2025-12-18 13:50:39 +08:00
package admin
import (
2026-03-02 19:37:40 +08:00
"crypto/rand"
"encoding/hex"
"encoding/json"
2026-02-28 15:01:20 +08:00
"fmt"
2026-04-13 21:54:01 +08:00
"log/slog"
2026-03-01 15:35:46 +08:00
"net/http"
"regexp"
2026-01-09 13:52:27 +08:00
"strings"
2026-01-02 17:40:57 +08:00
2026-01-09 19:32:06 +08:00
"github.com/Wei-Shaw/sub2api/internal/config"
2025-12-26 15:40:24 +08:00
"github.com/Wei-Shaw/sub2api/internal/handler/dto"
2025-12-24 21:07:21 +08:00
"github.com/Wei-Shaw/sub2api/internal/pkg/response"
2026-01-02 17:40:57 +08:00
"github.com/Wei-Shaw/sub2api/internal/server/middleware"
2025-12-24 21:07:21 +08:00
"github.com/Wei-Shaw/sub2api/internal/service"
2025-12-18 13:50:39 +08:00
"github.com/gin-gonic/gin"
)
2026-03-01 15:35:46 +08:00
// semverPattern 预编译 semver 格式校验正则
var semverPattern = regexp . MustCompile ( ` ^\d+\.\d+\.\d+$ ` )
2026-03-03 07:05:01 +08:00
// menuItemIDPattern validates custom menu item IDs: alphanumeric, hyphens, underscores only.
var menuItemIDPattern = regexp . MustCompile ( ` ^[a-zA-Z0-9_-]+$ ` )
2026-03-02 19:37:40 +08:00
// generateMenuItemID generates a short random hex ID for a custom menu item.
2026-03-03 07:05:01 +08:00
func generateMenuItemID ( ) ( string , error ) {
2026-03-02 19:37:40 +08:00
b := make ( [ ] byte , 8 )
2026-03-03 07:05:01 +08:00
if _ , err := rand . Read ( b ) ; err != nil {
return "" , fmt . Errorf ( "generate menu item ID: %w" , err )
}
return hex . EncodeToString ( b ) , nil
2026-03-02 19:37:40 +08:00
}
2026-03-13 23:38:58 +08:00
func scopesContainOpenID ( scopes string ) bool {
for _ , scope := range strings . Fields ( strings . ToLower ( strings . TrimSpace ( scopes ) ) ) {
if scope == "openid" {
return true
}
}
return false
}
2025-12-18 13:50:39 +08:00
// SettingHandler 系统设置处理器
type SettingHandler struct {
2026-04-10 21:08:51 +08:00
settingService * service . SettingService
emailService * service . EmailService
turnstileService * service . TurnstileService
opsService * service . OpsService
paymentConfigService * service . PaymentConfigService
paymentService * service . PaymentService
2025-12-18 13:50:39 +08:00
}
// NewSettingHandler 创建系统设置处理器
2026-04-10 21:08:51 +08:00
func NewSettingHandler ( settingService * service . SettingService , emailService * service . EmailService , turnstileService * service . TurnstileService , opsService * service . OpsService , paymentConfigService * service . PaymentConfigService , paymentService * service . PaymentService ) * SettingHandler {
2025-12-18 13:50:39 +08:00
return & SettingHandler {
2026-04-10 21:08:51 +08:00
settingService : settingService ,
emailService : emailService ,
turnstileService : turnstileService ,
opsService : opsService ,
paymentConfigService : paymentConfigService ,
paymentService : paymentService ,
2025-12-18 13:50:39 +08:00
}
}
// GetSettings 获取所有系统设置
// GET /api/v1/admin/settings
func ( h * SettingHandler ) GetSettings ( c * gin . Context ) {
settings , err := h . settingService . GetAllSettings ( c . Request . Context ( ) )
if err != nil {
2025-12-25 20:52:47 +08:00
response . ErrorFrom ( c , err )
2025-12-18 13:50:39 +08:00
return
}
2026-01-11 20:10:08 +08:00
// Check if ops monitoring is enabled (respects config.ops.enabled)
opsEnabled := h . opsService != nil && h . opsService . IsMonitoringEnabled ( c . Request . Context ( ) )
2026-03-02 03:41:50 +08:00
defaultSubscriptions := make ( [ ] dto . DefaultSubscriptionSetting , 0 , len ( settings . DefaultSubscriptions ) )
for _ , sub := range settings . DefaultSubscriptions {
defaultSubscriptions = append ( defaultSubscriptions , dto . DefaultSubscriptionSetting {
GroupID : sub . GroupID ,
ValidityDays : sub . ValidityDays ,
} )
}
2026-01-11 20:10:08 +08:00
2026-04-10 21:08:51 +08:00
// Load payment config
var paymentCfg * service . PaymentConfig
if h . paymentConfigService != nil {
paymentCfg , _ = h . paymentConfigService . GetPaymentConfig ( c . Request . Context ( ) )
}
if paymentCfg == nil {
paymentCfg = & service . PaymentConfig { }
}
2025-12-26 15:40:24 +08:00
response . Success ( c , dto . SystemSettings {
2026-01-09 13:52:27 +08:00
RegistrationEnabled : settings . RegistrationEnabled ,
EmailVerifyEnabled : settings . EmailVerifyEnabled ,
2026-03-02 23:13:39 +08:00
RegistrationEmailSuffixWhitelist : settings . RegistrationEmailSuffixWhitelist ,
2026-01-20 15:56:26 +08:00
PromoCodeEnabled : settings . PromoCodeEnabled ,
2026-01-24 22:33:45 +08:00
PasswordResetEnabled : settings . PasswordResetEnabled ,
2026-03-15 17:52:29 +08:00
FrontendURL : settings . FrontendURL ,
2026-01-29 16:29:59 +08:00
InvitationCodeEnabled : settings . InvitationCodeEnabled ,
2026-01-26 08:45:43 +08:00
TotpEnabled : settings . TotpEnabled ,
TotpEncryptionKeyConfigured : h . settingService . IsTotpEncryptionKeyConfigured ( ) ,
2026-01-09 13:52:27 +08:00
SMTPHost : settings . SMTPHost ,
SMTPPort : settings . SMTPPort ,
SMTPUsername : settings . SMTPUsername ,
SMTPPasswordConfigured : settings . SMTPPasswordConfigured ,
SMTPFrom : settings . SMTPFrom ,
SMTPFromName : settings . SMTPFromName ,
SMTPUseTLS : settings . SMTPUseTLS ,
TurnstileEnabled : settings . TurnstileEnabled ,
TurnstileSiteKey : settings . TurnstileSiteKey ,
TurnstileSecretKeyConfigured : settings . TurnstileSecretKeyConfigured ,
LinuxDoConnectEnabled : settings . LinuxDoConnectEnabled ,
LinuxDoConnectClientID : settings . LinuxDoConnectClientID ,
LinuxDoConnectClientSecretConfigured : settings . LinuxDoConnectClientSecretConfigured ,
LinuxDoConnectRedirectURL : settings . LinuxDoConnectRedirectURL ,
2026-03-13 23:38:58 +08:00
OIDCConnectEnabled : settings . OIDCConnectEnabled ,
OIDCConnectProviderName : settings . OIDCConnectProviderName ,
OIDCConnectClientID : settings . OIDCConnectClientID ,
OIDCConnectClientSecretConfigured : settings . OIDCConnectClientSecretConfigured ,
OIDCConnectIssuerURL : settings . OIDCConnectIssuerURL ,
OIDCConnectDiscoveryURL : settings . OIDCConnectDiscoveryURL ,
OIDCConnectAuthorizeURL : settings . OIDCConnectAuthorizeURL ,
OIDCConnectTokenURL : settings . OIDCConnectTokenURL ,
OIDCConnectUserInfoURL : settings . OIDCConnectUserInfoURL ,
OIDCConnectJWKSURL : settings . OIDCConnectJWKSURL ,
OIDCConnectScopes : settings . OIDCConnectScopes ,
OIDCConnectRedirectURL : settings . OIDCConnectRedirectURL ,
OIDCConnectFrontendRedirectURL : settings . OIDCConnectFrontendRedirectURL ,
OIDCConnectTokenAuthMethod : settings . OIDCConnectTokenAuthMethod ,
OIDCConnectUsePKCE : settings . OIDCConnectUsePKCE ,
OIDCConnectValidateIDToken : settings . OIDCConnectValidateIDToken ,
OIDCConnectAllowedSigningAlgs : settings . OIDCConnectAllowedSigningAlgs ,
OIDCConnectClockSkewSeconds : settings . OIDCConnectClockSkewSeconds ,
OIDCConnectRequireEmailVerified : settings . OIDCConnectRequireEmailVerified ,
OIDCConnectUserInfoEmailPath : settings . OIDCConnectUserInfoEmailPath ,
OIDCConnectUserInfoIDPath : settings . OIDCConnectUserInfoIDPath ,
OIDCConnectUserInfoUsernamePath : settings . OIDCConnectUserInfoUsernamePath ,
2026-01-09 13:52:27 +08:00
SiteName : settings . SiteName ,
SiteLogo : settings . SiteLogo ,
SiteSubtitle : settings . SiteSubtitle ,
APIBaseURL : settings . APIBaseURL ,
ContactInfo : settings . ContactInfo ,
DocURL : settings . DocURL ,
2026-01-10 18:37:44 +08:00
HomeContent : settings . HomeContent ,
2026-01-19 19:25:16 +08:00
HideCcsImportButton : settings . HideCcsImportButton ,
2026-01-28 13:54:32 +08:00
PurchaseSubscriptionEnabled : settings . PurchaseSubscriptionEnabled ,
PurchaseSubscriptionURL : settings . PurchaseSubscriptionURL ,
2026-04-09 18:14:28 +08:00
TableDefaultPageSize : settings . TableDefaultPageSize ,
TablePageSizeOptions : settings . TablePageSizeOptions ,
2026-03-03 02:18:19 +08:00
CustomMenuItems : dto . ParseCustomMenuItems ( settings . CustomMenuItems ) ,
2026-03-24 10:13:28 +08:00
CustomEndpoints : dto . ParseCustomEndpoints ( settings . CustomEndpoints ) ,
2026-01-09 13:52:27 +08:00
DefaultConcurrency : settings . DefaultConcurrency ,
DefaultBalance : settings . DefaultBalance ,
2026-03-02 03:41:50 +08:00
DefaultSubscriptions : defaultSubscriptions ,
2026-01-09 13:52:27 +08:00
EnableModelFallback : settings . EnableModelFallback ,
FallbackModelAnthropic : settings . FallbackModelAnthropic ,
FallbackModelOpenAI : settings . FallbackModelOpenAI ,
FallbackModelGemini : settings . FallbackModelGemini ,
FallbackModelAntigravity : settings . FallbackModelAntigravity ,
EnableIdentityPatch : settings . EnableIdentityPatch ,
IdentityPatchPrompt : settings . IdentityPatchPrompt ,
2026-01-11 20:10:08 +08:00
OpsMonitoringEnabled : opsEnabled && settings . OpsMonitoringEnabled ,
2026-01-11 11:11:37 +08:00
OpsRealtimeMonitoringEnabled : settings . OpsRealtimeMonitoringEnabled ,
OpsQueryModeDefault : settings . OpsQueryModeDefault ,
OpsMetricsIntervalSeconds : settings . OpsMetricsIntervalSeconds ,
2026-03-01 15:35:46 +08:00
MinClaudeCodeVersion : settings . MinClaudeCodeVersion ,
2026-03-20 09:10:01 +08:00
MaxClaudeCodeVersion : settings . MaxClaudeCodeVersion ,
2026-03-03 19:56:27 +08:00
AllowUngroupedKeyScheduling : settings . AllowUngroupedKeyScheduling ,
2026-03-12 02:42:57 +03:00
BackendModeEnabled : settings . BackendModeEnabled ,
2026-03-26 10:22:03 +08:00
EnableFingerprintUnification : settings . EnableFingerprintUnification ,
EnableMetadataPassthrough : settings . EnableMetadataPassthrough ,
2026-04-08 16:11:19 +08:00
EnableCCHSigning : settings . EnableCCHSigning ,
2026-04-12 13:11:46 +08:00
WebSearchEmulationEnabled : settings . WebSearchEmulationEnabled ,
2026-04-12 13:53:02 +08:00
BalanceLowNotifyEnabled : settings . BalanceLowNotifyEnabled ,
BalanceLowNotifyThreshold : settings . BalanceLowNotifyThreshold ,
2026-04-13 19:02:40 +08:00
BalanceLowNotifyRechargeURL : settings . BalanceLowNotifyRechargeURL ,
2026-04-13 15:30:06 +08:00
AccountQuotaNotifyEnabled : settings . AccountQuotaNotifyEnabled ,
2026-04-13 00:52:42 +08:00
AccountQuotaNotifyEmails : dto . NotifyEmailEntriesFromService ( settings . AccountQuotaNotifyEmails ) ,
2026-04-10 21:08:51 +08:00
PaymentEnabled : paymentCfg . Enabled ,
PaymentMinAmount : paymentCfg . MinAmount ,
PaymentMaxAmount : paymentCfg . MaxAmount ,
PaymentDailyLimit : paymentCfg . DailyLimit ,
PaymentOrderTimeoutMin : paymentCfg . OrderTimeoutMin ,
PaymentMaxPendingOrders : paymentCfg . MaxPendingOrders ,
PaymentEnabledTypes : paymentCfg . EnabledTypes ,
PaymentBalanceDisabled : paymentCfg . BalanceDisabled ,
2026-04-15 00:14:57 +08:00
PaymentBalanceRechargeMultiplier : paymentCfg . BalanceRechargeMultiplier ,
2026-04-15 00:41:33 +08:00
PaymentRechargeFeeRate : paymentCfg . RechargeFeeRate ,
2026-04-10 21:08:51 +08:00
PaymentLoadBalanceStrat : paymentCfg . LoadBalanceStrategy ,
PaymentProductNamePrefix : paymentCfg . ProductNamePrefix ,
PaymentProductNameSuffix : paymentCfg . ProductNameSuffix ,
PaymentHelpImageURL : paymentCfg . HelpImageURL ,
PaymentHelpText : paymentCfg . HelpText ,
PaymentCancelRateLimitEnabled : paymentCfg . CancelRateLimitEnabled ,
PaymentCancelRateLimitMax : paymentCfg . CancelRateLimitMax ,
PaymentCancelRateLimitWindow : paymentCfg . CancelRateLimitWindow ,
PaymentCancelRateLimitUnit : paymentCfg . CancelRateLimitUnit ,
PaymentCancelRateLimitMode : paymentCfg . CancelRateLimitMode ,
2025-12-26 15:40:24 +08:00
} )
2025-12-18 13:50:39 +08:00
}
// UpdateSettingsRequest 更新设置请求
type UpdateSettingsRequest struct {
// 注册设置
2026-03-02 23:13:39 +08:00
RegistrationEnabled bool ` json:"registration_enabled" `
EmailVerifyEnabled bool ` json:"email_verify_enabled" `
RegistrationEmailSuffixWhitelist [ ] string ` json:"registration_email_suffix_whitelist" `
PromoCodeEnabled bool ` json:"promo_code_enabled" `
