oadmin/xinghuoapi
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
1,787 Commits 1 Branch 0 Tags
9fd95df5cf276ab545f82591de47d8a82bd2cf89
Commit Graph

410 Commits

Author SHA1 Message Date
Wesley Liddick
9fd95df5cf Merge pull request #679 from DaydreamCoding/feat/account-rpm-limit 
feat: 添加账号级别 RPM(每分钟请求数)限流功能
 2026-02-28 22:37:10 +08:00
QTom
212cbbd3a2 fix: add missing rpmCache nil arg in sora_client_handler_test 2026-02-28 21:30:59 +08:00
QTom
6f9e690345 test(sora): 补充测试 stub 中缺失的 AddGroupToAllowedGroups 方法 
feat/admin-apikey-group-update 分支给 UserRepository 接口新增了
AddGroupToAllowedGroups 方法,需要在测试 stub 中补充实现以通过编译。
- sora_client_handler_test.go: stubUserRepoForHandler
- sora_generation_service_test.go: stubUserRepoForQuota
 2026-02-28 20:55:31 +08:00
QTom
115d06edf0 fix: 修复 gofmt 格式问题 2026-02-28 20:38:35 +08:00
QTom
e135435ce2 fix: sync test constructor calls with new rpmCache parameter 
Add missing nil argument for rpmCache to NewAccountHandler (5 sites)
and NewGatewayService (2 sites) after RPM feature expanded their
signatures.
 2026-02-28 20:38:35 +08:00
QTom
cd09adc3cc fix: add sanitizeExtraBaseRPM to BatchCreate handler 
Ensures base_rpm validation (clamp 0-10000) is consistent across
all four account mutation paths: Create, Update, BulkUpdate, BatchCreate.
 2026-02-28 20:38:06 +08:00
QTom
2491e9b5ad fix: round-3 review fixes for RPM limiting 
- Add sanitizeExtraBaseRPM to BulkUpdate handler (was missing)
- Add WindowCost scheduling checks to legacy non-sticky selection
  paths (4 sites), matching existing sticky + load-aware coverage
- Export ParseExtraInt from service package, remove duplicate
  parseExtraIntForValidation from admin handler
 2026-02-28 20:38:06 +08:00
QTom
e63c83955a fix: address deep code review issues for RPM limiting 
- Move IncrementRPM after Forward success to prevent phantom RPM
  consumption during account switch retries
- Add base_rpm input sanitization (clamp to 0-10000) in Create/Update
- Add WindowCost scheduling checks to legacy path sticky sessions
  (4 check sites + 4 prefetch sites), fixing pre-existing gap
- Clean up rpm_strategy/rpm_sticky_buffer when disabling RPM in
  BulkEditModal (JSONB merge cannot delete keys, use empty values)
- Add json.Number test cases to TestGetBaseRPM/TestGetRPMStickyBuffer
- Document TOCTOU race as accepted soft-limit design trade-off
 2026-02-28 20:38:06 +08:00
QTom
607237571f fix: address code review issues for RPM limiting feature 
- Use TxPipeline (MULTI/EXEC) instead of Pipeline for atomic INCR+EXPIRE
- Filter negative values in GetBaseRPM(), update test expectation
- Add RPM batch query (GetRPMBatch) to account List API
- Add warn logs for RPM increment failures in gateway handler
- Reset enableRpmLimit on BulkEditAccountModal close
- Use union type 'tiered' | 'sticky_exempt' for rpmStrategy refs
- Add design decision comments for rdb.Time() RTT trade-off
 2026-02-28 20:37:37 +08:00
QTom
37fa980565 feat: flatten RPM config fields in Account DTO 2026-02-28 20:37:10 +08:00
QTom
f648b8e026 feat: increment RPM counter before request forwarding 2026-02-28 20:37:10 +08:00
QTom
c1c31ed9b2 feat: wire RPMCache into GatewayService and AccountHandler 2026-02-28 20:35:38 +08:00
QTom
9a91815b94 feat(admin): 完整实现管理员修改用户 API Key 分组的功能 
## 核心功能
- 添加 AdminUpdateAPIKeyGroupID 服务方法,支持绑定/解绑/保持不变三态语义
- 实现 UserRepository.AddGroupToAllowedGroups 接口,自动同步专属分组权限
- 添加 HTTP PUT /api-keys/:id handler 端点,支持管理员直接修改 API Key 分组

