update database files

set the enable status for adding new api key with default value true
update change log
2025-10-28 21:03:42 +08:00 · 2024-04-07 18:26:45 +08:00 · 2024-04-07 10:17:10 +08:00 · 2024-04-07 08:40:43 +08:00 · 2024-04-07 08:03:14 +08:00 · 2024-04-07 08:02:47 +08:00
390 changed files with 43815 additions and 6398 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -0,0 +1,6 @@
+deploy
+docs
+api/static 
+web/node_modules
+desktop
+
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,248 @@
 # 更新日志

+## 4.0.2
+
+* 功能新增：支持前端菜单可以配置
+* 功能优化：在登录和注册界面标题显示软件版本号
+* 功能优化：MJ 绘画支持 --sref 和 --cref 图片一致性参数
+* 功能优化：使用 leveldb 解决 SD 绘图进度图片预览问题
+* Bug修复：解决因为图片上传使用相对路径而导致融图失败的问题
+* 功能新增：手机端支持 Stable-Diffusion 绘画
+* Bug修复：修复管理后台 API KEY 删除失败的问题
+
+## v4.0.1
+
+* 功能重构：重构 Stable-Diffusion 绘画实现，使用 SDAPI 替换之前的 websocket 接口，SDAPI 兼容各种 stable-diffusion
+  发行版，稳定性更强一些
+* 功能优化：使用 [midjouney-proxy](https://github.com/novicezk/midjourney-proxy) 项目替换内置的原生 MidJourney API，兼容
+  MJ-Plus 中转
+* 功能新增：用户算力消费日志增加统计功能，统计一段时间内用户消费的算力
+* Bug修复：修复 iphone 手机无法通过图形验证码的Bug，使用滑动验证码替换
+* Bug修复：修复手机端 MidJourney 绘画页面滚动条无法滚动的Bug
+
+## v4.0.0
+
+非兼容版本，重大重构，引入算力概念，将系统中所有的能力（AI对话，MJ绘画，SD绘画，DALL绘画）全部使用算力来兑换。
+只要你的算力值余额不为0，你就可以进行任何操作。比如一次 GPT3.5 对话消耗1个单位算力，一次 GPT4 对话消耗10个算力。一次 MJ
+对话消耗15个算力...
+
+* 功能重构：重构整体系统，全部采用算力来进行结算
+* 功能优化：SD 绘画页面采用 websocket 替换 http 轮询机制，节省带宽
+* 功能优化：移动端聊天页面图片支持预览和放大功能
+* 功能优化：MJ 和 SD 页面数据分页加载，解决一次性加载太多数据导致页面卡顿的问题
+* 功能优化：**PC端不登录也可以预览功能，只有在发起操作的时候才需要登录**
+* 功能优化：控制台订单管理页面显示未支付订单，并提供订单删除功能
+* 功能新增：支持H5支付
+* 功能优化：支持数学公式的识别和美化输出
+* 功能新增：新增算力消费日志功能
+* 功能优化：整合 XXL-JOB 实现订单清理，每日算力派发，VIP 算力重置等任务
+* 功能新增：管理后台新增7日内新增用户和新增订单统计
+
+## v3.2.7
+
+* 功能重构：采用 Vant 重构移动页面，新增 MidJourney 功能
+* 功能优化：优化 PC 端 MidJourney 页面布局，新增融图和换脸功能
+* Bug修复：修复 issue [
+  管理界面操作用户存在的两个问题](https://github.com/yangjian102621/chatgpt-plus/issues/117#issuecomment-1909201532)
+* 功能优化：在对话和聊天记录表中新增冗余字段 model，存储对话模型
+* Bug修复：IPhone 手机验证码触摸事件坐标错位 [issue 144](https://github.com/yangjian102621/chatgpt-plus/issues/144)
+* Bug修复：重新生成按钮功能失效问题
+* Bug修复：对话输入HTML标签不显示的问题
+* 功能优化：gpt-4-all/gpts/midjourney-plus 支持第三方平台的 API KEY
+* 功能新增：新增删除文件功能
+* Bug修复：解决 MJ-Plus discord 图片下载失败问题，使用第三方平台中转地址下载
+* 功能新增：后台管理新怎对话查看和检索功能
+
+## v3.2.6
+
+* 功能优化：恢复关闭注册系统配置项，管理员可以在后台关闭用户注册，只允许内部添加账号
+* 功能优化：兼用旧版本微信收款消息解析
+* 功能优化：优化订单扫码支付状态轮询功能，当关闭二维码时取消轮询，节约网络资源
+* 功能新增：新增图片发布功能，画廊只显示用户已发布的图片
+* 功能新增：后台新增配置微信客服二维码，可以上传自己的微信客服二维码
+* 功能新增：新增网站公告，可以在管理后台自定义配置
+* 功能新增：新增阿里通义千问大模型支持
+* Bug修复：修复 MJ 放大任务失败时候 img_call 会增加的 Bug
+* 功能优化：新增虎皮椒和PayJS订单状态校验功能，增加安全性
+* Bug修复：修复微信转账交易 ID 提取失败 Bug
+* 功能优化：给所有的 websocket 连接加上心跳，解决 "close 1006 (abnormal closure): unexpected EOF" Bug
+* 功能新增：新增短信宝短信平台发送平台集成
+
+## v3.2.5
+
+* 功能新增：**重磅更新！！！** 新增 MidJourney-Plus API 支持，一秒配置，开箱即用，高效稳定。
+* 功能新增：**重磅更新！！！** 新增 GPT4-ALL 和 GPTs 模型支持，你只需花几块钱，可以丝滑享受 ChatGPT-Plus 会员的所有功能，无需再订阅
+  Plus 账号了！！！
+* 功能优化：增强 markdown 图片和引用块解析。
+* 功能新增：新增用户文件管理，目前一支持上传文件跟 GPT 进行多态对话。
+* 功能优化：function call 兼用中转 API。
+* Bug修复：修复部分已知的 Bug。
+
+## v3.2.4.1
+
+* 功能新增：新增 PayJs 支付通道
+* Bug修复：紧急修复后台添加用户失败问题
+* Bug修复：紧急修复使用中转 API-KEY 无法绘图的问题
+* Bug修复：允许用户关闭手机和邮箱注册通道，移除验证码依赖
+
+## v3.2.4
+
+* 功能新增：重磅更新，支持邮箱注册
+* 功能优化：优化函数调用授权
+* 功能优化：给用户表新增 nickname 字段
+* 功能优化：管理后台给聊天角色增加启用/禁用开关
+* Bug修复：SD绘画出现重复扣减绘图次数
+* 功能优化：优化聊天对话导出样式，适应移动端
+* 功能新增：众筹核销可以选择兑换对话还是绘图的额度
+* Bug修复：修复[从历史记录获取reply有并发风险 #92](https://github.com/yangjian102621/chatgpt-plus/issues/92)
+* Bug修复：修复 MidJourney 绘图任务调度Bug，为 task_id 建议唯一索引
+* 功能重构：重构了 API KEY模块，支持为每个 API KEY 都设置不同的 API 地址，并可以单独开启是否使用代理。
+
+## v3.2.3
+
+* 功能重构：重构函数工具模块，设计成可以后台动态管理函数。支持添加自定义函数实现
+* 功能新增：为充值产品数据表添加 img_calls 字段，支持充值绘图次数
+* Bug修复：修复 [MJ 机器人空指针异常的 Bug](https://github.com/yangjian102621/chatgpt-plus/issues/73)
+* Bug修复：确保相同 Prompt 的绘图任务的 Upscale 和 Variation 任务调度给相同的频道
+* 功能新增：新增删除绘图任何和图片功能
+* Bug修复：修复虎皮椒支付二维码重复扫码时报错问题
+* 功能优化：自动将 AI 绘画中的中文提示词翻译成英文
+* 功能优化：优化AI绘画的大图压缩算法，新增图片缓存
+* 功能优化：支持为 MJ 绘图 API 增加反代功能，提高图片的加载速度，大大降低绘图任务的失败率
+* Bug修复：修复[Azure Api 更换api-version参数后请求失败的问题](https://github.com/yangjian102621/chatgpt-plus/pull/71)
+* Bug修复：修复科大讯飞 V1.5 API 请求失败的问题
+* Bug修复：绘图失败后，自动恢复用户的剩余绘图次数
+* 功能新增：为移动端新增 SD 绘图功能，分享功能
+
+## v3.2.2
+
+* 功能重构：重构 MidJourney 和 Stable-Diffusion 绘图模块，支持使用多组配置创建池子提供绘画服务
+* 功能新增：AI绘画页面增加翻译和重写提示词功能
+* 功能优化：OSS上传组件支持在 Bucket 下设置二级目录
+* Bug修复：修复阿里云 OSS 访问路径错误
+* 功能优化：在 AI 绘图页面使用 HTTP 轮询替换 Websocket
+
+## v3.2.1
+
+* 功能优化：切换角色和模型的时候自动创建新的对话
+* Bug修复：修复文件上传失败No such file bug
+* 功能新增：MidJourney 绘画页面新增提示词翻译功能，新增多个绘画参数
+* Bug修复：[PC端对话在刷新后异常](https://github.com/yangjian102621/chatgpt-plus/issues/59)
+* 功能新增：增加 arm64 架构打包脚本
+* 功能新增：支持 dall-e3 绘图的 API 地址自定义配置
+* 功能新增：新增虎皮椒支付功能接入，支持微信和支付宝通道
+
+## v3.2.0
+
+* 功能新增：新增邀请注册功能
+* 功能优化：增加中间件自动对HTTP请求的参数去掉首尾空格
+* 功能优化：增加中间件自动为大图片生成缩略图
+* 功能优化：MidJourney 页面图片加载优化，实现图片预览懒加载
+* 功能新增：新增 DALL-E-3 绘画支持，并作为对话页面默认绘画插件
+* Bug修复：修复阿里云 OSS 域名设置不起做用的bug
+* Bug修复：修复MidJourney绘图失败后重复添加到队列的问题
+
+## v3.1.9
+
+* 功能新增：增加讯飞星火大模型 v3.0 支持
+* 功能新增：新增找回密码功能
+* 功能新增：支持 Markdown 代码复制功能
+* Bug修复: xxl-job 任务调度失败的 Bug
+* 功能优化：优化前端页面菜单图标，使用自定义图标替换 icon-font
+* Bug修复：Stable-Diffusion 绘画成功之后没有扣减用户画图次数
+* 功能优化：优化会员充值页面 ItemList 组件
+* 功能优化：给首页 Logo 增加链接
+* Bug修复：[新建会话时，提示"请输入合法的手机号" ](https://github.com/yangjian102621/chatgpt-plus/issues/51)
+* Bug修复：聊天上下文失效问题
+* 功能优化：关闭注册时显示联系管理员二维码
+* 功能优化：移除 leveldb 依赖，使用 redis 替换相应的功能
+* Bug修复：后台启用用户 VIP 不生效问题
+* 功能优化：充值支付页面的支付说明文字可以后台配置
+* Bug修复：ChatGLM，百度文心，科大讯飞模型输出代码不换行问题
+
+## v3.1.8
+
+1. 功能新增：新增会员套餐充值，点卡充值，订单系统，集成支付宝支付通道
+2. Bug修复：修复 MidJourney API 参数版本更新导致调用失败问题
+3. Bug修复：修复 Stable Diffusion 调用后没有更新绘图调用次数问题
+4. Bug修复：修复七牛云上传报错 expired token
+5. Bug修复：修复高权重模型导致的对话次数为负数的漏洞
+6. 功能优化：将聊天报错信息定义为统一常量，方便修改
+7. 功能优化：优化 markdown 表格显示样式，覆写 Element-Plus 表格样式
+8. 功能优化：增加倒数计时组件，定期自动清理未支付的订单
+
+## v3.1.7
+
+1. 功能新增：支持文心4.0 AI 模型
+2. 功能新增：可以在管理后台为用户绑定指定的 AI 模型，如只给某个用户使用 GPT-4 模型
+3. 功能新增：模型新增权重字段，不同的模型每次调用耗费的点数可以设置不同，比如GPT4是GPT3.5的10倍
+4. 功能新增：新增系统配置关闭 AI 模型的函数功能
+5. 功能优化：优化 MidJourney 专业绘画页面图片预览样式
+
+## v3.1.6
+
+1. 功能新增：新增AI 绘画照片墙功能页面，供用户查看所有的 AI 绘画作品
+2. 功能新增：新增 AI 角色应用功能页面，用户可以添加自己感兴趣的应用
+3. 功能优化：优化瀑布流组件的页面布局
+4. 功能优化：新注册用户成功之后自动登录
+5. 功能优化：优化更新对话标题的操作体验，绑定回车事件
+
+## v3.1.5
+
+1. 功能新增：新增百度文心一言大模型 API 接入支持
+2. 功能新增：新增科大讯飞星火大模型 API 接入支持
+3. 功能重构：将 chat_handler 的所有功能实现放入单独的包中
+4. 功能新增：新增系统配置 `enabled_function` 用于启用和关闭函数功能
+5. Bug修复：修复管理后台更新 API Key 失败的 Bug
+6. Bug修复：修复新建的对话无法更新对话标题的 Bug
+7. 功能优化：其他一些小的体验优化工作
+
+## v3.1.4
+
+1. 功能新增：新增阿里云 OSS 图片上传实现，目前已支持本地存储，七牛云，Minio和阿里云 OSS 四种存储介质。
+2. 功能新增：**增加 Stable Diffusion 绘画功能页面**。
+3. 功能重构：将 [chatgpt-plus-exts](https://github.com/yangjian102621/chatgpt-plus-exts) 合并到本项目，部署更加简单，无需部署两个项目了。
+4. Bug修复：修复[用户注册报错BUG #37](https://github.com/yangjian102621/chatgpt-plus/issues/37)。
+5. Bug修复：修复 MidJourney API 接口升级导致图片文保存失败的 Bug。
+6. 功能优化：增加阿里云短信服务配置项 `Sign` 和 `CodeTempId` 用来配置自己的短信签名和短信验证码模版 ID。
+7. 功能优化：添加系统配置用来设置自定义的众筹微信收款二维码。
+8. 功能优化：优化绘画页面的弹窗样式和页面布局。
+
+## v3.1.3
+
+1. 页面重构：重后 Home 页面，拆分成聊天，MJ绘画，SD 绘画，应用广场等多个功能菜单。
+2. 功能新增：新增 MidJourney 专业绘画页面，开放更高级的 MJ 绘画姿势。
+3. 功能优化：采用队列的方式控制绘画任务并发，简化任务回调通知逻辑，给任务回调加锁。
+4. 功能优化：精简用户表字段，删除用户名和昵称，只保留手机号。
+5. 功能优化：优化文件上传服务工厂实现，只创建激活的 Uploader 服务，节省资源。
+6. Bug修复：修复 JWT token 有效期计算错误的 Bug。
+
+## v3.1.2
+
+1. 功能新增：新增七牛云 OSS 实现，目前已支持三种文件上传服务：Local, Minio, QiNiu OSS。
+2. 功能新增：新增桌面版，使用 electron 套壳网页版。
+3. Bug修复：自动去除众筹核销时候转账单号中的空格，防止复制的时候多复制了空格。
+4. 功能优化：ChatPlus.vue 页面支持通过 chat_id path variable 来定位到指定的聊天。
+5. 功能优化：取消导出聊天页面的授权验证
+6. 功能优化：所有路由跳转都使用绝对路径
+
+## v3.1.1
+
+紧急修复版本，采用弹窗的方式显示验证码，解决验证码在低分辨率下被掩盖的Bug
+
+## v3.1.0(大版本更新)
+
+1. 功能重构：将聊天模型独立拆分，以便支持多平台模型，目前已经内置支持 OPenAI，Azure 以及
+   ChatGLM，用户可以在这两个平台的模型中随意切换，体验不同的模型聊天。
+2. 功能重构：重写系统 API 授权机制，使用 JWT 替换传统的 session 会话授权，使得 API 授权变得更加灵活。
+3. 功能重构：重构文件夹上传服务，支持多种文件上传存储handler，目前已经实现本地存储和 minio oss 存储。
+4. 功能优化：更新头像自动删除旧的图片资源。
+5. 功能优化：将应用日志在终端输出的同时存盘，方便 docker 部署查看日志。
+6. 功能新增：允许用户配置自己的 OPenAI，Azure 以及 ChatGLM API KEY。
+7. 功能优化：优化移动版的行为验证码样式，修复低分辨率显示器验证码被遮挡的 Bug
+8. 升级 gin, element-plus，redis 组件到最新版本。
+9. Bug修复：修复若干已知的的 Bug
+
 ## v3.0.7

 1. 聊天主界面：新增聊天引导页面，介绍产品功能
--- a/README.md
+++ b/README.md
@@ -1,301 +1,134 @@
 # ChatGPT-Plus

-**ChatGPT-PLUS** 是基于 OpenAI API 实现的 ChatGPT 聊天系统。主要有如下特性：
+**ChatGPT-PLUS** 基于 AI 大语言模型 API 实现的 AI 助手全套开源解决方案，自带运营管理后台，开箱即用。集成了 OpenAI, Azure,
+ChatGLM,讯飞星火，文心一言等多个平台的大语言模型。集成了 MidJourney 和 Stable Diffusion AI绘画功能。主要有如下特性：

 * 完整的开源系统，前端应用和后台管理系统皆可开箱即用。
-* 聊天体验跟 ChatGPT 官方版本完全一致。
-* 内置了各种预训练好的角色，比如小红书写手，英语翻译大师，苏格拉底，孔子，乔布斯，周报助手等。轻松满足你的各种聊天和应用需求。
+* 基于 Websocket 实现，完美的打字机体验。
+* 内置了各种预训练好的角色应用，比如小红书写手，英语翻译大师，苏格拉底，孔子，乔布斯，周报助手等。轻松满足你的各种聊天和应用需求。
+* 支持 OPenAI，Azure，文心一言，讯飞星火，清华 ChatGLM等多个大语言模型。
+* 支持 MidJourney / Stable Diffusion AI 绘画集成，开箱即用。
+* 支持使用个人微信二维码作为充值收费的支付渠道，无需企业支付通道。
+* 已集成支付宝支付功能，微信支付，支持多种会员套餐和点卡购买功能。
+* 集成插件 API 功能，可结合大语言模型的 function 功能开发各种强大的插件，已内置实现了微博热搜，今日头条，今日早报和 AI
+  绘画函数插件。

 ## 功能截图

 ### PC 端聊天界面

-![ChatGPT Chat Page](docs/imgs/gpt.gif)
+![ChatGPT Chat Page](/docs/imgs/gpt.gif)

-### 新版聊天界面
+### AI 对话界面

-![ChatGPT new Chat Page](docs/imgs/chat-new.png)
+![ChatGPT new Chat Page](/docs/imgs/chat-new.png)
+
+### MidJourney 专业绘画界面
+
+![mid-journey](/docs/imgs/mj_image.jpg)
+
+### Stable-Diffusion 专业绘画页面
+
+![Stable-Diffusion](/docs/imgs/sd_image.jpg)
+![Stable-Diffusion](/docs/imgs/sd_image_detail.jpg)
+
+### 绘图作品展
+
+![ChatGPT image_list](/docs/imgs/image-list.png)
+
+### AI应用列表
+
+![ChatGPT-app-list](/docs/imgs/app-list.jpg)
+
+### 会员充值
+
+![会员充值](/docs/imgs/member.png)

 ### 自动调用函数插件

-![ChatGPT function plugin](docs/imgs/plugin.png)
-
-![ChatGPT function plugin](docs/imgs/mj.jpg)
-
-### 用户设置
-
-![ChatGPT user profle](docs/imgs/user_profile.png)
-
-### 登录页面
-
-![ChatGPT Login](docs/imgs/login.png)
+![ChatGPT function plugin](/docs/imgs/plugin.png)
+![ChatGPT function plugin](/docs/imgs/mj.jpg)

 ### 管理后台

-![ChatGPT admin](docs/imgs/admin_dashboard.png)
-
-![ChatGPT admin](docs/imgs/admin_config.png)
-
-![ChatGPT admin](docs/imgs/admin_user.png)
+![ChatGPT admin](/docs/imgs/admin_dashboard.png)
+![ChatGPT admin](/docs/imgs/admin_config.jpg)
+![ChatGPT admin](/docs/imgs/admin_models.jpg)
+![ChatGPT admin](/docs/imgs/admin_user.png)

 ### 移动端 Web 页面

 ![Mobile chat list](/docs/imgs/mobile_chat_list.png)
 ![Mobile chat session](/docs/imgs/mobile_chat_session.png)
-![Mobile chat setting](/docs/imgs/mobile_chat_setting.png)
+![Mobile chat setting](/docs/imgs/mobile_user_profile.png)
+![Mobile chat setting](/docs/imgs/mobile_pay.png)

-### 7. 体验地址
+### 体验地址

-> 免费体验地址：[https://www.chat-plus.net/chat](https://www.chat-plus.net/chat) <br/>
+> 免费体验地址：[https://ai.r9it.com/chat](https://ai.r9it.com/chat) <br/>
 > **注意：请合法使用，禁止输出任何敏感、不友好或违规的内容！！！**

+## 快速部署
+
+**演示站不提供任何充值点卡售卖或者VIP充值服务。** 如果您体验过后觉得还不错的话，可以花两分钟用下面的一键部署脚本自己部署一套。
+
+```shell
+bash -c "$(curl -fsSL https://img.r9it.com/tmp/install-v4.0.2-ba5a891bc0.sh)"
+```
+
+最新版本的一键部署脚本请参考 [**ChatGPT-Plus 文档**](https://ai.r9it.com/docs/install/)。
+
+目前仅支持 Ubuntu 和 Centos 系统。 部署成功之后可以访问下面地址
+
+* 前端访问地址：http://localhost:8080/chat 使用移动设备访问会自动跳转到移动端页面。
+* 后台管理地址：http://localhost:8080/admin
+* 移动端地址：http://localhost:8080/mobile
+* 初始后台管理账号：admin/admin123
+* 初始前端体验账号：18575670125/12345678
+
+服务启动成功之后不能立刻使用，需要先登录管理后台 -> API-KEY 去添加一个 OpenAI 或者文心一言，科大讯飞等至少一个平台的 API
+KEY。
+
+![](https://ai.r9it.com/docs/images/env/admin_api_keys.png)
+
+另外，如果您目前还没有 OpenAI 的 API KEY的，推荐您去 https://api.chat-plus.net 购买，**无需魔法，高速稳定，且价格还远低于 OpenAI
+官方**。
+
 ## 使用须知

 1. 本项目基于 MIT 协议，免费开放全部源代码，可以作为个人学习使用或者商用。
 2. 如需商用必须保留版权信息，请自觉遵守。确保合法合规使用，在运营过程中产生的一切任何后果自负，与作者无关。

-## 项目介绍
-
-这一套完整的系统，包括前端聊天应用和一个后台管理系统。系统有用户鉴权，你可以自己使用，也可以部署直接给 C 端用户提供
-ChatGPT 的服务。
-
-### 项目的技术架构
-
-新版的系统前后端都进行大改动的重构，后端还是用的 Gin Web 框架，但是作者整合了 fx 自动注入框架，整个后端应用结构非常简洁，特别适合二次开发。
-另外，数据存储用 MySQL 替换了 leveldb, 因为要对 C 端，后期会涉及到很多业务数据查询统计，leveldb 已经完全不够用了。
-
-> Gin + fx + MySQL
-
-3.0 版本之后会陆续添加其他语言的 API 实现，比如 PHP，Java 等。考虑到作者精力有限，api 目录已经添加了，有兴趣的同学自主去认领各自擅长的语言去实现。
-
-前端的框架还是:
-
-> Vue3 + Element-Plus
-
-前后台的页面风格已经全部变了，几乎所有页面样式代码都重写了。逻辑代码还是沿用之前的，毕竟功能没有太大的变化。
-
-此次重构改版主要是为了后面功能的扩展准备了。
-
-新版本已经实现的功能如下：
-
-1. 引入用户体系，新增用户注册和登录功能。
-2. 聊天页面改版，实现了跟 ChatGPT 官方版本一致的聊天体验。
-3. 创建会话的时候可以选择聊天角色和模型。
-4. 新增聊天设置功能，用户可以导入自己的 API KEY
-5. 保存聊天记录，支持聊天上下文。
-6. 重构后台管理模块，更友好，扩展性更好的后台管理系统。
-7. 引入 ip2region 组件，记录用户的登录IP和地址。
-8. 支持会话搜索过滤。
-9. 支持微信支付充值
-
 ## 项目地址

 * Github 地址：https://github.com/yangjian102621/chatgpt-plus
 * 码云地址：https://gitee.com/blackfox/chatgpt-plus

+## 客户端下载
+
+目前已经支持 Win/Linux/Mac/Android 客户端，下载地址为：https://github.com/yangjian102621/chatgpt-plus/releases/tag/v3.1.2
+
 ## TODOLIST

-* [ ] 整合 Midjourney AI 绘画 API
-* [ ] 开发移动端聊天页面
-* [x] 接入微信支付功能
-* [x] 支持 ChatGPT 函数功能，通过函数实现插件
-* [ ] 接入语音和 TTS API，支持语音聊天
-* [ ] 开发手机 App 客户端
+* [ ] 支持基于知识库的 AI 问答
+* [ ] 会员邀请注册推广功能
+* [ ] 微信支付功能

-## Docker 快速部署
+## 项目文档

->
-鉴于最新不少网友反馈在部署的时候遇到一些问题，大部分问题都是相同的，所以我这边做了一个视频教程 [五分钟部署自己的 ChatGPT 服务](https://www.bilibili.com/video/BV1H14y1B7Qw/)。
-> 习惯看视频教程的朋友可以去看视频教程，视频的语速比较慢，建议 2 倍速观看。
+最新的部署视频教程：[https://www.bilibili.com/video/BV1Cc411t7CX/](https://www.bilibili.com/video/BV1Cc411t7CX/)

-V3.0.0 版本以后已经支持使用容器部署了，跳过所有的繁琐的环境准备，一条命令就可以轻松部署上线。
+详细的部署和开发文档请参考 [**ChatGPT-Plus 文档**](https://ai.r9it.com/docs/)。

-### 1. 导入数据库
+加微信进入微信讨论群可获取 **一键部署脚本（添加好友时请注明来自Github!!!）。**

-首先我们需要创建一个 MySQL 容器，并导入初始数据库。
-
-```shell
-cd docker/mysql
-# 创建 mysql 容器
-docker-compose up -d
-# 导入数据库
-docker exec -i chatgpt-plus-mysql sh -c 'exec mysql -uroot -p12345678' < ../../database/chatgpt_plus.sql
-```
-
-如果你本地已经安装了 MySQL 服务，那么你只需手动导入数据库即可。
-
-```shell
-# 连接数据库
-mysql -u username -p password
-# 导入数据库
-source database/chatgpt_plus.sql
-```
-
-### 2. 修改配置文档
-
-修改配置文档 `docker/conf/config.toml` 配置文档，修改代理地址和管理员密码：
-
-```toml
-Listen = "0.0.0.0:5678"
-ProxyURL = ["YOUR_PROXY_URL"] # 替换成你本地代理，如：http://127.0.0.1:7777
-#ProxyURL = "" 如果你的服务器本身就在墙外，那么你直接留空就好了
-MysqlDns = "root:12345678@tcp(172.22.11.200:3307)/chatgpt_plus?charset=utf8&parseTime=True&loc=Local"
-
-[Session]
-  SecretKey = "azyehq3ivunjhbntz78isj00i4hz2mt9xtddysfucxakadq4qbfrt0b7q3lnvg80"
-  Name = "CHAT_SESSION_ID"
-  Path = "/"
-  Domain = ""
-  MaxAge = 86400
-  Secure = false
-  HttpOnly = false
-  SameSite = 2
-
-[Manager]
-  Username = "admin"
-  Password = "admin123" # 如果是生产环境的话，这里管理员的密码记得修改
-  
-[ApiConfig] # 微博热搜，今日头条等函数服务 API 配置，此为第三方插件服务，如需使用请联系作者开通
-  ApiURL = "{URL}"
-  AppId = "{APP_ID}"
-  Token = "{TOKEN}"
-
-[SmsConfig] # 阿里云短信服务配置
-  AccessKey = "{YOUR_ACCESS_KEY}"
-  AccessSecret = "{YOUR_SECRET_KEY}"
-  Product = "Dysmsapi"
-  Domain = "dysmsapi.aliyuncs.com"
-
-[ExtConfig] # MidJourney和微信机器人服务 API 配置，开通此功能需要配合 chatpgt-plus-exts 项目部署
-  ApiURL = "插件扩展 API 地址"
-  Token = "插件扩展 API Token" # 这个 token 随便填，只要确保跟 chatgpt-plus-exts 项目的 token 一样就行 
-```
-
-> 如果要启用微信收款服务和 MidJourney
-> 绘画功能，请先部署扩展服务项目 [chatgpt-plus-exts](https://github.com/yangjian102621/chatgpt-plus-exts)。
-
-修改 nginx 配置文档 `docker/conf/nginx/conf.d/chatgpt-plus.conf`，把后端转发的地址改成当前主机的内网 IP 地址。
-
-```shell
- # 这里配置后端 API 的转发
-location /api/ {
-       proxy_http_version 1.1;
-       proxy_connect_timeout 300s;
-       proxy_read_timeout 300s;
-       proxy_send_timeout 12s;
-       proxy_set_header Host $host;
-       proxy_set_header X-Real-IP $remote_addr;
-       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-       proxy_set_header Upgrade $http_upgrade;
-       proxy_set_header Connection $connection_upgrade;
-       proxy_pass http://172.28.173.76:6789; # 这里改成后端服务的内网 IP 地址
-}
-```
-
-### 3. 启动应用
-
-```shell
-cd docker
-docker-compose up -d
-```
-
-* 前端访问地址：http://localhost:8080/chat
-* 后台管理地址：http://localhost:8080/admin
-* 移动端地址：http://localhost:8080/mobile
-
-> 注意：你得访问后台管理系统 http://localhost:8080/admin
-> 输入你前面配置文档中设置的管理员用户名和密码登录。
-> 然后进入 `API KEY 管理` 菜单，添加一个 OpenAI 的 API KEY 才可以正常开启 AI 对话。
-
-![add API Key](docs/imgs/apikey_add.png)
-
-最后登录前端聊天页面 [http://localhost:8080/chat](http://localhost:8080/chat)
-你可以注册新用户，也可以使用系统默认有个账号：`geekmaster/12345678` 登录聊天。
-
-祝你使用愉快！！！
-
-## 本地开发调试
-
-本地开发同样要分别运行前端和后端程序。
-
-### 运行后端程序
-
-1. 同样你首先要 [导入数据库](#1-导入数据库)
-2. 然后 [修改配置文档](#2-修改配置文档)
-3. 运行后端程序：
-
-    ```shell
-    cd api 
-    # 1. 先下载依赖
-    go mod tidy
-    # 2. 运行程序
-    go run main.go
-    # 如果你安装了 fresh 可以使用 fresh 实现热启动
-    fresh -c fresh.conf
-    ```
-
-### 运行前端程序
-
-同样先拷贝配置文档：
-
-```shell
-cd web
-cp .env.production .env.development
-```
-
-编辑 `.env.development` 文件，修改后端 API 的访问路径：
-
-```ini
-VUE_APP_API_HOST=http://localhost:5678
-VUE_APP_WS_HOST=ws://localhost:5678
-```
-
-配置好了之后就可以运行前端应用了：
-
-```
-# 安装依赖
-npm install
-# 运行
-npm run dev
-```
-
-* 前端页面：http://localhost:8888/chat
-* 后台管理页面：http://localhost:8888/admin
-
-## 项目打包
-
-由于本项目是采用异构开发的方式，所项目打包分成两步：首先编译后端程序，然后再打包前端应用。
-
-### 打包前端
-
-```shell
-cd web
-npm run build
-```
-
-### 打包后端
-
-你可以根据个人需求将项目打包成 windows/linux/darwin 平台项目。
-
-```shell
-cd api
-# for all platforms
-make clean all
-# for linux only
-make clean linux
-```
-
-打包后的可执行文件在 `bin` 目录下。
+![微信名片](docs/imgs/wx.png)

 ## 参与贡献

 个人的力量始终有限，任何形式的贡献都是欢迎的，包括但不限于贡献代码，优化文档，提交 issue 和 PR 等。

-如果有兴趣的话，也可以加微信进入微信讨论群（**添加好友时请注明来自Github!!!**）。
-
-![微信名片](docs/imgs/wx.png)
-
-#### 特此声明：不接受在微信或者微信群给开发者提 Bug，有问题或者优化建议请提交 Issue 和 PR。非常感谢您的配合！
+#### 特此声明：由于个人时间有限，不接受在微信或者微信群给开发者提 Bug，有问题或者优化建议请提交 Issue 和 PR。非常感谢您的配合！

 ### Commit 类型

@@ -311,6 +144,6 @@ make clean linux

 如果你觉得这个项目对你有帮助，并且情况允许的话，可以请作者喝杯咖啡，非常感谢你的支持～

-![微信打赏](docs/imgs/wechat-pay.png)
-
+![打赏](docs/imgs/donate.png)

+![Star History Chart](https://api.star-history.com/svg?repos=yangjian102621/chatgpt-plus&type=Date)
--- a/api/Makefile
+++ b/api/Makefile
@@ -1,19 +1,14 @@
 SHELL=/usr/bin/env bash
-NAME := chatgpt-v3
-all: window linux darwin
+NAME := chatgpt-plus
+all: amd64 arm64

+amd64:
+	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o bin/$(NAME)-linux main.go
+.PHONY: amd64

-window:
-	CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o bin/$(NAME)-amd64.exe main.go
-.PHONY: window
-
-linux:
-	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o bin/$(NAME)-amd64-linux main.go
-.PHONY: linux
-
-darwin:
-	CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o bin/$(NAME)-amd64-darwin main.go
-.PHONY: darwin
+arm64:
+	CGO_ENABLED=0 GOOS=linux GOARCH=arm64 GOARM=7 go build -o bin/$(NAME)-linux main.go
+.PHONY: arm64

 clean:
 	rm -rf bin/$(NAME)-*
--- a/api/config.sample.toml
+++ b/api/config.sample.toml
@@ -1,41 +1,124 @@
 Listen = "0.0.0.0:5678"
-ProxyURL = "http://172.22.11.200:7777"
-MysqlDns = "root:mysql_pass@tcp(localhost:3306)/chatgpt_plus?charset=utf8mb4&collation=utf8mb4_unicode_ci&parseTime=True&loc=Local"
-StaticDir = "./static"
-StaticUrl = "http://localhost:5678/static"
-AesEncryptKey = "{YOUR_AES_KEY}"
+ProxyURL = "" # 如 http://127.0.0.1:7777
+MysqlDns = "root:12345678@tcp(172.22.11.200:3307)/chatgpt_plus?charset=utf8mb4&collation=utf8mb4_unicode_ci&parseTime=True&loc=Local"
+StaticDir = "./static" # 静态资源的目录
+StaticUrl = "/static" # 静态资源访问 URL
+AesEncryptKey = ""
+WeChatBot = false

 [Session]
-  Driver = "cookie"
-  SecretKey = "m0cjm3gsuw9jk73np1ni7r42koilybjcndlycjdmq7za3pbqn7w12fyok5pqh6q5"
-  Name = "CHAT_SESSION_ID"
-  Path = "/"
-  Domain = "localhost"
+  SecretKey = "azyehq3ivunjhbntz78isj00i4hz2mt9xtddysfucxakadq4qbfrt0b7q3lnvg80" # 注意：这个是 JWT Token 授权密钥，生产环境请务必更换
  MaxAge = 86400
-  Secure = false
-  HttpOnly = false
-  SameSite = 2

-[Manager]
-  Username = "admin"
-  Password = "admin123"
-
-[Redis]
+[Redis] # redis 配置信息
  Host = "localhost"
  Port = 6379
  Password = ""
+  DB = 0

-[ApiConfig]
-  ApiURL = "{URL}"
-  AppId = "{APP_ID}"
-  Token = "{TOKEN}"
+[ApiConfig] # 微博热搜，今日头条等函数服务 API 配置，此为第三方插件服务，如需使用请联系作者开通
+  ApiURL = ""
+  AppId = ""
+  Token = ""

-[SmsConfig]
-  AccessKey = "{YOUR_ACCESS_KEY}"
-  AccessSecret = "{YOUR_SECRET_KEY}"
-  Product = "Dysmsapi"
-  Domain = "dysmsapi.aliyuncs.com"

-[ExtConfig]
-  ApiURL = "插件扩展 API 地址"
-  Token = "插件扩展 API Token"
+[SMS] # Sms 配置，用于发送短信
+   Active = "Ali" # 当前启用的短信服务，默认使用阿里云
+   [SMS.Bao]
+      Username = ""
+      Password = ""
+      Domain = "api.smsbao.com"
+      Sign = "【极客学长】"
+      CodeTemplate = "您的验证码是{code}。5分钟有效，若非本人操作，请忽略本短信。"
+   [SMS.Ali]
+      AccessKey = ""
+      AccessSecret = ""
+      Product = "Dysmsapi"
+      Domain = "dysmsapi.aliyuncs.com"
+      Sign = ""
+      CodeTempId = ""
+
+[OSS] # OSS 配置，用于存储 MJ 绘画图片
+   Active = "local" # 默认使用本地文件存储引擎
+   [OSS.Local]
+     BasePath = "./static/upload" # 本地文件上传根路径
+     BaseURL = "http://localhost:5678/static/upload" # 本地上传文件前缀 URL，线上需要把 localhost 替换成自己的实际域名或者IP
+   [OSS.Minio]
+     Endpoint = "" # 如 172.22.11.200:9000
+     AccessKey = "" # 自己去 Minio 控制台去创建一个 Access Key
+     AccessSecret = ""
+     Bucket = "chatgpt-plus" # 替换为你自己创建的 Bucket，注意要给 Bucket 设置公开的读权限，否则会出现图片无法显示。
+     UseSSL = false
+     Domain = "" # 地址必须是能够通过公网访问的，否则会出现图片无法显示。
+   [OSS.QiNiu] # 七牛云 OSS 配置
+       Zone = "z2" # 区域，z0：华东，z1: 华北，na0：北美，as0：新加坡
+       AccessKey = ""
+       AccessSecret = ""
+       Bucket = ""
+       Domain = "" # OSS Bucket 所绑定的域名，如 https://img.r9it.com
+   [OSS.AliYun]
+       Endpoint = "oss-cn-hangzhou.aliyuncs.com"
+       AccessKey = ""
+       AccessSecret = ""
+       Bucket = "chatgpt-plus"
+       SubDir = ""
+       Domain = ""
+
+[[MjProxyConfigs]]
+  Enabled = true
+  ApiURL = "http://midjourney-proxy:8082"
+  ApiKey = "sk-geekmaster"
+
+[[MjPlusConfigs]]
+  Enabled = false
+  ApiURL = "https://api.chat-plus.net"
+  Mode = "fast" # MJ 绘画模式，可选值 relax/fast/turbo
+  ApiKey = "sk-xxx"
+
+[[SdConfigs]]
+  Enabled = false
+  ApiURL = ""
+  ApiKey = ""
+  Txt2ImgJsonPath = "res/sd/text2img.json"
+
+[XXLConfig] # xxl-job 配置，需要你部署 XXL-JOB 定时任务工具，用来定期清理未支付订单和清理过期 VIP，如果你没有启用支付服务，则该服务也无需启动
+  Enabled = false # 是否启用 XXL JOB 服务
+  ServerAddr = "http://172.22.11.47:8080/xxl-job-admin" # xxl-job-admin 管理地址
+  ExecutorIp = "172.22.11.47" # 执行器 IP 地址
+  ExecutorPort = "9999" # 执行器服务端口
+  AccessToken = "xxl-job-api-token" # 执行器 API 通信 token
+  RegistryKey = "chatgpt-plus" # 任务注册 key
+
+[AlipayConfig]
+  Enabled = false # 启用支付宝支付通道
+  SandBox = false # 是否启用沙盒模式
+  UserId = "2088721020750581" # 商户ID
+  AppId = "9021000131658023" # App Id
+  PrivateKey = "certs/alipay/privateKey.txt" # 应用私钥
+  PublicKey = "certs/alipay/appPublicCert.crt" # 应用公钥证书
+  AlipayPublicKey = "certs/alipay/alipayPublicCert.crt" # 支付宝公钥证书
+  RootCert = "certs/alipay/alipayRootCert.crt" # 支付宝根证书
+  NotifyURL = "https://ai.r9it.com/api/payment/alipay/notify" # 支付异步回调地址
+
+[HuPiPayConfig]
+  Enabled = false
+  Name = "wechat"
+  AppId = ""
+  AppSecret = ""
+  ApiURL = "https://api.xunhupay.com"
+  NotifyURL = "https://ai.r9it.com/api/payment/hupipay/notify"
+
+[SmtpConfig] # 注意，阿里云服务器禁用了25号端口，所以如果需要使用邮件功能，请别用阿里云服务器
+  Host = "smtp.163.com"
+  Port = 25
+  AppName = "极客学长"
+  From = "test@163.com" # 发件邮箱人地址
+  Password = "" #邮箱 stmp 服务授权码
+
+[JPayConfig] # PayJs 支付配置
+  Enabled = false
+  Name = "wechat" # 请不要改动
+  AppId = "" # 商户 ID
+  PrivateKey = "" # 秘钥
+  ApiURL = "https://payjs.cn"
+  NotifyURL = "https://ai.r9it.com/api/payment/payjs/notify" # 异步回调地址，域名改成你自己的
--- a/api/core/app_server.go
+++ b/api/core/app_server.go
@@ -1,89 +1,80 @@
 package core

 import (
+	"bytes"
 	"chatplus/core/types"
-	"chatplus/service/function"
 	"chatplus/store/model"
 	"chatplus/utils"
 	"chatplus/utils/resp"
 	"context"
-	"github.com/gin-contrib/sessions"
-	"github.com/gin-contrib/sessions/cookie"
-	"github.com/gin-contrib/sessions/memstore"
-	"github.com/gin-contrib/sessions/redis"
+	"fmt"
 	"github.com/gin-gonic/gin"
+	"github.com/go-redis/redis/v8"
+	"github.com/golang-jwt/jwt/v5"
+	"github.com/nfnt/resize"
 	"gorm.io/gorm"
+	"image"
+	"image/jpeg"
 	"io"
+	"log"
 	"net/http"
+	"os"
 	"runtime/debug"
 	"strings"
+	"time"
 )

 type AppServer struct {
 	Debug        bool
 	Config       *types.AppConfig
 	Engine       *gin.Engine
-	ChatContexts *types.LMap[string, []interface{}] // 聊天上下文 Map [chatId] => []Message
+	ChatContexts *types.LMap[string, []types.Message] // 聊天上下文 Map [chatId] => []Message

-	ChatConfig *types.ChatConfig   // chat config cache
-	SysConfig  *types.SystemConfig // system config cache
+	SysConfig *types.SystemConfig // system config cache

 	// 保存 Websocket 会话 UserId, 每个 UserId 只能连接一次
 	// 防止第三方直接连接 socket 调用 OpenAI API
-	ChatSession   *types.LMap[string, types.ChatSession]  //map[sessionId]UserId
+	ChatSession   *types.LMap[string, *types.ChatSession] //map[sessionId]UserId
 	ChatClients   *types.LMap[string, *types.WsClient]    // map[sessionId]Websocket 连接集合
 	ReqCancelFunc *types.LMap[string, context.CancelFunc] // HttpClient 请求取消 handle function
-	Functions     map[string]function.Function
-	MjTaskClients *types.LMap[string, *types.WsClient]
 }

-func NewServer(appConfig *types.AppConfig, functions map[string]function.Function) *AppServer {
+func NewServer(appConfig *types.AppConfig) *AppServer {
 	gin.SetMode(gin.ReleaseMode)
 	gin.DefaultWriter = io.Discard
 	return &AppServer{
 		Debug:         false,
 		Config:        appConfig,
 		Engine:        gin.Default(),
-		ChatContexts:  types.NewLMap[string, []interface{}](),
-		ChatSession:   types.NewLMap[string, types.ChatSession](),
+		ChatContexts:  types.NewLMap[string, []types.Message](),
+		ChatSession:   types.NewLMap[string, *types.ChatSession](),
 		ChatClients:   types.NewLMap[string, *types.WsClient](),
 		ReqCancelFunc: types.NewLMap[string, context.CancelFunc](),
-		MjTaskClients: types.NewLMap[string, *types.WsClient](),
-		Functions:     functions,
 	}
 }

-func (s *AppServer) Init(debug bool) {
+func (s *AppServer) Init(debug bool, client *redis.Client) {
 	if debug { // 调试模式允许跨域请求 API
 		s.Debug = debug
 		logger.Info("Enabled debug mode")
 	}
 	s.Engine.Use(corsMiddleware())
-	s.Engine.Use(sessionMiddleware(s.Config))
-	s.Engine.Use(authorizeMiddleware(s))
+	s.Engine.Use(staticResourceMiddleware())
+	s.Engine.Use(authorizeMiddleware(s, client))
+	s.Engine.Use(parameterHandlerMiddleware())
 	s.Engine.Use(errorHandler)
 	// 添加静态资源访问
 	s.Engine.Static("/static", s.Config.StaticDir)
 }

 func (s *AppServer) Run(db *gorm.DB) error {
-	// load chat config from database
-	var chatConfig model.Config
-	res := db.Where("marker", "chat").First(&chatConfig)
-	if res.Error != nil {
-		return res.Error
-	}
-	err := utils.JsonDecode(chatConfig.Config, &s.ChatConfig)
-	if err != nil {
-		return err
-	}
 	// load system configs
 	var sysConfig model.Config
-	res = db.Where("marker", "system").First(&sysConfig)
+	res := db.Where("marker", "system").First(&sysConfig)
 	if res.Error != nil {
 		return res.Error
 	}
-	err = utils.JsonDecode(sysConfig.Config, &s.SysConfig)
+	err := utils.JsonDecode(sysConfig.Config, &s.SysConfig)
 	if err != nil {
 		return err
 	}
@@ -105,42 +96,6 @@ func errorHandler(c *gin.Context) {
 	c.Next()
 }

-// 会话处理
-func sessionMiddleware(config *types.AppConfig) gin.HandlerFunc {
-	// encrypt the cookie
-	var store sessions.Store
-	var err error
-	switch config.Session.Driver {
-	case types.SessionDriverMem:
-		store = memstore.NewStore([]byte(config.Session.SecretKey))
-		break
-	case types.SessionDriverRedis:
-		store, err = redis.NewStore(10, "tcp", config.Redis.Url(), config.Redis.Password, []byte(config.Session.SecretKey))
-		if err != nil {
-			logger.Fatal(err)
-		}
-		break
-	case types.SessionDriverCookie:
-		store = cookie.NewStore([]byte(config.Session.SecretKey))
-		break
-	default:
-		config.Session.Driver = types.SessionDriverCookie
-		store = cookie.NewStore([]byte(config.Session.SecretKey))
-	}
-
-	logger.Info("Session driver: ", config.Session.Driver)
-
-	store.Options(sessions.Options{
-		Path:     config.Session.Path,
-		Domain:   config.Session.Domain,
-		MaxAge:   config.Session.MaxAge,
-		Secure:   config.Session.Secure,
-		HttpOnly: config.Session.HttpOnly,
-		SameSite: config.Session.SameSite,
-	})
-	return sessions.Sessions(config.Session.Name, store)
-}
-
 // 跨域中间件设置
 func corsMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
@@ -151,7 +106,7 @@ func corsMiddleware() gin.HandlerFunc {
 			c.Header("Access-Control-Allow-Origin", origin)
 			c.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, UPDATE")
 			//允许跨域设置可以返回其他子段，可以自定义字段
-			c.Header("Access-Control-Allow-Headers", "Authorization, Content-Length, Content-Type")
+			c.Header("Access-Control-Allow-Headers", "Authorization, Content-Length, Content-Type, Chat-Token, Admin-Authorization")
 			// 允许浏览器（客户端）可以解析的头部 （重要）
 			c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers")
 			//设置缓存时间
@@ -175,44 +130,228 @@ func corsMiddleware() gin.HandlerFunc {
 }

 // 用户授权验证
-func authorizeMiddleware(s *AppServer) gin.HandlerFunc {
+func authorizeMiddleware(s *AppServer, client *redis.Client) gin.HandlerFunc {
 	return func(c *gin.Context) {
-		if c.Request.URL.Path == "/api/user/login" ||
-			c.Request.URL.Path == "/api/admin/login" ||
-			c.Request.URL.Path == "/api/user/register" ||
-			c.Request.URL.Path == "/api/reward/notify" ||
-			c.Request.URL.Path == "/api/mj/notify" ||
-			strings.HasPrefix(c.Request.URL.Path, "/api/sms/") ||
-			strings.HasPrefix(c.Request.URL.Path, "/api/captcha/") ||
-			strings.HasPrefix(c.Request.URL.Path, "/static/") ||
-			c.Request.URL.Path == "/api/admin/config/get" {
+		var tokenString string
+		isAdminApi := strings.Contains(c.Request.URL.Path, "/api/admin/")
+		if isAdminApi { // 后台管理 API
+			tokenString = c.GetHeader(types.AdminAuthHeader)
+		} else if c.Request.URL.Path == "/api/chat/new" {
+			tokenString = c.Query("token")
+		} else {
+			tokenString = c.GetHeader(types.UserAuthHeader)
+		}
+
+		if tokenString == "" {
+			if needLogin(c) {
+				resp.ERROR(c, "You should put Authorization in request headers")
+				c.Abort()
+				return
+			} else { // 直接放行
+				c.Next()
+				return
+			}
+		}
+
+		token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+			if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok && needLogin(c) {
+				return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+			}
+			if isAdminApi {
+				return []byte(s.Config.AdminSession.SecretKey), nil
+			} else {
+				return []byte(s.Config.Session.SecretKey), nil
+			}
+
+		})
+
+		if err != nil && needLogin(c) {
+			resp.NotAuth(c, fmt.Sprintf("Error with parse auth token: %v", err))
+			c.Abort()
+			return
+		}
+
+		claims, ok := token.Claims.(jwt.MapClaims)
+		if !ok || !token.Valid && needLogin(c) {
+			resp.NotAuth(c, "Token is invalid")
+			c.Abort()
+			return
+		}
+
+		expr := utils.IntValue(utils.InterfaceToString(claims["expired"]), 0)
+		if expr > 0 && int64(expr) < time.Now().Unix() && needLogin(c) {
+			resp.NotAuth(c, "Token is expired")
+			c.Abort()
+			return
+		}
+
+		key := fmt.Sprintf("users/%v", claims["user_id"])
+		if isAdminApi {
+			key = fmt.Sprintf("admin/%v", claims["user_id"])
+		}
+		if _, err := client.Get(context.Background(), key).Result(); err != nil && needLogin(c) {
+			resp.NotAuth(c, "Token is not found in redis")
+			c.Abort()
+			return
+		}
+		c.Set(types.LoginUserID, claims["user_id"])
+	}
+}
+
+func needLogin(c *gin.Context) bool {
+	if c.Request.URL.Path == "/api/user/login" ||
+		c.Request.URL.Path == "/api/user/resetPass" ||
+		c.Request.URL.Path == "/api/admin/login" ||
+		c.Request.URL.Path == "/api/admin/login/captcha" ||
+		c.Request.URL.Path == "/api/user/register" ||
+		c.Request.URL.Path == "/api/chat/history" ||
+		c.Request.URL.Path == "/api/chat/detail" ||
+		c.Request.URL.Path == "/api/chat/list" ||
+		c.Request.URL.Path == "/api/role/list" ||
+		c.Request.URL.Path == "/api/model/list" ||
+		c.Request.URL.Path == "/api/mj/imgWall" ||
+		c.Request.URL.Path == "/api/mj/client" ||
+		c.Request.URL.Path == "/api/mj/notify" ||
+		c.Request.URL.Path == "/api/invite/hits" ||
+		c.Request.URL.Path == "/api/sd/imgWall" ||
+		c.Request.URL.Path == "/api/sd/client" ||
+		c.Request.URL.Path == "/api/config/get" ||
+		c.Request.URL.Path == "/api/product/list" ||
+		c.Request.URL.Path == "/api/menu/list" ||
+		strings.HasPrefix(c.Request.URL.Path, "/api/test") ||
+		strings.HasPrefix(c.Request.URL.Path, "/api/function/") ||
+		strings.HasPrefix(c.Request.URL.Path, "/api/sms/") ||
+		strings.HasPrefix(c.Request.URL.Path, "/api/captcha/") ||
+		strings.HasPrefix(c.Request.URL.Path, "/api/payment/") ||
+		strings.HasPrefix(c.Request.URL.Path, "/static/") {
+		return false
+	}
+	return true
+}
+
+// 统一参数处理
+func parameterHandlerMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		// GET 参数处理
+		params := c.Request.URL.Query()
+		for key, values := range params {
+			for i, value := range values {
+				params[key][i] = strings.TrimSpace(value)
+			}
+		}
+		// update get parameters
+		c.Request.URL.RawQuery = params.Encode()
+		// skip file upload requests
+		contentType := c.Request.Header.Get("Content-Type")
+		if strings.Contains(contentType, "multipart/form-data") {
 			c.Next()
 			return
 		}

-		// WebSocket 连接请求验证
-		if c.Request.URL.Path == "/api/chat" {
-			sessionId := c.Query("sessionId")
-			session := s.ChatSession.Get(sessionId)
-			if session.ClientIP == c.ClientIP() {
+		if strings.Contains(contentType, "application/json") {
+			// process POST JSON request body
+			bodyBytes, err := io.ReadAll(c.Request.Body)
+			if err != nil {
 				c.Next()
-			} else {
-				c.Abort()
+				return
 			}
-			return
+
+			// 还原请求体
+			c.Request.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
+			// 将请求体解析为 JSON
+			var jsonData map[string]interface{}
+			if err := c.ShouldBindJSON(&jsonData); err != nil {
+				c.Next()
+				return
+			}
+
+			// 对 JSON 数据中的字符串值去除两端空格
+			trimJSONStrings(jsonData)
+			// 更新请求体
+			c.Request.Body = io.NopCloser(bytes.NewBufferString(utils.JsonEncode(jsonData)))
 		}
-		session := sessions.Default(c)
-		var value interface{}
-		if strings.Contains(c.Request.URL.Path, "/api/admin/") { // 后台管理 API
-			value = session.Get(types.SessionAdmin)
-		} else {
-			value = session.Get(types.SessionUser)
+
+		c.Next()
+	}
+}
+
+// 递归对 JSON 数据中的字符串值去除两端空格
+func trimJSONStrings(data interface{}) {
+	switch v := data.(type) {
+	case map[string]interface{}:
+		for key, value := range v {
+			switch valueType := value.(type) {
+			case string:
+				v[key] = strings.TrimSpace(valueType)
+			case map[string]interface{}, []interface{}:
+				trimJSONStrings(value)
+			}
 		}
-		if value != nil {
-			c.Next()
-		} else {
-			resp.NotAuth(c)
-			c.Abort()
+	case []interface{}:
+		for i, value := range v {
+			switch valueType := value.(type) {
+			case string:
+				v[i] = strings.TrimSpace(valueType)
+			case map[string]interface{}, []interface{}:
+				trimJSONStrings(value)
+			}
 		}
 	}
 }
+
+// 静态资源中间件
+func staticResourceMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+
+		url := c.Request.URL.String()
+		// 拦截生成缩略图请求
+		if strings.HasPrefix(url, "/static/") && strings.Contains(url, "?imageView2") {
+			r := strings.SplitAfter(url, "imageView2")
+			size := strings.Split(r[1], "/")
+			if len(size) != 8 {
+				c.String(http.StatusNotFound, "invalid thumb args")
+				return
+			}
+			with := utils.IntValue(size[3], 0)
+			height := utils.IntValue(size[5], 0)
+			quality := utils.IntValue(size[7], 75)
+
+			// 打开图片文件
+			filePath := strings.TrimLeft(c.Request.URL.Path, "/")
+			file, err := os.Open(filePath)
+			if err != nil {
+				c.String(http.StatusNotFound, "Image not found")
+				return
+			}
+			defer file.Close()
+
+			// 解码图片
+			img, _, err := image.Decode(file)
+			if err != nil {
+				c.String(http.StatusInternalServerError, "Error decoding image")
+				return
+			}
+
+			var newImg image.Image
+			if height == 0 || with == 0 {
+				// 固定宽度，高度自适应
+				newImg = resize.Resize(uint(with), uint(height), img, resize.Lanczos3)
+			} else {
+				// 生成缩略图
+				newImg = resize.Thumbnail(uint(with), uint(height), img, resize.Lanczos3)
+			}
+			var buffer bytes.Buffer
+			err = jpeg.Encode(&buffer, newImg, &jpeg.Options{Quality: quality})
+			if err != nil {
+				log.Fatal(err)
+			}
+
+			// 设置图片缓存有效期为一年 (365天)
+			c.Header("Cache-Control", "max-age=31536000, public")
+			// 直接输出图像数据流
+			c.Data(http.StatusOK, "image/jpeg", buffer.Bytes())
+			c.Abort() // 中断请求
+		}
+		c.Next()
+	}
+}
--- a/api/core/config.go
+++ b/api/core/config.go
@@ -5,7 +5,6 @@ import (
 	"chatplus/core/types"
 	logger2 "chatplus/logger"
 	"chatplus/utils"
-	"net/http"
 	"os"