PasswordResetEnabled bool ` json:"password_reset_enabled" `
2026-03-15 17:52:29 +08:00
FrontendURL string ` json:"frontend_url" `
2026-03-02 23:13:39 +08:00
InvitationCodeEnabled bool ` json:"invitation_code_enabled" `
TotpEnabled bool ` json:"totp_enabled" ` // TOTP 双因素认证
2025-12-18 13:50:39 +08:00
// 邮件服务设置
2026-01-04 17:02:38 +08:00
SMTPHost string ` json:"smtp_host" `
SMTPPort int ` json:"smtp_port" `
SMTPUsername string ` json:"smtp_username" `
SMTPPassword string ` json:"smtp_password" `
SMTPFrom string ` json:"smtp_from_email" `
SMTPFromName string ` json:"smtp_from_name" `
SMTPUseTLS bool ` json:"smtp_use_tls" `
2025-12-18 13:50:39 +08:00
// Cloudflare Turnstile 设置
TurnstileEnabled bool ` json:"turnstile_enabled" `
TurnstileSiteKey string ` json:"turnstile_site_key" `
TurnstileSecretKey string ` json:"turnstile_secret_key" `
2026-01-12 09:14:32 +08:00
// LinuxDo Connect OAuth 登录
2026-01-09 13:52:27 +08:00
LinuxDoConnectEnabled bool ` json:"linuxdo_connect_enabled" `
LinuxDoConnectClientID string ` json:"linuxdo_connect_client_id" `
LinuxDoConnectClientSecret string ` json:"linuxdo_connect_client_secret" `
LinuxDoConnectRedirectURL string ` json:"linuxdo_connect_redirect_url" `
2026-03-13 23:38:58 +08:00
// Generic OIDC OAuth 登录
OIDCConnectEnabled bool ` json:"oidc_connect_enabled" `
OIDCConnectProviderName string ` json:"oidc_connect_provider_name" `
OIDCConnectClientID string ` json:"oidc_connect_client_id" `
OIDCConnectClientSecret string ` json:"oidc_connect_client_secret" `
OIDCConnectIssuerURL string ` json:"oidc_connect_issuer_url" `
OIDCConnectDiscoveryURL string ` json:"oidc_connect_discovery_url" `
OIDCConnectAuthorizeURL string ` json:"oidc_connect_authorize_url" `
OIDCConnectTokenURL string ` json:"oidc_connect_token_url" `
OIDCConnectUserInfoURL string ` json:"oidc_connect_userinfo_url" `
OIDCConnectJWKSURL string ` json:"oidc_connect_jwks_url" `
OIDCConnectScopes string ` json:"oidc_connect_scopes" `
OIDCConnectRedirectURL string ` json:"oidc_connect_redirect_url" `
OIDCConnectFrontendRedirectURL string ` json:"oidc_connect_frontend_redirect_url" `
OIDCConnectTokenAuthMethod string ` json:"oidc_connect_token_auth_method" `
OIDCConnectUsePKCE bool ` json:"oidc_connect_use_pkce" `
OIDCConnectValidateIDToken bool ` json:"oidc_connect_validate_id_token" `
OIDCConnectAllowedSigningAlgs string ` json:"oidc_connect_allowed_signing_algs" `
OIDCConnectClockSkewSeconds int ` json:"oidc_connect_clock_skew_seconds" `
OIDCConnectRequireEmailVerified bool ` json:"oidc_connect_require_email_verified" `
OIDCConnectUserInfoEmailPath string ` json:"oidc_connect_userinfo_email_path" `
OIDCConnectUserInfoIDPath string ` json:"oidc_connect_userinfo_id_path" `
OIDCConnectUserInfoUsernamePath string ` json:"oidc_connect_userinfo_username_path" `
2025-12-18 13:50:39 +08:00
// OEM设置
2026-03-03 02:18:19 +08:00
SiteName string ` json:"site_name" `
SiteLogo string ` json:"site_logo" `
SiteSubtitle string ` json:"site_subtitle" `
APIBaseURL string ` json:"api_base_url" `
ContactInfo string ` json:"contact_info" `
DocURL string ` json:"doc_url" `
HomeContent string ` json:"home_content" `
HideCcsImportButton bool ` json:"hide_ccs_import_button" `
PurchaseSubscriptionEnabled * bool ` json:"purchase_subscription_enabled" `
PurchaseSubscriptionURL * string ` json:"purchase_subscription_url" `
2026-04-09 18:14:28 +08:00
TableDefaultPageSize int ` json:"table_default_page_size" `
TablePageSizeOptions [ ] int ` json:"table_page_size_options" `
2026-03-02 19:37:40 +08:00
CustomMenuItems * [ ] dto . CustomMenuItem ` json:"custom_menu_items" `
2026-03-24 10:13:28 +08:00
CustomEndpoints * [ ] dto . CustomEndpoint ` json:"custom_endpoints" `
2025-12-18 13:50:39 +08:00
// 默认配置
2026-03-02 10:54:14 +08:00
DefaultConcurrency int ` json:"default_concurrency" `
DefaultBalance float64 ` json:"default_balance" `
2026-03-02 03:41:50 +08:00
DefaultSubscriptions [ ] dto . DefaultSubscriptionSetting ` json:"default_subscriptions" `
2026-01-03 06:37:08 -08:00
// Model fallback configuration
EnableModelFallback bool ` json:"enable_model_fallback" `
FallbackModelAnthropic string ` json:"fallback_model_anthropic" `
FallbackModelOpenAI string ` json:"fallback_model_openai" `
FallbackModelGemini string ` json:"fallback_model_gemini" `
FallbackModelAntigravity string ` json:"fallback_model_antigravity" `
2026-01-04 22:49:40 +08:00
// Identity patch configuration (Claude -> Gemini)
EnableIdentityPatch bool ` json:"enable_identity_patch" `
IdentityPatchPrompt string ` json:"identity_patch_prompt" `
2026-01-09 20:57:32 +08:00
// Ops monitoring (vNext)
2026-01-10 01:38:47 +08:00
OpsMonitoringEnabled * bool ` json:"ops_monitoring_enabled" `
OpsRealtimeMonitoringEnabled * bool ` json:"ops_realtime_monitoring_enabled" `
2026-01-09 20:57:32 +08:00
OpsQueryModeDefault * string ` json:"ops_query_mode_default" `
2026-01-10 01:38:47 +08:00
OpsMetricsIntervalSeconds * int ` json:"ops_metrics_interval_seconds" `
2026-03-01 15:35:46 +08:00
MinClaudeCodeVersion string ` json:"min_claude_code_version" `
2026-03-20 09:10:01 +08:00
MaxClaudeCodeVersion string ` json:"max_claude_code_version" `
2026-03-03 19:56:27 +08:00
// 分组隔离
AllowUngroupedKeyScheduling bool ` json:"allow_ungrouped_key_scheduling" `
2026-03-12 02:42:57 +03:00
// Backend Mode
BackendModeEnabled bool ` json:"backend_mode_enabled" `
2026-03-26 10:22:03 +08:00
// Gateway forwarding behavior
EnableFingerprintUnification * bool ` json:"enable_fingerprint_unification" `
EnableMetadataPassthrough * bool ` json:"enable_metadata_passthrough" `
2026-04-08 16:11:19 +08:00
EnableCCHSigning * bool ` json:"enable_cch_signing" `
2026-04-10 21:08:51 +08:00
2026-04-12 13:53:02 +08:00
// Balance low notification
2026-04-14 07:43:08 +08:00
BalanceLowNotifyEnabled * bool ` json:"balance_low_notify_enabled" `
BalanceLowNotifyThreshold * float64 ` json:"balance_low_notify_threshold" `
BalanceLowNotifyRechargeURL * string ` json:"balance_low_notify_recharge_url" `
AccountQuotaNotifyEnabled * bool ` json:"account_quota_notify_enabled" `
AccountQuotaNotifyEmails * [ ] dto . NotifyEmailEntry ` json:"account_quota_notify_emails" `
2026-04-12 13:53:02 +08:00
2026-04-10 21:08:51 +08:00
// Payment configuration (integrated into settings, full replace)
PaymentEnabled * bool ` json:"payment_enabled" `
PaymentMinAmount * float64 ` json:"payment_min_amount" `
PaymentMaxAmount * float64 ` json:"payment_max_amount" `
PaymentDailyLimit * float64 ` json:"payment_daily_limit" `
PaymentOrderTimeoutMin * int ` json:"payment_order_timeout_minutes" `
PaymentMaxPendingOrders * int ` json:"payment_max_pending_orders" `
2026-04-15 00:14:57 +08:00
PaymentEnabledTypes [ ] string ` json:"payment_enabled_types" `
PaymentBalanceDisabled * bool ` json:"payment_balance_disabled" `
PaymentBalanceRechargeMultiplier * float64 ` json:"payment_balance_recharge_multiplier" `
2026-04-15 00:41:33 +08:00
PaymentRechargeFeeRate * float64 ` json:"payment_recharge_fee_rate" `
2026-04-15 00:14:57 +08:00
PaymentLoadBalanceStrat * string ` json:"payment_load_balance_strategy" `
2026-04-10 21:08:51 +08:00
PaymentProductNamePrefix * string ` json:"payment_product_name_prefix" `
PaymentProductNameSuffix * string ` json:"payment_product_name_suffix" `
PaymentHelpImageURL * string ` json:"payment_help_image_url" `
PaymentHelpText * string ` json:"payment_help_text" `
// Cancel rate limit
PaymentCancelRateLimitEnabled * bool ` json:"payment_cancel_rate_limit_enabled" `
PaymentCancelRateLimitMax * int ` json:"payment_cancel_rate_limit_max" `
PaymentCancelRateLimitWindow * int ` json:"payment_cancel_rate_limit_window" `
PaymentCancelRateLimitUnit * string ` json:"payment_cancel_rate_limit_unit" `
PaymentCancelRateLimitMode * string ` json:"payment_cancel_rate_limit_window_mode" `
2025-12-18 13:50:39 +08:00
}
// UpdateSettings 更新系统设置
// PUT /api/v1/admin/settings
func ( h * SettingHandler ) UpdateSettings ( c * gin . Context ) {
var req UpdateSettingsRequest
if err := c . ShouldBindJSON ( & req ) ; err != nil {
response . BadRequest ( c , "Invalid request: " + err . Error ( ) )
return
}
2026-01-02 17:40:57 +08:00
previousSettings , err := h . settingService . GetAllSettings ( c . Request . Context ( ) )
if err != nil {
response . ErrorFrom ( c , err )
return
}
2025-12-18 13:50:39 +08:00
// 验证参数
if req . DefaultConcurrency < 1 {
req . DefaultConcurrency = 1
}
if req . DefaultBalance < 0 {
req . DefaultBalance = 0
}
2026-04-09 18:14:28 +08:00
// 通用表格配置:兼容旧客户端未传字段时保留当前值。
if req . TableDefaultPageSize <= 0 {
req . TableDefaultPageSize = previousSettings . TableDefaultPageSize
}
if req . TablePageSizeOptions == nil {
req . TablePageSizeOptions = previousSettings . TablePageSizeOptions
}
2026-03-21 23:36:30 +08:00
req . SMTPHost = strings . TrimSpace ( req . SMTPHost )
req . SMTPUsername = strings . TrimSpace ( req . SMTPUsername )
req . SMTPPassword = strings . TrimSpace ( req . SMTPPassword )
req . SMTPFrom = strings . TrimSpace ( req . SMTPFrom )
req . SMTPFromName = strings . TrimSpace ( req . SMTPFromName )
2026-01-04 17:02:38 +08:00
if req . SMTPPort <= 0 {
req . SMTPPort = 587
2025-12-18 13:50:39 +08:00
}
2026-03-02 03:41:50 +08:00
req . DefaultSubscriptions = normalizeDefaultSubscriptions ( req . DefaultSubscriptions )
2025-12-18 13:50:39 +08:00
2026-03-21 23:36:30 +08:00
// SMTP 配置保护:如果请求中 smtp_host 为空但数据库中已有配置,则保留已有 SMTP 配置
// 防止前端加载设置失败时空表单覆盖已保存的 SMTP 配置
if req . SMTPHost == "" && previousSettings . SMTPHost != "" {
req . SMTPHost = previousSettings . SMTPHost
req . SMTPPort = previousSettings . SMTPPort
req . SMTPUsername = previousSettings . SMTPUsername
req . SMTPFrom = previousSettings . SMTPFrom
req . SMTPFromName = previousSettings . SMTPFromName
req . SMTPUseTLS = previousSettings . SMTPUseTLS
}
2025-12-31 21:05:33 +08:00
// Turnstile 参数验证
if req . TurnstileEnabled {
// 检查必填字段
if req . TurnstileSiteKey == "" {
response . BadRequest ( c , "Turnstile Site Key is required when enabled" )
return
}
2026-01-04 22:52:00 -06:00
// 如果未提供 secret key, ( )
2025-12-31 21:05:33 +08:00
if req . TurnstileSecretKey == "" {
2026-01-04 22:52:00 -06:00
if previousSettings . TurnstileSecretKey == "" {
response . BadRequest ( c , "Turnstile Secret Key is required when enabled" )
return
}
req . TurnstileSecretKey = previousSettings . TurnstileSecretKey
2025-12-31 21:05:33 +08:00
}
// 当 site_key 或 secret_key 任一变化时验证(避免配置错误导致无法登录)
2026-01-04 22:52:00 -06:00
siteKeyChanged := previousSettings . TurnstileSiteKey != req . TurnstileSiteKey
secretKeyChanged := previousSettings . TurnstileSecretKey != req . TurnstileSecretKey
2025-12-31 21:05:33 +08:00
if siteKeyChanged || secretKeyChanged {
if err := h . turnstileService . ValidateSecretKey ( c . Request . Context ( ) , req . TurnstileSecretKey ) ; err != nil {
response . ErrorFrom ( c , err )
return
}
}
}
2026-01-26 08:45:43 +08:00
// TOTP 双因素认证参数验证
// 只有手动配置了加密密钥才允许启用 TOTP 功能
if req . TotpEnabled && ! previousSettings . TotpEnabled {
// 尝试启用 TOTP,
if ! h . settingService . IsTotpEncryptionKeyConfigured ( ) {
response . BadRequest ( c , "Cannot enable TOTP: TOTP_ENCRYPTION_KEY environment variable must be configured first. Generate a key with 'openssl rand -hex 32' and set it in your environment." )
return
}
}
2026-01-09 13:52:27 +08:00
// LinuxDo Connect 参数验证
if req . LinuxDoConnectEnabled {
req . LinuxDoConnectClientID = strings . TrimSpace ( req . LinuxDoConnectClientID )
req . LinuxDoConnectClientSecret = strings . TrimSpace ( req . LinuxDoConnectClientSecret )
req . LinuxDoConnectRedirectURL = strings . TrimSpace ( req . LinuxDoConnectRedirectURL )
if req . LinuxDoConnectClientID == "" {
response . BadRequest ( c , "LinuxDo Client ID is required when enabled" )
return
}