## 事务一致性
- 使用 ent Tx 保证专属分组绑定时「添加权限」和「更新 Key」的原子性
- Repository 方法支持 clientFromContext,兼容事务内调用
- 事务失败时自动回滚,避免权限孤立

## 业务逻辑
- 订阅类型分组阻断,需通过订阅管理流程
- 非活跃分组拒绝绑定
- 负 ID 和非法 ID 验证
- 自动授权响应,告知管理员成功授权的分组

## 代码质量
- 16 个单元测试覆盖所有业务路径和边界用例
- 7 个 handler 集成测试覆盖 HTTP 层
- GroupRepo stub 返回克隆副本,防止测试间数据泄漏
- API 类型安全修复(PaginatedResponse<ApiKey>)
- 前端 ref 回调类型对齐 Vue 规范

## 国际化支持
- 中英文提示信息完整
- 自动授权成功/失败提示
 2026-02-28 20:18:14 +08:00
QTom
000e621eb6 feat(admin): 添加管理员直接修改用户 API Key 分组的功能 
- 新增 PUT /api/v1/admin/api-keys/:id 端点,允许管理员修改任意用户 API Key 的分组绑定
- 跳过用户级权限校验但保留分组有效性验证,修改后触发认证缓存失效
- Service 层支持三态语义:nil=不修改,0=解绑,>0=绑定,<0=拒绝
- 指针值拷贝保证安全隔离,负数 groupID 返回 400 INVALID_GROUP_ID
- 前端 UserApiKeysModal 新增可点击的分组选择下拉框,支持多 Key 并发更新
- 下拉支持视口翻转和滚动关闭,按钮有 disabled 和加载状态
- 覆盖:后端 20 个单元测试 (Service 11 + Handler 9) + 前端 16 个 E2E 测试
- golangci-lint 0 issues, make test-unit 全部通过
 2026-02-28 20:18:14 +08:00
yangjianbo
1d1fc019dc fix(lint): resolve data management staticcheck warnings 2026-02-28 15:05:54 +08:00
yangjianbo
bb664d9bbf feat(sync): full code sync from release 2026-02-28 15:01:20 +08:00
cagedbird043
ba69736f55 refactor(admin): 测试连接模型列表改为复用 antigravity.DefaultModels,消除硬编码重复 2026-02-26 13:34:10 +08:00
cagedbird043
5d95e59742 fix(admin): 补全 antigravity 测试连接下拉框的 Gemini 模型列表 2026-02-25 18:51:47 +08:00
erio
8365a8328b merge: resolve conflicts with upstream/main (Gemini 3→3.1 mappings) 2026-02-25 00:38:39 +08:00
erio
d8d4b0c0c7 fix: enable Gemini model_mapping UI and extend warmup to Antigravity 
- Remove Gemini platform exclusion from model restriction UI in
  Create/Edit account modals (Gemini now supports model_mapping)
- Remove outdated Gemini model passthrough info cards
- Add model_mapping field to GeminiCredentials type
- Extend warmup request interception toggle to Antigravity platform
- Remove redundant try/catch in API key account creation
- Remove noisy gateway.request_completed debug log
- Reorganize Gemini model mapping sections in constants.go
 2026-02-24 21:30:32 +08:00
cagedbird043
0dbea6ca58 fix: 修复 Gemini 授权链接生成失败并改进错误提示 2026-02-24 20:04:05 +08:00
erio
86bc76e352 test: add warmup request interception unit tests 
Add comprehensive tests for warmup request interception behavior
covering Antigravity accounts with various credential configurations.
 2026-02-24 18:55:11 +08:00
erio
09166a52f8 refactor: extract failover error handling into FailoverState 
- Extract duplicated failover logic from gateway_handler.go (3 places)
  and gemini_v1beta_handler.go into shared failover_loop.go
- Introduce FailoverState with HandleFailoverError and HandleSelectionExhausted
- Move helper functions (needForceCacheBilling, sleepWithContext) into failover_loop.go
- Add comprehensive unit tests (32+ test cases)
- Delete redundant gateway_handler_single_account_retry_test.go
 2026-02-24 18:08:04 +08:00
erio
aaac1aaca9 feat: add mixed-channel precheck API for account-group binding 
Add a dedicated CheckMixedChannel endpoint that allows the frontend
to pre-validate mixed channel risk before submitting create/update
requests. This improves UX by showing warnings earlier in the flow
instead of only after form submission.

