Security enhancement to prevent disabled users from using API keys:
- Auto-disable all API keys when user is disabled/deleted
- Add user status validation during API key authentication
- Prevent API usage even if key is active but user is disabled
- Add comprehensive logging for security audit trail
This ensures disabled users cannot bypass restrictions through
existing API keys and maintains system security integrity.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add isDeleted, deletedAt, deletedBy, deletedByType fields to getUserApiKeys service method
- Include deletion fields in user routes API keys response
- Add debug logging to dashboard component to troubleshoot deleted keys count
- Ensure frontend can properly identify and count deleted API keys
This fixes the issue where deleted API keys count was always showing 0
instead of the actual number of deleted keys.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add deleted API keys display to user's My API Keys view
- Show deleted status with gray indicator and "Deleted" badge
- Display deletion date and hide delete button for deleted keys
- Fix cost calculation in admin deleted API keys tab
- Add getCostStats call to properly populate cost data
- Support includeDeleted parameter in user API keys endpoint
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Redirect users to API Keys tab after login instead of overview
- Remove Token Limit and Daily Cost Limit from user API key details modal
- Implement soft delete for API keys to preserve usage statistics
- Add admin endpoint to view deleted API keys with metadata
- Track deletion metadata (deletedBy, deletedAt, deletedByType)
- Ensure deleted API keys cannot be restored
- Include deleted key stats in user totals while excluding from active count
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add comprehensive input validation for LDAP authentication:
- Validate bindDN, bindCredentials, userDN, and password parameters
- Add configuration validation during service initialization
- Enhanced error messages for missing/invalid LDAP settings
- Prevent "stringToWrite must be a string" errors from ldapjs client
- Added null/undefined checks for all LDAP credential parameters
This fixes authentication errors when LDAP configuration values
are missing, empty, or of incorrect type.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- 自动将 gpt-5-xxx 格式的模型 ID 标准化为 gpt-5
- 解决 Codex API 不接受具体版本模型 ID 的问题
- 添加日志记录模型标准化过程
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add 401 error detection and automatic account suspension after 3 consecutive failures
- Implement account status reset functionality for clearing all error states
- Enhance admin interface with status reset controls and improved status display
- Upgrade service management script with backup protection and retry mechanisms
- Add mandatory code formatting requirements using Prettier
- Improve account selector with detailed status information and color coding
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Introduces a streamlined Setup Token authentication method that reduces the required OAuth scopes from 'org:create_api_key user:profile user:inference' to just 'user:inference', simplifying the account setup process for users who only need inference capabilities.
Key changes:
- Add Setup Token authorization endpoints in admin routes
- Implement Setup Token OAuth flow with PKCE support in oauthHelper
- Update AccountForm to support Setup Token as the default auth method
- Add automatic authorization code extraction from callback URLs
- Maintain full proxy configuration support for Setup Token flow
- Preserve existing OAuth flow for advanced users requiring API key creation
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