if req . LinuxDoConnectRedirectURL == "" {
response . BadRequest ( c , "LinuxDo Redirect URL is required when enabled" )
return
}
2026-01-09 19:32:06 +08:00
if err := config . ValidateAbsoluteHTTPURL ( req . LinuxDoConnectRedirectURL ) ; err != nil {
2026-01-09 13:52:27 +08:00
response . BadRequest ( c , "LinuxDo Redirect URL must be an absolute http(s) URL" )
return
}
2026-01-09 19:32:06 +08:00
// 如果未提供 client_secret, ( )
2026-01-09 13:52:27 +08:00
if req . LinuxDoConnectClientSecret == "" {
if previousSettings . LinuxDoConnectClientSecret == "" {
response . BadRequest ( c , "LinuxDo Client Secret is required when enabled" )
return
}
req . LinuxDoConnectClientSecret = previousSettings . LinuxDoConnectClientSecret
}
}
2026-03-13 23:38:58 +08:00
// Generic OIDC 参数验证
if req . OIDCConnectEnabled {
req . OIDCConnectProviderName = strings . TrimSpace ( req . OIDCConnectProviderName )
req . OIDCConnectClientID = strings . TrimSpace ( req . OIDCConnectClientID )
req . OIDCConnectClientSecret = strings . TrimSpace ( req . OIDCConnectClientSecret )
req . OIDCConnectIssuerURL = strings . TrimSpace ( req . OIDCConnectIssuerURL )
req . OIDCConnectDiscoveryURL = strings . TrimSpace ( req . OIDCConnectDiscoveryURL )
req . OIDCConnectAuthorizeURL = strings . TrimSpace ( req . OIDCConnectAuthorizeURL )
req . OIDCConnectTokenURL = strings . TrimSpace ( req . OIDCConnectTokenURL )
req . OIDCConnectUserInfoURL = strings . TrimSpace ( req . OIDCConnectUserInfoURL )
req . OIDCConnectJWKSURL = strings . TrimSpace ( req . OIDCConnectJWKSURL )
req . OIDCConnectScopes = strings . TrimSpace ( req . OIDCConnectScopes )
req . OIDCConnectRedirectURL = strings . TrimSpace ( req . OIDCConnectRedirectURL )
req . OIDCConnectFrontendRedirectURL = strings . TrimSpace ( req . OIDCConnectFrontendRedirectURL )
req . OIDCConnectTokenAuthMethod = strings . ToLower ( strings . TrimSpace ( req . OIDCConnectTokenAuthMethod ) )
req . OIDCConnectAllowedSigningAlgs = strings . TrimSpace ( req . OIDCConnectAllowedSigningAlgs )
req . OIDCConnectUserInfoEmailPath = strings . TrimSpace ( req . OIDCConnectUserInfoEmailPath )
req . OIDCConnectUserInfoIDPath = strings . TrimSpace ( req . OIDCConnectUserInfoIDPath )
req . OIDCConnectUserInfoUsernamePath = strings . TrimSpace ( req . OIDCConnectUserInfoUsernamePath )
if req . OIDCConnectProviderName == "" {
req . OIDCConnectProviderName = "OIDC"
}
if req . OIDCConnectClientID == "" {
response . BadRequest ( c , "OIDC Client ID is required when enabled" )
return
}
if req . OIDCConnectIssuerURL == "" {
response . BadRequest ( c , "OIDC Issuer URL is required when enabled" )
return
}
if err := config . ValidateAbsoluteHTTPURL ( req . OIDCConnectIssuerURL ) ; err != nil {
response . BadRequest ( c , "OIDC Issuer URL must be an absolute http(s) URL" )
return
}
if req . OIDCConnectDiscoveryURL != "" {
if err := config . ValidateAbsoluteHTTPURL ( req . OIDCConnectDiscoveryURL ) ; err != nil {
response . BadRequest ( c , "OIDC Discovery URL must be an absolute http(s) URL" )
return
}
}
if req . OIDCConnectAuthorizeURL != "" {
if err := config . ValidateAbsoluteHTTPURL ( req . OIDCConnectAuthorizeURL ) ; err != nil {
response . BadRequest ( c , "OIDC Authorize URL must be an absolute http(s) URL" )
return
}
}
if req . OIDCConnectTokenURL != "" {
if err := config . ValidateAbsoluteHTTPURL ( req . OIDCConnectTokenURL ) ; err != nil {
response . BadRequest ( c , "OIDC Token URL must be an absolute http(s) URL" )
return
}
}
if req . OIDCConnectUserInfoURL != "" {
if err := config . ValidateAbsoluteHTTPURL ( req . OIDCConnectUserInfoURL ) ; err != nil {
response . BadRequest ( c , "OIDC UserInfo URL must be an absolute http(s) URL" )
return
}
}
if req . OIDCConnectRedirectURL == "" {
response . BadRequest ( c , "OIDC Redirect URL is required when enabled" )
return
}
if err := config . ValidateAbsoluteHTTPURL ( req . OIDCConnectRedirectURL ) ; err != nil {
response . BadRequest ( c , "OIDC Redirect URL must be an absolute http(s) URL" )
return
}
if req . OIDCConnectFrontendRedirectURL == "" {
response . BadRequest ( c , "OIDC Frontend Redirect URL is required when enabled" )
return
}
if err := config . ValidateFrontendRedirectURL ( req . OIDCConnectFrontendRedirectURL ) ; err != nil {
response . BadRequest ( c , "OIDC Frontend Redirect URL is invalid" )
return
}
if ! scopesContainOpenID ( req . OIDCConnectScopes ) {
response . BadRequest ( c , "OIDC scopes must contain openid" )
return
}
switch req . OIDCConnectTokenAuthMethod {
case "" , "client_secret_post" , "client_secret_basic" , "none" :
default :
response . BadRequest ( c , "OIDC Token Auth Method must be one of client_secret_post/client_secret_basic/none" )
return
}
if req . OIDCConnectTokenAuthMethod == "none" && ! req . OIDCConnectUsePKCE {
response . BadRequest ( c , "OIDC PKCE must be enabled when token_auth_method=none" )
return
}
if req . OIDCConnectClockSkewSeconds < 0 || req . OIDCConnectClockSkewSeconds > 600 {
response . BadRequest ( c , "OIDC clock skew seconds must be between 0 and 600" )
return
}
if req . OIDCConnectValidateIDToken {
if req . OIDCConnectAllowedSigningAlgs == "" {
response . BadRequest ( c , "OIDC Allowed Signing Algs is required when validate_id_token=true" )
return
}
}
if req . OIDCConnectJWKSURL != "" {
if err := config . ValidateAbsoluteHTTPURL ( req . OIDCConnectJWKSURL ) ; err != nil {
response . BadRequest ( c , "OIDC JWKS URL must be an absolute http(s) URL" )
return
}
}
if req . OIDCConnectTokenAuthMethod == "" || req . OIDCConnectTokenAuthMethod == "client_secret_post" || req . OIDCConnectTokenAuthMethod == "client_secret_basic" {
if req . OIDCConnectClientSecret == "" {
if previousSettings . OIDCConnectClientSecret == "" {
response . BadRequest ( c , "OIDC Client Secret is required when enabled" )
return
}
req . OIDCConnectClientSecret = previousSettings . OIDCConnectClientSecret
}
}
}
2026-01-28 13:54:32 +08:00
// “购买订阅”页面配置验证
purchaseEnabled := previousSettings . PurchaseSubscriptionEnabled
if req . PurchaseSubscriptionEnabled != nil {
purchaseEnabled = * req . PurchaseSubscriptionEnabled
}
purchaseURL := previousSettings . PurchaseSubscriptionURL
if req . PurchaseSubscriptionURL != nil {
purchaseURL = strings . TrimSpace ( * req . PurchaseSubscriptionURL )
}
// - 启用时要求 URL 合法且非空
// - 禁用时允许为空;若提供了 URL 也做基本校验,避免误配置
if purchaseEnabled {
if purchaseURL == "" {
response . BadRequest ( c , "Purchase Subscription URL is required when enabled" )
return
}
if err := config . ValidateAbsoluteHTTPURL ( purchaseURL ) ; err != nil {
response . BadRequest ( c , "Purchase Subscription URL must be an absolute http(s) URL" )
return
}
} else if purchaseURL != "" {
if err := config . ValidateAbsoluteHTTPURL ( purchaseURL ) ; err != nil {
response . BadRequest ( c , "Purchase Subscription URL must be an absolute http(s) URL" )
return
}
}
2026-03-15 17:52:29 +08:00
// Frontend URL 验证
req . FrontendURL = strings . TrimSpace ( req . FrontendURL )
if req . FrontendURL != "" {
if err := config . ValidateAbsoluteHTTPURL ( req . FrontendURL ) ; err != nil {
response . BadRequest ( c , "Frontend URL must be an absolute http(s) URL" )
return
}
}
2026-03-02 19:37:40 +08:00
// 自定义菜单项验证
2026-03-03 02:18:19 +08:00
const (
maxCustomMenuItems = 20
maxMenuItemLabelLen = 50
maxMenuItemURLLen = 2048
maxMenuItemIconSVGLen = 10 * 1024 // 10KB
maxMenuItemIDLen = 32
)
2026-03-02 19:37:40 +08:00
customMenuJSON := previousSettings . CustomMenuItems
if req . CustomMenuItems != nil {
items := * req . CustomMenuItems
2026-03-03 02:18:19 +08:00
if len ( items ) > maxCustomMenuItems {
response . BadRequest ( c , "Too many custom menu items (max 20)" )
return
}
2026-03-02 19:37:40 +08:00
for i , item := range items {
if strings . TrimSpace ( item . Label ) == "" {
response . BadRequest ( c , "Custom menu item label is required" )
return
}
2026-03-03 02:18:19 +08:00
if len ( item . Label ) > maxMenuItemLabelLen {
response . BadRequest ( c , "Custom menu item label is too long (max 50 characters)" )
return
}
2026-03-02 19:37:40 +08:00
if strings . TrimSpace ( item . URL ) == "" {
response . BadRequest ( c , "Custom menu item URL is required" )
return
}
2026-03-03 02:18:19 +08:00
if len ( item . URL ) > maxMenuItemURLLen {
response . BadRequest ( c , "Custom menu item URL is too long (max 2048 characters)" )
return
}
2026-03-02 19:37:40 +08:00
if err := config . ValidateAbsoluteHTTPURL ( strings . TrimSpace ( item . URL ) ) ; err != nil {
response . BadRequest ( c , "Custom menu item URL must be an absolute http(s) URL" )
return
}
if item . Visibility != "user" && item . Visibility != "admin" {
response . BadRequest ( c , "Custom menu item visibility must be 'user' or 'admin'" )
return
}
2026-03-03 02:18:19 +08:00
if len ( item . IconSVG ) > maxMenuItemIconSVGLen {
response . BadRequest ( c , "Custom menu item icon SVG is too large (max 10KB)" )
return
}
2026-03-02 19:37:40 +08:00
// Auto-generate ID if missing
if strings . TrimSpace ( item . ID ) == "" {
2026-03-03 07:05:01 +08:00
id , err := generateMenuItemID ( )
if err != nil {
response . Error ( c , http . StatusInternalServerError , "Failed to generate menu item ID" )
return
}
items [ i ] . ID = id
2026-03-03 02:18:19 +08:00
} else if len ( item . ID ) > maxMenuItemIDLen {
response . BadRequest ( c , "Custom menu item ID is too long (max 32 characters)" )
return
2026-03-03 07:05:01 +08:00
} else if ! menuItemIDPattern . MatchString ( item . ID ) {
response . BadRequest ( c , "Custom menu item ID contains invalid characters (only a-z, A-Z, 0-9, - and _ are allowed)" )
return
2026-03-02 19:37:40 +08:00
}
}
2026-03-03 02:18:19 +08:00
// ID uniqueness check
seen := make ( map [ string ] struct { } , len ( items ) )
for _ , item := range items {
if _ , exists := seen [ item . ID ] ; exists {
response . BadRequest ( c , "Duplicate custom menu item ID: " + item . ID )
return
}
seen [ item . ID ] = struct { } { }
}
2026-03-02 19:37:40 +08:00
menuBytes , err := json . Marshal ( items )
if err != nil {
response . BadRequest ( c , "Failed to serialize custom menu items" )
return
}
customMenuJSON = string ( menuBytes )
}
2026-03-24 10:13:28 +08:00
// 自定义端点验证
const (
maxCustomEndpoints = 10
maxEndpointNameLen = 50
maxEndpointURLLen = 2048
maxEndpointDescriptionLen = 200
)
customEndpointsJSON := previousSettings . CustomEndpoints
if req . CustomEndpoints != nil {
endpoints := * req . CustomEndpoints
if len ( endpoints ) > maxCustomEndpoints {
response . BadRequest ( c , "Too many custom endpoints (max 10)" )
return
}
for _ , ep := range endpoints {
if strings . TrimSpace ( ep . Name ) == "" {
response . BadRequest ( c , "Custom endpoint name is required" )
return
}
if len ( ep . Name ) > maxEndpointNameLen {
response . BadRequest ( c , "Custom endpoint name is too long (max 50 characters)" )
return
}
if strings . TrimSpace ( ep . Endpoint ) == "" {
response . BadRequest ( c , "Custom endpoint URL is required" )
return
}
if len ( ep . Endpoint ) > maxEndpointURLLen {
response . BadRequest ( c , "Custom endpoint URL is too long (max 2048 characters)" )
return
}
if err := config . ValidateAbsoluteHTTPURL ( strings . TrimSpace ( ep . Endpoint ) ) ; err != nil {
response . BadRequest ( c , "Custom endpoint URL must be an absolute http(s) URL" )
return
}
if len ( ep . Description ) > maxEndpointDescriptionLen {
response . BadRequest ( c , "Custom endpoint description is too long (max 200 characters)" )
return
}
}
endpointBytes , err := json . Marshal ( endpoints )
if err != nil {
response . BadRequest ( c , "Failed to serialize custom endpoints" )
return
}
customEndpointsJSON = string ( endpointBytes )
}
2026-01-10 01:38:47 +08:00
// Ops metrics collector interval validation (seconds).