Backend changes:
- Add CheckMixedChannelRequest struct and CheckMixedChannel handler
- Register POST /check-mixed-channel route
- Expose CheckMixedChannelRisk as public method on AdminService
- Simplify Create/Update 409 responses (remove details/require_confirmation)
- Add comprehensive handler tests and stub methods

Frontend changes:
- Add checkMixedChannelRisk API function and TypeScript types
- Refactor CreateAccountModal to precheck before step transition and submission
- Refactor EditAccountModal to precheck before update submission
- Replace pendingPayload pattern with action-based dialog flow
 2026-02-24 17:16:53 +08:00
yangjianbo
5fa45f3b8c feat(idempotency): 为关键写接口接入幂等并完善并发容错 2026-02-23 12:45:37 +08:00
yangjianbo
7be1195281 feat(api-key): 增加 API Key 上次使用时间并补齐测试 2026-02-22 22:07:17 +08:00
yangjianbo
2ee6c26676 fix(gateway): 修复粘性会话预取分组错配并优化并发等待热路径 2026-02-22 16:43:33 +08:00
yangjianbo
a89477ddf5 perf(gateway): 优化热点路径并补齐高覆盖测试 2026-02-22 13:31:30 +08:00
yangjianbo
33db7a0fb6 feat(gateway): 引入使用量记录有界 worker 池与自动扩缩容 
- 新增 UsageRecordWorkerPool,支持有界队列、溢出降级策略与自动扩缩容
- 将 Gateway/OpenAI/Sora/Gemini 使用量记录改为提交到统一任务池执行
- 增加 usage_record 配置默认值与校验规则,并补充配置与任务提交相关测试
- 注入并托管 worker 池生命周期,服务退出时统一 StopAndWait

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-22 12:56:57 +08:00
yangjianbo
f8ac5538e2 Merge branch 'test' into release 2026-02-21 22:00:16 +08:00
yangjianbo
fdfc739b72 fix(anthropic): 补齐创建账号页自动透传开关并验证后端透传参数 
- 在 CreateAccountModal 为 Anthropic API Key 增加自动透传开关

- 创建请求写入 extra.anthropic_passthrough 并补充状态重置

- 新增 AccountHandler 单测,验证 extra 字段从请求到 CreateAccountInput 的透传
 2026-02-21 14:40:31 +08:00
yangjianbo
987589eabc Merge branch 'test' into release 2026-02-21 10:07:53 +08:00
yangjianbo
d14c24bbf3 feat(proxy): 持久化质量检测结果并在列表展示 2026-02-20 12:13:04 +08:00
yangjianbo
48dc011b2a test(admin,service): 修复代理质量与计费单测口径 2026-02-19 21:39:31 +08:00
yangjianbo
b341810e60 fix(sora): 优化 challenge 重试与调试日志 2026-02-19 21:38:04 +08:00
yangjianbo
46d9aee6dd feat(proxy,sora): 增强代理质量检测与Sora稳定性并修复审查问题 2026-02-19 21:18:35 +08:00
yangjianbo
40498aac9d feat(sora): 对齐sora2api分镜角色去水印与挑战错误治理 2026-02-19 20:04:10 +08:00
yangjianbo
440b87094a fix(sora): 增强 Cloudflare 挑战识别并收敛 Sora 请求链路 
- 在 failover 场景透传上游响应头并识别 Cloudflare challenge/cf-ray

