480 Commits

Author	SHA1	Message	Date
huangzhenpc	e92cfe92d3	Merge branch 'main' of https://git.586vip.cn/oadmin/xinghuoapi ... # Conflicts: # frontend/src/views/auth/EmailVerifyView.vue	2026-03-08 17:57:36 +08:00
huangzhenpc	f29783a081	Merge remote-tracking branch 'upstream/main' ... # Conflicts: # frontend/src/components/layout/AuthLayout.vue	2026-03-08 17:56:51 +08:00
shaw	03bf348530	fix(lint): gofmt formatting fixes for 3 files ... Align struct field assignments and fix indentation detected by golangci-lint v2.9's gofmt checker.	2026-03-07 23:24:09 +08:00
shaw	a3791104f9	feat: 支持后台设置是否启用整流开关	2026-03-07 21:55:38 +08:00
shaw	92d35409de	feat: 为openai分组增加messages调度开关和默认映射模型	2026-03-07 17:02:19 +08:00
shaw	7079edc2d0	feat: announcement支持强制弹窗通知	2026-03-07 15:06:13 +08:00
shaw	a42a1f08e9	fix: 编辑error状态账号时保存报Status验证失败 ... 后端UpdateAccountRequest.Status的oneof验证缺少error状态， 前端编辑表单也未处理error状态，导致编辑异常账号时无法保存	2026-03-07 13:47:08 +08:00
shaw	7a353028e7	fix: 修复keys速率限制未自动重置额度的bug	2026-03-07 10:13:51 +08:00
shaw	1b4d2a41c9	fix(openai): /v1/messages端点补齐Codex用量快照提取与错误透传规则 ... 对齐/v1/responses的Forward方法，修复两处不一致： - 成功响应时从响应头提取OAuth账号的Codex使用量数据 - 非failover错误场景下应用管理员配置的错误透传规则	2026-03-07 08:40:07 +08:00
Wesley Liddick	f6709fb5d6	Merge pull request #824 from pkssssss/fix/ws-usage-window-pr ... fix(openai): 修复 WS 模式下用量窗口不显示	2026-03-06 22:45:36 +08:00
shaw	921599948b	feat: /v1/messages端点适配codex账号池	2026-03-06 22:44:07 +08:00
神乐	dd25281305	chore(test): resolve merge conflict for ws usage window pr	2026-03-06 21:16:21 +08:00
神乐	838ada8864	fix(openai): restore ws usage window display	2026-03-06 20:49:47 +08:00
Wesley Liddick	afbe8bf001	Merge pull request #809 from alfadb/feature/openai-messages ... feat(openai): 添加 /v1/messages 端点和 API 兼容层	2026-03-06 20:16:06 +08:00
神乐	3403909354	fix(openai): support remote compact task	2026-03-06 18:51:05 +08:00
wioos	60fce4f1dc	fix: 修复 lite 模式跳过窗口费用查询导致 $0.00 显示的问题 ... commit 80ae592c 引入 lite 模式优化首次加载性能，但将窗口费用查询也一起跳过了。 commit 491a7444 尝试用 30 秒快照缓存修复，但缓存过期后问题复现。 移除窗口费用查询的 lite/非 lite 区分，始终执行 PostgreSQL 聚合查询。 同时删除不再需要的 account_window_cost_cache.go 文件。 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-06 16:42:12 +08:00
alfadb	bc194a7d8c	fix: address PR review - Anthropic error format in panic recovery and nil guard ... - Add recoverAnthropicMessagesPanic for Messages handler to return Anthropic-formatted errors instead of OpenAI Responses format on panic - Add nil check for rateLimitService.HandleUpstreamError in ForwardAsAnthropic to match defensive pattern used elsewhere Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-06 15:40:15 +08:00
