niuniu/sub2api-cn-relay-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
596a2a110c0baeff5cf8f5b5b33e36d84250c8ce
sub2api-cn-relay-manager/internal/store/sqlite/user_keys_repo.go
phamnazage-jpg 596a2a110c
Some checks failed
CI / Build & Test (push) Has been cancelled
Details
CI / Lint (push) Has been cancelled
Details
CI / Security Scan (push) Has been cancelled
Details
CI / Docker Build (push) Has been cancelled
Details
CI / Release (push) Has been cancelled
Details
feat(vnext2): add user key self-service skeleton 
- PORTAL_KEY_EXPERIENCE.md: review from pending to approved
- KEY_SELF_SERVICE_API.md: review from pending to approved
- 0015_user_keys.sql: migration for key_records table
- user_keys_repo.go + test: SQLite repo (Create/ListByOwner/GetByID/UpdateStatus)
- key_self_service.go: HTTP handlers (POST/GET /api/keys, pause/resume/delete)
- key_self_service_svc.go: action wiring (buildUserKeyHandler)
- registered in ActionSet + NewAPIHandlerWithAuth

Note: full user auth requires host+CRM co-deployment.
Current skeleton accepts Bearer token for testing.
2026-06-05 11:45:17 +08:00

145 lines
4.7 KiB
Go
Raw Blame History

package sqlite
import (
"context"
"database/sql"
"encoding/json"
"fmt"
"strings"
)
type UserKeyRecord struct {
ID int64 `json:"-"`
KeyID string `json:"key_id"`
OwnerSubjectID string `json:"owner_subject_id"`
KeyFingerprint string `json:"key_fingerprint"`
MaskedPreview string `json:"masked_preview"`
DisplayName string `json:"display_name"`
LogicalGroupID string `json:"logical_group_id"`
AllowedModels []string `json:"allowed_models"`
AdminStatus string `json:"admin_status"`
QuotaStatus string `json:"quota_status"`
LastUsedAt string `json:"last_used_at,omitempty"`
CreatedAt string `json:"created_at"`
ExpiresAt string `json:"expires_at,omitempty"`
UpdatedAt string `json:"updated_at"`
}
type UserKeysRepo struct {
db execQuerier
}
func newUserKeysRepo(db execQuerier) *UserKeysRepo {
return &UserKeysRepo{db: db}
}
func (r *UserKeysRepo) Create(ctx context.Context, key UserKeyRecord) (int64, error) {
modelsJSON, err := json.Marshal(key.AllowedModels)
if err != nil {
return 0, fmt.Errorf("marshal allowed_models: %w", err)
}
result, err := r.db.ExecContext(ctx, `
INSERT INTO user_keys (
key_id, owner_subject_id, key_fingerprint, masked_preview,
display_name, logical_group_id, allowed_models,
admin_status, quota_status
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`,
key.KeyID, key.OwnerSubjectID, key.KeyFingerprint, key.MaskedPreview,
key.DisplayName, key.LogicalGroupID, string(modelsJSON),
key.AdminStatus, key.QuotaStatus,
)
if err != nil {
return 0, fmt.Errorf("insert user_key: %w", err)
}
return result.LastInsertId()
}
func scanUserKeys(rows *sql.Rows) ([]UserKeyRecord, error) {
var keys []UserKeyRecord
for rows.Next() {
var k UserKeyRecord
var modelsJSON, lastUsedAt, expiresAt sql.NullString
err := rows.Scan(
&k.ID, &k.KeyID, &k.OwnerSubjectID, &k.KeyFingerprint, &k.MaskedPreview,
&k.DisplayName, &k.LogicalGroupID, &modelsJSON,
&k.AdminStatus, &k.QuotaStatus, &lastUsedAt, &k.CreatedAt, &expiresAt, &k.UpdatedAt,
)
if err != nil {
return nil, fmt.Errorf("scan user_key: %w", err)
}
k.LastUsedAt = lastUsedAt.String
k.ExpiresAt = expiresAt.String
if modelsJSON.String != "" {
json.Unmarshal([]byte(modelsJSON.String), &k.AllowedModels)
}
keys = append(keys, k)
}
return keys, rows.Err()
}
func scanOneUserKey(row *sql.Row) (*UserKeyRecord, error) {
var k UserKeyRecord
var modelsJSON, lastUsedAt, expiresAt sql.NullString
err := row.Scan(
&k.ID, &k.KeyID, &k.OwnerSubjectID, &k.KeyFingerprint, &k.MaskedPreview,
&k.DisplayName, &k.LogicalGroupID, &modelsJSON,
&k.AdminStatus, &k.QuotaStatus, &lastUsedAt, &k.CreatedAt, &expiresAt, &k.UpdatedAt,
)
if err != nil {
return nil, err
}
k.LastUsedAt = lastUsedAt.String
k.ExpiresAt = expiresAt.String
if modelsJSON.String != "" {
json.Unmarshal([]byte(modelsJSON.String), &k.AllowedModels)
}
return &k, nil
}
func (r *UserKeysRepo) ListByOwner(ctx context.Context, subjectID string) ([]UserKeyRecord, error) {
rows, err := r.db.QueryContext(ctx, `
SELECT id, key_id, owner_subject_id, key_fingerprint, masked_preview,
display_name, logical_group_id, allowed_models,
admin_status, quota_status, last_used_at, created_at, expires_at, updated_at
FROM user_keys WHERE owner_subject_id = ? ORDER BY created_at DESC`, subjectID)
if err != nil {
return nil, fmt.Errorf("list user_keys: %w", err)
}
defer rows.Close()
return scanUserKeys(rows)
}
func (r *UserKeysRepo) GetByID(ctx context.Context, keyID string) (*UserKeyRecord, error) {
row := r.db.QueryRowContext(ctx, `
SELECT id, key_id, owner_subject_id, key_fingerprint, masked_preview,
display_name, logical_group_id, allowed_models,
admin_status, quota_status, last_used_at, created_at, expires_at, updated_at
FROM user_keys WHERE key_id = ?`, keyID)
k, err := scanOneUserKey(row)
if err != nil {
return nil, fmt.Errorf("get user_key %s: %w", keyID, err)
}
return k, nil
}
func (r *UserKeysRepo) UpdateStatus(ctx context.Context, keyID string, adminStatus string) error {
status := strings.ToLower(strings.TrimSpace(adminStatus))
valid := map[string]bool{"active": true, "paused": true, "disabled": true, "retired": true}
if !valid[status] {
return fmt.Errorf("invalid admin_status: %s", adminStatus)
}
_, err := r.db.ExecContext(ctx,
`UPDATE user_keys SET admin_status = ?, updated_at = strftime('%Y-%m-%dT%H:%M:%SZ','now') WHERE key_id = ?`,
status, keyID)
if err != nil {
return fmt.Errorf("update user_key status: %w", err)
}
return nil
}
func (r *UserKeysRepo) TouchLastUsed(ctx context.Context, keyID string) error {
_, err := r.db.ExecContext(ctx,
`UPDATE user_keys SET last_used_at = strftime('%Y-%m-%dT%H:%M:%SZ','now') WHERE key_id = ?`, keyID)
return err
}
Reference in New Issue View Git Blame Copy Permalink