必须是非空字符串')
}
const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i
if (!uuidRegex.test(uuid)) {
throw new Error('UUID格式无效')
}
return uuid.toLowerCase()
}
}
module.exports = new InputValidator()

3
src/utils/webhookNotifier.js
View File

@@ -1,5 +1,6 @@
const logger = require('./logger') const logger = require('./logger')
const webhookService = require('../services/webhookService') const webhookService = require('../services/webhookService')
const { getISOStringWithTimezone } = require('./dateHelper')
class WebhookNotifier { class WebhookNotifier {
constructor() { constructor() {
@@ -28,7 +29,7 @@ class WebhookNotifier {
errorCode: errorCode:
notification.errorCode || this._getErrorCode(notification.platform, notification.status), notification.errorCode || this._getErrorCode(notification.platform, notification.status),
reason: notification.reason, reason: notification.reason,
timestamp: notification.timestamp || new Date().toISOString() timestamp: notification.timestamp || getISOStringWithTimezone(new Date())
}) })
} catch (error) { } catch (error) {
logger.error('Failed to send account anomaly notification:', error) logger.error('Failed to send account anomaly notification:', error)

8
web/admin-spa/.env.example
View File

@@ -23,6 +23,14 @@ VITE_APP_TITLE=Claude Relay Service - 管理后台
# 格式http://proxy-host:port # 格式http://proxy-host:port
#VITE_HTTP_PROXY=http://127.0.0.1:7890 #VITE_HTTP_PROXY=http://127.0.0.1:7890
# ========== 教程页面配置 ==========
# API 基础前缀(可选)
# 用于教程页面显示的自定义 API 前缀
# 如果不配置,则使用当前浏览器访问地址
# 示例https://api.example.com 或 https://relay.mysite.com
# VITE_API_BASE_PREFIX=https://api.example.com
# ========== 使用说明 ========== # ========== 使用说明 ==========
# 1. 复制此文件为 .env.local 进行本地配置 # 1. 复制此文件为 .env.local 进行本地配置
# 2. .env.local 文件不会被提交到版本控制 # 2. .env.local 文件不会被提交到版本控制

239
web/admin-spa/src/components/accounts/AccountForm.vue
View File

@@ -556,7 +556,17 @@
> >
<div class="flex flex-wrap gap-2"> <div class="flex flex-wrap gap-2">
<label <label
v-for="model in ['gpt-4', 'gpt-4-turbo', 'gpt-35-turbo', 'gpt-35-turbo-16k']" v-for="model in [
'gpt-4',
'gpt-4-turbo',
'gpt-4o',
'gpt-4o-mini',
'gpt-5',
'gpt-5-mini',
'gpt-35-turbo',
'gpt-35-turbo-16k',
'codex-mini'
]"
:key="model" :key="model"
class="flex cursor-pointer items-center" class="flex cursor-pointer items-center"
> >
@@ -825,6 +835,25 @@
</p> </p>
</div> </div>
<!-- Claude 5小时限制自动停止调度选项 -->
<div v-if="form.platform === 'claude'" class="mt-4">
<label class="flex items-start">
<input
v-model="form.autoStopOnWarning"
class="mt-1 text-blue-600 focus:ring-blue-500 dark:border-gray-600 dark:bg-gray-700"
type="checkbox"
/>
<div class="ml-3">
<span class="text-sm font-medium text-gray-700 dark:text-gray-300">
5小时使用量接近限制时自动停止调度
</span>
<p class="mt-1 text-xs text-gray-500 dark:text-gray-400">
当系统检测到账户接近5小时使用限制时自动暂停调度该账户。进入新的时间窗口后会自动恢复调度。
</p>
</div>
</label>
</div>
<!-- 所有平台的优先级设置 --> <!-- 所有平台的优先级设置 -->
<div> <div>
<label class="mb-3 block text-sm font-semibold text-gray-700 dark:text-gray-300" <label class="mb-3 block text-sm font-semibold text-gray-700 dark:text-gray-300"
@@ -1364,6 +1393,25 @@
</p> </p>
</div> </div>
<!-- Claude 5小时限制自动停止调度选项编辑模式 -->
<div v-if="form.platform === 'claude'" class="mt-4">
<label class="flex items-start">
<input
v-model="form.autoStopOnWarning"
class="mt-1 text-blue-600 focus:ring-blue-500 dark:border-gray-600 dark:bg-gray-700"
type="checkbox"
/>
<div class="ml-3">
<span class="text-sm font-medium text-gray-700 dark:text-gray-300">
5小时使用量接近限制时自动停止调度
</span>
<p class="mt-1 text-xs text-gray-500 dark:text-gray-400">
当系统检测到账户接近5小时使用限制时自动暂停调度该账户。进入新的时间窗口后会自动恢复调度。
</p>
</div>
</label>
</div>
<!-- 所有平台的优先级设置(编辑模式) --> <!-- 所有平台的优先级设置(编辑模式) -->
<div> <div>
<label class="mb-3 block text-sm font-semibold text-gray-700 dark:text-gray-300" <label class="mb-3 block text-sm font-semibold text-gray-700 dark:text-gray-300"
@@ -1660,9 +1708,112 @@
</div> </div>
</div> </div>
<!-- Azure OpenAI 特定字段(编辑模式)-->
<div v-if="form.platform === 'azure_openai'" class="space-y-4">
<div>
<label class="mb-3 block text-sm font-semibold text-gray-700 dark:text-gray-300"
>Azure Endpoint</label
>
<input
v-model="form.azureEndpoint"
class="form-input w-full dark:border-gray-600 dark:bg-gray-700 dark:text-gray-200 dark:placeholder-gray-400"
:class="{ 'border-red-500': errors.azureEndpoint }"
placeholder="https://your-resource.openai.azure.com"
type="url"
/>
<p v-if="errors.azureEndpoint" class="mt-1 text-xs text-red-500">
{{ errors.azureEndpoint }}
</p>
</div>
<div>
<label class="mb-3 block text-sm font-semibold text-gray-700 dark:text-gray-300"
>API 版本</label
>
<input
v-model="form.apiVersion"
class="form-input w-full dark:border-gray-600 dark:bg-gray-700 dark:text-gray-200 dark:placeholder-gray-400"
placeholder="2024-02-01"
type="text"
/>
<p class="mt-1 text-xs text-gray-500 dark:text-gray-400">
Azure OpenAI API 版本,默认使用最新稳定版本 2024-02-01
</p>
</div>
<div>
<label class="mb-3 block text-sm font-semibold text-gray-700 dark:text-gray-300"
>部署名称</label
>
<input
v-model="form.deploymentName"
class="form-input w-full dark:border-gray-600 dark:bg-gray-700 dark:text-gray-200 dark:placeholder-gray-400"
:class="{ 'border-red-500': errors.deploymentName }"
placeholder="gpt-4"
type="text"
/>
<p v-if="errors.deploymentName" class="mt-1 text-xs text-red-500">
{{ errors.deploymentName }}
</p>
</div>
<div>
<label class="mb-3 block text-sm font-semibold text-gray-700 dark:text-gray-300"
>API Key</label
>
<input
v-model="form.apiKey"
class="form-input w-full dark:border-gray-600 dark:bg-gray-700 dark:text-gray-200 dark:placeholder-gray-400"
:class="{ 'border-red-500': errors.apiKey }"
placeholder="留空表示不更新"
type="password"
/>
<p v-if="errors.apiKey" class="mt-1 text-xs text-red-500">
{{ errors.apiKey }}
</p>
<p class="mt-1 text-xs text-gray-500 dark:text-gray-400">留空表示不更新 API Key</p>
</div>
<div>
<label class="mb-3 block text-sm font-semibold text-gray-700 dark:text-gray-300"
>支持的模型</label
>
<div class="flex flex-wrap gap-2">
<label
v-for="model in [
'gpt-4',
'gpt-4-turbo',
'gpt-4o',
'gpt-4o-mini',
'gpt-5',
'gpt-5-mini',
'gpt-35-turbo',
'gpt-35-turbo-16k',
'codex-mini'
]"
:key="model"
class="flex cursor-pointer items-center"
>
<input
v-model="form.supportedModels"
class="mr-2 text-blue-600 focus:ring-blue-500 dark:border-gray-600 dark:bg-gray-700"
type="checkbox"
:value="model"
/>
<span class="text-sm text-gray-700 dark:text-gray-300">{{ model }}</span>
</label>
</div>
<p class="mt-1 text-xs text-gray-500 dark:text-gray-400">选择此部署支持的模型类型</p>
</div>
</div>
<!-- Token 更新 --> <!-- Token 更新 -->
<div <div
v-if="form.platform !== 'claude-console' && form.platform !== 'bedrock'" v-if="
form.platform !== 'claude-console' &&
form.platform !== 'bedrock' &&
form.platform !== 'azure_openai'
"
class="rounded-lg border border-amber-200 bg-amber-50 p-4 dark:border-amber-700 dark:bg-amber-900/30" class="rounded-lg border border-amber-200 bg-amber-50 p-4 dark:border-amber-700 dark:bg-amber-900/30"
> >
<div class="mb-4 flex items-start gap-3"> <div class="mb-4 flex items-start gap-3">
@@ -1826,6 +1977,7 @@ const form = ref({
description: props.account?.description || '', description: props.account?.description || '',
accountType: props.account?.accountType || 'shared', accountType: props.account?.accountType || 'shared',
subscriptionType: 'claude_max', // 默认为 Claude Max兼容旧数据 subscriptionType: 'claude_max', // 默认为 Claude Max兼容旧数据
autoStopOnWarning: props.account?.autoStopOnWarning || false, // 5小时限制自动停止调度
groupId: '', groupId: '',
groupIds: [], groupIds: [],
projectId: props.account?.projectId || '', projectId: props.account?.projectId || '',
@@ -1839,16 +1991,16 @@ const form = ref({
priority: props.account?.priority || 50, priority: props.account?.priority || 50,
supportedModels: (() => { supportedModels: (() => {
const models = props.account?.supportedModels const models = props.account?.supportedModels
if (!models) return '' if (!models) return []
// 处理对象格式Claude Console 的新格式) // 处理对象格式Claude Console 的新格式)
if (typeof models === 'object' && !Array.isArray(models)) { if (typeof models === 'object' && !Array.isArray(models)) {
return Object.keys(models).join('\n') return Object.keys(models)
} }
// 处理数组格式(向后兼容) // 处理数组格式(向后兼容)
if (Array.isArray(models)) { if (Array.isArray(models)) {
return models.join('\n') return models
} }
return '' return []
})(), })(),
userAgent: props.account?.userAgent || '', userAgent: props.account?.userAgent || '',
enableRateLimit: props.account ? props.account.rateLimitDuration > 0 : true, enableRateLimit: props.account ? props.account.rateLimitDuration > 0 : true,
@@ -1859,7 +2011,11 @@ const form = ref({
region: props.account?.region || '', region: props.account?.region || '',
sessionToken: props.account?.sessionToken || '', sessionToken: props.account?.sessionToken || '',
defaultModel: props.account?.defaultModel || '', defaultModel: props.account?.defaultModel || '',
smallFastModel: props.account?.smallFastModel || '' smallFastModel: props.account?.smallFastModel || '',
// Azure OpenAI 特定字段
azureEndpoint: props.account?.azureEndpoint || '',
apiVersion: props.account?.apiVersion || '',
deploymentName: props.account?.deploymentName || ''
}) })
// 模型映射表数据 // 模型映射表数据
@@ -1896,7 +2052,9 @@ const errors = ref({
apiKey: '', apiKey: '',
accessKeyId: '', accessKeyId: '',
secretAccessKey: '', secretAccessKey: '',
region: '' region: '',
azureEndpoint: '',
deploymentName: ''
}) })
// 计算是否可以进入下一步 // 计算是否可以进入下一步
@@ -2096,6 +2254,7 @@ const handleOAuthSuccess = async (tokenInfo) => {
// Claude使用claudeAiOauth字段 // Claude使用claudeAiOauth字段
data.claudeAiOauth = tokenInfo.claudeAiOauth || tokenInfo data.claudeAiOauth = tokenInfo.claudeAiOauth || tokenInfo
data.priority = form.value.priority || 50 data.priority = form.value.priority || 50
data.autoStopOnWarning = form.value.autoStopOnWarning || false
// 添加订阅类型信息 // 添加订阅类型信息
data.subscriptionInfo = { data.subscriptionInfo = {
accountType: form.value.subscriptionType || 'claude_max', accountType: form.value.subscriptionType || 'claude_max',
@@ -2176,15 +2335,15 @@ const createAccount = async () => {
} else if (form.value.platform === 'azure_openai') { } else if (form.value.platform === 'azure_openai') {
// Azure OpenAI 验证 // Azure OpenAI 验证
if (!form.value.azureEndpoint || form.value.azureEndpoint.trim() === '') { if (!form.value.azureEndpoint || form.value.azureEndpoint.trim() === '') {
errors.value.azureEndpoint = 'Azure Endpoint 是必填项' errors.value.azureEndpoint = '请填写 Azure Endpoint'
hasError = true hasError = true
} }
if (!form.value.deploymentName || form.value.deploymentName.trim() === '') { if (!form.value.deploymentName || form.value.deploymentName.trim() === '') {
errors.value.deploymentName = 'Deployment Name 是必填项' errors.value.deploymentName = '请填写部署名称'
hasError = true hasError = true
} }
if (!form.value.apiKey || form.value.apiKey.trim() === '') { if (!form.value.apiKey || form.value.apiKey.trim() === '') {
errors.value.apiKey = 'API Key 是必填项' errors.value.apiKey = '请填写 API Key'
hasError = true hasError = true
} }
} else if (form.value.addType === 'manual') { } else if (form.value.addType === 'manual') {
@@ -2257,6 +2416,7 @@ const createAccount = async () => {
scopes: [] // 手动添加没有 scopes scopes: [] // 手动添加没有 scopes
} }
data.priority = form.value.priority || 50 data.priority = form.value.priority || 50
data.autoStopOnWarning = form.value.autoStopOnWarning || false
// 添加订阅类型信息 // 添加订阅类型信息
data.subscriptionInfo = { data.subscriptionInfo = {
accountType: form.value.subscriptionType || 'claude_max', accountType: form.value.subscriptionType || 'claude_max',
@@ -2360,10 +2520,12 @@ const createAccount = async () => {
} else if (form.value.platform === 'azure_openai') { } else if (form.value.platform === 'azure_openai') {
// Azure OpenAI 账户特定数据 // Azure OpenAI 账户特定数据
data.azureEndpoint = form.value.azureEndpoint data.azureEndpoint = form.value.azureEndpoint
data.apiKey = form.value.apiKey
data.apiVersion = form.value.apiVersion || '2024-02-01' data.apiVersion = form.value.apiVersion || '2024-02-01'
data.deploymentName = form.value.deploymentName data.deploymentName = form.value.deploymentName
data.apiKey = form.value.apiKey data.supportedModels = Array.isArray(form.value.supportedModels)
data.supportedModels = form.value.supportedModels || [] ? form.value.supportedModels
: []
data.priority = form.value.priority || 50 data.priority = form.value.priority || 50
data.isActive = form.value.isActive !== false data.isActive = form.value.isActive !== false
data.schedulable = form.value.schedulable !== false data.schedulable = form.value.schedulable !== false
@@ -2507,6 +2669,7 @@ const updateAccount = async () => {
// Claude 官方账号优先级和订阅类型更新 // Claude 官方账号优先级和订阅类型更新
if (props.account.platform === 'claude') { if (props.account.platform === 'claude') {
data.priority = form.value.priority || 50 data.priority = form.value.priority || 50
data.autoStopOnWarning = form.value.autoStopOnWarning || false
// 更新订阅类型信息 // 更新订阅类型信息
data.subscriptionInfo = { data.subscriptionInfo = {
accountType: form.value.subscriptionType || 'claude_max', accountType: form.value.subscriptionType || 'claude_max',
@@ -2565,6 +2728,21 @@ const updateAccount = async () => {
data.rateLimitDuration = form.value.enableRateLimit ? form.value.rateLimitDuration || 60 : 0 data.rateLimitDuration = form.value.enableRateLimit ? form.value.rateLimitDuration || 60 : 0
} }
// Azure OpenAI 特定更新
if (props.account.platform === 'azure_openai') {
data.azureEndpoint = form.value.azureEndpoint
data.apiVersion = form.value.apiVersion || '2024-02-01'
data.deploymentName = form.value.deploymentName
data.supportedModels = Array.isArray(form.value.supportedModels)
? form.value.supportedModels
: []
data.priority = form.value.priority || 50
// 只有当有新的 API Key 时才更新
if (form.value.apiKey && form.value.apiKey.trim()) {
data.apiKey = form.value.apiKey
}
}
if (props.account.platform === 'claude') { if (props.account.platform === 'claude') {
await accountsStore.updateClaudeAccount(props.account.id, data) await accountsStore.updateClaudeAccount(props.account.id, data)
} else if (props.account.platform === 'claude-console') { } else if (props.account.platform === 'claude-console') {
@@ -2629,6 +2807,26 @@ watch(
} }
) )
// 监听Azure Endpoint变化清除错误
watch(
() => form.value.azureEndpoint,
() => {
if (errors.value.azureEndpoint && form.value.azureEndpoint?.trim()) {
errors.value.azureEndpoint = ''
}
}
)
// 监听Deployment Name变化清除错误
watch(
() => form.value.deploymentName,
() => {
if (errors.value.deploymentName && form.value.deploymentName?.trim()) {
errors.value.deploymentName = ''
}
}
)
// 分组相关数据 // 分组相关数据
const groups = ref([]) const groups = ref([])
const loadingGroups = ref(false) const loadingGroups = ref(false)
@@ -2872,6 +3070,7 @@ watch(
description: newAccount.description || '', description: newAccount.description || '',
accountType: newAccount.accountType || 'shared', accountType: newAccount.accountType || 'shared',
subscriptionType: subscriptionType, subscriptionType: subscriptionType,
autoStopOnWarning: newAccount.autoStopOnWarning || false,
groupId: groupId, groupId: groupId,
groupIds: [], groupIds: [],
projectId: newAccount.projectId || '', projectId: newAccount.projectId || '',
@@ -2884,16 +3083,16 @@ watch(
priority: newAccount.priority || 50, priority: newAccount.priority || 50,
supportedModels: (() => { supportedModels: (() => {
const models = newAccount.supportedModels const models = newAccount.supportedModels
if (!models) return '' if (!models) return []
// 处理对象格式Claude Console 的新格式) // 处理对象格式Claude Console 的新格式)
if (typeof models === 'object' && !Array.isArray(models)) { if (typeof models === 'object' && !Array.isArray(models)) {
return Object.keys(models).join('\n') return Object.keys(models)
} }
// 处理数组格式(向后兼容) // 处理数组格式(向后兼容)
if (Array.isArray(models)) { if (Array.isArray(models)) {
return models.join('\n') return models
} }
return '' return []
})(), })(),
userAgent: newAccount.userAgent || '', userAgent: newAccount.userAgent || '',
enableRateLimit: enableRateLimit:
@@ -2905,7 +3104,11 @@ watch(
region: newAccount.region || '', region: newAccount.region || '',
sessionToken: '', // 编辑模式不显示现有的会话令牌 sessionToken: '', // 编辑模式不显示现有的会话令牌
defaultModel: newAccount.defaultModel || '', defaultModel: newAccount.defaultModel || '',
smallFastModel: newAccount.smallFastModel || '' smallFastModel: newAccount.smallFastModel || '',
// Azure OpenAI 特定字段
azureEndpoint: newAccount.azureEndpoint || '',
apiVersion: newAccount.apiVersion || '',
deploymentName: newAccount.deploymentName || ''
} }
// 如果是分组类型加载分组ID // 如果是分组类型加载分组ID

