From 5d586a9f3a18d724d7883fa636328400c302e261 Mon Sep 17 00:00:00 2001
From: shaw <shaw-wei@foxmail.com>
Date: Fri, 17 Apr 2026 10:17:50 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=B8=8A=E6=B8=B8=E8=BF=94=E5=9B=9E=20K?=
 =?UTF-8?q?YC=20=E8=BA=AB=E4=BB=BD=E9=AA=8C=E8=AF=81=E8=A6=81=E6=B1=82?=
 =?UTF-8?q?=E6=97=B6=E5=81=9C=E6=AD=A2=E8=B4=A6=E5=8F=B7=E8=B0=83=E5=BA=A6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/internal/service/ratelimit_service.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/backend/internal/service/ratelimit_service.go b/backend/internal/service/ratelimit_service.go
index 4d8009b7..53581574 100644
--- a/backend/internal/service/ratelimit_service.go
+++ b/backend/internal/service/ratelimit_service.go
@@ -152,6 +152,11 @@ func (s *RateLimitService) HandleUpstreamError(ctx context.Context, account *Acc
 			msg := "Credit balance exhausted (400): " + upstreamMsg
 			s.handleAuthError(ctx, account, msg)
 			shouldDisable = true
+		} else if strings.Contains(strings.ToLower(upstreamMsg), "identity verification is required") {
+			// KYC 身份验证要求 → 永久禁用，账号需完成身份验证后才能恢复
+			msg := "Identity verification required (400): " + upstreamMsg
+			s.handleAuthError(ctx, account, msg)
+			shouldDisable = true
 		}
 		// 其他 400 错误（如参数问题）不处理，不禁用账号
 	case 401: