github/claude-relay-service
1
0
Fork 0
mirror of https://github.com/Wei-Shaw/claude-relay-service.git synced 2026-03-30 04:47:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,677 Commits 8 Branches 50 Tags
3f0dabc5fad3a284c43b047077ee668eb981f988
Commit Graph

800 Commits

Author SHA1 Message Date
Anonymous Contributor
3f0dabc5fa fix(gemini): resolve incomplete fix and race conditions in usage capture 2026-02-14 15:44:25 +08:00
Anonymous Contributor
29d36bdf14 fix(gemini): handle split chunks correctly in stream usage capture 2026-02-13 15:11:10 +08:00
Wesley Liddick
5fd834857e Merge pull request #966 from TyrantLucifer/fix-cluade-opus-limit 
fix: update the claude model limit logic
 2026-02-10 19:15:41 +08:00
shaw
0cdfd65142 Merge branch 'main' into feat/oai_optimize 2026-02-10 19:09:59 +08:00
tyrantlucifer
f444af49bf fix: update the limit logic, and if the daily limit is not reached after reaching the opus weekly limit, other claude models can be used 2026-02-10 14:17:36 +08:00
shaw
4ed0108a9c fix: 移除特定system以适配新版cc客户端缓存失效的bug 2026-02-10 11:22:02 +08:00
SunSeekerX
c21997b7f4 1 2026-02-09 22:06:15 +08:00
SunSeekerX
29f2c4aba1 1 2026-02-09 20:33:04 +08:00
SunSeekerX
a08d51ba57 1 2026-02-09 20:24:38 +08:00
SunSeekerX
4637ee03b1 Merge branch 'main' into feat/oai_optimize 2026-02-09 18:17:28 +08:00
SunSeekerX
a119cb1744 1 2026-02-09 18:13:45 +08:00
shaw
b66d65d50f fix: 修复openai账号多分组保存问题 2026-02-09 16:31:31 +08:00
shaw
21fd4113c8 feat: 新增opus4.6支持 2026-02-07 19:28:42 +08:00
Wesley Liddick
20db21f99d Merge pull request #947 from sczheng189/main 
MOD: API-Key详情页限制的显示补充 + claude周费用补充注解以及修改
 2026-02-06 11:12:12 +08:00
sczheng
d224a7f4c1 fix: 修复速率限制的使用次数显示问题 2026-02-05 11:43:53 +08:00
shaw
f96e21c615 chore: upgrade Antigravity User-Agent to 1.15.8 2026-01-30 09:33:04 +08:00
sczheng
88c96f8813 Merge remote-tracking branch 'upstream/main' 2026-01-27 22:21:51 +08:00
QTom
816c47b51d feat(codex): 添加 codex_exec 用户代理支持 
支持 Codex CLI 的非交互式/脚本模式(codex exec),使其与 codex_vscode 和 codex_cli_rs 共享相同的验证逻辑和权限配置。修复 codex exec 0.89.0 版本因客户端限制导致的 403 错误。
 2026-01-25 12:24:19 +08:00
Wesley Liddick
efda870e96 Merge pull request #923 from DaydreamCoding/feature/fix_api_auth 
fix(auth): 修复客户端限制绕过漏洞,添加路径白名单检查
 2026-01-24 20:21:52 +08:00
Wesley Liddick
1ae310f2a1 Merge pull request #920 from arksou/main [skip ci] 
fix: 配额超限优化
 2026-01-24 20:21:34 +08:00
QTom
6dc85b39c9 refactor(validators): 消除重复代码,使用映射表和复用函数 
代码审查后的重构:
- isPathAllowedForClient 复用 getClientDefinitionById 避免重复查找
- validateRequest 中使用 getClientDefinitionById 替代内联查找
- 使用 VALIDATOR_MAP 映射表替代 switch 语句
- getSupportedClients 改为从映射表动态获取,避免硬编码
- 导入 CLIENT_IDS 枚举,提高类型安全性