if req . OpsMetricsIntervalSeconds != nil {
v := * req . OpsMetricsIntervalSeconds
if v < 60 {
v = 60
}
if v > 3600 {
v = 3600
}
req . OpsMetricsIntervalSeconds = & v
}
2026-03-02 03:41:50 +08:00
defaultSubscriptions := make ( [ ] service . DefaultSubscriptionSetting , 0 , len ( req . DefaultSubscriptions ) )
for _ , sub := range req . DefaultSubscriptions {
defaultSubscriptions = append ( defaultSubscriptions , service . DefaultSubscriptionSetting {
GroupID : sub . GroupID ,
ValidityDays : sub . ValidityDays ,
} )
}
2026-01-10 01:38:47 +08:00
2026-03-01 15:35:46 +08:00
// 验证最低版本号格式(空字符串=禁用,或合法 semver)
if req . MinClaudeCodeVersion != "" {
if ! semverPattern . MatchString ( req . MinClaudeCodeVersion ) {
response . Error ( c , http . StatusBadRequest , "min_claude_code_version must be empty or a valid semver (e.g. 2.1.63)" )
return
}
}
2026-03-20 09:10:01 +08:00
// 验证最高版本号格式(空字符串=禁用,或合法 semver)
if req . MaxClaudeCodeVersion != "" {
if ! semverPattern . MatchString ( req . MaxClaudeCodeVersion ) {
response . Error ( c , http . StatusBadRequest , "max_claude_code_version must be empty or a valid semver (e.g. 3.0.0)" )
return
}
}
// 交叉验证:如果同时设置了最低和最高版本号,最高版本号必须 >= 最低版本号
if req . MinClaudeCodeVersion != "" && req . MaxClaudeCodeVersion != "" {
if service . CompareVersions ( req . MaxClaudeCodeVersion , req . MinClaudeCodeVersion ) < 0 {
response . Error ( c , http . StatusBadRequest , "max_claude_code_version must be greater than or equal to min_claude_code_version" )
return
}
}
2025-12-26 15:40:24 +08:00
settings := & service . SystemSettings {
2026-03-02 23:13:39 +08:00
RegistrationEnabled : req . RegistrationEnabled ,
EmailVerifyEnabled : req . EmailVerifyEnabled ,
RegistrationEmailSuffixWhitelist : req . RegistrationEmailSuffixWhitelist ,
PromoCodeEnabled : req . PromoCodeEnabled ,
PasswordResetEnabled : req . PasswordResetEnabled ,
2026-03-15 17:52:29 +08:00
FrontendURL : req . FrontendURL ,
2026-03-02 23:13:39 +08:00
InvitationCodeEnabled : req . InvitationCodeEnabled ,
TotpEnabled : req . TotpEnabled ,
SMTPHost : req . SMTPHost ,
SMTPPort : req . SMTPPort ,
SMTPUsername : req . SMTPUsername ,
SMTPPassword : req . SMTPPassword ,
SMTPFrom : req . SMTPFrom ,
SMTPFromName : req . SMTPFromName ,
SMTPUseTLS : req . SMTPUseTLS ,
TurnstileEnabled : req . TurnstileEnabled ,
TurnstileSiteKey : req . TurnstileSiteKey ,
TurnstileSecretKey : req . TurnstileSecretKey ,
LinuxDoConnectEnabled : req . LinuxDoConnectEnabled ,
LinuxDoConnectClientID : req . LinuxDoConnectClientID ,
LinuxDoConnectClientSecret : req . LinuxDoConnectClientSecret ,
LinuxDoConnectRedirectURL : req . LinuxDoConnectRedirectURL ,
2026-03-13 23:38:58 +08:00
OIDCConnectEnabled : req . OIDCConnectEnabled ,
OIDCConnectProviderName : req . OIDCConnectProviderName ,
OIDCConnectClientID : req . OIDCConnectClientID ,
OIDCConnectClientSecret : req . OIDCConnectClientSecret ,
OIDCConnectIssuerURL : req . OIDCConnectIssuerURL ,
OIDCConnectDiscoveryURL : req . OIDCConnectDiscoveryURL ,
OIDCConnectAuthorizeURL : req . OIDCConnectAuthorizeURL ,
OIDCConnectTokenURL : req . OIDCConnectTokenURL ,
OIDCConnectUserInfoURL : req . OIDCConnectUserInfoURL ,
OIDCConnectJWKSURL : req . OIDCConnectJWKSURL ,
OIDCConnectScopes : req . OIDCConnectScopes ,
OIDCConnectRedirectURL : req . OIDCConnectRedirectURL ,
OIDCConnectFrontendRedirectURL : req . OIDCConnectFrontendRedirectURL ,
OIDCConnectTokenAuthMethod : req . OIDCConnectTokenAuthMethod ,
OIDCConnectUsePKCE : req . OIDCConnectUsePKCE ,
OIDCConnectValidateIDToken : req . OIDCConnectValidateIDToken ,
OIDCConnectAllowedSigningAlgs : req . OIDCConnectAllowedSigningAlgs ,
OIDCConnectClockSkewSeconds : req . OIDCConnectClockSkewSeconds ,
OIDCConnectRequireEmailVerified : req . OIDCConnectRequireEmailVerified ,
OIDCConnectUserInfoEmailPath : req . OIDCConnectUserInfoEmailPath ,
OIDCConnectUserInfoIDPath : req . OIDCConnectUserInfoIDPath ,
OIDCConnectUserInfoUsernamePath : req . OIDCConnectUserInfoUsernamePath ,
2026-03-02 23:13:39 +08:00
SiteName : req . SiteName ,
SiteLogo : req . SiteLogo ,
SiteSubtitle : req . SiteSubtitle ,
APIBaseURL : req . APIBaseURL ,
ContactInfo : req . ContactInfo ,
DocURL : req . DocURL ,
HomeContent : req . HomeContent ,
HideCcsImportButton : req . HideCcsImportButton ,
PurchaseSubscriptionEnabled : purchaseEnabled ,
PurchaseSubscriptionURL : purchaseURL ,
2026-04-09 18:14:28 +08:00
TableDefaultPageSize : req . TableDefaultPageSize ,
TablePageSizeOptions : req . TablePageSizeOptions ,
2026-03-02 23:13:39 +08:00
CustomMenuItems : customMenuJSON ,
2026-03-24 10:13:28 +08:00
CustomEndpoints : customEndpointsJSON ,
2026-03-02 23:13:39 +08:00
DefaultConcurrency : req . DefaultConcurrency ,
DefaultBalance : req . DefaultBalance ,
DefaultSubscriptions : defaultSubscriptions ,
EnableModelFallback : req . EnableModelFallback ,
FallbackModelAnthropic : req . FallbackModelAnthropic ,
FallbackModelOpenAI : req . FallbackModelOpenAI ,
FallbackModelGemini : req . FallbackModelGemini ,
FallbackModelAntigravity : req . FallbackModelAntigravity ,
EnableIdentityPatch : req . EnableIdentityPatch ,
IdentityPatchPrompt : req . IdentityPatchPrompt ,
MinClaudeCodeVersion : req . MinClaudeCodeVersion ,
2026-03-20 09:10:01 +08:00
MaxClaudeCodeVersion : req . MaxClaudeCodeVersion ,
2026-03-02 23:13:39 +08:00
AllowUngroupedKeyScheduling : req . AllowUngroupedKeyScheduling ,
2026-03-12 02:42:57 +03:00
BackendModeEnabled : req . BackendModeEnabled ,
2026-01-09 20:57:32 +08:00
OpsMonitoringEnabled : func ( ) bool {
if req . OpsMonitoringEnabled != nil {
return * req . OpsMonitoringEnabled
}
return previousSettings . OpsMonitoringEnabled
} ( ) ,
OpsRealtimeMonitoringEnabled : func ( ) bool {
if req . OpsRealtimeMonitoringEnabled != nil {
return * req . OpsRealtimeMonitoringEnabled
}
return previousSettings . OpsRealtimeMonitoringEnabled
} ( ) ,
OpsQueryModeDefault : func ( ) string {
if req . OpsQueryModeDefault != nil {
return * req . OpsQueryModeDefault
}
return previousSettings . OpsQueryModeDefault
} ( ) ,
2026-01-10 01:38:47 +08:00
OpsMetricsIntervalSeconds : func ( ) int {
if req . OpsMetricsIntervalSeconds != nil {
return * req . OpsMetricsIntervalSeconds
}
return previousSettings . OpsMetricsIntervalSeconds
} ( ) ,
2026-03-26 10:22:03 +08:00
EnableFingerprintUnification : func ( ) bool {
if req . EnableFingerprintUnification != nil {
return * req . EnableFingerprintUnification
}
return previousSettings . EnableFingerprintUnification
} ( ) ,
EnableMetadataPassthrough : func ( ) bool {
if req . EnableMetadataPassthrough != nil {
return * req . EnableMetadataPassthrough
}
return previousSettings . EnableMetadataPassthrough
} ( ) ,
2026-04-08 16:11:19 +08:00
EnableCCHSigning : func ( ) bool {
if req . EnableCCHSigning != nil {
return * req . EnableCCHSigning
}
return previousSettings . EnableCCHSigning
} ( ) ,
2026-04-12 13:53:02 +08:00
BalanceLowNotifyEnabled : func ( ) bool {
if req . BalanceLowNotifyEnabled != nil {
return * req . BalanceLowNotifyEnabled
}
return previousSettings . BalanceLowNotifyEnabled
} ( ) ,
BalanceLowNotifyThreshold : func ( ) float64 {
if req . BalanceLowNotifyThreshold != nil {
return * req . BalanceLowNotifyThreshold
}
return previousSettings . BalanceLowNotifyThreshold
} ( ) ,
2026-04-13 18:39:45 +08:00
BalanceLowNotifyRechargeURL : func ( ) string {
if req . BalanceLowNotifyRechargeURL != nil {
return * req . BalanceLowNotifyRechargeURL
}
return previousSettings . BalanceLowNotifyRechargeURL
} ( ) ,
2026-04-13 15:30:06 +08:00
AccountQuotaNotifyEnabled : func ( ) bool {
if req . AccountQuotaNotifyEnabled != nil {
return * req . AccountQuotaNotifyEnabled
}
return previousSettings . AccountQuotaNotifyEnabled
} ( ) ,
2026-04-13 00:52:42 +08:00
AccountQuotaNotifyEmails : func ( ) [ ] service . NotifyEmailEntry {
2026-04-12 13:53:02 +08:00
if req . AccountQuotaNotifyEmails != nil {
2026-04-13 00:52:42 +08:00
return dto . NotifyEmailEntriesToService ( * req . AccountQuotaNotifyEmails )
2026-04-12 13:53:02 +08:00
}
return previousSettings . AccountQuotaNotifyEmails
} ( ) ,
2025-12-18 13:50:39 +08:00
}
if err := h . settingService . UpdateSettings ( c . Request . Context ( ) , settings ) ; err != nil {
2025-12-25 20:52:47 +08:00
response . ErrorFrom ( c , err )
2025-12-18 13:50:39 +08:00
return
}
2026-04-10 21:08:51 +08:00
// Update payment configuration (integrated into system settings).