alfadb	ff1f114989	feat(openai): add /v1/messages endpoint and API compatibility layer ... Add Anthropic Messages API support for OpenAI platform groups, enabling clients using Claude-style /v1/messages format to access OpenAI accounts through automatic protocol conversion. - Add apicompat package with type definitions and bidirectional converters (Anthropic ↔ Chat, Chat ↔ Responses, Anthropic ↔ Responses) - Implement /v1/messages endpoint for OpenAI gateway with streaming support - Add model mapping UI for OpenAI OAuth accounts (whitelist + mapping modes) - Support prompt caching fields and codex OAuth transforms - Fix tool call ID conversion for Responses API (fc_ prefix) - Ensure function_call_output has non-empty output field Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-06 14:29:22 +08:00
shaw	491a744481	fix: 修复账号列表首次加载窗口费用显示 $0.00 ... lite 模式下从快照缓存读取窗口费用，非 lite 模式查询后写入缓存	2026-03-06 10:23:22 +08:00
Wesley Liddick	63a8c76946	Merge pull request #798 from touwaeriol/feature/account-load-factor ... feat: add account load_factor for scheduling load calculation	2026-03-06 09:42:10 +08:00
erio	0d6c1c7790	feat: add independent load_factor field for scheduling load calculation	2026-03-06 05:07:10 +08:00
erio	05527b13db	feat: add quota limit for API key accounts ... - Add configurable spending limit (quota_limit) for apikey-type accounts - Atomic quota accumulation via PostgreSQL JSONB operations on TotalCost - Scheduler filters out over-quota accounts with outbox-triggered snapshot refresh - Display quota usage ($used / $limit) in account capacity column - Add "Reset Quota" action in account menu to reset usage to zero - Editing account settings preserves quota_used (no accidental reset) - Covers all 3 billing paths: Anthropic, Gemini, OpenAI RecordUsage chore: bump version to 0.1.90.4	2026-03-06 00:35:09 +08:00
Wesley Liddick	32d619a56b	Merge pull request #780 from mt21625457/feat/codex-remote-compact-outcome-logging ... feat(openai-handler): support codex remote compact outcome logging	2026-03-05 16:59:02 +08:00
程序猿MT	61e9598b08	fix(lint): remove redundant context type in compact outcome logger	2026-03-05 16:51:46 +08:00
程序猿MT	bfe7a5e452	test(openai-handler): add codex remote compact outcome coverage	2026-03-05 16:46:14 +08:00
程序猿MT	77d916ffec	feat(openai-handler): support codex remote compact outcome logging	2026-03-05 16:46:12 +08:00
guoyongchang	831abf7977	refactor: 移除冗余中间类型和不必要代码 ... - 移除 ScheduledTestOutcome 中间类型，RunTestBackground 直接返回 *ScheduledTestResult - 简化 SaveResult 直接接受 *ScheduledTestResult - 移除 handler 中不必要的 nil 检查 - 移除前端 ScheduledTestsPanel 中多余的 String() 转换 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-05 16:37:07 +08:00
guoyongchang	3a089242f8	feat: 支持基于 crontab 的定时账号测试 ... 每个测试计划绑定一个账号和一个模型，按 cron 表达式定期执行测试， 保存历史结果并在前端账号管理页面中提供完整的增删改查和结果查看功能。 主要变更： - 新增 scheduled_test_plans / scheduled_test_results 两张表及迁移 - 后端 service 层：CRUD 服务 + 后台 cron runner（每分钟扫描到期计划并发执行） - RunTestBackground 方法通过 httptest 在内存中执行账号测试并解析 SSE 输出 - Redis leader lock + pg_try_advisory_lock 双重保障多实例部署只执行一次 - REST API：5 个管理端点（计划 CRUD + 结果查询） - 前端 ScheduledTestsPanel 组件：计划管理、启用开关、内联编辑、结果展开查看 - 中英文 i18n 支持 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-05 16:06:05 +08:00