这些改动提高了代码的可维护性,添加新客户端时只需修改映射表。
 2026-01-24 17:45:13 +08:00
QTom
6c4670213e fix(auth): 修复客户端限制绕过漏洞,添加路径白名单检查 
当 API Key 启用客户端限制(如仅允许 Claude Code)时,攻击者可通过
/api/v1/chat/completions 等 OpenAI 兼容端点绕过验证。原因是
ClaudeCodeValidator 对非 messages 路径仅检查 User-Agent。

修复方案:
- 为每个客户端类型定义允许的路径白名单
- 在客户端验证前进行路径检查
- 路径不在白名单中则直接拒绝,无需继续验证

修改文件:
- src/validators/clientDefinitions.js:添加 allowedPathPrefixes 配置
- src/validators/clientValidator.js:添加路径白名单前置检查

Claude Code 限制时的路由保护:
- 允许访问:/api/v1/messages, /claude/v1/messages 等原生端点
- 拒绝访问:/api/v1/chat/completions, /openai/claude/v1/chat/completions 等
- 其他客户端类型(Gemini CLI、Codex CLI、Droid CLI)也同样适用

相关问题:/api/v1/chat/completions 端点在启用 Claude Code 限制后
依然可以使用,深入分析原因并提供修复方案 #security #client-restriction
 2026-01-24 17:37:42 +08:00
gaozitian
d16b75293d fix: optimize Claude Console quota exceeded status display 
- Keep account status as 'active' when quota exceeded (not 'quota_exceeded')
- Keep isActive as true, only use quotaStoppedAt to mark quota exceeded
- Show green status in UI for quota exceeded accounts (normal state)
- Show '余额不足' as unschedulable reason instead of '已暂停'
- Simplify resetDailyUsage() to only check quotaStoppedAt field

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-24 12:06:09 +08:00
Wesley Liddick
a3a922ac09 Merge pull request #919 from arksou/hotfix/claude-console-quota-exceeded-recovery 
fix: Claude Console 配额超限状态优化,支持主动自动恢复
 2026-01-23 19:16:10 +08:00
Wesley Liddick
0073d40299 Merge pull request #916 from enzyme2013/fix/allow-new-session-after-clear [skip ci] 
fix: allow new session binding after /clear command
 2026-01-23 19:15:59 +08:00
jett.gao
d812af9159 fix: Claude Console 配额超限状态优化,支持主动自动恢复 
- 新增 rateLimitCleanupService 配额超限恢复检查(每5分钟)
- 调度器预检查配额超限账户,到达重置时间自动恢复
- 前端显示"余额不足"替代默认的"手动停止调度"

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-23 18:19:34 +08:00
Junming Chen
9d70110139 fix: add missing crypto module import in geminiAccountService 2026-01-22 21:32:49 -05:00
sczheng
c0c944f904 mod: 补充API KEY详情页进度条 2026-01-23 09:54:00 +08:00
enzyme2013
16e2bcfedb fix: allow new session binding after /clear command 
- 移除 isOldSession 检查,信任客户端的 session ID 作为新会话标识
- 将 sessionBindingTtlDays 默认值从 30 天改为 1 天,避免 Redis 内存累积
- 添加新会话绑定的监控日志(包含 sessionId、messages 数量、accountId 等)
- 完美支持 Claude Code /clear 等合法的新会话场景
- 同步更新前端界面的默认值配置

问题背景:
用户在 Claude Code 中执行 /clear 后,会生成新的 session ID,
但旧的逻辑会检查请求内容判定为"旧会话",导致返回"本地session已污染"错误。

修复方案:
采用方案2(放宽新会话检测)+ TTL 优化,信任客户端的 session ID,
不再检查请求内容是否"看起来像旧会话",由 1 天的 TTL 自动清理过期绑定。