254
web/admin-spa/src/components/admin/ChangeRoleModal.vue Normal file
View File

@@ -0,0 +1,254 @@
<template>
<div
v-if="show"
class="fixed inset-0 z-50 h-full w-full overflow-y-auto bg-gray-600 bg-opacity-50"
>
<div class="relative top-20 mx-auto w-96 rounded-md border bg-white p-5 shadow-lg">
<div class="mt-3">
<div class="mb-4 flex items-center justify-between">
<h3 class="text-lg font-medium text-gray-900">Change User Role</h3>
<button class="text-gray-400 hover:text-gray-600" @click="$emit('close')">
<svg class="h-6 w-6" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M6 18L18 6M6 6l12 12"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</button>
</div>
<div v-if="user" class="space-y-4">
<!-- User Info -->
<div class="rounded-md bg-gray-50 p-4">
<div class="flex items-center">
<div class="flex-shrink-0">
<div class="flex h-10 w-10 items-center justify-center rounded-full bg-gray-300">
<svg
class="h-6 w-6 text-gray-600"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M16 7a4 4 0 11-8 0 4 4 0 018 0zM12 14a7 7 0 00-7 7h14a7 7 0 00-7-7z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
</div>
<div class="ml-4">
<p class="text-sm font-medium text-gray-900">
{{ user.displayName || user.username }}
</p>
<p class="text-sm text-gray-500">@{{ user.username }}</p>
<div class="mt-1">
<span
:class="[
'inline-flex items-center rounded-full px-2.5 py-0.5 text-xs font-medium',
user.role === 'admin'
? 'bg-purple-100 text-purple-800'
: 'bg-blue-100 text-blue-800'
]"
>
Current: {{ user.role }}
</span>
</div>
</div>
</div>
</div>
<!-- Role Selection -->
<form class="space-y-4" @submit.prevent="handleSubmit">
<div>
<label class="mb-2 block text-sm font-medium text-gray-700"> New Role </label>
<div class="space-y-2">
<label class="flex items-center">
<input
v-model="selectedRole"
class="h-4 w-4 border-gray-300 text-blue-600 focus:ring-blue-500"
:disabled="loading"
type="radio"
value="user"
/>
<div class="ml-3">
<div class="text-sm font-medium text-gray-900">User</div>
<div class="text-xs text-gray-500">Regular user with basic permissions</div>
</div>
</label>
<label class="flex items-center">
<input
v-model="selectedRole"
class="h-4 w-4 border-gray-300 text-blue-600 focus:ring-blue-500"
:disabled="loading"
type="radio"
value="admin"
/>
<div class="ml-3">
<div class="text-sm font-medium text-gray-900">Administrator</div>
<div class="text-xs text-gray-500">Full access to manage users and system</div>
</div>
</label>
</div>
</div>
<!-- Warning for role changes -->
<div
v-if="selectedRole !== user.role"
class="rounded-md border border-yellow-200 bg-yellow-50 p-4"
>
<div class="flex">
<div class="flex-shrink-0">
<svg class="h-5 w-5 text-yellow-400" fill="currentColor" viewBox="0 0 20 20">
<path
clip-rule="evenodd"
d="M8.257 3.099c.765-1.36 2.722-1.36 3.486 0l5.58 9.92c.75 1.334-.213 2.98-1.742 2.98H4.42c-1.53 0-2.493-1.646-1.743-2.98l5.58-9.92zM11 13a1 1 0 11-2 0 1 1 0 012 0zm-1-8a1 1 0 00-1 1v3a1 1 0 002 0V6a1 1 0 00-1-1z"
fill-rule="evenodd"
/>
</svg>
</div>
<div class="ml-3">
<h3 class="text-sm font-medium text-yellow-800">Role Change Warning</h3>
<div class="mt-2 text-sm text-yellow-700">
<p v-if="selectedRole === 'admin'">
Granting admin privileges will give this user full access to the system,
including the ability to manage other users and their API keys.
</p>
<p v-else>
Removing admin privileges will restrict this user to only managing their own
API keys and viewing their own usage statistics.
</p>
</div>
</div>
</div>
</div>
<div v-if="error" class="rounded-md border border-red-200 bg-red-50 p-4">
<div class="flex">
<div class="flex-shrink-0">
<svg class="h-5 w-5 text-red-400" fill="currentColor" viewBox="0 0 20 20">
<path
clip-rule="evenodd"
d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.707 7.293a1 1 0 00-1.414 1.414L8.586 10l-1.293 1.293a1 1 0 101.414 1.414L10 11.414l1.293 1.293a1 1 0 001.414-1.414L11.414 10l1.293-1.293a1 1 0 00-1.414-1.414L10 8.586 8.707 7.293z"
fill-rule="evenodd"
/>
</svg>
</div>
<div class="ml-3">
<p class="text-sm text-red-700">{{ error }}</p>
</div>
</div>
</div>
<div class="flex justify-end space-x-3 pt-4">
<button
class="rounded-md border border-gray-300 px-4 py-2 text-sm font-medium text-gray-700 hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 disabled:opacity-50"
:disabled="loading"
type="button"
@click="$emit('close')"
>
Cancel
</button>
<button
class="rounded-md border border-transparent bg-blue-600 px-4 py-2 text-sm font-medium text-white shadow-sm hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50"
:disabled="loading || selectedRole === user.role"
type="submit"
>
<span v-if="loading" class="flex items-center">
<svg
class="-ml-1 mr-2 h-4 w-4 animate-spin text-white"
fill="none"
viewBox="0 0 24 24"
xmlns="http://www.w3.org/2000/svg"
>
<circle
class="opacity-25"
cx="12"
cy="12"
r="10"
stroke="currentColor"
stroke-width="4"
></circle>
<path
class="opacity-75"
d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"
fill="currentColor"
></path>
</svg>
Updating...
</span>
<span v-else>Update Role</span>
</button>
</div>
</form>
</div>
</div>
</div>
</div>
</template>
<script setup>
import { ref, watch } from 'vue'
import { apiClient } from '@/config/api'
import { showToast } from '@/utils/toast'
const props = defineProps({
show: {
type: Boolean,
default: false
},
user: {
type: Object,
default: null
}
})
const emit = defineEmits(['close', 'updated'])
const loading = ref(false)
const error = ref('')
const selectedRole = ref('')
const handleSubmit = async () => {
if (!props.user || selectedRole.value === props.user.role) {
return
}
loading.value = true
error.value = ''
try {
const response = await apiClient.patch(`/users/${props.user.id}/role`, {
role: selectedRole.value
})
if (response.success) {
showToast(`User role updated to ${selectedRole.value}`, 'success')
emit('updated')
} else {
error.value = response.message || 'Failed to update user role'
}
} catch (err) {
console.error('Update user role error:', err)
error.value = err.response?.data?.message || err.message || 'Failed to update user role'
} finally {
loading.value = false
}
}
// Reset form when modal is shown
watch([() => props.show, () => props.user], ([show, user]) => {
if (show && user) {
selectedRole.value = user.role
error.value = ''
loading.value = false
}
})
</script>
<style scoped>
/* 组件特定样式 */
</style>

428
web/admin-spa/src/components/admin/UserUsageStatsModal.vue Normal file
View File

@@ -0,0 +1,428 @@
<template>
<div
v-if="show"
class="fixed inset-0 z-50 h-full w-full overflow-y-auto bg-gray-600 bg-opacity-50"
>
<div class="relative top-10 mx-auto w-4/5 max-w-4xl rounded-md border bg-white p-5 shadow-lg">
<div class="mt-3">
<div class="mb-6 flex items-center justify-between">
<div>
<h3 class="text-lg font-medium text-gray-900">
Usage Statistics - {{ user?.displayName || user?.username }}
</h3>
<p class="text-sm text-gray-500">@{{ user?.username }} {{ user?.role }}</p>
</div>
<button class="text-gray-400 hover:text-gray-600" @click="emit('close')">
<svg class="h-6 w-6" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M6 18L18 6M6 6l12 12"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</button>
</div>
<!-- Period Selector -->
<div class="mb-6">
<select
v-model="selectedPeriod"
class="block w-32 rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm"
@change="loadUsageStats"
>
<option value="day">Last 24 Hours</option>
<option value="week">Last 7 Days</option>
<option value="month">Last 30 Days</option>
<option value="quarter">Last 90 Days</option>
</select>
</div>
<!-- Loading State -->
<div v-if="loading" class="py-12 text-center">
<svg
class="mx-auto h-8 w-8 animate-spin text-blue-600"
fill="none"
viewBox="0 0 24 24"
xmlns="http://www.w3.org/2000/svg"
>
<circle
class="opacity-25"
cx="12"
cy="12"
r="10"
stroke="currentColor"
stroke-width="4"
></circle>
<path
class="opacity-75"
d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"
fill="currentColor"
></path>
</svg>
<p class="mt-2 text-sm text-gray-500">Loading usage statistics...</p>
</div>
<!-- Stats Content -->
<div v-else class="space-y-6">
<!-- Summary Cards -->
<div class="grid grid-cols-1 gap-4 md:grid-cols-2 lg:grid-cols-4">
<div class="overflow-hidden rounded-lg bg-blue-50 shadow">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-blue-600"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M13 10V3L4 14h7v7l9-11h-7z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-blue-600">Requests</dt>
<dd class="text-lg font-medium text-blue-900">
{{ formatNumber(usageStats?.totalRequests || 0) }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-green-50 shadow">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-green-600"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M7 7h.01M7 3h5c.512 0 1.024.195 1.414.586l7 7a2 2 0 010 2.828l-7 7a2 2 0 01-2.828 0l-7-7A1.994 1.994 0 013 12V7a4 4 0 014-4z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-green-600">Input Tokens</dt>
<dd class="text-lg font-medium text-green-900">
{{ formatNumber(usageStats?.totalInputTokens || 0) }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-purple-50 shadow">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-purple-600"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M7 7h.01M7 3h5c.512 0 1.024.195 1.414.586l7 7a2 2 0 010 2.828l-7 7a2 2 0 01-2.828 0l-7-7A1.994 1.994 0 013 12V7a4 4 0 014-4z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-purple-600">Output Tokens</dt>
<dd class="text-lg font-medium text-purple-900">
{{ formatNumber(usageStats?.totalOutputTokens || 0) }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-yellow-50 shadow">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-yellow-600"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M12 8c-1.657 0-3 .895-3 2s1.343 2 3 2 3 .895 3 2-1.343 2-3 2m0-8c1.11 0 2.08.402 2.599 1M12 8V7m0 1v8m0 0v1m0-1c-1.11 0-2.08-.402-2.599-1"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-yellow-600">Total Cost</dt>
<dd class="text-lg font-medium text-yellow-900">
${{ (usageStats?.totalCost || 0).toFixed(4) }}
</dd>
</dl>
</div>
</div>
</div>
</div>
</div>
<!-- User API Keys Table -->
<div
v-if="userDetails?.apiKeys?.length > 0"
class="rounded-lg border border-gray-200 bg-white"
>
<div class="border-b border-gray-200 px-4 py-5 sm:px-6">
<h4 class="text-lg font-medium leading-6 text-gray-900">API Keys Usage</h4>
</div>
<div class="overflow-hidden">
<table class="min-w-full divide-y divide-gray-200">
<thead class="bg-gray-50">
<tr>
<th
class="px-6 py-3 text-left text-xs font-medium uppercase tracking-wider text-gray-500"
scope="col"
>
API Key
</th>
<th
class="px-6 py-3 text-left text-xs font-medium uppercase tracking-wider text-gray-500"
scope="col"
>
Status
</th>
<th
class="px-6 py-3 text-left text-xs font-medium uppercase tracking-wider text-gray-500"
scope="col"
>
Requests
</th>
<th
class="px-6 py-3 text-left text-xs font-medium uppercase tracking-wider text-gray-500"
scope="col"
>
Tokens
</th>
<th
class="px-6 py-3 text-left text-xs font-medium uppercase tracking-wider text-gray-500"
scope="col"
>
Cost
</th>
<th
class="px-6 py-3 text-left text-xs font-medium uppercase tracking-wider text-gray-500"
scope="col"
>
Last Used
</th>
</tr>
</thead>
<tbody class="divide-y divide-gray-200 bg-white">
<tr v-for="apiKey in userDetails.apiKeys" :key="apiKey.id">
<td class="whitespace-nowrap px-6 py-4">
<div class="text-sm font-medium text-gray-900">{{ apiKey.name }}</div>
<div class="text-sm text-gray-500">{{ apiKey.keyPreview }}</div>
</td>
<td class="whitespace-nowrap px-6 py-4">
<span
:class="[
'inline-flex items-center rounded-full px-2.5 py-0.5 text-xs font-medium',
apiKey.isActive
? 'bg-green-100 text-green-800'
: 'bg-red-100 text-red-800'
]"
>
{{ apiKey.isActive ? 'Active' : 'Disabled' }}
</span>
</td>
<td class="whitespace-nowrap px-6 py-4 text-sm text-gray-900">
{{ formatNumber(apiKey.usage?.requests || 0) }}
</td>
<td class="whitespace-nowrap px-6 py-4 text-sm text-gray-900">
<div>In: {{ formatNumber(apiKey.usage?.inputTokens || 0) }}</div>
<div>Out: {{ formatNumber(apiKey.usage?.outputTokens || 0) }}</div>
</td>
<td class="whitespace-nowrap px-6 py-4 text-sm text-gray-900">
${{ (apiKey.usage?.totalCost || 0).toFixed(4) }}
</td>
<td class="whitespace-nowrap px-6 py-4 text-sm text-gray-500">
{{ apiKey.lastUsedAt ? formatDate(apiKey.lastUsedAt) : 'Never' }}
</td>
</tr>
</tbody>
</table>
</div>
</div>
<!-- Chart Placeholder -->
<div class="rounded-lg border border-gray-200 bg-white">
<div class="border-b border-gray-200 px-4 py-5 sm:px-6">
<h4 class="text-lg font-medium leading-6 text-gray-900">Usage Trend</h4>
</div>
<div class="p-6">
<div
class="flex h-64 items-center justify-center rounded-lg border-2 border-dashed border-gray-300"
>
<div class="text-center">
<svg
class="mx-auto h-12 w-12 text-gray-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M9 19v-6a2 2 0 00-2-2H5a2 2 0 00-2 2v6a2 2 0 002 2h2a2 2 0 002-2zm0 0V9a2 2 0 012-2h2a2 2 0 012 2v10m-6 0a2 2 0 002 2h2a2 2 0 002-2m0 0V5a2 2 0 012-2h2a2 2 0 012 2v14a2 2 0 01-2 2h-2a2 2 0 01-2-2z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
<h3 class="mt-2 text-sm font-medium text-gray-900">Usage Chart</h3>
<p class="mt-1 text-sm text-gray-500">
Daily usage trends for {{ selectedPeriod }} period
</p>
<p class="mt-2 text-xs text-gray-400">
(Chart integration can be added with Chart.js, D3.js, or similar library)
</p>
</div>
</div>
</div>
</div>
<!-- No Data State -->
<div v-if="usageStats && usageStats.totalRequests === 0" class="py-12 text-center">
<svg
class="mx-auto h-12 w-12 text-gray-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M9 19v-6a2 2 0 00-2-2H5a2 2 0 00-2 2v6a2 2 0 002 2h2a2 2 0 002-2zm0 0V9a2 2 0 012-2h2a2 2 0 012 2v10m-6 0a2 2 0 002 2h2a2 2 0 002-2m0 0V5a2 2 0 012-2h2a2 2 0 012 2v14a2 2 0 01-2 2h-2a2 2 0 01-2-2z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
<h3 class="mt-2 text-sm font-medium text-gray-900">No usage data</h3>
<p class="mt-1 text-sm text-gray-500">
This user hasn't made any API requests in the selected period.
</p>
</div>
</div>
<div class="mt-6 flex justify-end">
<button
class="rounded-md border border-gray-300 px-4 py-2 text-sm font-medium text-gray-700 hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2"
@click="$emit('close')"
>
Close
</button>
</div>
</div>
</div>
</div>
</template>
<script setup>
import { ref, watch } from 'vue'
import { apiClient } from '@/config/api'
import { showToast } from '@/utils/toast'
const props = defineProps({
show: {
type: Boolean,
default: false
},
user: {
type: Object,
default: null
}
})
const emit = defineEmits(['close'])
const loading = ref(false)
const selectedPeriod = ref('week')
const usageStats = ref(null)
const userDetails = ref(null)
const formatNumber = (num) => {
if (num >= 1000000) {
return (num / 1000000).toFixed(1) + 'M'
} else if (num >= 1000) {
return (num / 1000).toFixed(1) + 'K'
}
return num.toString()
}
const formatDate = (dateString) => {
if (!dateString) return null
return new Date(dateString).toLocaleDateString('en-US', {
year: 'numeric',
month: 'short',
day: 'numeric',
hour: '2-digit',
minute: '2-digit'
})
}
const loadUsageStats = async () => {
if (!props.user) return
loading.value = true
try {
const [statsResponse, userResponse] = await Promise.all([
apiClient.get(`/users/${props.user.id}/usage-stats`, {
params: { period: selectedPeriod.value }
}),
apiClient.get(`/users/${props.user.id}`)
])
if (statsResponse.success) {
usageStats.value = statsResponse.stats
}
if (userResponse.success) {
userDetails.value = userResponse.user
}
} catch (error) {
console.error('Failed to load user usage stats:', error)
showToast('Failed to load usage statistics', 'error')
} finally {
loading.value = false
}
}
// Watch for when modal is shown and user changes
watch([() => props.show, () => props.user], ([show, user]) => {
if (show && user) {
loadUsageStats()
}
})
</script>
<style scoped>
/* 组件特定样式 */
</style>

99
web/admin-spa/src/components/apikeys/CreateApiKeyModal.vue
View File

@@ -252,17 +252,17 @@
<div> <div>
<label class="mb-1 block text-xs font-medium text-gray-700 dark:text-gray-300" <label class="mb-1 block text-xs font-medium text-gray-700 dark:text-gray-300"
>Token 限制</label >费用限制 (美元)</label
> >
<input <input
v-model="form.tokenLimit" v-model="form.rateLimitCost"
class="form-input w-full text-sm dark:border-gray-600 dark:bg-gray-700 dark:text-gray-200 dark:placeholder-gray-400" class="form-input w-full text-sm dark:border-gray-600 dark:bg-gray-700 dark:text-gray-200 dark:placeholder-gray-400"
min="0"
placeholder="无限制" placeholder="无限制"
step="0.01"
type="number" type="number"
/> />
<p class="ml-2 mt-0.5 text-xs text-gray-500 dark:text-gray-400"> <p class="ml-2 mt-0.5 text-xs text-gray-500 dark:text-gray-400">窗口内最大费用</p>
窗口内最大Token
</p>
</div> </div>
</div> </div>
@@ -275,12 +275,9 @@
<div> <div>
<strong>示例1:</strong> 时间窗口=60请求次数=1000 每60分钟最多1000次请求 <strong>示例1:</strong> 时间窗口=60请求次数=1000 每60分钟最多1000次请求
</div> </div>
<div><strong>示例2:</strong> 时间窗口=1费用=0.1 每分钟最多$0.1费用</div>
<div> <div>
<strong>示例2:</strong> 时间窗口=1Token=10000 每分钟最多10,000个Token <strong>示例3:</strong> 窗口=30请求=50费用=5 每30分钟50次请求且不超$5费用
</div>
<div>
<strong>示例3:</strong> 窗口=30请求=50Token=100000
每30分钟50次请求且不超10万Token
</div> </div>
</div> </div>
</div> </div>
@@ -336,6 +333,55 @@
</div> </div>
</div> </div>
<div>
<label class="mb-2 block text-sm font-semibold text-gray-700 dark:text-gray-300"
>Opus 模型周费用限制 (美元)</label
>
<div class="space-y-2">
<div class="flex gap-2">
<button
class="rounded bg-gray-100 px-2 py-1 text-xs font-medium hover:bg-gray-200 dark:bg-gray-700 dark:text-gray-300 dark:hover:bg-gray-600"
type="button"
@click="form.weeklyOpusCostLimit = '100'"
>
$100
</button>
<button
class="rounded bg-gray-100 px-2 py-1 text-xs font-medium hover:bg-gray-200 dark:bg-gray-700 dark:text-gray-300 dark:hover:bg-gray-600"
type="button"
@click="form.weeklyOpusCostLimit = '500'"
>
$500
</button>
<button
class="rounded bg-gray-100 px-2 py-1 text-xs font-medium hover:bg-gray-200 dark:bg-gray-700 dark:text-gray-300 dark:hover:bg-gray-600"
type="button"
@click="form.weeklyOpusCostLimit = '1000'"
>
$1000
</button>
<button
class="rounded bg-gray-100 px-2 py-1 text-xs font-medium hover:bg-gray-200 dark:bg-gray-700 dark:text-gray-300 dark:hover:bg-gray-600"
type="button"
@click="form.weeklyOpusCostLimit = ''"
>
自定义
</button>
</div>
<input
v-model="form.weeklyOpusCostLimit"
class="form-input w-full dark:border-gray-600 dark:bg-gray-700 dark:text-gray-200 dark:placeholder-gray-400"
min="0"
placeholder="0 表示无限制"
step="0.01"
type="number"
/>
<p class="text-xs text-gray-500 dark:text-gray-400">
设置 Opus 模型的周费用限制周一到周日仅限 Claude 官方账户0 或留空表示无限制
</p>
</div>
</div>
<div> <div>
<label class="mb-2 block text-sm font-semibold text-gray-700 dark:text-gray-300" <label class="mb-2 block text-sm font-semibold text-gray-700 dark:text-gray-300"
>并发限制 (可选)</label >并发限制 (可选)</label
@@ -739,11 +785,12 @@ const form = reactive({
batchCount: 10, batchCount: 10,
name: '', name: '',
description: '', description: '',
tokenLimit: '',
rateLimitWindow: '', rateLimitWindow: '',
rateLimitRequests: '', rateLimitRequests: '',
rateLimitCost: '', // 新增:费用限制
concurrencyLimit: '', concurrencyLimit: '',
dailyCostLimit: '', dailyCostLimit: '',
weeklyOpusCostLimit: '',
expireDuration: '', expireDuration: '',
customExpireDate: '', customExpireDate: '',
expiresAt: null, expiresAt: null,
@@ -985,14 +1032,32 @@ const createApiKey = async () => {
} }
} }
// 检查是否设置了时间窗口但费用限制为0
if (form.rateLimitWindow && (!form.rateLimitCost || parseFloat(form.rateLimitCost) === 0)) {
let confirmed = false
if (window.showConfirm) {
confirmed = await window.showConfirm(
'费用限制提醒',
'您设置了时间窗口但费用限制为0这意味着不会有费用限制。\n\n是否继续',
'继续创建',
'返回修改'
)
} else {
// 降级方案
confirmed = confirm('您设置了时间窗口但费用限制为0这意味着不会有费用限制。\n是否继续')
}
if (!confirmed) {
return
}
}
loading.value = true loading.value = true
try { try {
// 准备提交的数据 // 准备提交的数据
const baseData = { const baseData = {
description: form.description || undefined, description: form.description || undefined,
tokenLimit: tokenLimit: 0, // 设置为0清除历史token限制
form.tokenLimit !== '' && form.tokenLimit !== null ? parseInt(form.tokenLimit) : null,
rateLimitWindow: rateLimitWindow:
form.rateLimitWindow !== '' && form.rateLimitWindow !== null form.rateLimitWindow !== '' && form.rateLimitWindow !== null
? parseInt(form.rateLimitWindow) ? parseInt(form.rateLimitWindow)
@@ -1001,6 +1066,10 @@ const createApiKey = async () => {
form.rateLimitRequests !== '' && form.rateLimitRequests !== null form.rateLimitRequests !== '' && form.rateLimitRequests !== null
? parseInt(form.rateLimitRequests) ? parseInt(form.rateLimitRequests)
: null, : null,
rateLimitCost:
form.rateLimitCost !== '' && form.rateLimitCost !== null
? parseFloat(form.rateLimitCost)
: null,
concurrencyLimit: concurrencyLimit:
form.concurrencyLimit !== '' && form.concurrencyLimit !== null form.concurrencyLimit !== '' && form.concurrencyLimit !== null
? parseInt(form.concurrencyLimit) ? parseInt(form.concurrencyLimit)
@@ -1009,6 +1078,10 @@ const createApiKey = async () => {
form.dailyCostLimit !== '' && form.dailyCostLimit !== null form.dailyCostLimit !== '' && form.dailyCostLimit !== null
? parseFloat(form.dailyCostLimit) ? parseFloat(form.dailyCostLimit)
: 0, : 0,
weeklyOpusCostLimit:
form.weeklyOpusCostLimit !== '' && form.weeklyOpusCostLimit !== null
? parseFloat(form.weeklyOpusCostLimit)
: 0,
expiresAt: form.expiresAt || undefined, expiresAt: form.expiresAt || undefined,
permissions: form.permissions, permissions: form.permissions,
tags: form.tags.length > 0 ? form.tags : undefined, tags: form.tags.length > 0 ? form.tags : undefined,