 	"github.com/BurntSushi/toml"
@@ -15,26 +14,25 @@ var logger = logger2.GetLogger()

 func NewDefaultConfig() *types.AppConfig {
 	return &types.AppConfig{
-		Listen:        "0.0.0.0:5678",
-		ProxyURL:      "",
-		Manager:       types.Manager{Username: "admin", Password: "admin123"},
-		StaticDir:     "./static",
-		StaticUrl:     "http://localhost/5678/static",
-		Redis:         types.RedisConfig{Host: "localhost", Port: 6379, Password: ""},
-		AesEncryptKey: utils.RandString(24),
+		Listen:    "0.0.0.0:5678",
+		ProxyURL:  "",
+		StaticDir: "./static",
+		StaticUrl: "http://localhost/5678/static",
+		Redis:     types.RedisConfig{Host: "localhost", Port: 6379, Password: ""},
 		Session: types.Session{
-			Driver:    types.SessionDriverCookie,
 			SecretKey: utils.RandString(64),
-			Name:      "CHAT_PLUS_SESSION",
-			Domain:    "",
-			Path:      "/",
 			MaxAge:    86400,
-			Secure:    true,
-			HttpOnly:  false,
-			SameSite:  http.SameSiteLaxMode,
 		},
 		ApiConfig: types.ChatPlusApiConfig{},
-		ExtConfig: types.ChatPlusExtConfig{Token: utils.RandString(32)},
+		OSS: types.OSSConfig{
+			Active: "local",
+			Local: types.LocalStorageConfig{
+				BaseURL:  "http://localhost/5678/static/upload",
+				BasePath: "./static/upload",
+			},
+		},
+		WeChatBot:    false,
+		AlipayConfig: types.AlipayConfig{Enabled: false, SandBox: false},
 	}
 }

--- a/api/core/types/chat.go
+++ b/api/core/types/chat.go
@@ -2,12 +2,19 @@ package types

 // ApiRequest API 请求实体
 type ApiRequest struct {
-	Model       string        `json:"model"`
+	Model       string        `json:"model,omitempty"` // 兼容百度文心一言
 	Temperature float32       `json:"temperature"`
-	MaxTokens   int           `json:"max_tokens"`
+	MaxTokens   int           `json:"max_tokens,omitempty"` // 兼容百度文心一言
 	Stream      bool          `json:"stream"`
-	Messages    []interface{} `json:"messages"`
-	Functions   []Function    `json:"functions"`
+	Messages    []interface{} `json:"messages,omitempty"`
+	Prompt      []interface{} `json:"prompt,omitempty"` // 兼容 ChatGLM
+	Tools       []interface{} `json:"tools,omitempty"`
+	Functions   []interface{} `json:"functions,omitempty"` // 兼容中转平台
+
+	ToolChoice string `json:"tool_choice,omitempty"`
+
+	Input      map[string]interface{} `json:"input,omitempty"`      //兼容阿里通义千问
+	Parameters map[string]interface{} `json:"parameters,omitempty"` //兼容阿里通义千问
 }

 type Message struct {
@@ -26,29 +33,35 @@ type ChoiceItem struct {
 }

 type Delta struct {
-	Role         string       `json:"role"`
-	Name         string       `json:"name"`
-	Content      interface{}  `json:"content"`
-	FunctionCall FunctionCall `json:"function_call,omitempty"`
+	Role         string      `json:"role"`
+	Name         string      `json:"name"`
+	Content      interface{} `json:"content"`
+	ToolCalls    []ToolCall  `json:"tool_calls,omitempty"`
+	FunctionCall struct {
+		Name      string `json:"name,omitempty"`
+		Arguments string `json:"arguments,omitempty"`
+	} `json:"function_call,omitempty"`
 }

 // ChatSession 聊天会话对象
 type ChatSession struct {
-	SessionId string `json:"session_id"`
-	ClientIP  string `json:"client_ip"` // 客户端 IP
-	Username  string `json:"username"`  // 当前登录的 username
-	UserId    uint   `json:"user_id"`   // 当前登录的 user ID
-	ChatId    string `json:"chat_id"`   // 客户端聊天会话 ID, 多会话模式专用字段
-	Model     string `json:"model"`     // GPT 模型
+	SessionId string    `json:"session_id"`
+	ClientIP  string    `json:"client_ip"` // 客户端 IP
+	Username  string    `json:"username"`  // 当前登录的 username
+	UserId    uint      `json:"user_id"`   // 当前登录的 user ID
+	ChatId    string    `json:"chat_id"`   // 客户端聊天会话 ID, 多会话模式专用字段
+	Model     ChatModel `json:"model"`     // GPT 模型
 }

-type MjTask struct {
-	ChatId      string
-	MessageId   string
-	MessageHash string
-	UserId      uint
-	RoleId      uint
-	Icon        string
+type ChatModel struct {
+	Id          uint     `json:"id"`
+	Platform    Platform `json:"platform"`
+	Name        string   `json:"name"`
+	Value       string   `json:"value"`
+	Power       int      `json:"power"`
+	MaxTokens   int      `json:"max_tokens"`  // 最大响应长度
+	MaxContext  int      `json:"max_context"` // 最大上下文长度
+	Temperature float32  `json:"temperature"` // 模型温度
 }

 type ApiError struct {
@@ -62,13 +75,37 @@ type ApiError struct {

 const PromptMsg = "prompt" // prompt message
 const ReplyMsg = "reply"   // reply message
-const MjMsg = "mj"

-var ModelToTokens = map[string]int{
-	"gpt-3.5-turbo":     4096,
-	"gpt-3.5-turbo-16k": 16384,
-	"gpt-4":             8192,
-	"gpt-4-32k":         32768,
+// PowerType 算力日志类型
+type PowerType int
+
+const (
+	PowerRecharge = PowerType(1) // 充值
+	PowerConsume  = PowerType(2) // 消费
+	PowerRefund   = PowerType(3) // 任务（SD,MJ）执行失败，退款
+	PowerInvite   = PowerType(4) // 邀请奖励
+	PowerReward   = PowerType(5) // 众筹
+	PowerGift     = PowerType(6) // 系统赠送
+)
+
+func (t PowerType) String() string {
+	switch t {
+	case PowerRecharge:
+		return "充值"
+	case PowerConsume:
+		return "消费"
+	case PowerRefund:
+		return "退款"
+	case PowerReward:
+		return "众筹"
+
+	}
+	return "其他"
 }

-const TaskStorePrefix = "/tasks/"
+type PowerMark int
+
+const (
+	PowerSub = PowerMark(0)
+	PowerAdd = PowerMark(1)
+)
--- a/api/core/types/client.go
+++ b/api/core/types/client.go
@@ -36,6 +36,16 @@ func (wc *WsClient) Send(message []byte) error {
 	return wc.Conn.WriteMessage(wc.mt, message)
 }

+func (wc *WsClient) SendJson(value interface{}) error {
+	wc.lock.Lock()
+	defer wc.lock.Unlock()
+
+	if wc.Closed {
+		return ErrConClosed
+	}
+	return wc.Conn.WriteJSON(value)
+}
+
 func (wc *WsClient) Receive() (int, []byte, error) {
 	if wc.Closed {
 		return 0, nil, ErrConClosed
--- a/api/core/types/config.go
+++ b/api/core/types/config.go
@@ -2,23 +2,39 @@ package types

 import (
 	"fmt"
-	"net/http"
 )

 type AppConfig struct {
-	Path          string `toml:"-"`
-	Listen        string
-	Session       Session
-	ProxyURL      string
-	MysqlDns      string            // mysql 连接地址
-	Manager       Manager           // 后台管理员账户信息
-	StaticDir     string            // 静态资源目录
-	StaticUrl     string            // 静态资源 URL
-	Redis         RedisConfig       // redis 连接信息
-	ApiConfig     ChatPlusApiConfig // ChatPlus API authorization configs
-	AesEncryptKey string
-	SmsConfig     AliYunSmsConfig   // AliYun send message service config
-	ExtConfig     ChatPlusExtConfig // ChatPlus extensions callback api config
+	Path           string `toml:"-"`
+	Listen         string
+	Session        Session
+	AdminSession   Session
+	ProxyURL       string
+	MysqlDns       string                  // mysql 连接地址
+	StaticDir      string                  // 静态资源目录
+	StaticUrl      string                  // 静态资源 URL
+	Redis          RedisConfig             // redis 连接信息
+	ApiConfig      ChatPlusApiConfig       // ChatPlus API authorization configs
+	SMS            SMSConfig               // send mobile message config
+	OSS            OSSConfig               // OSS config
+	MjProxyConfigs []MjProxyConfig         // MJ proxy config
+	MjPlusConfigs  []MjPlusConfig          // MJ plus config
+	WeChatBot      bool                    // 是否启用微信机器人
+	SdConfigs      []StableDiffusionConfig // sd AI draw service pool
+
+	XXLConfig     XXLConfig
+	AlipayConfig  AlipayConfig
+	HuPiPayConfig HuPiPayConfig
+	SmtpConfig    SmtpConfig // 邮件发送配置
+	JPayConfig    JPayConfig // payjs 支付配置
+}
+
+type SmtpConfig struct {
+	Host     string
+	Port     int
+	AppName  string // 应用名称
+	From     string // 发件人邮箱地址
+	Password string // 发件人邮箱密码
 }

 type ChatPlusApiConfig struct {
@@ -27,73 +43,117 @@ type ChatPlusApiConfig struct {
 	Token  string
 }

-type ChatPlusExtConfig struct {
-	ApiURL string
-	Token  string
+type MjProxyConfig struct {
+	Enabled bool
+	ApiURL  string // api 地址
+	Mode    string // 绘画模式，可选值：fast/turbo/relax
+	ApiKey  string
 }

-type AliYunSmsConfig struct {
-	AccessKey    string
-	AccessSecret string
-	Product      string
-	Domain       string
+type StableDiffusionConfig struct {
+	Enabled bool
+	Model   string // 模型名称
+	ApiURL  string
+	ApiKey  string
+}
+
+type MjPlusConfig struct {
+	Enabled bool   // 如果启用了 MidJourney Plus，将会自动禁用原生的MidJourney服务
+	ApiURL  string // api 地址
+	Mode    string // 绘画模式，可选值：fast/turbo/relax
+	ApiKey  string
+}
+
+type AlipayConfig struct {
+	Enabled         bool   // 是否启用该支付通道
+	SandBox         bool   // 是否沙盒环境
+	AppId           string // 应用 ID
+	UserId          string // 支付宝用户 ID
+	PrivateKey      string // 用户私钥文件路径
+	PublicKey       string // 用户公钥文件路径
+	AlipayPublicKey string // 支付宝公钥文件路径
+	RootCert        string // Root 秘钥路径
+	NotifyURL       string // 异步通知回调
+	ReturnURL       string // 支付成功返回地址
+}
+
+type HuPiPayConfig struct { //虎皮椒第四方支付配置
+	Enabled   bool   // 是否启用该支付通道
+	Name      string // 支付名称，如：wechat/alipay
+	AppId     string // App ID
+	AppSecret string // app 密钥
+	ApiURL    string // 支付网关
+	NotifyURL string // 异步通知回调
+	ReturnURL string // 支付成功返回地址
+}
+
+// JPayConfig PayJs 支付配置
+type JPayConfig struct {
+	Enabled    bool
+	Name       string // 支付名称，默认 wechat
+	AppId      string // 商户 ID
+	PrivateKey string // 私钥
+	ApiURL     string // API 网关
+	NotifyURL  string // 异步回调地址
+	ReturnURL  string // 支付成功返回地址
+}
+
+type XXLConfig struct { // XXL 任务调度配置
+	Enabled      bool
+	ServerAddr   string
+	ExecutorIp   string
+	ExecutorPort string
+	AccessToken  string
+	RegistryKey  string
 }

 type RedisConfig struct {
 	Host     string
 	Port     int
 	Password string
+	DB       int
 }

 func (c RedisConfig) Url() string {
 	return fmt.Sprintf("%s:%d", c.Host, c.Port)
 }

-// Manager 管理员
-type Manager struct {
-	Username string `json:"username"`
-	Password string `json:"password"`
-}
+type Platform string

-type SessionDriver string
-
-const (
-	SessionDriverMem    = SessionDriver("mem")
-	SessionDriverRedis  = SessionDriver("redis")
-	SessionDriverCookie = SessionDriver("cookie")
-)
-
-// Session configs struct
-type Session struct {
-	Driver    SessionDriver // session 存储驱动 mem|cookie|redis
-	SecretKey string        // session encryption key
-	Name      string
-	Path      string
-	Domain    string
-	MaxAge    int
-	Secure    bool
-	HttpOnly  bool
-	SameSite  http.SameSite
-}
-
-// ChatConfig 系统默认的聊天配置
-type ChatConfig struct {
-	ApiURL        string  `json:"api_url,omitempty"`
-	Model         string  `json:"model"` // 默认模型
-	Temperature   float32 `json:"temperature"`
-	MaxTokens     int     `json:"max_tokens"`
-	EnableContext bool    `json:"enable_context"` // 是否开启聊天上下文
-	EnableHistory bool    `json:"enable_history"` // 是否允许保存聊天记录
-	ApiKey        string  `json:"api_key"`
-	ContextDeep   int     `json:"context_deep"` // 上下文深度
-}
+const OpenAI = Platform("OpenAI")
+const Azure = Platform("Azure")
+const ChatGLM = Platform("ChatGLM")
+const Baidu = Platform("Baidu")
+const XunFei = Platform("XunFei")
+const QWen = Platform("QWen")

 type SystemConfig struct {
-	Title             string   `json:"title"`
-	AdminTitle        string   `json:"admin_title"`
-	Models            []string `json:"models"`
-	UserInitCalls     int      `json:"user_init_calls"` // 新用户注册默认总送多少次调用
-	InitImgCalls      int      `json:"init_img_calls"`
-	EnabledRegister   bool     `json:"enabled_register"`
-	EnabledMsgService bool     `json:"enabled_msg_service"`
+	Title         string `json:"title,omitempty"`
+	AdminTitle    string `json:"admin_title,omitempty"`
+	Logo          string `json:"logo,omitempty"`
+	InitPower     int    `json:"init_power,omitempty"`      // 新用户注册赠送算力值
+	DailyPower    int    `json:"daily_power,omitempty"`     // 每日赠送算力
+	InvitePower   int    `json:"invite_power,omitempty"`    // 邀请新用户赠送算力值
+	VipMonthPower int    `json:"vip_month_power,omitempty"` // VIP 会员每月赠送的算力值
+
+	RegisterWays    []string `json:"register_ways,omitempty"`    // 注册方式：支持手机，邮箱注册，账号密码注册
+	EnabledRegister bool     `json:"enabled_register,omitempty"` // 是否开放注册
+
+	RewardImg     string  `json:"reward_img,omitempty"`     // 众筹收款二维码地址
+	EnabledReward bool    `json:"enabled_reward,omitempty"` // 启用众筹功能
+	PowerPrice    float64 `json:"power_price,omitempty"`    // 算力单价
+
+	OrderPayTimeout int    `json:"order_pay_timeout,omitempty"` //订单支付超时时间
+	VipInfoText     string `json:"vip_info_text,omitempty"`     // 会员页面充值说明
+	DefaultModels   []int  `json:"default_models,omitempty"`    // 默认开通的 AI 模型
+
+	MjPower       int `json:"mj_power,omitempty"`        // MJ 绘画消耗算力
+	MjActionPower int `json:"mj_action_power,omitempty"` // MJ 操作（放大，变换）消耗算力
+	SdPower       int `json:"sd_power,omitempty"`        // SD 绘画消耗算力
+	DallPower     int `json:"dall_power,omitempty"`      // DALLE3 绘图消耗算力
+
+	WechatCardURL string `json:"wechat_card_url,omitempty"` // 微信客服地址
+
+	EnableContext bool `json:"enable_context,omitempty"`
+	ContextDeep   int  `json:"context_deep,omitempty"`
 }
--- a/api/core/types/function.go
+++ b/api/core/types/function.go
@@ -1,8 +1,11 @@
 package types

-type FunctionCall struct {
-	Name      string `json:"name"`
-	Arguments string `json:"arguments"`
+type ToolCall struct {
+	Type     string `json:"type"`
+	Function struct {
+		Name      string `json:"name"`
+		Arguments string `json:"arguments"`
+	} `json:"function"`
 }

 type Function struct {
@@ -21,80 +24,3 @@ type Property struct {
 	Type        string `json:"type"`
 	Description string `json:"description"`
 }
-
-const (
-	FuncZaoBao     = "zao_bao"     // 每日早报
-	FuncHeadLine   = "headline"    // 今日头条
-	FuncWeibo      = "weibo_hot"   // 微博热搜
-	FuncMidJourney = "mid_journey" // MJ 绘画
-)
-
-var InnerFunctions = []Function{
-	{
-		Name:        FuncZaoBao,
-		Description: "每日早报，获取当天全球的热门新闻事件列表",
-		Parameters: Parameters{
-
-			Type: "object",
-			Properties: map[string]Property{
-				"text": {
-					Type:        "string",
-					Description: "",
-				},
-			},
-			Required: []string{},
-		},
-	},
-	{
-		Name:        FuncWeibo,
-		Description: "新浪微博热搜榜，微博当日热搜榜单",
-		Parameters: Parameters{
-			Type: "object",
-			Properties: map[string]Property{
-				"text": {
-					Type:        "string",
-					Description: "",
-				},
-			},
-			Required: []string{},
-		},
-	},
-
-	{
-		Name:        FuncHeadLine,
-		Description: "今日头条，给用户推荐当天的头条新闻，周榜热文",
-		Parameters: Parameters{
-			Type: "object",
-			Properties: map[string]Property{
-				"text": {
-					Type:        "string",
-					Description: "",
-				},
-			},
-			Required: []string{},
-		},
-	},
-
-	{
-		Name:        FuncMidJourney,
-		Description: "AI 绘画工具，使用 MJ MidJourney API 进行 AI 绘画",
-		Parameters: Parameters{
-			Type: "object",
-			Properties: map[string]Property{
-				"prompt": {
-					Type:        "string",
-					Description: "绘画内容描述，提示词，如果该参数中有中文的话，则需要翻译成英文",
-				},
-				"ar": {
-					Type:        "string",
-					Description: "图片长宽比，如 --ar 4:3",
-				},
-				"niji": {
-					Type:        "string",
-					Description: "动漫模型版本，例如 --niji 5",
-				},
-			},
-			Required: []string{},
-		},
-	},
-}
--- a/api/core/types/locked_map.go
+++ b/api/core/types/locked_map.go
@@ -6,10 +6,10 @@ import (
 )

 type MKey interface {
-	string | int
+	string | int | uint
 }
 type MValue interface {
-	*WsClient | ChatSession | context.CancelFunc | []interface{} | MjTask
+	*WsClient | *ChatSession | context.CancelFunc | []Message
 }
 type LMap[K MKey, T MValue] struct {
 	lock sync.RWMutex
--- a/api/core/types/order.go
+++ b/api/core/types/order.go
@@ -0,0 +1,17 @@
+package types
+
+type OrderStatus int
+
+const (
+	OrderNotPaid     = OrderStatus(0)
+	OrderScanned     = OrderStatus(1) // 已扫码
+	OrderPaidSuccess = OrderStatus(2)
+)
+
+type OrderRemark struct {
+	Days     int     `json:"days"`  // 有效期
+	Power    int     `json:"power"` // 增加算力点数
+	Name     string  `json:"name"`  // 产品名称
+	Price    float64 `json:"price"`
+	Discount float64 `json:"discount"`
+}
--- a/api/core/types/oss.go
+++ b/api/core/types/oss.go
@@ -0,0 +1,41 @@
+package types
+
+type OSSConfig struct {
+	Active string
+	Local  LocalStorageConfig
+	Minio  MiniOssConfig
+	QiNiu  QiNiuOssConfig
+	AliYun AliYunOssConfig
+}
+type MiniOssConfig struct {
+	Endpoint     string
+	AccessKey    string
+	AccessSecret string
+	Bucket       string
+	SubDir       string
+	UseSSL       bool
+	Domain       string
+}
+
+type QiNiuOssConfig struct {
+	Zone         string
+	AccessKey    string
+	AccessSecret string
+	Bucket       string
+	SubDir       string
+	Domain       string
+}
+
+type AliYunOssConfig struct {
+	Endpoint     string
+	AccessKey    string
+	AccessSecret string
+	Bucket       string
+	SubDir       string
+	Domain       string
+}
+
+type LocalStorageConfig struct {
+	BasePath string
+	BaseURL  string
+}
--- a/api/core/types/session.go
+++ b/api/core/types/session.go
@@ -1,6 +1,14 @@
 package types

-const SessionName = "ChatGPT-TOKEN"
-const SessionUser = "SESSION_USER"        // 存储用户信息的 session key
-const SessionAdmin = "SESSION_ADMIN"      //存储管理员信息的 session key
-const LoginUserCache = "LOGIN_USER_CACHE" // 已登录用户缓存
+const LoginUserID = "LOGIN_USER_ID"
+const LoginUserCache = "LOGIN_USER_CACHE"
+
+const UserAuthHeader = "Authorization"
+const AdminAuthHeader = "Admin-Authorization"
+const ChatTokenHeader = "Chat-Token"
+
+// Session configs struct
+type Session struct {
+	SecretKey string
+	MaxAge    int
+}
--- a/api/core/types/sms.go
+++ b/api/core/types/sms.go
@@ -0,0 +1,26 @@
+package types
+
+type SMSConfig struct {
+	Active string
+	Ali    SmsConfigAli
+	Bao    SmsConfigBao
+}
+
+// SmsConfigAli 阿里云短信平台配置
+type SmsConfigAli struct {
+	AccessKey    string
+	AccessSecret string
+	Product      string
+	Domain       string
+	Sign         string // 短信签名
+	CodeTempId   string // 验证码短信模板 ID
+}
+
+// SmsConfigBao 短信宝平台配置
+type SmsConfigBao struct {
+	Username     string //短信宝平台注册的用户名
+	Password     string //短信宝平台注册的密码
+	Domain       string //域名
+	Sign         string // 短信签名
+	CodeTemplate string // 验证码短信模板 匹配
+}
--- a/api/core/types/task.go
+++ b/api/core/types/task.go
@@ -0,0 +1,61 @@
+package types
+
+// TaskType 任务类别
+type TaskType string
+
+func (t TaskType) String() string {
+	return string(t)
+}
+
+const (
+	TaskImage     = TaskType("image")
+	TaskBlend     = TaskType("blend")
+	TaskSwapFace  = TaskType("swapFace")
+	TaskUpscale   = TaskType("upscale")
+	TaskVariation = TaskType("variation")
+)
+
+// MjTask MidJourney 任务
+type MjTask struct {
+	Id          uint     `json:"id"`
+	TaskId      string   `json:"task_id"`
+	ImgArr      []string `json:"img_arr"`
+	ChannelId   string   `json:"channel_id"`
+	SessionId   string   `json:"session_id"`
+	Type        TaskType `json:"type"`
+	UserId      int      `json:"user_id"`
+	Prompt      string   `json:"prompt,omitempty"`
+	NegPrompt   string   `json:"neg_prompt,omitempty"`
+	Params      string   `json:"full_prompt"`
+	Index       int      `json:"index,omitempty"`
+	MessageId   string   `json:"message_id,omitempty"`
+	MessageHash string   `json:"message_hash,omitempty"`
+	RetryCount  int      `json:"retry_count"`
+}
+
+type SdTask struct {
+	Id         int          `json:"id"` // job 数据库ID
+	SessionId  string       `json:"session_id"`
+	Type       TaskType     `json:"type"`
+	UserId     int          `json:"user_id"`
+	Params     SdTaskParams `json:"params"`
+	RetryCount int          `json:"retry_count"`
+}
+
+type SdTaskParams struct {
+	TaskId       string  `json:"task_id"`
+	Prompt       string  `json:"prompt"`     // 提示词
+	NegPrompt    string  `json:"neg_prompt"` // 反向提示词
+	Steps        int     `json:"steps"`      // 迭代步数，默认20
+	Sampler      string  `json:"sampler"`    // 采样器
+	FaceFix      bool    `json:"face_fix"`   // 面部修复
+	CfgScale     float32 `json:"cfg_scale"`  //引导系数，默认 7
+	Seed         int64   `json:"seed"`       // 随机数种子
+	Height       int     `json:"height"`
+	Width        int     `json:"width"`
+	HdFix        bool    `json:"hd_fix"`         // 启用高清修复
+	HdRedrawRate float32 `json:"hd_redraw_rate"` // 高清修复重绘幅度
+	HdScale      int     `json:"hd_scale"`       // 放大倍数
+	HdScaleAlg   string  `json:"hd_scale_alg"`   // 放大算法
+	HdSteps      int     `json:"hd_steps"`       // 高清修复迭代步数
+}
--- a/api/core/types/web.go
+++ b/api/core/types/web.go
@@ -30,8 +30,10 @@ const (
 	Success       = BizCode(0)
 	Failed        = BizCode(1)
 	NotAuthorized = BizCode(400) // 未授权
+	NotPermission = BizCode(403) // 没有权限

 	OkMsg       = "Success"
 	ErrorMsg    = "系统开小差了"
 	InvalidArgs = "非法参数或参数解析失败"
+	NoData      = "No Data"
 )
--- a/api/go.mod
+++ b/api/go.mod
@@ -5,58 +5,90 @@ go 1.19
 require (
 	github.com/BurntSushi/toml v1.1.0
 	github.com/aliyun/alibaba-cloud-sdk-go v1.62.405
-	github.com/gin-contrib/sessions v0.0.5
+	github.com/aliyun/aliyun-oss-go-sdk v2.2.9+incompatible
+	github.com/eatmoreapple/openwechat v1.2.1
 	github.com/gin-gonic/gin v1.9.1
+	github.com/go-redis/redis/v8 v8.11.5
+	github.com/golang-jwt/jwt/v5 v5.0.0
 	github.com/gorilla/websocket v1.5.0
 	github.com/imroc/req/v3 v3.37.2
 	github.com/lionsoul2014/ip2region/binding/golang v0.0.0-20230415042440-a5e3d8259ae0
+	github.com/minio/minio-go/v7 v7.0.62
 	github.com/pkoukk/tiktoken-go v0.1.1-0.20230418101013-cae809389480
-	github.com/syndtr/goleveldb v1.0.0
+	github.com/qiniu/go-sdk/v7 v7.17.1
+	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
+	github.com/smartwalle/alipay/v3 v3.2.15
 	go.uber.org/zap v1.23.0
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1
 	gorm.io/driver/mysql v1.4.7
 )

+require github.com/xxl-job/xxl-job-executor-go v1.2.0
+
+require (
+	github.com/mojocn/base64Captcha v1.3.1
+	github.com/shopspring/decimal v1.3.1
+	github.com/syndtr/goleveldb v1.0.0
+)
+
+require (
+	github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 // indirect
+	github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db // indirect
+	golang.org/x/image v0.0.0-20190501045829-6d32002ffd75 // indirect
+)
+
 require (
 	github.com/andybalholm/brotli v1.0.4 // indirect
-	github.com/boj/redistore v0.0.0-20180917114910-cd5dcc76aeff // indirect
 	github.com/bytedance/sonic v1.9.1 // indirect
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
 	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
+	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
 	github.com/dlclark/regexp2 v1.8.1 // indirect
+	github.com/dustin/go-humanize v1.0.1 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
 	github.com/gaukas/godicttls v0.0.3 // indirect
+	github.com/go-basic/ipv4 v1.0.0 // indirect
 	github.com/go-sql-driver/mysql v1.7.0 // indirect
 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/golang/mock v1.6.0 // indirect
-	github.com/gomodule/redigo v2.0.0+incompatible // indirect
 	github.com/google/pprof v0.0.0-20230602150820-91b7bce49751 // indirect
+	github.com/google/uuid v1.3.0 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
 	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af // indirect
-	github.com/klauspost/compress v1.15.15 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.4 // indirect
+	github.com/klauspost/compress v1.16.7 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.5 // indirect
+	github.com/minio/md5-simd v1.1.2 // indirect
+	github.com/minio/sha256-simd v1.0.1 // indirect
+	github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646
 	github.com/onsi/ginkgo/v2 v2.10.0 // indirect
 	github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b // indirect
 	github.com/pelletier/go-toml/v2 v2.0.8 // indirect
-	github.com/quasoft/memstore v0.0.0-20191010062613-2bce066d2b0b // indirect
 	github.com/quic-go/qpack v0.4.0 // indirect
 	github.com/quic-go/qtls-go1-19 v0.3.2 // indirect
 	github.com/quic-go/qtls-go1-20 v0.2.2 // indirect
 	github.com/quic-go/quic-go v0.35.1 // indirect
 	github.com/refraction-networking/utls v1.3.2 // indirect
+	github.com/rs/xid v1.5.0 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/smartwalle/ncrypto v1.0.2 // indirect
+	github.com/smartwalle/ngx v1.0.6 // indirect
+	github.com/smartwalle/nsign v1.0.8 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	go.uber.org/dig v1.16.1 // indirect
 	golang.org/x/arch v0.3.0 // indirect
 	golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 // indirect
 	golang.org/x/mod v0.11.0 // indirect
-	golang.org/x/net v0.11.0 // indirect
-	golang.org/x/text v0.10.0 // indirect
+	golang.org/x/net v0.14.0 // indirect
+	golang.org/x/sync v0.3.0 // indirect
+	golang.org/x/text v0.12.0 // indirect
+	golang.org/x/time v0.3.0 // indirect
 	golang.org/x/tools v0.10.0 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect
-	gopkg.in/ini.v1 v1.66.2 // indirect
+	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

@@ -65,10 +97,6 @@ require (
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.14.0 // indirect
-	github.com/golang/snappy v0.0.1 // indirect
-	github.com/gorilla/context v1.1.1 // indirect
-	github.com/gorilla/securecookie v1.1.1 // indirect
-	github.com/gorilla/sessions v1.2.1 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/leodido/go-urn v1.2.4 // indirect
 	github.com/mattn/go-isatty v0.0.19 // indirect
@@ -78,7 +106,7 @@ require (
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/fx v1.19.3
 	go.uber.org/multierr v1.6.0 // indirect
-	golang.org/x/crypto v0.10.0
-	golang.org/x/sys v0.9.0 // indirect
+	golang.org/x/crypto v0.12.0
+	golang.org/x/sys v0.11.0 // indirect
 	gorm.io/gorm v1.25.1
 )
--- a/api/go.sum
+++ b/api/go.sum
@@ -2,41 +2,59 @@ github.com/BurntSushi/toml v1.1.0 h1:ksErzDEI1khOiGPgpwuI7x2ebx/uXQNw7xJpn9Eq1+I
 github.com/BurntSushi/toml v1.1.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
 github.com/aliyun/alibaba-cloud-sdk-go v1.62.405 h1:cKNFQmeCQFN0WNfjScKoVrGi7vXxTVbkCvCqSrOf+P4=
 github.com/aliyun/alibaba-cloud-sdk-go v1.62.405/go.mod h1:Api2AkmMgGaSUAhmk76oaFObkoeCPc/bKAqcyplPODs=
+github.com/aliyun/aliyun-oss-go-sdk v2.2.9+incompatible h1:Sg/2xHwDrioHpxTN6WMiwbXTpUEinBpHsN7mG21Rc2k=
+github.com/aliyun/aliyun-oss-go-sdk v2.2.9+incompatible/go.mod h1:T/Aws4fEfogEE9v+HPhhw+CntffsBHJ8nXQCwKr0/g8=
 github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY=
 github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
 github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A=
-github.com/boj/redistore v0.0.0-20180917114910-cd5dcc76aeff h1:RmdPFa+slIr4SCBg4st/l/vZWVe9QJKMXGO60Bxbe04=
-github.com/boj/redistore v0.0.0-20180917114910-cd5dcc76aeff/go.mod h1:+RTT1BOk5P97fT2CiHkbFQwkK3mjsFAP6zCYV2aXtjw=
 github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM=
 github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s=
 github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U=
+github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE=
+github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY=
 github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 h1:qSGYFH7+jGhDF8vLC+iwCD4WpbV1EBDSzWkJODFLams=
 github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311/go.mod h1:b583jCggY9gE99b6G5LEC39OIiVsWj+R97kbl5odCEk=
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
+github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
 github.com/dlclark/regexp2 v1.8.1 h1:6Lcdwya6GjPUNsBct8Lg/yRPwMhABj269AAzdGSiR+0=
 github.com/dlclark/regexp2 v1.8.1/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
+github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
+github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
+github.com/eatmoreapple/openwechat v1.2.1 h1:ez4oqF/Y2NSEX/DbPV8lvj7JlfkYqvieeo4awx5lzfU=
+github.com/eatmoreapple/openwechat v1.2.1/go.mod h1:61HOzTyvLobGdgWhL68jfGNwTJEv0mhQ1miCXQrvWU8=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
+github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
 github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU=
 github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA=
 github.com/gaukas/godicttls v0.0.3 h1:YNDIf0d9adcxOijiLrEzpfZGAkNwLRzPaG6OjU7EITk=
 github.com/gaukas/godicttls v0.0.3/go.mod h1:l6EenT4TLWgTdwslVb4sEMOCf7Bv0JAK67deKr9/NCI=
-github.com/gin-contrib/sessions v0.0.5 h1:CATtfHmLMQrMNpJRgzjWXD7worTh7g7ritsQfmF+0jE=
-github.com/gin-contrib/sessions v0.0.5/go.mod h1:vYAuaUPqie3WUSsft6HUlCjlwwoJQs97miaG2+7neKY=
 github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
 github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
 github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg=
 github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU=
+github.com/go-basic/ipv4 v1.0.0 h1:gjyFAa1USC1hhXTkPOwBWDPfMcUaIM+tvo1XzV9EZxs=
+github.com/go-basic/ipv4 v1.0.0/go.mod h1:etLBnaxbidQfuqE6wgZQfs38nEWNmzALkxDZe4xY8Dg=
 github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
+github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
 github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
+github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8=
+github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs=
 github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
 github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
+github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA=
+github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA=
 github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
+github.com/go-playground/validator/v10 v10.8.0/go.mod h1:9JhgTzTaE31GZDpH/HSvHiRJrJ3iKAgqqH0Bl/Ocjdk=
 github.com/go-playground/validator/v10 v10.14.0 h1:vgvQWe3XCz3gIeFDm/HnTIbj6UGmg/+t63MyGU2n5js=
 github.com/go-playground/validator/v10 v10.14.0/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU=
+github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI=
+github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo=
 github.com/go-sql-driver/mysql v1.7.0 h1:ueSltNNllEqE3qcWBTD0iQd3IpL/6U+mJxLkazJ7YPc=
 github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
 github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
@@ -44,28 +62,24 @@ github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4
 github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
 github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/goji/httpauth v0.0.0-20160601135302-2da839ab0f4d/go.mod h1:nnjvkQ9ptGaCkuDUx6wNykzzlUixGxvkme+H/lnzb+A=
+github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE=
+github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 h1:DACJavvAHhabrF08vX0COfcOBJRhZ8lUbR+ZWIs0Y5g=
+github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
 github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
 github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
 github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
+github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db h1:woRePGFeVFfLKN/pOkfl+p/TAqKOfFu+7KPlMVpok/w=
 github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/golang/snappy v0.0.1 h1:Qgr9rKW7uDUkrbSmQeiDsGa8SjGyCOGtuasMWwvp2P4=
-github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/gomodule/redigo v2.0.0+incompatible h1:K/R+8tc58AaqLkqG2Ol3Qk+DR/TlNuhuh457pBFPtt0=
-github.com/gomodule/redigo v2.0.0+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/pprof v0.0.0-20230602150820-91b7bce49751 h1:hR7/MlvK23p6+lIw9SN1TigNLn9ZnF3W4SYRKq2gAHs=
 github.com/google/pprof v0.0.0-20230602150820-91b7bce49751/go.mod h1:Jh3hGz2jkYak8qXPD19ryItVnUgpgeqzdkY/D0EaeuA=
-github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8=
-github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
-github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
-github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
-github.com/gorilla/sessions v1.1.1/go.mod h1:8KCfur6+4Mqcc6S0FEfKuN15Vl5MgXW92AE8ovaJD0w=
-github.com/gorilla/sessions v1.2.1 h1:DHd3rPN5lE3Ts3D8rKkQ8x/0kqfeNmBAaiSi+o7FsgI=
-github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
+github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
+github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
 github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
@@ -73,7 +87,6 @@ github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY
 github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
 github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
-github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/imroc/req/v3 v3.37.2 h1:vEemuA0cq9zJ6lhe+mSRhsZm951bT0CdiSH47+KTn6I=
 github.com/imroc/req/v3 v3.37.2/go.mod h1:DECzjVIrj6jcUr5n6e+z0ygmCO93rx4Jy0RjOEe1YCI=
@@ -87,31 +100,47 @@ github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht
 github.com/json-iterator/go v1.1.5/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
-github.com/klauspost/compress v1.15.15 h1:EF27CXIuDsYJ6mmvtBRlEuB2UVOqHG1tAXgZ7yIO+lw=
-github.com/klauspost/compress v1.15.15/go.mod h1:ZcK2JAFqKOpnBlxcLsJzYfrS9X1akm9fHZNnD9+Vo/4=
+github.com/klauspost/compress v1.16.7 h1:2mk3MPGNzKyxErAw8YaohYh69+pa4sIQSC0fPGCFR9I=
+github.com/klauspost/compress v1.16.7/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
+github.com/klauspost/cpuid/v2 v2.0.1/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
-github.com/klauspost/cpuid/v2 v2.2.4 h1:acbojRNwl3o09bUq+yDCtZFc1aiwaAAxtcn8YkZXnvk=
-github.com/klauspost/cpuid/v2 v2.2.4/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY=
-github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
+github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg=
+github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0=
+github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
 github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q=
 github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4=
 github.com/lionsoul2014/ip2region/binding/golang v0.0.0-20230415042440-a5e3d8259ae0 h1:LgmjED/yQILqmUED4GaXjrINWe7YJh4HM6z2EvEINPs=
 github.com/lionsoul2014/ip2region/binding/golang v0.0.0-20230415042440-a5e3d8259ae0/go.mod h1:C5LA5UO2ZXJrLaPLYtE1wUJMiyd/nwWaCO5cw/2pSHs=
 github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
 github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34=
+github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM=
+github.com/minio/minio-go/v7 v7.0.62 h1:qNYsFZHEzl+NfH8UxW4jpmlKav1qUAgfY30YNRneVhc=
+github.com/minio/minio-go/v7 v7.0.62/go.mod h1:Q6X7Qjb7WMhvG65qKf4gUgA5XaiSox74kR1uAEjxRS4=
+github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM=
+github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+github.com/mojocn/base64Captcha v1.3.1 h1:2Wbkt8Oc8qjmNJ5GyOfSo4tgVQPsbKMftqASnq8GlT0=
+github.com/mojocn/base64Captcha v1.3.1/go.mod h1:wAQCKEc5bDujxKRmbT6/vTnTt5CjStQ8bRfPWUuz/iY=
+github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 h1:zYyBkD/k9seD2A7fsi6Oo2LfFZAehjjQMERAvZLEDnQ=
+github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646/go.mod h1:jpp1/29i3P1S/RLdc7JQKbRpFeM1dOBd8T9ki5s+AY8=
+github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
-github.com/onsi/ginkgo v1.7.0 h1:WSHQ+IS43OoUrWtD1/bbclrwK8TTH5hzp+umCiuxHgs=
 github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
 github.com/onsi/ginkgo/v2 v2.10.0 h1:sfUl4qgLdvkChZrWCYndY2EAu9BRIw1YphNAzy1VNWs=
 github.com/onsi/ginkgo/v2 v2.10.0/go.mod h1:UDQOh5wbQUlMnkLfVaIUMtQ1Vus92oM+P2JX1aulgcE=
 github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
@@ -120,14 +149,17 @@ github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b h1:Ff
 github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b/go.mod h1:AC62GU6hc0BrNm+9RK9VSiwa/EUe1bkIeFORAMcHvJU=
 github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ=
 github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4=
+github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkoukk/tiktoken-go v0.1.1-0.20230418101013-cae809389480 h1:IFhPCcB0/HtnEN+ZoUGDT55YgFCymbFJ15kXqs3nv5w=
 github.com/pkoukk/tiktoken-go v0.1.1-0.20230418101013-cae809389480/go.mod h1:BijIqAP84FMYC4XbdJgjyMpiSjusU8x0Y0W9K2t0QtU=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/quasoft/memstore v0.0.0-20191010062613-2bce066d2b0b h1:aUNXCGgukb4gtY99imuIeoh8Vr0GSwAlYxPAhqZrpFc=
-github.com/quasoft/memstore v0.0.0-20191010062613-2bce066d2b0b/go.mod h1:wTPjTepVu7uJBYgZ0SdWHQlIas582j6cn2jgk4DDdlg=
+github.com/qiniu/dyn v1.3.0/go.mod h1:E8oERcm8TtwJiZvkQPbcAh0RL8jO1G0VXJMW3FAWdkk=
+github.com/qiniu/go-sdk/v7 v7.17.1 h1:UoQv7fBKtzAiD1qZPIvTy62Se48YLKxcCYP9nAwWMa0=
+github.com/qiniu/go-sdk/v7 v7.17.1/go.mod h1:nqoYCNo53ZlGA521RvRethvxUDvXKt4gtYXOwye868w=
+github.com/qiniu/x v1.10.5/go.mod h1:03Ni9tj+N2h2aKnAz+6N0Xfl8FwMEDRC2PAlxekASDs=
 github.com/quic-go/qpack v0.4.0 h1:Cr9BXA1sQS2SmDUWjSofMPNKmvF6IiIfDRmgU0w1ZCo=
 github.com/quic-go/qpack v0.4.0/go.mod h1:UZVnYIfi5GRk+zI9UMaCPsmZ2xKJP7XBUvVyT1Knj9A=
 github.com/quic-go/qtls-go1-19 v0.3.2 h1:tFxjCFcTQzK+oMxG6Zcvp4Dq8dx4yD3dDiIiyc86Z5U=
@@ -138,6 +170,25 @@ github.com/quic-go/quic-go v0.35.1 h1:b0kzj6b/cQAf05cT0CkQubHM31wiA+xH3IBkxP62po
 github.com/quic-go/quic-go v0.35.1/go.mod h1:+4CVgVppm0FNjpG3UcX8Joi/frKOH7/ciD5yGcwOO1g=
 github.com/refraction-networking/utls v1.3.2 h1:o+AkWB57mkcoW36ET7uJ002CpBWHu0KPxi6vzxvPnv8=
 github.com/refraction-networking/utls v1.3.2/go.mod h1:fmoaOww2bxzzEpIKOebIsnBvjQpqP7L2vcm/9KUfm/E=
+github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
+github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8=
+github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
+github.com/rs/xid v1.5.0 h1:mKX4bl4iPYJtEIxp6CYiUuLQ/8DYMoz0PUdtGgMFRVc=
+github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
+github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8=
+github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e h1:MRM5ITcdelLK2j1vwZ3Je0FKVCfqOLp5zO6trqMLYs0=
+github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e/go.mod h1:XV66xRDqSt+GTGFMVlhk3ULuV0y9ZmzeVGR4mloJI3M=
+github.com/smartwalle/alipay/v3 v3.2.15 h1:3fvFJnINKKAOXHR/Iv20k1Z7KJ+nOh3oK214lELPqG8=
+github.com/smartwalle/alipay/v3 v3.2.15/go.mod h1:niTNB609KyUYuAx9Bex/MawEjv2yPx4XOjxSAkqmGjE=
+github.com/smartwalle/ncrypto v1.0.2 h1:pTAhCqtPCMhpOwFXX+EcMdR6PNzruBNoGQrN2S1GbGI=
+github.com/smartwalle/ncrypto v1.0.2/go.mod h1:Dwlp6sfeNaPMnOxMNayMTacvC5JGEVln3CVdiVDgbBk=
+github.com/smartwalle/ngx v1.0.6 h1:JPNqNOIj+2nxxFtrSkJO+vKJfeNUSEQueck/Wworjps=
+github.com/smartwalle/ngx v1.0.6/go.mod h1:mx/nz2Pk5j+RBs7t6u6k22MPiBG/8CtOMpCnALIG8Y0=
+github.com/smartwalle/nsign v1.0.8 h1:78KWtwKPrdt4Xsn+tNEBVxaTLIJBX9YRX0ZSrMUeuHo=
+github.com/smartwalle/nsign v1.0.8/go.mod h1:eY6I4CJlyNdVMP+t6z1H6Jpd4m5/V+8xi44ufSTxXgc=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
@@ -160,7 +211,10 @@ github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVK
 github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
 github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU=
 github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
+github.com/xxl-job/xxl-job-executor-go v1.2.0 h1:MTl2DpwrK2+hNjRRks2k7vB3oy+3onqm9OaSarneeLQ=
+github.com/xxl-job/xxl-job-executor-go v1.2.0/go.mod h1:bUFhz/5Irp9zkdYk5MxhQcDDT6LlZrI8+rv5mHtQ1mo=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
 go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
 go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
@@ -178,40 +232,67 @@ golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k=
 golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.10.0 h1:LKqV2xt9+kDzSTfOhx4FrkEBcMrAgHSYgzywV9zcGmM=
-golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I=
+golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw=
+golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk=
+golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
 golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc=
 golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w=
+golang.org/x/image v0.0.0-20190501045829-6d32002ffd75 h1:TbGuee8sSq15Iguxu4deQ7+Bqq/d2rsQejGcEtADAMQ=
+golang.org/x/image v0.0.0-20190501045829-6d32002ffd75/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.11.0 h1:bUO06HqtnRcc/7l71XBe4WcqTZ+3AH1J59zWDDwLKgU=
 golang.org/x/mod v0.11.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
-golang.org/x/net v0.11.0 h1:Gi2tvZIJyBtO9SDr1q9h5hEQCp/4L2RQ+ar0qjx2oNU=
-golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ=
+golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
+golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14=
+golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
+golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s=
-golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
+golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58=
-golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc=
+golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
+golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.10.0 h1:tvDr/iQoUqNdohiYm0LmmKcBk+q86lb9EprIUFhHHGg=
 golang.org/x/tools v0.10.0/go.mod h1:UJwyiVBsOA2uwvK/e5OY3GTpDUJriEd+/YlqAwLPmyM=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -222,12 +303,14 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0
 google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng=
 google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
+gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
-gopkg.in/ini.v1 v1.66.2 h1:XfR1dOYubytKy4Shzc2LHrrGhU0lDCfDGG1yLPmpgsI=
 gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
+gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
+gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/natefinch/lumberjack.v2 v2.2.1 h1:bBRl1b0OH9s/DuPhuXpNl+VtCaJXFZ5/uEFST95x9zc=
 gopkg.in/natefinch/lumberjack.v2 v2.2.1/go.mod h1:YD8tP3GAjkrDg1eZH7EGmyESg/lsYskCTPBJVb9jqSc=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
--- a/api/handler/admin/admin_handler.go
+++ b/api/handler/admin/admin_handler.go
@@ -6,11 +6,15 @@ import (
 	"chatplus/handler"
 	logger2 "chatplus/logger"
 	"chatplus/store/model"
+	"chatplus/store/vo"
 	"chatplus/utils"
 	"chatplus/utils/resp"
-	"strings"
-
-	"github.com/gin-contrib/sessions"
+	"context"
+	"fmt"
+	"github.com/go-redis/redis/v8"
+	"github.com/golang-jwt/jwt/v5"
+	"github.com/mojocn/base64Captcha"
+	"time"

 	"github.com/gin-gonic/gin"
 	"gorm.io/gorm"
@@ -18,45 +22,95 @@ import (

 var logger = logger2.GetLogger()

-type ManagerHandler struct {
-	handler.BaseHandler
-	db *gorm.DB
+// Manager 管理员
+type Manager struct {
+	Username  string `json:"username"`
+	Password  string `json:"password"`
+	Captcha   string `json:"captcha"`    // 验证码
+	CaptchaId string `json:"captcha_id"` // 验证码id
 }

-func NewAdminHandler(app *core.AppServer, db *gorm.DB) *ManagerHandler {
-	h := ManagerHandler{db: db}
-	h.App = app
-	return &h
+const SuperManagerID = 1
+
+type ManagerHandler struct {
+	handler.BaseHandler
+	redis *redis.Client
+}
+
+func NewAdminHandler(app *core.AppServer, db *gorm.DB, client *redis.Client) *ManagerHandler {
+	return &ManagerHandler{BaseHandler: handler.BaseHandler{DB: db, App: app}, redis: client}
 }

 // Login 登录
 func (h *ManagerHandler) Login(c *gin.Context) {
-	var data types.Manager
+	var data Manager
 	if err := c.ShouldBindJSON(&data); err != nil {
 		resp.ERROR(c, types.InvalidArgs)
 		return
 	}
-	manager := h.App.Config.Manager
-	if data.Username == manager.Username && data.Password == manager.Password {
-		err := utils.SetLoginAdmin(c, manager)
-		if err != nil {
-			resp.ERROR(c, "Save session failed")
-			return
-		}
-		manager.Password = "" // 清空密码]
-		resp.SUCCESS(c, manager)
-	} else {
-		resp.ERROR(c, "用户名或者密码错误")
+
+	// add captcha
+	if !base64Captcha.DefaultMemStore.Verify(data.CaptchaId, data.Captcha, true) {
+		resp.ERROR(c, "验证码错误!")
+		return
 	}
+
+	var manager model.AdminUser
+	res := h.DB.Model(&model.AdminUser{}).Where("username = ?", data.Username).First(&manager)
+	if res.Error != nil {
+		resp.ERROR(c, "请检查用户名或者密码是否填写正确")
+		return
+	}
+	password := utils.GenPassword(data.Password, manager.Salt)
+	if password != manager.Password {
+		resp.ERROR(c, "用户名或密码错误")
+		return
+	}
+
+	// 超级管理员默认是ID:1
+	if manager.Id != SuperManagerID && manager.Status == false {
+		resp.ERROR(c, "该用户已被禁止登录，请联系超级管理员")
+		return
+	}
+
+	// 创建 token
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"user_id": manager.Id,
+		"expired": time.Now().Add(time.Second * time.Duration(h.App.Config.Session.MaxAge)).Unix(),
+	})
+	tokenString, err := token.SignedString([]byte(h.App.Config.AdminSession.SecretKey))
+	if err != nil {
+		resp.ERROR(c, "Failed to generate token, "+err.Error())
+		return
+	}
+	// 保存到 redis
+	key := fmt.Sprintf("admin/%d", manager.Id)
+	if _, err := h.redis.Set(context.Background(), key, tokenString, 0).Result(); err != nil {
+		resp.ERROR(c, "error with save token: "+err.Error())
+		return
+	}
+
+	// 更新最后登录时间和IP
+	manager.LastLoginIp = c.ClientIP()
+	manager.LastLoginAt = time.Now().Unix()
+	h.DB.Updates(&manager)
+
+	var result = struct {
+		IsSuperAdmin bool   `json:"is_super_admin"`
+		Token        string `json:"token"`
+	}{
+		IsSuperAdmin: manager.Id == 1,
+		Token:        tokenString,
+	}
+
+	resp.SUCCESS(c, result)
 }

 // Logout 注销
 func (h *ManagerHandler) Logout(c *gin.Context) {
-	session := sessions.Default(c)
-	session.Delete(types.SessionAdmin)
-	err := session.Save()
-	if err != nil {
-		resp.ERROR(c, "Save session failed")
+	key := h.GetUserKey(c)
+	if _, err := h.redis.Del(c, key).Result(); err != nil {
+		logger.Error("error with delete session: ", err)
 	} else {
 		resp.SUCCESS(c)
 	}
@@ -64,75 +118,155 @@ func (h *ManagerHandler) Logout(c *gin.Context) {

 // Session 会话检测
 func (h *ManagerHandler) Session(c *gin.Context) {
-	session := sessions.Default(c)
-	admin := session.Get(types.SessionAdmin)
-	if admin == nil {
+	id := h.GetLoginUserId(c)
+	key := fmt.Sprintf("admin/%d", id)
+	if _, err := h.redis.Get(context.Background(), key).Result(); err != nil {
 		resp.NotAuth(c)
-	} else {
-		resp.SUCCESS(c)
+		return
 	}
-}
-
-// Migrate 数据修正
-func (h *ManagerHandler) Migrate(c *gin.Context) {
-	opt := c.Query("opt")
-	switch opt {
-	case "user":
-		// 将用户订阅角色的数据结构从 map 改成数组
-		var users []model.User
-		h.db.Find(&users)
-		for _, u := range users {
-			var m map[string]int
-			var roleKeys = make([]string, 0)
-			err := utils.JsonDecode(u.ChatRoles, &m)
-			if err != nil {
-				continue
-			}
-
-			for k := range m {
-				roleKeys = append(roleKeys, k)
-			}
-			u.ChatRoles = utils.JsonEncode(roleKeys)
-			h.db.Updates(&u)
-
-		}
-		break
-	case "role":
-		// 修改角色图片，改成绝对路径
-		var roles []model.ChatRole
-		h.db.Find(&roles)
-		for _, r := range roles {
-			if !strings.HasPrefix(r.Icon, "/") {
-				r.Icon = "/" + r.Icon
-				h.db.Updates(&r)
-			}
-		}
-		break
-	case "history":
-		// 修改角色图片，改成绝对路径
-		var message []model.HistoryMessage
-		h.db.Find(&message)
-		for _, r := range message {
-			if !strings.HasPrefix(r.Icon, "/") {
-				r.Icon = "/" + r.Icon
-				h.db.Updates(&r)
-			}
-
-		}
-		break
-
-	case "avatar":
-		// 更新用户的头像地址
-		var users []model.User
-		h.db.Find(&users)
-		for _, u := range users {
-			if !strings.HasPrefix(u.Avatar, "/") {
-				u.Avatar = "/" + u.Avatar
-				h.db.Updates(&u)
-			}
-		}
-		break
+	var manager model.AdminUser
+	res := h.DB.Where("id", id).First(&manager)
+	if res.Error != nil {
+		resp.NotAuth(c)
+		return
 	}

-	resp.SUCCESS(c, "SUCCESS")
+	resp.SUCCESS(c, manager)
+}
+
+// List 数据列表
+func (h *ManagerHandler) List(c *gin.Context) {
+	var items []model.AdminUser
+	res := h.DB.Find(&items)
+	if res.Error != nil {
+		resp.ERROR(c, res.Error.Error())
+		return
+	}
+
+	users := make([]vo.AdminUser, 0)
+	for _, item := range items {
+		var u vo.AdminUser
+		err := utils.CopyObject(item, &u)
+		if err != nil {
+			continue
+		}
+		u.Id = item.Id
+		u.CreatedAt = item.CreatedAt.Unix()
+		users = append(users, u)
+	}
+
+	resp.SUCCESS(c, users)
+
+}
+
+func (h *ManagerHandler) Save(c *gin.Context) {
+	var data struct {
+		Username string `json:"username"`
+		Password string `json:"password"`
+		Status   bool   `json:"status"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	var user model.AdminUser
+	res := h.DB.Where("username", data.Username).First(&user)
+	if res.Error == nil {
+		resp.ERROR(c, "用户名已存在")
+		return
+	}
+
+	// 生成密码
+	salt := utils.RandString(8)
+	password := utils.GenPassword(data.Password, salt)
+	res = h.DB.Save(&model.AdminUser{
+		Username: data.Username,
+		Password: password,
+		Salt:     salt,
+		Status:   data.Status,
+	})
+	if res.Error != nil {
+		resp.ERROR(c, "failed with update database")
+		return
+	}
+
+	resp.SUCCESS(c)
+}
+
+// Remove 删除管理员
+func (h *ManagerHandler) Remove(c *gin.Context) {
+	id := h.GetInt(c, "id", 0)
+	if id <= 0 {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	if id == SuperManagerID {
+		resp.ERROR(c, "超级管理员不能删除")
+		return
+	}
+
+	res := h.DB.Where("id", id).Delete(&model.AdminUser{})
+	if res.Error != nil {
+		resp.ERROR(c, res.Error.Error())
+		return
+	}
+
+	resp.SUCCESS(c)
+}
+
+// Enable 启用/禁用
+func (h *ManagerHandler) Enable(c *gin.Context) {
+	var data struct {
+		Id      uint `json:"id"`
+		Enabled bool `json:"enabled"`
+	}
+
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Model(&model.AdminUser{}).Where("id", data.Id).UpdateColumn("status", data.Enabled)
+	if res.Error != nil {
+		resp.ERROR(c, res.Error.Error())
+		return
+	}
+	resp.SUCCESS(c)
+}
+
+// ResetPass 重置密码
+func (h *ManagerHandler) ResetPass(c *gin.Context) {
+	id := h.GetLoginUserId(c)
+	if id != SuperManagerID {
+		resp.ERROR(c, "只有超级管理员能够进行该操作")
+		return
+	}
+
+	var data struct {
+		Id       int    `json:"id"`
+		Password string `json:"password"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	var user model.AdminUser
+	res := h.DB.Where("id", data.Id).First(&user)
+	if res.Error != nil {
+		resp.ERROR(c, res.Error.Error())
+		return
+	}
+
+	password := utils.GenPassword(data.Password, user.Salt)
+	user.Password = password
+	res = h.DB.Updates(&user)
+	if res.Error != nil {
+		resp.ERROR(c, res.Error.Error())
+		return
+	}
+
+	resp.SUCCESS(c)
 }
--- a/api/handler/admin/api_key_handler.go
+++ b/api/handler/admin/api_key_handler.go
@@ -8,42 +8,46 @@ import (
 	"chatplus/store/vo"
 	"chatplus/utils"
 	"chatplus/utils/resp"
-	"time"
-
 	"github.com/gin-gonic/gin"
 	"gorm.io/gorm"
 )

 type ApiKeyHandler struct {
 	handler.BaseHandler
-	db *gorm.DB
 }

 func NewApiKeyHandler(app *core.AppServer, db *gorm.DB) *ApiKeyHandler {
-	h := ApiKeyHandler{db: db}
-	h.App = app
-	return &h
+	return &ApiKeyHandler{BaseHandler: handler.BaseHandler{DB: db, App: app}}
 }

 func (h *ApiKeyHandler) Save(c *gin.Context) {
 	var data struct {
-		Id         uint   `json:"id"`
-		UserId     uint   `json:"user_id"`
-		Value      string `json:"value"`
-		LastUsedAt string `json:"last_used_at"`
-		CreatedAt  int64  `json:"created_at"`
+		Id       uint   `json:"id"`
+		Platform string `json:"platform"`
+		Name     string `json:"name"`
+		Type     string `json:"type"`
+		Value    string `json:"value"`
+		ApiURL   string `json:"api_url"`
+		Enabled  bool   `json:"enabled"`
+		ProxyURL string `json:"proxy_url"`
 	}
 	if err := c.ShouldBindJSON(&data); err != nil {
 		resp.ERROR(c, types.InvalidArgs)
 		return
 	}