// Skip if no payment fields were provided (prevents accidental wipe).
if h . paymentConfigService != nil && hasPaymentFields ( req ) {
paymentReq := service . UpdatePaymentConfigRequest {
2026-04-15 00:14:57 +08:00
Enabled : req . PaymentEnabled ,
MinAmount : req . PaymentMinAmount ,
MaxAmount : req . PaymentMaxAmount ,
DailyLimit : req . PaymentDailyLimit ,
OrderTimeoutMin : req . PaymentOrderTimeoutMin ,
MaxPendingOrders : req . PaymentMaxPendingOrders ,
EnabledTypes : req . PaymentEnabledTypes ,
BalanceDisabled : req . PaymentBalanceDisabled ,
BalanceRechargeMultiplier : req . PaymentBalanceRechargeMultiplier ,
2026-04-15 00:41:33 +08:00
RechargeFeeRate : req . PaymentRechargeFeeRate ,
2026-04-15 00:14:57 +08:00
LoadBalanceStrategy : req . PaymentLoadBalanceStrat ,
ProductNamePrefix : req . PaymentProductNamePrefix ,
ProductNameSuffix : req . PaymentProductNameSuffix ,
HelpImageURL : req . PaymentHelpImageURL ,
HelpText : req . PaymentHelpText ,
CancelRateLimitEnabled : req . PaymentCancelRateLimitEnabled ,
CancelRateLimitMax : req . PaymentCancelRateLimitMax ,
CancelRateLimitWindow : req . PaymentCancelRateLimitWindow ,
CancelRateLimitUnit : req . PaymentCancelRateLimitUnit ,
CancelRateLimitMode : req . PaymentCancelRateLimitMode ,
2026-04-10 21:08:51 +08:00
}
if err := h . paymentConfigService . UpdatePaymentConfig ( c . Request . Context ( ) , paymentReq ) ; err != nil {
response . ErrorFrom ( c , err )
return
}
// Refresh in-memory provider registry so config changes take effect immediately
if h . paymentService != nil {
h . paymentService . RefreshProviders ( c . Request . Context ( ) )
}
}
2026-01-02 17:40:57 +08:00
h . auditSettingsUpdate ( c , previousSettings , settings , req )
2025-12-18 13:50:39 +08:00
// 重新获取设置返回
updatedSettings , err := h . settingService . GetAllSettings ( c . Request . Context ( ) )
if err != nil {
2025-12-25 20:52:47 +08:00
response . ErrorFrom ( c , err )
2025-12-18 13:50:39 +08:00
return
}
2026-03-02 03:41:50 +08:00
updatedDefaultSubscriptions := make ( [ ] dto . DefaultSubscriptionSetting , 0 , len ( updatedSettings . DefaultSubscriptions ) )
for _ , sub := range updatedSettings . DefaultSubscriptions {
updatedDefaultSubscriptions = append ( updatedDefaultSubscriptions , dto . DefaultSubscriptionSetting {
GroupID : sub . GroupID ,
ValidityDays : sub . ValidityDays ,
} )
}
2025-12-18 13:50:39 +08:00
2026-04-10 21:08:51 +08:00
// Reload payment config for response
var updatedPaymentCfg * service . PaymentConfig
if h . paymentConfigService != nil {
updatedPaymentCfg , _ = h . paymentConfigService . GetPaymentConfig ( c . Request . Context ( ) )
}
if updatedPaymentCfg == nil {
updatedPaymentCfg = & service . PaymentConfig { }
}
2025-12-26 15:40:24 +08:00
response . Success ( c , dto . SystemSettings {
2026-01-09 13:52:27 +08:00
RegistrationEnabled : updatedSettings . RegistrationEnabled ,
EmailVerifyEnabled : updatedSettings . EmailVerifyEnabled ,
2026-03-02 23:13:39 +08:00
RegistrationEmailSuffixWhitelist : updatedSettings . RegistrationEmailSuffixWhitelist ,
2026-01-20 15:56:26 +08:00
PromoCodeEnabled : updatedSettings . PromoCodeEnabled ,
2026-01-24 22:33:45 +08:00
PasswordResetEnabled : updatedSettings . PasswordResetEnabled ,
2026-03-15 17:52:29 +08:00
FrontendURL : updatedSettings . FrontendURL ,
2026-01-29 16:29:59 +08:00
InvitationCodeEnabled : updatedSettings . InvitationCodeEnabled ,
2026-01-26 08:45:43 +08:00
TotpEnabled : updatedSettings . TotpEnabled ,
TotpEncryptionKeyConfigured : h . settingService . IsTotpEncryptionKeyConfigured ( ) ,
2026-01-09 13:52:27 +08:00
SMTPHost : updatedSettings . SMTPHost ,
SMTPPort : updatedSettings . SMTPPort ,
SMTPUsername : updatedSettings . SMTPUsername ,
SMTPPasswordConfigured : updatedSettings . SMTPPasswordConfigured ,
SMTPFrom : updatedSettings . SMTPFrom ,
SMTPFromName : updatedSettings . SMTPFromName ,
SMTPUseTLS : updatedSettings . SMTPUseTLS ,
TurnstileEnabled : updatedSettings . TurnstileEnabled ,
TurnstileSiteKey : updatedSettings . TurnstileSiteKey ,
TurnstileSecretKeyConfigured : updatedSettings . TurnstileSecretKeyConfigured ,
LinuxDoConnectEnabled : updatedSettings . LinuxDoConnectEnabled ,
LinuxDoConnectClientID : updatedSettings . LinuxDoConnectClientID ,
LinuxDoConnectClientSecretConfigured : updatedSettings . LinuxDoConnectClientSecretConfigured ,
LinuxDoConnectRedirectURL : updatedSettings . LinuxDoConnectRedirectURL ,
2026-03-13 23:38:58 +08:00
OIDCConnectEnabled : updatedSettings . OIDCConnectEnabled ,
OIDCConnectProviderName : updatedSettings . OIDCConnectProviderName ,
OIDCConnectClientID : updatedSettings . OIDCConnectClientID ,
OIDCConnectClientSecretConfigured : updatedSettings . OIDCConnectClientSecretConfigured ,
OIDCConnectIssuerURL : updatedSettings . OIDCConnectIssuerURL ,
OIDCConnectDiscoveryURL : updatedSettings . OIDCConnectDiscoveryURL ,
OIDCConnectAuthorizeURL : updatedSettings . OIDCConnectAuthorizeURL ,
OIDCConnectTokenURL : updatedSettings . OIDCConnectTokenURL ,
OIDCConnectUserInfoURL : updatedSettings . OIDCConnectUserInfoURL ,
OIDCConnectJWKSURL : updatedSettings . OIDCConnectJWKSURL ,
OIDCConnectScopes : updatedSettings . OIDCConnectScopes ,
OIDCConnectRedirectURL : updatedSettings . OIDCConnectRedirectURL ,
OIDCConnectFrontendRedirectURL : updatedSettings . OIDCConnectFrontendRedirectURL ,
OIDCConnectTokenAuthMethod : updatedSettings . OIDCConnectTokenAuthMethod ,
OIDCConnectUsePKCE : updatedSettings . OIDCConnectUsePKCE ,
OIDCConnectValidateIDToken : updatedSettings . OIDCConnectValidateIDToken ,
OIDCConnectAllowedSigningAlgs : updatedSettings . OIDCConnectAllowedSigningAlgs ,
OIDCConnectClockSkewSeconds : updatedSettings . OIDCConnectClockSkewSeconds ,
OIDCConnectRequireEmailVerified : updatedSettings . OIDCConnectRequireEmailVerified ,
OIDCConnectUserInfoEmailPath : updatedSettings . OIDCConnectUserInfoEmailPath ,
OIDCConnectUserInfoIDPath : updatedSettings . OIDCConnectUserInfoIDPath ,
OIDCConnectUserInfoUsernamePath : updatedSettings . OIDCConnectUserInfoUsernamePath ,
2026-01-09 13:52:27 +08:00
SiteName : updatedSettings . SiteName ,
SiteLogo : updatedSettings . SiteLogo ,
SiteSubtitle : updatedSettings . SiteSubtitle ,
APIBaseURL : updatedSettings . APIBaseURL ,
ContactInfo : updatedSettings . ContactInfo ,
DocURL : updatedSettings . DocURL ,
2026-01-10 18:37:44 +08:00
HomeContent : updatedSettings . HomeContent ,
2026-01-19 19:25:16 +08:00
HideCcsImportButton : updatedSettings . HideCcsImportButton ,
2026-01-28 13:54:32 +08:00
PurchaseSubscriptionEnabled : updatedSettings . PurchaseSubscriptionEnabled ,
PurchaseSubscriptionURL : updatedSettings . PurchaseSubscriptionURL ,
2026-04-09 18:14:28 +08:00
TableDefaultPageSize : updatedSettings . TableDefaultPageSize ,
TablePageSizeOptions : updatedSettings . TablePageSizeOptions ,
2026-03-03 02:18:19 +08:00
CustomMenuItems : dto . ParseCustomMenuItems ( updatedSettings . CustomMenuItems ) ,
2026-03-24 10:13:28 +08:00
CustomEndpoints : dto . ParseCustomEndpoints ( updatedSettings . CustomEndpoints ) ,
2026-01-09 13:52:27 +08:00
DefaultConcurrency : updatedSettings . DefaultConcurrency ,
DefaultBalance : updatedSettings . DefaultBalance ,
2026-03-02 03:41:50 +08:00
DefaultSubscriptions : updatedDefaultSubscriptions ,
2026-01-09 13:52:27 +08:00
EnableModelFallback : updatedSettings . EnableModelFallback ,
FallbackModelAnthropic : updatedSettings . FallbackModelAnthropic ,
FallbackModelOpenAI : updatedSettings . FallbackModelOpenAI ,
FallbackModelGemini : updatedSettings . FallbackModelGemini ,
FallbackModelAntigravity : updatedSettings . FallbackModelAntigravity ,
EnableIdentityPatch : updatedSettings . EnableIdentityPatch ,
IdentityPatchPrompt : updatedSettings . IdentityPatchPrompt ,
2026-01-11 11:11:37 +08:00
OpsMonitoringEnabled : updatedSettings . OpsMonitoringEnabled ,
OpsRealtimeMonitoringEnabled : updatedSettings . OpsRealtimeMonitoringEnabled ,
OpsQueryModeDefault : updatedSettings . OpsQueryModeDefault ,
OpsMetricsIntervalSeconds : updatedSettings . OpsMetricsIntervalSeconds ,
2026-03-01 15:35:46 +08:00
MinClaudeCodeVersion : updatedSettings . MinClaudeCodeVersion ,
2026-03-20 09:10:01 +08:00
MaxClaudeCodeVersion : updatedSettings . MaxClaudeCodeVersion ,
2026-03-03 19:56:27 +08:00
AllowUngroupedKeyScheduling : updatedSettings . AllowUngroupedKeyScheduling ,
2026-03-12 02:42:57 +03:00
BackendModeEnabled : updatedSettings . BackendModeEnabled ,
2026-03-26 10:22:03 +08:00
EnableFingerprintUnification : updatedSettings . EnableFingerprintUnification ,
EnableMetadataPassthrough : updatedSettings . EnableMetadataPassthrough ,
2026-04-08 16:11:19 +08:00
EnableCCHSigning : updatedSettings . EnableCCHSigning ,
2026-04-12 13:53:02 +08:00
BalanceLowNotifyEnabled : updatedSettings . BalanceLowNotifyEnabled ,
BalanceLowNotifyThreshold : updatedSettings . BalanceLowNotifyThreshold ,
2026-04-14 19:29:37 +08:00
BalanceLowNotifyRechargeURL : updatedSettings . BalanceLowNotifyRechargeURL ,
2026-04-13 15:30:06 +08:00
AccountQuotaNotifyEnabled : updatedSettings . AccountQuotaNotifyEnabled ,
2026-04-13 00:52:42 +08:00
AccountQuotaNotifyEmails : dto . NotifyEmailEntriesFromService ( updatedSettings . AccountQuotaNotifyEmails ) ,
2026-04-10 21:08:51 +08:00
PaymentEnabled : updatedPaymentCfg . Enabled ,
PaymentMinAmount : updatedPaymentCfg . MinAmount ,
PaymentMaxAmount : updatedPaymentCfg . MaxAmount ,
PaymentDailyLimit : updatedPaymentCfg . DailyLimit ,
PaymentOrderTimeoutMin : updatedPaymentCfg . OrderTimeoutMin ,
PaymentMaxPendingOrders : updatedPaymentCfg . MaxPendingOrders ,
PaymentEnabledTypes : updatedPaymentCfg . EnabledTypes ,
PaymentBalanceDisabled : updatedPaymentCfg . BalanceDisabled ,
2026-04-15 00:14:57 +08:00
PaymentBalanceRechargeMultiplier : updatedPaymentCfg . BalanceRechargeMultiplier ,
2026-04-15 00:41:33 +08:00
PaymentRechargeFeeRate : updatedPaymentCfg . RechargeFeeRate ,
2026-04-10 21:08:51 +08:00
PaymentLoadBalanceStrat : updatedPaymentCfg . LoadBalanceStrategy ,
PaymentProductNamePrefix : updatedPaymentCfg . ProductNamePrefix ,
PaymentProductNameSuffix : updatedPaymentCfg . ProductNameSuffix ,
PaymentHelpImageURL : updatedPaymentCfg . HelpImageURL ,
PaymentHelpText : updatedPaymentCfg . HelpText ,
PaymentCancelRateLimitEnabled : updatedPaymentCfg . CancelRateLimitEnabled ,
PaymentCancelRateLimitMax : updatedPaymentCfg . CancelRateLimitMax ,
PaymentCancelRateLimitWindow : updatedPaymentCfg . CancelRateLimitWindow ,
PaymentCancelRateLimitUnit : updatedPaymentCfg . CancelRateLimitUnit ,
PaymentCancelRateLimitMode : updatedPaymentCfg . CancelRateLimitMode ,
2025-12-26 15:40:24 +08:00
} )
2025-12-18 13:50:39 +08:00
}
2026-04-10 21:08:51 +08:00
// hasPaymentFields returns true if any payment-related field was explicitly provided.