111
web/admin-spa/src/components/apikeys/EditApiKeyModal.vue
View File

@@ -166,17 +166,17 @@
<div> <div>
<label class="mb-1 block text-xs font-medium text-gray-700 dark:text-gray-300" <label class="mb-1 block text-xs font-medium text-gray-700 dark:text-gray-300"
>Token 限制</label >费用限制 (美元)</label
> >
<input <input
v-model="form.tokenLimit" v-model="form.rateLimitCost"
class="form-input w-full text-sm dark:border-gray-600 dark:bg-gray-700 dark:text-gray-200 dark:placeholder-gray-400" class="form-input w-full text-sm dark:border-gray-600 dark:bg-gray-700 dark:text-gray-200 dark:placeholder-gray-400"
min="0"
placeholder="无限制" placeholder="无限制"
step="0.01"
type="number" type="number"
/> />
<p class="ml-2 mt-0.5 text-xs text-gray-500 dark:text-gray-400"> <p class="ml-2 mt-0.5 text-xs text-gray-500 dark:text-gray-400">窗口内最大费用</p>
窗口内最大Token
</p>
</div> </div>
</div> </div>
@@ -189,12 +189,9 @@
<div> <div>
<strong>示例1:</strong> 时间窗口=60请求次数=1000 每60分钟最多1000次请求 <strong>示例1:</strong> 时间窗口=60请求次数=1000 每60分钟最多1000次请求
</div> </div>
<div><strong>示例2:</strong> 时间窗口=1费用=0.1 每分钟最多$0.1费用</div>
<div> <div>
<strong>示例2:</strong> 时间窗口=1Token=10000 每分钟最多10,000个Token <strong>示例3:</strong> 窗口=30请求=50费用=5 每30分钟50次请求且不超$5费用
</div>
<div>
<strong>示例3:</strong> 窗口=30请求=50Token=100000
每30分钟50次请求且不超10万Token
</div> </div>
</div> </div>
</div> </div>
@@ -250,6 +247,55 @@
</div> </div>
</div> </div>
<div>
<label class="mb-3 block text-sm font-semibold text-gray-700 dark:text-gray-300"
>Opus 模型周费用限制 (美元)</label
>
<div class="space-y-3">
<div class="flex gap-2">
<button
class="rounded-lg bg-gray-100 px-3 py-1 text-sm font-medium hover:bg-gray-200 dark:bg-gray-700 dark:text-gray-300 dark:hover:bg-gray-600"
type="button"
@click="form.weeklyOpusCostLimit = '100'"
>
$100
</button>
<button
class="rounded-lg bg-gray-100 px-3 py-1 text-sm font-medium hover:bg-gray-200 dark:bg-gray-700 dark:text-gray-300 dark:hover:bg-gray-600"
type="button"
@click="form.weeklyOpusCostLimit = '500'"
>
$500
</button>
<button
class="rounded-lg bg-gray-100 px-3 py-1 text-sm font-medium hover:bg-gray-200 dark:bg-gray-700 dark:text-gray-300 dark:hover:bg-gray-600"
type="button"
@click="form.weeklyOpusCostLimit = '1000'"
>
$1000
</button>
<button
class="rounded-lg bg-gray-100 px-3 py-1 text-sm font-medium hover:bg-gray-200 dark:bg-gray-700 dark:text-gray-300 dark:hover:bg-gray-600"
type="button"
@click="form.weeklyOpusCostLimit = ''"
>
自定义
</button>
</div>
<input
v-model="form.weeklyOpusCostLimit"
class="form-input w-full dark:border-gray-600 dark:bg-gray-700 dark:text-gray-200 dark:placeholder-gray-400"
min="0"
placeholder="0 表示无限制"
step="0.01"
type="number"
/>
<p class="text-xs text-gray-500 dark:text-gray-400">
设置 Opus 模型的周费用限制周一到周日仅限 Claude 官方账户0 或留空表示无限制
</p>
</div>
</div>
<div> <div>
<label class="mb-3 block text-sm font-semibold text-gray-700 dark:text-gray-300" <label class="mb-3 block text-sm font-semibold text-gray-700 dark:text-gray-300"
>并发限制</label >并发限制</label
@@ -632,11 +678,13 @@ const unselectedTags = computed(() => {
// 表单数据 // 表单数据
const form = reactive({ const form = reactive({
name: '', name: '',
tokenLimit: '', tokenLimit: '', // 保留用于检测历史数据
rateLimitWindow: '', rateLimitWindow: '',
rateLimitRequests: '', rateLimitRequests: '',
rateLimitCost: '', // 新增:费用限制
concurrencyLimit: '', concurrencyLimit: '',
dailyCostLimit: '', dailyCostLimit: '',
weeklyOpusCostLimit: '',
permissions: 'all', permissions: 'all',
claudeAccountId: '', claudeAccountId: '',
geminiAccountId: '', geminiAccountId: '',
@@ -702,13 +750,31 @@ const removeTag = (index) => {
// 更新 API Key // 更新 API Key
const updateApiKey = async () => { const updateApiKey = async () => {
// 检查是否设置了时间窗口但费用限制为0
if (form.rateLimitWindow && (!form.rateLimitCost || parseFloat(form.rateLimitCost) === 0)) {
let confirmed = false
if (window.showConfirm) {
confirmed = await window.showConfirm(
'费用限制提醒',
'您设置了时间窗口但费用限制为0这意味着不会有费用限制。\n\n是否继续',
'继续保存',
'返回修改'
)
} else {
// 降级方案
confirmed = confirm('您设置了时间窗口但费用限制为0这意味着不会有费用限制。\n是否继续')
}
if (!confirmed) {
return
}
}
loading.value = true loading.value = true
try { try {
// 准备提交的数据 // 准备提交的数据
const data = { const data = {
tokenLimit: tokenLimit: 0, // 清除历史token限制
form.tokenLimit !== '' && form.tokenLimit !== null ? parseInt(form.tokenLimit) : 0,
rateLimitWindow: rateLimitWindow:
form.rateLimitWindow !== '' && form.rateLimitWindow !== null form.rateLimitWindow !== '' && form.rateLimitWindow !== null
? parseInt(form.rateLimitWindow) ? parseInt(form.rateLimitWindow)
@@ -717,6 +783,10 @@ const updateApiKey = async () => {
form.rateLimitRequests !== '' && form.rateLimitRequests !== null form.rateLimitRequests !== '' && form.rateLimitRequests !== null
? parseInt(form.rateLimitRequests) ? parseInt(form.rateLimitRequests)
: 0, : 0,
rateLimitCost:
form.rateLimitCost !== '' && form.rateLimitCost !== null
? parseFloat(form.rateLimitCost)
: 0,
concurrencyLimit: concurrencyLimit:
form.concurrencyLimit !== '' && form.concurrencyLimit !== null form.concurrencyLimit !== '' && form.concurrencyLimit !== null
? parseInt(form.concurrencyLimit) ? parseInt(form.concurrencyLimit)
@@ -725,6 +795,10 @@ const updateApiKey = async () => {
form.dailyCostLimit !== '' && form.dailyCostLimit !== null form.dailyCostLimit !== '' && form.dailyCostLimit !== null
? parseFloat(form.dailyCostLimit) ? parseFloat(form.dailyCostLimit)
: 0, : 0,
weeklyOpusCostLimit:
form.weeklyOpusCostLimit !== '' && form.weeklyOpusCostLimit !== null
? parseFloat(form.weeklyOpusCostLimit)
: 0,
permissions: form.permissions, permissions: form.permissions,
tags: form.tags tags: form.tags
} }
@@ -893,11 +967,22 @@ onMounted(async () => {
} }
form.name = props.apiKey.name form.name = props.apiKey.name
// 处理速率限制迁移如果有tokenLimit且没有rateLimitCost提示用户
form.tokenLimit = props.apiKey.tokenLimit || '' form.tokenLimit = props.apiKey.tokenLimit || ''
form.rateLimitCost = props.apiKey.rateLimitCost || ''
// 如果有历史tokenLimit但没有rateLimitCost提示用户需要重新设置
if (props.apiKey.tokenLimit > 0 && !props.apiKey.rateLimitCost) {
// 可以根据需要添加提示,或者自动迁移(这里选择让用户手动设置)
console.log('检测到历史Token限制请考虑设置费用限制')
}
form.rateLimitWindow = props.apiKey.rateLimitWindow || '' form.rateLimitWindow = props.apiKey.rateLimitWindow || ''
form.rateLimitRequests = props.apiKey.rateLimitRequests || '' form.rateLimitRequests = props.apiKey.rateLimitRequests || ''
form.concurrencyLimit = props.apiKey.concurrencyLimit || '' form.concurrencyLimit = props.apiKey.concurrencyLimit || ''
form.dailyCostLimit = props.apiKey.dailyCostLimit || '' form.dailyCostLimit = props.apiKey.dailyCostLimit || ''
form.weeklyOpusCostLimit = props.apiKey.weeklyOpusCostLimit || ''
form.permissions = props.apiKey.permissions || 'all' form.permissions = props.apiKey.permissions || 'all'
// 处理 Claude 账号(区分 OAuth 和 Console // 处理 Claude 账号(区分 OAuth 和 Console
if (props.apiKey.claudeConsoleAccountId) { if (props.apiKey.claudeConsoleAccountId) {

2
web/admin-spa/src/components/apikeys/UsageDetailModal.vue
View File

@@ -196,6 +196,8 @@
时间窗口限制 时间窗口限制
</h5> </h5>
<WindowCountdown <WindowCountdown
:cost-limit="apiKey.rateLimitCost"
:current-cost="apiKey.currentWindowCost"
:current-requests="apiKey.currentWindowRequests" :current-requests="apiKey.currentWindowRequests"
:current-tokens="apiKey.currentWindowTokens" :current-tokens="apiKey.currentWindowTokens"
label="窗口状态" label="窗口状态"

40
web/admin-spa/src/components/apikeys/WindowCountdown.vue
View File

@@ -33,6 +33,7 @@
</div> </div>
</div> </div>
<!-- Token限制向后兼容 -->
<div v-if="hasTokenLimit" class="space-y-0.5"> <div v-if="hasTokenLimit" class="space-y-0.5">
<div class="flex items-center justify-between text-xs"> <div class="flex items-center justify-between text-xs">
<span class="text-gray-400">Token</span> <span class="text-gray-400">Token</span>
@@ -48,6 +49,23 @@
/> />
</div> </div>
</div> </div>
<!-- 费用限制新功能 -->
<div v-if="hasCostLimit" class="space-y-0.5">
<div class="flex items-center justify-between text-xs">
<span class="text-gray-400">费用</span>
<span class="text-gray-600">
${{ (currentCost || 0).toFixed(2) }}/${{ costLimit.toFixed(2) }}
</span>
</div>
<div class="h-1 w-full rounded-full bg-gray-200">
<div
class="h-1 rounded-full transition-all duration-300"
:class="getCostProgressColor()"
:style="{ width: getCostProgress() + '%' }"
/>
</div>
</div>
</div> </div>
<!-- 额外提示信息 --> <!-- 额外提示信息 -->
@@ -102,6 +120,14 @@ const props = defineProps({
type: Number, type: Number,
default: 0 default: 0
}, },
currentCost: {
type: Number,
default: 0
},
costLimit: {
type: Number,
default: 0
},
showProgress: { showProgress: {
type: Boolean, type: Boolean,
default: true default: true
@@ -132,6 +158,7 @@ const windowState = computed(() => {
const hasRequestLimit = computed(() => props.requestLimit > 0) const hasRequestLimit = computed(() => props.requestLimit > 0)
const hasTokenLimit = computed(() => props.tokenLimit > 0) const hasTokenLimit = computed(() => props.tokenLimit > 0)
const hasCostLimit = computed(() => props.costLimit > 0)
// 方法 // 方法
const formatTime = (seconds) => { const formatTime = (seconds) => {
@@ -196,6 +223,19 @@ const getTokenProgressColor = () => {
return 'bg-purple-500' return 'bg-purple-500'
} }
const getCostProgress = () => {
if (!props.costLimit || props.costLimit === 0) return 0
const percentage = ((props.currentCost || 0) / props.costLimit) * 100
return Math.min(percentage, 100)
}
const getCostProgressColor = () => {
const progress = getCostProgress()
if (progress >= 100) return 'bg-red-500'
if (progress >= 80) return 'bg-yellow-500'
return 'bg-green-500'
}
// 更新倒计时 // 更新倒计时
const updateCountdown = () => { const updateCountdown = () => {
if (props.windowEndTime && remainingSeconds.value > 0) { if (props.windowEndTime && remainingSeconds.value > 0) {

14
web/admin-spa/src/components/apistats/LimitConfig.vue
View File

@@ -45,10 +45,14 @@
<div <div
v-if=" v-if="
statsData.limits.rateLimitWindow > 0 && statsData.limits.rateLimitWindow > 0 &&
(statsData.limits.rateLimitRequests > 0 || statsData.limits.tokenLimit > 0) (statsData.limits.rateLimitRequests > 0 ||
statsData.limits.tokenLimit > 0 ||
statsData.limits.rateLimitCost > 0)
" "
> >
<WindowCountdown <WindowCountdown
:cost-limit="statsData.limits.rateLimitCost"
:current-cost="statsData.limits.currentWindowCost"
:current-requests="statsData.limits.currentWindowRequests" :current-requests="statsData.limits.currentWindowRequests"
:current-tokens="statsData.limits.currentWindowTokens" :current-tokens="statsData.limits.currentWindowTokens"
label="时间窗口限制" label="时间窗口限制"
@@ -64,7 +68,13 @@
<div class="mt-2 text-xs text-gray-500 dark:text-gray-400"> <div class="mt-2 text-xs text-gray-500 dark:text-gray-400">
<i class="fas fa-info-circle mr-1" /> <i class="fas fa-info-circle mr-1" />
请求次数和Token使用量为"或"的关系,任一达到限制即触发限流 <span v-if="statsData.limits.rateLimitCost > 0">
请求次数和费用限制为"或"的关系,任一达到限制即触发限流
</span>
<span v-else-if="statsData.limits.tokenLimit > 0">
请求次数和Token使用量为"或"的关系,任一达到限制即触发限流
</span>
<span v-else> 仅限制请求次数 </span>
</div> </div>
</div> </div>

38
web/admin-spa/src/components/layout/MainLayout.vue
View File

@@ -20,29 +20,43 @@
</template> </template>
<script setup> <script setup>
import { ref, watch, nextTick } from 'vue' import { ref, watch, nextTick, computed } from 'vue'
import { useRoute, useRouter } from 'vue-router' import { useRoute, useRouter } from 'vue-router'
import { useAuthStore } from '@/stores/auth'
import AppHeader from './AppHeader.vue' import AppHeader from './AppHeader.vue'
import TabBar from './TabBar.vue' import TabBar from './TabBar.vue'
const route = useRoute() const route = useRoute()
const router = useRouter() const router = useRouter()
const authStore = useAuthStore()
// 根据路由设置当前激活的标签 // 根据路由设置当前激活的标签
const activeTab = ref('dashboard') const activeTab = ref('dashboard')
const tabRouteMap = { // 根据 LDAP 配置动态生成路由映射
dashboard: '/dashboard', const tabRouteMap = computed(() => {
apiKeys: '/api-keys', const baseMap = {
accounts: '/accounts', dashboard: '/dashboard',
tutorial: '/tutorial', apiKeys: '/api-keys',
settings: '/settings' accounts: '/accounts',
} tutorial: '/tutorial',
settings: '/settings'
}
// 只有在 LDAP 启用时才包含用户管理路由
if (authStore.oemSettings?.ldapEnabled) {
baseMap.userManagement = '/user-management'
}
return baseMap
})
// 初始化当前激活的标签 // 初始化当前激活的标签
const initActiveTab = () => { const initActiveTab = () => {
const currentPath = route.path const currentPath = route.path
const tabKey = Object.keys(tabRouteMap).find((key) => tabRouteMap[key] === currentPath) const tabKey = Object.keys(tabRouteMap.value).find(
(key) => tabRouteMap.value[key] === currentPath
)
if (tabKey) { if (tabKey) {
activeTab.value = tabKey activeTab.value = tabKey
@@ -72,7 +86,7 @@ initActiveTab()
watch( watch(
() => route.path, () => route.path,
(newPath) => { (newPath) => {
const tabKey = Object.keys(tabRouteMap).find((key) => tabRouteMap[key] === newPath) const tabKey = Object.keys(tabRouteMap.value).find((key) => tabRouteMap.value[key] === newPath)
if (tabKey) { if (tabKey) {
activeTab.value = tabKey activeTab.value = tabKey
} else { } else {
@@ -95,7 +109,7 @@ watch(
// 处理标签切换 // 处理标签切换
const handleTabChange = async (tabKey) => { const handleTabChange = async (tabKey) => {
// 如果已经在目标路由,不需要做任何事 // 如果已经在目标路由,不需要做任何事
if (tabRouteMap[tabKey] === route.path) { if (tabRouteMap.value[tabKey] === route.path) {
return return
} }
@@ -104,7 +118,7 @@ const handleTabChange = async (tabKey) => {
// 使用 await 确保路由切换完成 // 使用 await 确保路由切换完成
try { try {
await router.push(tabRouteMap[tabKey]) await router.push(tabRouteMap.value[tabKey])
// 等待下一个DOM更新周期确保组件正确渲染 // 等待下一个DOM更新周期确保组件正确渲染
await nextTick() await nextTick()
} catch (err) { } catch (err) {

37
web/admin-spa/src/components/layout/TabBar.vue
View File

@@ -37,6 +37,9 @@
</template> </template>
<script setup> <script setup>
import { computed } from 'vue'
import { useAuthStore } from '@/stores/auth'
defineProps({ defineProps({
activeTab: { activeTab: {
type: String, type: String,
@@ -46,13 +49,33 @@ defineProps({
defineEmits(['tab-change']) defineEmits(['tab-change'])
const tabs = [ const authStore = useAuthStore()
{ key: 'dashboard', name: '仪表板', shortName: '仪表板', icon: 'fas fa-tachometer-alt' },
{ key: 'apiKeys', name: 'API Keys', shortName: 'API', icon: 'fas fa-key' }, // 根据 LDAP 配置动态生成 tabs
{ key: 'accounts', name: '账户管理', shortName: '账户', icon: 'fas fa-user-circle' }, const tabs = computed(() => {
{ key: 'tutorial', name: '使用教程', shortName: '教程', icon: 'fas fa-graduation-cap' }, const baseTabs = [
{ key: 'settings', name: '系统设置', shortName: '设置', icon: 'fas fa-cogs' } { key: 'dashboard', name: '仪表板', shortName: '仪表板', icon: 'fas fa-tachometer-alt' },
] { key: 'apiKeys', name: 'API Keys', shortName: 'API', icon: 'fas fa-key' },
{ key: 'accounts', name: '账户管理', shortName: '账户', icon: 'fas fa-user-circle' }
]
// 只有在 LDAP 启用时才显示用户管理
if (authStore.oemSettings?.ldapEnabled) {
baseTabs.push({
key: 'userManagement',
name: '用户管理',
shortName: '用户',
icon: 'fas fa-users'
})
}
baseTabs.push(
{ key: 'tutorial', name: '使用教程', shortName: '教程', icon: 'fas fa-graduation-cap' },
{ key: 'settings', name: '系统设置', shortName: '设置', icon: 'fas fa-cogs' }
)
return baseTabs
})
</script> </script>
<style scoped> <style scoped>

265
web/admin-spa/src/components/user/CreateApiKeyModal.vue Normal file
View File