- 统一 Sora 任务请求的 UA 与代理使用,sentinel 与业务请求保持一致

- 修复流式错误事件 JSON 转义问题并补充相关单元测试
 2026-02-19 15:09:58 +08:00
yangjianbo
5d2219d299 fix(sora): 修复令牌刷新请求格式与流式错误转义 
- 将 refresh_token 恢复请求改为表单编码并匹配 OAuth 约定
- 流式错误改为 JSON 序列化,避免消息含引号或换行导致 SSE 非法
- 补充 Sora token 恢复与 failover 流式错误透传回归测试

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-19 08:23:00 +08:00
yangjianbo
900cce20a1 feat(sora): 对齐 Sora OAuth 流程并隔离网关请求路径 
- 新增并接通 Sora 专用 OAuth 接口与 ST/RT 换取能力
- 完成前端 Sora 授权、RT/ST 手动导入与账号创建流程
- 强化 Sora token 恢复、转发日志与网关路由隔离行为
- 补充后端服务层与路由层相关测试覆盖

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-19 08:02:56 +08:00
yangjianbo
36bb327024 fix: 更新 ListWithFilters 方法以支持 groupID 参数 2026-02-18 20:52:35 +08:00
yangjianbo
5d9667d27a Merge branch 'main' into test 
# Conflicts:
#	backend/cmd/server/VERSION
#	backend/ent/migrate/schema.go
#	backend/ent/mutation.go
#	backend/ent/runtime/runtime.go
#	backend/ent/usagelog.go
#	backend/ent/usagelog/usagelog.go
#	backend/ent/usagelog/where.go
#	backend/ent/usagelog_create.go
#	backend/ent/usagelog_update.go
#	backend/internal/repository/usage_log_repo.go
#	backend/internal/server/api_contract_test.go
#	backend/internal/server/middleware/cors.go
#	backend/internal/service/gateway_service.go
 2026-02-18 20:16:31 +08:00
yangjianbo
fad04ca995 Merge branch 'main' of https://github.com/mt21625457/aicodex2api 2026-02-18 20:10:32 +08:00
John Doe
3d1f03c286 feat: add Cache TTL Override per account + bump VERSION to 0.1.83 
- Account-level cache TTL override: rewrite Anthropic cache_creation
  token classification (5m↔1h) in streaming/non-streaming responses
- New DB field cache_ttl_overridden in usage_log for billing tracking
- Migration 055_add_cache_ttl_overridden
- Frontend: CacheTTL override toggle in account create/edit modals
- Ent schema regenerated for new usage_log fields

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 14:19:24 +03:00
yangjianbo
41d0383fb7 merge(test): 合并 main 并解决前端筛选器冲突 2026-02-15 22:04:06 +08:00
程序猿MT
1cf51b14f7 Merge branch 'Wei-Shaw:main' into main 2026-02-15 20:49:14 +08:00
yangjianbo
06b0f62e79 feat(accounts): 自动刷新改为ETag增量同步并优化单账号更新体验 
- 前端自动刷新改为 ETag/304 增量合并,减少全量重刷

- 单账号更新后增加静默窗口,避免刚更新即被自动刷新覆盖

- 列表筛选移除时改为待同步提示,不再立即触发全量补页

- 后端账号列表支持 If-None-Match,命中返回 304

- 单账号接口统一补充运行时容量字段并暴露 ETag 头
 2026-02-14 13:22:51 +08:00
yangjianbo
9cafa46dd3 fix(accounts): 账号管理改为单行增量更新并避免全量刷新 
- 将编辑与重新授权成功事件改为回传更新后的账号对象
- 在账号列表页按 id 就地补丁更新单行数据并保留运行时容量字段
- 单账号操作(刷新凭证/清错/清限流/临时不可调度重置)改为单行更新
- 后端增强 clear-rate-limit 接口,返回更新后的账号对象
- 同步前端 clearRateLimit API 类型定义

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-14 12:06:17 +08:00
yangjianbo
d04b47b3ca feat(backend): 提交后端审计修复与配套测试改动 2026-02-14 11:23:10 +08:00
yangjianbo
abf5de69fb Merge branch 'main' into test 2026-02-12 23:43:47 +08:00