feat: 给key增加总用量限制

2026-01-23 00:53:33 +00:00 · 2025-09-19 21:57:24 +08:00
parent 4d78471891
commit ec28b66e7f
11 changed files with 604 additions and 8 deletions
--- a/src/routes/userRoutes.js
+++ b/src/routes/userRoutes.js
@@ -258,6 +258,9 @@ router.get('/api-keys', authenticateUser, async (req, res) => {
        usage: flatUsage,
        dailyCost: key.dailyCost,
        dailyCostLimit: key.dailyCostLimit,
+        totalUsageLimit: key.totalUsageLimit,
+        totalCost: key.totalCost,
+        totalCostLimit: key.totalCostLimit,
        // 不返回实际的key值，只返回前缀和后几位
        keyPreview: key.key
          ? `${key.key.substring(0, 8)}...${key.key.substring(key.key.length - 4)}`
@@ -287,7 +290,15 @@ router.get('/api-keys', authenticateUser, async (req, res) => {
 // 🔑 创建新的API Key
 router.post('/api-keys', authenticateUser, async (req, res) => {
  try {
-    const { name, description, tokenLimit, expiresAt, dailyCostLimit } = req.body
+    const {
+      name,
+      description,
+      tokenLimit,
+      expiresAt,
+      dailyCostLimit,
+      totalUsageLimit,
+      totalCostLimit
+    } = req.body

    if (!name || !name.trim()) {
      return res.status(400).json({
@@ -296,6 +307,32 @@ router.post('/api-keys', authenticateUser, async (req, res) => {
      })
    }

+    if (
+      totalCostLimit !== undefined &&
+      totalCostLimit !== null &&
+      totalCostLimit !== '' &&
+      (Number.isNaN(Number(totalCostLimit)) || Number(totalCostLimit) < 0)
+    ) {
+      return res.status(400).json({
+        error: 'Invalid total cost limit',
+        message: 'Total cost limit must be a non-negative number'
+      })
+    }
+
+    if (
+      totalUsageLimit !== undefined &&
+      totalUsageLimit !== null &&
+      totalUsageLimit !== ''
+    ) {
+      const usageLimit = Number(totalUsageLimit)
+      if (Number.isNaN(usageLimit) || usageLimit < 0) {
+        return res.status(400).json({
+          error: 'Invalid total usage limit',
+          message: 'Total usage limit must be a non-negative number'
+        })
+      }
+    }
+
    // 检查用户API Key数量限制
    const userApiKeys = await apiKeyService.getUserApiKeys(req.user.id)
    if (userApiKeys.length >= config.userManagement.maxApiKeysPerUser) {
@@ -314,6 +351,8 @@ router.post('/api-keys', authenticateUser, async (req, res) => {
      tokenLimit: tokenLimit || null,
      expiresAt: expiresAt || null,
      dailyCostLimit: dailyCostLimit || null,
+      totalUsageLimit: totalUsageLimit || null,
+      totalCostLimit: totalCostLimit || null,
      createdBy: 'user',
      // 设置服务权限为全部服务，确保前端显示“服务权限”为“全部服务”且具备完整访问权限
      permissions: 'all'
@@ -337,6 +376,8 @@ router.post('/api-keys', authenticateUser, async (req, res) => {
        tokenLimit: newApiKey.tokenLimit,
        expiresAt: newApiKey.expiresAt,
        dailyCostLimit: newApiKey.dailyCostLimit,
+        totalUsageLimit: newApiKey.totalUsageLimit,
+        totalCostLimit: newApiKey.totalCostLimit,
        createdAt: newApiKey.createdAt
      }
    })