@@ -0,0 +1,265 @@
<template>
<div
v-if="show"
class="fixed inset-0 z-50 h-full w-full overflow-y-auto bg-gray-600 bg-opacity-50"
>
<div
class="relative top-20 mx-auto w-[768px] max-w-4xl rounded-md border bg-white p-5 shadow-lg"
>
<div class="mt-3">
<div class="mb-4 flex items-center justify-between">
<h3 class="text-lg font-medium text-gray-900">Create New API Key</h3>
<button class="text-gray-400 hover:text-gray-600" @click="$emit('close')">
<svg class="h-6 w-6" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M6 18L18 6M6 6l12 12"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</button>
</div>
<form class="space-y-4" @submit.prevent="handleSubmit">
<div>
<label class="block text-sm font-medium text-gray-700" for="name"> Name * </label>
<input
id="name"
v-model="form.name"
class="mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm"
:disabled="loading"
placeholder="Enter API key name"
required
type="text"
/>
</div>
<div>
<label class="block text-sm font-medium text-gray-700" for="description">
Description
</label>
<textarea
id="description"
v-model="form.description"
class="mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm"
:disabled="loading"
placeholder="Optional description"
rows="3"
></textarea>
</div>
<div v-if="error" class="rounded-md border border-red-200 bg-red-50 p-3">
<div class="flex">
<div class="flex-shrink-0">
<svg class="h-5 w-5 text-red-400" fill="currentColor" viewBox="0 0 20 20">
<path
clip-rule="evenodd"
d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.707 7.293a1 1 0 00-1.414 1.414L8.586 10l-1.293 1.293a1 1 0 101.414 1.414L10 11.414l1.293 1.293a1 1 0 001.414-1.414L11.414 10l1.293-1.293a1 1 0 00-1.414-1.414L10 8.586 8.707 7.293z"
fill-rule="evenodd"
/>
</svg>
</div>
<div class="ml-3">
<p class="text-sm text-red-700">{{ error }}</p>
</div>
</div>
</div>
<div class="flex justify-end space-x-3 pt-4">
<button
class="rounded-md border border-gray-300 px-4 py-2 text-sm font-medium text-gray-700 hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 disabled:opacity-50"
:disabled="loading"
type="button"
@click="$emit('close')"
>
Cancel
</button>
<button
class="rounded-md border border-transparent bg-blue-600 px-4 py-2 text-sm font-medium text-white shadow-sm hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50"
:disabled="loading || !form.name.trim()"
type="submit"
>
<span v-if="loading" class="flex items-center">
<svg
class="-ml-1 mr-2 h-4 w-4 animate-spin text-white"
fill="none"
viewBox="0 0 24 24"
xmlns="http://www.w3.org/2000/svg"
>
<circle
class="opacity-25"
cx="12"
cy="12"
r="10"
stroke="currentColor"
stroke-width="4"
></circle>
<path
class="opacity-75"
d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"
fill="currentColor"
></path>
</svg>
Creating...
</span>
<span v-else>Create API Key</span>
</button>
</div>
</form>
<!-- Success Modal for showing the new API key -->
<div v-if="newApiKey" class="mt-6 rounded-md border border-green-200 bg-green-50 p-4">
<div class="flex items-start">
<div class="flex-shrink-0">
<svg class="h-5 w-5 text-green-400" fill="currentColor" viewBox="0 0 20 20">
<path
clip-rule="evenodd"
d="M10 18a8 8 0 100-16 8 8 0 000 16zm3.707-9.293a1 1 0 00-1.414-1.414L9 10.586 7.707 9.293a1 1 0 00-1.414 1.414l2 2a1 1 0 001.414 0l4-4z"
fill-rule="evenodd"
/>
</svg>
</div>
<div class="ml-3 flex-1">
<h4 class="text-sm font-medium text-green-800">API Key Created Successfully!</h4>
<div class="mt-3">
<p class="mb-2 text-sm text-green-700">
<strong>Important:</strong> Copy your API key now. You won't be able to see it
again!
</p>
<div class="rounded-md border border-green-300 bg-white p-3">
<div class="flex items-center justify-between">
<code class="break-all font-mono text-sm text-gray-900">{{
newApiKey.key
}}</code>
<button
class="ml-3 inline-flex flex-shrink-0 items-center rounded border border-transparent bg-green-100 px-2 py-1 text-xs font-medium text-green-700 hover:bg-green-200 focus:outline-none focus:ring-2 focus:ring-green-500 focus:ring-offset-2"
@click="copyToClipboard(newApiKey.key)"
>
<svg
class="mr-1 h-3 w-3"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M8 16H6a2 2 0 01-2-2V6a2 2 0 012-2h8a2 2 0 012 2v2m-6 12h8a2 2 0 002-2v-8a2 2 0 00-2-2h-8a2 2 0 00-2 2v8a2 2 0 002 2z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
Copy
</button>
</div>
</div>
</div>
<div class="mt-4 flex justify-end">
<button
class="rounded-md border border-transparent bg-green-600 px-4 py-2 text-sm font-medium text-white shadow-sm hover:bg-green-700 focus:outline-none focus:ring-2 focus:ring-green-500 focus:ring-offset-2"
@click="handleClose"
>
Done
</button>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</template>
<script setup>
import { ref, reactive, watch } from 'vue'
import { useUserStore } from '@/stores/user'
import { showToast } from '@/utils/toast'
const props = defineProps({
show: {
type: Boolean,
default: false
}
})
const emit = defineEmits(['close', 'created'])
const userStore = useUserStore()
const loading = ref(false)
const error = ref('')
const newApiKey = ref(null)
const form = reactive({
name: '',
description: ''
})
const resetForm = () => {
form.name = ''
form.description = ''
error.value = ''
newApiKey.value = null
}
const handleSubmit = async () => {
if (!form.name.trim()) {
error.value = 'API key name is required'
return
}
loading.value = true
error.value = ''
try {
const apiKeyData = {
name: form.name.trim(),
description: form.description.trim() || undefined
}
const result = await userStore.createApiKey(apiKeyData)
if (result.success) {
newApiKey.value = result.apiKey
showToast('API key created successfully!', 'success')
} else {
error.value = result.message || 'Failed to create API key'
}
} catch (err) {
console.error('Create API key error:', err)
error.value = err.response?.data?.message || err.message || 'Failed to create API key'
} finally {
loading.value = false
}
}
const copyToClipboard = async (text) => {
try {
await navigator.clipboard.writeText(text)
showToast('API key copied to clipboard!', 'success')
} catch (err) {
console.error('Failed to copy:', err)
showToast('Failed to copy to clipboard', 'error')
}
}
const handleClose = () => {
resetForm()
emit('created')
emit('close')
}
// Reset form when modal is shown
watch(
() => props.show,
(newValue) => {
if (newValue) {
resetForm()
}
}
)
</script>
<style scoped>
/* 组件特定样式 */
</style>

349
web/admin-spa/src/components/user/UserApiKeysManager.vue Normal file
View File

@@ -0,0 +1,349 @@
<template>
<div class="space-y-6">
<div class="sm:flex sm:items-center">
<div class="sm:flex-auto">
<h1 class="text-2xl font-semibold text-gray-900">My API Keys</h1>
<p class="mt-2 text-sm text-gray-700">
Manage your API keys to access Claude Relay services
</p>
</div>
<div class="mt-4 sm:ml-16 sm:mt-0 sm:flex-none">
<button
class="inline-flex items-center justify-center rounded-md border border-transparent bg-blue-600 px-4 py-2 text-sm font-medium text-white shadow-sm hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50 sm:w-auto"
:disabled="activeApiKeysCount >= maxApiKeys"
@click="showCreateModal = true"
>
<svg class="-ml-1 mr-2 h-4 w-4" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M12 6v6m0 0v6m0-6h6m-6 0H6"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
Create API Key
</button>
</div>
</div>
<!-- API Keys 数量限制提示 -->
<div
v-if="activeApiKeysCount >= maxApiKeys"
class="rounded-md border border-yellow-200 bg-yellow-50 p-4"
>
<div class="flex">
<div class="flex-shrink-0">
<svg class="h-5 w-5 text-yellow-400" fill="currentColor" viewBox="0 0 20 20">
<path
clip-rule="evenodd"
d="M8.257 3.099c.765-1.36 2.722-1.36 3.486 0l5.58 9.92c.75 1.334-.213 2.98-1.742 2.98H4.42c-1.53 0-2.493-1.646-1.743-2.98l5.58-9.92zM11 13a1 1 0 11-2 0 1 1 0 012 0zm-1-8a1 1 0 00-1 1v3a1 1 0 002 0V6a1 1 0 00-1-1z"
fill-rule="evenodd"
/>
</svg>
</div>
<div class="ml-3">
<p class="text-sm text-yellow-700">
You have reached the maximum number of API keys ({{ maxApiKeys }}). Please delete an
existing key to create a new one.
</p>
</div>
</div>
</div>
<!-- Loading State -->
<div v-if="loading" class="py-12 text-center">
<svg
class="mx-auto h-8 w-8 animate-spin text-blue-600"
fill="none"
viewBox="0 0 24 24"
xmlns="http://www.w3.org/2000/svg"
>
<circle
class="opacity-25"
cx="12"
cy="12"
r="10"
stroke="currentColor"
stroke-width="4"
></circle>
<path
class="opacity-75"
d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"
fill="currentColor"
></path>
</svg>
<p class="mt-2 text-sm text-gray-500">Loading API keys...</p>
</div>
<!-- API Keys List -->
<div v-else-if="sortedApiKeys.length > 0" class="overflow-hidden bg-white shadow sm:rounded-md">
<ul class="divide-y divide-gray-200" role="list">
<li v-for="apiKey in sortedApiKeys" :key="apiKey.id" class="px-6 py-4">
<div class="flex items-center justify-between">
<div class="flex items-center">
<div class="flex-shrink-0">
<div
:class="[
'h-2 w-2 rounded-full',
apiKey.isDeleted === 'true' || apiKey.deletedAt
? 'bg-gray-400'
: apiKey.isActive
? 'bg-green-400'
: 'bg-red-400'
]"
></div>
</div>
<div class="ml-4">
<div class="flex items-center">
<p class="text-sm font-medium text-gray-900">{{ apiKey.name }}</p>
<span
v-if="apiKey.isDeleted === 'true' || apiKey.deletedAt"
class="ml-2 inline-flex items-center rounded-full bg-gray-100 px-2.5 py-0.5 text-xs font-medium text-gray-800"
>
Deleted
</span>
<span
v-else-if="!apiKey.isActive"
class="ml-2 inline-flex items-center rounded-full bg-red-100 px-2.5 py-0.5 text-xs font-medium text-red-800"
>
Deleted
</span>
</div>
<div class="mt-1">
<p class="text-sm text-gray-500">{{ apiKey.description || 'No description' }}</p>
<div class="mt-1 flex items-center space-x-4 text-xs text-gray-400">
<span>Created: {{ formatDate(apiKey.createdAt) }}</span>
<span v-if="apiKey.isDeleted === 'true' || apiKey.deletedAt"
>Deleted: {{ formatDate(apiKey.deletedAt) }}</span
>
<span v-else-if="apiKey.lastUsedAt"
>Last used: {{ formatDate(apiKey.lastUsedAt) }}</span
>
<span v-else>Never used</span>
<span
v-if="apiKey.expiresAt && !(apiKey.isDeleted === 'true' || apiKey.deletedAt)"
>Expires: {{ formatDate(apiKey.expiresAt) }}</span
>
</div>
</div>
</div>
</div>
<div class="flex items-center space-x-2">
<!-- Usage Stats -->
<div class="text-right text-xs text-gray-500">
<div>{{ formatNumber(apiKey.usage?.requests || 0) }} requests</div>
<div v-if="apiKey.usage?.totalCost">${{ apiKey.usage.totalCost.toFixed(4) }}</div>
</div>
<!-- Actions -->
<div class="flex items-center space-x-1">
<button
class="inline-flex items-center rounded border border-transparent p-1 text-gray-400 hover:text-gray-600"
title="View API Key"
@click="showApiKey(apiKey)"
>
<svg class="h-4 w-4" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M15 12a3 3 0 11-6 0 3 3 0 016 0z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
<path
d="M2.458 12C3.732 7.943 7.523 5 12 5c4.478 0 8.268 2.943 9.542 7-1.274 4.057-5.064 7-9.542 7-4.477 0-8.268-2.943-9.542-7z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</button>
<button
v-if="!(apiKey.isDeleted === 'true' || apiKey.deletedAt) && apiKey.isActive"
class="inline-flex items-center rounded border border-transparent p-1 text-red-400 hover:text-red-600"
title="Delete API Key"
@click="deleteApiKey(apiKey)"
>
<svg class="h-4 w-4" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M19 7l-.867 12.142A2 2 0 0116.138 21H7.862a2 2 0 01-1.995-1.858L5 7m5 4v6m4-6v6m1-10V4a1 1 0 00-1-1h-4a1 1 0 00-1 1v3M4 7h16"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</button>
</div>
</div>
</div>
</li>
</ul>
</div>
<!-- Empty State -->
<div v-else class="py-12 text-center">
<svg
class="mx-auto h-12 w-12 text-gray-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M15 7a2 2 0 012 2m0 0a2 2 0 012 2m-2-2h-6m6 0v6a2 2 0 01-2 2H9a2 2 0 01-2-2V9a2 2 0 012-2h6z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
<h3 class="mt-2 text-sm font-medium text-gray-900">No API keys</h3>
<p class="mt-1 text-sm text-gray-500">Get started by creating your first API key.</p>
<div class="mt-6">
<button
class="inline-flex items-center rounded-md border border-transparent bg-blue-600 px-4 py-2 text-sm font-medium text-white shadow-sm hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2"
@click="showCreateModal = true"
>
<svg class="-ml-1 mr-2 h-4 w-4" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M12 6v6m0 0v6m0-6h6m-6 0H6"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
Create API Key
</button>
</div>
</div>
<!-- Create API Key Modal -->
<CreateApiKeyModal
:show="showCreateModal"
@close="showCreateModal = false"
@created="handleApiKeyCreated"
/>
<!-- View API Key Modal -->
<ViewApiKeyModal
:api-key="selectedApiKey"
:show="showViewModal"
@close="showViewModal = false"
/>
<!-- Confirm Delete Modal -->
<ConfirmModal
confirm-class="bg-red-600 hover:bg-red-700"
confirm-text="Delete"
:message="`Are you sure you want to delete '${selectedApiKey?.name}'? This action cannot be undone.`"
:show="showDeleteModal"
title="Delete API Key"
@cancel="showDeleteModal = false"
@confirm="handleDeleteConfirm"
/>
</div>
</template>
<script setup>
import { ref, computed, onMounted } from 'vue'
import { useUserStore } from '@/stores/user'
import { showToast } from '@/utils/toast'
import CreateApiKeyModal from './CreateApiKeyModal.vue'
import ViewApiKeyModal from './ViewApiKeyModal.vue'
import ConfirmModal from '@/components/common/ConfirmModal.vue'
const userStore = useUserStore()
const loading = ref(true)
const apiKeys = ref([])
const maxApiKeys = computed(() => userStore.config?.maxApiKeysPerUser || 5)
const showCreateModal = ref(false)
const showViewModal = ref(false)
const showDeleteModal = ref(false)
const selectedApiKey = ref(null)
// Computed property to sort API keys by creation time (descending - newest first)
const sortedApiKeys = computed(() => {
return [...apiKeys.value].sort((a, b) => {
const dateA = new Date(a.createdAt)
const dateB = new Date(b.createdAt)
return dateB - dateA // Descending order
})
})
// Computed property to count only active (non-deleted) API keys
const activeApiKeysCount = computed(() => {
return apiKeys.value.filter((key) => !(key.isDeleted === 'true' || key.deletedAt)).length
})
const formatNumber = (num) => {
if (num >= 1000000) {
return (num / 1000000).toFixed(1) + 'M'
} else if (num >= 1000) {
return (num / 1000).toFixed(1) + 'K'
}
return num.toString()
}
const formatDate = (dateString) => {
if (!dateString) return null
return new Date(dateString).toLocaleDateString('en-US', {
year: 'numeric',
month: 'short',
day: 'numeric',
hour: '2-digit',
minute: '2-digit'
})
}
const loadApiKeys = async () => {
loading.value = true
try {
apiKeys.value = await userStore.getUserApiKeys(true) // Include deleted keys
} catch (error) {
console.error('Failed to load API keys:', error)
showToast('Failed to load API keys', 'error')
} finally {
loading.value = false
}
}
const showApiKey = (apiKey) => {
selectedApiKey.value = apiKey
showViewModal.value = true
}
const deleteApiKey = (apiKey) => {
selectedApiKey.value = apiKey
showDeleteModal.value = true
}
const handleDeleteConfirm = async () => {
try {
const result = await userStore.deleteApiKey(selectedApiKey.value.id)
if (result.success) {
showToast('API key deleted successfully', 'success')
await loadApiKeys()
}
} catch (error) {
console.error('Failed to delete API key:', error)
showToast('Failed to delete API key', 'error')
} finally {
showDeleteModal.value = false
selectedApiKey.value = null
}
}
const handleApiKeyCreated = async () => {
showCreateModal.value = false
await loadApiKeys()
}
onMounted(() => {
loadApiKeys()
})
</script>
<style scoped>
/* 组件特定样式 */
</style>

397
web/admin-spa/src/components/user/UserUsageStats.vue Normal file
View File

@@ -0,0 +1,397 @@
<template>
<div class="space-y-6">
<div class="sm:flex sm:items-center">
<div class="sm:flex-auto">
<h1 class="text-2xl font-semibold text-gray-900">Usage Statistics</h1>
<p class="mt-2 text-sm text-gray-700">View your API usage statistics and costs</p>
</div>
<div class="mt-4 sm:ml-16 sm:mt-0 sm:flex-none">
<select
v-model="selectedPeriod"
class="block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm"
@change="loadUsageStats"
>
<option value="day">Last 24 Hours</option>
<option value="week">Last 7 Days</option>
<option value="month">Last 30 Days</option>
<option value="quarter">Last 90 Days</option>
</select>
</div>
</div>
<!-- Loading State -->
<div v-if="loading" class="py-12 text-center">
<svg
class="mx-auto h-8 w-8 animate-spin text-blue-600"
fill="none"
viewBox="0 0 24 24"
xmlns="http://www.w3.org/2000/svg"
>
<circle
class="opacity-25"
cx="12"
cy="12"
r="10"
stroke="currentColor"
stroke-width="4"
></circle>
<path
class="opacity-75"
d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"
fill="currentColor"
></path>
</svg>
<p class="mt-2 text-sm text-gray-500">Loading usage statistics...</p>
</div>
<!-- Stats Cards -->
<div v-else class="grid grid-cols-1 gap-6 md:grid-cols-2 lg:grid-cols-4">
<div class="overflow-hidden rounded-lg bg-white shadow">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-blue-500"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M13 10V3L4 14h7v7l9-11h-7z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500">Total Requests</dt>
<dd class="text-lg font-medium text-gray-900">
{{ formatNumber(usageStats?.totalRequests || 0) }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-white shadow">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-green-500"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M7 7h.01M7 3h5c.512 0 1.024.195 1.414.586l7 7a2 2 0 010 2.828l-7 7a2 2 0 01-2.828 0l-7-7A1.994 1.994 0 013 12V7a4 4 0 014-4z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500">Input Tokens</dt>
<dd class="text-lg font-medium text-gray-900">
{{ formatNumber(usageStats?.totalInputTokens || 0) }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-white shadow">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-purple-500"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M7 7h.01M7 3h5c.512 0 1.024.195 1.414.586l7 7a2 2 0 010 2.828l-7 7a2 2 0 01-2.828 0l-7-7A1.994 1.994 0 013 12V7a4 4 0 014-4z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500">Output Tokens</dt>
<dd class="text-lg font-medium text-gray-900">
{{ formatNumber(usageStats?.totalOutputTokens || 0) }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-white shadow">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-yellow-500"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M12 8c-1.657 0-3 .895-3 2s1.343 2 3 2 3 .895 3 2-1.343 2-3 2m0-8c1.11 0 2.08.402 2.599 1M12 8V7m0 1v8m0 0v1m0-1c-1.11 0-2.08-.402-2.599-1"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500">Total Cost</dt>
<dd class="text-lg font-medium text-gray-900">
${{ (usageStats?.totalCost || 0).toFixed(4) }}
</dd>
</dl>
</div>
</div>
</div>
</div>
</div>
<!-- Daily Usage Chart -->
<div v-if="!loading && usageStats" class="rounded-lg bg-white shadow">
<div class="px-4 py-5 sm:p-6">
<h3 class="mb-4 text-lg font-medium leading-6 text-gray-900">Daily Usage Trend</h3>
<!-- Placeholder for chart - you can integrate Chart.js or similar -->
<div
class="flex h-64 items-center justify-center rounded-lg border-2 border-dashed border-gray-300"
>
<div class="text-center">
<svg
class="mx-auto h-12 w-12 text-gray-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M9 19v-6a2 2 0 00-2-2H5a2 2 0 00-2 2v6a2 2 0 002 2h2a2 2 0 002-2zm0 0V9a2 2 0 012-2h2a2 2 0 012 2v10m-6 0a2 2 0 002 2h2a2 2 0 002-2m0 0V5a2 2 0 012-2h2a2 2 0 012 2v14a2 2 0 01-2 2h-2a2 2 0 01-2-2z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
<h3 class="mt-2 text-sm font-medium text-gray-900">Usage Chart</h3>
<p class="mt-1 text-sm text-gray-500">Daily usage trends would be displayed here</p>
<p class="mt-2 text-xs text-gray-400">
(Chart integration can be added with Chart.js, D3.js, or similar library)
</p>
</div>
</div>
</div>
</div>
<!-- Model Usage Breakdown -->
<div
v-if="!loading && usageStats && usageStats.modelStats?.length > 0"
class="rounded-lg bg-white shadow"
>
<div class="px-4 py-5 sm:p-6">
<h3 class="mb-4 text-lg font-medium leading-6 text-gray-900">Usage by Model</h3>
<div class="space-y-3">
<div
v-for="model in usageStats.modelStats"
:key="model.name"
class="flex items-center justify-between"
>
<div class="flex items-center">
<div class="flex-shrink-0">
<div class="h-2 w-2 rounded-full bg-blue-500"></div>
</div>
<div class="ml-3">
<p class="text-sm font-medium text-gray-900">{{ model.name }}</p>
</div>
</div>
<div class="text-right">
<p class="text-sm text-gray-900">{{ formatNumber(model.requests) }} requests</p>
<p class="text-xs text-gray-500">${{ model.cost.toFixed(4) }}</p>
</div>
</div>
</div>
</div>
</div>
<!-- Detailed Usage Table -->
<div v-if="!loading && userApiKeys.length > 0" class="rounded-lg bg-white shadow">
<div class="px-4 py-5 sm:p-6">
<h3 class="mb-4 text-lg font-medium leading-6 text-gray-900">Usage by API Key</h3>
<div class="overflow-hidden">
<table class="min-w-full divide-y divide-gray-200">
<thead class="bg-gray-50">
<tr>
<th
class="px-6 py-3 text-left text-xs font-medium uppercase tracking-wider text-gray-500"
scope="col"
>
API Key
</th>
<th
class="px-6 py-3 text-left text-xs font-medium uppercase tracking-wider text-gray-500"
scope="col"
>
Requests
</th>
<th
class="px-6 py-3 text-left text-xs font-medium uppercase tracking-wider text-gray-500"
scope="col"
>
Input Tokens
</th>
<th
class="px-6 py-3 text-left text-xs font-medium uppercase tracking-wider text-gray-500"
scope="col"
>
Output Tokens
</th>
<th
class="px-6 py-3 text-left text-xs font-medium uppercase tracking-wider text-gray-500"
scope="col"
>
Cost
</th>
<th
class="px-6 py-3 text-left text-xs font-medium uppercase tracking-wider text-gray-500"
scope="col"
>
Status
</th>
</tr>
</thead>
<tbody class="divide-y divide-gray-200 bg-white">
<tr v-for="apiKey in userApiKeys" :key="apiKey.id">
<td class="whitespace-nowrap px-6 py-4">
<div class="text-sm font-medium text-gray-900">{{ apiKey.name }}</div>
<div class="text-sm text-gray-500">{{ apiKey.keyPreview }}</div>
</td>
<td class="whitespace-nowrap px-6 py-4 text-sm text-gray-900">
{{ formatNumber(apiKey.usage?.requests || 0) }}
</td>
<td class="whitespace-nowrap px-6 py-4 text-sm text-gray-900">
{{ formatNumber(apiKey.usage?.inputTokens || 0) }}
</td>
<td class="whitespace-nowrap px-6 py-4 text-sm text-gray-900">
{{ formatNumber(apiKey.usage?.outputTokens || 0) }}
</td>
<td class="whitespace-nowrap px-6 py-4 text-sm text-gray-900">
${{ (apiKey.usage?.totalCost || 0).toFixed(4) }}
</td>
<td class="whitespace-nowrap px-6 py-4">
<span
:class="[
'inline-flex items-center rounded-full px-2.5 py-0.5 text-xs font-medium',
apiKey.isDeleted === 'true' || apiKey.deletedAt
? 'bg-gray-100 text-gray-800'
: apiKey.isActive
? 'bg-green-100 text-green-800'
: 'bg-red-100 text-red-800'
]"
>
{{
apiKey.isDeleted === 'true' || apiKey.deletedAt
? 'Deleted'
: apiKey.isActive
? 'Active'
: 'Disabled'
}}
</span>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<!-- No Data State -->
<div
v-if="!loading && (!usageStats || usageStats.totalRequests === 0)"
class="py-12 text-center"
>
<svg
class="mx-auto h-12 w-12 text-gray-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M9 19v-6a2 2 0 00-2-2H5a2 2 0 00-2 2v6a2 2 0 002 2h2a2 2 0 002-2zm0 0V9a2 2 0 012-2h2a2 2 0 012 2v10m-6 0a2 2 0 002 2h2a2 2 0 002-2m0 0V5a2 2 0 012-2h2a2 2 0 012 2v14a2 2 0 01-2 2h-2a2 2 0 01-2-2z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
<h3 class="mt-2 text-sm font-medium text-gray-900">No usage data</h3>
<p class="mt-1 text-sm text-gray-500">
You haven't made any API requests yet. Create an API key and start using the service to see
usage statistics.
</p>
</div>
</div>
</template>
<script setup>
import { ref, onMounted } from 'vue'
import { useUserStore } from '@/stores/user'
import { showToast } from '@/utils/toast'
const userStore = useUserStore()
const loading = ref(true)
const selectedPeriod = ref('week')
const usageStats = ref(null)
const userApiKeys = ref([])
const formatNumber = (num) => {
if (num >= 1000000) {
return (num / 1000000).toFixed(1) + 'M'
} else if (num >= 1000) {
return (num / 1000).toFixed(1) + 'K'
}
return num.toString()
}
const loadUsageStats = async () => {
loading.value = true
try {
const [stats, apiKeys] = await Promise.all([
userStore.getUserUsageStats({ period: selectedPeriod.value }),
userStore.getUserApiKeys(true) // Include deleted keys
])
usageStats.value = stats
userApiKeys.value = apiKeys
} catch (error) {
console.error('Failed to load usage stats:', error)
showToast('Failed to load usage statistics', 'error')
} finally {
loading.value = false
}
}
onMounted(() => {
loadUsageStats()
})
</script>
<style scoped>
/* 组件特定样式 */
</style>

