102 Commits

Author	SHA1	Message	Date
huangzhenpc	3af4dd4c74	Merge upstream/main: v0.1.65-v0.1.75 updates ... Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-09 16:56:49 +08:00
QTom	04cedce9a1	test: 为 stubAccountRepo 添加 ListCRSAccountIDs 方法实现	2026-02-09 11:40:37 +08:00
erio	9a479d1b55	fix: resolve CI failures from scope removal refactor ... - Fix gofmt alignment in ops_realtime_models.go - Remove SetAntigravityQuotaScopeLimit mock from api_contract_test.go - Add UpdateSortOrders mock to mockGroupRepoForGateway	2026-02-09 08:27:14 +08:00
bayma888	bac9e2bfd5	feat(admin): add drag-and-drop group sort order ... - Add `sort_order` field to groups table with migration - Add `PUT /api/v1/admin/groups/sort-order` API for batch update - Implement drag-and-drop UI using vue-draggable-plus - All queries now order groups by sort_order - Add i18n support (en/zh) for sort-related UI text - Update test stubs to satisfy new interface methods	2026-02-08 16:53:45 +08:00
LLLLLLiulei	7319122e92	merge upstream/main	2026-02-06 11:33:45 +08:00
LLLLLLiulei	0b45d48e85	perf: batch fetch proxies for account export	2026-02-05 18:40:49 +08:00
shaw	2b192f7dca	feat: 支持用户专属分组倍率配置	2026-02-05 16:05:42 +08:00
JIA-ss	fa3ea5ee4d	feat(gateway): filter /v1/usage stats by API Key instead of UserID ... Previously the /v1/usage endpoint aggregated usage stats (today/total tokens, cost, RPM/TPM) across all API Keys belonging to the user. This made it impossible to distinguish usage from different API Keys (e.g. balance vs subscription keys). Now the usage stats are filtered by the current request's API Key ID, so each key only sees its own usage data. The balance/remaining fields are unaffected and still reflect the user-level wallet balance. Changes: - Add GetAPIKeyDashboardStats to repository interface and implementation - Add getPerformanceStatsByAPIKey helper (also fixes TPM to include cache_creation_tokens and cache_read_tokens) - Add GetAPIKeyDashboardStats to UsageService - Update Usage handler to call GetAPIKeyDashboardStats(apiKey.ID) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-05 11:45:54 +08:00
Wesley Liddick	4cce21b125	Merge branch 'main' into main	2026-02-03 21:43:41 +08:00
Wesley Liddick	c0c9c984d1	Merge pull request #471 from bayma888/feature/api-key-quota-expiration ... feat(api-key): 添加API密钥独立配额和过期时间功能	2026-02-03 21:11:17 +08:00
bayma888	0afc5d0b1a	fix(test): update API contract tests for new quota fields ... Add quota, quota_used, expires_at fields to expected JSON responses in POST /api/v1/keys and GET /api/v1/keys test cases.	2026-02-03 20:54:25 +08:00
bayma888	be7bc658fc	fix(test): add IncrementQuotaUsed to all APIKeyRepository test stubs ... - Add missing IncrementQuotaUsed method to stubApiKeyRepo in api_contract_test.go - Fix gofmt formatting issues in api_key_service.go, dto/types.go, api_key_handler.go	2026-02-03 20:49:58 +08:00
Wesley Liddick	c89bbf5130	Merge pull request #458 from bayma888/feature/admin-user-balance-history ... feat(admin): 管理员可查看每个用户充值和并发变动记录、点击余额可直接查看、优化弹框UI	2026-02-03 20:37:30 +08:00
bayma888	730d2a9ad2	fix(test): add missing stub methods to stubRedeemCodeRepo in api_contract_test ... Add ListByUserPaginated and SumPositiveBalanceByUser methods	2026-02-03 19:36:17 +08:00
song	7cb5444dbb	fix: update tests for group fallback	2026-02-03 16:48:52 +08:00
song	2220fd18ca	merge upstream main	2026-02-03 15:36:17 +08:00