shaw	33988637b5	fix: SMTP测试连接和发送测试邮件返回具体错误信息而非internal error	2026-03-05 10:54:41 +08:00
shaw	078fefed03	fix: 修复账号管理页面容量列显示为0的bug	2026-03-05 09:48:00 +08:00
Wesley Liddick	27abae21b8	Merge pull request #724 from PMExtra/feat/registration-email-domain-whitelist ... feat(registration): add email domain whitelist policy	2026-03-04 15:51:51 +08:00
shaw	0819c8a51a	refactor: 消除重复的 normalizeAccountIDList，补充 PR#754 新增组件的单元测试 ... - 删除 account_today_stats_cache.go 中重复的 normalizeAccountIDList，统一使用 id_list_utils.go 的 normalizeInt64IDList - 新增 snapshot_cache_test.go：覆盖 snapshotCache、buildETagFromAny、parseBoolQueryWithDefault - 新增 id_list_utils_test.go：覆盖 normalizeInt64IDList、buildAccountTodayStatsBatchCacheKey - 新增 ops_query_mode_test.go：覆盖 shouldFallbackOpsPreagg、cloneOpsFilterWithMode	2026-03-04 15:22:46 +08:00
Wesley Liddick	9dcd3cd491	Merge pull request #754 from xvhuan/perf/admin-core-large-dataset ... perf(admin): 优化后台大数据场景加载性能（仪表盘/用户/账号/Ops）	2026-03-04 15:15:13 +08:00
Wesley Liddick	49767cccd2	Merge pull request #755 from xvhuan/perf/admin-usage-fast-pagination-main ... perf(admin-usage): 优化 usage 大表分页，默认避免全量 COUNT(*)	2026-03-04 14:15:57 +08:00
xvhuan	f6fe5b552d	fix(admin): resolve CI lint and user subscriptions regression	2026-03-04 14:07:17 +08:00
PMExtra	bd0801a887	feat(registration): add email domain whitelist policy	2026-03-04 13:54:18 +08:00
xvhuan	05b1c66aa8	perf(admin-usage): avoid expensive count on large usage_logs pagination	2026-03-04 13:51:27 +08:00
xvhuan	80ae592c23	perf(admin): optimize large-dataset loading for dashboard/users/accounts/ops	2026-03-04 13:45:49 +08:00
shaw	ba6de4c4d4	feat: /keys页面支持表单筛选	2026-03-04 11:29:31 +08:00
Wesley Liddick	a11ac188c2	Merge pull request #738 from DaydreamCoding/feat/ungrouped-key-setting ... feat(gateway): 系统设置控制未分组 Key 调度 — Handler 层中间件拦截	2026-03-03 21:03:31 +08:00
shaw	838dad8759	feat: 重构 /v1/usage 端点，支持 quota_limited 和 unrestricted 双模式 ... - quota_limited 模式：返回 Key 级别的总额度、速率限制窗口用量和过期时间 - unrestricted 模式：返回订阅限额或钱包余额信息（向后兼容） - 新增 model_stats 字段，支持 start_date/end_date 参数查询按模型用量统计 - 提取 buildUsageData/parseUsageDateRange 等辅助方法，减少主函数复杂度 - 新增 APIKeyService.GetRateLimitData 和 UsageService.GetAPIKeyModelStats	2026-03-03 20:59:12 +08:00
QTom	0c7cbe3566	feat(gateway): 系统设置控制未分组 Key 调度 — Handler 层中间件拦截 ... 新增系统设置 allow_ungrouped_key_scheduling（默认关闭）， 未分组的 API Key 在网关请求时直接返回 403， 由 RequireGroupAssignment 中间件统一拦截， 支持 Anthropic / Google 两种错误格式响应。 全栈实现：常量 → 结构体 → 解析/更新/初始化 → DTO → 管理接口 → 中间件 → 路由注册 → 前端设置界面 + i18n。	2026-03-03 19:56:27 +08:00