func hasPaymentFields ( req UpdateSettingsRequest ) bool {
return req . PaymentEnabled != nil || req . PaymentMinAmount != nil ||
req . PaymentMaxAmount != nil || req . PaymentDailyLimit != nil ||
req . PaymentOrderTimeoutMin != nil || req . PaymentMaxPendingOrders != nil ||
req . PaymentEnabledTypes != nil || req . PaymentBalanceDisabled != nil ||
2026-04-15 00:41:33 +08:00
req . PaymentBalanceRechargeMultiplier != nil || req . PaymentRechargeFeeRate != nil ||
2026-04-10 21:08:51 +08:00
req . PaymentLoadBalanceStrat != nil || req . PaymentProductNamePrefix != nil ||
req . PaymentProductNameSuffix != nil || req . PaymentHelpImageURL != nil ||
req . PaymentHelpText != nil || req . PaymentCancelRateLimitEnabled != nil ||
req . PaymentCancelRateLimitMax != nil || req . PaymentCancelRateLimitWindow != nil ||
req . PaymentCancelRateLimitUnit != nil || req . PaymentCancelRateLimitMode != nil
}
2026-01-02 17:40:57 +08:00
func ( h * SettingHandler ) auditSettingsUpdate ( c * gin . Context , before * service . SystemSettings , after * service . SystemSettings , req UpdateSettingsRequest ) {
if before == nil || after == nil {
return
}
changed := diffSettings ( before , after , req )
if len ( changed ) == 0 {
return
}
subject , _ := middleware . GetAuthSubjectFromContext ( c )
role , _ := middleware . GetUserRoleFromContext ( c )
2026-04-13 21:54:01 +08:00
slog . Info ( "settings updated" ,
"audit" , true ,
"user_id" , subject . UserID ,
"role" , role ,
"changed" , changed ,
2026-01-02 17:40:57 +08:00
)
}
func diffSettings ( before * service . SystemSettings , after * service . SystemSettings , req UpdateSettingsRequest ) [ ] string {
2026-01-04 21:06:12 +08:00
changed := make ( [ ] string , 0 , 20 )
2026-01-02 17:40:57 +08:00
if before . RegistrationEnabled != after . RegistrationEnabled {
changed = append ( changed , "registration_enabled" )
}
if before . EmailVerifyEnabled != after . EmailVerifyEnabled {
changed = append ( changed , "email_verify_enabled" )
}
2026-03-02 23:13:39 +08:00
if ! equalStringSlice ( before . RegistrationEmailSuffixWhitelist , after . RegistrationEmailSuffixWhitelist ) {
changed = append ( changed , "registration_email_suffix_whitelist" )
}
2026-04-14 00:26:20 +08:00
if before . PromoCodeEnabled != after . PromoCodeEnabled {
changed = append ( changed , "promo_code_enabled" )
}
if before . InvitationCodeEnabled != after . InvitationCodeEnabled {
changed = append ( changed , "invitation_code_enabled" )
}
2026-01-24 22:33:45 +08:00
if before . PasswordResetEnabled != after . PasswordResetEnabled {
changed = append ( changed , "password_reset_enabled" )
}
2026-03-15 17:52:29 +08:00
if before . FrontendURL != after . FrontendURL {
changed = append ( changed , "frontend_url" )
}
2026-01-26 08:45:43 +08:00
if before . TotpEnabled != after . TotpEnabled {
changed = append ( changed , "totp_enabled" )
}
2026-01-04 21:06:12 +08:00
if before . SMTPHost != after . SMTPHost {
2026-01-02 17:40:57 +08:00
changed = append ( changed , "smtp_host" )
}
2026-01-04 21:06:12 +08:00
if before . SMTPPort != after . SMTPPort {
2026-01-02 17:40:57 +08:00
changed = append ( changed , "smtp_port" )
}
2026-01-04 21:06:12 +08:00
if before . SMTPUsername != after . SMTPUsername {
2026-01-02 17:40:57 +08:00
changed = append ( changed , "smtp_username" )
}
2026-01-04 21:06:12 +08:00
if req . SMTPPassword != "" {
2026-01-02 17:40:57 +08:00
changed = append ( changed , "smtp_password" )
}
2026-01-04 21:06:12 +08:00
if before . SMTPFrom != after . SMTPFrom {
2026-01-02 17:40:57 +08:00
changed = append ( changed , "smtp_from_email" )
}
2026-01-04 21:06:12 +08:00
if before . SMTPFromName != after . SMTPFromName {
2026-01-02 17:40:57 +08:00
changed = append ( changed , "smtp_from_name" )
}
2026-01-04 21:06:12 +08:00
if before . SMTPUseTLS != after . SMTPUseTLS {
2026-01-02 17:40:57 +08:00
changed = append ( changed , "smtp_use_tls" )
}
if before . TurnstileEnabled != after . TurnstileEnabled {
changed = append ( changed , "turnstile_enabled" )
}
if before . TurnstileSiteKey != after . TurnstileSiteKey {
changed = append ( changed , "turnstile_site_key" )
}
if req . TurnstileSecretKey != "" {
changed = append ( changed , "turnstile_secret_key" )
}
2026-01-09 13:52:27 +08:00
if before . LinuxDoConnectEnabled != after . LinuxDoConnectEnabled {
changed = append ( changed , "linuxdo_connect_enabled" )
}
if before . LinuxDoConnectClientID != after . LinuxDoConnectClientID {
changed = append ( changed , "linuxdo_connect_client_id" )
}
if req . LinuxDoConnectClientSecret != "" {
changed = append ( changed , "linuxdo_connect_client_secret" )
}
if before . LinuxDoConnectRedirectURL != after . LinuxDoConnectRedirectURL {
changed = append ( changed , "linuxdo_connect_redirect_url" )
}
2026-03-13 23:38:58 +08:00
if before . OIDCConnectEnabled != after . OIDCConnectEnabled {
changed = append ( changed , "oidc_connect_enabled" )
}
if before . OIDCConnectProviderName != after . OIDCConnectProviderName {
changed = append ( changed , "oidc_connect_provider_name" )
}
if before . OIDCConnectClientID != after . OIDCConnectClientID {
changed = append ( changed , "oidc_connect_client_id" )
}
if req . OIDCConnectClientSecret != "" {
changed = append ( changed , "oidc_connect_client_secret" )
}
if before . OIDCConnectIssuerURL != after . OIDCConnectIssuerURL {
changed = append ( changed , "oidc_connect_issuer_url" )
}
if before . OIDCConnectDiscoveryURL != after . OIDCConnectDiscoveryURL {
changed = append ( changed , "oidc_connect_discovery_url" )
}
if before . OIDCConnectAuthorizeURL != after . OIDCConnectAuthorizeURL {
changed = append ( changed , "oidc_connect_authorize_url" )
}
if before . OIDCConnectTokenURL != after . OIDCConnectTokenURL {
changed = append ( changed , "oidc_connect_token_url" )
}
if before . OIDCConnectUserInfoURL != after . OIDCConnectUserInfoURL {
changed = append ( changed , "oidc_connect_userinfo_url" )
}
if before . OIDCConnectJWKSURL != after . OIDCConnectJWKSURL {
changed = append ( changed , "oidc_connect_jwks_url" )
}
if before . OIDCConnectScopes != after . OIDCConnectScopes {
changed = append ( changed , "oidc_connect_scopes" )
}
if before . OIDCConnectRedirectURL != after . OIDCConnectRedirectURL {
changed = append ( changed , "oidc_connect_redirect_url" )
}
if before . OIDCConnectFrontendRedirectURL != after . OIDCConnectFrontendRedirectURL {
changed = append ( changed , "oidc_connect_frontend_redirect_url" )
}
if before . OIDCConnectTokenAuthMethod != after . OIDCConnectTokenAuthMethod {
changed = append ( changed , "oidc_connect_token_auth_method" )
}
if before . OIDCConnectUsePKCE != after . OIDCConnectUsePKCE {
changed = append ( changed , "oidc_connect_use_pkce" )
}
if before . OIDCConnectValidateIDToken != after . OIDCConnectValidateIDToken {
changed = append ( changed , "oidc_connect_validate_id_token" )
}
if before . OIDCConnectAllowedSigningAlgs != after . OIDCConnectAllowedSigningAlgs {
changed = append ( changed , "oidc_connect_allowed_signing_algs" )
}
if before . OIDCConnectClockSkewSeconds != after . OIDCConnectClockSkewSeconds {
changed = append ( changed , "oidc_connect_clock_skew_seconds" )
}
if before . OIDCConnectRequireEmailVerified != after . OIDCConnectRequireEmailVerified {
changed = append ( changed , "oidc_connect_require_email_verified" )
}
if before . OIDCConnectUserInfoEmailPath != after . OIDCConnectUserInfoEmailPath {
changed = append ( changed , "oidc_connect_userinfo_email_path" )
}
if before . OIDCConnectUserInfoIDPath != after . OIDCConnectUserInfoIDPath {
changed = append ( changed , "oidc_connect_userinfo_id_path" )
}
if before . OIDCConnectUserInfoUsernamePath != after . OIDCConnectUserInfoUsernamePath {
changed = append ( changed , "oidc_connect_userinfo_username_path" )
}
2026-01-02 17:40:57 +08:00
if before . SiteName != after . SiteName {
changed = append ( changed , "site_name" )
}
if before . SiteLogo != after . SiteLogo {
changed = append ( changed , "site_logo" )
}
if before . SiteSubtitle != after . SiteSubtitle {
changed = append ( changed , "site_subtitle" )
}
2026-01-04 21:06:12 +08:00
if before . APIBaseURL != after . APIBaseURL {
2026-01-02 17:40:57 +08:00
changed = append ( changed , "api_base_url" )
}
if before . ContactInfo != after . ContactInfo {
changed = append ( changed , "contact_info" )
}
2026-01-04 21:06:12 +08:00
if before . DocURL != after . DocURL {
2026-01-02 17:40:57 +08:00
changed = append ( changed , "doc_url" )
}
2026-01-10 18:37:44 +08:00
if before . HomeContent != after . HomeContent {
changed = append ( changed , "home_content" )
}
2026-01-19 19:25:16 +08:00
if before . HideCcsImportButton != after . HideCcsImportButton {
changed = append ( changed , "hide_ccs_import_button" )
}
2026-01-02 17:40:57 +08:00
if before . DefaultConcurrency != after . DefaultConcurrency {
changed = append ( changed , "default_concurrency" )
}
if before . DefaultBalance != after . DefaultBalance {
changed = append ( changed , "default_balance" )
}
2026-03-02 03:41:50 +08:00
if ! equalDefaultSubscriptions ( before . DefaultSubscriptions , after . DefaultSubscriptions ) {
changed = append ( changed , "default_subscriptions" )
}
2026-01-04 21:06:12 +08:00
if before . EnableModelFallback != after . EnableModelFallback {
changed = append ( changed , "enable_model_fallback" )
}
if before . FallbackModelAnthropic != after . FallbackModelAnthropic {
changed = append ( changed , "fallback_model_anthropic" )
}
if before . FallbackModelOpenAI != after . FallbackModelOpenAI {
changed = append ( changed , "fallback_model_openai" )
}
if before . FallbackModelGemini != after . FallbackModelGemini {
changed = append ( changed , "fallback_model_gemini" )
}
if before . FallbackModelAntigravity != after . FallbackModelAntigravity {
changed = append ( changed , "fallback_model_antigravity" )
}
2026-01-09 13:52:27 +08:00
if before . EnableIdentityPatch != after . EnableIdentityPatch {
changed = append ( changed , "enable_identity_patch" )
}
if before . IdentityPatchPrompt != after . IdentityPatchPrompt {
changed = append ( changed , "identity_patch_prompt" )
}
2026-01-09 20:57:32 +08:00
if before . OpsMonitoringEnabled != after . OpsMonitoringEnabled {
changed = append ( changed , "ops_monitoring_enabled" )
}
if before . OpsRealtimeMonitoringEnabled != after . OpsRealtimeMonitoringEnabled {
changed = append ( changed , "ops_realtime_monitoring_enabled" )
}
if before . OpsQueryModeDefault != after . OpsQueryModeDefault {
changed = append ( changed , "ops_query_mode_default" )
}
2026-01-10 01:38:47 +08:00
if before . OpsMetricsIntervalSeconds != after . OpsMetricsIntervalSeconds {
changed = append ( changed , "ops_metrics_interval_seconds" )
}
2026-03-01 15:35:46 +08:00
if before . MinClaudeCodeVersion != after . MinClaudeCodeVersion {
changed = append ( changed , "min_claude_code_version" )
}
2026-03-20 09:10:01 +08:00
if before . MaxClaudeCodeVersion != after . MaxClaudeCodeVersion {
changed = append ( changed , "max_claude_code_version" )
}
2026-03-03 19:56:27 +08:00
if before . AllowUngroupedKeyScheduling != after . AllowUngroupedKeyScheduling {
changed = append ( changed , "allow_ungrouped_key_scheduling" )
}
2026-03-12 02:42:57 +03:00
if before . BackendModeEnabled != after . BackendModeEnabled {
changed = append ( changed , "backend_mode_enabled" )
}
2026-03-03 02:18:19 +08:00
if before . PurchaseSubscriptionEnabled != after . PurchaseSubscriptionEnabled {
changed = append ( changed , "purchase_subscription_enabled" )
}
if before . PurchaseSubscriptionURL != after . PurchaseSubscriptionURL {
changed = append ( changed , "purchase_subscription_url" )
}
2026-04-09 18:14:28 +08:00
if before . TableDefaultPageSize != after . TableDefaultPageSize {