shuike	0ed4a404e4	fix(test): api_contract_test添加 invitation_code_enabled 字段	2026-02-03 13:38:44 +08:00
shuike	6c86501d11	feat: 增加邀请码注册功能	2026-02-03 13:38:44 +08:00
song	0170d19fa7	merge upstream main	2026-02-02 22:13:50 +08:00
liuxiongfeng	ce1d2904c7	test: 为测试 stub 添加缺失的 GroupRepository 接口方法 ... 新增 BindAccountsToGroup 和 GetAccountIDsByGroupIDs 方法的 stub 实现， 确保测试文件中的 mock 类型满足 GroupRepository 接口要求。	2026-02-02 22:06:37 +08:00
huangzhenpc	8e88d1dd80	Merge upstream/main: v0.1.62-v0.1.64 updates ... Major updates: - fix(gateway): fix SSE streaming usage data overwrite issue - feat(purchase): add purchase subscription iframe page and config - fix(scheduler): fix race condition from empty cache - feat(settings): add PurchaseSubscriptionEnabled and PurchaseSubscriptionURL Resolved conflicts: - backend/cmd/server/VERSION: updated to 0.1.61 - setting_service.go: keep TianShuAPI site name while adding purchase subscription features Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-01-29 16:41:17 +08:00
ducky	04a509d45e	feat(purchase): 增加购买订阅 iframe 页面与配置 ... - 新增 /purchase 页面（iframe + 新窗口兜底） - 管理员系统设置可配置开关与URL - 非 simple mode 才在侧边栏展示入口	2026-01-28 13:54:32 +08:00
huangzhenpc	2d77047287	Merge upstream/main: v0.1.61 updates with TOTP & password reset ... Major features: - feat(auth): add TOTP (2FA) support for enhanced security - feat(auth): add password reset functionality - feat(openai): improve rate limit handling with reset time tracking - feat(subscription): add expiry notification service - fix(urlvalidator): remove trailing slash from validated URLs - docs: update demo site domain Resolved conflicts: - deploy/docker-compose.yml: added TOTP_ENCRYPTION_KEY config - setting_service.go: keep TianShuAPI site name while adding new features Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-01-26 10:35:33 +08:00
shaw	1245f07a2d	feat(auth): 实现 TOTP 双因素认证功能 ... 新增功能： - 支持 Google Authenticator 等应用进行 TOTP 二次验证 - 用户可在个人设置中启用/禁用 2FA - 登录时支持 TOTP 验证流程 - 管理后台可全局开关 TOTP 功能 安全增强： - TOTP 密钥使用 AES-256-GCM 加密存储 - 添加 TOTP_ENCRYPTION_KEY 配置项，必须手动配置才能启用功能 - 防止服务重启导致加密密钥变更使用户无法登录 - 验证失败次数限制，防止暴力破解 配置说明： - Docker 部署：在 .env 中设置 TOTP_ENCRYPTION_KEY - 非 Docker 部署：在 config.yaml 中设置 totp.encryption_key - 生成密钥命令：openssl rand -hex 32	2026-01-26 09:19:53 +08:00
shaw	9cc8352593	feat(auth): 密码重置邮件队列化与限流优化 ... - 邮件发送改为异步队列处理，避免并发导致发送失败 - 新增 Email 维度限流（30秒冷却期），防止邮件轰炸 - Token 验证使用常量时间比较，防止时序攻击 - 重构代码消除冗余，提取公共验证逻辑	2026-01-24 22:55:28 +08:00
shaw	43a1031e38	fix(test): 修复订阅相关测试失败问题 ... 1. 使用未来日期(2099年)作为测试订阅的过期时间，避免 normalizeSubscriptionStatus 将测试数据标记为过期 2. 修复 List 方法调用参数不足的问题（新增 sortBy/sortOrder 参数）	2026-01-24 21:10:02 +08:00
shaw	b0aa23540b	feat(subscription): 订阅过期状态自动更新与服务端排序 ... - 新增 SubscriptionExpiryService 定时任务，每分钟更新过期订阅状态 - 订阅列表支持服务端排序（按过期时间、状态、创建时间） - 实时显示正确的过期状态，无需等待定时任务 - 允许对已过期订阅进行续期操作 - DataTable 组件支持 serverSideSort 模式	2026-01-24 20:26:01 +08:00
huangzhenpc	dc031ec3d0	Merge upstream/main: sync latest updates ... - feat(gateway): aggregate all text chunks in non-streaming Gemini responses - feat(gateway): add SUGGESTION MODE request interception - feat(oauth): support Anthropic Team accounts with sk authorization - fix(oauth): update Anthropic OAuth parameters to sync with latest client - feat: add PromoCodeEnabled setting (default: true) - resolved conflict: keep TianShuAPI site name while adding PromoCode feature Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-01-24 10:21:16 +08:00