-	apiKey := model.ApiKey{Value: data.Value, UserId: data.UserId, LastUsedAt: utils.Str2stamp(data.LastUsedAt)}
-	apiKey.Id = data.Id
-	if apiKey.Id > 0 {
-		apiKey.CreatedAt = time.Unix(data.CreatedAt, 0)
+	apiKey := model.ApiKey{}
+	if data.Id > 0 {
+		h.DB.Find(&apiKey, data.Id)
 	}
-	res := h.db.Save(&apiKey)
+	apiKey.Platform = data.Platform
+	apiKey.Value = data.Value
+	apiKey.Type = data.Type
+	apiKey.ApiURL = data.ApiURL
+	apiKey.Enabled = data.Enabled
+	apiKey.ProxyURL = data.ProxyURL
+	apiKey.Name = data.Name
+	res := h.DB.Save(&apiKey)
 	if res.Error != nil {
 		resp.ERROR(c, "更新数据库失败！")
 		return
@@ -61,14 +65,14 @@ func (h *ApiKeyHandler) Save(c *gin.Context) {
 }

 func (h *ApiKeyHandler) List(c *gin.Context) {
-	userId := h.GetInt(c, "user_id", -1)
-	query := h.db.Session(&gorm.Session{})
-	if userId >= 0 {
-		query = query.Where("user_id", userId)
+	if err := utils.CheckPermission(c, h.DB); err != nil {
+		resp.NotPermission(c)
+		return
 	}
+
 	var items []model.ApiKey
 	var keys = make([]vo.ApiKey, 0)
-	res := query.Find(&items)
+	res := h.DB.Find(&items)
 	if res.Error == nil {
 		for _, item := range items {
 			var key vo.ApiKey
@@ -86,15 +90,38 @@ func (h *ApiKeyHandler) List(c *gin.Context) {
 	resp.SUCCESS(c, keys)
 }

-func (h *ApiKeyHandler) Remove(c *gin.Context) {
-	id := h.GetInt(c, "id", 0)
+func (h *ApiKeyHandler) Set(c *gin.Context) {
+	var data struct {
+		Id    uint        `json:"id"`
+		Filed string      `json:"filed"`
+		Value interface{} `json:"value"`
+	}

-	if id > 0 {
-		res := h.db.Where("id = ?", id).Delete(&model.ApiKey{})
-		if res.Error != nil {
-			resp.ERROR(c, "更新数据库失败！")
-			return
-		}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Model(&model.ApiKey{}).Where("id = ?", data.Id).Update(data.Filed, data.Value)
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败！")
+		return
 	}
 	resp.SUCCESS(c)
 }
+
+func (h *ApiKeyHandler) Remove(c *gin.Context) {
+	id := h.GetInt(c, "id", 0)
+	if id <= 0 {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Where("id", id).Delete(&model.ApiKey{})
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败！")
+		return
+	}
+
+	resp.SUCCESS(c)
+}
--- a/api/handler/admin/captcha_handler.go
+++ b/api/handler/admin/captcha_handler.go
@@ -0,0 +1,39 @@
+package admin
+
+import (
+	"chatplus/core"
+	"chatplus/handler"
+	"chatplus/utils/resp"
+	"github.com/gin-gonic/gin"
+	"github.com/mojocn/base64Captcha"
+)
+
+type CaptchaHandler struct {
+	handler.BaseHandler
+}
+
+func NewCaptchaHandler(app *core.AppServer) *CaptchaHandler {
+	return &CaptchaHandler{BaseHandler: handler.BaseHandler{App: app}}
+}
+
+type CaptchaVo struct {
+	CaptchaId string `json:"captcha_id"`
+	PicPath   string `json:"pic_path"`
+}
+
+// GetCaptcha 获取验证码
+func (h *CaptchaHandler) GetCaptcha(c *gin.Context) {
+	var captchaVo CaptchaVo
+	driver := base64Captcha.NewDriverDigit(48, 130, 4, 0.4, 10)
+	cp := base64Captcha.NewCaptcha(driver, base64Captcha.DefaultMemStore)
+	// b64s是图片的base64编码
+	id, b64s, err := cp.Generate()
+	if err != nil {
+		resp.ERROR(c, "生成验证码错误!")
+		return
+	}
+	captchaVo.CaptchaId = id
+	captchaVo.PicPath = b64s
+
+	resp.SUCCESS(c, captchaVo)
+}
--- a/api/handler/admin/chat_handler.go
+++ b/api/handler/admin/chat_handler.go
@@ -0,0 +1,266 @@
+package admin
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/handler"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+type ChatHandler struct {
+	handler.BaseHandler
+}
+
+func NewChatHandler(app *core.AppServer, db *gorm.DB) *ChatHandler {
+	return &ChatHandler{BaseHandler: handler.BaseHandler{App: app, DB: db}}
+}
+
+type chatItemVo struct {
+	Username  string      `json:"username"`
+	UserId    uint        `json:"user_id"`
+	ChatId    string      `json:"chat_id"`
+	Title     string      `json:"title"`
+	Role      vo.ChatRole `json:"role"`
+	Model     string      `json:"model"`
+	Token     int         `json:"token"`
+	CreatedAt int64       `json:"created_at"`
+	MsgNum    int         `json:"msg_num"` // 消息数量
+}
+
+func (h *ChatHandler) List(c *gin.Context) {
+	if err := utils.CheckPermission(c, h.DB); err != nil {
+		resp.NotPermission(c)
+		return
+	}
+
+	var data struct {
+		Title    string   `json:"title"`
+		UserId   uint     `json:"user_id"`
+		Model    string   `json:"model"`
+		CreateAt []string `json:"created_time"`
+		Page     int      `json:"page"`
+		PageSize int      `json:"page_size"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	session := h.DB.Session(&gorm.Session{})
+	if data.Title != "" {
+		session = session.Where("title LIKE ?", "%"+data.Title+"%")
+	}
+	if data.UserId > 0 {
+		session = session.Where("user_id = ?", data.UserId)
+	}
+	if data.Model != "" {
+		session = session.Where("model = ?", data.Model)
+	}
+	if len(data.CreateAt) == 2 {
+		start := utils.Str2stamp(data.CreateAt[0] + " 00:00:00")
+		end := utils.Str2stamp(data.CreateAt[1] + " 00:00:00")
+		session = session.Where("created_at >= ? AND created_at <= ?", start, end)
+	}
+
+	var total int64
+	session.Model(&model.ChatItem{}).Count(&total)
+	var items []model.ChatItem
+	var list = make([]chatItemVo, 0)
+	offset := (data.Page - 1) * data.PageSize
+	res := session.Order("id DESC").Offset(offset).Limit(data.PageSize).Find(&items)
+	if res.Error == nil {
+		userIds := make([]uint, 0)
+		chatIds := make([]string, 0)
+		roleIds := make([]uint, 0)
+		for _, item := range items {
+			userIds = append(userIds, item.UserId)
+			chatIds = append(chatIds, item.ChatId)
+			roleIds = append(roleIds, item.RoleId)
+		}
+		var messages []model.ChatMessage
+		var users []model.User
+		var roles []model.ChatRole
+		h.DB.Where("chat_id IN ?", chatIds).Find(&messages)
+		h.DB.Where("id IN ?", userIds).Find(&users)
+		h.DB.Where("id IN ?", roleIds).Find(&roles)
+
+		tokenMap := make(map[string]int)
+		userMap := make(map[uint]string)
+		msgMap := make(map[string]int)
+		roleMap := make(map[uint]vo.ChatRole)
+		for _, msg := range messages {
+			tokenMap[msg.ChatId] += msg.Tokens
+			msgMap[msg.ChatId] += 1
+		}
+		for _, user := range users {
+			userMap[user.Id] = user.Username
+		}
+		for _, r := range roles {
+			var roleVo vo.ChatRole
+			err := utils.CopyObject(r, &roleVo)
+			if err != nil {
+				continue
+			}
+			roleMap[r.Id] = roleVo
+		}
+		for _, item := range items {
+			list = append(list, chatItemVo{
+				UserId:    item.UserId,
+				Username:  userMap[item.UserId],
+				ChatId:    item.ChatId,
+				Title:     item.Title,
+				Model:     item.Model,
+				Token:     tokenMap[item.ChatId],
+				MsgNum:    msgMap[item.ChatId],
+				Role:      roleMap[item.RoleId],
+				CreatedAt: item.CreatedAt.Unix(),
+			})
+		}
+	}
+	resp.SUCCESS(c, vo.NewPage(total, data.Page, data.PageSize, list))
+}
+
+type chatMessageVo struct {
+	Id        uint   `json:"id"`
+	UserId    uint   `json:"user_id"`
+	Username  string `json:"username"`
+	Content   string `json:"content"`
+	Type      string `json:"type"`
+	Model     string `json:"model"`
+	Token     int    `json:"token"`
+	Icon      string `json:"icon"`
+	CreatedAt int64  `json:"created_at"`
+}
+
+// Messages 读取聊天记录列表
+func (h *ChatHandler) Messages(c *gin.Context) {
+	var data struct {
+		UserId   uint     `json:"user_id"`
+		Content  string   `json:"content"`
+		Model    string   `json:"model"`
+		CreateAt []string `json:"created_time"`
+		Page     int      `json:"page"`
+		PageSize int      `json:"page_size"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	session := h.DB.Session(&gorm.Session{})
+	if data.Content != "" {
+		session = session.Where("content LIKE ?", "%"+data.Content+"%")
+	}
+	if data.UserId > 0 {
+		session = session.Where("user_id = ?", data.UserId)
+	}
+	if data.Model != "" {
+		session = session.Where("model = ?", data.Model)
+	}
+	if len(data.CreateAt) == 2 {
+		start := utils.Str2stamp(data.CreateAt[0] + " 00:00:00")
+		end := utils.Str2stamp(data.CreateAt[1] + " 00:00:00")
+		session = session.Where("created_at >= ? AND created_at <= ?", start, end)
+	}
+
+	var total int64
+	session.Model(&model.ChatMessage{}).Count(&total)
+	var items []model.ChatMessage
+	var list = make([]chatMessageVo, 0)
+	offset := (data.Page - 1) * data.PageSize
+	res := session.Order("id DESC").Offset(offset).Limit(data.PageSize).Find(&items)
+	if res.Error == nil {
+		userIds := make([]uint, 0)
+		for _, item := range items {
+			userIds = append(userIds, item.UserId)
+		}
+		var users []model.User
+		h.DB.Where("id IN ?", userIds).Find(&users)
+		userMap := make(map[uint]string)
+		for _, user := range users {
+			userMap[user.Id] = user.Username
+		}
+		for _, item := range items {
+			list = append(list, chatMessageVo{
+				Id:        item.Id,
+				UserId:    item.UserId,
+				Username:  userMap[item.UserId],
+				Content:   item.Content,
+				Model:     item.Model,
+				Token:     item.Tokens,
+				Icon:      item.Icon,
+				Type:      item.Type,
+				CreatedAt: item.CreatedAt.Unix(),
+			})
+		}
+	}
+	resp.SUCCESS(c, vo.NewPage(total, data.Page, data.PageSize, list))
+}
+
+// History 获取聊天历史记录
+func (h *ChatHandler) History(c *gin.Context) {
+	chatId := c.Query("chat_id") // 会话 ID
+	var items []model.ChatMessage
+	var messages = make([]vo.HistoryMessage, 0)
+	res := h.DB.Where("chat_id = ?", chatId).Find(&items)
+	if res.Error != nil {
+		resp.ERROR(c, "No history message")
+		return
+	} else {
+		for _, item := range items {
+			var v vo.HistoryMessage
+			err := utils.CopyObject(item, &v)
+			v.CreatedAt = item.CreatedAt.Unix()
+			v.UpdatedAt = item.UpdatedAt.Unix()
+			if err == nil {
+				messages = append(messages, v)
+			}
+		}
+	}
+
+	resp.SUCCESS(c, messages)
+}
+
+// RemoveChat 删除对话
+func (h *ChatHandler) RemoveChat(c *gin.Context) {
+	chatId := h.GetTrim(c, "chat_id")
+	if chatId == "" {
+		resp.ERROR(c, "请传入 ChatId")
+		return
+	}
+
+	tx := h.DB.Begin()
+	// 删除聊天记录
+	res := tx.Unscoped().Debug().Where("chat_id = ?", chatId).Delete(&model.ChatMessage{})
+	if res.Error != nil {
+		resp.ERROR(c, "failed to remove chat message")
+		return
+	}
+
+	// 删除对话
+	res = tx.Unscoped().Where("chat_id = ?", chatId).Delete(model.ChatItem{})
+	if res.Error != nil {
+		tx.Rollback() // 回滚
+		resp.ERROR(c, "failed to remove chat")
+		return
+	}
+
+	tx.Commit()
+	resp.SUCCESS(c)
+}
+
+// RemoveMessage 删除聊天记录
+func (h *ChatHandler) RemoveMessage(c *gin.Context) {
+	id := h.GetInt(c, "id", 0)
+	tx := h.DB.Unscoped().Where("id = ?", id).Delete(&model.ChatMessage{})
+	if tx.Error != nil {
+		resp.ERROR(c, "更新数据库失败！")
+		return
+	}
+	resp.SUCCESS(c)
+}
--- a/api/handler/admin/chat_model_handler.go
+++ b/api/handler/admin/chat_model_handler.go
@@ -0,0 +1,163 @@
+package admin
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/handler"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+	"time"
+)
+
+type ChatModelHandler struct {
+	handler.BaseHandler
+}
+
+func NewChatModelHandler(app *core.AppServer, db *gorm.DB) *ChatModelHandler {
+	return &ChatModelHandler{BaseHandler: handler.BaseHandler{App: app, DB: db}}
+}
+
+func (h *ChatModelHandler) Save(c *gin.Context) {
+	var data struct {
+		Id          uint    `json:"id"`
+		Name        string  `json:"name"`
+		Value       string  `json:"value"`
+		Enabled     bool    `json:"enabled"`
+		SortNum     int     `json:"sort_num"`
+		Open        bool    `json:"open"`
+		Platform    string  `json:"platform"`
+		Power       int     `json:"power"`
+		MaxTokens   int     `json:"max_tokens"`  // 最大响应长度
+		MaxContext  int     `json:"max_context"` // 最大上下文长度
+		Temperature float32 `json:"temperature"` // 模型温度
+		CreatedAt   int64   `json:"created_at"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	item := model.ChatModel{
+		Platform:    data.Platform,
+		Name:        data.Name,
+		Value:       data.Value,
+		Enabled:     data.Enabled,
+		SortNum:     data.SortNum,
+		Open:        data.Open,
+		MaxTokens:   data.MaxTokens,
+		MaxContext:  data.MaxContext,
+		Temperature: data.Temperature,
+		Power:       data.Power}
+	item.Id = data.Id
+	if item.Id > 0 {
+		item.CreatedAt = time.Unix(data.CreatedAt, 0)
+	}
+	res := h.DB.Save(&item)
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败！")
+		return
+	}
+
+	var itemVo vo.ChatModel
+	err := utils.CopyObject(item, &itemVo)
+	if err != nil {
+		resp.ERROR(c, "数据拷贝失败！")
+		return
+	}
+	itemVo.Id = item.Id
+	itemVo.CreatedAt = item.CreatedAt.Unix()
+	resp.SUCCESS(c, itemVo)
+}
+
+// List 模型列表
+func (h *ChatModelHandler) List(c *gin.Context) {
+	if err := utils.CheckPermission(c, h.DB); err != nil {
+		resp.NotPermission(c)
+		return
+	}
+
+	session := h.DB.Session(&gorm.Session{})
+	enable := h.GetBool(c, "enable")
+	if enable {
+		session = session.Where("enabled", enable)
+	}
+	var items []model.ChatModel
+	var cms = make([]vo.ChatModel, 0)
+	res := session.Order("sort_num ASC").Find(&items)
+	if res.Error == nil {
+		for _, item := range items {
+			var cm vo.ChatModel
+			err := utils.CopyObject(item, &cm)
+			if err == nil {
+				cm.Id = item.Id
+				cm.CreatedAt = item.CreatedAt.Unix()
+				cm.UpdatedAt = item.UpdatedAt.Unix()
+				cms = append(cms, cm)
+			} else {
+				logger.Error(err)
+			}
+		}
+	}
+	resp.SUCCESS(c, cms)
+}
+
+func (h *ChatModelHandler) Set(c *gin.Context) {
+	var data struct {
+		Id    uint        `json:"id"`
+		Filed string      `json:"filed"`
+		Value interface{} `json:"value"`
+	}
+
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Model(&model.ChatModel{}).Where("id = ?", data.Id).Update(data.Filed, data.Value)
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败！")
+		return
+	}
+	resp.SUCCESS(c)
+}
+
+func (h *ChatModelHandler) Sort(c *gin.Context) {
+	var data struct {
+		Ids   []uint `json:"ids"`
+		Sorts []int  `json:"sorts"`
+	}
+
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	for index, id := range data.Ids {
+		res := h.DB.Model(&model.ChatModel{}).Where("id = ?", id).Update("sort_num", data.Sorts[index])
+		if res.Error != nil {
+			resp.ERROR(c, "更新数据库失败！")
+			return
+		}
+	}
+
+	resp.SUCCESS(c)
+}
+
+func (h *ChatModelHandler) Remove(c *gin.Context) {
+	id := h.GetInt(c, "id", 0)
+	if id <= 0 {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Where("id = ?", id).Delete(&model.ChatModel{})
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败！")
+		return
+	}
+	resp.SUCCESS(c)
+}
--- a/api/handler/admin/chat_role_handler.go
+++ b/api/handler/admin/chat_role_handler.go
@@ -15,13 +15,10 @@ import (

 type ChatRoleHandler struct {
 	handler.BaseHandler
-	db *gorm.DB
 }

 func NewChatRoleHandler(app *core.AppServer, db *gorm.DB) *ChatRoleHandler {
-	h := ChatRoleHandler{db: db}
-	h.App = app
-	return &h
+	return &ChatRoleHandler{BaseHandler: handler.BaseHandler{App: app, DB: db}}
 }

 // Save 创建或者更新某个角色
@@ -41,7 +38,7 @@ func (h *ChatRoleHandler) Save(c *gin.Context) {
 	if data.CreatedAt > 0 {
 		role.CreatedAt = time.Unix(data.CreatedAt, 0)
 	}
-	res := h.db.Save(&role)
+	res := h.DB.Save(&role)
 	if res.Error != nil {
 		resp.ERROR(c, "更新数据库失败！")
 		return
@@ -53,9 +50,14 @@ func (h *ChatRoleHandler) Save(c *gin.Context) {
 }

 func (h *ChatRoleHandler) List(c *gin.Context) {
+	if err := utils.CheckPermission(c, h.DB); err != nil {
+		resp.NotPermission(c)
+		return
+	}
+
 	var items []model.ChatRole
 	var roles = make([]vo.ChatRole, 0)
-	res := h.db.Order("sort ASC").Find(&items)
+	res := h.DB.Order("sort_num ASC").Find(&items)
 	if res.Error != nil {
 		resp.ERROR(c, "No data found")
 		return
@@ -75,37 +77,62 @@ func (h *ChatRoleHandler) List(c *gin.Context) {
 	resp.SUCCESS(c, roles)
 }

-// SetSort 更新角色排序
-func (h *ChatRoleHandler) SetSort(c *gin.Context) {
+// Sort 更新角色排序
+func (h *ChatRoleHandler) Sort(c *gin.Context) {
 	var data struct {
-		Id   uint `json:"id"`
-		Sort int  `json:"sort"`
+		Ids   []uint `json:"ids"`
+		Sorts []int  `json:"sorts"`
+	}
+
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	for index, id := range data.Ids {
+		res := h.DB.Model(&model.ChatRole{}).Where("id = ?", id).Update("sort_num", data.Sorts[index])
+		if res.Error != nil {
+			resp.ERROR(c, "更新数据库失败！")
+			return
+		}
+	}
+
+	resp.SUCCESS(c)
+}
+
+func (h *ChatRoleHandler) Set(c *gin.Context) {
+	var data struct {
+		Id    uint        `json:"id"`
+		Filed string      `json:"filed"`
+		Value interface{} `json:"value"`
+	}
+
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Model(&model.ChatRole{}).Where("id = ?", data.Id).Update(data.Filed, data.Value)
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败！")
+		return
+	}
+	resp.SUCCESS(c)
+}
+
+func (h *ChatRoleHandler) Remove(c *gin.Context) {
+	var data struct {
+		Id uint
 	}
 	if err := c.ShouldBindJSON(&data); err != nil {
 		resp.ERROR(c, types.InvalidArgs)
 		return
 	}
 	if data.Id <= 0 {
-		resp.HACKER(c)
-		return
-	}
-	res := h.db.Model(&model.ChatRole{}).Where("id = ?", data.Id).Update("sort", data.Sort)
-	if res.Error != nil {
-		resp.ERROR(c, "更新数据库失败！")
-		return
-	}
-
-	resp.SUCCESS(c)
-}
-
-func (h *ChatRoleHandler) Remove(c *gin.Context) {
-	id := h.GetInt(c, "id", 0)
-	if id <= 0 {
 		resp.ERROR(c, types.InvalidArgs)
 		return
 	}
-
-	res := h.db.Where("id = ?", id).Delete(&model.ChatRole{})
+	res := h.DB.Where("id = ?", data.Id).Delete(&model.ChatRole{})
 	if res.Error != nil {
 		resp.ERROR(c, "删除失败！")
 		return
--- a/api/handler/admin/config_handler.go
+++ b/api/handler/admin/config_handler.go
@@ -14,36 +14,38 @@ import (

 type ConfigHandler struct {
 	handler.BaseHandler
-	db *gorm.DB
 }

 func NewConfigHandler(app *core.AppServer, db *gorm.DB) *ConfigHandler {
-	h := ConfigHandler{db: db}
-	h.App = app
-	return &h
+	return &ConfigHandler{BaseHandler: handler.BaseHandler{App: app, DB: db}}
 }

 func (h *ConfigHandler) Update(c *gin.Context) {
 	var data struct {
-		Key    string                 `json:"key"`
-		Config map[string]interface{} `json:"config"`
+		Key    string `json:"key"`
+		Config struct {
+			types.SystemConfig
+			Content string `json:"content,omitempty"`
+			Updated bool   `json:"updated,omitempty"`
+		} `json:"config"`
 	}

 	if err := c.ShouldBindJSON(&data); err != nil {
 		resp.ERROR(c, types.InvalidArgs)
 		return
 	}
-	str := utils.JsonEncode(&data.Config)
-	config := model.Config{Key: data.Key, Config: str}
-	res := h.db.FirstOrCreate(&config, model.Config{Key: data.Key})
+
+	value := utils.JsonEncode(&data.Config)
+	config := model.Config{Key: data.Key, Config: value}
+	res := h.DB.FirstOrCreate(&config, model.Config{Key: data.Key})
 	if res.Error != nil {
 		resp.ERROR(c, res.Error.Error())
 		return
 	}

 	if config.Id > 0 {
-		config.Config = str
-		res := h.db.Updates(&config)
+		config.Config = value
+		res := h.DB.Updates(&config)
 		if res.Error != nil {
 			resp.ERROR(c, res.Error.Error())
 			return
@@ -51,12 +53,10 @@ func (h *ConfigHandler) Update(c *gin.Context) {

 		// update config cache for AppServer
 		var cfg model.Config
-		h.db.Where("marker", data.Key).First(&cfg)
+		h.DB.Where("marker", data.Key).First(&cfg)
 		var err error
 		if data.Key == "system" {
 			err = utils.JsonDecode(cfg.Config, &h.App.SysConfig)
-		} else if data.Key == "chat" {
-			err = utils.JsonDecode(cfg.Config, &h.App.ChatConfig)
 		}
 		if err != nil {
 			resp.ERROR(c, "Failed to update config cache: "+err.Error())
@@ -70,20 +70,25 @@ func (h *ConfigHandler) Update(c *gin.Context) {

 // Get 获取指定的系统配置
 func (h *ConfigHandler) Get(c *gin.Context) {
+	if err := utils.CheckPermission(c, h.DB); err != nil {
+		resp.NotPermission(c)
+		return
+	}
+
 	key := c.Query("key")
 	var config model.Config
-	res := h.db.Where("marker", key).First(&config)
+	res := h.DB.Where("marker", key).First(&config)
 	if res.Error != nil {
 		resp.ERROR(c, res.Error.Error())
 		return
 	}

-	var m map[string]interface{}
-	err := utils.JsonDecode(config.Config, &m)
+	var value map[string]interface{}
+	err := utils.JsonDecode(config.Config, &value)
 	if err != nil {
 		resp.ERROR(c, err.Error())
 		return
 	}

-	resp.SUCCESS(c, m)
+	resp.SUCCESS(c, value)
 }
--- a/api/handler/admin/dashboard_handler.go
+++ b/api/handler/admin/dashboard_handler.go
@@ -2,30 +2,30 @@ package admin

 import (
 	"chatplus/core"
+	"chatplus/core/types"
 	"chatplus/handler"
 	"chatplus/store/model"
 	"chatplus/utils/resp"
 	"github.com/gin-gonic/gin"
+	"github.com/shopspring/decimal"
 	"gorm.io/gorm"
 	"time"
 )

 type DashboardHandler struct {
 	handler.BaseHandler
-	db *gorm.DB
 }

 func NewDashboardHandler(app *core.AppServer, db *gorm.DB) *DashboardHandler {
-	h := DashboardHandler{db: db}
-	h.App = app
-	return &h
+	return &DashboardHandler{BaseHandler: handler.BaseHandler{App: app, DB: db}}
 }

 type statsVo struct {
-	Users   int64   `json:"users"`
-	Chats   int64   `json:"chats"`
-	Tokens  int64   `json:"tokens"`
-	Rewards float64 `json:"rewards"`
+	Users  int64                         `json:"users"`
+	Chats  int64                         `json:"chats"`
+	Tokens int                           `json:"tokens"`
+	Income float64                       `json:"income"`
+	Chart  map[string]map[string]float64 `json:"chart"`
 }

 func (h *DashboardHandler) Stats(c *gin.Context) {
@@ -34,30 +34,84 @@ func (h *DashboardHandler) Stats(c *gin.Context) {
 	var userCount int64
 	now := time.Now()
 	zeroTime := time.Date(now.Year(), now.Month(), now.Day(), 0, 0, 0, 0, now.Location())
-	res := h.db.Model(&model.User{}).Where("created_at > ?", zeroTime).Count(&userCount)
+	res := h.DB.Model(&model.User{}).Where("created_at > ?", zeroTime).Count(&userCount)
 	if res.Error == nil {
 		stats.Users = userCount
 	}

 	// new chats statistic
 	var chatCount int64
-	res = h.db.Model(&model.ChatItem{}).Where("created_at > ?", zeroTime).Count(&chatCount)
+	res = h.DB.Model(&model.ChatItem{}).Where("created_at > ?", zeroTime).Count(&chatCount)
 	if res.Error == nil {
 		stats.Chats = chatCount
 	}

 	// tokens took stats
-	var tokenCount int64
-	res = h.db.Model(&model.HistoryMessage{}).Select("sum(tokens) as total").Where("created_at > ?", zeroTime).Scan(&tokenCount)
-	if res.Error == nil {
-		stats.Tokens = tokenCount
+	var historyMessages []model.ChatMessage
+	res = h.DB.Where("created_at > ?", zeroTime).Find(&historyMessages)
+	for _, item := range historyMessages {
+		stats.Tokens += item.Tokens
 	}

-	// reward revenue
-	var amount float64
-	res = h.db.Model(&model.Reward{}).Select("sum(amount) as total").Where("created_at > ?", zeroTime).Scan(&amount)
-	if res.Error == nil {
-		stats.Rewards = amount
+	// 众筹收入
+	var rewards []model.Reward
+	res = h.DB.Where("created_at > ?", zeroTime).Find(&rewards)
+	for _, item := range rewards {
+		stats.Income += item.Amount
 	}
+
+	// 订单收入
+	var orders []model.Order
+	res = h.DB.Where("status = ?", types.OrderPaidSuccess).Where("created_at > ?", zeroTime).Find(&orders)
+	for _, item := range orders {
+		stats.Income += item.Amount
+	}
+
+	// 统计7天的订单的图表
+	startDate := now.Add(-7 * 24 * time.Hour).Format("2006-01-02")
+	var statsChart = make(map[string]map[string]float64)
+	//// 初始化
+	var userStatistic, historyMessagesStatistic, incomeStatistic = make(map[string]float64), make(map[string]float64), make(map[string]float64)
+	for i := 0; i < 7; i++ {
+		var initTime = time.Date(now.Year(), now.Month(), now.Day()-i, 0, 0, 0, 0, now.Location()).Format("2006-01-02")
+		userStatistic[initTime] = float64(0)
+		historyMessagesStatistic[initTime] = float64(0)
+		incomeStatistic[initTime] = float64(0)
+	}
+
+	// 统计用户7天增加的曲线
+	var users []model.User
+	res = h.DB.Model(&model.User{}).Where("created_at > ?", startDate).Find(&users)
+	if res.Error == nil {
+		for _, item := range users {
+			userStatistic[item.CreatedAt.Format("2006-01-02")] += 1
+		}
+	}
+
+	// 统计7天Token 消耗
+	res = h.DB.Where("created_at > ?", startDate).Find(&historyMessages)
+	for _, item := range historyMessages {
+		historyMessagesStatistic[item.CreatedAt.Format("2006-01-02")] += float64(item.Tokens)
+	}
+
+	// 浮点数相加？
+	// 统计最近7天的众筹
+	res = h.DB.Where("created_at > ?", startDate).Find(&rewards)
+	for _, item := range rewards {
+		incomeStatistic[item.CreatedAt.Format("2006-01-02")], _ = decimal.NewFromFloat(incomeStatistic[item.CreatedAt.Format("2006-01-02")]).Add(decimal.NewFromFloat(item.Amount)).Float64()
+	}
+
+	// 统计最近7天的订单
+	res = h.DB.Where("status = ?", types.OrderPaidSuccess).Where("created_at > ?", startDate).Find(&orders)
+	for _, item := range orders {
+		incomeStatistic[item.CreatedAt.Format("2006-01-02")], _ = decimal.NewFromFloat(incomeStatistic[item.CreatedAt.Format("2006-01-02")]).Add(decimal.NewFromFloat(item.Amount)).Float64()
+	}
+
+	statsChart["users"] = userStatistic
+	statsChart["historyMessage"] = historyMessagesStatistic
+	statsChart["orders"] = incomeStatistic
+
+	stats.Chart = statsChart
+
 	resp.SUCCESS(c, stats)
 }
--- a/api/handler/admin/function_handler.go
+++ b/api/handler/admin/function_handler.go
@@ -0,0 +1,126 @@
+package admin
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/handler"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+
+	"github.com/golang-jwt/jwt/v5"
+
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+type FunctionHandler struct {
+	handler.BaseHandler
+}
+
+func NewFunctionHandler(app *core.AppServer, db *gorm.DB) *FunctionHandler {
+	return &FunctionHandler{BaseHandler: handler.BaseHandler{App: app, DB: db}}
+}
+
+func (h *FunctionHandler) Save(c *gin.Context) {
+	var data vo.Function
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	var f = model.Function{
+		Id:          data.Id,
+		Name:        data.Name,
+		Label:       data.Label,
+		Description: data.Description,
+		Parameters:  utils.JsonEncode(data.Parameters),
+		Action:      data.Action,
+		Token:       data.Token,
+		Enabled:     data.Enabled,
+	}
+
+	res := h.DB.Save(&f)
+	if res.Error != nil {
+		resp.ERROR(c, "error with save data:"+res.Error.Error())
+		return
+	}
+	data.Id = f.Id
+	resp.SUCCESS(c, data)
+}
+
+func (h *FunctionHandler) Set(c *gin.Context) {
+	var data struct {
+		Id    uint        `json:"id"`
+		Filed string      `json:"filed"`
+		Value interface{} `json:"value"`
+	}
+
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Model(&model.Function{}).Where("id = ?", data.Id).Update(data.Filed, data.Value)
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败！")
+		return
+	}
+	resp.SUCCESS(c)
+}
+
+func (h *FunctionHandler) List(c *gin.Context) {
+	if err := utils.CheckPermission(c, h.DB); err != nil {
+		resp.NotPermission(c)
+		return
+	}
+
+	var items []model.Function
+	res := h.DB.Find(&items)
+	if res.Error != nil {
+		resp.ERROR(c, "No data found")
+		return
+	}
+
+	functions := make([]vo.Function, 0)
+	for _, v := range items {
+		var f vo.Function
+		err := utils.CopyObject(v, &f)
+		if err != nil {
+			continue
+		}
+		functions = append(functions, f)
+	}
+	resp.SUCCESS(c, functions)
+}
+
+func (h *FunctionHandler) Remove(c *gin.Context) {
+	id := h.GetInt(c, "id", 0)
+
+	if id > 0 {
+		res := h.DB.Delete(&model.Function{Id: uint(id)})
+		if res.Error != nil {
+			resp.ERROR(c, "更新数据库失败！")
+			return
+		}
+	}
+	resp.SUCCESS(c)
+}
+
+// GenToken generate function api access token
+func (h *FunctionHandler) GenToken(c *gin.Context) {
+	// 创建 token
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"user_id": 0,
+		"expired": 0,
+	})
+	tokenString, err := token.SignedString([]byte(h.App.Config.Session.SecretKey))
+	if err != nil {
+		logger.Error("error with generate token", err)
+		resp.ERROR(c)
+		return
+	}
+
+	resp.SUCCESS(c, tokenString)
+}
--- a/api/handler/admin/menu_handler.go
+++ b/api/handler/admin/menu_handler.go
@@ -0,0 +1,121 @@
+package admin
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/handler"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+type MenuHandler struct {
+	handler.BaseHandler
+}
+
+func NewMenuHandler(app *core.AppServer, db *gorm.DB) *MenuHandler {
+	return &MenuHandler{BaseHandler: handler.BaseHandler{App: app, DB: db}}
+}
+
+func (h *MenuHandler) Save(c *gin.Context) {
+	var data struct {
+		Id      uint   `json:"id"`
+		Name    string `json:"name"`
+		Icon    string `json:"icon"`
+		URL     string `json:"url"`
+		SortNum int    `json:"sort_num"`
+		Enabled bool   `json:"enabled"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Save(&model.Menu{
+		Id:      data.Id,
+		Name:    data.Name,
+		Icon:    data.Icon,
+		URL:     data.URL,
+		SortNum: data.SortNum,
+		Enabled: data.Enabled,
+	})
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败！")
+		return
+	}
+	resp.SUCCESS(c)
+}
+
+// List 数据列表
+func (h *MenuHandler) List(c *gin.Context) {
+	var items []model.Menu
+	var list = make([]vo.Menu, 0)
+	res := h.DB.Order("sort_num ASC").Find(&items)
+	if res.Error == nil {
+		for _, item := range items {
+			var product vo.Menu
+			err := utils.CopyObject(item, &product)
+			if err == nil {
+				list = append(list, product)
+			}
+		}
+	}
+	resp.SUCCESS(c, list)
+}
+
+func (h *MenuHandler) Enable(c *gin.Context) {
+	var data struct {
+		Id      uint `json:"id"`
+		Enabled bool `json:"enabled"`
+	}
+
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Model(&model.Menu{}).Where("id", data.Id).UpdateColumn("enabled", data.Enabled)
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败！")
+		return
+	}
+	resp.SUCCESS(c)
+}
+
+func (h *MenuHandler) Sort(c *gin.Context) {
+	var data struct {
+		Ids   []uint `json:"ids"`
+		Sorts []int  `json:"sorts"`
+	}
+
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	for index, id := range data.Ids {
+		res := h.DB.Model(&model.Menu{}).Where("id", id).Update("sort_num", data.Sorts[index])
+		if res.Error != nil {
+			resp.ERROR(c, "更新数据库失败！")
+			return
+		}
+	}
+
+	resp.SUCCESS(c)
+}
+
+func (h *MenuHandler) Remove(c *gin.Context) {
+	id := h.GetInt(c, "id", 0)
+
+	if id > 0 {
+		res := h.DB.Where("id", id).Delete(&model.Menu{})
+		if res.Error != nil {
+			resp.ERROR(c, "更新数据库失败！")
+			return
+		}
+	}
+	resp.SUCCESS(c)
+}
--- a/api/handler/admin/order_handler.go
+++ b/api/handler/admin/order_handler.go
@@ -0,0 +1,100 @@
+package admin
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/handler"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+type OrderHandler struct {
+	handler.BaseHandler
+}
+
+func NewOrderHandler(app *core.AppServer, db *gorm.DB) *OrderHandler {
+	return &OrderHandler{BaseHandler: handler.BaseHandler{App: app, DB: db}}
+}
+
+func (h *OrderHandler) List(c *gin.Context) {
+	if err := utils.CheckPermission(c, h.DB); err != nil {
+		resp.NotPermission(c)
+		return
+	}
+
+	var data struct {
+		OrderNo  string   `json:"order_no"`
+		Status   int      `json:"status"`
+		PayTime  []string `json:"pay_time"`
+		Page     int      `json:"page"`
+		PageSize int      `json:"page_size"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	session := h.DB.Session(&gorm.Session{})
+	if data.OrderNo != "" {
+		session = session.Where("order_no", data.OrderNo)
+	}
+	if len(data.PayTime) == 2 {
+		start := utils.Str2stamp(data.PayTime[0] + " 00:00:00")
+		end := utils.Str2stamp(data.PayTime[1] + " 00:00:00")
+		session = session.Where("pay_time >= ? AND pay_time <= ?", start, end)
+	}
+	if data.Status >= 0 {
+		session = session.Where("status", data.Status)
+	}
+	var total int64
+	session.Model(&model.Order{}).Count(&total)
+	var items []model.Order
+	var list = make([]vo.Order, 0)
+	offset := (data.Page - 1) * data.PageSize
+	res := session.Order("id DESC").Offset(offset).Limit(data.PageSize).Find(&items)
+	if res.Error == nil {
+		for _, item := range items {
+			var order vo.Order
+			err := utils.CopyObject(item, &order)
+			if err == nil {
+				order.Id = item.Id
+				order.CreatedAt = item.CreatedAt.Unix()
+				order.UpdatedAt = item.UpdatedAt.Unix()
+				list = append(list, order)
+			} else {
+				logger.Error(err)
+			}
+		}
+	}
+	resp.SUCCESS(c, vo.NewPage(total, data.Page, data.PageSize, list))
+}
+
+func (h *OrderHandler) Remove(c *gin.Context) {
+	id := h.GetInt(c, "id", 0)
+
+	if id > 0 {
+		var item model.Order
+		res := h.DB.First(&item, id)
+		if res.Error != nil {
+			resp.ERROR(c, "记录不存在！")
+			return
+		}
+
+		if item.Status == types.OrderPaidSuccess {
+			resp.ERROR(c, "已支付订单不允许删除！")
+			return
+		}
+
+		res = h.DB.Unscoped().Where("id = ?", id).Delete(&model.Order{})
+		if res.Error != nil {
+			resp.ERROR(c, "更新数据库失败！")
+			return
+		}
+	}
+	resp.SUCCESS(c)
+}
--- a/api/handler/admin/power_log_handler.go
+++ b/api/handler/admin/power_log_handler.go
@@ -0,0 +1,77 @@
+package admin
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/handler"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+type PowerLogHandler struct {
+	handler.BaseHandler
+}
+
+func NewPowerLogHandler(app *core.AppServer, db *gorm.DB) *PowerLogHandler {
+	return &PowerLogHandler{BaseHandler: handler.BaseHandler{App: app, DB: db}}
+}
+
+func (h *PowerLogHandler) List(c *gin.Context) {
+	var data struct {
+		Username string   `json:"username"`
+		Type     int      `json:"type"`
+		Model    string   `json:"model"`
+		Date     []string `json:"date"`
+		Page     int      `json:"page"`
+		PageSize int      `json:"page_size"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	session := h.DB.Session(&gorm.Session{})
+	if data.Model != "" {
+		session = session.Where("model", data.Model)
+	}
+	if data.Type > 0 {
+		session = session.Where("type", data.Type)
+	}
+	if len(data.Date) == 2 {
+		start := data.Date[0] + " 00:00:00"
+		end := data.Date[1] + " 00:00:00"
+		session = session.Where("created_at >= ? AND created_at <= ?", start, end)
+	}
+
+	var total int64
+	session.Model(&model.PowerLog{}).Count(&total)
+	var items []model.PowerLog
+	var list = make([]vo.PowerLog, 0)
+	offset := (data.Page - 1) * data.PageSize
+	res := session.Order("id DESC").Offset(offset).Limit(data.PageSize).Find(&items)
+	if res.Error == nil {
+		for _, item := range items {
+			var log vo.PowerLog
+			err := utils.CopyObject(item, &log)
+			if err != nil {
+				continue
+			}
+			log.Id = item.Id
+			log.CreatedAt = item.CreatedAt.Unix()
+			log.TypeStr = item.Type.String()
+			list = append(list, log)
+		}
+	}
+
+	// 统计消费算力总和
+	var totalPower float64
+	if len(data.Date) == 2 {
+		session.Where("mark", 0).Select("SUM(amount) as total_sum").Scan(&totalPower)
+	}
+	resp.SUCCESS(c, gin.H{"data": vo.NewPage(total, data.Page, data.PageSize, list), "stat": totalPower})
+}
--- a/api/handler/admin/product_handler.go
+++ b/api/handler/admin/product_handler.go
@@ -0,0 +1,142 @@
+package admin
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/handler"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+	"time"
+)
+
+type ProductHandler struct {
+	handler.BaseHandler
+}
+
+func NewProductHandler(app *core.AppServer, db *gorm.DB) *ProductHandler {
+	return &ProductHandler{BaseHandler: handler.BaseHandler{App: app, DB: db}}
+}
+
+func (h *ProductHandler) Save(c *gin.Context) {
+	var data struct {
+		Id        uint    `json:"id"`
+		Name      string  `json:"name"`
+		Price     float64 `json:"price"`
+		Discount  float64 `json:"discount"`
+		Enabled   bool    `json:"enabled"`
+		Days      int     `json:"days"`
+		Power     int     `json:"power"`
+		CreatedAt int64   `json:"created_at"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	item := model.Product{
+		Name:     data.Name,
+		Price:    data.Price,
+		Discount: data.Discount,
+		Days:     data.Days,
+		Power:    data.Power,
+		Enabled:  data.Enabled}
+	item.Id = data.Id
+	if item.Id > 0 {
+		item.CreatedAt = time.Unix(data.CreatedAt, 0)
+	}
+	res := h.DB.Save(&item)
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败！")
+		return
+	}
+
+	var itemVo vo.Product
+	err := utils.CopyObject(item, &itemVo)
+	if err != nil {
+		resp.ERROR(c, "数据拷贝失败！")
+		return
+	}
+	itemVo.Id = item.Id
+	itemVo.UpdatedAt = item.UpdatedAt.Unix()
+	resp.SUCCESS(c, itemVo)
+}
+
+// List 数据列表
+func (h *ProductHandler) List(c *gin.Context) {
+	var items []model.Product
+	var list = make([]vo.Product, 0)
+	res := h.DB.Order("sort_num ASC").Find(&items)
+	if res.Error == nil {
+		for _, item := range items {
+			var product vo.Product
+			err := utils.CopyObject(item, &product)
+			if err == nil {
+				product.Id = item.Id
+				product.CreatedAt = item.CreatedAt.Unix()
+				product.UpdatedAt = item.UpdatedAt.Unix()
+				list = append(list, product)
+			} else {
+				logger.Error(err)
+			}
+		}
+	}
+	resp.SUCCESS(c, list)
+}
+
+func (h *ProductHandler) Enable(c *gin.Context) {
+	var data struct {
+		Id      uint `json:"id"`
+		Enabled bool `json:"enabled"`
+	}
+
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Model(&model.Product{}).Where("id", data.Id).UpdateColumn("enabled", data.Enabled)
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败！")
+		return
+	}
+	resp.SUCCESS(c)
+}
+
+func (h *ProductHandler) Sort(c *gin.Context) {
+	var data struct {
+		Ids   []uint `json:"ids"`
+		Sorts []int  `json:"sorts"`
+	}
+
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	for index, id := range data.Ids {
+		res := h.DB.Model(&model.Product{}).Where("id", id).Update("sort_num", data.Sorts[index])
+		if res.Error != nil {
+			resp.ERROR(c, "更新数据库失败！")
+			return
+		}
+	}
+
+	resp.SUCCESS(c)
+}
+
+func (h *ProductHandler) Remove(c *gin.Context) {
+	id := h.GetInt(c, "id", 0)
+
+	if id > 0 {
+		res := h.DB.Where("id", id).Delete(&model.Product{})
+		if res.Error != nil {
+			resp.ERROR(c, "更新数据库失败！")
+			return
+		}
+	}
+	resp.SUCCESS(c)
+}
--- a/api/handler/admin/reward_handler.go
+++ b/api/handler/admin/reward_handler.go
@@ -2,6 +2,7 @@ package admin

 import (
 	"chatplus/core"
+	"chatplus/core/types"
 	"chatplus/handler"
 	"chatplus/store/model"
 	"chatplus/store/vo"
@@ -13,18 +14,20 @@ import (

 type RewardHandler struct {
 	handler.BaseHandler
-	db *gorm.DB
 }

 func NewRewardHandler(app *core.AppServer, db *gorm.DB) *RewardHandler {
-	h := RewardHandler{db: db}
-	h.App = app
-	return &h
+	return &RewardHandler{BaseHandler: handler.BaseHandler{App: app, DB: db}}
 }

 func (h *RewardHandler) List(c *gin.Context) {
+	if err := utils.CheckPermission(c, h.DB); err != nil {
+		resp.NotPermission(c)
+		return
+	}
+
 	var items []model.Reward
-	res := h.db.Find(&items)
+	res := h.DB.Order("id DESC").Find(&items)
 	var rewards = make([]vo.Reward, 0)
 	if res.Error == nil {
 		userIds := make([]uint, 0)
@@ -32,7 +35,7 @@ func (h *RewardHandler) List(c *gin.Context) {
 			userIds = append(userIds, v.UserId)
 		}
 		var users []model.User
-		h.db.Where("id IN ?", userIds).Find(&users)
+		h.DB.Where("id IN ?", userIds).Find(&users)
 		var userMap = make(map[uint]model.User)
 		for _, u := range users {
 			userMap[u.Id] = u
@@ -55,3 +58,21 @@ func (h *RewardHandler) List(c *gin.Context) {

 	resp.SUCCESS(c, rewards)
 }
+
+func (h *RewardHandler) Remove(c *gin.Context) {
+	var data struct {
+		Id uint
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+	if data.Id > 0 {
+		res := h.DB.Where("id = ?", data.Id).Delete(&model.Reward{})
+		if res.Error != nil {
+			resp.ERROR(c, "更新数据库失败！")
+			return
+		}
+	}
+	resp.SUCCESS(c)
+}
--- a/api/handler/admin/upload_handler.go
+++ b/api/handler/admin/upload_handler.go
@@ -0,0 +1,45 @@
+package admin
+
+import (
+	"chatplus/core"
+	"chatplus/handler"
+	"chatplus/service/oss"
+	"chatplus/store/model"
+	"chatplus/utils/resp"
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+	"time"
+)
+
+type UploadHandler struct {
+	handler.BaseHandler
+	uploaderManager *oss.UploaderManager
+}
+
+func NewUploadHandler(app *core.AppServer, db *gorm.DB, manager *oss.UploaderManager) *UploadHandler {
+	return &UploadHandler{BaseHandler: handler.BaseHandler{DB: db, App: app}, uploaderManager: manager}
+}
+
+func (h *UploadHandler) Upload(c *gin.Context) {
+	file, err := h.uploaderManager.GetUploadHandler().PutFile(c, "file")
+	if err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+	userId := 0
+	res := h.DB.Create(&model.File{
+		UserId:    userId,
+		Name:      file.Name,
+		ObjKey:    file.ObjKey,
+		URL:       file.URL,
+		Ext:       file.Ext,
+		Size:      file.Size,
+		CreatedAt: time.Time{},
+	})
+	if res.Error != nil || res.RowsAffected == 0 {
+		resp.ERROR(c, "error with update database: "+res.Error.Error())
+		return
+	}
+
+	resp.SUCCESS(c, file)
+}
--- a/api/handler/admin/user_handler.go
+++ b/api/handler/admin/user_handler.go
@@ -9,6 +9,7 @@ import (
 	"chatplus/utils"
 	"chatplus/utils/resp"
 	"fmt"
+	"time"

 	"github.com/gin-gonic/gin"
 	"gorm.io/gorm"
@@ -16,20 +17,21 @@ import (

 type UserHandler struct {
 	handler.BaseHandler
-	db *gorm.DB
 }

 func NewUserHandler(app *core.AppServer, db *gorm.DB) *UserHandler {
-	h := UserHandler{db: db}
-	h.App = app
-	return &h
+	return &UserHandler{BaseHandler: handler.BaseHandler{App: app, DB: db}}
 }

 // List 用户列表
 func (h *UserHandler) List(c *gin.Context) {
+	if err := utils.CheckPermission(c, h.DB); err != nil {
+		resp.NotPermission(c)
+		return
+	}
+
 	page := h.GetInt(c, "page", 1)
 	pageSize := h.GetInt(c, "page_size", 20)
-	mobile := h.GetTrim(c, "mobile")
 	username := h.GetTrim(c, "username")

 	offset := (page - 1) * pageSize
@@ -37,10 +39,7 @@ func (h *UserHandler) List(c *gin.Context) {
 	var users = make([]vo.User, 0)
 	var total int64

-	session := h.db.Session(&gorm.Session{})
-	if mobile != "" {
-		session = session.Where("mobile LIKE ?", "%"+mobile+"%")
-	}
+	session := h.DB.Session(&gorm.Session{})
 	if username != "" {
 		session = session.Where("username LIKE ?", "%"+username+"%")
 	}
@@ -68,15 +67,14 @@ func (h *UserHandler) List(c *gin.Context) {
 func (h *UserHandler) Save(c *gin.Context) {
 	var data struct {
 		Id          uint     `json:"id"`
-		Username    string   `json:"username"`
 		Password    string   `json:"password"`
-		Mobile      string   `json:"mobile"`
-		Nickname    string   `json:"nickname"`
-		Calls       int      `json:"calls"`
-		ImgCalls    int      `json:"img_calls"`
+		Username    string   `json:"username"`
 		ChatRoles   []string `json:"chat_roles"`
+		ChatModels  []int    `json:"chat_models"`
 		ExpiredTime string   `json:"expired_time"`
 		Status      bool     `json:"status"`
+		Vip         bool     `json:"vip"`
+		Power       int      `json:"power"`
 	}
 	if err := c.ShouldBindJSON(&data); err != nil {
 		resp.ERROR(c, types.InvalidArgs)
@@ -86,40 +84,60 @@ func (h *UserHandler) Save(c *gin.Context) {
 	var res *gorm.DB
 	var userVo vo.User
 	if data.Id > 0 { // 更新
-		user.Id = data.Id
-		// 此处需要用 map 更新，用结构体无法更新 0 值
-		res = h.db.Model(&user).Updates(map[string]interface{}{
-			"nickname":        data.Nickname,
-			"mobile":          data.Mobile,
-			"calls":           data.Calls,
-			"img_calls":       data.ImgCalls,
-			"status":          data.Status,
-			"chat_roles_json": utils.JsonEncode(data.ChatRoles),
-			"expired_time":    utils.Str2stamp(data.ExpiredTime),
-		})
+		res = h.DB.Where("id", data.Id).First(&user)
+		if res.Error != nil {
+			resp.ERROR(c, "user not found")
+			return
+		}
+		var oldPower = user.Power
+		user.Username = data.Username
+		user.Status = data.Status
+		user.Vip = data.Vip
+		user.Power = data.Power
+		user.ChatRoles = utils.JsonEncode(data.ChatRoles)
+		user.ChatModels = utils.JsonEncode(data.ChatModels)
+		user.ExpiredTime = utils.Str2stamp(data.ExpiredTime)
+
+		res = h.DB.Select("username", "status", "vip", "power", "chat_roles_json", "chat_models_json", "expired_time").Updates(&user)
+		if res.Error != nil {
+			resp.ERROR(c, "更新数据库失败！")
+			return
+		}
+		// 记录算力日志
+		if oldPower != user.Power {
+			mark := types.PowerAdd
+			amount := user.Power - oldPower
+			if oldPower > user.Power {
+				mark = types.PowerSub
+				amount = oldPower - user.Power
+			}
+			h.DB.Create(&model.PowerLog{
+				UserId:    user.Id,
+				Username:  user.Username,
+				Type:      types.PowerGift,
+				Amount:    amount,
+				Balance:   user.Power,
+				Mark:      mark,
+				Model:     "管理员",
+				Remark:    fmt.Sprintf("后台管理员强制修改用户算力，修改前：%d,修改后:%d, 管理员ID：%d", oldPower, user.Power, h.GetLoginUserId(c)),
+				CreatedAt: time.Now(),
+			})
+		}
 	} else {
 		salt := utils.RandString(8)
 		u := model.User{
 			Username:    data.Username,
+			Nickname:    fmt.Sprintf("极客学长@%d", utils.RandomNumber(6)),
 			Password:    utils.GenPassword(data.Password, salt),
-			Nickname:    fmt.Sprintf("极客学长@%d", utils.RandomNumber(5)),
 			Avatar:      "/images/avatar/user.png",
 			Salt:        salt,
+			Power:       data.Power,
 			Status:      true,
-			Mobile:      data.Mobile,
 			ChatRoles:   utils.JsonEncode(data.ChatRoles),
+			ChatModels:  utils.JsonEncode(data.ChatModels),
 			ExpiredTime: utils.Str2stamp(data.ExpiredTime),
-			ChatConfig: utils.JsonEncode(types.ChatConfig{
-				Temperature:   h.App.ChatConfig.Temperature,
-				MaxTokens:     h.App.ChatConfig.MaxTokens,
-				EnableContext: h.App.ChatConfig.EnableContext,
-				EnableHistory: true,
-				Model:         h.App.ChatConfig.Model,
-				ApiKey:        "",
-			}),
-			Calls: h.App.SysConfig.UserInitCalls,
 		}
-		res = h.db.Create(&u)
+		res = h.DB.Create(&u)
 		_ = utils.CopyObject(u, &userVo)
 		userVo.Id = u.Id
 		userVo.CreatedAt = u.CreatedAt.Unix()
@@ -146,7 +164,7 @@ func (h *UserHandler) ResetPass(c *gin.Context) {
 	}

 	var user model.User
-	res := h.db.First(&user, data.Id)
+	res := h.DB.First(&user, data.Id)
 	if res.Error != nil {
 		resp.ERROR(c, "No user found")
 		return
@@ -154,7 +172,7 @@ func (h *UserHandler) ResetPass(c *gin.Context) {

 	password := utils.GenPassword(data.Password, user.Salt)
 	user.Password = password
-	res = h.db.Updates(&user)
+	res = h.DB.Updates(&user)
 	if res.Error != nil {
 		resp.ERROR(c)
 	} else {
@@ -164,36 +182,32 @@ func (h *UserHandler) ResetPass(c *gin.Context) {

 func (h *UserHandler) Remove(c *gin.Context) {
 	id := h.GetInt(c, "id", 0)
-	if id > 0 {
-		tx := h.db.Begin()
-		res := h.db.Where("id = ?", id).Delete(&model.User{})
-		if res.Error != nil {
-			resp.ERROR(c, "删除失败")
-			return
-		}
-		// 删除聊天记录
-		res = h.db.Where("user_id = ?", id).Delete(&model.ChatItem{})
-		if res.Error != nil {
-			tx.Rollback()
-			resp.ERROR(c, "删除失败")
-			return
-		}
-		// 删除聊天历史记录
-		res = h.db.Where("user_id = ?", id).Delete(&model.HistoryMessage{})
-		if res.Error != nil {
-			tx.Rollback()
-			resp.ERROR(c, "删除失败")
-			return
-		}
-		// 删除登录日志
-		res = h.db.Where("user_id = ?", id).Delete(&model.UserLoginLog{})
-		if res.Error != nil {
-			tx.Rollback()
-			resp.ERROR(c, "删除失败")
-			return
-		}
-		tx.Commit()
+	if id <= 0 {
+		resp.ERROR(c, types.InvalidArgs)
+		return
 	}
+	// 删除用户
+	res := h.DB.Where("id = ?", id).Delete(&model.User{})
+	if res.Error != nil {
+		resp.ERROR(c, "删除失败")
+		return
+	}
+
+	// 删除聊天记录
+	h.DB.Where("user_id = ?", id).Delete(&model.ChatItem{})
+	// 删除聊天历史记录
+	h.DB.Where("user_id = ?", id).Delete(&model.ChatMessage{})
+	// 删除登录日志
+	h.DB.Where("user_id = ?", id).Delete(&model.UserLoginLog{})
+	// 删除算力日志
+	h.DB.Where("user_id = ?", id).Delete(&model.PowerLog{})
+	// 删除众筹日志
+	h.DB.Where("user_id = ?", id).Delete(&model.Reward{})
+	// 删除绘图任务
+	h.DB.Where("user_id = ?", id).Delete(&model.MidJourneyJob{})
+	h.DB.Where("user_id = ?", id).Delete(&model.SdJob{})
+	//  删除订单
+	h.DB.Where("user_id = ?", id).Delete(&model.Order{})
 	resp.SUCCESS(c)
 }