changed = append ( changed , "table_default_page_size" )
}
if ! equalIntSlice ( before . TablePageSizeOptions , after . TablePageSizeOptions ) {
changed = append ( changed , "table_page_size_options" )
}
2026-03-03 02:18:19 +08:00
if before . CustomMenuItems != after . CustomMenuItems {
changed = append ( changed , "custom_menu_items" )
}
2026-04-14 00:26:20 +08:00
if before . CustomEndpoints != after . CustomEndpoints {
changed = append ( changed , "custom_endpoints" )
}
2026-03-26 10:22:03 +08:00
if before . EnableFingerprintUnification != after . EnableFingerprintUnification {
changed = append ( changed , "enable_fingerprint_unification" )
}
if before . EnableMetadataPassthrough != after . EnableMetadataPassthrough {
changed = append ( changed , "enable_metadata_passthrough" )
}
2026-04-08 16:11:19 +08:00
if before . EnableCCHSigning != after . EnableCCHSigning {
changed = append ( changed , "enable_cch_signing" )
}
2026-04-13 21:54:01 +08:00
// Balance & quota notification
if before . BalanceLowNotifyEnabled != after . BalanceLowNotifyEnabled {
changed = append ( changed , "balance_low_notify_enabled" )
}
if before . BalanceLowNotifyThreshold != after . BalanceLowNotifyThreshold {
changed = append ( changed , "balance_low_notify_threshold" )
}
if before . BalanceLowNotifyRechargeURL != after . BalanceLowNotifyRechargeURL {
changed = append ( changed , "balance_low_notify_recharge_url" )
}
if before . AccountQuotaNotifyEnabled != after . AccountQuotaNotifyEnabled {
changed = append ( changed , "account_quota_notify_enabled" )
}
if ! equalNotifyEmailEntries ( before . AccountQuotaNotifyEmails , after . AccountQuotaNotifyEmails ) {
changed = append ( changed , "account_quota_notify_emails" )
}
2026-01-02 17:40:57 +08:00
return changed
}
2026-03-02 03:41:50 +08:00
func normalizeDefaultSubscriptions ( input [ ] dto . DefaultSubscriptionSetting ) [ ] dto . DefaultSubscriptionSetting {
if len ( input ) == 0 {
return nil
}
normalized := make ( [ ] dto . DefaultSubscriptionSetting , 0 , len ( input ) )
for _ , item := range input {
if item . GroupID <= 0 || item . ValidityDays <= 0 {
continue
}
if item . ValidityDays > service . MaxValidityDays {
item . ValidityDays = service . MaxValidityDays
}
normalized = append ( normalized , item )
}
return normalized
}
2026-03-02 23:13:39 +08:00
func equalStringSlice ( a , b [ ] string ) bool {
if len ( a ) != len ( b ) {
return false
}
for i := range a {
if a [ i ] != b [ i ] {
return false
}
}
return true
}
2026-03-02 03:41:50 +08:00
func equalDefaultSubscriptions ( a , b [ ] service . DefaultSubscriptionSetting ) bool {
if len ( a ) != len ( b ) {
return false
}
for i := range a {
if a [ i ] . GroupID != b [ i ] . GroupID || a [ i ] . ValidityDays != b [ i ] . ValidityDays {
return false
}
}
return true
}
2026-04-09 18:14:28 +08:00
func equalIntSlice ( a , b [ ] int ) bool {
if len ( a ) != len ( b ) {
return false
}
for i := range a {
if a [ i ] != b [ i ] {
return false
}
}
return true
}
2026-04-13 21:54:01 +08:00
func equalNotifyEmailEntries ( a , b [ ] service . NotifyEmailEntry ) bool {
if len ( a ) != len ( b ) {
return false
}
for i := range a {
if a [ i ] . Email != b [ i ] . Email || a [ i ] . Verified != b [ i ] . Verified || a [ i ] . Disabled != b [ i ] . Disabled {
return false
}
}
return true
}
2026-01-04 17:02:38 +08:00
// TestSMTPRequest 测试SMTP连接请求
type TestSMTPRequest struct {
2026-03-21 23:36:30 +08:00
SMTPHost string ` json:"smtp_host" `
2026-01-04 17:02:38 +08:00
SMTPPort int ` json:"smtp_port" `
SMTPUsername string ` json:"smtp_username" `
SMTPPassword string ` json:"smtp_password" `
SMTPUseTLS bool ` json:"smtp_use_tls" `
2025-12-18 13:50:39 +08:00
}
2026-01-04 19:27:53 +08:00
// TestSMTPConnection 测试SMTP连接
2025-12-18 13:50:39 +08:00
// POST /api/v1/admin/settings/test-smtp
2026-01-04 19:27:53 +08:00
func ( h * SettingHandler ) TestSMTPConnection ( c * gin . Context ) {
2026-01-04 17:02:38 +08:00
var req TestSMTPRequest
2025-12-18 13:50:39 +08:00
if err := c . ShouldBindJSON ( & req ) ; err != nil {
response . BadRequest ( c , "Invalid request: " + err . Error ( ) )
return
}
2026-03-21 23:36:30 +08:00
req . SMTPHost = strings . TrimSpace ( req . SMTPHost )
req . SMTPUsername = strings . TrimSpace ( req . SMTPUsername )
var savedConfig * service . SMTPConfig
if cfg , err := h . emailService . GetSMTPConfig ( c . Request . Context ( ) ) ; err == nil && cfg != nil {
savedConfig = cfg
2025-12-18 13:50:39 +08:00
}
2026-03-21 23:36:30 +08:00
if req . SMTPHost == "" && savedConfig != nil {
req . SMTPHost = savedConfig . Host
}
if req . SMTPPort <= 0 {
if savedConfig != nil && savedConfig . Port > 0 {
req . SMTPPort = savedConfig . Port
} else {
req . SMTPPort = 587
2025-12-18 13:50:39 +08:00
}
}
2026-03-21 23:36:30 +08:00
if req . SMTPUsername == "" && savedConfig != nil {
req . SMTPUsername = savedConfig . Username
}
password := strings . TrimSpace ( req . SMTPPassword )
if password == "" && savedConfig != nil {
password = savedConfig . Password
}
if req . SMTPHost == "" {
response . BadRequest ( c , "SMTP host is required" )
return
}
2025-12-18 13:50:39 +08:00
2026-01-04 19:27:53 +08:00
config := & service . SMTPConfig {
2026-01-04 17:02:38 +08:00
Host : req . SMTPHost ,
Port : req . SMTPPort ,
Username : req . SMTPUsername ,
2025-12-18 13:50:39 +08:00
Password : password ,
2026-01-04 17:02:38 +08:00
UseTLS : req . SMTPUseTLS ,
2025-12-18 13:50:39 +08:00
}
2026-01-04 19:27:53 +08:00
err := h . emailService . TestSMTPConnectionWithConfig ( config )
2025-12-18 13:50:39 +08:00
if err != nil {
2026-03-05 10:54:41 +08:00
response . BadRequest ( c , "SMTP connection test failed: " + err . Error ( ) )
2025-12-18 13:50:39 +08:00
return
}
response . Success ( c , gin . H { "message" : "SMTP connection successful" } )
}
// SendTestEmailRequest 发送测试邮件请求
type SendTestEmailRequest struct {
Email string ` json:"email" binding:"required,email" `
2026-03-21 23:36:30 +08:00
SMTPHost string ` json:"smtp_host" `
2026-01-04 17:02:38 +08:00
SMTPPort int ` json:"smtp_port" `
SMTPUsername string ` json:"smtp_username" `
SMTPPassword string ` json:"smtp_password" `
SMTPFrom string ` json:"smtp_from_email" `
SMTPFromName string ` json:"smtp_from_name" `
SMTPUseTLS bool ` json:"smtp_use_tls" `
2025-12-18 13:50:39 +08:00
}
// SendTestEmail 发送测试邮件
// POST /api/v1/admin/settings/send-test-email
func ( h * SettingHandler ) SendTestEmail ( c * gin . Context ) {
var req SendTestEmailRequest
if err := c . ShouldBindJSON ( & req ) ; err != nil {
response . BadRequest ( c , "Invalid request: " + err . Error ( ) )
return
}
2026-03-21 23:36:30 +08:00
req . SMTPHost = strings . TrimSpace ( req . SMTPHost )
req . SMTPUsername = strings . TrimSpace ( req . SMTPUsername )
req . SMTPFrom = strings . TrimSpace ( req . SMTPFrom )
req . SMTPFromName = strings . TrimSpace ( req . SMTPFromName )
var savedConfig * service . SMTPConfig
if cfg , err := h . emailService . GetSMTPConfig ( c . Request . Context ( ) ) ; err == nil && cfg != nil {
savedConfig = cfg
2025-12-18 13:50:39 +08:00
}
2026-03-21 23:36:30 +08:00
if req . SMTPHost == "" && savedConfig != nil {
req . SMTPHost = savedConfig . Host
}
if req . SMTPPort <= 0 {
if savedConfig != nil && savedConfig . Port > 0 {
req . SMTPPort = savedConfig . Port
} else {
req . SMTPPort = 587
2025-12-18 13:50:39 +08:00
}
}
2026-03-21 23:36:30 +08:00
if req . SMTPUsername == "" && savedConfig != nil {
req . SMTPUsername = savedConfig . Username
}
password := strings . TrimSpace ( req . SMTPPassword )
if password == "" && savedConfig != nil {
password = savedConfig . Password
}
if req . SMTPFrom == "" && savedConfig != nil {
req . SMTPFrom = savedConfig . From
}
if req . SMTPFromName == "" && savedConfig != nil {
req . SMTPFromName = savedConfig . FromName
}
if req . SMTPHost == "" {
response . BadRequest ( c , "SMTP host is required" )
return
}
2025-12-18 13:50:39 +08:00
2026-01-04 19:27:53 +08:00
config := & service . SMTPConfig {
2026-01-04 17:02:38 +08:00
Host : req . SMTPHost ,
Port : req . SMTPPort ,
Username : req . SMTPUsername ,
2025-12-18 13:50:39 +08:00
Password : password ,
2026-01-04 17:02:38 +08:00
From : req . SMTPFrom ,
FromName : req . SMTPFromName ,
UseTLS : req . SMTPUseTLS ,
2025-12-18 13:50:39 +08:00
}
siteName := h . settingService . GetSiteName ( c . Request . Context ( ) )
subject := "[" + siteName + "] Test Email"
body := `
< ! DOCTYPE html >
< html >
< head >
< meta charset = "UTF-8" >
< style >
body { font - family : - apple - system , BlinkMacSystemFont , ' Segoe UI ' , Roboto , sans - serif ; background - color : # f5f5f5 ; margin : 0 ; padding : 20 px ; }
. container { max - width : 600 px ; margin : 0 auto ; background - color : # ffffff ; border - radius : 8 px ; overflow : hidden ; box - shadow : 0 2 px 8 px rgba ( 0 , 0 , 0 , 0.1 ) ; }
. header { background : linear - gradient ( 135 deg , # 667 eea 0 % , # 764 ba2 100 % ) ; color : white ; padding : 30 px ; text - align : center ; }
. content { padding : 40 px 30 px ; text - align : center ; }
. success { color : # 10 b981 ; font - size : 48 px ; margin - bottom : 20 px ; }
. footer { background - color : # f8f9fa ; padding : 20 px ; text - align : center ; color : # 999 ; font - size : 12 px ; }
< / style >
< / head >
< body >
< div class = "container" >
< div class = "header" >
< h1 > ` + siteName + ` < / h1 >
< / div >
< div class = "content" >
< div class = "success" > ✓ < / div >
< h2 > Email Configuration Successful ! < / h2 >
< p > This is a test email to verify your SMTP settings are working correctly . < / p >
< / div >
< div class = "footer" >
< p > This is an automated test message . < / p >
< / div >
< / div >
< / body >
< / html >
`
if err := h . emailService . SendEmailWithConfig ( config , req . Email , subject , body ) ; err != nil {
2026-03-05 10:54:41 +08:00
response . BadRequest ( c , "Failed to send test email: " + err . Error ( ) )
2025-12-18 13:50:39 +08:00
return
}
response . Success ( c , gin . H { "message" : "Test email sent successfully" } )
}
2025-12-20 15:11:43 +08:00
2026-01-04 19:27:53 +08:00
// GetAdminAPIKey 获取管理员 API Key 状态
2025-12-20 15:11:43 +08:00
// GET /api/v1/admin/settings/admin-api-key
2026-01-04 19:27:53 +08:00
func ( h * SettingHandler ) GetAdminAPIKey ( c * gin . Context ) {
maskedKey , exists , err := h . settingService . GetAdminAPIKeyStatus ( c . Request . Context ( ) )
2025-12-20 15:11:43 +08:00
if err != nil {
2025-12-25 20:52:47 +08:00
response . ErrorFrom ( c , err )
2025-12-20 15:11:43 +08:00
return
}
response . Success ( c , gin . H {
"exists" : exists ,
"masked_key" : maskedKey ,
} )
}
2026-01-04 19:27:53 +08:00
// RegenerateAdminAPIKey 生成/重新生成管理员 API Key
2025-12-20 15:11:43 +08:00
// POST /api/v1/admin/settings/admin-api-key/regenerate
2026-01-04 19:27:53 +08:00
func ( h * SettingHandler ) RegenerateAdminAPIKey ( c * gin . Context ) {
key , err := h . settingService . GenerateAdminAPIKey ( c . Request . Context ( ) )
2025-12-20 15:11:43 +08:00
if err != nil {
2025-12-25 20:52:47 +08:00
response . ErrorFrom ( c , err )
2025-12-20 15:11:43 +08:00
return
}
response . Success ( c , gin . H {
"key" : key , // 完整 key 只在生成时返回一次
} )
}
2026-01-04 19:27:53 +08:00
// DeleteAdminAPIKey 删除管理员 API Key
2025-12-20 15:11:43 +08:00
// DELETE /api/v1/admin/settings/admin-api-key
2026-01-04 19:27:53 +08:00
func ( h * SettingHandler ) DeleteAdminAPIKey ( c * gin . Context ) {
if err := h . settingService . DeleteAdminAPIKey ( c . Request . Context ( ) ) ; err != nil {
2025-12-25 20:52:47 +08:00
response . ErrorFrom ( c , err )
2025-12-20 15:11:43 +08:00
return
}
response . Success ( c , gin . H { "message" : "Admin API key deleted" } )
}
2026-01-11 21:54:52 -08:00
2026-03-18 16:22:19 +08:00