250
web/admin-spa/src/components/user/ViewApiKeyModal.vue Normal file
View File

@@ -0,0 +1,250 @@
<template>
<div
v-if="show"
class="fixed inset-0 z-50 h-full w-full overflow-y-auto bg-gray-600 bg-opacity-50"
>
<div
class="relative top-20 mx-auto w-[768px] max-w-4xl rounded-md border bg-white p-5 shadow-lg"
>
<div class="mt-3">
<div class="mb-4 flex items-center justify-between">
<h3 class="text-lg font-medium text-gray-900">API Key Details</h3>
<button class="text-gray-400 hover:text-gray-600" @click="emit('close')">
<svg class="h-6 w-6" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M6 18L18 6M6 6l12 12"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</button>
</div>
<div v-if="apiKey" class="space-y-4">
<!-- API Key Name -->
<div>
<label class="block text-sm font-medium text-gray-700">Name</label>
<p class="mt-1 text-sm text-gray-900">{{ apiKey.name }}</p>
</div>
<!-- Description -->
<div v-if="apiKey.description">
<label class="block text-sm font-medium text-gray-700">Description</label>
<p class="mt-1 text-sm text-gray-900">{{ apiKey.description }}</p>
</div>
<!-- API Key -->
<div>
<label class="block text-sm font-medium text-gray-700">API Key</label>
<div class="mt-1 flex items-center space-x-2">
<div class="flex-1">
<div v-if="showFullKey" class="rounded-md border border-gray-300 bg-gray-50 p-3">
<code class="break-all font-mono text-sm text-gray-900">{{
apiKey.key || 'Not available'
}}</code>
</div>
<div v-else class="rounded-md border border-gray-300 bg-gray-50 p-3">
<code class="font-mono text-sm text-gray-900">{{
apiKey.keyPreview || 'cr_****'
}}</code>
</div>
</div>
<div class="flex flex-col space-y-1">
<button
v-if="apiKey.key"
class="inline-flex items-center rounded border border-gray-300 bg-white px-2 py-1 text-xs font-medium text-gray-700 hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2"
@click="showFullKey = !showFullKey"
>
<svg
v-if="showFullKey"
class="mr-1 h-3 w-3"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M13.875 18.825A10.05 10.05 0 0112 19c-4.478 0-8.268-2.943-9.543-7a9.97 9.97 0 011.563-3.029m5.858.908a3 3 0 114.243 4.243M9.878 9.878l4.242 4.242M9.878 9.878L3 3m6.878 6.878L12 12m-1.122-2.122L12 12m-1.122-2.122l-4.243-4.242m6.879 6.878L15 15"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
<svg
v-else
class="mr-1 h-3 w-3"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M15 12a3 3 0 11-6 0 3 3 0 016 0z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
<path
d="M2.458 12C3.732 7.943 7.523 5 12 5c4.478 0 8.268 2.943 9.542 7-1.274 4.057-5.064 7-9.542 7-4.477 0-8.268-2.943-9.542-7z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
{{ showFullKey ? 'Hide' : 'Show' }}
</button>
<button
v-if="showFullKey && apiKey.key"
class="inline-flex items-center rounded border border-gray-300 bg-white px-2 py-1 text-xs font-medium text-gray-700 hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2"
@click="copyToClipboard(apiKey.key)"
>
<svg class="mr-1 h-3 w-3" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M8 16H6a2 2 0 01-2-2V6a2 2 0 012-2h8a2 2 0 012 2v2m-6 12h8a2 2 0 002-2v-8a2 2 0 00-2-2h-8a2 2 0 00-2 2v8a2 2 0 002 2z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
Copy
</button>
</div>
</div>
<p v-if="!apiKey.key" class="mt-1 text-xs text-gray-500">
Full API key is only shown when first created or regenerated
</p>
</div>
<!-- Status -->
<div>
<label class="block text-sm font-medium text-gray-700">Status</label>
<div class="mt-1">
<span
:class="[
'inline-flex items-center rounded-full px-2.5 py-0.5 text-xs font-medium',
apiKey.isActive ? 'bg-green-100 text-green-800' : 'bg-red-100 text-red-800'
]"
>
{{ apiKey.isActive ? 'Active' : 'Disabled' }}
</span>
</div>
</div>
<!-- Usage Stats -->
<div v-if="apiKey.usage" class="border-t border-gray-200 pt-4">
<label class="mb-2 block text-sm font-medium text-gray-700">Usage Statistics</label>
<div class="grid grid-cols-2 gap-4 text-sm">
<div>
<span class="text-gray-500">Requests:</span>
<span class="ml-2 font-medium">{{ formatNumber(apiKey.usage.requests || 0) }}</span>
</div>
<div>
<span class="text-gray-500">Input Tokens:</span>
<span class="ml-2 font-medium">{{
formatNumber(apiKey.usage.inputTokens || 0)
}}</span>
</div>
<div>
<span class="text-gray-500">Output Tokens:</span>
<span class="ml-2 font-medium">{{
formatNumber(apiKey.usage.outputTokens || 0)
}}</span>
</div>
<div>
<span class="text-gray-500">Total Cost:</span>
<span class="ml-2 font-medium"
>${{ (apiKey.usage.totalCost || 0).toFixed(4) }}</span
>
</div>
</div>
</div>
<!-- Timestamps -->
<div class="space-y-2 border-t border-gray-200 pt-4 text-sm">
<div class="flex justify-between">
<span class="text-gray-500">Created:</span>
<span class="text-gray-900">{{ formatDate(apiKey.createdAt) }}</span>
</div>
<div v-if="apiKey.lastUsedAt" class="flex justify-between">
<span class="text-gray-500">Last Used:</span>
<span class="text-gray-900">{{ formatDate(apiKey.lastUsedAt) }}</span>
</div>
<div v-if="apiKey.expiresAt" class="flex justify-between">
<span class="text-gray-500">Expires:</span>
<span
:class="[
'font-medium',
new Date(apiKey.expiresAt) < new Date() ? 'text-red-600' : 'text-gray-900'
]"
>
{{ formatDate(apiKey.expiresAt) }}
</span>
</div>
</div>
<div class="flex justify-end pt-4">
<button
class="rounded-md border border-gray-300 px-4 py-2 text-sm font-medium text-gray-700 hover:bg-gray-50 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2"
@click="emit('close')"
>
Close
</button>
</div>
</div>
</div>
</div>
</div>
</template>
<script setup>
import { ref } from 'vue'
import { showToast } from '@/utils/toast'
defineProps({
show: {
type: Boolean,
default: false
},
apiKey: {
type: Object,
default: null
}
})
const emit = defineEmits(['close'])
const showFullKey = ref(false)
const formatNumber = (num) => {
if (num >= 1000000) {
return (num / 1000000).toFixed(1) + 'M'
} else if (num >= 1000) {
return (num / 1000).toFixed(1) + 'K'
}
return num.toString()
}
const formatDate = (dateString) => {
if (!dateString) return null
return new Date(dateString).toLocaleDateString('en-US', {
year: 'numeric',
month: 'short',
day: 'numeric',
hour: '2-digit',
minute: '2-digit'
})
}
const copyToClipboard = async (text) => {
try {
await navigator.clipboard.writeText(text)
showToast('Copied to clipboard!', 'success')
} catch (err) {
console.error('Failed to copy:', err)
showToast('Failed to copy to clipboard', 'error')
}
}
</script>
<style scoped>
/* 组件特定样式 */
</style>

18
web/admin-spa/src/config/api.js
View File

@@ -158,6 +158,24 @@ class ApiClient {
} }
} }
// PATCH 请求
async patch(url, data = null, options = {}) {
const fullUrl = createApiUrl(url)
const config = this.buildConfig({
...options,
method: 'PATCH',
body: data ? JSON.stringify(data) : undefined
})
try {
const response = await fetch(fullUrl, config)
return await this.handleResponse(response)
} catch (error) {
console.error('API PATCH Error:', error)
throw error
}
}
// DELETE 请求 // DELETE 请求
async delete(url, options = {}) { async delete(url, options = {}) {
const fullUrl = createApiUrl(url) const fullUrl = createApiUrl(url)

5
web/admin-spa/src/main.js
View File

@@ -6,6 +6,7 @@ import 'element-plus/dist/index.css'
import 'element-plus/theme-chalk/dark/css-vars.css' import 'element-plus/theme-chalk/dark/css-vars.css'
import App from './App.vue' import App from './App.vue'
import router from './router' import router from './router'
import { useUserStore } from './stores/user'
import './assets/styles/main.css' import './assets/styles/main.css'
import './assets/styles/global.css' import './assets/styles/global.css'
@@ -24,5 +25,9 @@ app.use(ElementPlus, {
locale: zhCn locale: zhCn
}) })
// 设置axios拦截器
const userStore = useUserStore()
userStore.setupAxiosInterceptors()
// 挂载应用 // 挂载应用
app.mount('#app') app.mount('#app')

68
web/admin-spa/src/router/index.js
View File

@@ -1,9 +1,13 @@
import { createRouter, createWebHistory } from 'vue-router' import { createRouter, createWebHistory } from 'vue-router'
import { useAuthStore } from '@/stores/auth' import { useAuthStore } from '@/stores/auth'
import { useUserStore } from '@/stores/user'
import { APP_CONFIG } from '@/config/app' import { APP_CONFIG } from '@/config/app'
// 路由懒加载 // 路由懒加载
const LoginView = () => import('@/views/LoginView.vue') const LoginView = () => import('@/views/LoginView.vue')
const UserLoginView = () => import('@/views/UserLoginView.vue')
const UserDashboardView = () => import('@/views/UserDashboardView.vue')
const UserManagementView = () => import('@/views/UserManagementView.vue')
const MainLayout = () => import('@/components/layout/MainLayout.vue') const MainLayout = () => import('@/components/layout/MainLayout.vue')
const DashboardView = () => import('@/views/DashboardView.vue') const DashboardView = () => import('@/views/DashboardView.vue')
const ApiKeysView = () => import('@/views/ApiKeysView.vue') const ApiKeysView = () => import('@/views/ApiKeysView.vue')
@@ -35,6 +39,22 @@ const routes = [
component: LoginView, component: LoginView,
meta: { requiresAuth: false } meta: { requiresAuth: false }
}, },
{
path: '/admin-login',
redirect: '/login'
},
{
path: '/user-login',
name: 'UserLogin',
component: UserLoginView,
meta: { requiresAuth: false, userAuth: true }
},
{
path: '/user-dashboard',
name: 'UserDashboard',
component: UserDashboardView,
meta: { requiresUserAuth: true }
},
{ {
path: '/api-stats', path: '/api-stats',
name: 'ApiStats', name: 'ApiStats',
@@ -101,6 +121,18 @@ const routes = [
} }
] ]
}, },
{
path: '/user-management',
component: MainLayout,
meta: { requiresAuth: true },
children: [
{
path: '',
name: 'UserManagement',
component: UserManagementView
}
]
},
// 捕获所有未匹配的路由 // 捕获所有未匹配的路由
{ {
path: '/:pathMatch(.*)*', path: '/:pathMatch(.*)*',
@@ -114,15 +146,18 @@ const router = createRouter({
}) })
// 路由守卫 // 路由守卫
router.beforeEach((to, from, next) => { router.beforeEach(async (to, from, next) => {
const authStore = useAuthStore() const authStore = useAuthStore()
const userStore = useUserStore()
console.log('路由导航:', { console.log('路由导航:', {
to: to.path, to: to.path,
from: from.path, from: from.path,
fullPath: to.fullPath, fullPath: to.fullPath,
requiresAuth: to.meta.requiresAuth, requiresAuth: to.meta.requiresAuth,
isAuthenticated: authStore.isAuthenticated requiresUserAuth: to.meta.requiresUserAuth,
isAuthenticated: authStore.isAuthenticated,
isUserAuthenticated: userStore.isAuthenticated
}) })
// 防止重定向循环:如果已经在目标路径,直接放行 // 防止重定向循环:如果已经在目标路径,直接放行
@@ -130,9 +165,38 @@ router.beforeEach((to, from, next) => {
return next() return next()
} }
// 检查用户认证状态
if (to.meta.requiresUserAuth) {
if (!userStore.isAuthenticated) {
// 尝试检查本地存储的认证信息
try {
const isUserLoggedIn = await userStore.checkAuth()
if (!isUserLoggedIn) {
return next('/user-login')
}
} catch (error) {
// If the error is about disabled account, redirect to login with error
if (error.message && error.message.includes('disabled')) {
// Import showToast to display the error
const { showToast } = await import('@/utils/toast')
showToast(error.message, 'error')
}
return next('/user-login')
}
}
return next()
}
// API Stats 页面不需要认证,直接放行 // API Stats 页面不需要认证,直接放行
if (to.path === '/api-stats' || to.path.startsWith('/api-stats')) { if (to.path === '/api-stats' || to.path.startsWith('/api-stats')) {
next() next()
} else if (to.path === '/user-login') {
// 如果已经是用户登录状态,重定向到用户仪表板
if (userStore.isAuthenticated) {
next('/user-dashboard')
} else {
next()
}
} else if (to.meta.requiresAuth && !authStore.isAuthenticated) { } else if (to.meta.requiresAuth && !authStore.isAuthenticated) {
next('/login') next('/login')
} else if (to.path === '/login' && authStore.isAuthenticated) { } else if (to.path === '/login' && authStore.isAuthenticated) {

217
web/admin-spa/src/stores/user.js Normal file
View File

@@ -0,0 +1,217 @@
import { defineStore } from 'pinia'
import axios from 'axios'
import { showToast } from '@/utils/toast'
const API_BASE = '/users'
export const useUserStore = defineStore('user', {
state: () => ({
user: null,
isAuthenticated: false,
sessionToken: null,
loading: false,
config: null
}),
getters: {
isLoggedIn: (state) => state.isAuthenticated && state.user,
userName: (state) => state.user?.displayName || state.user?.username,
userRole: (state) => state.user?.role
},
actions: {
// 🔐 用户登录
async login(credentials) {
this.loading = true
try {
const response = await axios.post(`${API_BASE}/login`, credentials)
if (response.data.success) {
this.user = response.data.user
this.sessionToken = response.data.sessionToken
this.isAuthenticated = true
// 保存到 localStorage
localStorage.setItem('userToken', this.sessionToken)
localStorage.setItem('userData', JSON.stringify(this.user))
// 设置 axios 默认头部
this.setAuthHeader()
return response.data
} else {
throw new Error(response.data.message || 'Login failed')
}
} catch (error) {
this.clearAuth()
throw error
} finally {
this.loading = false
}
},
// 🚪 用户登出
async logout() {
try {
if (this.sessionToken) {
await axios.post(
`${API_BASE}/logout`,
{},
{
headers: { 'x-user-token': this.sessionToken }
}
)
}
} catch (error) {
console.error('Logout request failed:', error)
} finally {
this.clearAuth()
}
},
// 🔄 检查认证状态
async checkAuth() {
const token = localStorage.getItem('userToken')
const userData = localStorage.getItem('userData')
const userConfig = localStorage.getItem('userConfig')
if (!token || !userData) {
this.clearAuth()
return false
}
try {
this.sessionToken = token
this.user = JSON.parse(userData)
this.config = userConfig ? JSON.parse(userConfig) : null
this.isAuthenticated = true
this.setAuthHeader()
// 验证 token 是否仍然有效
await this.getUserProfile()
return true
} catch (error) {
console.error('Auth check failed:', error)
this.clearAuth()
return false
}
},
// 👤 获取用户资料
async getUserProfile() {
try {
const response = await axios.get(`${API_BASE}/profile`)
if (response.data.success) {
this.user = response.data.user
this.config = response.data.config
localStorage.setItem('userData', JSON.stringify(this.user))
localStorage.setItem('userConfig', JSON.stringify(this.config))
return response.data.user
}
} catch (error) {
if (error.response?.status === 401 || error.response?.status === 403) {
// 401: Invalid/expired session, 403: Account disabled
this.clearAuth()
// If it's a disabled account error, throw a specific error
if (error.response?.status === 403) {
throw new Error(error.response.data?.message || 'Your account has been disabled')
}
}
throw error
}
},
// 🔑 获取用户API Keys
async getUserApiKeys(includeDeleted = false) {
try {
const params = {}
if (includeDeleted) {
params.includeDeleted = 'true'
}
const response = await axios.get(`${API_BASE}/api-keys`, { params })
return response.data.success ? response.data.apiKeys : []
} catch (error) {
console.error('Failed to fetch API keys:', error)
throw error
}
},
// 🔑 创建API Key
async createApiKey(keyData) {
try {
const response = await axios.post(`${API_BASE}/api-keys`, keyData)
return response.data
} catch (error) {
console.error('Failed to create API key:', error)
throw error
}
},
// 🗑️ 删除API Key
async deleteApiKey(keyId) {
try {
const response = await axios.delete(`${API_BASE}/api-keys/${keyId}`)
return response.data
} catch (error) {
console.error('Failed to delete API key:', error)
throw error
}
},
// 📊 获取使用统计
async getUserUsageStats(params = {}) {
try {
const response = await axios.get(`${API_BASE}/usage-stats`, { params })
return response.data.success ? response.data.stats : null
} catch (error) {
console.error('Failed to fetch usage stats:', error)
throw error
}
},
// 🧹 清除认证信息
clearAuth() {
this.user = null
this.sessionToken = null
this.isAuthenticated = false
this.config = null
localStorage.removeItem('userToken')
localStorage.removeItem('userData')
localStorage.removeItem('userConfig')
// 清除 axios 默认头部
delete axios.defaults.headers.common['x-user-token']
},
// 🔧 设置认证头部
setAuthHeader() {
if (this.sessionToken) {
axios.defaults.headers.common['x-user-token'] = this.sessionToken
}
},
// 🔧 设置axios拦截器
setupAxiosInterceptors() {
// Response interceptor to handle disabled user responses globally
axios.interceptors.response.use(
(response) => response,
(error) => {
if (error.response?.status === 403) {
const message = error.response.data?.message
if (message && (message.includes('disabled') || message.includes('Account disabled'))) {
this.clearAuth()
showToast(message, 'error')
// Redirect to login page
if (window.location.pathname !== '/user-login') {
window.location.href = '/user-login'
}
}
}
return Promise.reject(error)
}
)
}
}
})