@@ -201,10 +215,10 @@ func (h *UserHandler) LoginLog(c *gin.Context) {
 	page := h.GetInt(c, "page", 1)
 	pageSize := h.GetInt(c, "page_size", 20)
 	var total int64
-	h.db.Model(&model.UserLoginLog{}).Count(&total)
+	h.DB.Model(&model.UserLoginLog{}).Count(&total)
 	offset := (page - 1) * pageSize
 	var items []model.UserLoginLog
-	res := h.db.Offset(offset).Limit(pageSize).Find(&items)
+	res := h.DB.Offset(offset).Limit(pageSize).Order("id DESC").Find(&items)
 	if res.Error != nil {
 		resp.ERROR(c, "获取数据失败")
 		return
--- a/api/handler/base_handler.go
+++ b/api/handler/base_handler.go
@@ -2,8 +2,13 @@ package handler

 import (
 	"chatplus/core"
+	"chatplus/core/types"
 	logger2 "chatplus/logger"
-	"strconv"
+	"chatplus/store/model"
+	"chatplus/utils"
+	"errors"
+	"fmt"
+	"gorm.io/gorm"
 	"strings"

 	"github.com/gin-gonic/gin"
@@ -13,6 +18,7 @@ var logger = logger2.GetLogger()

 type BaseHandler struct {
 	App *core.AppServer
+	DB  *gorm.DB
 }

 func (h *BaseHandler) GetTrim(c *gin.Context, key string) string {
@@ -20,47 +26,62 @@ func (h *BaseHandler) GetTrim(c *gin.Context, key string) string {
 }

 func (h *BaseHandler) PostInt(c *gin.Context, key string, defaultValue int) int {
-	return intValue(c.PostForm(key), defaultValue)
+	return utils.IntValue(c.PostForm(key), defaultValue)
 }

 func (h *BaseHandler) GetInt(c *gin.Context, key string, defaultValue int) int {
-	return intValue(c.Query(key), defaultValue)
-}
-
-func intValue(str string, defaultValue int) int {
-	value, err := strconv.Atoi(str)
-	if err != nil {
-		return defaultValue
-	}
-	return value
+	return utils.IntValue(c.Query(key), defaultValue)
 }

 func (h *BaseHandler) GetFloat(c *gin.Context, key string) float64 {
-	return floatValue(c.Query(key))
+	return utils.FloatValue(c.Query(key))
 }
 func (h *BaseHandler) PostFloat(c *gin.Context, key string) float64 {
-	return floatValue(c.PostForm(key))
-}
-
-func floatValue(str string) float64 {
-	value, err := strconv.ParseFloat(str, 64)
-	if err != nil {
-		return 0
-	}
-	return value
+	return utils.FloatValue(c.PostForm(key))
 }

 func (h *BaseHandler) GetBool(c *gin.Context, key string) bool {
-	return boolValue(c.Query(key))
+	return utils.BoolValue(c.Query(key))
 }
 func (h *BaseHandler) PostBool(c *gin.Context, key string) bool {
-	return boolValue(c.PostForm(key))
+	return utils.BoolValue(c.PostForm(key))
+}
+func (h *BaseHandler) GetUserKey(c *gin.Context) string {
+	userId, ok := c.Get(types.LoginUserID)
+	if !ok {
+		return ""
+	}
+	return fmt.Sprintf("users/%v", userId)
 }

-func boolValue(str string) bool {
-	value, err := strconv.ParseBool(str)
-	if err != nil {
-		return false
+func (h *BaseHandler) GetLoginUserId(c *gin.Context) uint {
+	userId, ok := c.Get(types.LoginUserID)
+	if !ok {
+		return 0
 	}
-	return value
+	return uint(utils.IntValue(utils.InterfaceToString(userId), 0))
+}
+
+func (h *BaseHandler) IsLogin(c *gin.Context) bool {
+	return h.GetLoginUserId(c) > 0
+}
+
+func (h *BaseHandler) GetLoginUser(c *gin.Context) (model.User, error) {
+	value, exists := c.Get(types.LoginUserCache)
+	if exists {
+		return value.(model.User), nil
+	}
+
+	userId, ok := c.Get(types.LoginUserID)
+	if !ok {
+		return model.User{}, errors.New("user not login")
+	}
+
+	var user model.User
+	res := h.DB.First(&user, userId)
+	// 更新缓存
+	if res.Error == nil {
+		c.Set(types.LoginUserCache, user)
+	}
+	return user, res.Error
 }
--- a/api/handler/captcha_handler.go
+++ b/api/handler/captcha_handler.go
@@ -45,3 +45,33 @@ func (h *CaptchaHandler) Check(c *gin.Context) {
 	}

 }
+
+// SlideGet 获取滑动验证图片
+func (h *CaptchaHandler) SlideGet(c *gin.Context) {
+	data, err := h.service.SlideGet()
+	if err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+
+	resp.SUCCESS(c, data)
+}
+
+// SlideCheck 滑动验证结果校验
+func (h *CaptchaHandler) SlideCheck(c *gin.Context) {
+	var data struct {
+		Key string `json:"key"`
+		X   int    `json:"x"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	if h.service.SlideCheck(data) {
+		resp.SUCCESS(c)
+	} else {
+		resp.ERROR(c)
+	}
+
+}
--- a/api/handler/chat_handler.go
+++ b/api/handler/chat_handler.go
@@ -1,609 +0,0 @@
-package handler
-
-import (
-	"bufio"
-	"bytes"
-	"chatplus/core"
-	"chatplus/core/types"
-	"chatplus/store"
-	"chatplus/store/model"
-	"chatplus/store/vo"
-	"chatplus/utils"
-	"chatplus/utils/resp"
-	"context"
-	"encoding/json"
-	"errors"
-	"fmt"
-	"io"
-	"net/http"
-	"net/url"
-	"strings"
-	"time"
-	"unicode/utf8"
-
-	"github.com/gin-gonic/gin"
-	"github.com/gorilla/websocket"
-	"gorm.io/gorm"
-)
-
-const ErrorMsg = "抱歉，AI 助手开小差了，请稍后再试。"
-
-type ChatHandler struct {
-	BaseHandler
-	db      *gorm.DB
-	leveldb *store.LevelDB
-}
-
-func NewChatHandler(app *core.AppServer, db *gorm.DB, levelDB *store.LevelDB) *ChatHandler {
-	handler := ChatHandler{db: db, leveldb: levelDB}
-	handler.App = app
-	return &handler
-}
-
-var chatConfig types.ChatConfig
-
-// ChatHandle 处理聊天 WebSocket 请求
-func (h *ChatHandler) ChatHandle(c *gin.Context) {
-	ws, err := (&websocket.Upgrader{CheckOrigin: func(r *http.Request) bool { return true }}).Upgrade(c.Writer, c.Request, nil)
-	if err != nil {
-		logger.Error(err)
-		return
-	}
-	// 设置读写超时时间
-	//_ = ws.SetWriteDeadline(time.Now().Add(300 * time.Second))
-	//_ = ws.SetReadDeadline(time.Now().Add(300 * time.Second))
-
-	sessionId := c.Query("session_id")
-	roleId := h.GetInt(c, "role_id", 0)
-	chatId := c.Query("chat_id")
-	chatModel := c.Query("model")
-
-	session := h.App.ChatSession.Get(sessionId)
-	if session.SessionId == "" {
-		user, err := utils.GetLoginUser(c, h.db)
-		if err != nil {
-			logger.Info("用户未登录")
-			c.Abort()
-			return
-		}
-		session = types.ChatSession{
-			SessionId: sessionId,
-			ClientIP:  c.ClientIP(),
-			Username:  user.Username,
-			UserId:    user.Id,
-		}
-		h.App.ChatSession.Put(sessionId, session)
-	}
-
-	// use old chat data override the chat model and role ID
-	var chat model.ChatItem
-	res := h.db.Where("chat_id=?", chatId).First(&chat)
-	if res.Error == nil {
-		chatModel = chat.Model
-		roleId = int(chat.RoleId)
-	}
-
-	session.ChatId = chatId
-	session.Model = chatModel
-	logger.Infof("New websocket connected, IP: %s, Username: %s", c.Request.RemoteAddr, session.Username)
-	client := types.NewWsClient(ws)
-	var chatRole model.ChatRole
-	res = h.db.First(&chatRole, roleId)
-	if res.Error != nil || !chatRole.Enable {
-		utils.ReplyMessage(client, "当前聊天角色不存在或者未启用，连接已关闭！！！")
-		c.Abort()
-		return
-	}
-
-	// 初始化聊天配置
-	var config model.Config
-	h.db.Where("marker", "chat").First(&config)
-	err = utils.JsonDecode(config.Config, &chatConfig)
-	if err != nil {
-		utils.ReplyMessage(client, "加载系统配置失败，连接已关闭！！！")
-		c.Abort()
-		return
-	}
-
-	// 保存会话连接
-	h.App.ChatClients.Put(sessionId, client)
-	go func() {
-		for {
-			_, msg, err := client.Receive()
-			if err != nil {
-				logger.Error(err)
-				client.Close()
-				h.App.ChatClients.Delete(sessionId)
-				h.App.ReqCancelFunc.Delete(sessionId)
-				return
-			}
-
-			message := string(msg)
-			logger.Info("Receive a message: ", message)
-			//utils.ReplyMessage(client, "这是一条测试消息！")
-			ctx, cancel := context.WithCancel(context.Background())
-			h.App.ReqCancelFunc.Put(sessionId, cancel)
-			// 回复消息
-			err = h.sendMessage(ctx, session, chatRole, message, client)
-			if err != nil {
-				logger.Error(err)
-			} else {
-				utils.ReplyChunkMessage(client, types.WsMessage{Type: types.WsEnd})
-				logger.Info("回答完毕: " + string(message))
-			}
-
-		}
-	}()
-}
-
-// 将消息发送给 ChatGPT 并获取结果，通过 WebSocket 推送到客户端
-func (h *ChatHandler) sendMessage(ctx context.Context, session types.ChatSession, role model.ChatRole, prompt string, ws *types.WsClient) error {
-	promptCreatedAt := time.Now() // 记录提问时间
-
-	var user model.User
-	res := h.db.Model(&model.User{}).First(&user, session.UserId)
-	if res.Error != nil {
-		utils.ReplyMessage(ws, "非法用户，请联系管理员！")
-		return res.Error
-	}
-	var userVo vo.User
-	err := utils.CopyObject(user, &userVo)
-	userVo.Id = user.Id
-	if err != nil {
-		return errors.New("User 对象转换失败，" + err.Error())
-	}
-
-	if userVo.Status == false {
-		utils.ReplyMessage(ws, "您的账号已经被禁用，如果疑问，请联系管理员！")
-		utils.ReplyMessage(ws, "![](/images/wx.png)")
-		return nil
-	}
-
-	if userVo.Calls <= 0 && userVo.ChatConfig.ApiKey == "" {
-		utils.ReplyMessage(ws, "您的对话次数已经用尽，请联系管理员或者点击左下角菜单加入众筹获得100次对话！")
-		utils.ReplyMessage(ws, "![](/images/wx.png)")
-		return nil
-	}
-
-	if userVo.ExpiredTime > 0 && userVo.ExpiredTime <= time.Now().Unix() {
-		utils.ReplyMessage(ws, "您的账号已经过期，请联系管理员！")
-		utils.ReplyMessage(ws, "![](/images/wx.png)")
-		return nil
-	}
-	var req = types.ApiRequest{
-		Model:       session.Model,
-		Temperature: userVo.ChatConfig.Temperature,
-		MaxTokens:   userVo.ChatConfig.MaxTokens,
-		Stream:      true,
-		Functions:   types.InnerFunctions,
-	}
-
-	// 加载聊天上下文
-	var chatCtx []interface{}
-	if userVo.ChatConfig.EnableContext {
-		if h.App.ChatContexts.Has(session.ChatId) {
-			chatCtx = h.App.ChatContexts.Get(session.ChatId)
-		} else {
-			// calculate the tokens of current request, to prevent to exceeding the max tokens num
-			tokens := req.MaxTokens
-			for _, f := range types.InnerFunctions {
-				tks, _ := utils.CalcTokens(utils.JsonEncode(f), req.Model)
-				tokens += tks
-			}
-
-			// loading the role context
-			var messages []types.Message
-			err := utils.JsonDecode(role.Context, &messages)
-			if err == nil {
-				for _, v := range messages {
-					tks, _ := utils.CalcTokens(v.Content, req.Model)
-					if tokens+tks >= types.ModelToTokens[req.Model] {
-						break
-					}
-					tokens += tks
-					chatCtx = append(chatCtx, v)
-				}
-			}
-
-			// loading recent chat history as chat context
-			if chatConfig.ContextDeep > 0 {
-				var historyMessages []model.HistoryMessage
-				res := h.db.Where("chat_id = ? and use_context = 1", session.ChatId).Limit(chatConfig.ContextDeep).Order("created_at desc").Find(&historyMessages)
-				if res.Error == nil {
-					for _, msg := range historyMessages {
-						if tokens+msg.Tokens >= types.ModelToTokens[session.Model] {
-							break
-						}
-						tokens += msg.Tokens
-						ms := types.Message{Role: "user", Content: msg.Content}
-						if msg.Type == types.ReplyMsg {
-							ms.Role = "assistant"
-						}
-						chatCtx = append(chatCtx, ms)
-					}
-				}
-			}
-		}
-		logger.Debugf("聊天上下文：%+v", chatCtx)
-	}
-	reqMgs := make([]interface{}, 0)
-	for _, m := range chatCtx {
-		reqMgs = append(reqMgs, m)
-	}
-
-	req.Messages = append(reqMgs, map[string]interface{}{
-		"role":    "user",
-		"content": prompt,
-	})
-	var apiKey string
-	response, err := h.doRequest(ctx, userVo, &apiKey, req)
-	if err != nil {
-		if strings.Contains(err.Error(), "context canceled") {
-			logger.Info("用户取消了请求：", prompt)
-			return nil
-		} else if strings.Contains(err.Error(), "no available key") {
-			utils.ReplyMessage(ws, "抱歉😔😔😔，系统已经没有可用的 API KEY🔑，您可以导入自己的 API KEY🔑 继续使用！🙏🙏🙏")
-			return nil
-		} else {
-			logger.Error(err)
-		}
-
-		utils.ReplyMessage(ws, ErrorMsg)
-		utils.ReplyMessage(ws, "![](/images/wx.png)")
-		return err
-	} else {
-		defer response.Body.Close()
-	}
-
-	contentType := response.Header.Get("Content-Type")
-	if strings.Contains(contentType, "text/event-stream") {
-		if true {
-			replyCreatedAt := time.Now()
-			// 循环读取 Chunk 消息
-			var message = types.Message{}
-			var contents = make([]string, 0)
-			var functionCall = false
-			var functionName string
-			var arguments = make([]string, 0)
-			reader := bufio.NewReader(response.Body)
-			for {
-				line, err := reader.ReadString('\n')
-				if err != nil {
-					if strings.Contains(err.Error(), "context canceled") {
-						logger.Info("用户取消了请求：", prompt)
-					} else if err != io.EOF {
-						logger.Error("信息读取出错：", err)
-					}
-					break
-				}
-				if !strings.Contains(line, "data:") || len(line) < 30 {
-					continue
-				}
-
-				var responseBody = types.ApiResponse{}
-				err = json.Unmarshal([]byte(line[6:]), &responseBody)
-				if err != nil || len(responseBody.Choices) == 0 { // 数据解析出错
-					logger.Error(err, line)
-					utils.ReplyMessage(ws, ErrorMsg)
-					utils.ReplyMessage(ws, "![](/images/wx.png)")
-					break
-				}
-
-				fun := responseBody.Choices[0].Delta.FunctionCall
-				if functionCall && fun.Name == "" {
-					arguments = append(arguments, fun.Arguments)
-					continue
-				}
-
-				if !utils.IsEmptyValue(fun) {
-					functionCall = true
-					functionName = fun.Name
-					f := h.App.Functions[functionName]
-					utils.ReplyChunkMessage(ws, types.WsMessage{Type: types.WsStart})
-					utils.ReplyChunkMessage(ws, types.WsMessage{Type: types.WsMiddle, Content: fmt.Sprintf("正在调用函数 `%s` 作答 ...\n\n", f.Name())})
-					continue
-				}
-
-				if responseBody.Choices[0].FinishReason == "function_call" { // 函数调用完毕
-					break
-				}
-
-				// 初始化 role
-				if responseBody.Choices[0].Delta.Role != "" && message.Role == "" {
-					message.Role = responseBody.Choices[0].Delta.Role
-					utils.ReplyChunkMessage(ws, types.WsMessage{Type: types.WsStart})
-					continue
-				} else if responseBody.Choices[0].FinishReason != "" {
-					break // 输出完成或者输出中断了
-				} else {
-					content := responseBody.Choices[0].Delta.Content
-					contents = append(contents, utils.InterfaceToString(content))
-					utils.ReplyChunkMessage(ws, types.WsMessage{
-						Type:    types.WsMiddle,
-						Content: utils.InterfaceToString(responseBody.Choices[0].Delta.Content),
-					})
-				}
-			} // end for
-
-			if functionCall { // 调用函数完成任务
-				var params map[string]interface{}
-				_ = utils.JsonDecode(strings.Join(arguments, ""), &params)
-				logger.Debugf("函数名称: %s, 函数参数：%s", functionName, params)
-
-				// for creating image, check if the user's img_calls > 0
-				if functionName == types.FuncMidJourney && userVo.ImgCalls <= 0 {
-					utils.ReplyMessage(ws, "**当前用户剩余绘图次数已用尽，请扫描下面二维码联系管理员！**")
-					utils.ReplyMessage(ws, "![](/images/wx.png)")
-				} else {
-					f := h.App.Functions[functionName]
-					data, err := f.Invoke(params)
-					if err != nil {
-						msg := "调用函数出错：" + err.Error()
-						utils.ReplyChunkMessage(ws, types.WsMessage{
-							Type:    types.WsMiddle,
-							Content: msg,
-						})
-						contents = append(contents, msg)
-					} else {
-						content := data
-						if functionName == types.FuncMidJourney {
-							key := utils.Sha256(data)
-							logger.Debug(data, ",", key)
-							// add task for MidJourney
-							h.App.MjTaskClients.Put(key, ws)
-							task := types.MjTask{
-								UserId: userVo.Id,
-								RoleId: role.Id,
-								Icon:   "/images/avatar/mid_journey.png",
-								ChatId: session.ChatId,
-							}
-							err := h.leveldb.Put(types.TaskStorePrefix+key, task)
-							if err != nil {
-								logger.Error("error with store MidJourney task: ", err)
-							}
-							content = fmt.Sprintf("绘画提示词：%s 已推送任务到 MidJourney 机器人，请耐心等待任务执行...", data)
-
-							// update user's img_calls
-							h.db.Model(&user).UpdateColumn("img_calls", gorm.Expr("img_calls - ?", 1))
-						}
-
-						utils.ReplyChunkMessage(ws, types.WsMessage{
-							Type:    types.WsMiddle,
-							Content: content,
-						})
-						contents = append(contents, content)
-					}
-				}
-			}
-
-			// 消息发送成功
-			if len(contents) > 0 {
-				// 更新用户的对话次数
-				if userVo.ChatConfig.ApiKey == "" { // 如果用户使用的是自己绑定的 API KEY 则不扣减对话次数
-					h.db.Model(&user).UpdateColumn("calls", gorm.Expr("calls - ?", 1))
-				}
-
-				if message.Role == "" {
-					message.Role = "assistant"
-				}
-				message.Content = strings.Join(contents, "")
-				useMsg := types.Message{Role: "user", Content: prompt}
-
-				// 更新上下文消息，如果是调用函数则不需要更新上下文
-				if userVo.ChatConfig.EnableContext && functionCall == false {
-					chatCtx = append(chatCtx, useMsg)  // 提问消息
-					chatCtx = append(chatCtx, message) // 回复消息
-					h.App.ChatContexts.Put(session.ChatId, chatCtx)
-				}
-
-				// 追加聊天记录
-				if userVo.ChatConfig.EnableHistory {
-					useContext := true
-					if functionCall {
-						useContext = false
-					}
-
-					// for prompt
-					promptToken, err := utils.CalcTokens(prompt, req.Model)
-					if err != nil {
-						logger.Error(err)
-					}
-					historyUserMsg := model.HistoryMessage{
-						UserId:     userVo.Id,
-						ChatId:     session.ChatId,
-						RoleId:     role.Id,
-						Type:       types.PromptMsg,
-						Icon:       user.Avatar,
-						Content:    prompt,
-						Tokens:     promptToken,
-						UseContext: useContext,
-					}
-					historyUserMsg.CreatedAt = promptCreatedAt
-					historyUserMsg.UpdatedAt = promptCreatedAt
-					res := h.db.Save(&historyUserMsg)
-					if res.Error != nil {
-						logger.Error("failed to save prompt history message: ", res.Error)
-					}
-
-					// for reply
-					// 计算本次对话消耗的总 token 数量
-					var replyToken = 0
-					if functionCall { // 函数名 + 参数 token
-						tokens, _ := utils.CalcTokens(functionName, req.Model)
-						replyToken += tokens
-						tokens, _ = utils.CalcTokens(utils.InterfaceToString(arguments), req.Model)
-						replyToken += tokens
-					} else {
-						replyToken, _ = utils.CalcTokens(message.Content, req.Model)
-					}
-
-					historyReplyMsg := model.HistoryMessage{
-						UserId:     userVo.Id,
-						ChatId:     session.ChatId,
-						RoleId:     role.Id,
-						Type:       types.ReplyMsg,
-						Icon:       role.Icon,
-						Content:    message.Content,
-						Tokens:     replyToken,
-						UseContext: useContext,
-					}
-					historyReplyMsg.CreatedAt = replyCreatedAt
-					historyReplyMsg.UpdatedAt = replyCreatedAt
-					res = h.db.Create(&historyReplyMsg)
-					if res.Error != nil {
-						logger.Error("failed to save reply history message: ", res.Error)
-					}
-
-					// 计算本次对话消耗的总 token 数量
-					var totalTokens = 0
-					if functionCall { // prompt + 函数名 + 参数 token
-						totalTokens = promptToken + replyToken
-					} else {
-						totalTokens = replyToken + getTotalTokens(req)
-					}
-					//utils.ReplyChunkMessage(ws, types.WsMessage{Type: types.WsMiddle, Content: fmt.Sprintf("\n\n `本轮对话共消耗 Token 数量: %d`", totalTokens+11)})
-					if userVo.ChatConfig.ApiKey != "" { // 调用自己的 API KEY 不计算 token 消耗
-						h.db.Model(&user).UpdateColumn("tokens", gorm.Expr("tokens + ?",
-							totalTokens))
-					}
-				}
-
-				// 保存当前会话
-				var chatItem model.ChatItem
-				res = h.db.Where("chat_id = ?", session.ChatId).First(&chatItem)
-				if res.Error != nil {
-					chatItem.ChatId = session.ChatId
-					chatItem.UserId = session.UserId
-					chatItem.RoleId = role.Id
-					chatItem.Model = session.Model
-					if utf8.RuneCountInString(prompt) > 30 {
-						chatItem.Title = string([]rune(prompt)[:30]) + "..."
-					} else {
-						chatItem.Title = prompt
-					}
-					h.db.Create(&chatItem)
-				}
-			}
-		}
-	} else {
-		body, err := io.ReadAll(response.Body)
-		if err != nil {
-			return fmt.Errorf("error with reading response: %v", err)
-		}
-		var res types.ApiError
-		err = json.Unmarshal(body, &res)
-		if err != nil {
-			return fmt.Errorf("error with decode response: %v", err)
-		}
-
-		// OpenAI API 调用异常处理
-		// TODO: 是否考虑重发消息？
-		if strings.Contains(res.Error.Message, "This key is associated with a deactivated account") {
-			utils.ReplyMessage(ws, "请求 OpenAI API 失败：API KEY 所关联的账户被禁用。")
-			// 移除当前 API key
-			h.db.Where("value = ?", apiKey).Delete(&model.ApiKey{})
-		} else if strings.Contains(res.Error.Message, "You exceeded your current quota") {
-			utils.ReplyMessage(ws, "请求 OpenAI API 失败：API KEY 触发并发限制，请稍后再试。")
-		} else if strings.Contains(res.Error.Message, "This model's maximum context length") {
-			logger.Error(res.Error.Message)
-			utils.ReplyMessage(ws, "当前会话上下文长度超出限制，已为您清空会话上下文！")
-			h.App.ChatContexts.Delete(session.ChatId)
-			return h.sendMessage(ctx, session, role, prompt, ws)
-		} else {
-			utils.ReplyMessage(ws, "请求 OpenAI API 失败："+res.Error.Message)
-		}
-	}
-
-	return nil
-}
-
-// 发送请求到 OpenAI 服务器
-// useOwnApiKey: 是否使用了用户自己的 API KEY
-func (h *ChatHandler) doRequest(ctx context.Context, user vo.User, apiKey *string, req types.ApiRequest) (*http.Response, error) {
-	var client *http.Client
-	requestBody, err := json.Marshal(req)
-	if err != nil {
-		return nil, err
-	}
-	// 创建 HttpClient 请求对象
-	request, err := http.NewRequest(http.MethodPost, h.App.ChatConfig.ApiURL, bytes.NewBuffer(requestBody))
-	if err != nil {
-		return nil, err
-	}
-
-	request = request.WithContext(ctx)
-	request.Header.Add("Content-Type", "application/json")
-
-	proxyURL := h.App.Config.ProxyURL
-	if proxyURL == "" {
-		client = &http.Client{}
-	} else { // 使用代理
-		proxy, _ := url.Parse(proxyURL)
-		client = &http.Client{
-			Transport: &http.Transport{
-				Proxy: http.ProxyURL(proxy),
-			},
-		}
-	}
-	// 查询当前用户是否导入了自己的 API KEY
-	if user.ChatConfig.ApiKey != "" {
-		logger.Info("使用用户自己的 API KEY: ", user.ChatConfig.ApiKey)
-		*apiKey = user.ChatConfig.ApiKey
-	} else { // 获取系统的 API KEY
-		var key model.ApiKey
-		res := h.db.Where("user_id = ?", 0).Order("last_used_at ASC").First(&key)
-		if res.Error != nil {
-			return nil, errors.New("no available key, please import key")
-		}
-		*apiKey = key.Value
-		// 更新 API KEY 的最后使用时间
-		h.db.Model(&key).UpdateColumn("last_used_at", time.Now().Unix())
-	}
-
-	logger.Infof("Sending OpenAI request, KEY: %s, PROXY: %s, Model: %s", *apiKey, proxyURL, req.Model)
-	request.Header.Set("Authorization", fmt.Sprintf("Bearer %s", *apiKey))
-	return client.Do(request)
-}
-
-// Tokens 统计 token 数量
-func (h *ChatHandler) Tokens(c *gin.Context) {
-	text := c.Query("text")
-	md := c.Query("model")
-	tokens, err := utils.CalcTokens(text, md)
-	if err != nil {
-		resp.ERROR(c, err.Error())
-		return
-	}
-
-	resp.SUCCESS(c, tokens)
-}
-
-func getTotalTokens(req types.ApiRequest) int {
-	encode := utils.JsonEncode(req.Messages)
-	var items []map[string]interface{}
-	err := utils.JsonDecode(encode, &items)
-	if err != nil {
-		return 0
-	}
-	tokens := 0
-	for _, item := range items {
-		content, ok := item["content"]
-		if ok && !utils.IsEmptyValue(content) {
-			t, err := utils.CalcTokens(utils.InterfaceToString(content), req.Model)
-			if err == nil {
-				tokens += t
-			}
-		}
-	}
-	return tokens
-}
-
-// StopGenerate 停止生成
-func (h *ChatHandler) StopGenerate(c *gin.Context) {
-	sessionId := c.Query("session_id")
-	if h.App.ReqCancelFunc.Has(sessionId) {
-		h.App.ReqCancelFunc.Get(sessionId)()
-		h.App.ReqCancelFunc.Delete(sessionId)
-	}
-	resp.SUCCESS(c, types.OkMsg)
-}
--- a/api/handler/chat_history_handler.go
+++ b/api/handler/chat_history_handler.go
@@ -1,119 +0,0 @@
-package handler
-
-import (
-	"chatplus/core/types"
-	"chatplus/store/model"
-	"chatplus/store/vo"
-	"chatplus/utils"
-	"chatplus/utils/resp"
-
-	"github.com/gin-gonic/gin"
-)
-
-// Update 更新会话标题
-func (h *ChatHandler) Update(c *gin.Context) {
-	var data struct {
-		Id    uint   `json:"id"`
-		Title string `json:"title"`
-	}
-	if err := c.ShouldBindJSON(&data); err != nil {
-		resp.ERROR(c, types.InvalidArgs)
-		return
-	}
-	var m = model.ChatItem{}
-	m.Id = data.Id
-	res := h.db.Model(&m).UpdateColumn("title", data.Title)
-	if res.Error != nil {
-		resp.ERROR(c, "Failed to update database")
-		return
-	}
-
-	resp.SUCCESS(c, types.OkMsg)
-}
-
-// Remove 删除会话
-func (h *ChatHandler) Remove(c *gin.Context) {
-	chatId := h.GetTrim(c, "chat_id")
-	if chatId == "" {
-		resp.ERROR(c, types.InvalidArgs)
-		return
-	}
-	user, err := utils.GetLoginUser(c, h.db)
-	if err != nil {
-		resp.NotAuth(c)
-		return
-	}
-
-	res := h.db.Where("user_id = ? AND chat_id = ?", user.Id, chatId).Delete(&model.ChatItem{})
-	if res.Error != nil {
-		resp.ERROR(c, "Failed to update database")
-		return
-	}
-
-	// 清空会话上下文
-	h.App.ChatContexts.Delete(chatId)
-	resp.SUCCESS(c, types.OkMsg)
-}
-
-// History 获取聊天历史记录
-func (h *ChatHandler) History(c *gin.Context) {
-	chatId := c.Query("chat_id") // 会话 ID
-	user, err := utils.GetLoginUser(c, h.db)
-	if err != nil {
-		resp.NotAuth(c)
-		return
-	}
-	var items []model.HistoryMessage
-	var messages = make([]vo.HistoryMessage, 0)
-	res := h.db.Where("chat_id = ? AND user_id = ?", chatId, user.Id).Find(&items)
-	if res.Error != nil {
-		resp.ERROR(c, "No history message")
-		return
-	} else {
-		for _, item := range items {
-			var v vo.HistoryMessage
-			err := utils.CopyObject(item, &v)
-			v.CreatedAt = item.CreatedAt.Unix()
-			v.UpdatedAt = item.UpdatedAt.Unix()
-			if err == nil {
-				messages = append(messages, v)
-			}
-		}
-	}
-
-	resp.SUCCESS(c, messages)
-}
-
-// Clear 清空所有聊天记录
-func (h *ChatHandler) Clear(c *gin.Context) {
-	// 获取当前登录用户所有的聊天会话
-	user, err := utils.GetLoginUser(c, h.db)
-	if err != nil {
-		resp.NotAuth(c)
-		return
-	}
-
-	var chats []model.ChatItem
-	res := h.db.Where("user_id = ?", user.Id).Find(&chats)
-	if res.Error != nil {
-		resp.ERROR(c, "No chats found")
-		return
-	}
-	// 清空聊天记录
-	for _, chat := range chats {
-		err := h.db.Where("chat_id = ? AND user_id = ?", chat.ChatId, user.Id).Delete(&model.HistoryMessage{})
-		if err != nil {
-			logger.Warnf("Failed to delele chat history for ChatID: %s", chat.ChatId)
-		}
-		// 清空会话上下文
-		h.App.ChatContexts.Delete(chat.ChatId)
-	}
-	// 删除所有的会话记录
-	res = h.db.Where("user_id = ?", user.Id).Delete(&model.ChatItem{})
-	if res.Error != nil {
-		resp.ERROR(c, "Failed to remove chat from database.")
-		return
-	}
-
-	resp.SUCCESS(c, types.OkMsg)
-}
--- a/api/handler/chat_item_handler.go
+++ b/api/handler/chat_item_handler.go
@@ -1,71 +0,0 @@
-package handler
-
-import (
-	"chatplus/store/model"
-	"chatplus/store/vo"
-	"chatplus/utils"
-	"chatplus/utils/resp"
-	"github.com/gin-gonic/gin"
-)
-
-// List 获取会话列表
-func (h *ChatHandler) List(c *gin.Context) {
-	userId := h.GetInt(c, "user_id", 0)
-	if userId == 0 {
-		resp.ERROR(c, "The parameter 'user_id' is needed.")
-		return
-	}
-	var items = make([]vo.ChatItem, 0)
-	var chats []model.ChatItem
-	res := h.db.Where("user_id = ?", userId).Order("id DESC").Find(&chats)
-	if res.Error == nil {
-		var roleIds = make([]uint, 0)
-		for _, chat := range chats {
-			roleIds = append(roleIds, chat.RoleId)
-		}
-		var roles []model.ChatRole
-		res = h.db.Find(&roles, roleIds)
-		if res.Error == nil {
-			roleMap := make(map[uint]model.ChatRole)
-			for _, role := range roles {
-				roleMap[role.Id] = role
-			}
-
-			for _, chat := range chats {
-				var item vo.ChatItem
-				err := utils.CopyObject(chat, &item)
-				if err == nil {
-					item.Id = chat.Id
-					item.Icon = roleMap[chat.RoleId].Icon
-					items = append(items, item)
-				}
-			}
-		}
-
-	}
-	resp.SUCCESS(c, items)
-}
-
-func (h *ChatHandler) Detail(c *gin.Context) {
-	chatId := h.GetTrim(c, "chat_id")
-	if utils.IsEmptyValue(chatId) {
-		resp.ERROR(c, "Invalid chatId")
-		return
-	}
-
-	var chatItem model.ChatItem
-	res := h.db.Where("chat_id = ?", chatId).First(&chatItem)
-	if res.Error != nil {
-		resp.ERROR(c, "No chat found")
-		return
-	}
-
-	var chatItemVo vo.ChatItem
-	err := utils.CopyObject(chatItem, &chatItemVo)
-	if err != nil {
-		resp.ERROR(c, err.Error())
-		return
-	}
-
-	resp.SUCCESS(c, chatItemVo)
-}
--- a/api/handler/chat_model_handler.go
+++ b/api/handler/chat_model_handler.go
@@ -0,0 +1,58 @@
+package handler
+
+import (
+	"chatplus/core"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+type ChatModelHandler struct {
+	BaseHandler
+}
+
+func NewChatModelHandler(app *core.AppServer, db *gorm.DB) *ChatModelHandler {
+	return &ChatModelHandler{BaseHandler: BaseHandler{App: app, DB: db}}
+}
+
+// List 模型列表
+func (h *ChatModelHandler) List(c *gin.Context) {
+	var items []model.ChatModel
+	var chatModels = make([]vo.ChatModel, 0)
+	var res *gorm.DB
+	// 如果用户没有登录，则加载所有开放模型
+	if !h.IsLogin(c) {
+		res = h.DB.Where("enabled = ?", true).Where("open =?", true).Order("sort_num ASC").Find(&items)
+	} else {
+		user, _ := h.GetLoginUser(c)
+		var models []int
+		err := utils.JsonDecode(user.ChatModels, &models)
+		if err != nil {
+			resp.ERROR(c, "当前用户没有订阅任何模型")
+			return
+		}
+		// 查询用户有权限访问的模型以及所有开放的模型
+		res = h.DB.Where("enabled = ?", true).Where(
+			h.DB.Where("id IN ?", models).Or("open =?", true),
+		).Order("sort_num ASC").Find(&items)
+	}
+
+	if res.Error == nil {
+		for _, item := range items {
+			var cm vo.ChatModel
+			err := utils.CopyObject(item, &cm)
+			if err == nil {
+				cm.Id = item.Id
+				cm.CreatedAt = item.CreatedAt.Unix()
+				cm.UpdatedAt = item.UpdatedAt.Unix()
+				chatModels = append(chatModels, cm)
+			} else {
+				logger.Error(err)
+			}
+		}
+	}
+	resp.SUCCESS(c, chatModels)
+}
--- a/api/handler/chat_role_handler.go
+++ b/api/handler/chat_role_handler.go
@@ -2,6 +2,7 @@ package handler

 import (
 	"chatplus/core"
+	"chatplus/core/types"
 	"chatplus/store/model"
 	"chatplus/store/vo"
 	"chatplus/utils"
@@ -13,37 +14,49 @@ import (

 type ChatRoleHandler struct {
 	BaseHandler
-	db *gorm.DB
 }

 func NewChatRoleHandler(app *core.AppServer, db *gorm.DB) *ChatRoleHandler {
-	handler := &ChatRoleHandler{db: db}
-	handler.App = app
-	return handler
+	return &ChatRoleHandler{BaseHandler: BaseHandler{App: app, DB: db}}
 }

-// List get user list
+// List 获取用户聊天应用列表
 func (h *ChatRoleHandler) List(c *gin.Context) {
+	all := h.GetBool(c, "all")
+	userId := h.GetLoginUserId(c)
 	var roles []model.ChatRole
-	res := h.db.Where("enable", true).Order("sort ASC").Find(&roles)
+	var roleVos = make([]vo.ChatRole, 0)
+	res := h.DB.Where("enable", true).Order("sort_num ASC").Find(&roles)
 	if res.Error != nil {
-		resp.ERROR(c, "No roles found,"+res.Error.Error())
+		resp.SUCCESS(c, roleVos)
 		return
 	}