shaw	b8b5cec35c	fix: resolve CI lint errors and test compilation failures for rate limit feature ... - Fix errcheck: properly handle rows.Close() error via named return + defer closure - Fix gofmt: auto-format billing_cache.go, api_key_service.go, billing_cache_service.go - Add missing rate limit interface methods to 4 test stubs (GetRateLimitData, IncrementRateLimitUsage, ResetRateLimitWindows) - Fix NewBillingCacheService calls missing the new apiKeyRepo parameter	2026-03-03 15:43:08 +08:00
Wesley Liddick	43c203333e	Merge pull request #733 from DaydreamCoding/fix/group-isolation ... fix(gateway): 分组隔离 — 禁止未分组账号被跨组调度	2026-03-03 15:10:30 +08:00
shaw	a80ec5d8bb	feat: apikey支持5h/1d/7d速率控制	2026-03-03 15:01:10 +08:00
QTom	530a16291c	fix(gateway): 分组隔离 — 禁止未分组账号被跨组调度 ... 当 API Key 无分组时，调度仅从未分组账号池中选取。 修复 isAccountInGroup 在 groupID==nil 时的逻辑， 同时补全 scheduler_snapshot_service 和 gemini_compat_service 中的 SimpleMode 保护，确保分组隔离在所有调度路径生效。 新增 ListSchedulableUngroupedByPlatform/s 方法， 使用 Ent 的 Not(HasAccountGroups()) 谓词实现未分组账号隔离。 新增 17 个单元和端到端隔离测试，覆盖所有分支和边界条件。	2026-03-03 13:20:58 +08:00
huangzhenpc	7b01adabe3	fix: 移除 system_handler.go 未使用的 net/http 导入 ... 合并上游后 CheckUpdates 方法不再使用 http 包，删除多余导入修复编译错误。 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-03 10:46:12 +08:00
huangzhenpc	7e1f692004	同步上游至最新版本并重新应用自定义配置 ... 上游新增功能： - 双模式用户消息队列（串行队列 + 软性限速） - 自定义菜单页面（iframe嵌入 + CSP注入） - 代理URL集中验证与全局fail-fast - 新用户默认订阅设置 - 指纹缓存TTL懒续期机制 - 分组用量分布图表 - 代理密码可见性 + 复制代理URL - 大量bug修复和性能优化 自定义配置保留： - 品牌化：Sub2API → StarFireAPI - 链接：GitHub → anthropic.edu.pl 官网 - docker-compose：starfireapi镜像、端口6580、外部Redis、项目名xinghuoapi - 更新模块禁用：后端始终返回无更新、前端隐藏更新UI Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-03 10:15:24 +08:00
Wesley Liddick	b7df7ce5d5	Merge pull request #726 from DaydreamCoding/feat/dual-mode-umq ... feat(gateway): 双模式用户消息队列 — 串行队列 + 软性限速	2026-03-03 08:41:34 +08:00
erio	e97c376681	fix: security hardening and architectural improvements for custom menu ... 1. (Critical) Filter admin-only menu items from public API responses - both GetPublicSettings handler and GetPublicSettingsForInjection now exclude visibility=admin items, preventing unauthorized access to admin menu URLs. 2. (Medium) Validate JSON array structure in sanitizeCustomMenuItemsJSON - use json.Unmarshal into []json.RawMessage instead of json.Valid to reject non-array JSON values that would cause frontend runtime errors. 3. (Medium) Decouple router from business JSON parsing - move origin extraction logic from router.go to SettingService.GetFrameSrcOrigins, eliminating direct JSON parsing of custom_menu_items in the routing layer. 4. (Low) Restrict custom menu item ID charset to [a-zA-Z0-9_-] via regex validation, preventing route-breaking characters like / ? # or spaces. 5. (Low) Handle crypto/rand error in generateMenuItemID - return error instead of silently ignoring, preventing potential duplicate IDs. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-03 07:05:01 +08:00