// GetOverloadCooldownSettings 获取529过载冷却配置
// GET /api/v1/admin/settings/overload-cooldown
func ( h * SettingHandler ) GetOverloadCooldownSettings ( c * gin . Context ) {
settings , err := h . settingService . GetOverloadCooldownSettings ( c . Request . Context ( ) )
if err != nil {
response . ErrorFrom ( c , err )
return
}
response . Success ( c , dto . OverloadCooldownSettings {
Enabled : settings . Enabled ,
CooldownMinutes : settings . CooldownMinutes ,
} )
}
// UpdateOverloadCooldownSettingsRequest 更新529过载冷却配置请求
type UpdateOverloadCooldownSettingsRequest struct {
Enabled bool ` json:"enabled" `
CooldownMinutes int ` json:"cooldown_minutes" `
}
// UpdateOverloadCooldownSettings 更新529过载冷却配置
// PUT /api/v1/admin/settings/overload-cooldown
func ( h * SettingHandler ) UpdateOverloadCooldownSettings ( c * gin . Context ) {
var req UpdateOverloadCooldownSettingsRequest
if err := c . ShouldBindJSON ( & req ) ; err != nil {
response . BadRequest ( c , "Invalid request: " + err . Error ( ) )
return
}
settings := & service . OverloadCooldownSettings {
Enabled : req . Enabled ,
CooldownMinutes : req . CooldownMinutes ,
}
if err := h . settingService . SetOverloadCooldownSettings ( c . Request . Context ( ) , settings ) ; err != nil {
response . BadRequest ( c , err . Error ( ) )
return
}
updatedSettings , err := h . settingService . GetOverloadCooldownSettings ( c . Request . Context ( ) )
if err != nil {
response . ErrorFrom ( c , err )
return
}
response . Success ( c , dto . OverloadCooldownSettings {
Enabled : updatedSettings . Enabled ,
CooldownMinutes : updatedSettings . CooldownMinutes ,
} )
}
2026-01-11 21:54:52 -08:00
// GetStreamTimeoutSettings 获取流超时处理配置
// GET /api/v1/admin/settings/stream-timeout
func ( h * SettingHandler ) GetStreamTimeoutSettings ( c * gin . Context ) {
settings , err := h . settingService . GetStreamTimeoutSettings ( c . Request . Context ( ) )
if err != nil {
response . ErrorFrom ( c , err )
return
}
response . Success ( c , dto . StreamTimeoutSettings {
Enabled : settings . Enabled ,
Action : settings . Action ,
TempUnschedMinutes : settings . TempUnschedMinutes ,
ThresholdCount : settings . ThresholdCount ,
ThresholdWindowMinutes : settings . ThresholdWindowMinutes ,
} )
}
2026-03-07 21:45:18 +08:00
// GetRectifierSettings 获取请求整流器配置
// GET /api/v1/admin/settings/rectifier
func ( h * SettingHandler ) GetRectifierSettings ( c * gin . Context ) {
settings , err := h . settingService . GetRectifierSettings ( c . Request . Context ( ) )
if err != nil {
response . ErrorFrom ( c , err )
return
}
2026-03-26 16:43:38 +08:00
patterns := settings . APIKeySignaturePatterns
if patterns == nil {
patterns = [ ] string { }
}
2026-03-07 21:45:18 +08:00
response . Success ( c , dto . RectifierSettings {
Enabled : settings . Enabled ,
ThinkingSignatureEnabled : settings . ThinkingSignatureEnabled ,
ThinkingBudgetEnabled : settings . ThinkingBudgetEnabled ,
2026-03-26 16:43:38 +08:00
APIKeySignatureEnabled : settings . APIKeySignatureEnabled ,
APIKeySignaturePatterns : patterns ,
2026-03-07 21:45:18 +08:00
} )
}
// UpdateRectifierSettingsRequest 更新整流器配置请求
type UpdateRectifierSettingsRequest struct {
2026-03-26 16:43:38 +08:00
Enabled bool ` json:"enabled" `
ThinkingSignatureEnabled bool ` json:"thinking_signature_enabled" `
ThinkingBudgetEnabled bool ` json:"thinking_budget_enabled" `
APIKeySignatureEnabled bool ` json:"apikey_signature_enabled" `
APIKeySignaturePatterns [ ] string ` json:"apikey_signature_patterns" `
2026-03-07 21:45:18 +08:00
}
// UpdateRectifierSettings 更新请求整流器配置
// PUT /api/v1/admin/settings/rectifier
func ( h * SettingHandler ) UpdateRectifierSettings ( c * gin . Context ) {
var req UpdateRectifierSettingsRequest
if err := c . ShouldBindJSON ( & req ) ; err != nil {
response . BadRequest ( c , "Invalid request: " + err . Error ( ) )
return
}
2026-03-26 16:43:38 +08:00
// 校验并清理自定义匹配关键词
const maxPatterns = 50
const maxPatternLen = 500
if len ( req . APIKeySignaturePatterns ) > maxPatterns {
response . BadRequest ( c , "Too many signature patterns (max 50)" )
return
}
var cleanedPatterns [ ] string
for _ , p := range req . APIKeySignaturePatterns {
p = strings . TrimSpace ( p )
if p == "" {
continue
}
if len ( p ) > maxPatternLen {
response . BadRequest ( c , "Signature pattern too long (max 500 characters)" )
return
}
cleanedPatterns = append ( cleanedPatterns , p )
}
2026-03-07 21:45:18 +08:00
settings := & service . RectifierSettings {
Enabled : req . Enabled ,
ThinkingSignatureEnabled : req . ThinkingSignatureEnabled ,
ThinkingBudgetEnabled : req . ThinkingBudgetEnabled ,
2026-03-26 16:43:38 +08:00
APIKeySignatureEnabled : req . APIKeySignatureEnabled ,
APIKeySignaturePatterns : cleanedPatterns ,
2026-03-07 21:45:18 +08:00
}
if err := h . settingService . SetRectifierSettings ( c . Request . Context ( ) , settings ) ; err != nil {
response . BadRequest ( c , err . Error ( ) )
return
}
// 重新获取设置返回
updatedSettings , err := h . settingService . GetRectifierSettings ( c . Request . Context ( ) )
if err != nil {
response . ErrorFrom ( c , err )
return
}
2026-03-26 16:43:38 +08:00
updatedPatterns := updatedSettings . APIKeySignaturePatterns
if updatedPatterns == nil {
updatedPatterns = [ ] string { }
}
2026-03-07 21:45:18 +08:00
response . Success ( c , dto . RectifierSettings {
Enabled : updatedSettings . Enabled ,
ThinkingSignatureEnabled : updatedSettings . ThinkingSignatureEnabled ,
ThinkingBudgetEnabled : updatedSettings . ThinkingBudgetEnabled ,
2026-03-26 16:43:38 +08:00
APIKeySignatureEnabled : updatedSettings . APIKeySignatureEnabled ,
APIKeySignaturePatterns : updatedPatterns ,
2026-03-07 21:45:18 +08:00
} )
}
2026-03-10 11:14:17 +08:00
// GetBetaPolicySettings 获取 Beta 策略配置
// GET /api/v1/admin/settings/beta-policy
func ( h * SettingHandler ) GetBetaPolicySettings ( c * gin . Context ) {
settings , err := h . settingService . GetBetaPolicySettings ( c . Request . Context ( ) )
if err != nil {
response . ErrorFrom ( c , err )
return
}
rules := make ( [ ] dto . BetaPolicyRule , len ( settings . Rules ) )
for i , r := range settings . Rules {
rules [ i ] = dto . BetaPolicyRule ( r )
}
response . Success ( c , dto . BetaPolicySettings { Rules : rules } )
}
// UpdateBetaPolicySettingsRequest 更新 Beta 策略配置请求
type UpdateBetaPolicySettingsRequest struct {
Rules [ ] dto . BetaPolicyRule ` json:"rules" `
}
// UpdateBetaPolicySettings 更新 Beta 策略配置
// PUT /api/v1/admin/settings/beta-policy
func ( h * SettingHandler ) UpdateBetaPolicySettings ( c * gin . Context ) {
var req UpdateBetaPolicySettingsRequest
if err := c . ShouldBindJSON ( & req ) ; err != nil {
response . BadRequest ( c , "Invalid request: " + err . Error ( ) )
return
}
rules := make ( [ ] service . BetaPolicyRule , len ( req . Rules ) )
for i , r := range req . Rules {
rules [ i ] = service . BetaPolicyRule ( r )
}
settings := & service . BetaPolicySettings { Rules : rules }
if err := h . settingService . SetBetaPolicySettings ( c . Request . Context ( ) , settings ) ; err != nil {
response . BadRequest ( c , err . Error ( ) )
return
}
// Re-fetch to return updated settings
updated , err := h . settingService . GetBetaPolicySettings ( c . Request . Context ( ) )
if err != nil {
response . ErrorFrom ( c , err )
return
}
outRules := make ( [ ] dto . BetaPolicyRule , len ( updated . Rules ) )
for i , r := range updated . Rules {
outRules [ i ] = dto . BetaPolicyRule ( r )
}
response . Success ( c , dto . BetaPolicySettings { Rules : outRules } )
}
2026-01-11 21:54:52 -08:00
// UpdateStreamTimeoutSettingsRequest 更新流超时配置请求
type UpdateStreamTimeoutSettingsRequest struct {
Enabled bool ` json:"enabled" `
Action string ` json:"action" `
TempUnschedMinutes int ` json:"temp_unsched_minutes" `
ThresholdCount int ` json:"threshold_count" `
ThresholdWindowMinutes int ` json:"threshold_window_minutes" `
}
// UpdateStreamTimeoutSettings 更新流超时处理配置
// PUT /api/v1/admin/settings/stream-timeout
func ( h * SettingHandler ) UpdateStreamTimeoutSettings ( c * gin . Context ) {
var req UpdateStreamTimeoutSettingsRequest
if err := c . ShouldBindJSON ( & req ) ; err != nil {
response . BadRequest ( c , "Invalid request: " + err . Error ( ) )
return
}
settings := & service . StreamTimeoutSettings {
Enabled : req . Enabled ,
Action : req . Action ,
TempUnschedMinutes : req . TempUnschedMinutes ,
ThresholdCount : req . ThresholdCount ,
ThresholdWindowMinutes : req . ThresholdWindowMinutes ,
}
if err := h . settingService . SetStreamTimeoutSettings ( c . Request . Context ( ) , settings ) ; err != nil {
response . BadRequest ( c , err . Error ( ) )
return
}
// 重新获取设置返回
updatedSettings , err := h . settingService . GetStreamTimeoutSettings ( c . Request . Context ( ) )
if err != nil {
response . ErrorFrom ( c , err )
return
}
response . Success ( c , dto . StreamTimeoutSettings {
Enabled : updatedSettings . Enabled ,
Action : updatedSettings . Action ,
TempUnschedMinutes : updatedSettings . TempUnschedMinutes ,
ThresholdCount : updatedSettings . ThresholdCount ,
ThresholdWindowMinutes : updatedSettings . ThresholdWindowMinutes ,
} )
}
2026-04-12 13:11:46 +08:00
// GetWebSearchEmulationConfig 获取 Web Search 模拟配置
// GET /api/v1/admin/settings/web-search-emulation
func ( h * SettingHandler ) GetWebSearchEmulationConfig ( c * gin . Context ) {
cfg , err := h . settingService . GetWebSearchEmulationConfig ( c . Request . Context ( ) )
if err != nil {
response . ErrorFrom ( c , err )
return
}
2026-04-14 07:22:22 +08:00
response . Success ( c , service . PopulateWebSearchUsage ( c . Request . Context ( ) , cfg ) )
2026-04-12 13:11:46 +08:00
}
// UpdateWebSearchEmulationConfig 更新 Web Search 模拟配置
// PUT /api/v1/admin/settings/web-search-emulation
func ( h * SettingHandler ) UpdateWebSearchEmulationConfig ( c * gin . Context ) {
var cfg service . WebSearchEmulationConfig
if err := c . ShouldBindJSON ( & cfg ) ; err != nil {
response . BadRequest ( c , "Invalid request: " + err . Error ( ) )
return
}
if err := h . settingService . SaveWebSearchEmulationConfig ( c . Request . Context ( ) , & cfg ) ; err != nil {
response . ErrorFrom ( c , err )
return
}
// Re-read (with sanitized api keys) to return current state
updated , err := h . settingService . GetWebSearchEmulationConfig ( c . Request . Context ( ) )
if err != nil {
response . ErrorFrom ( c , err )
return
}
2026-04-14 08:03:27 +08:00
response . Success ( c , service . PopulateWebSearchUsage ( c . Request . Context ( ) , updated ) )
}
// ResetWebSearchUsage 重置指定 provider 的配额用量
// POST /api/v1/admin/settings/web-search-emulation/reset-usage
func ( h * SettingHandler ) ResetWebSearchUsage ( c * gin . Context ) {
var req struct {
ProviderType string ` json:"provider_type" `
}
if err := c . ShouldBindJSON ( & req ) ; err != nil {
response . BadRequest ( c , "Invalid request: " + err . Error ( ) )
return
}
if req . ProviderType == "" {
response . BadRequest ( c , "provider_type is required" )
return
}
if err := service . ResetWebSearchUsage ( c . Request . Context ( ) , req . ProviderType ) ; err != nil {
response . ErrorFrom ( c , err )
return
}
response . Success ( c , nil )
2026-04-12 13:11:46 +08:00
}
// TestWebSearchEmulation 测试 Web Search 搜索
// POST /api/v1/admin/settings/web-search-emulation/test
func ( h * SettingHandler ) TestWebSearchEmulation ( c * gin . Context ) {
var req struct {
Query string ` json:"query" `
}
if err := c . ShouldBindJSON ( & req ) ; err != nil {
response . BadRequest ( c , "Invalid request: " + err . Error ( ) )
return
}
if strings . TrimSpace ( req . Query ) == "" {
req . Query = "搜索今年世界大事件"
}
result , err := service . TestWebSearch ( c . Request . Context ( ) , req . Query )
if err != nil {
response . ErrorFrom ( c , err )
return
}
response . Success ( c , result )
}