-	user, err := utils.GetLoginUser(c, h.db)
-	if err != nil {
-		resp.NotAuth(c)
+	// 获取所有角色
+	if userId == 0 || all {
+		// 转成 vo
+		var roleVos = make([]vo.ChatRole, 0)
+		for _, r := range roles {
+			var v vo.ChatRole
+			err := utils.CopyObject(r, &v)
+			if err == nil {
+				v.Id = r.Id
+				roleVos = append(roleVos, v)
+			}
+		}
+		resp.SUCCESS(c, roleVos)
 		return
 	}
+
+	var user model.User
+	h.DB.First(&user, userId)
 	var roleKeys []string
-	err = utils.JsonDecode(user.ChatRoles, &roleKeys)
+	err := utils.JsonDecode(user.ChatRoles, &roleKeys)
 	if err != nil {
 		resp.ERROR(c, "角色解析失败！")
 		return
 	}
-	// 转成 vo
-	var roleVos = make([]vo.ChatRole, 0)
+
 	for _, r := range roles {
 		if !utils.ContainsStr(roleKeys, r.Key) {
 			continue
@@ -57,3 +70,29 @@ func (h *ChatRoleHandler) List(c *gin.Context) {
 	}
 	resp.SUCCESS(c, roleVos)
 }
+
+// UpdateRole 更新用户聊天角色
+func (h *ChatRoleHandler) UpdateRole(c *gin.Context) {
+	user, err := h.GetLoginUser(c)
+	if err != nil {
+		resp.NotAuth(c)
+		return
+	}
+
+	var data struct {
+		Keys []string `json:"keys"`
+	}
+	if err = c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Model(&model.User{}).Where("id = ?", user.Id).UpdateColumn("chat_roles_json", utils.JsonEncode(data.Keys))
+	if res.Error != nil {
+		logger.Error("添加应用失败：", err)
+		resp.ERROR(c, "更新数据库失败！")
+		return
+	}
+
+	resp.SUCCESS(c)
+}
--- a/api/handler/chatimpl/azure_handler.go
+++ b/api/handler/chatimpl/azure_handler.go
@@ -0,0 +1,208 @@
+package chatimpl
+
+import (
+	"bufio"
+	"chatplus/core/types"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"context"
+	"encoding/json"
+	"fmt"
+	"html/template"
+	"io"
+	"strings"
+	"time"
+	"unicode/utf8"
+)
+
+// 微软 Azure 模型消息发送实现
+
+func (h *ChatHandler) sendAzureMessage(
+	chatCtx []types.Message,
+	req types.ApiRequest,
+	userVo vo.User,
+	ctx context.Context,
+	session *types.ChatSession,
+	role model.ChatRole,
+	prompt string,
+	ws *types.WsClient) error {
+	promptCreatedAt := time.Now() // 记录提问时间
+	start := time.Now()
+	var apiKey = model.ApiKey{}
+	response, err := h.doRequest(ctx, req, session.Model.Platform, &apiKey)
+	logger.Info("HTTP请求完成，耗时：", time.Now().Sub(start))
+	if err != nil {
+		if strings.Contains(err.Error(), "context canceled") {
+			logger.Info("用户取消了请求：", prompt)
+			return nil
+		} else if strings.Contains(err.Error(), "no available key") {
+			utils.ReplyMessage(ws, "抱歉😔😔😔，系统已经没有可用的 API KEY，请联系管理员！")
+			return nil
+		} else {
+			logger.Error(err)
+		}
+
+		utils.ReplyMessage(ws, ErrorMsg)
+		utils.ReplyMessage(ws, ErrImg)
+		return err
+	} else {
+		defer response.Body.Close()
+	}
+
+	contentType := response.Header.Get("Content-Type")
+	if strings.Contains(contentType, "text/event-stream") {
+		replyCreatedAt := time.Now() // 记录回复时间
+		// 循环读取 Chunk 消息
+		var message = types.Message{}
+		var contents = make([]string, 0)
+		scanner := bufio.NewScanner(response.Body)
+		for scanner.Scan() {
+			line := scanner.Text()
+			if !strings.Contains(line, "data:") || len(line) < 30 {
+				continue
+			}
+
+			var responseBody = types.ApiResponse{}
+			err = json.Unmarshal([]byte(line[6:]), &responseBody)
+			if err != nil { // 数据解析出错
+				logger.Error(err, line)
+				utils.ReplyMessage(ws, ErrorMsg)
+				utils.ReplyMessage(ws, ErrImg)
+				break
+			}
+
+			if len(responseBody.Choices) == 0 {
+				continue
+			}
+
+			// 初始化 role
+			if responseBody.Choices[0].Delta.Role != "" && message.Role == "" {
+				message.Role = responseBody.Choices[0].Delta.Role
+				utils.ReplyChunkMessage(ws, types.WsMessage{Type: types.WsStart})
+				continue
+			} else if responseBody.Choices[0].FinishReason != "" {
+				break // 输出完成或者输出中断了
+			} else {
+				content := responseBody.Choices[0].Delta.Content
+				contents = append(contents, utils.InterfaceToString(content))
+				utils.ReplyChunkMessage(ws, types.WsMessage{
+					Type:    types.WsMiddle,
+					Content: utils.InterfaceToString(responseBody.Choices[0].Delta.Content),
+				})
+			}
+		} // end for
+
+		if err := scanner.Err(); err != nil {
+			if strings.Contains(err.Error(), "context canceled") {
+				logger.Info("用户取消了请求：", prompt)
+			} else {
+				logger.Error("信息读取出错：", err)
+			}
+		}
+
+		// 消息发送成功
+		if len(contents) > 0 {
+
+			if message.Role == "" {
+				message.Role = "assistant"
+			}
+			message.Content = strings.Join(contents, "")
+			useMsg := types.Message{Role: "user", Content: prompt}
+
+			// 更新上下文消息，如果是调用函数则不需要更新上下文
+			if h.App.SysConfig.EnableContext {
+				chatCtx = append(chatCtx, useMsg)  // 提问消息
+				chatCtx = append(chatCtx, message) // 回复消息
+				h.App.ChatContexts.Put(session.ChatId, chatCtx)
+			}
+
+			// 追加聊天记录
+			// for prompt
+			promptToken, err := utils.CalcTokens(prompt, req.Model)
+			if err != nil {
+				logger.Error(err)
+			}
+			historyUserMsg := model.ChatMessage{
+				UserId:     userVo.Id,
+				ChatId:     session.ChatId,
+				RoleId:     role.Id,
+				Type:       types.PromptMsg,
+				Icon:       userVo.Avatar,
+				Content:    template.HTMLEscapeString(prompt),
+				Tokens:     promptToken,
+				UseContext: true,
+				Model:      req.Model,
+			}
+			historyUserMsg.CreatedAt = promptCreatedAt
+			historyUserMsg.UpdatedAt = promptCreatedAt
+			res := h.DB.Save(&historyUserMsg)
+			if res.Error != nil {
+				logger.Error("failed to save prompt history message: ", res.Error)
+			}
+
+			// 计算本次对话消耗的总 token 数量
+			replyTokens, _ := utils.CalcTokens(message.Content, req.Model)
+			replyTokens += getTotalTokens(req)
+
+			historyReplyMsg := model.ChatMessage{
+				UserId:     userVo.Id,
+				ChatId:     session.ChatId,
+				RoleId:     role.Id,
+				Type:       types.ReplyMsg,
+				Icon:       role.Icon,
+				Content:    message.Content,
+				Tokens:     replyTokens,
+				UseContext: true,
+				Model:      req.Model,
+			}
+			historyReplyMsg.CreatedAt = replyCreatedAt
+			historyReplyMsg.UpdatedAt = replyCreatedAt
+			res = h.DB.Create(&historyReplyMsg)
+			if res.Error != nil {
+				logger.Error("failed to save reply history message: ", res.Error)
+			}
+
+			// 更新用户算力
+			h.subUserPower(userVo, session, promptToken, replyTokens)
+
+			// 保存当前会话
+			var chatItem model.ChatItem
+			res = h.DB.Where("chat_id = ?", session.ChatId).First(&chatItem)
+			if res.Error != nil {
+				chatItem.ChatId = session.ChatId
+				chatItem.UserId = session.UserId
+				chatItem.RoleId = role.Id
+				chatItem.ModelId = session.Model.Id
+				if utf8.RuneCountInString(prompt) > 30 {
+					chatItem.Title = string([]rune(prompt)[:30]) + "..."
+				} else {
+					chatItem.Title = prompt
+				}
+				chatItem.Model = req.Model
+				h.DB.Create(&chatItem)
+			}
+		}
+	} else {
+		body, err := io.ReadAll(response.Body)
+		if err != nil {
+			return fmt.Errorf("error with reading response: %v", err)
+		}
+		var res types.ApiError
+		err = json.Unmarshal(body, &res)
+		if err != nil {
+			return fmt.Errorf("error with decode response: %v", err)
+		}
+
+		if strings.Contains(res.Error.Message, "maximum context length") {
+			logger.Error(res.Error.Message)
+			utils.ReplyMessage(ws, "当前会话上下文长度超出限制，已为您清空会话上下文！")
+			h.App.ChatContexts.Delete(session.ChatId)
+			return h.sendMessage(ctx, session, role, prompt, ws)
+		} else {
+			utils.ReplyMessage(ws, "请求 Azure API 失败："+res.Error.Message)
+		}
+	}
+
+	return nil
+}
--- a/api/handler/chatimpl/baidu_handler.go
+++ b/api/handler/chatimpl/baidu_handler.go
@@ -0,0 +1,273 @@
+package chatimpl
+
+import (
+	"bufio"
+	"chatplus/core/types"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"context"
+	"encoding/json"
+	"fmt"
+	"html/template"
+	"io"
+	"net/http"
+	"strings"
+	"time"
+	"unicode/utf8"
+)
+
+type baiduResp struct {
+	Id               string `json:"id"`
+	Object           string `json:"object"`
+	Created          int    `json:"created"`
+	SentenceId       int    `json:"sentence_id"`
+	IsEnd            bool   `json:"is_end"`
+	IsTruncated      bool   `json:"is_truncated"`
+	Result           string `json:"result"`
+	NeedClearHistory bool   `json:"need_clear_history"`
+	Usage            struct {
+		PromptTokens     int `json:"prompt_tokens"`
+		CompletionTokens int `json:"completion_tokens"`
+		TotalTokens      int `json:"total_tokens"`
+	} `json:"usage"`
+}
+
+// 百度文心一言消息发送实现
+
+func (h *ChatHandler) sendBaiduMessage(
+	chatCtx []types.Message,
+	req types.ApiRequest,
+	userVo vo.User,
+	ctx context.Context,
+	session *types.ChatSession,
+	role model.ChatRole,
+	prompt string,
+	ws *types.WsClient) error {
+	promptCreatedAt := time.Now() // 记录提问时间
+	start := time.Now()
+	var apiKey = model.ApiKey{}
+	response, err := h.doRequest(ctx, req, session.Model.Platform, &apiKey)
+	logger.Info("HTTP请求完成，耗时：", time.Now().Sub(start))
+	if err != nil {
+		if strings.Contains(err.Error(), "context canceled") {
+			logger.Info("用户取消了请求：", prompt)
+			return nil
+		} else if strings.Contains(err.Error(), "no available key") {
+			utils.ReplyMessage(ws, "抱歉😔😔😔，系统已经没有可用的 API KEY，请联系管理员！")
+			return nil
+		} else {
+			logger.Error(err)
+		}
+
+		utils.ReplyMessage(ws, ErrorMsg)
+		utils.ReplyMessage(ws, ErrImg)
+		return err
+	} else {
+		defer response.Body.Close()
+	}
+
+	contentType := response.Header.Get("Content-Type")
+	if strings.Contains(contentType, "text/event-stream") {
+		replyCreatedAt := time.Now() // 记录回复时间
+		// 循环读取 Chunk 消息
+		var message = types.Message{}
+		var contents = make([]string, 0)
+		var content string
+		scanner := bufio.NewScanner(response.Body)
+		for scanner.Scan() {
+			line := scanner.Text()
+			if len(line) < 5 || strings.HasPrefix(line, "id:") {
+				continue
+			}
+
+			if strings.HasPrefix(line, "data:") {
+				content = line[5:]
+			}
+
+			// 处理代码换行
+			if len(content) == 0 {
+				content = "\n"
+			}
+
+			var resp baiduResp
+			err := utils.JsonDecode(content, &resp)
+			if err != nil {
+				logger.Error("error with parse data line: ", err)
+				utils.ReplyMessage(ws, fmt.Sprintf("**解析数据行失败：%s**", err))
+				break
+			}
+
+			if len(contents) == 0 {
+				utils.ReplyChunkMessage(ws, types.WsMessage{Type: types.WsStart})
+			}
+			utils.ReplyChunkMessage(ws, types.WsMessage{
+				Type:    types.WsMiddle,
+				Content: utils.InterfaceToString(resp.Result),
+			})
+			contents = append(contents, resp.Result)
+
+			if resp.IsTruncated {
+				utils.ReplyMessage(ws, "AI 输出异常中断")
+				break
+			}
+
+			if resp.IsEnd {
+				break
+			}
+
+		} // end for
+
+		if err := scanner.Err(); err != nil {
+			if strings.Contains(err.Error(), "context canceled") {
+				logger.Info("用户取消了请求：", prompt)
+			} else {
+				logger.Error("信息读取出错：", err)
+			}
+		}
+
+		// 消息发送成功
+		if len(contents) > 0 {
+			if message.Role == "" {
+				message.Role = "assistant"
+			}
+			message.Content = strings.Join(contents, "")
+			useMsg := types.Message{Role: "user", Content: prompt}
+
+			// 更新上下文消息，如果是调用函数则不需要更新上下文
+			if h.App.SysConfig.EnableContext {
+				chatCtx = append(chatCtx, useMsg)  // 提问消息
+				chatCtx = append(chatCtx, message) // 回复消息
+				h.App.ChatContexts.Put(session.ChatId, chatCtx)
+			}
+
+			// 追加聊天记录
+			// for prompt
+			promptToken, err := utils.CalcTokens(prompt, req.Model)
+			if err != nil {
+				logger.Error(err)
+			}
+			historyUserMsg := model.ChatMessage{
+				UserId:     userVo.Id,
+				ChatId:     session.ChatId,
+				RoleId:     role.Id,
+				Type:       types.PromptMsg,
+				Icon:       userVo.Avatar,
+				Content:    template.HTMLEscapeString(prompt),
+				Tokens:     promptToken,
+				UseContext: true,
+				Model:      req.Model,
+			}
+			historyUserMsg.CreatedAt = promptCreatedAt
+			historyUserMsg.UpdatedAt = promptCreatedAt
+			res := h.DB.Save(&historyUserMsg)
+			if res.Error != nil {
+				logger.Error("failed to save prompt history message: ", res.Error)
+			}
+
+			// for reply
+			// 计算本次对话消耗的总 token 数量
+			replyTokens, _ := utils.CalcTokens(message.Content, req.Model)
+			totalTokens := replyTokens + getTotalTokens(req)
+			historyReplyMsg := model.ChatMessage{
+				UserId:     userVo.Id,
+				ChatId:     session.ChatId,
+				RoleId:     role.Id,
+				Type:       types.ReplyMsg,
+				Icon:       role.Icon,
+				Content:    message.Content,
+				Tokens:     totalTokens,
+				UseContext: true,
+				Model:      req.Model,
+			}
+			historyReplyMsg.CreatedAt = replyCreatedAt
+			historyReplyMsg.UpdatedAt = replyCreatedAt
+			res = h.DB.Create(&historyReplyMsg)
+			if res.Error != nil {
+				logger.Error("failed to save reply history message: ", res.Error)
+			}
+			// 更新用户算力
+			h.subUserPower(userVo, session, promptToken, replyTokens)
+
+			// 保存当前会话
+			var chatItem model.ChatItem
+			res = h.DB.Where("chat_id = ?", session.ChatId).First(&chatItem)
+			if res.Error != nil {
+				chatItem.ChatId = session.ChatId
+				chatItem.UserId = session.UserId
+				chatItem.RoleId = role.Id
+				chatItem.ModelId = session.Model.Id
+				if utf8.RuneCountInString(prompt) > 30 {
+					chatItem.Title = string([]rune(prompt)[:30]) + "..."
+				} else {
+					chatItem.Title = prompt
+				}
+				chatItem.Model = req.Model
+				h.DB.Create(&chatItem)
+			}
+		}
+	} else {
+		body, err := io.ReadAll(response.Body)
+		if err != nil {
+			return fmt.Errorf("error with reading response: %v", err)
+		}
+
+		var res struct {
+			Code int    `json:"error_code"`
+			Msg  string `json:"error_msg"`
+		}
+		err = json.Unmarshal(body, &res)
+		if err != nil {
+			return fmt.Errorf("error with decode response: %v", err)
+		}
+		utils.ReplyMessage(ws, "请求百度文心大模型 API 失败："+res.Msg)
+	}
+
+	return nil
+}
+
+func (h *ChatHandler) getBaiduToken(apiKey string) (string, error) {
+	ctx := context.Background()
+	tokenString, err := h.redis.Get(ctx, apiKey).Result()
+	if err == nil {
+		return tokenString, nil
+	}
+
+	expr := time.Hour * 24 * 20 // access_token 有效期
+	key := strings.Split(apiKey, "|")
+	if len(key) != 2 {
+		return "", fmt.Errorf("invalid api key: %s", apiKey)
+	}
+	url := fmt.Sprintf("https://aip.baidubce.com/oauth/2.0/token?client_id=%s&client_secret=%s&grant_type=client_credentials", key[0], key[1])
+	client := &http.Client{}
+	req, err := http.NewRequest("POST", url, nil)
+	if err != nil {
+		return "", err
+	}
+	req.Header.Add("Content-Type", "application/json")
+	req.Header.Add("Accept", "application/json")
+
+	res, err := client.Do(req)
+	if err != nil {
+		return "", fmt.Errorf("error with send request: %w", err)
+	}
+	defer res.Body.Close()
+
+	body, err := io.ReadAll(res.Body)
+	if err != nil {
+		return "", fmt.Errorf("error with read response: %w", err)
+	}
+	var r map[string]interface{}
+	err = json.Unmarshal(body, &r)
+	if err != nil {
+		return "", fmt.Errorf("error with parse response: %w", err)
+	}
+
+	if r["error"] != nil {
+		return "", fmt.Errorf("error with api response: %s", r["error_description"])
+	}
+
+	tokenString = fmt.Sprintf("%s", r["access_token"])
+	h.redis.Set(ctx, apiKey, tokenString, expr)
+	return tokenString, nil
+}
--- a/api/handler/chatimpl/chat_handler.go
+++ b/api/handler/chatimpl/chat_handler.go
@@ -0,0 +1,566 @@
+package chatimpl
+
+import (
+	"bytes"
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/handler"
+	logger2 "chatplus/logger"
+	"chatplus/service/oss"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"net/http"
+	"net/url"
+	"regexp"
+	"strings"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/go-redis/redis/v8"
+	"github.com/gorilla/websocket"
+	"gorm.io/gorm"
+)
+
+const ErrorMsg = "抱歉，AI 助手开小差了，请稍后再试。"
+
+var ErrImg = "![](/images/wx.png)"
+
+var logger = logger2.GetLogger()
+
+type ChatHandler struct {
+	handler.BaseHandler
+	redis         *redis.Client
+	uploadManager *oss.UploaderManager
+}
+
+func NewChatHandler(app *core.AppServer, db *gorm.DB, redis *redis.Client, manager *oss.UploaderManager) *ChatHandler {
+	return &ChatHandler{
+		BaseHandler:   handler.BaseHandler{App: app, DB: db},
+		redis:         redis,
+		uploadManager: manager,
+	}
+}
+
+func (h *ChatHandler) Init() {
+	// 如果后台有上传微信客服微信二维码，则覆盖
+	if h.App.SysConfig.WechatCardURL != "" {
+		ErrImg = fmt.Sprintf("![](%s)", h.App.SysConfig.WechatCardURL)
+	}
+}
+
+// ChatHandle 处理聊天 WebSocket 请求
+func (h *ChatHandler) ChatHandle(c *gin.Context) {
+	ws, err := (&websocket.Upgrader{CheckOrigin: func(r *http.Request) bool { return true }}).Upgrade(c.Writer, c.Request, nil)
+	if err != nil {
+		logger.Error(err)
+		return
+	}
+
+	sessionId := c.Query("session_id")
+	roleId := h.GetInt(c, "role_id", 0)
+	chatId := c.Query("chat_id")
+	modelId := h.GetInt(c, "model_id", 0)
+
+	client := types.NewWsClient(ws)
+	// get model info
+	var chatModel model.ChatModel
+	res := h.DB.First(&chatModel, modelId)
+	if res.Error != nil || chatModel.Enabled == false {
+		utils.ReplyMessage(client, "当前AI模型暂未启用，连接已关闭！！！")
+		c.Abort()
+		return
+	}
+
+	session := h.App.ChatSession.Get(sessionId)
+	if session == nil {
+		user, err := h.GetLoginUser(c)
+		if err != nil {
+			logger.Info("用户未登录")
+			c.Abort()
+			return
+		}
+		session = &types.ChatSession{
+			SessionId: sessionId,
+			ClientIP:  c.ClientIP(),
+			Username:  user.Username,
+			UserId:    user.Id,
+		}
+		h.App.ChatSession.Put(sessionId, session)
+	}
+
+	// use old chat data override the chat model and role ID
+	var chat model.ChatItem
+	res = h.DB.Where("chat_id = ?", chatId).First(&chat)
+	if res.Error == nil {
+		chatModel.Id = chat.ModelId
+		roleId = int(chat.RoleId)
+	}
+
+	session.ChatId = chatId
+	session.Model = types.ChatModel{
+		Id:          chatModel.Id,
+		Name:        chatModel.Name,
+		Value:       chatModel.Value,
+		Power:       chatModel.Power,
+		MaxTokens:   chatModel.MaxTokens,
+		MaxContext:  chatModel.MaxContext,
+		Temperature: chatModel.Temperature,
+		Platform:    types.Platform(chatModel.Platform)}
+	logger.Infof("New websocket connected, IP: %s, Username: %s", c.ClientIP(), session.Username)
+	var chatRole model.ChatRole
+	res = h.DB.First(&chatRole, roleId)
+	if res.Error != nil || !chatRole.Enable {
+		utils.ReplyMessage(client, "当前聊天角色不存在或者未启用，连接已关闭！！！")
+		c.Abort()
+		return
+	}
+
+	h.Init()
+
+	// 保存会话连接
+	h.App.ChatClients.Put(sessionId, client)
+	go func() {
+		for {
+			_, msg, err := client.Receive()
+			if err != nil {
+				client.Close()
+				h.App.ChatClients.Delete(sessionId)
+				cancelFunc := h.App.ReqCancelFunc.Get(sessionId)
+				if cancelFunc != nil {
+					cancelFunc()
+					h.App.ReqCancelFunc.Delete(sessionId)
+				}
+				return
+			}
+
+			var message types.WsMessage
+			err = utils.JsonDecode(string(msg), &message)
+			if err != nil {
+				continue
+			}
+
+			// 心跳消息
+			if message.Type == "heartbeat" {
+				logger.Debug("收到 Chat 心跳消息：", message.Content)
+				continue
+			}
+
+			logger.Info("Receive a message: ", message.Content)
+
+			ctx, cancel := context.WithCancel(context.Background())
+			h.App.ReqCancelFunc.Put(sessionId, cancel)
+			// 回复消息
+			err = h.sendMessage(ctx, session, chatRole, utils.InterfaceToString(message.Content), client)
+			if err != nil {
+				logger.Error(err)
+				utils.ReplyChunkMessage(client, types.WsMessage{Type: types.WsEnd})
+			} else {
+				utils.ReplyChunkMessage(client, types.WsMessage{Type: types.WsEnd})
+				logger.Infof("回答完毕: %v", message.Content)
+			}
+
+		}
+	}()
+}
+
+func (h *ChatHandler) sendMessage(ctx context.Context, session *types.ChatSession, role model.ChatRole, prompt string, ws *types.WsClient) error {
+	if !h.App.Debug {
+		defer func() {
+			if r := recover(); r != nil {
+				logger.Error("Recover message from error: ", r)
+			}
+		}()
+	}
+
+	var user model.User
+	res := h.DB.Model(&model.User{}).First(&user, session.UserId)
+	if res.Error != nil {
+		utils.ReplyMessage(ws, "未授权用户，您正在进行非法操作！")
+		return res.Error
+	}
+	var userVo vo.User
+	err := utils.CopyObject(user, &userVo)
+	userVo.Id = user.Id
+	if err != nil {
+		return errors.New("User 对象转换失败，" + err.Error())
+	}
+
+	if userVo.Status == false {
+		utils.ReplyMessage(ws, "您的账号已经被禁用，如果疑问，请联系管理员！")
+		utils.ReplyMessage(ws, ErrImg)
+		return nil
+	}
+
+	if userVo.Power < session.Model.Power {
+		utils.ReplyMessage(ws, fmt.Sprintf("您当前剩余算力（%d）已不足以支付当前模型的单次对话需要消耗的算力（%d）！", userVo.Power, session.Model.Power))
+		utils.ReplyMessage(ws, ErrImg)
+		return nil
+	}
+
+	if userVo.ExpiredTime > 0 && userVo.ExpiredTime <= time.Now().Unix() {
+		utils.ReplyMessage(ws, "您的账号已经过期，请联系管理员！")
+		utils.ReplyMessage(ws, ErrImg)
+		return nil
+	}
+
+	// 检查 prompt 长度是否超过了当前模型允许的最大上下文长度
+	promptTokens, err := utils.CalcTokens(prompt, session.Model.Value)
+	if promptTokens > session.Model.MaxContext {
+		utils.ReplyMessage(ws, "对话内容超出了当前模型允许的最大上下文长度！")
+		return nil
+	}
+
+	var req = types.ApiRequest{
+		Model:  session.Model.Value,
+		Stream: true,
+	}
+	switch session.Model.Platform {
+	case types.Azure, types.ChatGLM, types.Baidu, types.XunFei:
+		req.Temperature = session.Model.Temperature
+		req.MaxTokens = session.Model.MaxTokens
+		break
+	case types.OpenAI:
+		req.Temperature = session.Model.Temperature
+		req.MaxTokens = session.Model.MaxTokens
+		// OpenAI 支持函数功能
+		var items []model.Function
+		res := h.DB.Where("enabled", true).Find(&items)
+		if res.Error != nil {
+			break
+		}
+
+		var tools = make([]interface{}, 0)
+		for _, v := range items {
+			var parameters map[string]interface{}
+			err = utils.JsonDecode(v.Parameters, &parameters)
+			if err != nil {
+				continue
+			}
+			required := parameters["required"]
+			delete(parameters, "required")
+			tools = append(tools, gin.H{
+				"type": "function",
+				"function": gin.H{
+					"name":        v.Name,
+					"description": v.Description,
+					"parameters":  parameters,
+					"required":    required,
+				},
+			})
+		}
+
+		if len(tools) > 0 {
+			req.Tools = tools
+			req.ToolChoice = "auto"
+		}
+	case types.QWen:
+		req.Parameters = map[string]interface{}{
+			"max_tokens":  session.Model.MaxTokens,
+			"temperature": session.Model.Temperature,
+		}
+		break
+
+	default:
+		utils.ReplyMessage(ws, "不支持的平台："+session.Model.Platform+"，请联系管理员！")
+		utils.ReplyMessage(ws, ErrImg)
+		return nil
+	}
+
+	// 加载聊天上下文
+	chatCtx := make([]types.Message, 0)
+	messages := make([]types.Message, 0)
+	if h.App.SysConfig.EnableContext {
+		if h.App.ChatContexts.Has(session.ChatId) {
+			messages = h.App.ChatContexts.Get(session.ChatId)
+		} else {
+			_ = utils.JsonDecode(role.Context, &messages)
+			if h.App.SysConfig.ContextDeep > 0 {
+				var historyMessages []model.ChatMessage
+				res := h.DB.Where("chat_id = ? and use_context = 1", session.ChatId).Limit(h.App.SysConfig.ContextDeep).Order("id DESC").Find(&historyMessages)
+				if res.Error == nil {
+					for i := len(historyMessages) - 1; i >= 0; i-- {
+						msg := historyMessages[i]
+						ms := types.Message{Role: "user", Content: msg.Content}
+						if msg.Type == types.ReplyMsg {
+							ms.Role = "assistant"
+						}
+						chatCtx = append(chatCtx, ms)
+					}
+				}
+			}
+		}
+
+		// 计算当前请求的 token 总长度，确保不会超出最大上下文长度
+		// MaxContextLength = Response + Tool + Prompt + Context
+		tokens := req.MaxTokens // 最大响应长度
+		tks, _ := utils.CalcTokens(utils.JsonEncode(req.Tools), req.Model)
+		tokens += tks + promptTokens
+
+		for _, v := range messages {
+			tks, _ := utils.CalcTokens(v.Content, req.Model)
+			// 上下文 token 超出了模型的最大上下文长度
+			if tokens+tks >= session.Model.MaxContext {
+				break
+			}
+
+			// 上下文的深度超出了模型的最大上下文深度
+			if len(chatCtx) >= h.App.SysConfig.ContextDeep {
+				break
+			}
+
+			tokens += tks
+			chatCtx = append(chatCtx, v)
+		}
+
+		logger.Debugf("聊天上下文：%+v", chatCtx)
+	}
+	reqMgs := make([]interface{}, 0)
+	for _, m := range chatCtx {
+		reqMgs = append(reqMgs, m)
+	}
+
+	if session.Model.Platform == types.QWen {
+		req.Input = map[string]interface{}{"prompt": prompt}
+		if len(reqMgs) > 0 {
+			req.Input["messages"] = reqMgs
+		}
+	} else {
+		req.Messages = append(reqMgs, map[string]interface{}{
+			"role":    "user",
+			"content": prompt,
+		})
+	}
+
+	switch session.Model.Platform {
+	case types.Azure:
+		return h.sendAzureMessage(chatCtx, req, userVo, ctx, session, role, prompt, ws)
+	case types.OpenAI:
+		return h.sendOpenAiMessage(chatCtx, req, userVo, ctx, session, role, prompt, ws)
+	case types.ChatGLM:
+		return h.sendChatGLMMessage(chatCtx, req, userVo, ctx, session, role, prompt, ws)
+	case types.Baidu:
+		return h.sendBaiduMessage(chatCtx, req, userVo, ctx, session, role, prompt, ws)
+	case types.XunFei:
+		return h.sendXunFeiMessage(chatCtx, req, userVo, ctx, session, role, prompt, ws)
+	case types.QWen:
+		return h.sendQWenMessage(chatCtx, req, userVo, ctx, session, role, prompt, ws)
+	}
+	utils.ReplyChunkMessage(ws, types.WsMessage{
+		Type:    types.WsMiddle,
+		Content: fmt.Sprintf("Not supported platform: %s", session.Model.Platform),
+	})
+	return nil
+}
+
+// Tokens 统计 token 数量
+func (h *ChatHandler) Tokens(c *gin.Context) {
+	var data struct {
+		Text   string `json:"text"`
+		Model  string `json:"model"`
+		ChatId string `json:"chat_id"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	// 如果没有传入 text 字段，则说明是获取当前 reply 总的 token 消耗（带上下文）
+	if data.Text == "" && data.ChatId != "" {
+		var item model.ChatMessage
+		userId, _ := c.Get(types.LoginUserID)
+		res := h.DB.Where("user_id = ?", userId).Where("chat_id = ?", data.ChatId).Last(&item)
+		if res.Error != nil {
+			resp.ERROR(c, res.Error.Error())
+			return
+		}
+		resp.SUCCESS(c, item.Tokens)
+		return
+	}
+
+	tokens, err := utils.CalcTokens(data.Text, data.Model)
+	if err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+
+	resp.SUCCESS(c, tokens)
+}
+
+func getTotalTokens(req types.ApiRequest) int {
+	encode := utils.JsonEncode(req.Messages)
+	var items []map[string]interface{}
+	err := utils.JsonDecode(encode, &items)
+	if err != nil {
+		return 0
+	}
+	tokens := 0
+	for _, item := range items {
+		content, ok := item["content"]
+		if ok && !utils.IsEmptyValue(content) {
+			t, err := utils.CalcTokens(utils.InterfaceToString(content), req.Model)
+			if err == nil {
+				tokens += t
+			}
+		}
+	}
+	return tokens
+}
+
+// StopGenerate 停止生成
+func (h *ChatHandler) StopGenerate(c *gin.Context) {
+	sessionId := c.Query("session_id")
+	if h.App.ReqCancelFunc.Has(sessionId) {
+		h.App.ReqCancelFunc.Get(sessionId)()
+		h.App.ReqCancelFunc.Delete(sessionId)
+	}
+	resp.SUCCESS(c, types.OkMsg)
+}
+
+// 发送请求到 OpenAI 服务器
+// useOwnApiKey: 是否使用了用户自己的 API KEY
+func (h *ChatHandler) doRequest(ctx context.Context, req types.ApiRequest, platform types.Platform, apiKey *model.ApiKey) (*http.Response, error) {
+	res := h.DB.Where("platform = ?", platform).Where("type = ?", "chat").Where("enabled = ?", true).Order("last_used_at ASC").First(apiKey)
+	if res.Error != nil {
+		return nil, errors.New("no available key, please import key")
+	}
+	var apiURL string
+	switch platform {
+	case types.Azure:
+		md := strings.Replace(req.Model, ".", "", 1)
+		apiURL = strings.Replace(apiKey.ApiURL, "{model}", md, 1)
+		break
+	case types.ChatGLM:
+		apiURL = strings.Replace(apiKey.ApiURL, "{model}", req.Model, 1)
+		req.Prompt = req.Messages // 使用 prompt 字段替代 message 字段
+		req.Messages = nil
+		break
+	case types.Baidu:
+		apiURL = strings.Replace(apiKey.ApiURL, "{model}", req.Model, 1)
+		break
+	case types.QWen:
+		apiURL = apiKey.ApiURL
+		req.Messages = nil
+		break
+	default:
+		apiURL = apiKey.ApiURL
+	}
+	// 更新 API KEY 的最后使用时间
+	h.DB.Model(apiKey).UpdateColumn("last_used_at", time.Now().Unix())
+	// 百度文心，需要串接 access_token
+	if platform == types.Baidu {
+		token, err := h.getBaiduToken(apiKey.Value)
+		if err != nil {
+			return nil, err
+		}
+		logger.Info("百度文心 Access_Token：", token)
+		apiURL = fmt.Sprintf("%s?access_token=%s", apiURL, token)
+	}
+
+	logger.Debugf(utils.JsonEncode(req))
+
+	// 创建 HttpClient 请求对象
+	var client *http.Client
+	requestBody, err := json.Marshal(req)
+	if err != nil {
+		return nil, err
+	}
+	request, err := http.NewRequest(http.MethodPost, apiURL, bytes.NewBuffer(requestBody))
+	if err != nil {
+		return nil, err
+	}
+
+	request = request.WithContext(ctx)
+	request.Header.Set("Content-Type", "application/json")
+	var proxyURL string
+	if len(apiKey.ProxyURL) > 5 { // 使用代理
+		proxy, _ := url.Parse(apiKey.ProxyURL)
+		client = &http.Client{
+			Transport: &http.Transport{
+				Proxy: http.ProxyURL(proxy),
+			},
+		}
+	} else {
+		client = http.DefaultClient
+	}
+	logger.Debugf("Sending %s request, ApiURL:%s, API KEY:%s, PROXY: %s, Model: %s", platform, apiURL, apiKey.Value, proxyURL, req.Model)
+	switch platform {
+	case types.Azure:
+		request.Header.Set("api-key", apiKey.Value)
+		break
+	case types.ChatGLM:
+		token, err := h.getChatGLMToken(apiKey.Value)
+		if err != nil {
+			return nil, err
+		}
+		request.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token))
+		break
+	case types.Baidu:
+		request.RequestURI = ""
+	case types.OpenAI:
+		request.Header.Set("Authorization", fmt.Sprintf("Bearer %s", apiKey.Value))
+		break
+	case types.QWen:
+		request.Header.Set("Authorization", fmt.Sprintf("Bearer %s", apiKey.Value))
+		request.Header.Set("X-DashScope-SSE", "enable")
+		break
+	}
+	return client.Do(request)
+}
+
+// 扣减用户算力
+func (h *ChatHandler) subUserPower(userVo vo.User, session *types.ChatSession, promptTokens int, replyTokens int) {
+	power := 1
+	if session.Model.Power > 0 {
+		power = session.Model.Power
+	}
+	res := h.DB.Model(&model.User{}).Where("id = ?", userVo.Id).UpdateColumn("power", gorm.Expr("power - ?", power))
+	if res.Error == nil {
+		// 记录算力消费日志
+		var u model.User
+		h.DB.Where("id", userVo.Id).First(&u)
+		h.DB.Create(&model.PowerLog{
+			UserId:    userVo.Id,
+			Username:  userVo.Username,
+			Type:      types.PowerConsume,
+			Amount:    power,
+			Mark:      types.PowerSub,
+			Balance:   u.Power,
+			Model:     session.Model.Value,
+			Remark:    fmt.Sprintf("模型名称：%s, 提问长度：%d，回复长度：%d", session.Model.Name, promptTokens, replyTokens),
+			CreatedAt: time.Now(),
+		})
+	}
+
+}
+
+// 将AI回复消息中生成的图片链接下载到本地
+func (h *ChatHandler) extractImgUrl(text string) string {
+	pattern := `!\[([^\]]*)]\(([^)]+)\)`
+	re := regexp.MustCompile(pattern)
+	matches := re.FindAllStringSubmatch(text, -1)
+
+	// 下载图片并替换链接地址
+	for _, match := range matches {
+		imageURL := match[2]
+		logger.Debug(imageURL)
+		// 对于相同地址的图片，已经被替换了，就不再重复下载了
+		if !strings.Contains(text, imageURL) {
+			continue
+		}
+
+		newImgURL, err := h.uploadManager.GetUploadHandler().PutImg(imageURL, false)
+		if err != nil {
+			logger.Error("error with download image: ", err)
+			continue
+		}
+
+		text = strings.ReplaceAll(text, imageURL, newImgURL)
+	}
+	return text
+}
--- a/api/handler/chatimpl/chat_item_handler.go
+++ b/api/handler/chatimpl/chat_item_handler.go
@@ -0,0 +1,198 @@
+package chatimpl
+
+import (
+	"chatplus/core/types"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+// List 获取会话列表
+func (h *ChatHandler) List(c *gin.Context) {
+	if !h.IsLogin(c) {
+		resp.SUCCESS(c)
+		return
+	}
+
+	userId := h.GetLoginUserId(c)
+	var items = make([]vo.ChatItem, 0)
+	var chats []model.ChatItem
+	res := h.DB.Where("user_id = ?", userId).Order("id DESC").Find(&chats)
+	if res.Error == nil {
+		var roleIds = make([]uint, 0)
+		for _, chat := range chats {
+			roleIds = append(roleIds, chat.RoleId)
+		}
+		var roles []model.ChatRole
+		res = h.DB.Find(&roles, roleIds)
+		if res.Error == nil {
+			roleMap := make(map[uint]model.ChatRole)
+			for _, role := range roles {
+				roleMap[role.Id] = role
+			}
+
+			for _, chat := range chats {
+				var item vo.ChatItem
+				err := utils.CopyObject(chat, &item)
+				if err == nil {
+					item.Id = chat.Id
+					item.Icon = roleMap[chat.RoleId].Icon
+					items = append(items, item)
+				}
+			}
+		}
+
+	}
+	resp.SUCCESS(c, items)
+}
+
+// Update 更新会话标题
+func (h *ChatHandler) Update(c *gin.Context) {
+	var data struct {
+		ChatId string `json:"chat_id"`
+		Title  string `json:"title"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+	res := h.DB.Model(&model.ChatItem{}).Where("chat_id = ?", data.ChatId).UpdateColumn("title", data.Title)
+	if res.Error != nil {
+		resp.ERROR(c, "Failed to update database")
+		return
+	}
+
+	resp.SUCCESS(c, types.OkMsg)
+}
+
+// Clear 清空所有聊天记录
+func (h *ChatHandler) Clear(c *gin.Context) {
+	// 获取当前登录用户所有的聊天会话
+	user, err := h.GetLoginUser(c)
+	if err != nil {
+		resp.NotAuth(c)
+		return
+	}
+
+	var chats []model.ChatItem
+	res := h.DB.Where("user_id = ?", user.Id).Find(&chats)
+	if res.Error != nil {
+		resp.ERROR(c, "No chats found")
+		return
+	}
+
+	var chatIds = make([]string, 0)
+	for _, chat := range chats {
+		chatIds = append(chatIds, chat.ChatId)
+		// 清空会话上下文
+		h.App.ChatContexts.Delete(chat.ChatId)
+	}
+	err = h.DB.Transaction(func(tx *gorm.DB) error {
+		res := h.DB.Where("user_id =?", user.Id).Delete(&model.ChatItem{})
+		if res.Error != nil {
+			return res.Error
+		}
+
+		res = h.DB.Where("user_id = ? AND chat_id IN ?", user.Id, chatIds).Delete(&model.ChatMessage{})
+		if res.Error != nil {
+			return res.Error
+		}
+
+		// TODO: 是否要删除 MidJourney 绘画记录和图片文件？
+		return nil
+	})
+
+	if err != nil {
+		logger.Errorf("Error with delete chats: %+v", err)
+		resp.ERROR(c, "Failed to remove chat from database.")
+		return
+	}
+
+	resp.SUCCESS(c, types.OkMsg)
+}
+
+// History 获取聊天历史记录
+func (h *ChatHandler) History(c *gin.Context) {
+	chatId := c.Query("chat_id") // 会话 ID
+	var items []model.ChatMessage
+	var messages = make([]vo.HistoryMessage, 0)
+	res := h.DB.Where("chat_id = ?", chatId).Find(&items)
+	if res.Error != nil {
+		resp.ERROR(c, "No history message")
+		return
+	} else {
+		for _, item := range items {
+			var v vo.HistoryMessage
+			err := utils.CopyObject(item, &v)
+			v.CreatedAt = item.CreatedAt.Unix()
+			v.UpdatedAt = item.UpdatedAt.Unix()
+			if err == nil {
+				messages = append(messages, v)
+			}
+		}
+	}
+
+	resp.SUCCESS(c, messages)
+}
+
+// Remove 删除会话
+func (h *ChatHandler) Remove(c *gin.Context) {
+	chatId := h.GetTrim(c, "chat_id")
+	if chatId == "" {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+	user, err := h.GetLoginUser(c)
+	if err != nil {
+		resp.NotAuth(c)
+		return
+	}
+
+	res := h.DB.Where("user_id = ? AND chat_id = ?", user.Id, chatId).Delete(&model.ChatItem{})
+	if res.Error != nil {
+		resp.ERROR(c, "Failed to update database")
+		return
+	}
+
+	// 删除当前会话的聊天记录
+	res = h.DB.Where("user_id = ? AND chat_id =?", user.Id, chatId).Delete(&model.ChatItem{})
+	if res.Error != nil {
+		resp.ERROR(c, "Failed to remove chat from database.")
+		return
+	}
+
+	// TODO: 是否要删除 MidJourney 绘画记录和图片文件？
+
+	// 清空会话上下文
+	h.App.ChatContexts.Delete(chatId)
+	resp.SUCCESS(c, types.OkMsg)
+}
+
+// Detail 对话详情，用户导出对话
+func (h *ChatHandler) Detail(c *gin.Context) {
+	chatId := h.GetTrim(c, "chat_id")
+	if utils.IsEmptyValue(chatId) {
+		resp.ERROR(c, "Invalid chatId")
+		return
+	}
+
+	var chatItem model.ChatItem
+	res := h.DB.Where("chat_id = ?", chatId).First(&chatItem)
+	if res.Error != nil {
+		resp.ERROR(c, "No chat found")
+		return
+	}
+
+	var chatItemVo vo.ChatItem
+	err := utils.CopyObject(chatItem, &chatItemVo)
+	if err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+
+	resp.SUCCESS(c, chatItemVo)
+}
--- a/api/handler/chatimpl/chatglm_handler.go
+++ b/api/handler/chatimpl/chatglm_handler.go
@@ -0,0 +1,236 @@
+package chatimpl
+
+import (
+	"bufio"
+	"chatplus/core/types"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"context"
+	"encoding/json"
+	"fmt"
+	"github.com/golang-jwt/jwt/v5"
+	"html/template"
+	"io"
+	"strings"
+	"time"
+	"unicode/utf8"
+)
+
+// 清华大学 ChatGML 消息发送实现
+
+func (h *ChatHandler) sendChatGLMMessage(
+	chatCtx []types.Message,
+	req types.ApiRequest,
+	userVo vo.User,
+	ctx context.Context,
+	session *types.ChatSession,
+	role model.ChatRole,
+	prompt string,
+	ws *types.WsClient) error {
+	promptCreatedAt := time.Now() // 记录提问时间
+	start := time.Now()
+	var apiKey = model.ApiKey{}
+	response, err := h.doRequest(ctx, req, session.Model.Platform, &apiKey)
+	logger.Info("HTTP请求完成，耗时：", time.Now().Sub(start))
+	if err != nil {
+		if strings.Contains(err.Error(), "context canceled") {
+			logger.Info("用户取消了请求：", prompt)
+			return nil
+		} else if strings.Contains(err.Error(), "no available key") {
+			utils.ReplyMessage(ws, "抱歉😔😔😔，系统已经没有可用的 API KEY，请联系管理员！")
+			return nil
+		} else {
+			logger.Error(err)
+		}
+
+		utils.ReplyMessage(ws, ErrorMsg)
+		utils.ReplyMessage(ws, ErrImg)
+		return err
+	} else {
+		defer response.Body.Close()
+	}
+
+	contentType := response.Header.Get("Content-Type")
+	if strings.Contains(contentType, "text/event-stream") {
+		replyCreatedAt := time.Now() // 记录回复时间
+		// 循环读取 Chunk 消息
+		var message = types.Message{}
+		var contents = make([]string, 0)
+		var event, content string
+		scanner := bufio.NewScanner(response.Body)
+		for scanner.Scan() {
+			line := scanner.Text()
+			if len(line) < 5 || strings.HasPrefix(line, "id:") {
+				continue
+			}
+			if strings.HasPrefix(line, "event:") {
+				event = line[6:]
+				continue
+			}
+
+			if strings.HasPrefix(line, "data:") {
+				content = line[5:]
+			}
+			// 处理代码换行
+			if len(content) == 0 {
+				content = "\n"
+			}
+			switch event {
+			case "add":
+				if len(contents) == 0 {
+					utils.ReplyChunkMessage(ws, types.WsMessage{Type: types.WsStart})
+				}
+				utils.ReplyChunkMessage(ws, types.WsMessage{
+					Type:    types.WsMiddle,
+					Content: utils.InterfaceToString(content),
+				})
+				contents = append(contents, content)
+			case "finish":
+				break
+			case "error":
+				utils.ReplyMessage(ws, fmt.Sprintf("**调用 ChatGLM API 出错：%s**", content))
+				break
+			case "interrupted":
+				utils.ReplyMessage(ws, "**调用 ChatGLM API 出错，当前输出被中断！**")
+			}
+
+		} // end for
+
+		if err := scanner.Err(); err != nil {
+			if strings.Contains(err.Error(), "context canceled") {
+				logger.Info("用户取消了请求：", prompt)
+			} else {
+				logger.Error("信息读取出错：", err)
+			}
+		}
+
+		// 消息发送成功
+		if len(contents) > 0 {
+			if message.Role == "" {
+				message.Role = "assistant"
+			}
+			message.Content = strings.Join(contents, "")
+			useMsg := types.Message{Role: "user", Content: prompt}
+
+			// 更新上下文消息，如果是调用函数则不需要更新上下文
+			if h.App.SysConfig.EnableContext {
+				chatCtx = append(chatCtx, useMsg)  // 提问消息
+				chatCtx = append(chatCtx, message) // 回复消息
+				h.App.ChatContexts.Put(session.ChatId, chatCtx)
+			}
+
+			// 追加聊天记录
+			// for prompt
+			promptToken, err := utils.CalcTokens(prompt, req.Model)
+			if err != nil {
+				logger.Error(err)
+			}
+			historyUserMsg := model.ChatMessage{
+				UserId:     userVo.Id,
+				ChatId:     session.ChatId,
+				RoleId:     role.Id,
+				Type:       types.PromptMsg,
+				Icon:       userVo.Avatar,
+				Content:    template.HTMLEscapeString(prompt),
+				Tokens:     promptToken,
+				UseContext: true,
+				Model:      req.Model,
+			}
+			historyUserMsg.CreatedAt = promptCreatedAt
+			historyUserMsg.UpdatedAt = promptCreatedAt
+			res := h.DB.Save(&historyUserMsg)
+			if res.Error != nil {
+				logger.Error("failed to save prompt history message: ", res.Error)
+			}
+
+			// for reply
+			// 计算本次对话消耗的总 token 数量
+			replyTokens, _ := utils.CalcTokens(message.Content, req.Model)
+			totalTokens := replyTokens + getTotalTokens(req)
+			historyReplyMsg := model.ChatMessage{
+				UserId:     userVo.Id,
+				ChatId:     session.ChatId,
+				RoleId:     role.Id,
+				Type:       types.ReplyMsg,
+				Icon:       role.Icon,
+				Content:    message.Content,
+				Tokens:     totalTokens,
+				UseContext: true,
+				Model:      req.Model,
+			}
+			historyReplyMsg.CreatedAt = replyCreatedAt
+			historyReplyMsg.UpdatedAt = replyCreatedAt
+			res = h.DB.Create(&historyReplyMsg)
+			if res.Error != nil {
+				logger.Error("failed to save reply history message: ", res.Error)
+			}
+
+			// 更新用户算力
+			h.subUserPower(userVo, session, promptToken, replyTokens)
+
+			// 保存当前会话
+			var chatItem model.ChatItem
+			res = h.DB.Where("chat_id = ?", session.ChatId).First(&chatItem)
+			if res.Error != nil {
+				chatItem.ChatId = session.ChatId
+				chatItem.UserId = session.UserId
+				chatItem.RoleId = role.Id
+				chatItem.ModelId = session.Model.Id
+				if utf8.RuneCountInString(prompt) > 30 {
+					chatItem.Title = string([]rune(prompt)[:30]) + "..."
+				} else {
+					chatItem.Title = prompt
+				}
+				chatItem.Model = req.Model
+				h.DB.Create(&chatItem)
+			}
+		}
+	} else {
+		body, err := io.ReadAll(response.Body)
+		if err != nil {
+			return fmt.Errorf("error with reading response: %v", err)
+		}
+
+		var res struct {
+			Code    int    `json:"code"`
+			Success bool   `json:"success"`
+			Msg     string `json:"msg"`
+		}
+		err = json.Unmarshal(body, &res)
+		if err != nil {
+			return fmt.Errorf("error with decode response: %v", err)
+		}
+		if !res.Success {
+			utils.ReplyMessage(ws, "请求 ChatGLM 失败："+res.Msg)
+		}
+	}
+
+	return nil
+}
+
+func (h *ChatHandler) getChatGLMToken(apiKey string) (string, error) {
+	ctx := context.Background()
+	tokenString, err := h.redis.Get(ctx, apiKey).Result()
+	if err == nil {
+		return tokenString, nil
+	}
+
+	expr := time.Hour * 2
+	key := strings.Split(apiKey, ".")
+	if len(key) != 2 {
+		return "", fmt.Errorf("invalid api key: %s", apiKey)
+	}
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"api_key":   key[0],
+		"timestamp": time.Now().Unix(),
+		"exp":       time.Now().Add(expr).Add(time.Second * 10).Unix(),
+	})
+	token.Header["alg"] = "HS256"
+	token.Header["sign_type"] = "SIGN"
+	delete(token.Header, "typ")
+	// Sign and get the complete encoded token as a string using the secret
+	tokenString, err = token.SignedString([]byte(key[1]))
+	h.redis.Set(ctx, apiKey, tokenString, expr)
+	return tokenString, err
+}
--- a/api/handler/chatimpl/openai_handler.go
+++ b/api/handler/chatimpl/openai_handler.go
@@ -0,0 +1,299 @@
+package chatimpl
+
+import (
+	"bufio"
+	"chatplus/core/types"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"context"
+	"encoding/json"
+	"fmt"
+	"html/template"
+	"io"
+	"strings"
+	"time"
+	"unicode/utf8"
+
+	req2 "github.com/imroc/req/v3"
+)
+
+// OPenAI 消息发送实现
+func (h *ChatHandler) sendOpenAiMessage(
+	chatCtx []types.Message,
+	req types.ApiRequest,
+	userVo vo.User,
+	ctx context.Context,
+	session *types.ChatSession,
+	role model.ChatRole,
+	prompt string,
+	ws *types.WsClient) error {
+	promptCreatedAt := time.Now() // 记录提问时间
+	start := time.Now()
+	var apiKey = model.ApiKey{}
+	response, err := h.doRequest(ctx, req, session.Model.Platform, &apiKey)
+	logger.Info("HTTP请求完成，耗时：", time.Now().Sub(start))
+	if err != nil {
+		if strings.Contains(err.Error(), "context canceled") {
+			logger.Info("用户取消了请求：", prompt)
+			return nil
+		} else if strings.Contains(err.Error(), "no available key") {
+			utils.ReplyMessage(ws, "抱歉😔😔😔，系统已经没有可用的 API KEY，请联系管理员！")
+			return nil
+		} else {
+			logger.Error(err)
+		}
+
+		utils.ReplyMessage(ws, ErrorMsg)
+		utils.ReplyMessage(ws, ErrImg)
+		if response.Body != nil {
+			all, _ := io.ReadAll(response.Body)
+			logger.Error(string(all))
+		}
+		return err
+	} else {
+		defer response.Body.Close()
+	}
+
+	contentType := response.Header.Get("Content-Type")
+	if strings.Contains(contentType, "text/event-stream") {
+		replyCreatedAt := time.Now() // 记录回复时间
+		// 循环读取 Chunk 消息
+		var message = types.Message{}
+		var contents = make([]string, 0)
+		var function model.Function
+		var toolCall = false
+		var arguments = make([]string, 0)
+		scanner := bufio.NewScanner(response.Body)
+		for scanner.Scan() {
+			line := scanner.Text()
+			if !strings.Contains(line, "data:") || len(line) < 30 {
+				continue
+			}
+
+			var responseBody = types.ApiResponse{}
+			err = json.Unmarshal([]byte(line[6:]), &responseBody)
+			if err != nil || len(responseBody.Choices) == 0 { // 数据解析出错
+				logger.Error(err, line)
+				utils.ReplyMessage(ws, ErrorMsg)
+				utils.ReplyMessage(ws, ErrImg)
+				break
+			}
+
+			var tool types.ToolCall
+			if len(responseBody.Choices[0].Delta.ToolCalls) > 0 {
+				tool = responseBody.Choices[0].Delta.ToolCalls[0]
+				if toolCall && tool.Function.Name == "" {
+					arguments = append(arguments, tool.Function.Arguments)
+					continue
+				}
+			}
+
+			// 兼容 Function Call
+			fun := responseBody.Choices[0].Delta.FunctionCall
+			if fun.Name != "" {
+				tool = *new(types.ToolCall)
+				tool.Function.Name = fun.Name
+			} else if toolCall {
+				arguments = append(arguments, fun.Arguments)
+				continue
+			}
+
+			if !utils.IsEmptyValue(tool) {
+				res := h.DB.Where("name = ?", tool.Function.Name).First(&function)
+				if res.Error == nil {
+					toolCall = true
+					utils.ReplyChunkMessage(ws, types.WsMessage{Type: types.WsStart})
+					utils.ReplyChunkMessage(ws, types.WsMessage{Type: types.WsMiddle, Content: fmt.Sprintf("正在调用工具 `%s` 作答 ...\n\n", function.Label)})
+				}
+				continue
+			}
+
+			if responseBody.Choices[0].FinishReason == "tool_calls" ||
+				responseBody.Choices[0].FinishReason == "function_call" { // 函数调用完毕
+				break
+			}
+
+			// 初始化 role
+			if responseBody.Choices[0].Delta.Role != "" && message.Role == "" {
+				message.Role = responseBody.Choices[0].Delta.Role
+				utils.ReplyChunkMessage(ws, types.WsMessage{Type: types.WsStart})
+				continue
+			} else if responseBody.Choices[0].FinishReason != "" {
+				break // 输出完成或者输出中断了
+			} else {
+				content := responseBody.Choices[0].Delta.Content
+				contents = append(contents, utils.InterfaceToString(content))
+				utils.ReplyChunkMessage(ws, types.WsMessage{
+					Type:    types.WsMiddle,
+					Content: utils.InterfaceToString(responseBody.Choices[0].Delta.Content),
+				})
+			}
+		} // end for
+
+		if err := scanner.Err(); err != nil {
+			if strings.Contains(err.Error(), "context canceled") {
+				logger.Info("用户取消了请求：", prompt)
+			} else {
+				logger.Error("信息读取出错：", err)
+			}
+		}
+
+		if toolCall { // 调用函数完成任务
+			var params map[string]interface{}
+			_ = utils.JsonDecode(strings.Join(arguments, ""), &params)
+			logger.Debugf("函数名称: %s, 函数参数：%s", function.Name, params)
+			params["user_id"] = userVo.Id
+			var apiRes types.BizVo
+			r, err := req2.C().R().SetHeader("Content-Type", "application/json").
+				SetHeader("Authorization", function.Token).
+				SetBody(params).
+				SetSuccessResult(&apiRes).Post(function.Action)
+			errMsg := ""
+			if err != nil {
+				errMsg = err.Error()
+			} else if r.IsErrorState() {
+				errMsg = r.Status
+			}
+			if errMsg != "" || apiRes.Code != types.Success {
+				msg := "调用函数工具出错：" + apiRes.Message + errMsg
+				utils.ReplyChunkMessage(ws, types.WsMessage{
+					Type:    types.WsMiddle,
+					Content: msg,
+				})
+				contents = append(contents, msg)
+			} else {
+				utils.ReplyChunkMessage(ws, types.WsMessage{
+					Type:    types.WsMiddle,
+					Content: apiRes.Data,
+				})
+				contents = append(contents, utils.InterfaceToString(apiRes.Data))
+			}
+		}
+
+		// 消息发送成功
+		if len(contents) > 0 {
+			if message.Role == "" {
+				message.Role = "assistant"
+			}
+			message.Content = strings.Join(contents, "")
+			useMsg := types.Message{Role: "user", Content: prompt}
+
+			// 更新上下文消息，如果是调用函数则不需要更新上下文
+			if h.App.SysConfig.EnableContext && toolCall == false {
+				chatCtx = append(chatCtx, useMsg)  // 提问消息
+				chatCtx = append(chatCtx, message) // 回复消息
+				h.App.ChatContexts.Put(session.ChatId, chatCtx)
+			}
+
+			// 追加聊天记录
+			useContext := true
+			if toolCall {
+				useContext = false
+			}
+
+			// for prompt
+			promptToken, err := utils.CalcTokens(prompt, req.Model)
+			if err != nil {
+				logger.Error(err)
+			}
+			historyUserMsg := model.ChatMessage{
+				UserId:     userVo.Id,
+				ChatId:     session.ChatId,
+				RoleId:     role.Id,
+				Type:       types.PromptMsg,
+				Icon:       userVo.Avatar,
+				Content:    template.HTMLEscapeString(prompt),
+				Tokens:     promptToken,
+				UseContext: useContext,
+				Model:      req.Model,
+			}
+			historyUserMsg.CreatedAt = promptCreatedAt
+			historyUserMsg.UpdatedAt = promptCreatedAt
+			res := h.DB.Save(&historyUserMsg)
+			if res.Error != nil {
+				logger.Error("failed to save prompt history message: ", res.Error)
+			}
+
+			// 计算本次对话消耗的总 token 数量
+			var replyTokens = 0
+			if toolCall { // prompt + 函数名 + 参数 token
+				tokens, _ := utils.CalcTokens(function.Name, req.Model)
+				replyTokens += tokens
+				tokens, _ = utils.CalcTokens(utils.InterfaceToString(arguments), req.Model)
+				replyTokens += tokens
+			} else {
+				replyTokens, _ = utils.CalcTokens(message.Content, req.Model)
+			}
+			replyTokens += getTotalTokens(req)
+
+			historyReplyMsg := model.ChatMessage{
+				UserId:     userVo.Id,
+				ChatId:     session.ChatId,
+				RoleId:     role.Id,
+				Type:       types.ReplyMsg,
+				Icon:       role.Icon,
+				Content:    h.extractImgUrl(message.Content),
+				Tokens:     replyTokens,
+				UseContext: useContext,
+				Model:      req.Model,
+			}
+			historyReplyMsg.CreatedAt = replyCreatedAt
+			historyReplyMsg.UpdatedAt = replyCreatedAt
+			res = h.DB.Create(&historyReplyMsg)
+			if res.Error != nil {
+				logger.Error("failed to save reply history message: ", res.Error)
+			}
+
+			// 更新用户算力
+			h.subUserPower(userVo, session, promptToken, replyTokens)
+
+			// 保存当前会话
+			var chatItem model.ChatItem
+			res = h.DB.Where("chat_id = ?", session.ChatId).First(&chatItem)
+			if res.Error != nil {
+				chatItem.ChatId = session.ChatId
+				chatItem.UserId = session.UserId
+				chatItem.RoleId = role.Id
+				chatItem.ModelId = session.Model.Id
+				if utf8.RuneCountInString(prompt) > 30 {
+					chatItem.Title = string([]rune(prompt)[:30]) + "..."
+				} else {
+					chatItem.Title = prompt
+				}
+				chatItem.Model = req.Model
+				h.DB.Create(&chatItem)
+			}
+		}
+	} else {
+		body, err := io.ReadAll(response.Body)
+		if err != nil {
+			utils.ReplyMessage(ws, "请求 OpenAI API 失败："+err.Error())
+			return fmt.Errorf("error with reading response: %v", err)
+		}
+		var res types.ApiError
+		err = json.Unmarshal(body, &res)
+		if err != nil {
+			utils.ReplyMessage(ws, "请求 OpenAI API 失败：\n"+"```\n"+string(body)+"```")
+			return fmt.Errorf("error with decode response: %v", err)
+		}
+
+		// OpenAI API 调用异常处理
+		if strings.Contains(res.Error.Message, "This key is associated with a deactivated account") {
+			utils.ReplyMessage(ws, "请求 OpenAI API 失败：API KEY 所关联的账户被禁用。")
+			// 移除当前 API key
+			h.DB.Where("value = ?", apiKey).Delete(&model.ApiKey{})
+		} else if strings.Contains(res.Error.Message, "You exceeded your current quota") {
+			utils.ReplyMessage(ws, "请求 OpenAI API 失败：API KEY 触发并发限制，请稍后再试。")
+		} else if strings.Contains(res.Error.Message, "This model's maximum context length") {
+			logger.Error(res.Error.Message)
+			utils.ReplyMessage(ws, "当前会话上下文长度超出限制，已为您清空会话上下文！")
+			h.App.ChatContexts.Delete(session.ChatId)
+			return h.sendMessage(ctx, session, role, prompt, ws)
+		} else {
+			utils.ReplyMessage(ws, "请求 OpenAI API 失败："+res.Error.Message)
+		}
+	}
+
+	return nil
+}
--- a/api/handler/chatimpl/qwen_handler.go
+++ b/api/handler/chatimpl/qwen_handler.go
@@ -0,0 +1,240 @@
+package chatimpl
+
+import (
+	"bufio"
+	"chatplus/core/types"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"context"
+	"encoding/json"
+	"fmt"
+	"html/template"
+	"io"
+	"strings"
+	"time"
+	"unicode/utf8"
+)
+
+type qWenResp struct {
+	Output struct {
+		FinishReason string `json:"finish_reason"`
+		Text         string `json:"text"`
+	} `json:"output,omitempty"`
+	Usage struct {
+		TotalTokens  int `json:"total_tokens"`
+		InputTokens  int `json:"input_tokens"`
+		OutputTokens int `json:"output_tokens"`
+	} `json:"usage,omitempty"`
+	RequestID string `json:"request_id"`
+
+	Code    string `json:"code,omitempty"`
+	Message string `json:"message,omitempty"`
+}
+
+// 通义千问消息发送实现
+func (h *ChatHandler) sendQWenMessage(
+	chatCtx []types.Message,
+	req types.ApiRequest,
+	userVo vo.User,
+	ctx context.Context,
+	session *types.ChatSession,
+	role model.ChatRole,
+	prompt string,
+	ws *types.WsClient) error {
+	promptCreatedAt := time.Now() // 记录提问时间
+	start := time.Now()
+	var apiKey = model.ApiKey{}
+	response, err := h.doRequest(ctx, req, session.Model.Platform, &apiKey)
+	logger.Info("HTTP请求完成，耗时：", time.Now().Sub(start))
+	if err != nil {
+		if strings.Contains(err.Error(), "context canceled") {
+			logger.Info("用户取消了请求：", prompt)
+			return nil
+		} else if strings.Contains(err.Error(), "no available key") {
+			utils.ReplyMessage(ws, "抱歉😔😔😔，系统已经没有可用的 API KEY，请联系管理员！")
+			return nil
+		} else {
+			logger.Error(err)
+		}
+
+		utils.ReplyMessage(ws, ErrorMsg)
+		utils.ReplyMessage(ws, ErrImg)
+		return err
+	} else {
+		defer response.Body.Close()
+	}
+	contentType := response.Header.Get("Content-Type")
+	if strings.Contains(contentType, "text/event-stream") {
+		replyCreatedAt := time.Now() // 记录回复时间
+		// 循环读取 Chunk 消息
+		var message = types.Message{}
+		var contents = make([]string, 0)
+		scanner := bufio.NewScanner(response.Body)
+
+		var content, lastText, newText string
+		var outPutStart = false
+
+		for scanner.Scan() {
+			line := scanner.Text()
+			if len(line) < 5 || strings.HasPrefix(line, "id:") ||
+				strings.HasPrefix(line, "event:") || strings.HasPrefix(line, ":HTTP_STATUS/200") {
+				continue
+			}
+
+			if strings.HasPrefix(line, "data:") {
+				content = line[5:]
+			}
+
+			var resp qWenResp
+			if len(contents) == 0 { // 发送消息头
+				if !outPutStart {
+					utils.ReplyChunkMessage(ws, types.WsMessage{Type: types.WsStart})
+					outPutStart = true
+					continue
+				} else {
+					// 处理代码换行
+					content = "\n"
+				}
+			} else {
+				err := utils.JsonDecode(content, &resp)
+				if err != nil {
+					logger.Error("error with parse data line: ", content)
+					utils.ReplyMessage(ws, fmt.Sprintf("**解析数据行失败：%s**", err))
+					break
+				}
+				if resp.Message != "" {
+					utils.ReplyMessage(ws, fmt.Sprintf("**API 返回错误：%s**", resp.Message))
+					break
+				}
+			}
+
+			//通过比较 lastText（上一次的文本）和 currentText（当前的文本），
+			//提取出新添加的文本部分。然后只将这部分新文本发送到客户端。
+			//每次循环结束后，lastText 会更新为当前的完整文本，以便于下一次循环进行比较。
+			currentText := resp.Output.Text
+			if currentText != lastText {
+				// 提取新增文本
+				newText = strings.Replace(currentText, lastText, "", 1)
+				utils.ReplyChunkMessage(ws, types.WsMessage{
+					Type:    types.WsMiddle,
+					Content: utils.InterfaceToString(newText),
+				})
+				lastText = currentText // 更新 lastText
+			}
+			contents = append(contents, newText)
+
+			if resp.Output.FinishReason == "stop" {
+				break
+			}
+
+		} //end for
+
+		if err := scanner.Err(); err != nil {
+			if strings.Contains(err.Error(), "context canceled") {
+				logger.Info("用户取消了请求：", prompt)
+			} else {
+				logger.Error("信息读取出错：", err)
+			}
+		}
+
+		// 消息发送成功
+		if len(contents) > 0 {
+			if message.Role == "" {
+				message.Role = "assistant"
+			}
+			message.Content = strings.Join(contents, "")
+			useMsg := types.Message{Role: "user", Content: prompt}
+
+			// 更新上下文消息，如果是调用函数则不需要更新上下文
+			if h.App.SysConfig.EnableContext {
+				chatCtx = append(chatCtx, useMsg)  // 提问消息
+				chatCtx = append(chatCtx, message) // 回复消息
+				h.App.ChatContexts.Put(session.ChatId, chatCtx)
+			}
+
+			// 追加聊天记录
+			// for prompt
+			promptToken, err := utils.CalcTokens(prompt, req.Model)
+			if err != nil {
+				logger.Error(err)
+			}
+			historyUserMsg := model.ChatMessage{
+				UserId:     userVo.Id,
+				ChatId:     session.ChatId,
+				RoleId:     role.Id,
+				Type:       types.PromptMsg,
+				Icon:       userVo.Avatar,
+				Content:    template.HTMLEscapeString(prompt),
+				Tokens:     promptToken,
+				UseContext: true,
+				Model:      req.Model,
+			}
+			historyUserMsg.CreatedAt = promptCreatedAt
+			historyUserMsg.UpdatedAt = promptCreatedAt
+			res := h.DB.Save(&historyUserMsg)
+			if res.Error != nil {
+				logger.Error("failed to save prompt history message: ", res.Error)
+			}
+
+			// for reply
+			// 计算本次对话消耗的总 token 数量
+			replyTokens, _ := utils.CalcTokens(message.Content, req.Model)
+			totalTokens := replyTokens + getTotalTokens(req)
+			historyReplyMsg := model.ChatMessage{
+				UserId:     userVo.Id,
+				ChatId:     session.ChatId,
+				RoleId:     role.Id,
+				Type:       types.ReplyMsg,
+				Icon:       role.Icon,
+				Content:    message.Content,
+				Tokens:     totalTokens,
+				UseContext: true,
+				Model:      req.Model,
+			}
+			historyReplyMsg.CreatedAt = replyCreatedAt
+			historyReplyMsg.UpdatedAt = replyCreatedAt
+			res = h.DB.Create(&historyReplyMsg)
+			if res.Error != nil {
+				logger.Error("failed to save reply history message: ", res.Error)
+			}
+
+			// 更新用户算力
+			h.subUserPower(userVo, session, promptToken, replyTokens)
+
+			// 保存当前会话
+			var chatItem model.ChatItem
+			res = h.DB.Where("chat_id = ?", session.ChatId).First(&chatItem)
+			if res.Error != nil {
+				chatItem.ChatId = session.ChatId
+				chatItem.UserId = session.UserId
+				chatItem.RoleId = role.Id
+				chatItem.ModelId = session.Model.Id
+				if utf8.RuneCountInString(prompt) > 30 {
+					chatItem.Title = string([]rune(prompt)[:30]) + "..."
+				} else {
+					chatItem.Title = prompt
+				}
+				chatItem.Model = req.Model
+				h.DB.Create(&chatItem)
+			}
+		}
+	} else {
+		body, err := io.ReadAll(response.Body)
+		if err != nil {
+			return fmt.Errorf("error with reading response: %v", err)
+		}
+
+		var res struct {
+			Code int    `json:"error_code"`
+			Msg  string `json:"error_msg"`
+		}
+		err = json.Unmarshal(body, &res)
+		if err != nil {
+			return fmt.Errorf("error with decode response: %v", err)
+		}
+		utils.ReplyMessage(ws, "请求通义千问大模型 API 失败："+res.Msg)
+	}
+
+	return nil
+}
--- a/api/handler/chatimpl/xunfei_handler.go
+++ b/api/handler/chatimpl/xunfei_handler.go
@@ -0,0 +1,320 @@
+package chatimpl
+
+import (
+	"chatplus/core/types"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"context"
+	"crypto/hmac"
+	"crypto/sha256"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"github.com/gorilla/websocket"
+	"html/template"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+	"unicode/utf8"
+)
+
+type xunFeiResp struct {
+	Header struct {
+		Code    int    `json:"code"`
+		Message string `json:"message"`
+		Sid     string `json:"sid"`
+		Status  int    `json:"status"`
+	} `json:"header"`
+	Payload struct {
+		Choices struct {
+			Status int `json:"status"`
+			Seq    int `json:"seq"`
+			Text   []struct {
+				Content string `json:"content"`
+				Role    string `json:"role"`
+				Index   int    `json:"index"`
+			} `json:"text"`
+		} `json:"choices"`
+		Usage struct {
+			Text struct {
+				QuestionTokens   int `json:"question_tokens"`
+				PromptTokens     int `json:"prompt_tokens"`
+				CompletionTokens int `json:"completion_tokens"`
+				TotalTokens      int `json:"total_tokens"`
+			} `json:"text"`
+		} `json:"usage"`
+	} `json:"payload"`
+}
+
+var Model2URL = map[string]string{
+	"general":     "v1.1",
+	"generalv2":   "v2.1",
+	"generalv3":   "v3.1",
+	"generalv3.5": "v3.5",
+}
+
+// 科大讯飞消息发送实现
+
+func (h *ChatHandler) sendXunFeiMessage(
+	chatCtx []types.Message,
+	req types.ApiRequest,
+	userVo vo.User,
+	ctx context.Context,
+	session *types.ChatSession,
+	role model.ChatRole,
+	prompt string,
+	ws *types.WsClient) error {
+	promptCreatedAt := time.Now() // 记录提问时间
+	var apiKey model.ApiKey
+	res := h.DB.Where("platform = ?", session.Model.Platform).Where("type = ?", "chat").Where("enabled = ?", true).Order("last_used_at ASC").First(&apiKey)
+	if res.Error != nil {
+		utils.ReplyMessage(ws, "抱歉😔😔😔，系统已经没有可用的 API KEY，请联系管理员！")
+		return nil
+	}
+	// 更新 API KEY 的最后使用时间
+	h.DB.Model(&apiKey).UpdateColumn("last_used_at", time.Now().Unix())
+
+	d := websocket.Dialer{
+		HandshakeTimeout: 5 * time.Second,
+	}
+	key := strings.Split(apiKey.Value, "|")
+	if len(key) != 3 {
+		utils.ReplyMessage(ws, "非法的 API KEY！")
+		return nil
+	}
+
+	apiURL := strings.Replace(apiKey.ApiURL, "{version}", Model2URL[req.Model], 1)
+	logger.Debugf("Sending %s request, ApiURL:%s, API KEY:%s, PROXY: %s, Model: %s", session.Model.Platform, apiURL, apiKey.Value, apiKey.ProxyURL, req.Model)
+	wsURL, err := assembleAuthUrl(apiURL, key[1], key[2])
+	//握手并建立websocket 连接
+	conn, resp, err := d.Dial(wsURL, nil)
+	if err != nil {
+		logger.Error(readResp(resp) + err.Error())
+		utils.ReplyMessage(ws, "请求讯飞星火模型 API 失败："+readResp(resp)+err.Error())
+		return nil
+	} else if resp.StatusCode != 101 {
+		utils.ReplyMessage(ws, "请求讯飞星火模型 API 失败："+readResp(resp)+err.Error())
+		return nil
+	}
+
+	data := buildRequest(key[0], req)
+	fmt.Printf("%+v", data)
+	fmt.Println(apiURL)
+	err = conn.WriteJSON(data)
+	if err != nil {
+		utils.ReplyMessage(ws, "发送消息失败："+err.Error())
+		return nil
+	}
+
+	replyCreatedAt := time.Now() // 记录回复时间
+	// 循环读取 Chunk 消息
+	var message = types.Message{}
+	var contents = make([]string, 0)
+	var content string
+	for {
+		_, msg, err := conn.ReadMessage()
+		if err != nil {
+			logger.Error("error with read message:", err)
+			utils.ReplyMessage(ws, fmt.Sprintf("**数据读取失败：%s**", err))
+			break
+		}
+
+		// 解析数据
+		var result xunFeiResp
+		err = json.Unmarshal(msg, &result)
+		if err != nil {
+			logger.Error("error with parsing JSON:", err)
+			utils.ReplyMessage(ws, fmt.Sprintf("**解析数据行失败：%s**", err))
+			return nil
+		}
+
+		if result.Header.Code != 0 {
+			utils.ReplyMessage(ws, fmt.Sprintf("**请求 API 返回错误：%s**", result.Header.Message))
+			return nil
+		}
+
+		content = result.Payload.Choices.Text[0].Content
+		// 处理代码换行
+		if len(content) == 0 {
+			content = "\n"
+		}
+		contents = append(contents, content)
+		// 第一个结果
+		if result.Payload.Choices.Status == 0 {
+			utils.ReplyChunkMessage(ws, types.WsMessage{Type: types.WsStart})
+		}
+		utils.ReplyChunkMessage(ws, types.WsMessage{
+			Type:    types.WsMiddle,
+			Content: utils.InterfaceToString(content),
+		})
+
+		if result.Payload.Choices.Status == 2 { // 最终结果
+			_ = conn.Close() // 关闭连接
+			break
+		}
+
+		select {
+		case <-ctx.Done():
+			utils.ReplyMessage(ws, "**用户取消了生成指令！**")
+			return nil
+		default:
+			continue
+		}
+
+	}
+
+	// 消息发送成功
+	if len(contents) > 0 {
+		if message.Role == "" {
+			message.Role = "assistant"
+		}
+		message.Content = strings.Join(contents, "")
+		useMsg := types.Message{Role: "user", Content: prompt}
+
+		// 更新上下文消息，如果是调用函数则不需要更新上下文
+		if h.App.SysConfig.EnableContext {
+			chatCtx = append(chatCtx, useMsg)  // 提问消息
+			chatCtx = append(chatCtx, message) // 回复消息
+			h.App.ChatContexts.Put(session.ChatId, chatCtx)
+		}
+
+		// 追加聊天记录
+		// for prompt
+		promptToken, err := utils.CalcTokens(prompt, req.Model)
+		if err != nil {
+			logger.Error(err)
+		}
+		historyUserMsg := model.ChatMessage{
+			UserId:     userVo.Id,
+			ChatId:     session.ChatId,
+			RoleId:     role.Id,
+			Type:       types.PromptMsg,
+			Icon:       userVo.Avatar,
+			Content:    template.HTMLEscapeString(prompt),
+			Tokens:     promptToken,
+			UseContext: true,
+			Model:      req.Model,
+		}
+		historyUserMsg.CreatedAt = promptCreatedAt
+		historyUserMsg.UpdatedAt = promptCreatedAt
+		res := h.DB.Save(&historyUserMsg)
+		if res.Error != nil {
+			logger.Error("failed to save prompt history message: ", res.Error)
+		}
+
+		// for reply
+		// 计算本次对话消耗的总 token 数量
+		replyTokens, _ := utils.CalcTokens(message.Content, req.Model)
+		totalTokens := replyTokens + getTotalTokens(req)
+		historyReplyMsg := model.ChatMessage{
+			UserId:     userVo.Id,
+			ChatId:     session.ChatId,
+			RoleId:     role.Id,
+			Type:       types.ReplyMsg,
+			Icon:       role.Icon,
+			Content:    message.Content,
+			Tokens:     totalTokens,
+			UseContext: true,
+			Model:      req.Model,
+		}
+		historyReplyMsg.CreatedAt = replyCreatedAt
+		historyReplyMsg.UpdatedAt = replyCreatedAt
+		res = h.DB.Create(&historyReplyMsg)
+		if res.Error != nil {
+			logger.Error("failed to save reply history message: ", res.Error)
+		}
+
+		// 更新用户算力
+		h.subUserPower(userVo, session, promptToken, replyTokens)
+
+		// 保存当前会话
+		var chatItem model.ChatItem
+		res = h.DB.Where("chat_id = ?", session.ChatId).First(&chatItem)
+		if res.Error != nil {
+			chatItem.ChatId = session.ChatId
+			chatItem.UserId = session.UserId
+			chatItem.RoleId = role.Id
+			chatItem.ModelId = session.Model.Id
+			if utf8.RuneCountInString(prompt) > 30 {
+				chatItem.Title = string([]rune(prompt)[:30]) + "..."
+			} else {
+				chatItem.Title = prompt
+			}
+			chatItem.Model = req.Model
+			h.DB.Create(&chatItem)
+		}
+	}
+
+	return nil
+}
+
+// 构建 websocket 请求实体
+func buildRequest(appid string, req types.ApiRequest) map[string]interface{} {
+	return map[string]interface{}{
+		"header": map[string]interface{}{
+			"app_id": appid,
+		},
+		"parameter": map[string]interface{}{
+			"chat": map[string]interface{}{
+				"domain":      req.Model,
+				"temperature": req.Temperature,
+				"top_k":       int64(6),
+				"max_tokens":  int64(req.MaxTokens),
+				"auditing":    "default",
+			},
+		},
+		"payload": map[string]interface{}{
+			"message": map[string]interface{}{
+				"text": req.Messages,
+			},
+		},
+	}
+}
+
+// 创建鉴权 URL
+func assembleAuthUrl(hostURL string, apiKey, apiSecret string) (string, error) {
+	ul, err := url.Parse(hostURL)
+	if err != nil {
+		return "", err
+	}
+
+	date := time.Now().UTC().Format(time.RFC1123)
+	signString := []string{"host: " + ul.Host, "date: " + date, "GET " + ul.Path + " HTTP/1.1"}
+	//拼接签名字符串
+	signStr := strings.Join(signString, "\n")
+	sha := hmacWithSha256(signStr, apiSecret)
+
+	authUrl := fmt.Sprintf("hmac username=\"%s\", algorithm=\"%s\", headers=\"%s\", signature=\"%s\"", apiKey,
+		"hmac-sha256", "host date request-line", sha)
+	//将请求参数使用base64编码
+	authorization := base64.StdEncoding.EncodeToString([]byte(authUrl))
+	v := url.Values{}
+	v.Add("host", ul.Host)
+	v.Add("date", date)
+	v.Add("authorization", authorization)
+	//将编码后的字符串url encode后添加到url后面
+	return hostURL + "?" + v.Encode(), nil
+}
+
+// 使用 sha256 签名
+func hmacWithSha256(data, key string) string {
+	mac := hmac.New(sha256.New, []byte(key))
+	mac.Write([]byte(data))
+	encodeData := mac.Sum(nil)
+	return base64.StdEncoding.EncodeToString(encodeData)
+}
+
+// 读取响应
+func readResp(resp *http.Response) string {
+	if resp == nil {
+		return ""
+	}
+	b, err := io.ReadAll(resp.Body)
+	if err != nil {
+		panic(err)
+	}
+	return fmt.Sprintf("code=%d,body=%s", resp.StatusCode, string(b))
+}
--- a/api/handler/config_handler.go
+++ b/api/handler/config_handler.go
@@ -0,0 +1,39 @@
+package handler
+
+import (
+	"chatplus/core"
+	"chatplus/store/model"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+type ConfigHandler struct {
+	BaseHandler
+}
+
+func NewConfigHandler(app *core.AppServer, db *gorm.DB) *ConfigHandler {
+	return &ConfigHandler{BaseHandler: BaseHandler{App: app, DB: db}}
+}
+
+// Get 获取指定的系统配置
+func (h *ConfigHandler) Get(c *gin.Context) {
+	key := c.Query("key")
+	var config model.Config
+	res := h.DB.Where("marker", key).First(&config)
+	if res.Error != nil {
+		resp.ERROR(c, res.Error.Error())
+		return
+	}
+
+	var value map[string]interface{}
+	err := utils.JsonDecode(config.Config, &value)
+	if err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+
+	resp.SUCCESS(c, value)
+}
--- a/api/handler/function_handler.go
+++ b/api/handler/function_handler.go
@@ -0,0 +1,274 @@
+package handler
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/service/oss"
+	"chatplus/store/model"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"errors"
+	"fmt"
+	"github.com/gin-gonic/gin"
+	"github.com/golang-jwt/jwt/v5"
+	"github.com/imroc/req/v3"
+	"gorm.io/gorm"
+	"strings"
+	"time"
+)
+
+type FunctionHandler struct {
+	BaseHandler
+	config        types.ChatPlusApiConfig
+	uploadManager *oss.UploaderManager
+}
+
+func NewFunctionHandler(server *core.AppServer, db *gorm.DB, config *types.AppConfig, manager *oss.UploaderManager) *FunctionHandler {
+	return &FunctionHandler{
+		BaseHandler: BaseHandler{
+			App: server,
+			DB:  db,
+		},
+		config:        config.ApiConfig,
+		uploadManager: manager,
+	}
+}
+
+type resVo struct {
+	Code    types.BizCode `json:"code"`
+	Message string        `json:"message"`
+	Data    struct {
+		Title     string     `json:"title"`
+		UpdatedAt string     `json:"updated_at"`
+		Items     []dataItem `json:"items"`
+	} `json:"data"`
+}
+
+type dataItem struct {
+	Title  string `json:"title"`
+	Url    string `json:"url"`
+	Remark string `json:"remark"`
+}
+
+// check authorization
+func (h *FunctionHandler) checkAuth(c *gin.Context) error {
+	tokenString := c.GetHeader(types.UserAuthHeader)
+	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+		}
+
+		return []byte(h.App.Config.Session.SecretKey), nil
+	})
+
+	if err != nil {
+		return fmt.Errorf("error with parse auth token: %v", err)
+	}
+
+	claims, ok := token.Claims.(jwt.MapClaims)
+	if !ok || !token.Valid {
+		return errors.New("token is invalid")
+	}
+
+	expr := utils.IntValue(utils.InterfaceToString(claims["expired"]), 0)
+	if expr > 0 && int64(expr) < time.Now().Unix() {
+		return errors.New("token is expired")
+	}
+
+	return nil
+}
+
+// WeiBo 微博热搜
+func (h *FunctionHandler) WeiBo(c *gin.Context) {
+	if err := h.checkAuth(c); err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+
+	if h.config.Token == "" {
+		resp.ERROR(c, "无效的 API Token")
+		return
+	}
+
+	url := fmt.Sprintf("%s/api/weibo/fetch", h.config.ApiURL)
+	var res resVo
+	r, err := req.C().R().
+		SetHeader("AppId", h.config.AppId).
+		SetHeader("Authorization", fmt.Sprintf("Bearer %s", h.config.Token)).
+		SetSuccessResult(&res).Get(url)
+	if err != nil || r.IsErrorState() {
+		resp.ERROR(c, fmt.Sprintf("%v%v", err, r.Err))
+		return
+	}
+
+	if res.Code != types.Success {
+		resp.ERROR(c, res.Message)
+		return
+	}
+
+	builder := make([]string, 0)
+	builder = append(builder, fmt.Sprintf("**%s**，最新更新：%s", res.Data.Title, res.Data.UpdatedAt))
+	for i, v := range res.Data.Items {
+		builder = append(builder, fmt.Sprintf("%d、 [%s](%s) [热度：%s]", i+1, v.Title, v.Url, v.Remark))
+	}
+	resp.SUCCESS(c, strings.Join(builder, "\n\n"))
+}
+
+// ZaoBao 今日早报
+func (h *FunctionHandler) ZaoBao(c *gin.Context) {
+	if err := h.checkAuth(c); err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+
+	if h.config.Token == "" {
+		resp.ERROR(c, "无效的 API Token")
+		return
+	}
+
+	url := fmt.Sprintf("%s/api/zaobao/fetch", h.config.ApiURL)
+	var res resVo
+	r, err := req.C().R().
+		SetHeader("AppId", h.config.AppId).
+		SetHeader("Authorization", fmt.Sprintf("Bearer %s", h.config.Token)).
+		SetSuccessResult(&res).Get(url)
+	if err != nil || r.IsErrorState() {
+		resp.ERROR(c, fmt.Sprintf("%v%v", err, r.Err))
+		return
+	}
+
+	if res.Code != types.Success {
+		resp.ERROR(c, res.Message)
+		return
+	}
+
+	builder := make([]string, 0)
+	builder = append(builder, fmt.Sprintf("**%s 早报：**", res.Data.UpdatedAt))
+	for _, v := range res.Data.Items {
+		builder = append(builder, v.Title)
+	}
+	builder = append(builder, fmt.Sprintf("%s", res.Data.Title))
+	resp.SUCCESS(c, strings.Join(builder, "\n\n"))
+}
+
+type imgReq struct {
+	Model  string `json:"model"`
+	Prompt string `json:"prompt"`
+	N      int    `json:"n"`
+	Size   string `json:"size"`
+}
+
+type imgRes struct {
+	Created int64 `json:"created"`
+	Data    []struct {
+		RevisedPrompt string `json:"revised_prompt"`
+		Url           string `json:"url"`
+	} `json:"data"`
+}
+
+type ErrRes struct {
+	Error struct {
+		Code    interface{} `json:"code"`
+		Message string      `json:"message"`
+		Param   interface{} `json:"param"`
+		Type    string      `json:"type"`
+	} `json:"error"`
+}
+
+// Dall3 DallE3 AI 绘图
+func (h *FunctionHandler) Dall3(c *gin.Context) {
+	if err := h.checkAuth(c); err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+
+	var params map[string]interface{}
+	if err := c.ShouldBindJSON(&params); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	logger.Debugf("绘画参数：%+v", params)
+	var user model.User
+	tx := h.DB.Where("id = ?", params["user_id"]).First(&user)
+	if tx.Error != nil {
+		resp.ERROR(c, "当前用户不存在！")
+		return
+	}
+
+	if user.Power < h.App.SysConfig.DallPower {
+		resp.ERROR(c, "当前用户剩余算力不足以完成本次绘画！")
+		return
+	}
+
+	prompt := utils.InterfaceToString(params["prompt"])
+	// get image generation API KEY
+	var apiKey model.ApiKey
+	tx = h.DB.Where("platform = ?", types.OpenAI).Where("type = ?", "img").Where("enabled = ?", true).Order("last_used_at ASC").First(&apiKey)
+	if tx.Error != nil {
+		resp.ERROR(c, "获取绘图 API KEY 失败: "+tx.Error.Error())
+		return
+	}
+
+	// translate prompt
+	const translatePromptTemplate = "Translate the following painting prompt words into English keyword phrases. Without any explanation, directly output the keyword phrases separated by commas. The content to be translated is: [%s]"
+	pt, err := utils.OpenAIRequest(h.DB, fmt.Sprintf(translatePromptTemplate, params["prompt"]))
+	if err == nil {
+		logger.Debugf("翻译绘画提示词，原文：%s，译文：%s", prompt, pt)
+		prompt = pt
+	}
+	var res imgRes
+	var errRes ErrRes
+	var request *req.Request
+	if len(apiKey.ProxyURL) > 5 {
+		request = req.C().SetProxyURL(apiKey.ProxyURL).R()
+	} else {
+		request = req.C().R()
+	}
+	logger.Debugf("Sending %s request, ApiURL:%s, API KEY:%s, PROXY: %s", apiKey.Platform, apiKey.ApiURL, apiKey.Value, apiKey.ProxyURL)
+	r, err := request.SetHeader("Content-Type", "application/json").
+		SetHeader("Authorization", "Bearer "+apiKey.Value).
+		SetBody(imgReq{
+			Model:  "dall-e-3",
+			Prompt: prompt,
+			N:      1,
+			Size:   "1024x1024",
+		}).
+		SetErrorResult(&errRes).
+		SetSuccessResult(&res).Post(apiKey.ApiURL)
+	if r.IsErrorState() {
+		resp.ERROR(c, "请求 OpenAI API 失败: "+errRes.Error.Message)
+		return
+	}
+	// 更新 API KEY 的最后使用时间
+	h.DB.Model(&apiKey).UpdateColumn("last_used_at", time.Now().Unix())
+	logger.Debugf("%+v", res)
+	// 存储图片
+	imgURL, err := h.uploadManager.GetUploadHandler().PutImg(res.Data[0].Url, false)
+	if err != nil {
+		resp.ERROR(c, "下载图片失败: "+err.Error())
+		return
+	}
+
+	content := fmt.Sprintf("下面是根据您的描述创作的图片，它描绘了 【%s】 的场景。 \n\n![](%s)\n", prompt, imgURL)
+	// 更新用户算力
+	tx = h.DB.Model(&model.User{}).Where("id", user.Id).UpdateColumn("power", gorm.Expr("power - ?", h.App.SysConfig.DallPower))
+	// 记录算力变化日志
+	if tx.Error == nil && tx.RowsAffected > 0 {
+		var u model.User
+		h.DB.Where("id", user.Id).First(&u)
+		h.DB.Create(&model.PowerLog{
+			UserId:    user.Id,
+			Username:  user.Username,
+			Type:      types.PowerConsume,
+			Amount:    h.App.SysConfig.DallPower,
+			Balance:   u.Power,
+			Mark:      types.PowerSub,
+			Model:     "dall-e-3",
+			Remark:    fmt.Sprintf("绘画提示词：%s", utils.CutWords(prompt, 10)),
+			CreatedAt: time.Now(),
+		})
+	}
+
+	resp.SUCCESS(c, content)
+}
--- a/api/handler/invite_handler.go
+++ b/api/handler/invite_handler.go
@@ -0,0 +1,93 @@
+package handler
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+	"strings"
+)
+
+// InviteHandler 用户邀请
+type InviteHandler struct {
+	BaseHandler
+}
+
+func NewInviteHandler(app *core.AppServer, db *gorm.DB) *InviteHandler {
+	return &InviteHandler{BaseHandler: BaseHandler{App: app, DB: db}}
+}
+
+// Code 获取当前用户邀请码
+func (h *InviteHandler) Code(c *gin.Context) {
+	userId := h.GetLoginUserId(c)
+	var inviteCode model.InviteCode
+	res := h.DB.Where("user_id = ?", userId).First(&inviteCode)
+	// 如果邀请码不存在，则创建一个
+	if res.Error != nil {
+		code := strings.ToUpper(utils.RandString(8))
+		for {
+			res = h.DB.Where("code = ?", code).First(&inviteCode)
+			if res.Error != nil { // 不存在相同的邀请码则退出
+				break
+			}
+		}
+		inviteCode.UserId = userId
+		inviteCode.Code = code
+		h.DB.Create(&inviteCode)
+	}
+
+	var codeVo vo.InviteCode
+	err := utils.CopyObject(inviteCode, &codeVo)
+	if err != nil {
+		resp.ERROR(c, "拷贝对象失败")
+		return
+	}
+
+	resp.SUCCESS(c, codeVo)
+}
+
+// List Log 用户邀请记录
+func (h *InviteHandler) List(c *gin.Context) {
+
+	var data struct {
+		Page     int `json:"page"`
+		PageSize int `json:"page_size"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+	userId := h.GetLoginUserId(c)
+	session := h.DB.Session(&gorm.Session{}).Where("inviter_id = ?", userId)
+	var total int64
+	session.Model(&model.InviteLog{}).Count(&total)
+	var items []model.InviteLog
+	var list = make([]vo.InviteLog, 0)
+	offset := (data.Page - 1) * data.PageSize
+	res := session.Order("id DESC").Offset(offset).Limit(data.PageSize).Find(&items)
+	if res.Error == nil {
+		for _, item := range items {
+			var v vo.InviteLog
+			err := utils.CopyObject(item, &v)
+			if err == nil {
+				v.Id = item.Id
+				v.CreatedAt = item.CreatedAt.Unix()
+				list = append(list, v)
+			} else {
+				logger.Error(err)
+			}
+		}
+	}
+	resp.SUCCESS(c, vo.NewPage(total, data.Page, data.PageSize, list))
+}
+
+// Hits 访问邀请码
+func (h *InviteHandler) Hits(c *gin.Context) {
+	code := c.Query("code")
+	h.DB.Model(&model.InviteCode{}).Where("code = ?", code).UpdateColumn("hits", gorm.Expr("hits + ?", 1))
+	resp.SUCCESS(c)
+}
--- a/api/handler/menu_handler.go
+++ b/api/handler/menu_handler.go
@@ -0,0 +1,36 @@
+package handler
+
+import (
+	"chatplus/core"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+type MenuHandler struct {
+	BaseHandler
+}
+
+func NewMenuHandler(app *core.AppServer, db *gorm.DB) *MenuHandler {
+	return &MenuHandler{BaseHandler: BaseHandler{App: app, DB: db}}
+}
+
+// List 数据列表
+func (h *MenuHandler) List(c *gin.Context) {
+	var items []model.Menu
+	var list = make([]vo.Menu, 0)
+	res := h.DB.Where("enabled", true).Order("sort_num ASC").Find(&items)
+	if res.Error == nil {
+		for _, item := range items {
+			var product vo.Menu
+			err := utils.CopyObject(item, &product)
+			if err == nil {
+				list = append(list, product)
+			}
+		}
+	}
+	resp.SUCCESS(c, list)
+}
--- a/api/handler/mj_handler.go
+++ b/api/handler/mj_handler.go
@@ -3,212 +3,510 @@ package handler
 import (
 	"chatplus/core"
 	"chatplus/core/types"
-	"chatplus/service/function"
-	"chatplus/store"
+	"chatplus/service"
+	"chatplus/service/mj"
+	"chatplus/service/oss"
 	"chatplus/store/model"
+	"chatplus/store/vo"
 	"chatplus/utils"
 	"chatplus/utils/resp"
+	"encoding/base64"
 	"fmt"
-	"github.com/gin-gonic/gin"
-	"gorm.io/gorm"
+	"net/http"
+	"strings"
 	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/gorilla/websocket"
+	"gorm.io/gorm"
 )