影响范围:
- src/routes/api.js (流式和非流式两处)
- src/services/claudeRelayConfigService.js
- web/admin-spa/src/views/SettingsView.vue
 2026-01-22 17:31:11 +08:00
SunSeekerX
ea6d1f1b36 1 2026-01-22 17:07:52 +08:00
SunSeekerX
4367fa47da 1 2026-01-22 17:02:00 +08:00
root
55c876fad5 fix: unify weekly cost key to usage:opus:* 
- redis.getWeeklyOpusCost: read only usage:opus:weekly:* (remove claude fallback)
- weeklyClaudeCostInitService: write to usage:opus:weekly:* instead of claude

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-22 16:09:01 +08:00
root
f9df276d0c merge: resolve conflicts from main branch 
- auth.js: keep 402 status code with Opus message
- redis.js: keep dual-cost tracking (rated/real) with opus key prefix, add setWeeklyOpusCost method
- apiKeyService.js: keep both imports, serviceRates handling, and 5-param recordOpusCost

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-22 15:27:52 +08:00
Wesley Liddick
35f755246e Merge pull request #914 from sczheng189/main 
mod: 修改opus周限额为Claude模型的周限额
 2026-01-22 15:18:16 +08:00
root
83cbaf7c3e fix: resolve all ESLint errors 
- droidRelayService: add missing keyId variable declaration
- quotaCardService: use object destructuring for actualDeducted
- apiKeyService: remove unused variables and duplicate requires
- redis: remove shadowed logger/config requires
- unifiedGeminiScheduler: rename isActive param to avoid shadow
- commonHelper: add comments to empty catch blocks
- testPayloadHelper: prefix unused model param with underscore

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-22 15:14:22 +08:00
shaw
968398ffa5 fix: API Key permissions multi-select save and display issue 
- Fix updateApiKey to use JSON.stringify for permissions field
- Add comma-separated string handling in normalizePermissions
- Add frontend parsing for comma-separated permissions format

Fixes issue where selecting multiple permissions (e.g. Claude + OpenAI)
would be saved as "claude,openai" instead of '["claude","openai"]'
 2026-01-22 15:07:19 +08:00
shaw
645ab43675 chore: sync latest Claude Code system prompt definitions 
Add claudeOtherSystemPrompt5 for CLI billing header detection
 2026-01-22 15:07:10 +08:00
root
24f825f60d style: format all files with prettier 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-22 15:05:58 +08:00
root
ac7d28f9ce style: format quotaCardService.js with prettier 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-22 15:04:55 +08:00
sczheng
1027a2e3e2 mod: 修改opus周限额为Claude模型的周限额 2026-01-22 15:04:34 +08:00
SunSeekerX
cb935ea0f0 1 2026-01-22 14:56:09 +08:00
SunSeekerX
73a241df1a Merge branch 'main' into feat/optimize 2026-01-21 11:56:02 +08:00
SunSeekerX
029bdf3719 1 2026-01-21 11:55:28 +08:00
shaw
c7d7bf47d6 fix: 更新claude账号oauth链接生成规则 2026-01-21 10:06:24 +08:00
Wesley Liddick
ebc30b6026 Merge pull request #906 from 0xRichardH/fix-bedrock-sse-stream-event [skip ci] 
Fix bedrock sse stream event
 2026-01-21 09:38:19 +08:00
SunSeekerX
76ecbe18a5 1 2026-01-19 20:24:47 +08:00
Richard Hao
81a3e26e27 fix: correct Bedrock SSE stream event format to match Claude API spec 
- message_start: nest fields inside 'message' object with type: 'message'
- content_block_delta: add type field to data
- message_delta: add type field to data
- message_stop: remove usage field, just return type
- Extract usage from message_delta instead of message_stop
 2026-01-18 11:38:38 +08:00
Richard Hao
64db4a270d fix: handle bedrock content block start/stop events 2026-01-18 10:58:11 +08:00
RedwindA
ca027ecb90 feat(droid): add prompt_cache_retention and safety_identifier to fieldsToRemove 2026-01-16 04:22:05 +08:00
Wesley Liddick
4ea3d4830f Merge pull request #858 from zengqinglei/feature/gemini-retrieve-user-quota 
feat: 添加 Gemini retrieveUserQuota 接口支持
 2026-01-15 11:07:41 +08:00