278
web/admin-spa/src/views/AccountsView.vue
View File

@@ -191,7 +191,39 @@
<th <th
class="w-[10%] min-w-[100px] px-3 py-4 text-left text-xs font-bold uppercase tracking-wider text-gray-700 dark:text-gray-300" class="w-[10%] min-w-[100px] px-3 py-4 text-left text-xs font-bold uppercase tracking-wider text-gray-700 dark:text-gray-300"
> >
会话窗口 <div class="flex items-center gap-2">
<span>会话窗口</span>
<el-tooltip placement="top">
<template #content>
<div class="space-y-2">
<div>会话窗口进度表示5小时窗口的时间进度</div>
<div class="space-y-1 text-xs">
<div class="flex items-center gap-2">
<div
class="h-2 w-16 rounded bg-gradient-to-r from-blue-500 to-indigo-600"
></div>
<span>正常请求正常处理</span>
</div>
<div class="flex items-center gap-2">
<div
class="h-2 w-16 rounded bg-gradient-to-r from-yellow-500 to-orange-500"
></div>
<span>警告接近限制</span>
</div>
<div class="flex items-center gap-2">
<div
class="h-2 w-16 rounded bg-gradient-to-r from-red-500 to-red-600"
></div>
<span>拒绝达到速率限制</span>
</div>
</div>
</div>
</template>
<i
class="fas fa-question-circle cursor-help text-xs text-gray-400 hover:text-gray-600 dark:text-gray-500 dark:hover:text-gray-400"
/>
</el-tooltip>
</div>
</th> </th>
<th <th
class="w-[8%] min-w-[80px] px-3 py-4 text-left text-xs font-bold uppercase tracking-wider text-gray-700 dark:text-gray-300" class="w-[8%] min-w-[80px] px-3 py-4 text-left text-xs font-bold uppercase tracking-wider text-gray-700 dark:text-gray-300"
@@ -395,6 +427,14 @@
> >
<i class="fas fa-pause-circle mr-1" /> <i class="fas fa-pause-circle mr-1" />
不可调度 不可调度
<el-tooltip
v-if="getSchedulableReason(account)"
:content="getSchedulableReason(account)"
effect="dark"
placement="top"
>
<i class="fas fa-question-circle ml-1 cursor-help text-gray-500" />
</el-tooltip>
</span> </span>
<span <span
v-if="account.status === 'blocked' && account.errorMessage" v-if="account.status === 'blocked' && account.errorMessage"
@@ -450,15 +490,21 @@
<td class="whitespace-nowrap px-3 py-4 text-sm"> <td class="whitespace-nowrap px-3 py-4 text-sm">
<div v-if="account.usage && account.usage.daily" class="space-y-1"> <div v-if="account.usage && account.usage.daily" class="space-y-1">
<div class="flex items-center gap-2"> <div class="flex items-center gap-2">
<div class="h-2 w-2 rounded-full bg-green-500" /> <div class="h-2 w-2 rounded-full bg-blue-500" />
<span class="text-sm font-medium text-gray-900 dark:text-gray-100" <span class="text-sm font-medium text-gray-900 dark:text-gray-100"
>{{ account.usage.daily.requests || 0 }} 次</span >{{ account.usage.daily.requests || 0 }} 次</span
> >
</div> </div>
<div class="flex items-center gap-2"> <div class="flex items-center gap-2">
<div class="h-2 w-2 rounded-full bg-blue-500" /> <div class="h-2 w-2 rounded-full bg-purple-500" />
<span class="text-xs text-gray-600 dark:text-gray-300" <span class="text-xs text-gray-600 dark:text-gray-300"
>{{ formatNumber(account.usage.daily.allTokens || 0) }} tokens</span >{{ formatNumber(account.usage.daily.allTokens || 0) }}M</span
>
</div>
<div class="flex items-center gap-2">
<div class="h-2 w-2 rounded-full bg-green-500" />
<span class="text-xs text-gray-600 dark:text-gray-300"
>${{ calculateDailyCost(account) }}</span
> >
</div> </div>
<div <div
@@ -479,10 +525,33 @@
" "
class="space-y-2" class="space-y-2"
> >
<!-- 使用统计在顶部 -->
<div
v-if="account.usage && account.usage.sessionWindow"
class="flex items-center gap-3 text-xs"
>
<div class="flex items-center gap-1">
<div class="h-1.5 w-1.5 rounded-full bg-purple-500" />
<span class="font-medium text-gray-900 dark:text-gray-100">
{{ formatNumber(account.usage.sessionWindow.totalTokens) }}M
</span>
</div>
<div class="flex items-center gap-1">
<div class="h-1.5 w-1.5 rounded-full bg-green-500" />
<span class="font-medium text-gray-900 dark:text-gray-100">
${{ formatCost(account.usage.sessionWindow.totalCost) }}
</span>
</div>
</div>
<!-- 进度条 -->
<div class="flex items-center gap-2"> <div class="flex items-center gap-2">
<div class="h-2 w-24 rounded-full bg-gray-200"> <div class="h-2 w-24 rounded-full bg-gray-200 dark:bg-gray-700">
<div <div
class="h-2 rounded-full bg-gradient-to-r from-blue-500 to-indigo-600 transition-all duration-300" :class="[
'h-2 rounded-full transition-all duration-300',
getSessionProgressBarClass(account.sessionWindow.sessionWindowStatus)
]"
:style="{ width: account.sessionWindow.progress + '%' }" :style="{ width: account.sessionWindow.progress + '%' }"
/> />
</div> </div>
@@ -490,7 +559,9 @@
{{ account.sessionWindow.progress }}% {{ account.sessionWindow.progress }}%
</span> </span>
</div> </div>
<div class="text-xs text-gray-600 dark:text-gray-300">
<!-- 时间信息 -->
<div class="text-xs text-gray-600 dark:text-gray-400">
<div> <div>
{{ {{
formatSessionWindow( formatSessionWindow(
@@ -501,7 +572,7 @@
</div> </div>
<div <div
v-if="account.sessionWindow.remainingTime > 0" v-if="account.sessionWindow.remainingTime > 0"
class="font-medium text-indigo-600" class="font-medium text-indigo-600 dark:text-indigo-400"
> >
剩余 {{ formatRemainingTime(account.sessionWindow.remainingTime) }} 剩余 {{ formatRemainingTime(account.sessionWindow.remainingTime) }}
</div> </div>
@@ -649,21 +720,44 @@
<div class="mb-3 grid grid-cols-2 gap-3"> <div class="mb-3 grid grid-cols-2 gap-3">
<div> <div>
<p class="text-xs text-gray-500 dark:text-gray-400">今日使用</p> <p class="text-xs text-gray-500 dark:text-gray-400">今日使用</p>
<p class="text-sm font-semibold text-gray-900 dark:text-gray-100"> <div class="space-y-1">
{{ formatNumber(account.usage?.daily?.requests || 0) }} 次 <div class="flex items-center gap-1.5">
</p> <div class="h-1.5 w-1.5 rounded-full bg-blue-500" />
<p class="mt-0.5 text-xs text-gray-500 dark:text-gray-400"> <p class="text-sm font-semibold text-gray-900 dark:text-gray-100">
{{ formatNumber(account.usage?.daily?.allTokens || 0) }} tokens {{ account.usage?.daily?.requests || 0 }}
</p> </p>
</div>
<div class="flex items-center gap-1.5">
<div class="h-1.5 w-1.5 rounded-full bg-purple-500" />
<p class="text-xs text-gray-600 dark:text-gray-400">
{{ formatNumber(account.usage?.daily?.allTokens || 0) }}M
</p>
</div>
<div class="flex items-center gap-1.5">
<div class="h-1.5 w-1.5 rounded-full bg-green-500" />
<p class="text-xs text-gray-600 dark:text-gray-400">
${{ calculateDailyCost(account) }}
</p>
</div>
</div>
</div> </div>
<div> <div>
<p class="text-xs text-gray-500 dark:text-gray-400">总使用量</p> <p class="text-xs text-gray-500 dark:text-gray-400">会话窗口</p>
<p class="text-sm font-semibold text-gray-900 dark:text-gray-100"> <div v-if="account.usage && account.usage.sessionWindow" class="space-y-1">
{{ formatNumber(account.usage?.total?.requests || 0) }} 次 <div class="flex items-center gap-1.5">
</p> <div class="h-1.5 w-1.5 rounded-full bg-purple-500" />
<p class="mt-0.5 text-xs text-gray-500 dark:text-gray-400"> <p class="text-sm font-semibold text-gray-900 dark:text-gray-100">
{{ formatNumber(account.usage?.total?.allTokens || 0) }} tokens {{ formatNumber(account.usage.sessionWindow.totalTokens) }}M
</p> </p>
</div>
<div class="flex items-center gap-1.5">
<div class="h-1.5 w-1.5 rounded-full bg-green-500" />
<p class="text-xs text-gray-600 dark:text-gray-400">
${{ formatCost(account.usage.sessionWindow.totalCost) }}
</p>
</div>
</div>
<div v-else class="text-sm font-semibold text-gray-400">-</div>
</div> </div>
</div> </div>
@@ -679,14 +773,27 @@
class="space-y-1.5 rounded-lg bg-gray-50 p-2 dark:bg-gray-700" class="space-y-1.5 rounded-lg bg-gray-50 p-2 dark:bg-gray-700"
> >
<div class="flex items-center justify-between text-xs"> <div class="flex items-center justify-between text-xs">
<span class="font-medium text-gray-600 dark:text-gray-300">会话窗口</span> <div class="flex items-center gap-1">
<span class="font-medium text-gray-600 dark:text-gray-300">会话窗口</span>
<el-tooltip
content="会话窗口进度不代表使用量仅表示距离下一个5小时窗口的剩余时间"
placement="top"
>
<i
class="fas fa-question-circle cursor-help text-xs text-gray-400 hover:text-gray-600"
/>
</el-tooltip>
</div>
<span class="font-medium text-gray-700 dark:text-gray-200"> <span class="font-medium text-gray-700 dark:text-gray-200">
{{ account.sessionWindow.progress }}% {{ account.sessionWindow.progress }}%
</span> </span>
</div> </div>
<div class="h-2 w-full overflow-hidden rounded-full bg-gray-200 dark:bg-gray-600"> <div class="h-2 w-full overflow-hidden rounded-full bg-gray-200 dark:bg-gray-600">
<div <div
class="h-full bg-gradient-to-r from-blue-500 to-indigo-600 transition-all duration-300" :class="[
'h-full transition-all duration-300',
getSessionProgressBarClass(account.sessionWindow.sessionWindowStatus)
]"
:style="{ width: account.sessionWindow.progress + '%' }" :style="{ width: account.sessionWindow.progress + '%' }"
/> />
</div> </div>
@@ -1104,7 +1211,27 @@ const loadAccounts = async (forceReload = false) => {
allAccounts.push(...azureOpenaiAccounts) allAccounts.push(...azureOpenaiAccounts)
} }
accounts.value = allAccounts // 根据分组筛选器过滤账户
let filteredAccounts = allAccounts
if (groupFilter.value !== 'all') {
if (groupFilter.value === 'ungrouped') {
// 筛选未分组的账户(没有 groupInfos 或 groupInfos 为空数组)
filteredAccounts = allAccounts.filter((account) => {
return !account.groupInfos || account.groupInfos.length === 0
})
} else {
// 筛选属于特定分组的账户
filteredAccounts = allAccounts.filter((account) => {
if (!account.groupInfos || account.groupInfos.length === 0) {
return false
}
// 检查账户是否属于选中的分组
return account.groupInfos.some((group) => group.id === groupFilter.value)
})
}
}
accounts.value = filteredAccounts
} catch (error) { } catch (error) {
showToast('加载账户失败', 'error') showToast('加载账户失败', 'error')
} finally { } finally {
@@ -1129,9 +1256,11 @@ const formatNumber = (num) => {
if (num === null || num === undefined) return '0' if (num === null || num === undefined) return '0'
const number = Number(num) const number = Number(num)
if (number >= 1000000) { if (number >= 1000000) {
return Math.floor(number / 1000000).toLocaleString() + 'M' return (number / 1000000).toFixed(2)
} else if (number >= 1000) {
return (number / 1000000).toFixed(4)
} }
return number.toLocaleString() return (number / 1000000).toFixed(6)
} }
// 格式化最后使用时间 // 格式化最后使用时间
@@ -1346,7 +1475,8 @@ const resetAccountStatus = async (account) => {
if (data.success) { if (data.success) {
showToast('账户状态已重置', 'success') showToast('账户状态已重置', 'success')
loadAccounts() // 强制刷新,绕过前端缓存,确保最终一致性
loadAccounts(true)
} else { } else {
showToast(data.message || '状态重置失败', 'error') showToast(data.message || '状态重置失败', 'error')
} }
@@ -1475,6 +1605,55 @@ const getClaudeAccountType = (account) => {
return 'Claude' return 'Claude'
} }
// 获取停止调度的原因
const getSchedulableReason = (account) => {
if (account.schedulable !== false) return null
// Claude Console 账户的错误状态
if (account.platform === 'claude-console') {
if (account.status === 'unauthorized') {
return 'API Key无效或已过期401错误'
}
if (account.overloadStatus === 'overloaded') {
return '服务过载529错误'
}
if (account.rateLimitStatus === 'limited') {
return '触发限流429错误'
}
if (account.status === 'blocked' && account.errorMessage) {
return account.errorMessage
}
}
// Claude 官方账户的错误状态
if (account.platform === 'claude') {
if (account.status === 'unauthorized') {
return '认证失败401错误'
}
if (account.status === 'error' && account.errorMessage) {
return account.errorMessage
}
if (account.isRateLimited) {
return '触发限流429错误'
}
// 自动停止调度的原因
if (account.stoppedReason) {
return account.stoppedReason
}
}
// 通用原因
if (account.stoppedReason) {
return account.stoppedReason
}
if (account.errorMessage) {
return account.errorMessage
}
// 默认为手动停止
return '手动停止调度'
}
// 获取账户状态文本 // 获取账户状态文本
const getAccountStatusText = (account) => { const getAccountStatusText = (account) => {
// 检查是否被封锁 // 检查是否被封锁
@@ -1560,6 +1739,51 @@ const formatRelativeTime = (dateString) => {
return formatLastUsed(dateString) return formatLastUsed(dateString)
} }
// 获取会话窗口进度条的样式类
const getSessionProgressBarClass = (status) => {
// 根据状态返回不同的颜色类,包含防御性检查
if (!status) {
// 无状态信息时默认为蓝色
return 'bg-gradient-to-r from-blue-500 to-indigo-600'
}
// 转换为小写进行比较,避免大小写问题
const normalizedStatus = String(status).toLowerCase()
if (normalizedStatus === 'rejected') {
// 被拒绝 - 红色
return 'bg-gradient-to-r from-red-500 to-red-600'
} else if (normalizedStatus === 'allowed_warning') {
// 警告状态 - 橙色/黄色
return 'bg-gradient-to-r from-yellow-500 to-orange-500'
} else {
// 正常状态allowed 或其他) - 蓝色
return 'bg-gradient-to-r from-blue-500 to-indigo-600'
}
}
// 格式化费用显示
const formatCost = (cost) => {
if (!cost || cost === 0) return '0.0000'
if (cost < 0.0001) return cost.toExponential(2)
if (cost < 0.01) return cost.toFixed(6)
if (cost < 1) return cost.toFixed(4)
return cost.toFixed(2)
}
// 计算每日费用(使用后端返回的精确费用数据)
const calculateDailyCost = (account) => {
if (!account.usage || !account.usage.daily) return '0.0000'
// 如果后端已经返回了计算好的费用,直接使用
if (account.usage.daily.cost !== undefined) {
return formatCost(account.usage.daily.cost)
}
// 如果后端没有返回费用旧版本返回0
return '0.0000'
}
// 切换调度状态 // 切换调度状态
// const toggleDispatch = async (account) => { // const toggleDispatch = async (account) => {
// await toggleSchedulable(account) // await toggleSchedulable(account)

2473
web/admin-spa/src/views/ApiKeysView.vue
View File

File diff suppressed because it is too large Load Diff

76
web/admin-spa/src/views/ApiStatsView.vue
View File

@@ -20,6 +20,15 @@
class="h-8 w-px bg-gradient-to-b from-transparent via-gray-300 to-transparent opacity-50 dark:via-gray-600" class="h-8 w-px bg-gradient-to-b from-transparent via-gray-300 to-transparent opacity-50 dark:via-gray-600"
/> />
<!-- 用户登录按钮 (仅在 LDAP 启用时显示) -->
<router-link
v-if="oemSettings.ldapEnabled"
class="user-login-button flex items-center gap-2 rounded-2xl px-4 py-2 text-white transition-all duration-300 md:px-5 md:py-2.5"
to="/user-login"
>
<i class="fas fa-user text-sm md:text-base" />
<span class="text-xs font-semibold tracking-wide md:text-sm">用户登录</span>
</router-link>
<!-- 管理后台按钮 --> <!-- 管理后台按钮 -->
<router-link <router-link
class="admin-button-refined flex items-center gap-2 rounded-2xl px-4 py-2 transition-all duration-300 md:px-5 md:py-2.5" class="admin-button-refined flex items-center gap-2 rounded-2xl px-4 py-2 transition-all duration-300 md:px-5 md:py-2.5"
@@ -309,6 +318,73 @@ watch(apiKey, (newValue) => {
letter-spacing: -0.025em; letter-spacing: -0.025em;
} }
/* 用户登录按钮 */
.user-login-button {
background: linear-gradient(135deg, #34d399 0%, #10b981 100%);
backdrop-filter: blur(20px);
border: 1px solid rgba(255, 255, 255, 0.3);
text-decoration: none;
box-shadow:
0 4px 12px rgba(52, 211, 153, 0.25),
inset 0 1px 1px rgba(255, 255, 255, 0.2);
position: relative;
overflow: hidden;
font-weight: 600;
}
/* 暗色模式下的用户登录按钮 */
:global(.dark) .user-login-button {
background: linear-gradient(135deg, #34d399 0%, #10b981 100%);
border: 1px solid rgba(52, 211, 153, 0.4);
color: white;
box-shadow:
0 4px 12px rgba(52, 211, 153, 0.3),
inset 0 1px 1px rgba(255, 255, 255, 0.1);
}
.user-login-button::before {
content: '';
position: absolute;
top: 0;
left: 0;
right: 0;
bottom: 0;
background: linear-gradient(135deg, #10b981 0%, #34d399 100%);
opacity: 0;
transition: opacity 0.3s ease;
}
.user-login-button:hover {
transform: translateY(-2px) scale(1.02);
box-shadow:
0 8px 20px rgba(52, 211, 153, 0.35),
inset 0 1px 1px rgba(255, 255, 255, 0.3);
border-color: rgba(255, 255, 255, 0.4);
}
.user-login-button:hover::before {
opacity: 1;
}
/* 暗色模式下的悬停效果 */
:global(.dark) .user-login-button:hover {
box-shadow:
0 8px 20px rgba(52, 211, 153, 0.4),
inset 0 1px 1px rgba(255, 255, 255, 0.2);
border-color: rgba(52, 211, 153, 0.5);
}
.user-login-button:active {
transform: translateY(-1px) scale(1);
}
/* 确保图标和文字在所有模式下都清晰可见 */
.user-login-button i,
.user-login-button span {
position: relative;
z-index: 1;
}
/* 管理后台按钮 - 精致版本 */ /* 管理后台按钮 - 精致版本 */
.admin-button-refined { .admin-button-refined {
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);