-type TaskStatus string
-
-const (
-	Start    = TaskStatus("Started")
-	Running  = TaskStatus("Running")
-	Stopped  = TaskStatus("Stopped")
-	Finished = TaskStatus("Finished")
-)
-
-type Image struct {
-	URL      string `json:"url"`
-	ProxyURL string `json:"proxy_url"`
-	Filename string `json:"filename"`
-	Width    int    `json:"width"`
-	Height   int    `json:"height"`
-	Size     int    `json:"size"`
-	Hash     string `json:"hash"`
-}
-
 type MidJourneyHandler struct {
 	BaseHandler
-	leveldb *store.LevelDB
-	db      *gorm.DB
-	mjFunc  function.FuncMidJourney
+	pool      *mj.ServicePool
+	snowflake *service.Snowflake
+	uploader  *oss.UploaderManager
 }

-func NewMidJourneyHandler(app *core.AppServer, leveldb *store.LevelDB, db *gorm.DB, functions map[string]function.Function) *MidJourneyHandler {
-	h := MidJourneyHandler{leveldb: leveldb, db: db, mjFunc: functions[types.FuncMidJourney].(function.FuncMidJourney)}
-	h.App = app
-	return &h
+func NewMidJourneyHandler(app *core.AppServer, db *gorm.DB, snowflake *service.Snowflake, pool *mj.ServicePool, manager *oss.UploaderManager) *MidJourneyHandler {
+	return &MidJourneyHandler{
+		snowflake: snowflake,
+		pool:      pool,
+		uploader:  manager,
+		BaseHandler: BaseHandler{
+			App: app,
+			DB:  db,
+		},
+	}
 }

-func (h *MidJourneyHandler) Notify(c *gin.Context) {
-	token := c.GetHeader("Authorization")
-	if token != h.App.Config.ExtConfig.Token {
+func (h *MidJourneyHandler) preCheck(c *gin.Context) bool {
+	user, err := h.GetLoginUser(c)
+	if err != nil {
 		resp.NotAuth(c)
+		return false
+	}
+
+	if user.Power < h.App.SysConfig.MjPower {
+		resp.ERROR(c, "当前用户剩余算力不足以完成本次绘画！")
+		return false
+	}
+
+	if !h.pool.HasAvailableService() {
+		resp.ERROR(c, "MidJourney 池子中没有没有可用的服务！")
+		return false
+	}
+
+	return true
+
+}
+
+// Client WebSocket 客户端，用于通知任务状态变更
+func (h *MidJourneyHandler) Client(c *gin.Context) {
+	ws, err := (&websocket.Upgrader{CheckOrigin: func(r *http.Request) bool { return true }}).Upgrade(c.Writer, c.Request, nil)
+	if err != nil {
+		logger.Error(err)
+		c.Abort()
 		return
 	}

-	var data struct {
-		MessageId   string     `json:"message_id"`
-		ReferenceId string     `json:"reference_id"`
-		Image       Image      `json:"image"`
-		Content     string     `json:"content"`
-		Prompt      string     `json:"prompt"`
-		Status      TaskStatus `json:"status"`
-		Key         string     `json:"key"`
+	userId := h.GetInt(c, "user_id", 0)
+	if userId == 0 {
+		logger.Info("Invalid user ID")
+		c.Abort()
+		return
 	}
-	if err := c.ShouldBindJSON(&data); err != nil || data.Prompt == "" {
+
+	client := types.NewWsClient(ws)
+	h.pool.Clients.Put(uint(userId), client)
+	logger.Infof("New websocket connected, IP: %s", c.RemoteIP())
+}
+
+// Image 创建一个绘画任务
+func (h *MidJourneyHandler) Image(c *gin.Context) {
+	var data struct {
+		SessionId string   `json:"session_id"`
+		TaskType  string   `json:"task_type"`
+		Prompt    string   `json:"prompt"`
+		NegPrompt string   `json:"neg_prompt"`
+		Rate      string   `json:"rate"`
+		Model     string   `json:"model"`
+		Chaos     int      `json:"chaos"`
+		Raw       bool     `json:"raw"`
+		Seed      int64    `json:"seed"`
+		Stylize   int      `json:"stylize"`
+		ImgArr    []string `json:"img_arr"`
+		Tile      bool     `json:"tile"`
+		Quality   float32  `json:"quality"`
+		Iw        float32  `json:"iw"`
+		CRef      string   `json:"cref"` //生成角色一致的图像
+		SRef      string   `json:"sref"` //生成风格一致的图像
+		Cw        int      `json:"cw"`   // 参考程度
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
 		resp.ERROR(c, types.InvalidArgs)
 		return
 	}
-
-	logger.Infof("收到 MidJourney 回调请求：%+v", data)
-
-	// the job is saved
-	var job model.MidJourneyJob
-	res := h.db.Where("message_id = ?", data.MessageId).First(&job)
-	if res.Error == nil {
-		resp.SUCCESS(c)
+	if !h.preCheck(c) {
 		return
 	}

-	data.Key = utils.Sha256(data.Prompt)
-	//logger.Info(data.Prompt, ",", key)
-	if data.Status == Finished {
-		var task types.MjTask
-		err := h.leveldb.Get(types.TaskStorePrefix+data.Key, &task)
-		if err != nil {
-			logger.Error("error with get MidJourney task: ", err)
-			resp.SUCCESS(c)
-			return
-		}
-
-		// TODO: 是否需要把图片下载到本地服务器？
-
-		message := model.HistoryMessage{
-			UserId:     task.UserId,
-			ChatId:     task.ChatId,
-			RoleId:     task.RoleId,
-			Type:       types.MjMsg,
-			Icon:       task.Icon,
-			Content:    utils.JsonEncode(data),
-			Tokens:     0,
-			UseContext: false,
-		}
-		res := h.db.Create(&message)
-		if res.Error != nil {
-			logger.Error("error with save chat history message: ", res.Error)
-		}
-
-		// save the job
-		job.UserId = task.UserId
-		job.ChatId = task.ChatId
-		job.MessageId = data.MessageId
-		job.ReferenceId = data.ReferenceId
-		job.Content = data.Content
-		job.Prompt = data.Prompt
-		job.Image = utils.JsonEncode(data.Image)
-		job.Hash = data.Image.Hash
-		job.CreatedAt = time.Now()
-		res = h.db.Create(&job)
-		if res.Error != nil {
-			logger.Error("error with save MidJourney Job: ", res.Error)
+	var params = ""
+	if data.Rate != "" && !strings.Contains(params, "--ar") {
+		params += " --ar " + data.Rate
+	}
+	if data.Seed > 0 && !strings.Contains(params, "--seed") {
+		params += fmt.Sprintf(" --seed %d", data.Seed)
+	}
+	if data.Stylize > 0 && !strings.Contains(params, "--s") && !strings.Contains(params, "--stylize") {
+		params += fmt.Sprintf(" --s %d", data.Stylize)
+	}
+	if data.Chaos > 0 && !strings.Contains(params, "--c") && !strings.Contains(params, "--chaos") {
+		params += fmt.Sprintf(" --c %d", data.Chaos)
+	}
+	if len(data.ImgArr) > 0 && data.Iw > 0 {
+		params += fmt.Sprintf(" --iw %f", data.Iw)
+	}
+	if data.Raw {
+		params += " --style raw"
+	}
+	if data.Quality > 0 {
+		params += fmt.Sprintf(" --q %.2f", data.Quality)
+	}
+	if data.Tile {
+		params += " --tile "
+	}
+	if data.CRef != "" {
+		params += fmt.Sprintf(" --cref %s", data.CRef)
+		if data.Cw > 0 {
+			params += fmt.Sprintf(" --cw %d", data.Cw)
+		} else {
+			params += " --cw 100"
 		}
 	}

-	// 推送消息到客户端
-	wsClient := h.App.MjTaskClients.Get(data.Key)
-	if wsClient == nil { // 客户端断线，则丢弃
-		logger.Errorf("Client is offline: %+v", data)
-		resp.SUCCESS(c, "Client is offline")
+	if data.SRef != "" {
+		params += fmt.Sprintf(" --sref %s", data.CRef)
+	}
+	if data.Model != "" && !strings.Contains(params, "--v") && !strings.Contains(params, "--niji") {
+		params += fmt.Sprintf(" %s", data.Model)
+	}
+
+	// 处理融图和换脸的提示词
+	if data.TaskType == types.TaskSwapFace.String() || data.TaskType == types.TaskBlend.String() {
+		params = fmt.Sprintf("%s:%s", data.TaskType, strings.Join(data.ImgArr, ","))
+	}
+
+	// 如果本地图片上传的是相对地址，处理成绝对地址
+	for k, v := range data.ImgArr {
+		if !strings.HasPrefix(v, "http") {
+			data.ImgArr[k] = fmt.Sprintf("http://localhost:5678/%s", strings.TrimLeft(v, "/"))
+		}
+	}
+
+	idValue, _ := c.Get(types.LoginUserID)
+	userId := utils.IntValue(utils.InterfaceToString(idValue), 0)
+	// generate task id
+	taskId, err := h.snowflake.Next(true)
+	if err != nil {
+		resp.ERROR(c, "error with generate task id: "+err.Error())
+		return
+	}
+	job := model.MidJourneyJob{
+		Type:      data.TaskType,
+		UserId:    userId,
+		TaskId:    taskId,
+		Progress:  0,
+		Prompt:    fmt.Sprintf("%s %s", data.Prompt, params),
+		Power:     h.App.SysConfig.MjPower,
+		CreatedAt: time.Now(),
+	}
+	opt := "绘图"
+	if data.TaskType == types.TaskBlend.String() {
+		job.Prompt = "融图：" + strings.Join(data.ImgArr, ",")
+		opt = "融图"
+	} else if data.TaskType == types.TaskSwapFace.String() {
+		job.Prompt = "换脸：" + strings.Join(data.ImgArr, ",")
+		opt = "换脸"
+	}
+
+	if res := h.DB.Create(&job); res.Error != nil || res.RowsAffected == 0 {
+		resp.ERROR(c, "添加任务失败："+res.Error.Error())
 		return
 	}

-	if data.Status == Finished {
-		utils.ReplyChunkMessage(wsClient, types.WsMessage{Type: types.WsMjImg, Content: data})
-		utils.ReplyChunkMessage(wsClient, types.WsMessage{Type: types.WsEnd})
-		// delete client
-		h.App.MjTaskClients.Delete(data.Key)
-	} else {
-		utils.ReplyChunkMessage(wsClient, types.WsMessage{Type: types.WsMjImg, Content: data})
+	h.pool.PushTask(types.MjTask{
+		Id:        job.Id,
+		TaskId:    taskId,
+		SessionId: data.SessionId,
+		Type:      types.TaskType(data.TaskType),
+		Prompt:    data.Prompt,
+		NegPrompt: data.NegPrompt,
+		Params:    params,
+		UserId:    userId,
+		ImgArr:    data.ImgArr,
+	})
+
+	client := h.pool.Clients.Get(uint(job.UserId))
+	if client != nil {
+		_ = client.Send([]byte("Task Updated"))
 	}
-	resp.SUCCESS(c, "SUCCESS")
+
+	// update user's power
+	tx := h.DB.Model(&model.User{}).Where("id = ?", job.UserId).UpdateColumn("power", gorm.Expr("power - ?", job.Power))
+	// 记录算力变化日志
+	if tx.Error == nil && tx.RowsAffected > 0 {
+		user, _ := h.GetLoginUser(c)
+		h.DB.Create(&model.PowerLog{
+			UserId:    user.Id,
+			Username:  user.Username,
+			Type:      types.PowerConsume,
+			Amount:    job.Power,
+			Balance:   user.Power - job.Power,
+			Mark:      types.PowerSub,
+			Model:     "mid-journey",
+			Remark:    fmt.Sprintf("%s操作，任务ID：%s", opt, job.TaskId),
+			CreatedAt: time.Now(),
+		})
+	}
+	resp.SUCCESS(c)
 }

 type reqVo struct {
-	Index       int32  `json:"index"`
+	Index       int    `json:"index"`
+	ChannelId   string `json:"channel_id"`
 	MessageId   string `json:"message_id"`
 	MessageHash string `json:"message_hash"`
 	SessionId   string `json:"session_id"`
-	Key         string `json:"key"`
 	Prompt      string `json:"prompt"`
+	ChatId      string `json:"chat_id"`
+	RoleId      int    `json:"role_id"`
+	Icon        string `json:"icon"`
 }

 // Upscale send upscale command to MidJourney Bot
 func (h *MidJourneyHandler) Upscale(c *gin.Context) {
 	var data reqVo
-	if err := c.ShouldBindJSON(&data); err != nil ||
-		data.SessionId == "" ||
-		data.Key == "" {
+	if err := c.ShouldBindJSON(&data); err != nil || data.SessionId == "" {
 		resp.ERROR(c, types.InvalidArgs)
 		return
 	}
-	wsClient := h.App.ChatClients.Get(data.SessionId)
-	if wsClient == nil {
-		resp.ERROR(c, "No Websocket client online")
+
+	if !h.preCheck(c) {
 		return
 	}

-	err := h.mjFunc.Upscale(function.MjUpscaleReq{
+	idValue, _ := c.Get(types.LoginUserID)
+	userId := utils.IntValue(utils.InterfaceToString(idValue), 0)
+	taskId, _ := h.snowflake.Next(true)
+	job := model.MidJourneyJob{
+		Type:        types.TaskUpscale.String(),
+		ReferenceId: data.MessageId,
+		UserId:      userId,
+		TaskId:      taskId,
+		Progress:    0,
+		Prompt:      data.Prompt,
+		Power:       h.App.SysConfig.MjActionPower,
+		CreatedAt:   time.Now(),
+	}
+	if res := h.DB.Create(&job); res.Error != nil || res.RowsAffected == 0 {
+		resp.ERROR(c, "添加任务失败："+res.Error.Error())
+		return
+	}
+
+	h.pool.PushTask(types.MjTask{
+		Id:          job.Id,
+		SessionId:   data.SessionId,
+		Type:        types.TaskUpscale,
+		Prompt:      data.Prompt,
+		UserId:      userId,
+		ChannelId:   data.ChannelId,
 		Index:       data.Index,
 		MessageId:   data.MessageId,
 		MessageHash: data.MessageHash,
 	})
-	if err != nil {
-		resp.ERROR(c, err.Error())
-		return
-	}

-	content := fmt.Sprintf("**%s** 已推送 Upscale 任务到 MidJourney 机器人，请耐心等待任务执行...", data.Prompt)
-	utils.ReplyMessage(wsClient, content)
-	if h.App.MjTaskClients.Get(data.Key) == nil {
-		h.App.MjTaskClients.Put(data.Key, wsClient)
+	client := h.pool.Clients.Get(uint(job.UserId))
+	if client != nil {
+		_ = client.Send([]byte("Task Updated"))
+	}
+	// update user's power
+	tx := h.DB.Model(&model.User{}).Where("id = ?", job.UserId).UpdateColumn("power", gorm.Expr("power - ?", job.Power))
+	// 记录算力变化日志
+	if tx.Error == nil && tx.RowsAffected > 0 {
+		user, _ := h.GetLoginUser(c)
+		h.DB.Create(&model.PowerLog{
+			UserId:    user.Id,
+			Username:  user.Username,
+			Type:      types.PowerConsume,
+			Amount:    job.Power,
+			Balance:   user.Power - job.Power,
+			Mark:      types.PowerSub,
+			Model:     "mid-journey",
+			Remark:    fmt.Sprintf("Upscale 操作，任务ID：%s", job.TaskId),
+			CreatedAt: time.Now(),
+		})
 	}
 	resp.SUCCESS(c)
 }

+// Variation send variation command to MidJourney Bot
 func (h *MidJourneyHandler) Variation(c *gin.Context) {
 	var data reqVo
-	if err := c.ShouldBindJSON(&data); err != nil ||
-		data.SessionId == "" ||
-		data.Key == "" {
+	if err := c.ShouldBindJSON(&data); err != nil || data.SessionId == "" {
 		resp.ERROR(c, types.InvalidArgs)
 		return
 	}
-	wsClient := h.App.ChatClients.Get(data.SessionId)
-	if wsClient == nil {
-		resp.ERROR(c, "No Websocket client online")
+
+	if !h.preCheck(c) {
 		return
 	}

-	err := h.mjFunc.Variation(function.MjVariationReq{
+	idValue, _ := c.Get(types.LoginUserID)
+	userId := utils.IntValue(utils.InterfaceToString(idValue), 0)
+	taskId, _ := h.snowflake.Next(true)
+	job := model.MidJourneyJob{
+		Type:        types.TaskVariation.String(),
+		ChannelId:   data.ChannelId,
+		ReferenceId: data.MessageId,
+		UserId:      userId,
+		TaskId:      taskId,
+		Progress:    0,
+		Prompt:      data.Prompt,
+		Power:       h.App.SysConfig.MjActionPower,
+		CreatedAt:   time.Now(),
+	}
+	if res := h.DB.Create(&job); res.Error != nil || res.RowsAffected == 0 {
+		resp.ERROR(c, "添加任务失败："+res.Error.Error())
+		return
+	}
+
+	h.pool.PushTask(types.MjTask{
+		Id:          job.Id,
+		SessionId:   data.SessionId,
+		Type:        types.TaskVariation,
+		Prompt:      data.Prompt,
+		UserId:      userId,
 		Index:       data.Index,
+		ChannelId:   data.ChannelId,
 		MessageId:   data.MessageId,
 		MessageHash: data.MessageHash,
 	})
+
+	client := h.pool.Clients.Get(uint(job.UserId))
+	if client != nil {
+		_ = client.Send([]byte("Task Updated"))
+	}
+
+	// update user's power
+	tx := h.DB.Model(&model.User{}).Where("id = ?", job.UserId).UpdateColumn("power", gorm.Expr("power - ?", job.Power))
+	// 记录算力变化日志
+	if tx.Error == nil && tx.RowsAffected > 0 {
+		user, _ := h.GetLoginUser(c)
+		h.DB.Create(&model.PowerLog{
+			UserId:    user.Id,
+			Username:  user.Username,
+			Type:      types.PowerConsume,
+			Amount:    job.Power,
+			Balance:   user.Power - job.Power,
+			Mark:      types.PowerSub,
+			Model:     "mid-journey",
+			Remark:    fmt.Sprintf("Variation 操作，任务ID：%s", job.TaskId),
+			CreatedAt: time.Now(),
+		})
+	}
+	resp.SUCCESS(c)
+}
+
+// ImgWall 照片墙
+func (h *MidJourneyHandler) ImgWall(c *gin.Context) {
+	page := h.GetInt(c, "page", 0)
+	pageSize := h.GetInt(c, "page_size", 0)
+	err, jobs := h.getData(true, 0, page, pageSize, true)
 	if err != nil {
 		resp.ERROR(c, err.Error())
 		return
 	}
-	content := fmt.Sprintf("**%s** 已推送 Variation 任务到 MidJourney 机器人，请耐心等待任务执行...", data.Prompt)
-	utils.ReplyMessage(wsClient, content)
-	if h.App.MjTaskClients.Get(data.Key) == nil {
-		h.App.MjTaskClients.Put(data.Key, wsClient)
+
+	resp.SUCCESS(c, jobs)
+}
+
+// JobList 获取 MJ 任务列表
+func (h *MidJourneyHandler) JobList(c *gin.Context) {
+	status := h.GetBool(c, "status")
+	userId := h.GetLoginUserId(c)
+	page := h.GetInt(c, "page", 0)
+	pageSize := h.GetInt(c, "page_size", 0)
+	publish := h.GetBool(c, "publish")
+
+	err, jobs := h.getData(status, userId, page, pageSize, publish)
+	if err != nil {
+		resp.ERROR(c, err.Error())
+		return
 	}
+
+	resp.SUCCESS(c, jobs)
+}
+
+// JobList 获取 MJ 任务列表
+func (h *MidJourneyHandler) getData(finish bool, userId uint, page int, pageSize int, publish bool) (error, []vo.MidJourneyJob) {
+	session := h.DB.Session(&gorm.Session{})
+	if finish {
+		session = session.Where("progress = ?", 100).Order("id DESC")
+	} else {
+		session = session.Where("progress < ?", 100).Order("id ASC")
+	}
+	if userId > 0 {
+		session = session.Where("user_id = ?", userId)
+	}
+	if publish {
+		session = session.Where("publish = ?", publish)
+	}
+	if page > 0 && pageSize > 0 {
+		offset := (page - 1) * pageSize
+		session = session.Offset(offset).Limit(pageSize)
+	}
+
+	var items []model.MidJourneyJob
+	res := session.Find(&items)
+	if res.Error != nil {
+		return res.Error, nil
+	}
+
+	var jobs = make([]vo.MidJourneyJob, 0)
+	for _, item := range items {
+		var job vo.MidJourneyJob
+		err := utils.CopyObject(item, &job)
+		if err != nil {
+			continue
+		}
+
+		if item.Progress < 100 && item.ImgURL == "" && item.OrgURL != "" {
+			// discord 服务器图片需要使用代理转发图片数据流
+			if strings.HasPrefix(item.OrgURL, "https://cdn.discordapp.com") {
+				image, err := utils.DownloadImage(item.OrgURL, h.App.Config.ProxyURL)
+				if err == nil {
+					job.ImgURL = "data:image/png;base64," + base64.StdEncoding.EncodeToString(image)
+				}
+			} else {
+				job.ImgURL = job.OrgURL
+			}
+		}
+
+		jobs = append(jobs, job)
+	}
+	return nil, jobs
+}
+
+// Remove remove task image
+func (h *MidJourneyHandler) Remove(c *gin.Context) {
+	var data struct {
+		Id     uint   `json:"id"`
+		UserId uint   `json:"user_id"`
+		ImgURL string `json:"img_url"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	// remove job recode
+	res := h.DB.Delete(&model.MidJourneyJob{Id: data.Id})
+	if res.Error != nil {
+		resp.ERROR(c, res.Error.Error())
+		return
+	}
+
+	// remove image
+	err := h.uploader.GetUploadHandler().Delete(data.ImgURL)
+	if err != nil {
+		logger.Error("remove image failed: ", err)
+	}
+
+	client := h.pool.Clients.Get(data.UserId)
+	if client != nil {
+		_ = client.Send([]byte("Task Updated"))
+	}
+
+	resp.SUCCESS(c)
+}
+
+// Publish 发布图片到画廊显示
+func (h *MidJourneyHandler) Publish(c *gin.Context) {
+	var data struct {
+		Id     uint `json:"id"`
+		Action bool `json:"action"` // 发布动作，true => 发布，false => 取消分享
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Model(&model.MidJourneyJob{Id: data.Id}).UpdateColumn("publish", data.Action)
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败")
+		return
+	}
+
 	resp.SUCCESS(c)
 }
--- a/api/handler/order_handler.go
+++ b/api/handler/order_handler.go
@@ -0,0 +1,55 @@
+package handler
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+type OrderHandler struct {
+	BaseHandler
+}
+
+func NewOrderHandler(app *core.AppServer, db *gorm.DB) *OrderHandler {
+	return &OrderHandler{BaseHandler: BaseHandler{App: app, DB: db}}
+}
+
+func (h *OrderHandler) List(c *gin.Context) {
+	var data struct {
+		Page     int `json:"page"`
+		PageSize int `json:"page_size"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+	userId := h.GetLoginUserId(c)
+	session := h.DB.Session(&gorm.Session{}).Where("user_id = ? AND status = ?", userId, types.OrderPaidSuccess)
+	var total int64
+	session.Model(&model.Order{}).Count(&total)
+	var items []model.Order
+	var list = make([]vo.Order, 0)
+	offset := (data.Page - 1) * data.PageSize
+	res := session.Order("id DESC").Offset(offset).Limit(data.PageSize).Find(&items)
+	if res.Error == nil {
+		for _, item := range items {
+			var order vo.Order
+			err := utils.CopyObject(item, &order)
+			if err == nil {
+				order.Id = item.Id
+				order.CreatedAt = item.CreatedAt.Unix()
+				order.UpdatedAt = item.UpdatedAt.Unix()
+				list = append(list, order)
+			} else {
+				logger.Error(err)
+			}
+		}
+	}
+	resp.SUCCESS(c, vo.NewPage(total, data.Page, data.PageSize, list))
+}
--- a/api/handler/payment_handler.go
+++ b/api/handler/payment_handler.go
@@ -0,0 +1,584 @@
+package handler
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/service"
+	"chatplus/service/payment"
+	"chatplus/store/model"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"embed"
+	"encoding/base64"
+	"fmt"
+	"github.com/shopspring/decimal"
+	"math"
+	"net/http"
+	"net/url"
+	"sync"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+const (
+	PayWayAlipay = "支付宝"
+	PayWayXunHu  = "虎皮椒"
+	PayWayJs     = "PayJS"
+)
+
+// PaymentHandler 支付服务回调 handler
+type PaymentHandler struct {
+	BaseHandler
+	alipayService  *payment.AlipayService
+	huPiPayService *payment.HuPiPayService
+	js             *payment.PayJS
+	snowflake      *service.Snowflake
+	fs             embed.FS
+	lock           sync.Mutex
+}
+
+func NewPaymentHandler(
+	server *core.AppServer,
+	alipayService *payment.AlipayService,
+	huPiPayService *payment.HuPiPayService,
+	js *payment.PayJS,
+	db *gorm.DB,
+	snowflake *service.Snowflake,
+	fs embed.FS) *PaymentHandler {
+	return &PaymentHandler{
+		alipayService:  alipayService,
+		huPiPayService: huPiPayService,
+		js:             js,
+		snowflake:      snowflake,
+		fs:             fs,
+		lock:           sync.Mutex{},
+		BaseHandler: BaseHandler{
+			App: server,
+			DB:  db,
+		},
+	}
+}
+
+func (h *PaymentHandler) DoPay(c *gin.Context) {
+	orderNo := h.GetTrim(c, "order_no")
+	payWay := h.GetTrim(c, "pay_way")
+
+	if orderNo == "" {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	var order model.Order
+	res := h.DB.Where("order_no = ?", orderNo).First(&order)
+	if res.Error != nil {
+		resp.ERROR(c, "Order not found")
+		return
+	}
+
+	// fix: 这里先检查一下订单状态，如果已经支付了，就直接返回
+	if order.Status == types.OrderPaidSuccess {
+		resp.ERROR(c, "This order had been paid, please do not pay twice")
+		return
+	}
+
+	// 更新扫码状态
+	h.DB.Model(&order).UpdateColumn("status", types.OrderScanned)
+	if payWay == "alipay" { // 支付宝
+		// 生成支付链接
+		notifyURL := h.App.Config.AlipayConfig.NotifyURL
+		returnURL := "" // 关闭同步回跳
+		amount := fmt.Sprintf("%.2f", order.Amount)
+
+		uri, err := h.alipayService.PayUrlMobile(order.OrderNo, notifyURL, returnURL, amount, order.Subject)
+		if err != nil {
+			resp.ERROR(c, "error with generate pay url: "+err.Error())
+			return
+		}
+
+		c.Redirect(302, uri)
+		return
+	} else if payWay == "hupi" { // 虎皮椒支付
+		params := payment.HuPiPayReq{
+			Version:      "1.1",
+			TradeOrderId: orderNo,
+			TotalFee:     fmt.Sprintf("%f", order.Amount),
+			Title:        order.Subject,
+			NotifyURL:    h.App.Config.HuPiPayConfig.NotifyURL,
+			WapName:      "极客学长",
+		}
+		r, err := h.huPiPayService.Pay(params)
+		if err != nil {
+			resp.ERROR(c, err.Error())
+			return
+		}
+
+		c.Redirect(302, r.URL)
+	}
+	resp.ERROR(c, "Invalid operations")
+}
+
+// OrderQuery 查询订单状态
+func (h *PaymentHandler) OrderQuery(c *gin.Context) {
+	var data struct {
+		OrderNo string `json:"order_no"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	var order model.Order
+	res := h.DB.Where("order_no = ?", data.OrderNo).First(&order)
+	if res.Error != nil {
+		resp.ERROR(c, "Order not found")
+		return
+	}
+
+	if order.Status == types.OrderPaidSuccess {
+		resp.SUCCESS(c, gin.H{"status": order.Status})
+		return
+	}
+
+	counter := 0
+	for {
+		time.Sleep(time.Second)
+		var item model.Order
+		h.DB.Where("order_no = ?", data.OrderNo).First(&item)
+		if counter >= 15 || item.Status == types.OrderPaidSuccess || item.Status != order.Status {
+			order.Status = item.Status
+			break
+		}
+		counter++
+	}
+
+	resp.SUCCESS(c, gin.H{"status": order.Status})
+}
+
+// PayQrcode 生成支付 URL 二维码
+func (h *PaymentHandler) PayQrcode(c *gin.Context) {
+	var data struct {
+		PayWay    string `json:"pay_way"` // 支付方式
+		ProductId uint   `json:"product_id"`
+		UserId    int    `json:"user_id"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	var product model.Product
+	res := h.DB.First(&product, data.ProductId)
+	if res.Error != nil {
+		resp.ERROR(c, "Product not found")
+		return
+	}
+
+	orderNo, err := h.snowflake.Next(false)
+	if err != nil {
+		resp.ERROR(c, "error with generate trade no: "+err.Error())
+		return
+	}
+	var user model.User
+	res = h.DB.First(&user, data.UserId)
+	if res.Error != nil {
+		resp.ERROR(c, "Invalid user ID")
+		return
+	}
+
+	var payWay string
+	var notifyURL string
+	switch data.PayWay {
+	case "hupi":
+		payWay = PayWayXunHu
+		notifyURL = h.App.Config.HuPiPayConfig.NotifyURL
+	case "payjs":
+		payWay = PayWayJs
+		notifyURL = h.App.Config.JPayConfig.NotifyURL
+	default:
+		payWay = PayWayAlipay
+		notifyURL = h.App.Config.AlipayConfig.NotifyURL
+	}
+	// 创建订单
+	remark := types.OrderRemark{
+		Days:     product.Days,
+		Power:    product.Power,
+		Name:     product.Name,
+		Price:    product.Price,
+		Discount: product.Discount,
+	}
+
+	amount, _ := decimal.NewFromFloat(product.Price).Sub(decimal.NewFromFloat(product.Discount)).Float64()
+	order := model.Order{
+		UserId:    user.Id,
+		Username:  user.Username,
+		ProductId: product.Id,
+		OrderNo:   orderNo,
+		Subject:   product.Name,
+		Amount:    amount,
+		Status:    types.OrderNotPaid,
+		PayWay:    payWay,
+		Remark:    utils.JsonEncode(remark),
+	}
+	res = h.DB.Create(&order)
+	if res.Error != nil || res.RowsAffected == 0 {
+		resp.ERROR(c, "error with create order: "+res.Error.Error())
+		return
+	}
+
+	// PayJs 单独处理，只能用官方生成的二维码
+	if data.PayWay == "payjs" {
+		params := payment.JPayReq{
+			TotalFee:   int(math.Ceil(order.Amount * 100)),
+			OutTradeNo: order.OrderNo,
+			Subject:    product.Name,
+		}
+		r := h.js.Pay(params)
+		if r.IsOK() {
+			resp.SUCCESS(c, gin.H{"order_no": order.OrderNo, "image": r.Qrcode})
+			return
+		} else {
+			resp.ERROR(c, "error with generating payment qrcode: "+r.ReturnMsg)
+			return
+		}
+	}
+
+	var logo string
+	if data.PayWay == "alipay" {
+		logo = "res/img/alipay.jpg"
+	} else if data.PayWay == "hupi" {
+		if h.App.Config.HuPiPayConfig.Name == "wechat" {
+			logo = "res/img/wechat-pay.jpg"
+		} else {
+			logo = "res/img/alipay.jpg"
+		}
+	}
+
+	file, err := h.fs.Open(logo)
+	if err != nil {
+		resp.ERROR(c, "error with open qrcode log file: "+err.Error())
+		return
+	}
+
+	parse, err := url.Parse(notifyURL)
+	if err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+
+	imageURL := fmt.Sprintf("%s://%s/api/payment/doPay?order_no=%s&pay_way=%s", parse.Scheme, parse.Host, orderNo, data.PayWay)
+	imgData, err := utils.GenQrcode(imageURL, 400, file)
+	if err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+	imgDataBase64 := base64.StdEncoding.EncodeToString(imgData)
+	resp.SUCCESS(c, gin.H{"order_no": orderNo, "image": fmt.Sprintf("data:image/jpg;base64, %s", imgDataBase64), "url": imageURL})
+}
+
+// Mobile 移动端支付
+func (h *PaymentHandler) Mobile(c *gin.Context) {
+	var data struct {
+		PayWay    string `json:"pay_way"` // 支付方式
+		ProductId uint   `json:"product_id"`
+		UserId    int    `json:"user_id"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	var product model.Product
+	res := h.DB.First(&product, data.ProductId)
+	if res.Error != nil {
+		resp.ERROR(c, "Product not found")
+		return
+	}
+
+	orderNo, err := h.snowflake.Next(false)
+	if err != nil {
+		resp.ERROR(c, "error with generate trade no: "+err.Error())
+		return
+	}
+	var user model.User
+	res = h.DB.First(&user, data.UserId)
+	if res.Error != nil {
+		resp.ERROR(c, "Invalid user ID")
+		return
+	}
+
+	amount, _ := decimal.NewFromFloat(product.Price).Sub(decimal.NewFromFloat(product.Discount)).Float64()
+	var payWay string
+	var notifyURL, returnURL string
+	var payURL string
+	switch data.PayWay {
+	case "hupi":
+		payWay = PayWayXunHu
+		notifyURL = h.App.Config.HuPiPayConfig.NotifyURL
+		returnURL = h.App.Config.HuPiPayConfig.ReturnURL
+		params := payment.HuPiPayReq{
+			Version:      "1.1",
+			TradeOrderId: orderNo,
+			TotalFee:     fmt.Sprintf("%f", amount),
+			Title:        product.Name,
+			NotifyURL:    notifyURL,
+			ReturnURL:    returnURL,
+			CallbackURL:  returnURL,
+			WapName:      "极客学长",
+		}
+		r, err := h.huPiPayService.Pay(params)
+		if err != nil {
+			logger.Error("error with generating Pay URL: ", err.Error())
+			resp.ERROR(c, "error with generating Pay URL: "+err.Error())
+			return
+		}
+		payURL = r.URL
+	case "payjs":
+		payWay = PayWayJs
+		notifyURL = h.App.Config.JPayConfig.NotifyURL
+		returnURL = h.App.Config.JPayConfig.ReturnURL
+		totalFee := decimal.NewFromFloat(product.Price).Sub(decimal.NewFromFloat(product.Discount)).Mul(decimal.NewFromInt(100)).IntPart()
+		params := url.Values{}
+		params.Add("total_fee", fmt.Sprintf("%d", totalFee))
+		params.Add("out_trade_no", orderNo)
+		params.Add("body", product.Name)
+		params.Add("notify_url", notifyURL)
+		params.Add("auto", "0")
+		payURL = h.js.PayH5(params)
+	case "alipay":
+		payWay = PayWayAlipay
+		notifyURL = h.App.Config.AlipayConfig.NotifyURL
+		returnURL = h.App.Config.AlipayConfig.ReturnURL
+		payURL, err = h.alipayService.PayUrlMobile(orderNo, notifyURL, returnURL, fmt.Sprintf("%.2f", amount), product.Name)
+		if err != nil {
+			resp.ERROR(c, "error with generating Pay URL: "+err.Error())
+			return
+		}
+	default:
+		resp.ERROR(c, "Unsupported pay way: "+data.PayWay)
+		return
+	}
+	// 创建订单
+	remark := types.OrderRemark{
+		Days:     product.Days,
+		Power:    product.Power,
+		Name:     product.Name,
+		Price:    product.Price,
+		Discount: product.Discount,
+	}
+
+	order := model.Order{
+		UserId:    user.Id,
+		Username:  user.Username,
+		ProductId: product.Id,
+		OrderNo:   orderNo,
+		Subject:   product.Name,
+		Amount:    amount,
+		Status:    types.OrderNotPaid,
+		PayWay:    payWay,
+		Remark:    utils.JsonEncode(remark),
+	}
+	res = h.DB.Create(&order)
+	if res.Error != nil || res.RowsAffected == 0 {
+		resp.ERROR(c, "error with create order: "+res.Error.Error())
+		return
+	}
+
+	resp.SUCCESS(c, payURL)
+}
+
+// 异步通知回调公共逻辑
+func (h *PaymentHandler) notify(orderNo string, tradeNo string) error {
+	var order model.Order
+	res := h.DB.Where("order_no = ?", orderNo).First(&order)
+	if res.Error != nil {
+		err := fmt.Errorf("error with fetch order: %v", res.Error)
+		logger.Error(err)
+		return err
+	}
+
+	h.lock.Lock()
+	defer h.lock.Unlock()
+
+	// 已支付订单，直接返回
+	if order.Status == types.OrderPaidSuccess {
+		return nil
+	}
+
+	var user model.User
+	res = h.DB.First(&user, order.UserId)
+	if res.Error != nil {
+		err := fmt.Errorf("error with fetch user info: %v", res.Error)
+		logger.Error(err)
+		return err
+	}
+
+	var remark types.OrderRemark
+	err := utils.JsonDecode(order.Remark, &remark)
+	if err != nil {
+		err := fmt.Errorf("error with decode order remark: %v", err)
+		logger.Error(err)
+		return err
+	}
+
+	var opt string
+	var power int
+	if remark.Days > 0 { // VIP 充值
+		if user.ExpiredTime >= time.Now().Unix() {
+			user.ExpiredTime = time.Unix(user.ExpiredTime, 0).AddDate(0, 0, remark.Days).Unix()
+			opt = "VIP充值，VIP 没到期，只延期不增加算力"
+		} else {
+			user.ExpiredTime = time.Now().AddDate(0, 0, remark.Days).Unix()
+			user.Power += h.App.SysConfig.VipMonthPower
+			power = h.App.SysConfig.VipMonthPower
+			opt = "VIP充值"
+		}
+		user.Vip = true
+	} else { // 充值点卡，直接增加次数即可
+		user.Power += remark.Power
+		opt = "点卡充值"
+		power = remark.Power
+	}
+
+	// 更新用户信息
+	res = h.DB.Updates(&user)
+	if res.Error != nil {
+		err := fmt.Errorf("error with update user info: %v", res.Error)
+		logger.Error(err)
+		return err
+	}
+
+	// 更新订单状态
+	order.PayTime = time.Now().Unix()
+	order.Status = types.OrderPaidSuccess
+	order.TradeNo = tradeNo
+	res = h.DB.Updates(&order)
+	if res.Error != nil {
+		err := fmt.Errorf("error with update order info: %v", res.Error)
+		logger.Error(err)
+		return err
+	}
+
+	// 更新产品销量
+	h.DB.Model(&model.Product{}).Where("id = ?", order.ProductId).UpdateColumn("sales", gorm.Expr("sales + ?", 1))
+
+	// 记录算力充值日志
+	if opt != "" {
+		h.DB.Create(&model.PowerLog{
+			UserId:    user.Id,
+			Username:  user.Username,
+			Type:      types.PowerRecharge,
+			Amount:    power,
+			Balance:   user.Power,
+			Mark:      types.PowerAdd,
+			Model:     order.PayWay,
+			Remark:    fmt.Sprintf("%s，金额：%f，订单号：%s", opt, order.Amount, order.OrderNo),
+			CreatedAt: time.Now(),
+		})
+	}
+
+	return nil
+}
+
+// GetPayWays 获取支付方式
+func (h *PaymentHandler) GetPayWays(c *gin.Context) {
+	data := gin.H{}
+	if h.App.Config.AlipayConfig.Enabled {
+		data["alipay"] = gin.H{"name": "alipay"}
+	}
+	if h.App.Config.HuPiPayConfig.Enabled {
+		data["hupi"] = gin.H{"name": h.App.Config.HuPiPayConfig.Name}
+	}
+	if h.App.Config.JPayConfig.Enabled {
+		data["payjs"] = gin.H{"name": h.App.Config.JPayConfig.Name}
+	}
+	resp.SUCCESS(c, data)
+}
+
+// HuPiPayNotify 虎皮椒支付异步回调
+func (h *PaymentHandler) HuPiPayNotify(c *gin.Context) {
+	err := c.Request.ParseForm()
+	if err != nil {
+		c.String(http.StatusOK, "fail")
+		return
+	}
+
+	orderNo := c.Request.Form.Get("trade_order_id")
+	tradeNo := c.Request.Form.Get("open_order_id")
+	logger.Infof("收到虎皮椒订单支付回调，订单 NO：%s，交易流水号：%s", orderNo, tradeNo)
+
+	if err = h.huPiPayService.Check(tradeNo); err != nil {
+		logger.Error("订单校验失败：", err)
+		c.String(http.StatusOK, "fail")
+		return
+	}
+	err = h.notify(orderNo, tradeNo)
+	if err != nil {
+		c.String(http.StatusOK, "fail")
+		return
+	}
+
+	c.String(http.StatusOK, "success")
+}
+
+// AlipayNotify 支付宝支付回调
+func (h *PaymentHandler) AlipayNotify(c *gin.Context) {
+	err := c.Request.ParseForm()
+	if err != nil {
+		c.String(http.StatusOK, "fail")
+		return
+	}
+
+	// TODO：验证交易签名
+	res := h.alipayService.TradeVerify(c.Request.Form)
+	logger.Infof("验证支付结果：%+v", res)
+	if !res.Success() {
+		logger.Error("订单校验失败：", res.Message)
+		c.String(http.StatusOK, "fail")
+		return
+	}
+
+	tradeNo := c.Request.Form.Get("trade_no")
+	err = h.notify(res.OutTradeNo, tradeNo)
+	if err != nil {
+		c.String(http.StatusOK, "fail")
+		return
+	}
+
+	c.String(http.StatusOK, "success")
+}
+
+// PayJsNotify PayJs 支付异步回调
+func (h *PaymentHandler) PayJsNotify(c *gin.Context) {
+	err := c.Request.ParseForm()
+	if err != nil {
+		c.String(http.StatusOK, "fail")
+		return
+	}
+
+	orderNo := c.Request.Form.Get("out_trade_no")
+	returnCode := c.Request.Form.Get("return_code")
+	logger.Infof("收到订单支付回调，订单 NO：%s，支付结果代码：%v", orderNo, returnCode)
+	// 支付失败
+	if returnCode != "1" {
+		return
+	}
+
+	// 校验订单支付状态
+	tradeNo := c.Request.Form.Get("payjs_order_id")
+	err = h.js.Check(tradeNo)
+	if err != nil {
+		logger.Error("订单校验失败：", err)
+		c.String(http.StatusOK, "fail")
+		return
+	}
+
+	err = h.notify(orderNo, tradeNo)
+	if err != nil {
+		c.String(http.StatusOK, "fail")
+		return
+	}
+
+	c.String(http.StatusOK, "success")
+}
--- a/api/handler/power_log_handler.go
+++ b/api/handler/power_log_handler.go
@@ -0,0 +1,67 @@
+package handler
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+type PowerLogHandler struct {
+	BaseHandler
+}
+
+func NewPowerLogHandler(app *core.AppServer, db *gorm.DB) *PowerLogHandler {
+	return &PowerLogHandler{BaseHandler: BaseHandler{App: app, DB: db}}
+}
+
+func (h *PowerLogHandler) List(c *gin.Context) {
+	var data struct {
+		Model    string   `json:"model"`
+		Date     []string `json:"date"`
+		Page     int      `json:"page"`
+		PageSize int      `json:"page_size"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	session := h.DB.Session(&gorm.Session{})
+	userId := h.GetLoginUserId(c)
+	session = session.Where("user_id", userId)
+	if data.Model != "" {
+		session = session.Where("model", data.Model)
+	}
+	if len(data.Date) == 2 {
+		start := data.Date[0] + " 00:00:00"
+		end := data.Date[1] + " 00:00:00"
+		session = session.Where("created_at >= ? AND created_at <= ?", start, end)
+	}
+
+	var total int64
+	session.Model(&model.PowerLog{}).Count(&total)
+	var items []model.PowerLog
+	var list = make([]vo.PowerLog, 0)
+	offset := (data.Page - 1) * data.PageSize
+	res := session.Order("id DESC").Offset(offset).Limit(data.PageSize).Find(&items)
+	if res.Error == nil {
+		for _, item := range items {
+			var log vo.PowerLog
+			err := utils.CopyObject(item, &log)
+			if err != nil {
+				continue
+			}
+			log.Id = item.Id
+			log.CreatedAt = item.CreatedAt.Unix()
+			log.TypeStr = item.Type.String()
+			list = append(list, log)
+		}
+	}
+	resp.SUCCESS(c, vo.NewPage(total, data.Page, data.PageSize, list))
+}
--- a/api/handler/product_handler.go
+++ b/api/handler/product_handler.go
@@ -0,0 +1,41 @@
+package handler
+
+import (
+	"chatplus/core"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
+)
+
+type ProductHandler struct {
+	BaseHandler
+}
+
+func NewProductHandler(app *core.AppServer, db *gorm.DB) *ProductHandler {
+	return &ProductHandler{BaseHandler: BaseHandler{App: app, DB: db}}
+}
+
+// List 模型列表
+func (h *ProductHandler) List(c *gin.Context) {
+	var items []model.Product
+	var list = make([]vo.Product, 0)
+	res := h.DB.Where("enabled", true).Order("sort_num ASC").Find(&items)
+	if res.Error == nil {
+		for _, item := range items {
+			var product vo.Product
+			err := utils.CopyObject(item, &product)
+			if err == nil {
+				product.Id = item.Id
+				product.CreatedAt = item.CreatedAt.Unix()
+				product.UpdatedAt = item.UpdatedAt.Unix()
+				list = append(list, product)
+			} else {
+				logger.Error(err)
+			}
+		}
+	}
+	resp.SUCCESS(c, list)
+}
--- a/api/handler/reward_handler.go
+++ b/api/handler/reward_handler.go
@@ -4,65 +4,25 @@ import (
 	"chatplus/core"
 	"chatplus/core/types"
 	"chatplus/store/model"
+	"chatplus/store/vo"
 	"chatplus/utils"
 	"chatplus/utils/resp"
+	"fmt"
 	"github.com/gin-gonic/gin"
 	"gorm.io/gorm"
+	"math"
+	"strings"
+	"sync"
+	"time"
 )