shaw	2665230a09	fix(token-cache): 修复异步刷新与请求线程的缓存竞态条件 ... - 新增 _token_version 版本号机制，防止过期 token 污染缓存 - TokenRefreshService 刷新成功后写入版本号并清除缓存 - TokenProvider 写入缓存前检查版本，过时则跳过 - ClearError 时同步清除 token 缓存	2026-01-22 21:09:28 +08:00
shaw	81989eed1c	test: add promo_code_enabled to API contract test	2026-01-20 16:02:49 +08:00
huangzhenpc	6989e3420e	Merge remote-tracking branch 'upstream/main'	2026-01-20 14:39:03 +08:00
song	64795a03e3	新增账号凭证邮箱查询接口	2026-01-20 14:17:10 +08:00
Wesley Liddick	e7bc62500b	Merge pull request #333 from whoismonay/main ... fix: 普通用户接口移除管理员敏感字段透传	2026-01-19 21:35:51 +08:00
墨颜	6aef1af76e	fix(redeem): 用户兑换历史不返回备注 ... - 用户侧 RedeemCode DTO 移除 notes 字段，避免泄露内部备注\n- 新增 AdminRedeemCode，并调整管理员兑换码接口继续返回 notes\n- 增加 /api/v1/redeem/history 契约测试，确保用户侧响应不包含 notes	2026-01-19 20:09:35 +08:00
Gemini Wen	a54852e129	fix: 补充API契约测试中缺失的hide_ccs_import_button字段 ... Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-19 20:06:36 +08:00
Gemini Wen	668118def1	fix: 修复遗漏的测试文件更新和lint错误 ... - 更新api_contract_test.go以匹配NewAccountHandler新增的tokenCacheInvalidator参数 - 修复errcheck lint错误，显式忽略c.Error()返回值 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-19 19:58:09 +08:00
墨颜	31cde6c555	fix(subscriptions): 用户订阅不返回分配信息 ... - 用户侧 UserSubscription DTO 移除 assigned_by/assigned_at/notes/assigned_by_user 等管理员字段\n- 新增 AdminUserSubscription，并调整管理员订阅接口与批量分配结果使用\n- 增加 /api/v1/subscriptions 契约测试，确保用户侧响应不包含上述字段	2026-01-19 19:35:13 +08:00
墨颜	00d9fbd220	fix(user): 普通用户接口不返回备注 ... - 用户侧 dto.User 移除 notes 字段，避免泄露管理员备注\n- 新增 dto.AdminUser 并调整 /admin/users 系列接口使用\n- 前端拆分 User/AdminUser，管理端用户页面使用 AdminUser\n- 更新契约测试：/api/v1/auth/me 响应不包含 notes	2026-01-19 19:23:51 +08:00
墨颜	4f4c9679bf	fix(groups): 用户分组不下发内部路由信息 ... - 普通用户 Group DTO 移除 model_routing/account_count/account_groups，避免泄露内部路由与账号信息\n- 新增 AdminGroup DTO，并仅在管理员分组接口返回完整字段\n- 前端拆分 Group/AdminGroup，管理端页面与 API 使用 AdminGroup\n- 增加 /api/v1/groups/available 契约测试，防止回归	2026-01-19 18:58:42 +08:00
墨颜	2f6f758670	fix(usage): 用户使用记录不下发账号计费倍率 ... - 将 usage log DTO 拆分为用户/管理员两类 - 用户接口不返回 account_rate_multiplier/ip_address/account - 管理员接口保留管理员字段 - 补充契约测试防止回归	2026-01-19 17:05:42 +08:00
Wesley Liddick	0f8d42c577	Merge pull request #327 from mt21625457/main ... feat(usage): 添加清理任务与统计过滤	2026-01-19 09:18:00 +08:00
Wesley Liddick	03c7578713	Merge pull request #325 from slovx2/main ... fix(antigravity): 修复Antigravity 频繁429的问题，以及一系列优化，配置增强	2026-01-19 09:17:15 +08:00
huangzhenpc	c4cc56eb10	Merge remote-tracking branch 'upstream/main'	2026-01-18 23:46:19 +08:00
shaw	46ae08ecb7	fix: 补充测试桩缺失的接口方法	2026-01-18 22:23:03 +08:00
yangjianbo	bdc426a774	Merge branch 'main' into dev	2026-01-18 15:55:58 +08:00
yangjianbo	ef5a41057f	feat(usage): 添加清理任务与统计过滤	2026-01-18 10:52:18 +08:00
song	b9b4db3df5	Merge upstream/main	2026-01-17 18:00:07 +08:00
huangzhenpc	868f75a792	feat: 品牌重命名 Sub2API -> TianShuAPI (基于官方 v0.1.56) ... 基于官方最新代码 upstream/main (dae0d53) 新功能： - 添加 5小时窗口费用控制和会话数量限制 - Caddy 静态资源长期缓存配置 - 前端性能优化（路由预加载、移除 Google Fonts 改用系统字体） - 修复 api_contract_test 缺少 SessionLimitCache 参数问题 品牌修改： - 仅修改品牌显示名称为 TianShuAPI - 保持所有功能完整 - 恢复 docker-compose.1panel.yml 配置文件 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-01-17 01:52:16 +08:00
shaw	34415db7ed	fix: 修复 api_contract_test 缺少 SessionLimitCache 参数的问题	2026-01-16 23:53:54 +08:00
wfunc	452fa53c0d	feat: Claude Sonnet 429 仅限模型限流	2026-01-16 13:03:04 +08:00