262
web/admin-spa/src/views/SettingsView.vue
View File

@@ -41,9 +41,8 @@
<!-- 加载状态 --> <!-- 加载状态 -->
<div v-if="loading" class="py-12 text-center"> <div v-if="loading" class="py-12 text-center">
<div class="loading-spinner mx-auto mb-4"> <div class="loading-spinner mx-auto mb-4"></div>
<p class="text-gray-500 dark:text-gray-400">正在加载设置...</p> <p class="text-gray-500 dark:text-gray-400">正在加载设置...</p>
</div>
</div> </div>
<!-- 内容区域 --> <!-- 内容区域 -->
@@ -479,6 +478,7 @@
<option value="feishu">🟦 飞书</option> <option value="feishu">🟦 飞书</option>
<option value="slack">🟣 Slack</option> <option value="slack">🟣 Slack</option>
<option value="discord">🟪 Discord</option> <option value="discord">🟪 Discord</option>
<option value="bark">🔔 Bark</option>
<option value="custom"> 自定义</option> <option value="custom"> 自定义</option>
</select> </select>
<div class="pointer-events-none absolute inset-y-0 right-0 flex items-center pr-3"> <div class="pointer-events-none absolute inset-y-0 right-0 flex items-center pr-3">
@@ -508,8 +508,8 @@
/> />
</div> </div>
<!-- Webhook URL --> <!-- Webhook URL (非Bark平台) -->
<div> <div v-if="platformForm.type !== 'bark'">
<label <label
class="mb-2 flex items-center text-sm font-medium text-gray-700 dark:text-gray-300" class="mb-2 flex items-center text-sm font-medium text-gray-700 dark:text-gray-300"
> >
@@ -548,6 +548,118 @@
</div> </div>
</div> </div>
<!-- Bark 平台特有字段 -->
<div v-if="platformForm.type === 'bark'" class="space-y-5">
<!-- 设备密钥 -->
<div>
<label
class="mb-2 flex items-center text-sm font-medium text-gray-700 dark:text-gray-300"
>
<i class="fas fa-key mr-2 text-gray-400"></i>
设备密钥 (Device Key)
<span class="ml-1 text-xs text-red-500">*</span>
</label>
<input
v-model="platformForm.deviceKey"
class="w-full rounded-xl border border-gray-300 bg-white px-4 py-3 font-mono text-sm text-gray-900 shadow-sm transition-all placeholder:text-gray-400 focus:border-blue-500 focus:outline-none focus:ring-2 focus:ring-blue-500/20 dark:border-gray-600 dark:bg-gray-700 dark:text-white dark:placeholder:text-gray-500"
placeholder="例如aBcDeFgHiJkLmNoPqRsTuVwX"
required
type="text"
/>
<p class="mt-1 text-xs text-gray-500 dark:text-gray-400">
在Bark App中查看您的推送密钥
</p>
</div>
<!-- 服务器URL可选 -->
<div>
<label
class="mb-2 flex items-center text-sm font-medium text-gray-700 dark:text-gray-300"
>
<i class="fas fa-server mr-2 text-gray-400"></i>
服务器地址
<span class="ml-2 text-xs text-gray-500">(可选)</span>
</label>
<input
v-model="platformForm.serverUrl"
class="w-full rounded-xl border border-gray-300 bg-white px-4 py-3 font-mono text-sm text-gray-900 shadow-sm transition-all placeholder:text-gray-400 focus:border-blue-500 focus:outline-none focus:ring-2 focus:ring-blue-500/20 dark:border-gray-600 dark:bg-gray-700 dark:text-white dark:placeholder:text-gray-500"
placeholder="默认: https://api.day.app/push"
type="url"
/>
</div>
<!-- 通知级别 -->
<div>
<label
class="mb-2 flex items-center text-sm font-medium text-gray-700 dark:text-gray-300"
>
<i class="fas fa-flag mr-2 text-gray-400"></i>
通知级别
</label>
<select
v-model="platformForm.level"
class="w-full appearance-none rounded-xl border border-gray-300 bg-white px-4 py-3 pr-10 text-gray-900 shadow-sm transition-all focus:border-blue-500 focus:outline-none focus:ring-2 focus:ring-blue-500/20 dark:border-gray-600 dark:bg-gray-700 dark:text-white"
>
<option value="">自动根据通知类型</option>
<option value="passive">被动</option>
<option value="active">默认</option>
<option value="timeSensitive">时效性</option>
<option value="critical">紧急</option>
</select>
</div>
<!-- 通知声音 -->
<div>
<label
class="mb-2 flex items-center text-sm font-medium text-gray-700 dark:text-gray-300"
>
<i class="fas fa-volume-up mr-2 text-gray-400"></i>
通知声音
</label>
<select
v-model="platformForm.sound"
class="w-full appearance-none rounded-xl border border-gray-300 bg-white px-4 py-3 pr-10 text-gray-900 shadow-sm transition-all focus:border-blue-500 focus:outline-none focus:ring-2 focus:ring-blue-500/20 dark:border-gray-600 dark:bg-gray-700 dark:text-white"
>
<option value="">自动根据通知类型</option>
<option value="default">默认</option>
<option value="alarm">警报</option>
<option value="bell">铃声</option>
<option value="birdsong">鸟鸣</option>
<option value="electronic">电子音</option>
<option value="glass">玻璃</option>
<option value="horn">喇叭</option>
<option value="silence">静音</option>
</select>
</div>
<!-- 分组 -->
<div>
<label
class="mb-2 flex items-center text-sm font-medium text-gray-700 dark:text-gray-300"
>
<i class="fas fa-folder mr-2 text-gray-400"></i>
通知分组
<span class="ml-2 text-xs text-gray-500">(可选)</span>
</label>
<input
v-model="platformForm.group"
class="w-full rounded-xl border border-gray-300 bg-white px-4 py-3 text-gray-900 shadow-sm transition-all placeholder:text-gray-400 focus:border-blue-500 focus:outline-none focus:ring-2 focus:ring-blue-500/20 dark:border-gray-600 dark:bg-gray-700 dark:text-white dark:placeholder:text-gray-500"
placeholder="默认: claude-relay"
type="text"
/>
</div>
<!-- 提示信息 -->
<div class="mt-2 flex items-start rounded-lg bg-blue-50 p-3 dark:bg-blue-900/20">
<i class="fas fa-info-circle mr-2 mt-0.5 text-blue-600 dark:text-blue-400"></i>
<div class="text-sm text-blue-700 dark:text-blue-300">
<p>1. 在iPhone上安装Bark App</p>
<p>2. 打开App获取您的设备密钥</p>
<p>3. 将密钥粘贴到上方输入框</p>
</div>
</div>
</div>
<!-- 签名设置钉钉/飞书 --> <!-- 签名设置钉钉/飞书 -->
<div <div
v-if="platformForm.type === 'dingtalk' || platformForm.type === 'feishu'" v-if="platformForm.type === 'dingtalk' || platformForm.type === 'feishu'"
@@ -633,7 +745,7 @@
</button> </button>
<button <button
class="group flex items-center rounded-xl bg-gradient-to-r from-blue-600 to-indigo-600 px-5 py-2.5 text-sm font-medium text-white shadow-md transition-all hover:from-blue-700 hover:to-indigo-700 hover:shadow-lg disabled:cursor-not-allowed disabled:from-gray-400 disabled:to-gray-500" class="group flex items-center rounded-xl bg-gradient-to-r from-blue-600 to-indigo-600 px-5 py-2.5 text-sm font-medium text-white shadow-md transition-all hover:from-blue-700 hover:to-indigo-700 hover:shadow-lg disabled:cursor-not-allowed disabled:from-gray-400 disabled:to-gray-500"
:disabled="!platformForm.url || savingPlatform" :disabled="!isPlatformFormValid || savingPlatform"
@click="savePlatform" @click="savePlatform"
> >
<i <i
@@ -652,7 +764,7 @@
</template> </template>
<script setup> <script setup>
import { ref, onMounted, onBeforeUnmount, watch } from 'vue' import { ref, onMounted, onBeforeUnmount, watch, computed } from 'vue'
import { storeToRefs } from 'pinia' import { storeToRefs } from 'pinia'
import { showToast } from '@/utils/toast' import { showToast } from '@/utils/toast'
import { useSettingsStore } from '@/stores/settings' import { useSettingsStore } from '@/stores/settings'
@@ -721,6 +833,44 @@ const sectionWatcher = watch(activeSection, async (newSection) => {
} }
}) })
// 监听平台类型变化,重置验证状态
const platformTypeWatcher = watch(
() => platformForm.value.type,
(newType) => {
// 切换平台类型时重置验证状态
urlError.value = false
urlValid.value = false
// 如果不是编辑模式,清空相关字段
if (!editingPlatform.value) {
if (newType === 'bark') {
// 切换到Bark时清空URL相关字段
platformForm.value.url = ''
platformForm.value.enableSign = false
platformForm.value.secret = ''
} else {
// 切换到其他平台时清空Bark相关字段
platformForm.value.deviceKey = ''
platformForm.value.serverUrl = ''
platformForm.value.level = ''
platformForm.value.sound = ''
platformForm.value.group = ''
}
}
}
)
// 计算属性:判断平台表单是否有效
const isPlatformFormValid = computed(() => {
if (platformForm.value.type === 'bark') {
// Bark平台需要deviceKey
return !!platformForm.value.deviceKey
} else {
// 其他平台需要URL且URL格式正确
return !!platformForm.value.url && !urlError.value
}
})
// 页面加载时获取设置 // 页面加载时获取设置
onMounted(async () => { onMounted(async () => {
try { try {
@@ -747,6 +897,9 @@ onBeforeUnmount(() => {
if (sectionWatcher) { if (sectionWatcher) {
sectionWatcher() sectionWatcher()
} }
if (platformTypeWatcher) {
platformTypeWatcher()
}
// 安全关闭模态框 // 安全关闭模态框
if (showAddPlatformModal.value) { if (showAddPlatformModal.value) {
@@ -795,6 +948,13 @@ const saveWebhookConfig = async () => {
// 验证 URL // 验证 URL
const validateUrl = () => { const validateUrl = () => {
// Bark平台不需要验证URL
if (platformForm.value.type === 'bark') {
urlError.value = false
urlValid.value = false
return
}
const url = platformForm.value.url const url = platformForm.value.url
if (!url) { if (!url) {
urlError.value = false urlError.value = false
@@ -821,14 +981,22 @@ const validateUrl = () => {
const savePlatform = async () => { const savePlatform = async () => {
if (!isMounted.value) return if (!isMounted.value) return
if (!platformForm.value.url) { // Bark平台只需要deviceKey其他平台需要URL
showToast('请输入Webhook URL', 'error') if (platformForm.value.type === 'bark') {
return if (!platformForm.value.deviceKey) {
} showToast('请输入Bark设备密钥', 'error')
return
}
} else {
if (!platformForm.value.url) {
showToast('请输入Webhook URL', 'error')
return
}
if (urlError.value) { if (urlError.value) {
showToast('请输入有效的Webhook URL', 'error') showToast('请输入有效的Webhook URL', 'error')
return return
}
} }
savingPlatform.value = true savingPlatform.value = true
@@ -925,18 +1093,26 @@ const testPlatform = async (platform) => {
if (!isMounted.value) return if (!isMounted.value) return
try { try {
const response = await apiClient.post( const testData = {
'/admin/webhook/test', type: platform.type,
{ secret: platform.secret,
url: platform.url, enableSign: platform.enableSign
type: platform.type, }
secret: platform.secret,
enableSign: platform.enableSign // 根据平台类型添加不同字段
}, if (platform.type === 'bark') {
{ testData.deviceKey = platform.deviceKey
signal: abortController.value.signal testData.serverUrl = platform.serverUrl
} testData.level = platform.level
) testData.sound = platform.sound
testData.group = platform.group
} else {
testData.url = platform.url
}
const response = await apiClient.post('/admin/webhook/test', testData, {
signal: abortController.value.signal
})
if (response.success && isMounted.value) { if (response.success && isMounted.value) {
showToast('测试成功webhook连接正常', 'success') showToast('测试成功webhook连接正常', 'success')
} }
@@ -952,14 +1128,23 @@ const testPlatform = async (platform) => {
const testPlatformForm = async () => { const testPlatformForm = async () => {
if (!isMounted.value) return if (!isMounted.value) return
if (!platformForm.value.url) { // Bark平台验证
showToast('请先输入Webhook URL', 'error') if (platformForm.value.type === 'bark') {
return if (!platformForm.value.deviceKey) {
} showToast('请先输入Bark设备密钥', 'error')
return
}
} else {
// 其他平台验证URL
if (!platformForm.value.url) {
showToast('请先输入Webhook URL', 'error')
return
}
if (urlError.value) { if (urlError.value) {
showToast('请输入有效的Webhook URL', 'error') showToast('请输入有效的Webhook URL', 'error')
return return
}
} }
testingConnection.value = true testingConnection.value = true
@@ -1020,7 +1205,13 @@ const closePlatformModal = () => {
name: '', name: '',
url: '', url: '',
enableSign: false, enableSign: false,
secret: '' secret: '',
// Bark特有字段
deviceKey: '',
serverUrl: '',
level: '',
sound: '',
group: ''
} }
urlError.value = false urlError.value = false
urlValid.value = false urlValid.value = false
@@ -1037,6 +1228,7 @@ const getPlatformName = (type) => {
feishu: '飞书', feishu: '飞书',
slack: 'Slack', slack: 'Slack',
discord: 'Discord', discord: 'Discord',
bark: 'Bark',
custom: '自定义' custom: '自定义'
} }
return names[type] || type return names[type] || type
@@ -1049,6 +1241,7 @@ const getPlatformIcon = (type) => {
feishu: 'fas fa-dove text-blue-600', feishu: 'fas fa-dove text-blue-600',
slack: 'fab fa-slack text-purple-600', slack: 'fab fa-slack text-purple-600',
discord: 'fab fa-discord text-indigo-600', discord: 'fab fa-discord text-indigo-600',
bark: 'fas fa-bell text-orange-500',
custom: 'fas fa-webhook text-gray-600' custom: 'fas fa-webhook text-gray-600'
} }
return icons[type] || 'fas fa-bell' return icons[type] || 'fas fa-bell'
@@ -1061,6 +1254,7 @@ const getWebhookHint = (type) => {
feishu: '请在飞书群机器人设置中获取Webhook地址', feishu: '请在飞书群机器人设置中获取Webhook地址',
slack: '请在Slack应用的Incoming Webhooks中获取地址', slack: '请在Slack应用的Incoming Webhooks中获取地址',
discord: '请在Discord服务器的集成设置中创建Webhook', discord: '请在Discord服务器的集成设置中创建Webhook',
bark: '请在Bark App中查看您的设备密钥',
custom: '请输入完整的Webhook接收地址' custom: '请输入完整的Webhook接收地址'
} }
return hints[type] || '' return hints[type] || ''

10
web/admin-spa/src/views/TutorialView.vue
View File

@@ -1639,7 +1639,7 @@
</template> </template>
<script setup> <script setup>
import { ref, computed } from 'vue' import { computed, ref } from 'vue'
// 当前系统选择 // 当前系统选择
const activeTutorialSystem = ref('windows') const activeTutorialSystem = ref('windows')
@@ -1653,6 +1653,14 @@ const tutorialSystems = [
// 获取基础URL前缀 // 获取基础URL前缀
const getBaseUrlPrefix = () => { const getBaseUrlPrefix = () => {
// 优先使用环境变量配置的自定义前缀
const customPrefix = import.meta.env.VITE_API_BASE_PREFIX
if (customPrefix) {
// 去除末尾的斜杠
return customPrefix.replace(/\/$/, '')
}
// 否则使用当前浏览器访问地址
// 更健壮的获取 origin 的方法,兼容旧版浏览器和特殊环境 // 更健壮的获取 origin 的方法,兼容旧版浏览器和特殊环境
let origin = '' let origin = ''

420
web/admin-spa/src/views/UserDashboardView.vue Normal file
View File

@@ -0,0 +1,420 @@
<template>
<div class="min-h-screen bg-gray-50 dark:bg-gray-900">
<!-- 导航栏 -->
<nav class="bg-white shadow dark:bg-gray-800">
<div class="mx-auto max-w-7xl px-4 sm:px-6 lg:px-8">
<div class="flex h-16 justify-between">
<div class="flex items-center">
<div class="flex flex-shrink-0 items-center">
<svg
class="h-8 w-8 text-blue-600 dark:text-blue-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
<span class="ml-2 text-xl font-bold text-gray-900 dark:text-white">Claude Relay</span>
</div>
<div class="ml-10">
<div class="flex items-baseline space-x-4">
<button
:class="[
'rounded-md px-3 py-2 text-sm font-medium',
activeTab === 'overview'
? 'bg-blue-100 text-blue-700 dark:bg-blue-900 dark:text-blue-300'
: 'text-gray-500 hover:text-gray-700 dark:text-gray-400 dark:hover:text-gray-300'
]"
@click="handleTabChange('overview')"
>
Overview
</button>
<button
:class="[
'rounded-md px-3 py-2 text-sm font-medium',
activeTab === 'api-keys'
? 'bg-blue-100 text-blue-700 dark:bg-blue-900 dark:text-blue-300'
: 'text-gray-500 hover:text-gray-700 dark:text-gray-400 dark:hover:text-gray-300'
]"
@click="handleTabChange('api-keys')"
>
API Keys
</button>
<button
:class="[
'rounded-md px-3 py-2 text-sm font-medium',
activeTab === 'usage'
? 'bg-blue-100 text-blue-700 dark:bg-blue-900 dark:text-blue-300'
: 'text-gray-500 hover:text-gray-700 dark:text-gray-400 dark:hover:text-gray-300'
]"
@click="handleTabChange('usage')"
>
Usage Stats
</button>
</div>
</div>
</div>
<div class="flex items-center space-x-4">
<div class="text-sm text-gray-700 dark:text-gray-300">
Welcome, <span class="font-medium">{{ userStore.userName }}</span>
</div>
<!-- 主题切换按钮 -->
<ThemeToggle mode="icon" />
<button
class="rounded-md px-3 py-2 text-sm font-medium text-gray-500 hover:text-gray-700 dark:text-gray-400 dark:hover:text-gray-300"
@click="handleLogout"
>
Logout
</button>
</div>
</div>
</div>
</nav>
<!-- 主内容 -->
<main class="mx-auto max-w-7xl px-4 py-6 sm:px-6 lg:px-8">
<!-- Overview Tab -->
<div v-if="activeTab === 'overview'" class="space-y-6">
<div>
<h1 class="text-2xl font-semibold text-gray-900 dark:text-white">Dashboard Overview</h1>
<p class="mt-2 text-sm text-gray-600 dark:text-gray-400">
Welcome to your Claude Relay dashboard
</p>
</div>
<!-- Stats Cards -->
<div class="grid grid-cols-1 gap-6 md:grid-cols-2 lg:grid-cols-5">
<div class="overflow-hidden rounded-lg bg-white shadow dark:bg-gray-800">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-green-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M15 7a2 2 0 012 2m0 0a2 2 0 012 2m-2-2h-6m6 0v6a2 2 0 01-2 2H9a2 2 0 01-2-2V9a2 2 0 012-2h6z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500 dark:text-gray-400">
Active API Keys
</dt>
<dd class="text-lg font-medium text-gray-900 dark:text-white">
{{ apiKeysStats.active }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-white shadow dark:bg-gray-800">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-gray-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M19 7l-.867 12.142A2 2 0 0116.138 21H7.862a2 2 0 01-1.995-1.858L5 7m5 4v6m4-6v6m1-10V4a1 1 0 00-1-1h-4a1 1 0 00-1 1v3M4 7h16"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500 dark:text-gray-400">
Deleted API Keys
</dt>
<dd class="text-lg font-medium text-gray-900 dark:text-white">
{{ apiKeysStats.deleted }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-white shadow dark:bg-gray-800">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-blue-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M13 10V3L4 14h7v7l9-11h-7z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500 dark:text-gray-400">
Total Requests
</dt>
<dd class="text-lg font-medium text-gray-900 dark:text-white">
{{ formatNumber(userProfile?.totalUsage?.requests || 0) }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-white shadow dark:bg-gray-800">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-purple-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M7 7h.01M7 3h5c.512 0 1.024.195 1.414.586l7 7a2 2 0 010 2.828l-7 7a2 2 0 01-2.828 0l-7-7A1.994 1.994 0 013 12V7a4 4 0 014-4z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500 dark:text-gray-400">
Input Tokens
</dt>
<dd class="text-lg font-medium text-gray-900 dark:text-white">
{{ formatNumber(userProfile?.totalUsage?.inputTokens || 0) }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-white shadow dark:bg-gray-800">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-yellow-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M12 8c-1.657 0-3 .895-3 2s1.343 2 3 2 3 .895 3 2-1.343 2-3 2m0-8c1.11 0 2.08.402 2.599 1M12 8V7m0 1v8m0 0v1m0-1c-1.11 0-2.08-.402-2.599-1"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500 dark:text-gray-400">
Total Cost
</dt>
<dd class="text-lg font-medium text-gray-900 dark:text-white">
${{ (userProfile?.totalUsage?.totalCost || 0).toFixed(4) }}
</dd>
</dl>
</div>
</div>
</div>
</div>
</div>
<!-- User Info -->
<div class="rounded-lg bg-white shadow dark:bg-gray-800">
<div class="px-4 py-5 sm:p-6">
<h3 class="text-lg font-medium leading-6 text-gray-900 dark:text-white">
Account Information
</h3>
<div class="mt-5 border-t border-gray-200 dark:border-gray-700">
<dl class="divide-y divide-gray-200 dark:divide-gray-700">
<div class="py-4 sm:grid sm:grid-cols-3 sm:gap-4 sm:py-5">
<dt class="text-sm font-medium text-gray-500 dark:text-gray-400">Username</dt>
<dd class="mt-1 text-sm text-gray-900 dark:text-white sm:col-span-2 sm:mt-0">
{{ userProfile?.username }}
</dd>
</div>
<div class="py-4 sm:grid sm:grid-cols-3 sm:gap-4 sm:py-5">
<dt class="text-sm font-medium text-gray-500 dark:text-gray-400">Display Name</dt>
<dd class="mt-1 text-sm text-gray-900 dark:text-white sm:col-span-2 sm:mt-0">
{{ userProfile?.displayName || 'N/A' }}
</dd>
</div>
<div class="py-4 sm:grid sm:grid-cols-3 sm:gap-4 sm:py-5">
<dt class="text-sm font-medium text-gray-500 dark:text-gray-400">Email</dt>
<dd class="mt-1 text-sm text-gray-900 dark:text-white sm:col-span-2 sm:mt-0">
{{ userProfile?.email || 'N/A' }}
</dd>
</div>
<div class="py-4 sm:grid sm:grid-cols-3 sm:gap-4 sm:py-5">
<dt class="text-sm font-medium text-gray-500 dark:text-gray-400">Role</dt>
<dd class="mt-1 text-sm text-gray-900 dark:text-white sm:col-span-2 sm:mt-0">
<span
class="inline-flex items-center rounded-full bg-blue-100 px-2.5 py-0.5 text-xs font-medium text-blue-800 dark:bg-blue-900 dark:text-blue-200"
>
{{ userProfile?.role || 'user' }}
</span>
</dd>
</div>
<div class="py-4 sm:grid sm:grid-cols-3 sm:gap-4 sm:py-5">
<dt class="text-sm font-medium text-gray-500 dark:text-gray-400">Member Since</dt>
<dd class="mt-1 text-sm text-gray-900 dark:text-white sm:col-span-2 sm:mt-0">
{{ formatDate(userProfile?.createdAt) }}
</dd>
</div>
<div class="py-4 sm:grid sm:grid-cols-3 sm:gap-4 sm:py-5">
<dt class="text-sm font-medium text-gray-500 dark:text-gray-400">Last Login</dt>
<dd class="mt-1 text-sm text-gray-900 dark:text-white sm:col-span-2 sm:mt-0">
{{ formatDate(userProfile?.lastLoginAt) || 'N/A' }}
</dd>
</div>
</dl>
</div>
</div>
</div>
</div>
<!-- API Keys Tab -->
<div v-else-if="activeTab === 'api-keys'">
<UserApiKeysManager />
</div>
<!-- Usage Stats Tab -->
<div v-else-if="activeTab === 'usage'">
<UserUsageStats />
</div>
</main>
</div>
</template>
<script setup>
import { ref, onMounted } from 'vue'
import { useRouter } from 'vue-router'
import { useUserStore } from '@/stores/user'
import { useThemeStore } from '@/stores/theme'
import { showToast } from '@/utils/toast'
import ThemeToggle from '@/components/common/ThemeToggle.vue'
import UserApiKeysManager from '@/components/user/UserApiKeysManager.vue'
import UserUsageStats from '@/components/user/UserUsageStats.vue'
const router = useRouter()
const userStore = useUserStore()
const themeStore = useThemeStore()
const activeTab = ref('overview')
const userProfile = ref(null)
const apiKeysStats = ref({ active: 0, deleted: 0 })
const formatNumber = (num) => {
if (num >= 1000000) {
return (num / 1000000).toFixed(1) + 'M'
} else if (num >= 1000) {
return (num / 1000).toFixed(1) + 'K'
}
return num.toString()
}
const formatDate = (dateString) => {
if (!dateString) return null
return new Date(dateString).toLocaleDateString('en-US', {
year: 'numeric',
month: 'short',
day: 'numeric',
hour: '2-digit',
minute: '2-digit'
})
}
const handleTabChange = (tab) => {
activeTab.value = tab
// Refresh API keys stats when switching to overview tab
if (tab === 'overview') {
loadApiKeysStats()
}
}
const handleLogout = async () => {
try {
await userStore.logout()
showToast('Logged out successfully', 'success')
router.push('/user-login')
} catch (error) {
console.error('Logout error:', error)
showToast('Logout failed', 'error')
}
}
const loadUserProfile = async () => {
try {
userProfile.value = await userStore.getUserProfile()
} catch (error) {
console.error('Failed to load user profile:', error)
showToast('Failed to load user profile', 'error')
}
}
const loadApiKeysStats = async () => {
try {
const allApiKeys = await userStore.getUserApiKeys(true) // Include deleted keys
console.log('All API Keys received:', allApiKeys)
const activeKeys = allApiKeys.filter(
(key) => !(key.isDeleted === 'true' || key.deletedAt) && key.isActive
)
const deletedKeys = allApiKeys.filter((key) => key.isDeleted === 'true' || key.deletedAt)
console.log('Active keys:', activeKeys)
console.log('Deleted keys:', deletedKeys)
console.log('Active count:', activeKeys.length)
console.log('Deleted count:', deletedKeys.length)
apiKeysStats.value = { active: activeKeys.length, deleted: deletedKeys.length }
} catch (error) {
console.error('Failed to load API keys stats:', error)
apiKeysStats.value = { active: 0, deleted: 0 }
}
}
onMounted(() => {
// 初始化主题
themeStore.initTheme()
loadUserProfile()
loadApiKeysStats()
})
</script>
<style scoped>
/* 组件特定样式 */
</style>