 type RewardHandler struct {
 	BaseHandler
-	db *gorm.DB
+	lock sync.Mutex
 }

-func NewRewardHandler(server *core.AppServer, db *gorm.DB) *RewardHandler {
-	h := RewardHandler{db: db}
-	h.App = server
-	return &h
-}
-
-func (h *RewardHandler) Notify(c *gin.Context) {
-	token := c.GetHeader("Authorization")
-	if token != h.App.Config.ExtConfig.Token {
-		resp.NotAuth(c)
-		return
-	}
-
-	var data struct {
-		TransId string  `json:"trans_id"` // 微信转账交易 ID
-		Amount  float64 `json:"amount"`   // 微信转账交易金额
-		Remark  string  `json:"remark"`   // 转账备注
-	}
-	if err := c.ShouldBindJSON(&data); err != nil {
-		resp.ERROR(c, types.InvalidArgs)
-		return
-	}
-
-	if data.Amount <= 0 {
-		resp.ERROR(c, "Amount should not be 0")
-		return
-	}
-
-	logger.Infof("收到众筹收款信息: %+v", data)
-	var item model.Reward
-	res := h.db.Where("tx_id = ?", data.TransId).First(&item)
-	if res.Error == nil {
-		resp.ERROR(c, "当前交易 ID 己经存在！")
-		return
-	}
-
-	res = h.db.Create(&model.Reward{
-		TxId:   data.TransId,
-		Amount: data.Amount,
-		Remark: data.Remark,
-		Status: false,
-	})
-	if res.Error != nil {
-		logger.Errorf("交易保存失败: %v", res.Error)
-		resp.ERROR(c, "交易保存失败")
-		return
-	}
-	resp.SUCCESS(c)
+func NewRewardHandler(app *core.AppServer, db *gorm.DB) *RewardHandler {
+	return &RewardHandler{BaseHandler: BaseHandler{App: app, DB: db}}
 }

 // Verify 打赏码核销
@@ -75,8 +35,20 @@ func (h *RewardHandler) Verify(c *gin.Context) {
 		return
 	}

+	user, err := h.GetLoginUser(c)
+	if err != nil {
+		resp.HACKER(c)
+		return
+	}
+
+	// 移除转账单号中间的空格，防止有人复制的时候多复制了空格
+	data.TxId = strings.ReplaceAll(data.TxId, " ", "")
+
+	h.lock.Lock()
+	defer h.lock.Unlock()
+
 	var item model.Reward
-	res := h.db.Where("tx_id = ?", data.TxId).First(&item)
+	res := h.DB.Where("tx_id = ?", data.TxId).First(&item)
 	if res.Error != nil {
 		resp.ERROR(c, "无效的众筹交易流水号！")
 		return
@@ -87,16 +59,13 @@ func (h *RewardHandler) Verify(c *gin.Context) {
 		return
 	}

-	user, err := utils.GetLoginUser(c, h.db)
-	if err != nil {
-		resp.HACKER(c)
-		return
-	}
-
-	tx := h.db.Begin()
-	calls := (item.Amount + 0.1) * 10
-	res = h.db.Model(&user).UpdateColumn("calls", gorm.Expr("calls + ?", calls))
+	tx := h.DB.Begin()
+	exchange := vo.RewardExchange{}
+	power := math.Ceil(item.Amount / h.App.SysConfig.PowerPrice)
+	exchange.Power = int(power)
+	res = tx.Model(&user).UpdateColumn("power", gorm.Expr("power + ?", exchange.Power))
 	if res.Error != nil {
+		tx.Rollback()
 		resp.ERROR(c, "更新数据库失败！")
 		return
 	}
@@ -104,13 +73,26 @@ func (h *RewardHandler) Verify(c *gin.Context) {
 	// 更新核销状态
 	item.Status = true
 	item.UserId = user.Id
-	res = h.db.Updates(&item)
+	item.Exchange = utils.JsonEncode(exchange)
+	res = tx.Updates(&item)
 	if res.Error != nil {
 		tx.Rollback()
 		resp.ERROR(c, "更新数据库失败！")
 		return
 	}

+	// 记录算力充值日志
+	h.DB.Create(&model.PowerLog{
+		UserId:    user.Id,
+		Username:  user.Username,
+		Type:      types.PowerReward,
+		Amount:    exchange.Power,
+		Balance:   user.Power + exchange.Power,
+		Mark:      types.PowerAdd,
+		Model:     "众筹支付",
+		Remark:    fmt.Sprintf("众筹充值算力，金额：%f，价格：%f", item.Amount, h.App.SysConfig.PowerPrice),
+		CreatedAt: time.Now(),
+	})
 	tx.Commit()
 	resp.SUCCESS(c)

--- a/api/handler/sd_handler.go
+++ b/api/handler/sd_handler.go
@@ -0,0 +1,325 @@
+package handler
+
+import (
+	"chatplus/core"
+	"chatplus/core/types"
+	"chatplus/service"
+	"chatplus/service/oss"
+	"chatplus/service/sd"
+	"chatplus/store"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
+	"chatplus/utils/resp"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/gorilla/websocket"
+
+	"github.com/gin-gonic/gin"
+	"github.com/go-redis/redis/v8"
+	"gorm.io/gorm"
+)
+
+type SdJobHandler struct {
+	BaseHandler
+	redis     *redis.Client
+	pool      *sd.ServicePool
+	uploader  *oss.UploaderManager
+	snowflake *service.Snowflake
+	leveldb   *store.LevelDB
+}
+
+func NewSdJobHandler(app *core.AppServer, db *gorm.DB, pool *sd.ServicePool, manager *oss.UploaderManager, snowflake *service.Snowflake, levelDB *store.LevelDB) *SdJobHandler {
+	return &SdJobHandler{
+		pool:      pool,
+		uploader:  manager,
+		snowflake: snowflake,
+		leveldb:   levelDB,
+		BaseHandler: BaseHandler{
+			App: app,
+			DB:  db,
+		},
+	}
+}
+
+// Client WebSocket 客户端，用于通知任务状态变更
+func (h *SdJobHandler) Client(c *gin.Context) {
+	ws, err := (&websocket.Upgrader{CheckOrigin: func(r *http.Request) bool { return true }}).Upgrade(c.Writer, c.Request, nil)
+	if err != nil {
+		logger.Error(err)
+		c.Abort()
+		return
+	}
+
+	userId := h.GetInt(c, "user_id", 0)
+	if userId == 0 {
+		logger.Info("Invalid user ID")
+		c.Abort()
+		return
+	}
+
+	client := types.NewWsClient(ws)
+	h.pool.Clients.Put(uint(userId), client)
+	logger.Infof("New websocket connected, IP: %s", c.RemoteIP())
+}
+
+func (h *SdJobHandler) checkLimits(c *gin.Context) bool {
+	user, err := h.GetLoginUser(c)
+	if err != nil {
+		resp.NotAuth(c)
+		return false
+	}
+
+	if !h.pool.HasAvailableService() {
+		resp.ERROR(c, "Stable-Diffusion 池子中没有没有可用的服务！")
+		return false
+	}
+
+	if user.Power < h.App.SysConfig.SdPower {
+		resp.ERROR(c, "当前用户剩余算力不足以完成本次绘画！")
+		return false
+	}
+
+	return true
+
+}
+
+// Image 创建一个绘画任务
+func (h *SdJobHandler) Image(c *gin.Context) {
+	if !h.checkLimits(c) {
+		return
+	}
+
+	var data struct {
+		SessionId string `json:"session_id"`
+		types.SdTaskParams
+	}
+	if err := c.ShouldBindJSON(&data); err != nil || data.Prompt == "" {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	if data.Width <= 0 {
+		data.Width = 512
+	}
+	if data.Height <= 0 {
+		data.Height = 512
+	}
+	if data.CfgScale <= 0 {
+		data.CfgScale = 7
+	}
+	if data.Seed == 0 {
+		data.Seed = -1
+	}
+	if data.Steps <= 0 {
+		data.Steps = 20
+	}
+	if data.Sampler == "" {
+		data.Sampler = "Euler a"
+	}
+	idValue, _ := c.Get(types.LoginUserID)
+	userId := utils.IntValue(utils.InterfaceToString(idValue), 0)
+	taskId, err := h.snowflake.Next(true)
+	if err != nil {
+		resp.ERROR(c, "error with generate task id: "+err.Error())
+		return
+	}
+	params := types.SdTaskParams{
+		TaskId:       taskId,
+		Prompt:       data.Prompt,
+		NegPrompt:    data.NegPrompt,
+		Steps:        data.Steps,
+		Sampler:      data.Sampler,
+		FaceFix:      data.FaceFix,
+		CfgScale:     data.CfgScale,
+		Seed:         data.Seed,
+		Height:       data.Height,
+		Width:        data.Width,
+		HdFix:        data.HdFix,
+		HdRedrawRate: data.HdRedrawRate,
+		HdScale:      data.HdScale,
+		HdScaleAlg:   data.HdScaleAlg,
+		HdSteps:      data.HdSteps,
+	}
+
+	job := model.SdJob{
+		UserId:    userId,
+		Type:      types.TaskImage.String(),
+		TaskId:    params.TaskId,
+		Params:    utils.JsonEncode(params),
+		Prompt:    data.Prompt,
+		Progress:  0,
+		Power:     h.App.SysConfig.SdPower,
+		CreatedAt: time.Now(),
+	}
+	res := h.DB.Create(&job)
+	if res.Error != nil {
+		resp.ERROR(c, "error with save job: "+res.Error.Error())
+		return
+	}
+
+	h.pool.PushTask(types.SdTask{
+		Id:        int(job.Id),
+		SessionId: data.SessionId,
+		Type:      types.TaskImage,
+		Params:    params,
+		UserId:    userId,
+	})
+
+	client := h.pool.Clients.Get(uint(job.UserId))
+	if client != nil {
+		_ = client.Send([]byte("Task Updated"))
+	}
+
+	// update user's power
+	tx := h.DB.Model(&model.User{}).Where("id = ?", job.UserId).UpdateColumn("power", gorm.Expr("power - ?", job.Power))
+	// 记录算力变化日志
+	if tx.Error == nil && tx.RowsAffected > 0 {
+		user, _ := h.GetLoginUser(c)
+		h.DB.Create(&model.PowerLog{
+			UserId:    user.Id,
+			Username:  user.Username,
+			Type:      types.PowerConsume,
+			Amount:    job.Power,
+			Balance:   user.Power - job.Power,
+			Mark:      types.PowerSub,
+			Model:     "stable-diffusion",
+			Remark:    fmt.Sprintf("绘图操作，任务ID：%s", job.TaskId),
+			CreatedAt: time.Now(),
+		})
+	}
+
+	resp.SUCCESS(c)
+}
+
+// ImgWall 照片墙
+func (h *SdJobHandler) ImgWall(c *gin.Context) {
+	page := h.GetInt(c, "page", 0)
+	pageSize := h.GetInt(c, "page_size", 0)
+	err, jobs := h.getData(true, 0, page, pageSize, true)
+	if err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+
+	resp.SUCCESS(c, jobs)
+}
+
+// JobList 获取 SD 任务列表
+func (h *SdJobHandler) JobList(c *gin.Context) {
+	status := h.GetBool(c, "status")
+	userId := h.GetLoginUserId(c)
+	page := h.GetInt(c, "page", 0)
+	pageSize := h.GetInt(c, "page_size", 0)
+	publish := h.GetBool(c, "publish")
+
+	err, jobs := h.getData(status, userId, page, pageSize, publish)
+	if err != nil {
+		resp.ERROR(c, err.Error())
+		return
+	}
+
+	resp.SUCCESS(c, jobs)
+}
+
+// JobList 获取 MJ 任务列表
+func (h *SdJobHandler) getData(finish bool, userId uint, page int, pageSize int, publish bool) (error, []vo.SdJob) {
+
+	session := h.DB.Session(&gorm.Session{})
+	if finish {
+		session = session.Where("progress = ?", 100).Order("id DESC")
+	} else {
+		session = session.Where("progress < ?", 100).Order("id ASC")
+	}
+	if userId > 0 {
+		session = session.Where("user_id = ?", userId)
+	}
+	if publish {
+		session = session.Where("publish", publish)
+	}
+	if page > 0 && pageSize > 0 {
+		offset := (page - 1) * pageSize
+		session = session.Offset(offset).Limit(pageSize)
+	}
+
+	var items []model.SdJob
+	res := session.Find(&items)
+	if res.Error != nil {
+		return res.Error, nil
+	}
+
+	var jobs = make([]vo.SdJob, 0)
+	for _, item := range items {
+		var job vo.SdJob
+		err := utils.CopyObject(item, &job)
+		if err != nil {
+			continue
+		}
+
+		if item.Progress < 100 {
+			// 从 leveldb 中获取图片预览数据
+			imageData, err := h.leveldb.Get(item.TaskId)
+			if err == nil {
+				job.ImgURL = "data:image/png;base64," + string(imageData)
+			}
+		}
+		jobs = append(jobs, job)
+	}
+
+	return nil, jobs
+}
+
+// Remove remove task image
+func (h *SdJobHandler) Remove(c *gin.Context) {
+	var data struct {
+		Id     uint   `json:"id"`
+		UserId uint   `json:"user_id"`
+		ImgURL string `json:"img_url"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	// remove job recode
+	res := h.DB.Delete(&model.SdJob{Id: data.Id})
+	if res.Error != nil {
+		resp.ERROR(c, res.Error.Error())
+		return
+	}
+
+	// remove image
+	err := h.uploader.GetUploadHandler().Delete(data.ImgURL)
+	if err != nil {
+		logger.Error("remove image failed: ", err)
+	}
+
+	client := h.pool.Clients.Get(data.UserId)
+	if client != nil {
+		_ = client.Send([]byte("Task Updated"))
+	}
+
+	resp.SUCCESS(c)
+}
+
+// Publish 发布/取消发布图片到画廊显示
+func (h *SdJobHandler) Publish(c *gin.Context) {
+	var data struct {
+		Id     uint `json:"id"`
+		Action bool `json:"action"` // 发布动作，true => 发布，false => 取消分享
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	res := h.DB.Model(&model.SdJob{Id: data.Id}).UpdateColumn("publish", true)
+	if res.Error != nil {
+		resp.ERROR(c, "更新数据库失败")
+		return
+	}
+
+	resp.SUCCESS(c)
+}
--- a/api/handler/sms_handler.go
+++ b/api/handler/sms_handler.go
@@ -4,33 +4,45 @@ import (
 	"chatplus/core"
 	"chatplus/core/types"
 	"chatplus/service"
-	"chatplus/store"
+	"chatplus/service/sms"
 	"chatplus/utils"
 	"chatplus/utils/resp"
+	"strings"
+
 	"github.com/gin-gonic/gin"
+	"github.com/go-redis/redis/v8"
 )

 const CodeStorePrefix = "/verify/codes/"

 type SmsHandler struct {
 	BaseHandler
-	leveldb *store.LevelDB
-	sms     *service.AliYunSmsService
+	redis   *redis.Client
+	sms     *sms.ServiceManager
+	smtp    *service.SmtpService
 	captcha *service.CaptchaService
 }

-func NewSmsHandler(app *core.AppServer, db *store.LevelDB, sms *service.AliYunSmsService, captcha *service.CaptchaService) *SmsHandler {
-	handler := &SmsHandler{leveldb: db, sms: sms, captcha: captcha}
-	handler.App = app
-	return handler
+func NewSmsHandler(
+	app *core.AppServer,
+	client *redis.Client,
+	sms *sms.ServiceManager,
+	smtp *service.SmtpService,
+	captcha *service.CaptchaService) *SmsHandler {
+	return &SmsHandler{
+		redis:       client,
+		sms:         sms,
+		captcha:     captcha,
+		smtp:        smtp,
+		BaseHandler: BaseHandler{App: app}}
 }

-// SendCode 发送验证码短信
+// SendCode 发送验证码
 func (h *SmsHandler) SendCode(c *gin.Context) {
 	var data struct {
-		Mobile string `json:"mobile"`
-		Key    string `json:"key"`
-		Dots   string `json:"dots"`
+		Receiver string `json:"receiver"` // 接收者
+		Key      string `json:"key"`
+		Dots     string `json:"dots"`
 	}
 	if err := c.ShouldBindJSON(&data); err != nil {
 		resp.ERROR(c, types.InvalidArgs)
@@ -43,14 +55,28 @@ func (h *SmsHandler) SendCode(c *gin.Context) {
 	}

 	code := utils.RandomNumber(6)
-	err := h.sms.SendVerifyCode(data.Mobile, code)
+	var err error
+	if strings.Contains(data.Receiver, "@") { // email
+		if !utils.ContainsStr(h.App.SysConfig.RegisterWays, "email") {
+			resp.ERROR(c, "系统已禁用邮箱注册！")
+			return
+		}
+		err = h.smtp.SendVerifyCode(data.Receiver, code)
+	} else {
+		if !utils.ContainsStr(h.App.SysConfig.RegisterWays, "mobile") {
+			resp.ERROR(c, "系统已禁用手机号注册！")
+			return
+		}
+		err = h.sms.GetService().SendVerifyCode(data.Receiver, code)
+
+	}
 	if err != nil {
 		resp.ERROR(c, err.Error())
 		return
 	}

 	// 存储验证码，等待后面注册验证
-	err = h.leveldb.Put(CodeStorePrefix+data.Mobile, code)
+	_, err = h.redis.Set(c, CodeStorePrefix+data.Receiver, code, 0).Result()
 	if err != nil {
 		resp.ERROR(c, "验证码保存失败")
 		return
@@ -58,13 +84,3 @@ func (h *SmsHandler) SendCode(c *gin.Context) {

 	resp.SUCCESS(c)
 }
-
-type statusVo struct {
-	EnabledMsgService bool `json:"enabled_msg_service"`
-	EnabledRegister   bool `json:"enabled_register"`
-}
-
-// Status check if the message service is enabled
-func (h *SmsHandler) Status(c *gin.Context) {
-	resp.SUCCESS(c, statusVo{EnabledMsgService: h.App.SysConfig.EnabledMsgService, EnabledRegister: h.App.SysConfig.EnabledRegister})
-}
--- a/api/handler/test_handler.go
+++ b/api/handler/test_handler.go
@@ -0,0 +1,17 @@
+package handler
+
+import (
+	"chatplus/service"
+	"chatplus/service/payment"
+	"gorm.io/gorm"
+)
+
+type TestHandler struct {
+	db        *gorm.DB
+	snowflake *service.Snowflake
+	js        *payment.PayJS
+}
+
+func NewTestHandler(db *gorm.DB, snowflake *service.Snowflake, js *payment.PayJS) *TestHandler {
+	return &TestHandler{db: db, snowflake: snowflake, js: js}
+}
--- a/api/handler/upload_handler.go
+++ b/api/handler/upload_handler.go
@@ -2,66 +2,93 @@ package handler

 import (
 	"chatplus/core"
+	"chatplus/service/oss"
+	"chatplus/store/model"
+	"chatplus/store/vo"
+	"chatplus/utils"
 	"chatplus/utils/resp"
-	"fmt"
 	"github.com/gin-gonic/gin"
 	"gorm.io/gorm"
-	"os"
-	"path/filepath"
 	"time"
 )

 type UploadHandler struct {
 	BaseHandler
-	db *gorm.DB
+	uploaderManager *oss.UploaderManager
 }

-func NewUploadHandler(app *core.AppServer, db *gorm.DB) *UploadHandler {
-	handler := &UploadHandler{db: db}
-	handler.App = app
-	return handler
+func NewUploadHandler(app *core.AppServer, db *gorm.DB, manager *oss.UploaderManager) *UploadHandler {
+	return &UploadHandler{BaseHandler: BaseHandler{App: app, DB: db}, uploaderManager: manager}
 }

 func (h *UploadHandler) Upload(c *gin.Context) {
-	file, err := c.FormFile("file")
+	file, err := h.uploaderManager.GetUploadHandler().PutFile(c, "file")
 	if err != nil {
-		resp.ERROR(c, fmt.Sprintf("文件上传失败: %s", err.Error()))
+		resp.ERROR(c, err.Error())
 		return
 	}

-	filePath, err := h.genFilePath(file.Filename)
-	if err != nil {
-		resp.ERROR(c, fmt.Sprintf("文件上传失败: %s", err.Error()))
-		return
-	}
-	// 将文件保存到指定路径
-	err = c.SaveUploadedFile(file, filePath)
-	if err != nil {
-		resp.ERROR(c, fmt.Sprintf("文件保存失败: %s", err.Error()))
+	userId := h.GetLoginUserId(c)
+	res := h.DB.Create(&model.File{
+		UserId:    int(userId),
+		Name:      file.Name,
+		ObjKey:    file.ObjKey,
+		URL:       file.URL,
+		Ext:       file.Ext,
+		Size:      file.Size,
+		CreatedAt: time.Time{},
+	})
+	if res.Error != nil || res.RowsAffected == 0 {
+		resp.ERROR(c, "error with update database: "+res.Error.Error())
 		return
 	}

-	resp.SUCCESS(c, h.genFileUrl(filePath))
+	resp.SUCCESS(c, file)
 }

-// 生成上传文件路径
-func (h *UploadHandler) genFilePath(filename string) (string, error) {
-	now := time.Now()
-	dir := fmt.Sprintf("%s/upload/%d/%d", h.App.Config.StaticDir, now.Year(), now.Month())
-	_, err := os.Stat(dir)
-	if err != nil {
-		err = os.MkdirAll(dir, 0755)
-		if err != nil {
-			return "", fmt.Errorf("创建上传目录失败：%s", err)
+func (h *UploadHandler) List(c *gin.Context) {
+	userId := h.GetLoginUserId(c)
+	var items []model.File
+	var files = make([]vo.File, 0)
+	h.DB.Where("user_id = ?", userId).Find(&items)
+	if len(items) > 0 {
+		for _, v := range items {
+			var file vo.File
+			err := utils.CopyObject(v, &file)
+			if err != nil {
+				logger.Error(err)
+				continue
+			}
+			file.CreatedAt = v.CreatedAt.Unix()
+			files = append(files, file)
 		}
 	}
-	fileExt := filepath.Ext(filename)
-	return fmt.Sprintf("%s/%d%s", dir, now.UnixMilli(), fileExt), nil
+
+	resp.SUCCESS(c, files)
 }

-// 生成上传文件 URL
-func (h *UploadHandler) genFileUrl(filePath string) string {
-	now := time.Now()
-	filename := filepath.Base(filePath)
-	return fmt.Sprintf("%s/upload/%d/%d/%s", h.App.Config.StaticUrl, now.Year(), now.Month(), filename)
+// Remove remove files
+func (h *UploadHandler) Remove(c *gin.Context) {
+	userId := h.GetLoginUserId(c)
+	id := h.GetInt(c, "id", 0)
+	var file model.File
+	tx := h.DB.Where("user_id = ? AND id = ?", userId, id).First(&file)
+	if tx.Error != nil || file.Id == 0 {
+		resp.ERROR(c, "file not existed")
+		return
+	}
+
+	// remove database
+	tx = h.DB.Model(&model.File{}).Delete("id = ?", id)
+	if tx.Error != nil || tx.RowsAffected == 0 {
+		resp.ERROR(c, "failed to update database")
+		return
+	}
+	// remove files
+	objectKey := file.ObjKey
+	if objectKey == "" {
+		objectKey = file.URL
+	}
+	_ = h.uploaderManager.GetUploadHandler().Delete(objectKey)
+	resp.SUCCESS(c)
 }
--- a/api/handler/user_handler.go
+++ b/api/handler/user_handler.go
@@ -3,7 +3,6 @@ package handler
 import (
 	"chatplus/core"
 	"chatplus/core/types"
-	"chatplus/store"
 	"chatplus/store/model"
 	"chatplus/store/vo"
 	"chatplus/utils"
@@ -12,7 +11,9 @@ import (
 	"strings"
 	"time"

-	"github.com/gin-contrib/sessions"
+	"github.com/go-redis/redis/v8"
+	"github.com/golang-jwt/jwt/v5"
+
 	"github.com/gin-gonic/gin"
 	"github.com/lionsoul2014/ip2region/binding/golang/xdb"
 	"gorm.io/gorm"
@@ -20,122 +21,152 @@ import (

 type UserHandler struct {
 	BaseHandler
-	db       *gorm.DB
 	searcher *xdb.Searcher
-	leveldb  *store.LevelDB
+	redis    *redis.Client
 }

-func NewUserHandler(app *core.AppServer, db *gorm.DB, searcher *xdb.Searcher, levelDB *store.LevelDB) *UserHandler {
-	handler := &UserHandler{db: db, searcher: searcher, leveldb: levelDB}
-	handler.App = app
-	return handler
+func NewUserHandler(
+	app *core.AppServer,
+	db *gorm.DB,
+	searcher *xdb.Searcher,
+	client *redis.Client) *UserHandler {
+	return &UserHandler{BaseHandler: BaseHandler{DB: db, App: app}, searcher: searcher, redis: client}
 }

 // Register user register
 func (h *UserHandler) Register(c *gin.Context) {
 	// parameters process
 	var data struct {
-		Username string `json:"username"`
-		Password string `json:"password"`
-		Mobile   string `json:"mobile"`
-		Code     int    `json:"code"`
+		RegWay     string `json:"reg_way"`
+		Username   string `json:"username"`
+		Password   string `json:"password"`
+		Code       string `json:"code"`
+		InviteCode string `json:"invite_code"`
 	}
 	if err := c.ShouldBindJSON(&data); err != nil {
 		resp.ERROR(c, types.InvalidArgs)
 		return
 	}
-	data.Username = strings.TrimSpace(data.Username)
 	data.Password = strings.TrimSpace(data.Password)
-
-	if len(data.Username) < 5 {
-		resp.ERROR(c, "用户名长度不能少于5个字符")
-		return
-	}
 	if len(data.Password) < 8 {
 		resp.ERROR(c, "密码长度不能少于8个字符")
 		return
 	}

 	// 检查验证码
-	key := CodeStorePrefix + data.Mobile
-	if h.App.SysConfig.EnabledMsgService {
-		var code int
-		err := h.leveldb.Get(key, &code)
+	var key string
+	if data.RegWay == "email" || data.RegWay == "mobile" || data.Code != "" {
+		key = CodeStorePrefix + data.Username
+		code, err := h.redis.Get(c, key).Result()
 		if err != nil || code != data.Code {
-			logger.Info(code)
-			resp.ERROR(c, "短信验证码错误")
+			resp.ERROR(c, "验证码错误")
+			return
+		}
+	}
+
+	// 验证邀请码
+	inviteCode := model.InviteCode{}
+	if data.InviteCode != "" {
+		res := h.DB.Where("code = ?", data.InviteCode).First(&inviteCode)
+		if res.Error != nil {
+			resp.ERROR(c, "无效的邀请码")
 			return
 		}
 	}

 	// check if the username is exists
 	var item model.User
-	res := h.db.Where("username = ?", data.Username).First(&item)
-	if res.RowsAffected > 0 {
-		resp.ERROR(c, "用户名已存在")
+	res := h.DB.Where("username = ?", data.Username).First(&item)
+	if item.Id > 0 {
+		resp.ERROR(c, "该用户名已经被注册")
 		return
 	}

-	res = h.db.Where("mobile = ?", data.Mobile).First(&item)
-	if res.RowsAffected > 0 {
-		resp.ERROR(c, "该手机号码以及被注册，请更换其他手机号")
-		return
-	}
-
-	// 默认订阅所有角色
-	var chatRoles []model.ChatRole
-	h.db.Find(&chatRoles)
-	var roleKeys = make([]string, 0)
-	for _, r := range chatRoles {
-		roleKeys = append(roleKeys, r.Key)
-	}
-
 	salt := utils.RandString(8)
 	user := model.User{
-		Username:  data.Username,
-		Password:  utils.GenPassword(data.Password, salt),
-		Nickname:  fmt.Sprintf("极客学长@%d", utils.RandomNumber(5)),
-		Avatar:    "/images/avatar/user.png",
-		Salt:      salt,
-		Status:    true,
-		Mobile:    data.Mobile,
-		ChatRoles: utils.JsonEncode(roleKeys),
-		ChatConfig: utils.JsonEncode(types.ChatConfig{
-			Temperature:   h.App.ChatConfig.Temperature,
-			MaxTokens:     h.App.ChatConfig.MaxTokens,
-			EnableContext: h.App.ChatConfig.EnableContext,
-			EnableHistory: true,
-			Model:         h.App.ChatConfig.Model,
-			ApiKey:        "",
-		}),
-		Calls:    h.App.SysConfig.UserInitCalls,
-		ImgCalls: h.App.SysConfig.InitImgCalls,
+		Username:   data.Username,
+		Password:   utils.GenPassword(data.Password, salt),
+		Nickname:   fmt.Sprintf("极客学长@%d", utils.RandomNumber(6)),
+		Avatar:     "/images/avatar/user.png",
+		Salt:       salt,
+		Status:     true,
+		ChatRoles:  utils.JsonEncode([]string{"gpt"}),               // 默认只订阅通用助手角色
+		ChatModels: utils.JsonEncode(h.App.SysConfig.DefaultModels), // 默认开通的模型
+		Power:      h.App.SysConfig.InitPower,
 	}
-	res = h.db.Create(&user)
+
+	res = h.DB.Create(&user)
 	if res.Error != nil {
 		resp.ERROR(c, "保存数据失败")
 		logger.Error(res.Error)
 		return
 	}

-	if h.App.SysConfig.EnabledMsgService {
-		_ = h.leveldb.Delete(key) // 注册成功，删除短信验证码
+	// 记录邀请关系
+	if data.InviteCode != "" {
+		// 增加邀请数量
+		h.DB.Model(&model.InviteCode{}).Where("code = ?", data.InviteCode).UpdateColumn("reg_num", gorm.Expr("reg_num + ?", 1))
+		if h.App.SysConfig.InvitePower > 0 {
+			h.DB.Model(&model.User{}).Where("id = ?", inviteCode.UserId).UpdateColumn("power", gorm.Expr("power + ?", h.App.SysConfig.InvitePower))
+			// 记录邀请算力充值日志
+			var inviter model.User
+			h.DB.Where("id", inviteCode.UserId).First(&inviter)
+			h.DB.Create(&model.PowerLog{
+				UserId:    inviter.Id,
+				Username:  inviter.Username,
+				Type:      types.PowerInvite,
+				Amount:    h.App.SysConfig.InvitePower,
+				Balance:   inviter.Power,
+				Mark:      types.PowerAdd,
+				Model:     "",
+				Remark:    fmt.Sprintf("邀请用户注册奖励，金额：%d，邀请码：%s，新用户：%s", h.App.SysConfig.InvitePower, inviteCode.Code, user.Username),
+				CreatedAt: time.Now(),
+			})
+		}
+
+		// 添加邀请记录
+		h.DB.Create(&model.InviteLog{
+			InviterId:  inviteCode.UserId,
+			UserId:     user.Id,
+			Username:   user.Username,
+			InviteCode: inviteCode.Code,
+			Remark:     fmt.Sprintf("奖励 %d 算力", h.App.SysConfig.InvitePower),
+		})
 	}
-	resp.SUCCESS(c, user)
+
+	_ = h.redis.Del(c, key) // 注册成功，删除短信验证码
+
+	// 自动登录创建 token
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"user_id": user.Id,
+		"expired": time.Now().Add(time.Second * time.Duration(h.App.Config.Session.MaxAge)).Unix(),
+	})
+	tokenString, err := token.SignedString([]byte(h.App.Config.Session.SecretKey))
+	if err != nil {
+		resp.ERROR(c, "Failed to generate token, "+err.Error())
+		return
+	}
+	// 保存到 redis
+	key = fmt.Sprintf("users/%d", user.Id)
+	if _, err := h.redis.Set(c, key, tokenString, 0).Result(); err != nil {
+		resp.ERROR(c, "error with save token: "+err.Error())
+		return
+	}
+	resp.SUCCESS(c, tokenString)
 }

 // Login 用户登录
 func (h *UserHandler) Login(c *gin.Context) {
 	var data struct {
-		Username string
-		Password string
+		Username string `json:"username"`
+		Password string `json:"password"`
 	}
 	if err := c.ShouldBindJSON(&data); err != nil {
 		resp.ERROR(c, types.InvalidArgs)
 		return
 	}
 	var user model.User
-	res := h.db.Where("username = ? OR mobile = ?", data.Username, data.Username).First(&user)
+	res := h.DB.Where("username = ?", data.Username).First(&user)
 	if res.Error != nil {
 		resp.ERROR(c, "用户名不存在")
 		return
@@ -155,37 +186,40 @@ func (h *UserHandler) Login(c *gin.Context) {
 	// 更新最后登录时间和IP
 	user.LastLoginIp = c.ClientIP()
 	user.LastLoginAt = time.Now().Unix()
-	h.db.Model(&user).Updates(user)
+	h.DB.Model(&user).Updates(user)

-	sessionId := utils.RandString(42)
-	err := utils.SetLoginUser(c, user)
-	if err != nil {
-		resp.ERROR(c, "保存会话失败")
-		logger.Error("Error for save session: ", err)
-		return
-	}
-
-	// 记录登录信息在服务端
-	h.App.ChatSession.Put(sessionId, types.ChatSession{ClientIP: c.ClientIP(), UserId: user.Id, Username: data.Username, SessionId: sessionId})
-
-	h.db.Create(&model.UserLoginLog{
+	h.DB.Create(&model.UserLoginLog{
 		UserId:       user.Id,
 		Username:     user.Username,
 		LoginIp:      c.ClientIP(),
 		LoginAddress: utils.Ip2Region(h.searcher, c.ClientIP()),
 	})

-	resp.SUCCESS(c, sessionId)
+	// 创建 token
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"user_id": user.Id,
+		"expired": time.Now().Add(time.Second * time.Duration(h.App.Config.Session.MaxAge)).Unix(),
+	})
+	tokenString, err := token.SignedString([]byte(h.App.Config.Session.SecretKey))
+	if err != nil {
+		resp.ERROR(c, "Failed to generate token, "+err.Error())
+		return
+	}
+	// 保存到 redis
+	key := fmt.Sprintf("users/%d", user.Id)
+	if _, err := h.redis.Set(c, key, tokenString, 0).Result(); err != nil {
+		resp.ERROR(c, "error with save token: "+err.Error())
+		return
+	}
+	resp.SUCCESS(c, tokenString)
 }

 // Logout 注 销
 func (h *UserHandler) Logout(c *gin.Context) {
-	sessionId := c.GetHeader(types.SessionName)
-	session := sessions.Default(c)
-	session.Delete(types.SessionUser)
-	err := session.Save()
-	if err != nil {
-		logger.Error("Error for save session: ", err)
+	sessionId := c.GetHeader(types.ChatTokenHeader)
+	key := h.GetUserKey(c)
+	if _, err := h.redis.Del(c, key).Result(); err != nil {
+		logger.Error("error with delete session: ", err)
 	}
 	// 删除 websocket 会话列表
 	h.App.ChatSession.Delete(sessionId)
@@ -199,7 +233,7 @@ func (h *UserHandler) Logout(c *gin.Context) {

 // Session 获取/验证会话
 func (h *UserHandler) Session(c *gin.Context) {
-	user, err := utils.GetLoginUser(c, h.db)
+	user, err := h.GetLoginUser(c)
 	if err == nil {
 		var userVo vo.User
 		err := utils.CopyObject(user, &userVo)
@@ -215,24 +249,23 @@ func (h *UserHandler) Session(c *gin.Context) {
 }

 type userProfile struct {
-	Id         uint             `json:"id"`
-	Username   string           `json:"username"`
-	Nickname   string           `json:"nickname"`
-	Mobile     string           `json:"mobile"`
-	Avatar     string           `json:"avatar"`
-	ChatConfig types.ChatConfig `json:"chat_config"`
-	Calls      int              `json:"calls"`
-	Tokens     int64            `json:"tokens"`
+	Id          uint   `json:"id"`
+	Nickname    string `json:"nickname"`
+	Username    string `json:"username"`
+	Avatar      string `json:"avatar"`
+	Power       int    `json:"power"`
+	ExpiredTime int64  `json:"expired_time"`
+	Vip         bool   `json:"vip"`
 }

 func (h *UserHandler) Profile(c *gin.Context) {
-	user, err := utils.GetLoginUser(c, h.db)
+	user, err := h.GetLoginUser(c)
 	if err != nil {
 		resp.NotAuth(c)
 		return
 	}

-	h.db.First(&user, user.Id)
+	h.DB.First(&user, user.Id)
 	var profile userProfile
 	err = utils.CopyObject(user, &profile)
 	if err != nil {
@@ -252,40 +285,25 @@ func (h *UserHandler) ProfileUpdate(c *gin.Context) {
 		return
 	}

-	user, err := utils.GetLoginUser(c, h.db)
+	user, err := h.GetLoginUser(c)
 	if err != nil {
 		resp.NotAuth(c)
 		return
 	}
-	h.db.First(&user, user.Id)
-	user.Nickname = data.Nickname
+	h.DB.First(&user, user.Id)
 	user.Avatar = data.Avatar
-
-	var chatConfig types.ChatConfig
-	err = utils.JsonDecode(user.ChatConfig, &chatConfig)
-	if err != nil {
-		resp.ERROR(c, "用户配置解析失败")
-		return
-	}
-
-	chatConfig.EnableHistory = data.ChatConfig.EnableHistory
-	chatConfig.EnableContext = data.ChatConfig.EnableContext
-	chatConfig.Model = data.ChatConfig.Model
-	chatConfig.MaxTokens = data.ChatConfig.MaxTokens
-	chatConfig.ApiKey = data.ChatConfig.ApiKey
-	chatConfig.Temperature = data.ChatConfig.Temperature
-
-	user.ChatConfig = utils.JsonEncode(chatConfig)
-	res := h.db.Updates(&user)
+	user.Nickname = data.Nickname
+	res := h.DB.Updates(&user)
 	if res.Error != nil {
 		resp.ERROR(c, "更新用户信息失败")
 		return
 	}
+
 	resp.SUCCESS(c)
 }

-// Password 更新密码
-func (h *UserHandler) Password(c *gin.Context) {
+// UpdatePass 更新密码
+func (h *UserHandler) UpdatePass(c *gin.Context) {
 	var data struct {
 		OldPass  string `json:"old_pass"`
 		Password string `json:"password"`
@@ -300,21 +318,21 @@ func (h *UserHandler) Password(c *gin.Context) {
 		return
 	}

-	user, err := utils.GetLoginUser(c, h.db)
+	user, err := h.GetLoginUser(c)
 	if err != nil {
 		resp.NotAuth(c)
 		return
 	}

 	password := utils.GenPassword(data.OldPass, user.Salt)
-	logger.Info(user.Salt, ",", user.Password, ",", password, ",", data.OldPass)
+	logger.Debugf(user.Salt, ",", user.Password, ",", password, ",", data.OldPass)
 	if password != user.Password {
 		resp.ERROR(c, "原密码错误")
 		return
 	}

 	newPass := utils.GenPassword(data.Password, user.Salt)
-	res := h.db.Model(&user).UpdateColumn("password", newPass)
+	res := h.DB.Model(&user).UpdateColumn("password", newPass)
 	if res.Error != nil {
 		logger.Error("更新数据库失败: ", res.Error)
 		resp.ERROR(c, "更新数据库失败")
@@ -324,46 +342,83 @@ func (h *UserHandler) Password(c *gin.Context) {
 	resp.SUCCESS(c)
 }

-// BindMobile 绑定手机号
-func (h *UserHandler) BindMobile(c *gin.Context) {
+// ResetPass 重置密码
+func (h *UserHandler) ResetPass(c *gin.Context) {
 	var data struct {
-		Mobile string `json:"mobile"`
-		Code   int    `json:"code"`
+		Username string `json:"username"`
+		Code     string `json:"code"`     // 验证码
+		Password string `json:"password"` // 新密码
 	}
 	if err := c.ShouldBindJSON(&data); err != nil {
 		resp.ERROR(c, types.InvalidArgs)
 		return
 	}

-	// 检查手机号是否被其他账号绑定
-	var item model.User
-	res := h.db.Where("mobile = ?", data.Mobile).First(&item)
-	if res.Error == nil {
-		resp.ERROR(c, "该手机号已经被其他账号绑定")
+	var user model.User
+	res := h.DB.Where("username", data.Username).First(&user)
+	if res.Error != nil {
+		resp.ERROR(c, "用户不存在！")
 		return
 	}

 	// 检查验证码
-	key := CodeStorePrefix + data.Mobile
-	var code int
-	err := h.leveldb.Get(key, &code)
+	key := CodeStorePrefix + data.Username
+	code, err := h.redis.Get(c, key).Result()
 	if err != nil || code != data.Code {
 		resp.ERROR(c, "短信验证码错误")
 		return
 	}

-	user, err := utils.GetLoginUser(c, h.db)
+	password := utils.GenPassword(data.Password, user.Salt)
+	user.Password = password
+	res = h.DB.Updates(&user)
+	if res.Error != nil {
+		resp.ERROR(c)
+	} else {
+		h.redis.Del(c, key)
+		resp.SUCCESS(c)
+	}
+}
+
+// BindUsername 重置账号
+func (h *UserHandler) BindUsername(c *gin.Context) {
+	var data struct {
+		Username string `json:"username"`
+		Code     string `json:"code"`
+	}
+	if err := c.ShouldBindJSON(&data); err != nil {
+		resp.ERROR(c, types.InvalidArgs)
+		return
+	}
+
+	// 检查验证码
+	key := CodeStorePrefix + data.Username
+	code, err := h.redis.Get(c, key).Result()
+	if err != nil || code != data.Code {
+		resp.ERROR(c, "验证码错误")
+		return
+	}
+
+	// 检查手机号是否被其他账号绑定
+	var item model.User
+	res := h.DB.Where("username = ?", data.Username).First(&item)
+	if res.Error == nil {
+		resp.ERROR(c, "该账号已经被其他账号绑定")
+		return
+	}
+
+	user, err := h.GetLoginUser(c)
 	if err != nil {
 		resp.NotAuth(c)
 		return
 	}

-	res = h.db.Model(&user).UpdateColumn("mobile", data.Mobile)
+	res = h.DB.Model(&user).UpdateColumn("username", data.Username)
 	if res.Error != nil {
 		resp.ERROR(c, "更新数据库失败")
 		return
 	}

-	_ = h.leveldb.Delete(key) // 删除短信验证码
+	_ = h.redis.Del(c, key) // 删除短信验证码
 	resp.SUCCESS(c)
 }
--- a/api/main.go
+++ b/api/main.go
@@ -5,9 +5,15 @@ import (
 	"chatplus/core/types"
 	"chatplus/handler"
 	"chatplus/handler/admin"
+	"chatplus/handler/chatimpl"
 	logger2 "chatplus/logger"
 	"chatplus/service"
-	"chatplus/service/function"
+	"chatplus/service/mj"
+	"chatplus/service/oss"
+	"chatplus/service/payment"
+	"chatplus/service/sd"
+	"chatplus/service/sms"
+	"chatplus/service/wx"
 	"chatplus/store"
 	"context"
 	"embed"
@@ -19,6 +25,8 @@ import (
 	"syscall"
 	"time"

+	"github.com/go-redis/redis/v8"
+
 	"github.com/lionsoul2014/ip2region/binding/golang/xdb"
 	"go.uber.org/fx"
 	"gorm.io/gorm"
@@ -26,7 +34,7 @@ import (

 var logger = logger2.GetLogger()

-//go:embed res/ip2region.xdb
+//go:embed res
 var xdbFS embed.FS

 // AppLifecycle 应用程序生命周期
@@ -45,24 +53,24 @@ func (l *AppLifecycle) OnStop(context.Context) error {
 	return nil
 }

+func NewAppLifeCycle() *AppLifecycle {
+	return &AppLifecycle{}
+}
+
 func main() {
 	configFile := os.Getenv("CONFIG_FILE")
 	if configFile == "" {
 		configFile = "config.toml"
 	}
-	var debug bool
-	debugEnv := os.Getenv("DEBUG")
-	if debugEnv == "" {
-		debug = true
-	} else {
-		debug, _ = strconv.ParseBool(os.Getenv("DEBUG"))
-	}
+	debug, _ := strconv.ParseBool(os.Getenv("APP_DEBUG"))
 	logger.Info("Loading config file: ", configFile)
-	defer func() {
-		if err := recover(); err != nil {
-			logger.Error("Panic Error:", err)
-		}
-	}()
+	if !debug {
+		defer func() {
+			if err := recover(); err != nil {
+				logger.Error("Panic Error:", err)
+			}
+		}()
+	}

 	app := fx.New(
 		// 初始化配置应用配置
@@ -80,15 +88,20 @@ func main() {
 		// 创建应用服务
 		fx.Provide(core.NewServer),
 		// 初始化
-		fx.Invoke(func(s *core.AppServer) {
-			s.Init(debug)
+		fx.Invoke(func(s *core.AppServer, client *redis.Client) {
+			s.Init(debug, client)
 		}),