199
web/admin-spa/src/views/UserLoginView.vue Normal file
View File

@@ -0,0 +1,199 @@
<template>
<div
class="relative flex min-h-screen items-center justify-center bg-gray-50 px-4 py-12 dark:bg-gray-900 sm:px-6 lg:px-8"
>
<!-- 主题切换按钮 -->
<div class="fixed right-4 top-4 z-10">
<ThemeToggle mode="dropdown" />
</div>
<div class="w-full max-w-md space-y-8">
<div>
<div class="mx-auto flex h-12 w-auto items-center justify-center">
<svg
class="h-8 w-8 text-blue-600 dark:text-blue-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
<span class="ml-2 text-xl font-bold text-gray-900 dark:text-white">Claude Relay</span>
</div>
<h2 class="mt-6 text-center text-3xl font-extrabold text-gray-900 dark:text-white">
User Sign In
</h2>
<p class="mt-2 text-center text-sm text-gray-600 dark:text-gray-400">
Sign in to your account to manage your API keys
</p>
</div>
<div class="rounded-lg bg-white px-6 py-8 shadow dark:bg-gray-800 dark:shadow-xl">
<form class="space-y-6" @submit.prevent="handleLogin">
<div>
<label
class="block text-sm font-medium text-gray-700 dark:text-gray-300"
for="username"
>
Username
</label>
<div class="mt-1">
<input
id="username"
v-model="form.username"
class="relative block w-full appearance-none rounded-md border border-gray-300 px-3 py-2 text-gray-900 placeholder-gray-500 focus:z-10 focus:border-blue-500 focus:outline-none focus:ring-blue-500 dark:border-gray-600 dark:bg-gray-700 dark:text-white dark:placeholder-gray-400 dark:focus:border-blue-400 dark:focus:ring-blue-400 sm:text-sm"
:disabled="loading"
name="username"
placeholder="Enter your username"
required
type="text"
/>
</div>
</div>
<div>
<label
class="block text-sm font-medium text-gray-700 dark:text-gray-300"
for="password"
>
Password
</label>
<div class="mt-1">
<input
id="password"
v-model="form.password"
class="relative block w-full appearance-none rounded-md border border-gray-300 px-3 py-2 text-gray-900 placeholder-gray-500 focus:z-10 focus:border-blue-500 focus:outline-none focus:ring-blue-500 dark:border-gray-600 dark:bg-gray-700 dark:text-white dark:placeholder-gray-400 dark:focus:border-blue-400 dark:focus:ring-blue-400 sm:text-sm"
:disabled="loading"
name="password"
placeholder="Enter your password"
required
type="password"
/>
</div>
</div>
<div
v-if="error"
class="rounded-md border border-red-200 bg-red-50 p-4 dark:border-red-800 dark:bg-red-900/20"
>
<div class="flex">
<div class="flex-shrink-0">
<svg class="h-5 w-5 text-red-400" fill="currentColor" viewBox="0 0 20 20">
<path
clip-rule="evenodd"
d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.707 7.293a1 1 0 00-1.414 1.414L8.586 10l-1.293 1.293a1 1 0 101.414 1.414L10 11.414l1.293 1.293a1 1 0 001.414-1.414L11.414 10l1.293-1.293a1 1 0 00-1.414-1.414L10 8.586 8.707 7.293z"
fill-rule="evenodd"
/>
</svg>
</div>
<div class="ml-3">
<p class="text-sm text-red-700 dark:text-red-400">{{ error }}</p>
</div>
</div>
</div>
<div>
<button
class="group relative flex w-full justify-center rounded-md border border-transparent bg-blue-600 px-4 py-2 text-sm font-medium text-white hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 disabled:cursor-not-allowed disabled:opacity-50 dark:bg-blue-500 dark:hover:bg-blue-600 dark:focus:ring-blue-400 dark:focus:ring-offset-gray-800"
:disabled="loading || !form.username || !form.password"
type="submit"
>
<span v-if="loading" class="absolute inset-y-0 left-0 flex items-center pl-3">
<svg
class="h-5 w-5 animate-spin text-white"
fill="none"
viewBox="0 0 24 24"
xmlns="http://www.w3.org/2000/svg"
>
<circle
class="opacity-25"
cx="12"
cy="12"
r="10"
stroke="currentColor"
stroke-width="4"
></circle>
<path
class="opacity-75"
d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"
fill="currentColor"
></path>
</svg>
</span>
{{ loading ? 'Signing In...' : 'Sign In' }}
</button>
</div>
<div class="text-center">
<router-link
class="text-sm text-blue-600 hover:text-blue-500 dark:text-blue-400 dark:hover:text-blue-300"
to="/admin-login"
>
Admin Login
</router-link>
</div>
</form>
</div>
</div>
</div>
</template>
<script setup>
import { ref, reactive, onMounted } from 'vue'
import { useRouter } from 'vue-router'
import { useUserStore } from '@/stores/user'
import { useThemeStore } from '@/stores/theme'
import { showToast } from '@/utils/toast'
import ThemeToggle from '@/components/common/ThemeToggle.vue'
const router = useRouter()
const userStore = useUserStore()
const themeStore = useThemeStore()
const loading = ref(false)
const error = ref('')
const form = reactive({
username: '',
password: ''
})
const handleLogin = async () => {
if (!form.username || !form.password) {
error.value = 'Please enter both username and password'
return
}
loading.value = true
error.value = ''
try {
await userStore.login({
username: form.username,
password: form.password
})
showToast('Login successful!', 'success')
router.push('/user-dashboard')
} catch (err) {
console.error('Login error:', err)
error.value = err.response?.data?.message || err.message || 'Login failed'
} finally {
loading.value = false
}
}
onMounted(() => {
// 初始化主题(因为该页面不在 MainLayout 内)
themeStore.initTheme()
})
</script>
<style scoped>
/* 组件特定样式 */
</style>

671
web/admin-spa/src/views/UserManagementView.vue Normal file
View File

@@ -0,0 +1,671 @@
<template>
<div class="space-y-6">
<!-- Header -->
<div class="sm:flex sm:items-center">
<div class="sm:flex-auto">
<h1 class="text-2xl font-semibold text-gray-900 dark:text-white">User Management</h1>
<p class="mt-2 text-sm text-gray-700 dark:text-gray-300">
Manage users, their API keys, and view usage statistics
</p>
</div>
<div class="mt-4 sm:ml-16 sm:mt-0 sm:flex-none">
<button
class="inline-flex items-center justify-center rounded-md border border-transparent bg-blue-600 px-4 py-2 text-sm font-medium text-white shadow-sm hover:bg-blue-700 focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-offset-2 disabled:opacity-50 sm:w-auto"
:disabled="loading"
@click="loadUsers"
>
<svg class="-ml-1 mr-2 h-4 w-4" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M4 4v5h.582m15.356 2A8.001 8.001 0 004.582 9m0 0H9m11 11v-5h-.581m0 0a8.003 8.003 0 01-15.357-2m15.357 2H15"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
Refresh
</button>
</div>
</div>
<!-- Stats Cards -->
<div class="grid grid-cols-1 gap-6 md:grid-cols-2 lg:grid-cols-4">
<div class="overflow-hidden rounded-lg bg-white shadow dark:bg-gray-800">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-blue-500"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M12 4.354a4 4 0 110 5.292M15 21H3v-1a6 6 0 0112 0v1zm0 0h6v-1a6 6 0 00-9-5.197m13.5-9a2.5 2.5 0 11-5 0 2.5 2.5 0 015 0z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500 dark:text-gray-400">
Total Users
</dt>
<dd class="text-lg font-medium text-gray-900 dark:text-white">
{{ userStats?.totalUsers || 0 }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-white shadow dark:bg-gray-800">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-green-500"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500 dark:text-gray-400">
Active Users
</dt>
<dd class="text-lg font-medium text-gray-900 dark:text-white">
{{ userStats?.activeUsers || 0 }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-white shadow dark:bg-gray-800">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-purple-500"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M15 7a2 2 0 012 2m0 0a2 2 0 012 2m-2-2h-6m6 0v6a2 2 0 01-2 2H9a2 2 0 01-2-2V9a2 2 0 012-2h6z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500 dark:text-gray-400">
Total API Keys
</dt>
<dd class="text-lg font-medium text-gray-900 dark:text-white">
{{ userStats?.totalApiKeys || 0 }}
</dd>
</dl>
</div>
</div>
</div>
</div>
<div class="overflow-hidden rounded-lg bg-white shadow dark:bg-gray-800">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg
class="h-6 w-6 text-yellow-500"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M12 8c-1.657 0-3 .895-3 2s1.343 2 3 2 3 .895 3 2-1.343 2-3 2m0-8c1.11 0 2.08.402 2.599 1M12 8V7m0 1v8m0 0v1m0-1c-1.11 0-2.08-.402-2.599-1"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="truncate text-sm font-medium text-gray-500 dark:text-gray-400">
Total Cost
</dt>
<dd class="text-lg font-medium text-gray-900 dark:text-white">
${{ (userStats?.totalUsage?.totalCost || 0).toFixed(4) }}
</dd>
</dl>
</div>
</div>
</div>
</div>
</div>
<!-- Search and Filters -->
<div class="rounded-lg bg-white shadow dark:bg-gray-800">
<div class="px-4 py-5 sm:p-6">
<div class="sm:flex sm:items-center sm:justify-between">
<div class="space-y-4 sm:flex sm:items-center sm:space-x-4 sm:space-y-0">
<!-- Search -->
<div class="min-w-0 flex-1">
<div class="relative rounded-md shadow-sm">
<div class="pointer-events-none absolute inset-y-0 left-0 flex items-center pl-3">
<svg
class="h-5 w-5 text-gray-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M21 21l-6-6m2-5a7 7 0 11-14 0 7 7 0 0114 0z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
<input
v-model="searchQuery"
class="block w-full rounded-md border-gray-300 pl-10 focus:border-blue-500 focus:ring-blue-500 dark:border-gray-600 dark:bg-gray-700 dark:text-white sm:text-sm"
placeholder="Search users..."
type="search"
@input="debouncedSearch"
/>
</div>
</div>
<!-- Role Filter -->
<div>
<select
v-model="selectedRole"
class="block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 dark:border-gray-600 dark:bg-gray-700 dark:text-white sm:text-sm"
@change="loadUsers"
>
<option value="">All Roles</option>
<option value="user">User</option>
<option value="admin">Admin</option>
</select>
</div>
<!-- Status Filter -->
<div>
<select
v-model="selectedStatus"
class="block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 dark:border-gray-600 dark:bg-gray-700 dark:text-white sm:text-sm"
@change="loadUsers"
>
<option value="">All Status</option>
<option value="true">Active</option>
<option value="false">Disabled</option>
</select>
</div>
</div>
</div>
</div>
</div>
<!-- Users Table -->
<div class="overflow-hidden bg-white shadow dark:bg-gray-800 sm:rounded-md">
<div class="border-b border-gray-200 px-4 py-5 dark:border-gray-700 sm:px-6">
<h3 class="text-lg font-medium leading-6 text-gray-900 dark:text-white">
Users
<span v-if="!loading" class="text-sm text-gray-500 dark:text-gray-400"
>({{ filteredUsers.length }} of {{ users.length }})</span
>
</h3>
</div>
<!-- Loading State -->
<div v-if="loading" class="py-12 text-center">
<svg
class="mx-auto h-8 w-8 animate-spin text-blue-600"
fill="none"
viewBox="0 0 24 24"
xmlns="http://www.w3.org/2000/svg"
>
<circle
class="opacity-25"
cx="12"
cy="12"
r="10"
stroke="currentColor"
stroke-width="4"
></circle>
<path
class="opacity-75"
d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"
fill="currentColor"
></path>
</svg>
<p class="mt-2 text-sm text-gray-500 dark:text-gray-400">Loading users...</p>
</div>
<!-- Users List -->
<ul
v-else-if="filteredUsers.length > 0"
class="divide-y divide-gray-200 dark:divide-gray-700"
role="list"
>
<li v-for="user in filteredUsers" :key="user.id" class="px-6 py-4">
<div class="flex items-center justify-between">
<div class="flex min-w-0 flex-1 items-center">
<div class="flex-shrink-0">
<div
class="flex h-10 w-10 items-center justify-center rounded-full bg-gray-300 dark:bg-gray-600"
>
<svg
class="h-6 w-6 text-gray-600 dark:text-gray-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M16 7a4 4 0 11-8 0 4 4 0 018 0zM12 14a7 7 0 00-7 7h14a7 7 0 00-7-7z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</div>
</div>
<div class="ml-4 min-w-0 flex-1">
<div class="flex items-center">
<p class="truncate text-sm font-medium text-gray-900 dark:text-white">
{{ user.displayName || user.username }}
</p>
<div class="ml-2 flex items-center space-x-2">
<span
:class="[
'inline-flex items-center rounded-full px-2.5 py-0.5 text-xs font-medium',
user.isActive
? 'bg-green-100 text-green-800 dark:bg-green-900 dark:text-green-200'
: 'bg-red-100 text-red-800 dark:bg-red-900 dark:text-red-200'
]"
>
{{ user.isActive ? 'Active' : 'Disabled' }}
</span>
<span
:class="[
'inline-flex items-center rounded-full px-2.5 py-0.5 text-xs font-medium',
user.role === 'admin'
? 'bg-purple-100 text-purple-800 dark:bg-purple-900 dark:text-purple-200'
: 'bg-blue-100 text-blue-800 dark:bg-blue-900 dark:text-blue-200'
]"
>
{{ user.role }}
</span>
</div>
</div>
<div
class="mt-1 flex items-center space-x-4 text-sm text-gray-500 dark:text-gray-400"
>
<span>@{{ user.username }}</span>
<span v-if="user.email">{{ user.email }}</span>
<span>{{ user.apiKeyCount || 0 }} API keys</span>
<span v-if="user.lastLoginAt"
>Last login: {{ formatDate(user.lastLoginAt) }}</span
>
<span v-else>Never logged in</span>
</div>
<div
v-if="user.totalUsage"
class="mt-1 flex items-center space-x-4 text-xs text-gray-400 dark:text-gray-500"
>
<span>{{ formatNumber(user.totalUsage.requests || 0) }} requests</span>
<span>${{ (user.totalUsage.totalCost || 0).toFixed(4) }} total cost</span>
</div>
</div>
</div>
<div class="flex items-center space-x-2">
<!-- View Usage Stats -->
<button
class="inline-flex items-center rounded border border-transparent p-1 text-gray-400 hover:text-blue-600"
title="View Usage Stats"
@click="viewUserStats(user)"
>
<svg class="h-4 w-4" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M9 19v-6a2 2 0 00-2-2H5a2 2 0 00-2 2v6a2 2 0 002 2h2a2 2 0 002-2zm0 0V9a2 2 0 012-2h2a2 2 0 012 2v10m-6 0a2 2 0 002 2h2a2 2 0 002-2m0 0V5a2 2 0 012-2h2a2 2 0 012 2v14a2 2 0 01-2 2h-2a2 2 0 01-2-2z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</button>
<!-- Disable User API Keys -->
<button
class="inline-flex items-center rounded border border-transparent p-1 text-gray-400 hover:text-red-600 disabled:cursor-not-allowed disabled:opacity-50"
:disabled="user.apiKeyCount === 0"
title="Disable All API Keys"
@click="disableUserApiKeys(user)"
>
<svg class="h-4 w-4" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M18.364 18.364A9 9 0 005.636 5.636m12.728 12.728L5.636 5.636m12.728 12.728L18 12M6 6l12 12"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</button>
<!-- Toggle User Status -->
<button
:class="[
'inline-flex items-center rounded border border-transparent p-1',
user.isActive
? 'text-gray-400 hover:text-red-600'
: 'text-gray-400 hover:text-green-600'
]"
:title="user.isActive ? 'Disable User' : 'Enable User'"
@click="toggleUserStatus(user)"
>
<svg
v-if="user.isActive"
class="h-4 w-4"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M18.364 18.364A9 9 0 005.636 5.636m12.728 12.728L5.636 5.636m12.728 12.728L18 12M6 6l12 12"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
<svg v-else class="h-4 w-4" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</button>
<!-- Change Role -->
<button
class="inline-flex items-center rounded border border-transparent p-1 text-gray-400 hover:text-purple-600"
title="Change Role"
@click="changeUserRole(user)"
>
<svg class="h-4 w-4" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path
d="M12 6V4m0 2a2 2 0 100 4m0-4a2 2 0 110 4m-6 8a2 2 0 100-4m0 4a2 2 0 100 4m0-4v2m0-6V4m6 6v10m6-2a2 2 0 100-4m0 4a2 2 0 100 4m0-4v2m0-6V4"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
</button>
</div>
</div>
</li>
</ul>
<!-- Empty State -->
<div v-else class="py-12 text-center">
<svg
class="mx-auto h-12 w-12 text-gray-400"
fill="none"
stroke="currentColor"
viewBox="0 0 24 24"
>
<path
d="M12 4.354a4 4 0 110 5.292M15 21H3v-1a6 6 0 0112 0v1zm0 0h6v-1a6 6 0 00-9-5.197m13.5-9a2.5 2.5 0 11-5 0 2.5 2.5 0 015 0z"
stroke-linecap="round"
stroke-linejoin="round"
stroke-width="2"
/>
</svg>
<h3 class="mt-2 text-sm font-medium text-gray-900 dark:text-white">No users found</h3>
<p class="mt-1 text-sm text-gray-500 dark:text-gray-400">
{{
searchQuery ? 'No users match your search criteria.' : 'No users have been created yet.'
}}
</p>
</div>
</div>
<!-- User Usage Stats Modal -->
<UserUsageStatsModal
:show="showStatsModal"
:user="selectedUser"
@close="showStatsModal = false"
/>
<!-- Confirm Modals -->
<ConfirmModal
:confirm-class="confirmAction.confirmClass"
:confirm-text="confirmAction.confirmText"
:message="confirmAction.message"
:show="showConfirmModal"
:title="confirmAction.title"
@cancel="showConfirmModal = false"
@confirm="handleConfirmAction"
/>
<!-- Change Role Modal -->
<ChangeRoleModal
:show="showRoleModal"
:user="selectedUser"
@close="showRoleModal = false"
@updated="handleUserUpdated"
/>
</div>
</template>
<script setup>
import { ref, computed, onMounted } from 'vue'
import { apiClient } from '@/config/api'
import { showToast } from '@/utils/toast'
import { debounce } from 'lodash-es'
import UserUsageStatsModal from '@/components/admin/UserUsageStatsModal.vue'
import ChangeRoleModal from '@/components/admin/ChangeRoleModal.vue'
import ConfirmModal from '@/components/common/ConfirmModal.vue'
const loading = ref(true)
const users = ref([])
const userStats = ref(null)
const searchQuery = ref('')
const selectedRole = ref('')
const selectedStatus = ref('')
const showStatsModal = ref(false)
const showConfirmModal = ref(false)
const showRoleModal = ref(false)
const selectedUser = ref(null)
const confirmAction = ref({
title: '',
message: '',
confirmText: '',
confirmClass: '',
action: null
})
const filteredUsers = computed(() => {
let filtered = users.value
// Apply search filter
if (searchQuery.value) {
const query = searchQuery.value.toLowerCase()
filtered = filtered.filter(
(user) =>
user.username.toLowerCase().includes(query) ||
user.displayName?.toLowerCase().includes(query) ||
user.email?.toLowerCase().includes(query)
)
}
// Apply role filter
if (selectedRole.value) {
filtered = filtered.filter((user) => user.role === selectedRole.value)
}
// Apply status filter
if (selectedStatus.value !== '') {
const isActive = selectedStatus.value === 'true'
filtered = filtered.filter((user) => user.isActive === isActive)
}
return filtered
})
const formatNumber = (num) => {
if (num >= 1000000) {
return (num / 1000000).toFixed(1) + 'M'
} else if (num >= 1000) {
return (num / 1000).toFixed(1) + 'K'
}
return num.toString()
}
const formatDate = (dateString) => {
if (!dateString) return null
return new Date(dateString).toLocaleDateString('en-US', {
year: 'numeric',
month: 'short',
day: 'numeric',
hour: '2-digit',
minute: '2-digit'
})
}
const loadUsers = async () => {
loading.value = true
try {
const [usersResponse, statsResponse] = await Promise.all([
apiClient.get('/users', {
params: {
role: selectedRole.value || undefined,
isActive: selectedStatus.value !== '' ? selectedStatus.value : undefined
}
}),
apiClient.get('/users/stats/overview')
])
if (usersResponse.success) {
users.value = usersResponse.users
}
if (statsResponse.success) {
userStats.value = statsResponse.stats
}
} catch (error) {
console.error('Failed to load users:', error)
showToast('Failed to load users', 'error')
} finally {
loading.value = false
}
}
const debouncedSearch = debounce(() => {
// Search is handled by computed property
}, 300)
const viewUserStats = (user) => {
selectedUser.value = user
showStatsModal.value = true
}
const toggleUserStatus = (user) => {
selectedUser.value = user
confirmAction.value = {
title: user.isActive ? 'Disable User' : 'Enable User',
message: user.isActive
? `Are you sure you want to disable user "${user.username}"? This will prevent them from logging in.`
: `Are you sure you want to enable user "${user.username}"?`,
confirmText: user.isActive ? 'Disable' : 'Enable',
confirmClass: user.isActive ? 'bg-red-600 hover:bg-red-700' : 'bg-green-600 hover:bg-green-700',
action: 'toggleStatus'
}
showConfirmModal.value = true
}
const disableUserApiKeys = (user) => {
if (user.apiKeyCount === 0) return
selectedUser.value = user
confirmAction.value = {
title: 'Disable All API Keys',
message: `Are you sure you want to disable all ${user.apiKeyCount} API keys for user "${user.username}"? This will prevent them from using the service.`,
confirmText: 'Disable Keys',
confirmClass: 'bg-red-600 hover:bg-red-700',
action: 'disableKeys'
}
showConfirmModal.value = true
}
const changeUserRole = (user) => {
selectedUser.value = user
showRoleModal.value = true
}
const handleConfirmAction = async () => {
const user = selectedUser.value
const action = confirmAction.value.action
try {
if (action === 'toggleStatus') {
const response = await apiClient.patch(`/users/${user.id}/status`, {
isActive: !user.isActive
})
if (response.success) {
const userIndex = users.value.findIndex((u) => u.id === user.id)
if (userIndex !== -1) {
users.value[userIndex].isActive = !user.isActive
}
showToast(`User ${user.isActive ? 'disabled' : 'enabled'} successfully`, 'success')
}
} else if (action === 'disableKeys') {
const response = await apiClient.post(`/users/${user.id}/disable-keys`)
if (response.success) {
showToast(`Disabled ${response.disabledCount} API keys`, 'success')
await loadUsers() // Refresh to get updated counts
}
}
} catch (error) {
console.error(`Failed to ${action}:`, error)
showToast(`Failed to ${action}`, 'error')
} finally {
showConfirmModal.value = false
selectedUser.value = null
}
}
const handleUserUpdated = () => {
showRoleModal.value = false
selectedUser.value = null
loadUsers()
}
onMounted(() => {
loadUsers()
})
</script>
<style scoped>
/* 组件特定样式 */
</style>