 		// 初始化数据库
 		fx.Provide(store.NewGormConfig),
 		fx.Provide(store.NewMysql),
+		fx.Provide(store.NewRedisClient),
 		fx.Provide(store.NewLevelDB),

+		fx.Provide(func() embed.FS {
+			return xdbFS
+		}),
+
 		// 创建 Ip2Region 查询对象
 		fx.Provide(func() (*xdb.Searcher, error) {
 			file, err := xdbFS.Open("res/ip2region.xdb")
@@ -103,18 +116,22 @@ func main() {
 			return xdb.NewWithBuffer(cBuff)
 		}),

-		// 创建函数
-		fx.Provide(function.NewFunctions),
-
 		// 创建控制器
 		fx.Provide(handler.NewChatRoleHandler),
 		fx.Provide(handler.NewUserHandler),
-		fx.Provide(handler.NewChatHandler),
+		fx.Provide(chatimpl.NewChatHandler),
 		fx.Provide(handler.NewUploadHandler),
 		fx.Provide(handler.NewSmsHandler),
 		fx.Provide(handler.NewRewardHandler),
 		fx.Provide(handler.NewCaptchaHandler),
 		fx.Provide(handler.NewMidJourneyHandler),
+		fx.Provide(handler.NewChatModelHandler),
+		fx.Provide(handler.NewSdJobHandler),
+		fx.Provide(handler.NewPaymentHandler),
+		fx.Provide(handler.NewOrderHandler),
+		fx.Provide(handler.NewProductHandler),
+		fx.Provide(handler.NewConfigHandler),
+		fx.Provide(handler.NewPowerLogHandler),

 		fx.Provide(admin.NewConfigHandler),
 		fx.Provide(admin.NewAdminHandler),
@@ -123,17 +140,71 @@ func main() {
 		fx.Provide(admin.NewChatRoleHandler),
 		fx.Provide(admin.NewRewardHandler),
 		fx.Provide(admin.NewDashboardHandler),
+		fx.Provide(admin.NewChatModelHandler),
+		fx.Provide(admin.NewProductHandler),
+		fx.Provide(admin.NewOrderHandler),
+		fx.Provide(admin.NewChatHandler),
+		fx.Provide(admin.NewPowerLogHandler),

 		// 创建服务
-		fx.Provide(service.NewAliYunSmsService),
+		fx.Provide(sms.NewSendServiceManager),
 		fx.Provide(func(config *types.AppConfig) *service.CaptchaService {
 			return service.NewCaptchaService(config.ApiConfig)
 		}),
+		fx.Provide(oss.NewUploaderManager),
+		fx.Provide(mj.NewService),
+
+		// 邮件服务
+		fx.Provide(service.NewSmtpService),
+
+		// 微信机器人服务
+		fx.Provide(wx.NewWeChatBot),
+		fx.Invoke(func(config *types.AppConfig, bot *wx.Bot) {
+			if config.WeChatBot {
+				err := bot.Run()
+				if err != nil {
+					logger.Error("微信登录失败：", err)
+				}
+			}
+		}),
+
+		// MidJourney service pool
+		fx.Provide(mj.NewServicePool),
+		fx.Invoke(func(pool *mj.ServicePool) {
+			if pool.HasAvailableService() {
+				pool.DownloadImages()
+				pool.CheckTaskNotify()
+				pool.SyncTaskProgress()
+			}
+		}),
+
+		// Stable Diffusion 机器人
+		fx.Provide(sd.NewServicePool),
+		fx.Invoke(func(pool *sd.ServicePool) {
+			if pool.HasAvailableService() {
+				pool.CheckTaskNotify()
+				pool.CheckTaskStatus()
+			}
+		}),
+
+		fx.Provide(payment.NewAlipayService),
+		fx.Provide(payment.NewHuPiPay),
+		fx.Provide(payment.NewPayJS),
+		fx.Provide(service.NewSnowflake),
+		fx.Provide(service.NewXXLJobExecutor),
+		fx.Invoke(func(exec *service.XXLJobExecutor, config *types.AppConfig) {
+			if config.XXLConfig.Enabled {
+				go func() {
+					log.Fatal(exec.Run())
+				}()
+			}
+		}),

 		// 注册路由
 		fx.Invoke(func(s *core.AppServer, h *handler.ChatRoleHandler) {
 			group := s.Engine.Group("/api/role/")
 			group.GET("list", h.List)
+			group.POST("update", h.UpdateRole)
 		}),
 		fx.Invoke(func(s *core.AppServer, h *handler.UserHandler) {
 			group := s.Engine.Group("/api/user/")
@@ -143,10 +214,11 @@ func main() {
 			group.GET("session", h.Session)
 			group.GET("profile", h.Profile)
 			group.POST("profile/update", h.ProfileUpdate)
-			group.POST("password", h.Password)
-			group.POST("bind/mobile", h.BindMobile)
+			group.POST("password", h.UpdatePass)
+			group.POST("bind/username", h.BindUsername)
+			group.POST("resetPass", h.ResetPass)
 		}),
-		fx.Invoke(func(s *core.AppServer, h *handler.ChatHandler) {
+		fx.Invoke(func(s *core.AppServer, h *chatimpl.ChatHandler) {
 			group := s.Engine.Group("/api/chat/")
 			group.Any("new", h.ChatHandle)
 			group.GET("list", h.List)
@@ -155,31 +227,52 @@ func main() {
 			group.GET("remove", h.Remove)
 			group.GET("history", h.History)
 			group.GET("clear", h.Clear)
-			group.GET("tokens", h.Tokens)
+			group.POST("tokens", h.Tokens)
 			group.GET("stop", h.StopGenerate)
 		}),
 		fx.Invoke(func(s *core.AppServer, h *handler.UploadHandler) {
 			s.Engine.POST("/api/upload", h.Upload)
+			s.Engine.GET("/api/upload/list", h.List)
+			s.Engine.GET("/api/upload/remove", h.Remove)
 		}),
 		fx.Invoke(func(s *core.AppServer, h *handler.SmsHandler) {
 			group := s.Engine.Group("/api/sms/")
-			group.GET("status", h.Status)
 			group.POST("code", h.SendCode)
 		}),
 		fx.Invoke(func(s *core.AppServer, h *handler.CaptchaHandler) {
 			group := s.Engine.Group("/api/captcha/")
 			group.GET("get", h.Get)
 			group.POST("check", h.Check)
+			group.GET("slide/get", h.SlideGet)
+			group.POST("slide/check", h.SlideCheck)
 		}),
 		fx.Invoke(func(s *core.AppServer, h *handler.RewardHandler) {
 			group := s.Engine.Group("/api/reward/")
-			group.POST("notify", h.Notify)
 			group.POST("verify", h.Verify)
 		}),
 		fx.Invoke(func(s *core.AppServer, h *handler.MidJourneyHandler) {
-			s.Engine.POST("/api/mj/notify", h.Notify)
-			s.Engine.POST("/api/mj/upscale", h.Upscale)
-			s.Engine.POST("/api/mj/variation", h.Variation)
+			group := s.Engine.Group("/api/mj/")
+			group.Any("client", h.Client)
+			group.POST("image", h.Image)
+			group.POST("upscale", h.Upscale)
+			group.POST("variation", h.Variation)
+			group.GET("jobs", h.JobList)
+			group.GET("imgWall", h.ImgWall)
+			group.POST("remove", h.Remove)
+			group.POST("publish", h.Publish)
+		}),
+		fx.Invoke(func(s *core.AppServer, h *handler.SdJobHandler) {
+			group := s.Engine.Group("/api/sd")
+			group.Any("client", h.Client)
+			group.POST("image", h.Image)
+			group.GET("jobs", h.JobList)
+			group.GET("imgWall", h.ImgWall)
+			group.POST("remove", h.Remove)
+			group.POST("publish", h.Publish)
+		}),
+		fx.Invoke(func(s *core.AppServer, h *handler.ConfigHandler) {
+			group := s.Engine.Group("/api/config/")
+			group.GET("get", h.Get)
 		}),

 		// 管理后台控制器
@@ -193,12 +286,17 @@ func main() {
 			group.POST("login", h.Login)
 			group.GET("logout", h.Logout)
 			group.GET("session", h.Session)
-			group.GET("migrate", h.Migrate)
+			group.GET("list", h.List)
+			group.POST("save", h.Save)
+			group.POST("enable", h.Enable)
+			group.GET("remove", h.Remove)
+			group.POST("resetPass", h.ResetPass)
 		}),
 		fx.Invoke(func(s *core.AppServer, h *admin.ApiKeyHandler) {
 			group := s.Engine.Group("/api/admin/apikey/")
 			group.POST("save", h.Save)
 			group.GET("list", h.List)
+			group.POST("set", h.Set)
 			group.GET("remove", h.Remove)
 		}),
 		fx.Invoke(func(s *core.AppServer, h *admin.UserHandler) {
@@ -213,25 +311,140 @@ func main() {
 			group := s.Engine.Group("/api/admin/role/")
 			group.GET("list", h.List)
 			group.POST("save", h.Save)
-			group.POST("sort", h.SetSort)
-			group.GET("remove", h.Remove)
+			group.POST("sort", h.Sort)
+			group.POST("set", h.Set)
+			group.POST("remove", h.Remove)
 		}),
 		fx.Invoke(func(s *core.AppServer, h *admin.RewardHandler) {
 			group := s.Engine.Group("/api/admin/reward/")
 			group.GET("list", h.List)
+			group.POST("remove", h.Remove)
 		}),
 		fx.Invoke(func(s *core.AppServer, h *admin.DashboardHandler) {
 			group := s.Engine.Group("/api/admin/dashboard/")
 			group.GET("stats", h.Stats)
 		}),
-
-		fx.Invoke(func(s *core.AppServer, db *gorm.DB) {
-			err := s.Run(db)
-			if err != nil {
-				log.Fatal(err)
-			}
+		fx.Invoke(func(s *core.AppServer, h *handler.ChatModelHandler) {
+			group := s.Engine.Group("/api/model/")
+			group.GET("list", h.List)
+		}),
+		fx.Invoke(func(s *core.AppServer, h *admin.ChatModelHandler) {
+			group := s.Engine.Group("/api/admin/model/")
+			group.POST("save", h.Save)
+			group.GET("list", h.List)
+			group.POST("set", h.Set)
+			group.POST("sort", h.Sort)
+			group.GET("remove", h.Remove)
+		}),
+		fx.Invoke(func(s *core.AppServer, h *handler.PaymentHandler) {
+			group := s.Engine.Group("/api/payment/")
+			group.GET("doPay", h.DoPay)
+			group.GET("payWays", h.GetPayWays)
+			group.POST("query", h.OrderQuery)
+			group.POST("qrcode", h.PayQrcode)
+			group.POST("mobile", h.Mobile)
+			group.POST("alipay/notify", h.AlipayNotify)
+			group.POST("hupipay/notify", h.HuPiPayNotify)
+			group.POST("payjs/notify", h.PayJsNotify)
+		}),
+		fx.Invoke(func(s *core.AppServer, h *admin.ProductHandler) {
+			group := s.Engine.Group("/api/admin/product/")
+			group.POST("save", h.Save)
+			group.GET("list", h.List)
+			group.POST("enable", h.Enable)
+			group.POST("sort", h.Sort)
+			group.GET("remove", h.Remove)
+		}),
+		fx.Invoke(func(s *core.AppServer, h *admin.OrderHandler) {
+			group := s.Engine.Group("/api/admin/order/")
+			group.POST("list", h.List)
+			group.GET("remove", h.Remove)
+		}),
+		fx.Invoke(func(s *core.AppServer, h *handler.OrderHandler) {
+			group := s.Engine.Group("/api/order/")
+			group.POST("list", h.List)
+		}),
+		fx.Invoke(func(s *core.AppServer, h *handler.ProductHandler) {
+			group := s.Engine.Group("/api/product/")
+			group.GET("list", h.List)
 		}),

+		fx.Provide(handler.NewInviteHandler),
+		fx.Invoke(func(s *core.AppServer, h *handler.InviteHandler) {
+			group := s.Engine.Group("/api/invite/")
+			group.GET("code", h.Code)
+			group.POST("list", h.List)
+			group.GET("hits", h.Hits)
+		}),
+
+		fx.Provide(admin.NewFunctionHandler),
+		fx.Invoke(func(s *core.AppServer, h *admin.FunctionHandler) {
+			group := s.Engine.Group("/api/admin/function/")
+			group.POST("save", h.Save)
+			group.POST("set", h.Set)
+			group.GET("list", h.List)
+			group.GET("remove", h.Remove)
+			group.GET("token", h.GenToken)
+		}),
+
+		// 验证码
+		fx.Provide(admin.NewCaptchaHandler),
+		fx.Invoke(func(s *core.AppServer, h *admin.CaptchaHandler) {
+			group := s.Engine.Group("/api/admin/login/")
+			group.GET("captcha", h.GetCaptcha)
+		}),
+
+		fx.Provide(admin.NewUploadHandler),
+		fx.Invoke(func(s *core.AppServer, h *admin.UploadHandler) {
+			s.Engine.POST("/api/admin/upload", h.Upload)
+		}),
+
+		fx.Provide(handler.NewFunctionHandler),
+		fx.Invoke(func(s *core.AppServer, h *handler.FunctionHandler) {
+			group := s.Engine.Group("/api/function/")
+			group.POST("weibo", h.WeiBo)
+			group.POST("zaobao", h.ZaoBao)
+			group.POST("dalle3", h.Dall3)
+		}),
+		fx.Invoke(func(s *core.AppServer, h *admin.ChatHandler) {
+			group := s.Engine.Group("/api/admin/chat/")
+			group.POST("list", h.List)
+			group.POST("message", h.Messages)
+			group.GET("history", h.History)
+			group.GET("remove", h.RemoveChat)
+			group.GET("message/remove", h.RemoveMessage)
+		}),
+		fx.Invoke(func(s *core.AppServer, h *handler.PowerLogHandler) {
+			group := s.Engine.Group("/api/powerLog/")
+			group.POST("list", h.List)
+		}),
+		fx.Invoke(func(s *core.AppServer, h *admin.PowerLogHandler) {
+			group := s.Engine.Group("/api/admin/powerLog/")
+			group.POST("list", h.List)
+		}),
+		fx.Provide(admin.NewMenuHandler),
+		fx.Invoke(func(s *core.AppServer, h *admin.MenuHandler) {
+			group := s.Engine.Group("/api/admin/menu/")
+			group.POST("save", h.Save)
+			group.GET("list", h.List)
+			group.POST("enable", h.Enable)
+			group.POST("sort", h.Sort)
+			group.GET("remove", h.Remove)
+		}),
+		fx.Provide(handler.NewMenuHandler),
+		fx.Invoke(func(s *core.AppServer, h *handler.MenuHandler) {
+			group := s.Engine.Group("/api/menu/")
+			group.GET("list", h.List)
+		}),
+		fx.Invoke(func(s *core.AppServer, db *gorm.DB) {
+			go func() {
+				err := s.Run(db)
+				if err != nil {
+					log.Fatal(err)
+				}
+			}()
+		}),
+		fx.Provide(NewAppLifeCycle),
 		// 注册生命周期回调函数
 		fx.Invoke(func(lifecycle fx.Lifecycle, lc *AppLifecycle) {
 			lifecycle.Append(fx.Hook{
--- a/api/res/certs/alipay/alipayPublicCert.crt
+++ b/api/res/certs/alipay/alipayPublicCert.crt
@@ -0,0 +1,38 @@
+-----BEGIN CERTIFICATE-----
+MIIDszCCApugAwIBAgIQICMRB0rBU2/rZJbfJGMYIzANBgkqhkiG9w0BAQsFADCBkTELMAkGA1UE
+BhMCQ04xGzAZBgNVBAoMEkFudCBGaW5hbmNpYWwgdGVzdDElMCMGA1UECwwcQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkgdGVzdDE+MDwGA1UEAww1QW50IEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1
+dGhvcml0eSBDbGFzcyAyIFIxIHRlc3QwHhcNMjMxMTA3MDYzNTQxWhcNMjQxMTA2MDYzNTQxWjCB
+hDELMAkGA1UEBhMCQ04xHzAdBgNVBAoMFm1ib25meTkwMTVAc2FuZGJveC5jb20xDzANBgNVBAsM
+BkFsaXBheTFDMEEGA1UEAww65pSv5LuY5a6dKOS4reWbvSnnvZHnu5zmioDmnK/mnInpmZDlhazl
+j7gtMjA4ODcyMTAyMDc1MDU4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKsoKcw5
+sxaiyV7mpWzDtnQ1K518eQLP0+dJlZAf06aBep/Aj9DIqrba/k7DHt8dKQvILMLAMpN1+2IRxbaO
+yxMa/laj3lZ1eHrB6F077O3D62oHcE3noZtXL0N1zZAxpmkNmYIHeLZS2oLMS4ANu47O/wpDC7BV
+HjdpZugtdPJ4mxdCpM9GDdLs7W4s5QI4PUPK4skFNMFoKI+0cYP/9ju87UP//IHC/K510GWNl+Gn
+Cvgag3AmiIB0utJNsGhxm6zT1T9tUWjW9iz/BxBKiPatsCX9VpPQzGnW7ZonRQtiZSokIlP2IPvl
+H5DcwpWUz3/LUY0SmKxnKOEYeOOqCW8CAwEAAaMSMBAwDgYDVR0PAQH/BAQDAgTwMA0GCSqGSIb3
+DQEBCwUAA4IBAQAtgxF2EzjOndEFxBUD9tFwcSt6XKGggOp52oft1pvynPg4ALTLafOtfEPDrFBH
+PwpYrSu9s9C8NJtaA2HrlCfBjIuwEFTXiN+HPvS0SwSPKt9AXEiTcOF8vDcGamEen8QI4fo5Jia7
+2VRKkerkww5/+FzSaVO7ZUKuL80M1QJStmAZc8kPPwdYOTTW2bGf8BcmSDL6SPElBkt7tCCRd4sn
+jq4cZ0yb2i77rBZCwHcTvfTqIBblPwLv4uGvg3+83BxIB5w6Kqp06bKEAPmobFY5IVHa+ON0/qi
+BXxXr+WQ3piKRVQEN64+PTAjSc67Ix1umvpLl3Ko6Ry7NJmpDcUn
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDszCCApugAwIBAgIQIBkIGbgVxq210KxLJ+YA/TANBgkqhkiG9w0BAQsFADCBhDELMAkGA1UE
+BhMCQ04xFjAUBgNVBAoMDUFudCBGaW5hbmNpYWwxJTAjBgNVBAsMHENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5IHRlc3QxNjA0BgNVBAMMLUFudCBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkgUjEgdGVzdDAeFw0xOTA4MTkxMTE2MDBaFw0yNDA4MDExMTE2MDBaMIGRMQswCQYDVQQGEwJD
+TjEbMBkGA1UECgwSQW50IEZpbmFuY2lhbCB0ZXN0MSUwIwYDVQQLDBxDZXJ0aWZpY2F0aW9uIEF1
+dGhvcml0eSB0ZXN0MT4wPAYDVQQDDDVBbnQgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5IENsYXNzIDIgUjEgdGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMh4FKYO
+ZyRQHD6eFbPKZeSAnrfjfU7xmS9Yoozuu+iuqZlb6Z0SPLUqqTZAFZejOcmr07ln/pwZxluqplxC
+5+B48End4nclDMlT5HPrDr3W0frs6Xsa2ZNcyil/iKNB5MbGll8LRAxntsKvZZj6vUTMb705gYgm
+VUMILwi/ZxKTQqBtkT/kQQ5y6nOZsj7XI5rYdz6qqOROrpvS/d7iypdHOMIM9Iz9DlL1mrCykbBi
+t25y+gTeXmuisHUwqaRpwtCGK4BayCqxRGbNipe6W73EK9lBrrzNtTr9NaysesT/v+l25JHCL9tG
+wpNr1oWFzk4IHVOg0ORiQ6SUgxZUTYcCAwEAAaMSMBAwDgYDVR0PAQH/BAQDAgTwMA0GCSqGSIb3
+DQEBCwUAA4IBAQBWThEoIaQoBX2YeRY/I8gu6TYnFXtyuCljANnXnM38ft+ikhE5mMNgKmJYLHvT
+yWWWgwHoSAWEuml7EGbE/2AK2h3k0MdfiWLzdmpPCRG/RJHk6UB1pMHPilI+c0MVu16OPpKbg5Vf
+LTv7dsAB40AzKsvyYw88/Ezi1osTXo6QQwda7uefvudirtb8FcQM9R66cJxl3kt1FXbpYwheIm/p
+j1mq64swCoIYu4NrsUYtn6CV542DTQMI5QdXkn+PzUUly8F6kDp+KpMNd0avfWNL5+O++z+F5Szy
+1CPta1D7EQ/eYmMP+mOQ35oifWIoFCpN6qQVBS/Hob1J/UUyg7BW
+-----END CERTIFICATE-----
--- a/api/res/certs/alipay/alipayRootCert.crt
+++ b/api/res/certs/alipay/alipayRootCert.crt
@@ -0,0 +1,88 @@
+-----BEGIN CERTIFICATE-----
+MIIBszCCAVegAwIBAgIIaeL+wBcKxnswDAYIKoEcz1UBg3UFADAuMQswCQYDVQQG
+EwJDTjEOMAwGA1UECgwFTlJDQUMxDzANBgNVBAMMBlJPT1RDQTAeFw0xMjA3MTQw
+MzExNTlaFw00MjA3MDcwMzExNTlaMC4xCzAJBgNVBAYTAkNOMQ4wDAYDVQQKDAVO
+UkNBQzEPMA0GA1UEAwwGUk9PVENBMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE
+MPCca6pmgcchsTf2UnBeL9rtp4nw+itk1Kzrmbnqo05lUwkwlWK+4OIrtFdAqnRT
+V7Q9v1htkv42TsIutzd126NdMFswHwYDVR0jBBgwFoAUTDKxl9kzG8SmBcHG5Yti
+W/CXdlgwDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFEwysZfZ
+MxvEpgXBxuWLYlvwl3ZYMAwGCCqBHM9VAYN1BQADSAAwRQIgG1bSLeOXp3oB8H7b
+53W+CKOPl2PknmWEq/lMhtn25HkCIQDaHDgWxWFtnCrBjH16/W3Ezn7/U/Vjo5xI
+pDoiVhsLwg==
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIIF0zCCA7ugAwIBAgIIH8+hjWpIDREwDQYJKoZIhvcNAQELBQAwejELMAkGA1UE
+BhMCQ04xFjAUBgNVBAoMDUFudCBGaW5hbmNpYWwxIDAeBgNVBAsMF0NlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5MTEwLwYDVQQDDChBbnQgRmluYW5jaWFsIENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5IFIxMB4XDTE4MDMyMTEzNDg0MFoXDTM4MDIyODEzNDg0
+MFowejELMAkGA1UEBhMCQ04xFjAUBgNVBAoMDUFudCBGaW5hbmNpYWwxIDAeBgNV
+BAsMF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5MTEwLwYDVQQDDChBbnQgRmluYW5j
+aWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFIxMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAtytTRcBNuur5h8xuxnlKJetT65cHGemGi8oD+beHFPTk
+rUTlFt9Xn7fAVGo6QSsPb9uGLpUFGEdGmbsQ2q9cV4P89qkH04VzIPwT7AywJdt2
+xAvMs+MgHFJzOYfL1QkdOOVO7NwKxH8IvlQgFabWomWk2Ei9WfUyxFjVO1LVh0Bp
+dRBeWLMkdudx0tl3+21t1apnReFNQ5nfX29xeSxIhesaMHDZFViO/DXDNW2BcTs6
+vSWKyJ4YIIIzStumD8K1xMsoaZBMDxg4itjWFaKRgNuPiIn4kjDY3kC66Sl/6yTl
+YUz8AybbEsICZzssdZh7jcNb1VRfk79lgAprm/Ktl+mgrU1gaMGP1OE25JCbqli1
+Pbw/BpPynyP9+XulE+2mxFwTYhKAwpDIDKuYsFUXuo8t261pCovI1CXFzAQM2w7H
+DtA2nOXSW6q0jGDJ5+WauH+K8ZSvA6x4sFo4u0KNCx0ROTBpLif6GTngqo3sj+98
+SZiMNLFMQoQkjkdN5Q5g9N6CFZPVZ6QpO0JcIc7S1le/g9z5iBKnifrKxy0TQjtG
+PsDwc8ubPnRm/F82RReCoyNyx63indpgFfhN7+KxUIQ9cOwwTvemmor0A+ZQamRe
+9LMuiEfEaWUDK+6O0Gl8lO571uI5onYdN1VIgOmwFbe+D8TcuzVjIZ/zvHrAGUcC
+AwEAAaNdMFswCwYDVR0PBAQDAgEGMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFF90
+tATATwda6uWx2yKjh0GynOEBMB8GA1UdIwQYMBaAFF90tATATwda6uWx2yKjh0Gy
+nOEBMA0GCSqGSIb3DQEBCwUAA4ICAQCVYaOtqOLIpsrEikE5lb+UARNSFJg6tpkf
+tJ2U8QF/DejemEHx5IClQu6ajxjtu0Aie4/3UnIXop8nH/Q57l+Wyt9T7N2WPiNq
+JSlYKYbJpPF8LXbuKYG3BTFTdOVFIeRe2NUyYh/xs6bXGr4WKTXb3qBmzR02FSy3
+IODQw5Q6zpXj8prYqFHYsOvGCEc1CwJaSaYwRhTkFedJUxiyhyB5GQwoFfExCVHW
+05ZFCAVYFldCJvUzfzrWubN6wX0DD2dwultgmldOn/W/n8at52mpPNvIdbZb2F41
+T0YZeoWnCJrYXjq/32oc1cmifIHqySnyMnavi75DxPCdZsCOpSAT4j4lAQRGsfgI
+kkLPGQieMfNNkMCKh7qjwdXAVtdqhf0RVtFILH3OyEodlk1HYXqX5iE5wlaKzDop
+PKwf2Q3BErq1xChYGGVS+dEvyXc/2nIBlt7uLWKp4XFjqekKbaGaLJdjYP5b2s7N
+1dM0MXQ/f8XoXKBkJNzEiM3hfsU6DOREgMc1DIsFKxfuMwX3EkVQM1If8ghb6x5Y
+jXayv+NLbidOSzk4vl5QwngO/JYFMkoc6i9LNwEaEtR9PhnrdubxmrtM+RjfBm02
+77q3dSWFESFQ4QxYWew4pHE0DpWbWy/iMIKQ6UZ5RLvB8GEcgt8ON7BBJeMc+Dyi
+kT9qhqn+lw==
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIICiDCCAgygAwIBAgIIQX76UsB/30owDAYIKoZIzj0EAwMFADB6MQswCQYDVQQG
+EwJDTjEWMBQGA1UECgwNQW50IEZpbmFuY2lhbDEgMB4GA1UECwwXQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkxMTAvBgNVBAMMKEFudCBGaW5hbmNpYWwgQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkgRTEwHhcNMTkwNDI4MTYyMDQ0WhcNNDkwNDIwMTYyMDQ0
+WjB6MQswCQYDVQQGEwJDTjEWMBQGA1UECgwNQW50IEZpbmFuY2lhbDEgMB4GA1UE
+CwwXQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxMTAvBgNVBAMMKEFudCBGaW5hbmNp
+YWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgRTEwdjAQBgcqhkjOPQIBBgUrgQQA
+IgNiAASCCRa94QI0vR5Up9Yr9HEupz6hSoyjySYqo7v837KnmjveUIUNiuC9pWAU
+WP3jwLX3HkzeiNdeg22a0IZPoSUCpasufiLAnfXh6NInLiWBrjLJXDSGaY7vaokt
+rpZvAdmjXTBbMAsGA1UdDwQEAwIBBjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBRZ
+4ZTgDpksHL2qcpkFkxD2zVd16TAfBgNVHSMEGDAWgBRZ4ZTgDpksHL2qcpkFkxD2
+zVd16TAMBggqhkjOPQQDAwUAA2gAMGUCMQD4IoqT2hTUn0jt7oXLdMJ8q4vLp6sg
+wHfPiOr9gxreb+e6Oidwd2LDnC4OUqCWiF8CMAzwKs4SnDJYcMLf2vpkbuVE4dTH
+Rglz+HGcTLWsFs4KxLsq7MuU+vJTBUeDJeDjdA==
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIUEMdk6dVgOEIS2cCP0Q43P90Ps5YwDQYJKoZIhvcNAQEF
+BQAwajELMAkGA1UEBhMCQ04xEzARBgNVBAoMCmlUcnVzQ2hpbmExHDAaBgNVBAsM
+E0NoaW5hIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMMH2lUcnVzQ2hpbmEgQ2xhc3Mg
+MiBSb290IENBIC0gRzMwHhcNMTMwNDE4MDkzNjU2WhcNMzMwNDE4MDkzNjU2WjBq
+MQswCQYDVQQGEwJDTjETMBEGA1UECgwKaVRydXNDaGluYTEcMBoGA1UECwwTQ2hp
+bmEgVHJ1c3QgTmV0d29yazEoMCYGA1UEAwwfaVRydXNDaGluYSBDbGFzcyAyIFJv
+b3QgQ0EgLSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOPPShpV
+nJbMqqCw6Bz1kehnoPst9pkr0V9idOwU2oyS47/HjJXk9Rd5a9xfwkPO88trUpz5
+4GmmwspDXjVFu9L0eFaRuH3KMha1Ak01citbF7cQLJlS7XI+tpkTGHEY5pt3EsQg
+wykfZl/A1jrnSkspMS997r2Gim54cwz+mTMgDRhZsKK/lbOeBPpWtcFizjXYCqhw
+WktvQfZBYi6o4sHCshnOswi4yV1p+LuFcQ2ciYdWvULh1eZhLxHbGXyznYHi0dGN
+z+I9H8aXxqAQfHVhbdHNzi77hCxFjOy+hHrGsyzjrd2swVQ2iUWP8BfEQqGLqM1g
+KgWKYfcTGdbPB1MCAwEAAaNjMGEwHQYDVR0OBBYEFG/oAMxTVe7y0+408CTAK8hA
+uTyRMB8GA1UdIwQYMBaAFG/oAMxTVe7y0+408CTAK8hAuTyRMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBLnUTfW7hp
+emMbuUGCk7RBswzOT83bDM6824EkUnf+X0iKS95SUNGeeSWK2o/3ALJo5hi7GZr3
+U8eLaWAcYizfO99UXMRBPw5PRR+gXGEronGUugLpxsjuynoLQu8GQAeysSXKbN1I
+UugDo9u8igJORYA+5ms0s5sCUySqbQ2R5z/GoceyI9LdxIVa1RjVX8pYOj8JFwtn
+DJN3ftSFvNMYwRuILKuqUYSHc2GPYiHVflDh5nDymCMOQFcFG3WsEuB+EYQPFgIU
+1DHmdZcz7Llx8UOZXX2JupWCYzK1XhJb+r4hK5ncf/w8qGtYlmyJpxk3hr1TfUJX
+Yf4Zr0fJsGuv
+-----END CERTIFICATE-----
--- a/api/res/certs/alipay/appPublicCert.crt
+++ b/api/res/certs/alipay/appPublicCert.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDmTCCAoGgAwIBAgIQICMRB2LW76yahgdg3IFNPDANBgkqhkiG9w0BAQsFADCBkTELMAkGA1UE
+BhMCQ04xGzAZBgNVBAoMEkFudCBGaW5hbmNpYWwgdGVzdDElMCMGA1UECwwcQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkgdGVzdDE+MDwGA1UEAww1QW50IEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1
+dGhvcml0eSBDbGFzcyAyIFIxIHRlc3QwHhcNMjMxMTA3MDU0NjE5WhcNMjQxMTExMDU0NjE5WjBr
+MQswCQYDVQQGEwJDTjEfMB0GA1UECgwWbWJvbmZ5OTAxNUBzYW5kYm94LmNvbTEPMA0GA1UECwwG
+QWxpcGF5MSowKAYDVQQDDCEyMDg4NzIxMDIwNzUwNTgxLTkwMjEwMDAxMzE2NTgwMjMwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxihQPf1Q+g9ArgM46shVqL5sbRha/df95D1PsWyEq
+ANmWmG4zZ+ksYDVQrc4KzhSRoi56sm/7TDFYTmM6bW99e/nKW58WxyZB4ie5qA3F4n17psPyDqb8
+IokcQmCphSFDaXQD6AoXoLNtTM0vAI2cWxAgebZ/vsrdj5Ntjt+Rp3NYMCk1i5xovHcfILzLEGbX
+QXoT9fo5AhHotTWa6xHVLPUGY9qwLzQxHzBmvy5ZMfnOfJkm/mDisTSqAUB59F3dzU/1ARVkEZ1w
+Mgb4XohWBw6iurQfbMnH2mIomAAwwZVFv+sXDbL9yMbSMo/SjVsTQprn0Q0EnwLo7nmmOM6HAgMB
+AAGjEjAQMA4GA1UdDwEB/wQEAwIE8DANBgkqhkiG9w0BAQsFAAOCAQEAn3Y4/C1h9R6ONsBqX3/q
+XfHX7yX1FM0Y1x48X3/Yxk6HivAkTukhhhVYVKJsbrbzRqHDp9vhAP/FR6o6pAevaYMmLov0VMXU
+7oAuetgkaYEYkDuNen5/Hpdhqi2vTtdT+q9w8zHJd6MDQ0aoHgIxpLKw5vof2R1N4fwSgNXMiXE5
+kmllKQMem/+on2p+Sj80/2asxryHIGlH87qPzkffv+kIOkZthbTApTFLLjdVri2QHGe8/cc4xy01
+/9iR3IUzNahotT41lJ4bMevBY7XMAS3n5ekyABN/9ZRJqhWdXgmFCRN/u56qd6lDgu7R2M2QUoyc
+LuW5DfgRItKlmUB7sw==
+-----END CERTIFICATE-----
--- a/api/res/certs/alipay/privateKey.txt
+++ b/api/res/certs/alipay/privateKey.txt
@@ -0,0 +1 @@
+MIIEpQIBAAKCAQEAsYoUD39UPoPQK4DOOrIVai+bG0YWv3X/eQ9T7FshKgDZlphuM2fpLGA1UK3OCs4UkaIuerJv+0wxWE5jOm1vfXv5ylufFscmQeInuagNxeJ9e6bD8g6m/CKJHEJgqYUhQ2l0A+gKF6CzbUzNLwCNnFsQIHm2f77K3Y+TbY7fkadzWDApNYucaLx3HyC8yxBm10F6E/X6OQIR6LU1musR1Sz1BmPasC80MR8wZr8uWTH5znyZJv5g4rE0qgFAefRd3c1P9QEVZBGdcDIG+F6IVgcOorq0H2zJx9piKJgAMMGVRb/rFw2y/cjG0jKP0o1bE0Ka59ENBJ8C6O55pjjOhwIDAQABAoIBAFetNfz1R7hbxjlFshMAkVzQR8wvT9qbvl+dtzdZRcaFhu89NecDIP7+QDYor0FcxoGpU0TazDyRQyk2BQD8vHt+9zv9BVLtZLJSqoWgPbUFBi1DjS8EF2ka8RVYnn35NhUhhd7L//ftL88Bh673mfembQ9srDjoEy1Z01feoABAnCMkNFl986DmEwnarvEufXSDIgeN4ioMxha4NvfIPuI0zpVdV1O9sv+SGC+VEWZBtN3GNsaf4zS/f8FVGvTiU/Abz0gSw/iwSPHclDWQDTN3yFHf/tfqlzh0mH0WfhnuOBFWXzK+R7fbnM+asI9ttvzRcfpzgRGXdPcNcOv/6cECgYEA3DVqpi1k8MYfJixju6SG5gfyhM4VFksFmCMaNPgtatDMBKLMTgV/Ej6LXREojcy29uZl83F09pVlpd41eG39ULIPktixA/BqErQ2UaWh6kOxifycpu22Jh0r09hax6UgVrcBrrnCJEjcFsuJlrZvXQSzc3PBxjWy5gjabS5h9iECgYEAzmVAIh2frF01Y95zsLueAhhZwCtPanm6kf7ivR4r1plIX3b2sNRhWGmEHFgaCE6Braa0ogQ73Hd26kw4ZW+D6QMGC/zjCBEzDLLf++SjdVUHiY5AR4WHqXzq1jdAlsVyo9R661oAOp3lhiJVGLNXkHyEfEVPHsaxJh4osYSbX6cCgYEAx32Qx0i6eDFTyLZQB46uMrgiaVN04QRH5iJuvGvUYT8UhGKjaU8rZfDJOh+wOH2rhxMEaz1uc3C2bERY9mfWI4Ob/jFWc7YZsiYWS3Mcsuhubw4tMECLUg39RWZsHw8ls8kIuixIh6yFzhTH6YQOcRswIrhMZG8DScfdcSmiz2ECgYEAkWP1t5KSpkLKl11etcKUXfl1T8+yk9jIOowIgRw92WAFAWq2AH67TCKYM7dEL1HOO9tRJ0hAOt/U3ttuZtYVYBEHM26jJ02mXm2rJrA7DS4mrxmL4lYH6LbcXqZxU0Qnq4zEQgIWYzRTORf6Rfof1uJAGaJhR9bDd4yLMfGt2cUCgYEAo216Y61xOHUTA4AF1eekk+r+uOcQgQDvLXfs9FkDdJLk0mPG48/+eIYpPFnANJ/riF/DWOp8WGEe2IzA9yUFexzDbNQK8ha9kGcxaSAyiCwzjZ/t9/+hScDSV8kNqWSRSisu/YOFleEHbokT6mbLZ+gdqES8mUUanaEBzRQYGxo=
--- a/api/res/img/alipay.jpg
+++ b/api/res/img/alipay.jpg
--- a/api/res/img/wechat-pay.jpg
+++ b/api/res/img/wechat-pay.jpg
--- a/api/service/captcha_service.go
+++ b/api/service/captcha_service.go
@@ -60,3 +60,44 @@ func (s *CaptchaService) Check(data interface{}) bool {

 	return true
 }
+
+func (s *CaptchaService) SlideGet() (interface{}, error) {
+	if s.config.Token == "" {
+		return nil, errors.New("无效的 API Token")
+	}
+
+	url := fmt.Sprintf("%s/api/captcha/slide/get", s.config.ApiURL)
+	var res types.BizVo
+	r, err := s.client.R().
+		SetHeader("AppId", s.config.AppId).
+		SetHeader("Authorization", fmt.Sprintf("Bearer %s", s.config.Token)).
+		SetSuccessResult(&res).Get(url)
+	if err != nil || r.IsErrorState() {
+		return nil, fmt.Errorf("请求 API 失败：%v", err)
+	}
+
+	if res.Code != types.Success {
+		return nil, fmt.Errorf("请求 API 失败：%s", res.Message)
+	}
+
+	return res.Data, nil
+}
+
+func (s *CaptchaService) SlideCheck(data interface{}) bool {
+	url := fmt.Sprintf("%s/api/captcha/slide/check", s.config.ApiURL)
+	var res types.BizVo
+	r, err := s.client.R().
+		SetHeader("AppId", s.config.AppId).
+		SetHeader("Authorization", fmt.Sprintf("Bearer %s", s.config.Token)).
+		SetBodyJsonMarshal(data).
+		SetSuccessResult(&res).Post(url)
+	if err != nil || r.IsErrorState() {
+		return false
+	}
+
+	if res.Code != types.Success {
+		return false
+	}
+
+	return true
+}
--- a/api/service/function/function.go
+++ b/api/service/function/function.go
@@ -1,38 +0,0 @@
-package function
-
-import (
-	"chatplus/core/types"
-	logger2 "chatplus/logger"
-)
-
-type Function interface {
-	Invoke(map[string]interface{}) (string, error)
-	Name() string
-}
-
-var logger = logger2.GetLogger()
-
-type resVo struct {
-	Code    types.BizCode `json:"code"`
-	Message string        `json:"message"`
-	Data    struct {
-		Title     string     `json:"title"`
-		UpdatedAt string     `json:"updated_at"`
-		Items     []dataItem `json:"items"`
-	} `json:"data"`
-}
-
-type dataItem struct {
-	Title  string `json:"title"`
-	Url    string `json:"url"`
-	Remark string `json:"remark"`
-}
-
-func NewFunctions(config *types.AppConfig) map[string]Function {
-	return map[string]Function{
-		types.FuncZaoBao:     NewZaoBao(config.ApiConfig),
-		types.FuncWeibo:      NewWeiboHot(config.ApiConfig),
-		types.FuncHeadLine:   NewHeadLines(config.ApiConfig),
-		types.FuncMidJourney: NewMidJourneyFunc(config.ExtConfig),
-	}
-}
--- a/api/service/function/mid_journey.go
+++ b/api/service/function/mid_journey.go
@@ -1,117 +0,0 @@
-package function
-
-import (
-	"chatplus/core/types"
-	"chatplus/utils"
-	"errors"
-	"fmt"
-	"github.com/imroc/req/v3"
-	"time"
-)
-
-// AI 绘画函数
-
-type FuncMidJourney struct {
-	name   string
-	config types.ChatPlusExtConfig
-	client *req.Client
-}
-
-func NewMidJourneyFunc(config types.ChatPlusExtConfig) FuncMidJourney {
-	return FuncMidJourney{
-		name:   "MidJourney AI 绘画",
-		config: config,
-		client: req.C().SetTimeout(30 * time.Second)}
-}
-
-func (f FuncMidJourney) Invoke(params map[string]interface{}) (string, error) {
-	if f.config.Token == "" {
-		return "", errors.New("无效的 API Token")
-	}
-
-	logger.Infof("MJ 绘画参数：%+v", params)
-	prompt := utils.InterfaceToString(params["prompt"])
-	if !utils.IsEmptyValue(params["ar"]) {
-		prompt = fmt.Sprintf("%s --ar %s", prompt, params["ar"])
-		delete(params, "--ar")
-	}
-	if !utils.IsEmptyValue(params["niji"]) {
-		prompt = fmt.Sprintf("%s --niji %s", prompt, params["niji"])
-		delete(params, "niji")
-	} else {
-		prompt = prompt + " --v 5.2"
-	}
-	params["prompt"] = prompt
-	url := fmt.Sprintf("%s/api/mj/image", f.config.ApiURL)
-	var res types.BizVo
-	r, err := f.client.R().
-		SetHeader("Authorization", f.config.Token).
-		SetHeader("Content-Type", "application/json").
-		SetBody(params).
-		SetSuccessResult(&res).Post(url)
-	if err != nil || r.IsErrorState() {
-		return "", fmt.Errorf("%v%v", r.String(), err)
-	}
-
-	if res.Code != types.Success {
-		return "", errors.New(res.Message)
-	}
-
-	return prompt, nil
-}
-
-type MjUpscaleReq struct {
-	Index       int32  `json:"index"`
-	MessageId   string `json:"message_id"`
-	MessageHash string `json:"message_hash"`
-}
-
-func (f FuncMidJourney) Upscale(upReq MjUpscaleReq) error {
-	url := fmt.Sprintf("%s/api/mj/upscale", f.config.ApiURL)
-	var res types.BizVo
-	r, err := f.client.R().
-		SetHeader("Authorization", f.config.Token).
-		SetHeader("Content-Type", "application/json").
-		SetBody(upReq).
-		SetSuccessResult(&res).Post(url)
-	if err != nil || r.IsErrorState() {
-		return fmt.Errorf("%v%v", r.String(), err)
-	}
-
-	if res.Code != types.Success {
-		return errors.New(res.Message)
-	}
-
-	return nil
-}
-
-type MjVariationReq struct {
-	Index       int32  `json:"index"`
-	MessageId   string `json:"message_id"`
-	MessageHash string `json:"message_hash"`
-}
-
-func (f FuncMidJourney) Variation(upReq MjVariationReq) error {
-	url := fmt.Sprintf("%s/api/mj/variation", f.config.ApiURL)
-	var res types.BizVo
-	r, err := f.client.R().
-		SetHeader("Authorization", f.config.Token).
-		SetHeader("Content-Type", "application/json").
-		SetBody(upReq).
-		SetSuccessResult(&res).Post(url)
-	if err != nil || r.IsErrorState() {
-		return fmt.Errorf("%v%v", r.String(), err)
-	}
-
-	if res.Code != types.Success {
-		return errors.New(res.Message)
-	}
-
-	return nil
-}
-
-func (f FuncMidJourney) Name() string {
-	return f.name
-}
-
-var _ Function = &FuncMidJourney{}
--- a/api/service/function/tou_tiao.go
+++ b/api/service/function/tou_tiao.go
@@ -1,58 +0,0 @@
-package function
-
-import (
-	"chatplus/core/types"
-	"errors"
-	"fmt"
-	"github.com/imroc/req/v3"
-	"strings"
-	"time"
-)
-
-// 今日头条函数实现
-
-type FuncHeadlines struct {
-	name   string
-	config types.ChatPlusApiConfig
-	client *req.Client
-}
-
-func NewHeadLines(config types.ChatPlusApiConfig) FuncHeadlines {
-	return FuncHeadlines{
-		name:   "今日头条",
-		config: config,
-		client: req.C().SetTimeout(10 * time.Second)}
-}
-
-func (f FuncHeadlines) Invoke(map[string]interface{}) (string, error) {
-	if f.config.Token == "" {
-		return "", errors.New("无效的 API Token")
-	}
-
-	url := fmt.Sprintf("%s/api/headline/fetch", f.config.ApiURL)
-	var res resVo
-	r, err := f.client.R().
-		SetHeader("AppId", f.config.AppId).
-		SetHeader("Authorization", fmt.Sprintf("Bearer %s", f.config.Token)).
-		SetSuccessResult(&res).Get(url)
-	if err != nil || r.IsErrorState() {
-		return "", fmt.Errorf("%v%v", err, r.Err)
-	}
-
-	if res.Code != types.Success {
-		return "", errors.New(res.Message)
-	}
-
-	builder := make([]string, 0)
-	builder = append(builder, fmt.Sprintf("**%s**，最新更新：%s", res.Data.Title, res.Data.UpdatedAt))
-	for i, v := range res.Data.Items {
-		builder = append(builder, fmt.Sprintf("%d、 [%s](%s) [%s]", i+1, v.Title, v.Url, v.Remark))
-	}
-	return strings.Join(builder, "\n\n"), nil
-}
-
-func (f FuncHeadlines) Name() string {
-	return f.name
-}
-
-var _ Function = &FuncHeadlines{}
--- a/api/service/function/weibo_hot.go
+++ b/api/service/function/weibo_hot.go
@@ -1,58 +0,0 @@
-package function
-
-import (
-	"chatplus/core/types"
-	"errors"
-	"fmt"
-	"github.com/imroc/req/v3"
-	"strings"
-	"time"
-)
-
-// 微博热搜函数实现
-
-type FuncWeiboHot struct {
-	name   string
-	config types.ChatPlusApiConfig
-	client *req.Client
-}
-
-func NewWeiboHot(config types.ChatPlusApiConfig) FuncWeiboHot {
-	return FuncWeiboHot{
-		name:   "微博热搜",
-		config: config,
-		client: req.C().SetTimeout(10 * time.Second)}
-}
-
-func (f FuncWeiboHot) Invoke(map[string]interface{}) (string, error) {
-	if f.config.Token == "" {
-		return "", errors.New("无效的 API Token")
-	}
-
-	url := fmt.Sprintf("%s/api/weibo/fetch", f.config.ApiURL)
-	var res resVo
-	r, err := f.client.R().
-		SetHeader("AppId", f.config.AppId).
-		SetHeader("Authorization", fmt.Sprintf("Bearer %s", f.config.Token)).
-		SetSuccessResult(&res).Get(url)
-	if err != nil || r.IsErrorState() {
-		return "", fmt.Errorf("%v%v", err, r.Err)
-	}
-
-	if res.Code != types.Success {
-		return "", errors.New(res.Message)
-	}
-
-	builder := make([]string, 0)
-	builder = append(builder, fmt.Sprintf("**%s**，最新更新：%s", res.Data.Title, res.Data.UpdatedAt))
-	for i, v := range res.Data.Items {
-		builder = append(builder, fmt.Sprintf("%d、 [%s](%s) [热度：%s]", i+1, v.Title, v.Url, v.Remark))
-	}
-	return strings.Join(builder, "\n\n"), nil
-}
-
-func (f FuncWeiboHot) Name() string {
-	return f.name
-}
-
-var _ Function = &FuncWeiboHot{}
--- a/api/service/function/zao_bao.go
+++ b/api/service/function/zao_bao.go
@@ -1,59 +0,0 @@
-package function
-
-import (
-	"chatplus/core/types"
-	"errors"
-	"fmt"
-	"github.com/imroc/req/v3"
-	"strings"
-	"time"
-)
-
-// 每日早报函数实现
-
-type FuncZaoBao struct {
-	name   string
-	config types.ChatPlusApiConfig
-	client *req.Client
-}
-
-func NewZaoBao(config types.ChatPlusApiConfig) FuncZaoBao {
-	return FuncZaoBao{
-		name:   "每日早报",
-		config: config,
-		client: req.C().SetTimeout(10 * time.Second)}
-}
-
-func (f FuncZaoBao) Invoke(map[string]interface{}) (string, error) {
-	if f.config.Token == "" {
-		return "", errors.New("无效的 API Token")
-	}
-
-	url := fmt.Sprintf("%s/api/zaobao/fetch", f.config.ApiURL)
-	var res resVo
-	r, err := f.client.R().
-		SetHeader("AppId", f.config.AppId).
-		SetHeader("Authorization", fmt.Sprintf("Bearer %s", f.config.Token)).
-		SetSuccessResult(&res).Get(url)
-	if err != nil || r.IsErrorState() {
-		return "", fmt.Errorf("%v%v", err, r.Err)
-	}
-
-	if res.Code != types.Success {
-		return "", errors.New(res.Message)
-	}
-
-	builder := make([]string, 0)
-	builder = append(builder, fmt.Sprintf("**%s 早报：**", res.Data.UpdatedAt))
-	for _, v := range res.Data.Items {
-		builder = append(builder, v.Title)
-	}
-	builder = append(builder, fmt.Sprintf("%s", res.Data.Title))
-	return strings.Join(builder, "\n\n"), nil
-}
-
-func (f FuncZaoBao) Name() string {
-	return f.name
-}
-
-var _ Function = &FuncZaoBao{}
--- a/api/service/mj/client.go
+++ b/api/service/mj/client.go
@@ -0,0 +1,61 @@
+package mj
+
+import "chatplus/core/types"
+
+type Client interface {
+	Imagine(task types.MjTask) (ImageRes, error)
+	Blend(task types.MjTask) (ImageRes, error)
+	SwapFace(task types.MjTask) (ImageRes, error)
+	Upscale(task types.MjTask) (ImageRes, error)
+	Variation(task types.MjTask) (ImageRes, error)
+	QueryTask(taskId string) (QueryRes, error)
+}
+
+type ImageReq struct {
+	BotType       string      `json:"botType,omitempty"`
+	Prompt        string      `json:"prompt,omitempty"`
+	Dimensions    string      `json:"dimensions,omitempty"`
+	Base64Array   []string    `json:"base64Array,omitempty"`
+	AccountFilter interface{} `json:"accountFilter,omitempty"`
+	NotifyHook    string      `json:"notifyHook,omitempty"`
+	State         string      `json:"state,omitempty"`
+}
+
+type ImageRes struct {
+	Code        int    `json:"code"`
+	Description string `json:"description"`
+	Properties  struct {
+	} `json:"properties"`
+	Result string `json:"result"`
+}
+
+type ErrRes struct {
+	Error struct {
+		Message string `json:"message"`
+	} `json:"error"`
+}
+
+type QueryRes struct {
+	Action  string `json:"action"`
+	Buttons []struct {
+		CustomId string `json:"customId"`
+		Emoji    string `json:"emoji"`
+		Label    string `json:"label"`
+		Style    int    `json:"style"`
+		Type     int    `json:"type"`
+	} `json:"buttons"`
+	Description string `json:"description"`
+	FailReason  string `json:"failReason"`
+	FinishTime  int    `json:"finishTime"`
+	Id          string `json:"id"`
+	ImageUrl    string `json:"imageUrl"`
+	Progress    string `json:"progress"`
+	Prompt      string `json:"prompt"`
+	PromptEn    string `json:"promptEn"`
+	Properties  struct {
+	} `json:"properties"`
+	StartTime  int    `json:"startTime"`
+	State      string `json:"state"`
+	Status     string `json:"status"`
+	SubmitTime int    `json:"submitTime"`
+}
--- a/api/service/mj/plus_client.go
+++ b/api/service/mj/plus_client.go
@@ -0,0 +1,230 @@
+package mj
+
+import (
+	"chatplus/core/types"
+	"chatplus/utils"
+	"encoding/base64"
+	"errors"
+	"fmt"
+	"github.com/imroc/req/v3"
+	"io"
+	"time"
+
+	"github.com/gin-gonic/gin"
+)
+
+// PlusClient MidJourney Plus ProxyClient
+type PlusClient struct {
+	Config types.MjPlusConfig
+	apiURL string
+	client *req.Client
+}
+
+func NewPlusClient(config types.MjPlusConfig) *PlusClient {
+	return &PlusClient{
+		Config: config,
+		apiURL: config.ApiURL,
+		client: req.C().SetTimeout(time.Minute).SetUserAgent("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"),
+	}
+}
+
+func (c *PlusClient) Imagine(task types.MjTask) (ImageRes, error) {
+	apiURL := fmt.Sprintf("%s/mj-%s/mj/submit/imagine", c.apiURL, c.Config.Mode)
+	prompt := fmt.Sprintf("%s %s", task.Prompt, task.Params)
+	if task.NegPrompt != "" {
+		prompt += fmt.Sprintf(" --no %s", task.NegPrompt)
+	}
+	body := ImageReq{
+		BotType:     "MID_JOURNEY",
+		Prompt:      prompt,
+		Base64Array: make([]string, 0),
+	}
+	// 生成图片 Base64 编码
+	if len(task.ImgArr) > 0 {
+		imageData, err := utils.DownloadImage(task.ImgArr[0], "")
+		if err != nil {
+			logger.Error("error with download image: ", err)
+		} else {
+			body.Base64Array = append(body.Base64Array, "data:image/png;base64,"+base64.StdEncoding.EncodeToString(imageData))
+		}
+
+	}
+	logger.Info("API URL: ", apiURL)
+	var res ImageRes
+	var errRes ErrRes
+	r, err := c.client.R().
+		SetHeader("Authorization", "Bearer "+c.Config.ApiKey).
+		SetBody(body).
+		SetSuccessResult(&res).
+		SetErrorResult(&errRes).
+		Post(apiURL)
+	if err != nil {
+		return ImageRes{}, fmt.Errorf("请求 API %s 出错：%v", apiURL, err)
+	}
+
+	if r.IsErrorState() {
+		errStr, _ := io.ReadAll(r.Body)
+		return ImageRes{}, fmt.Errorf("API 返回错误：%s，%v", errRes.Error.Message, string(errStr))
+	}
+
+	return res, nil
+}
+
+// Blend 融图
+func (c *PlusClient) Blend(task types.MjTask) (ImageRes, error) {
+	apiURL := fmt.Sprintf("%s/mj-%s/mj/submit/blend", c.apiURL, c.Config.Mode)
+	body := ImageReq{
+		BotType:     "MID_JOURNEY",
+		Dimensions:  "SQUARE",
+		Base64Array: make([]string, 0),
+	}
+	// 生成图片 Base64 编码
+	if len(task.ImgArr) > 0 {
+		for _, imgURL := range task.ImgArr {
+			imageData, err := utils.DownloadImage(imgURL, "")
+			if err != nil {
+				logger.Error("error with download image: ", err)
+			} else {
+				body.Base64Array = append(body.Base64Array, "data:image/png;base64,"+base64.StdEncoding.EncodeToString(imageData))
+			}
+		}
+	}
+	var res ImageRes
+	var errRes ErrRes
+	r, err := c.client.R().
+		SetHeader("Authorization", "Bearer "+c.Config.ApiKey).
+		SetBody(body).
+		SetSuccessResult(&res).
+		SetErrorResult(&errRes).
+		Post(apiURL)
+	if err != nil {
+		return ImageRes{}, fmt.Errorf("请求 API %s 出错：%v", apiURL, err)
+	}
+
+	if r.IsErrorState() {
+		return ImageRes{}, fmt.Errorf("API 返回错误：%s", errRes.Error.Message)
+	}
+
+	return res, nil
+}
+
+// SwapFace 换脸
+func (c *PlusClient) SwapFace(task types.MjTask) (ImageRes, error) {
+	apiURL := fmt.Sprintf("%s/mj-%s/mj/insight-face/swap", c.apiURL, c.Config.Mode)
+	// 生成图片 Base64 编码
+	if len(task.ImgArr) != 2 {
+		return ImageRes{}, errors.New("参数错误，必须上传2张图片")
+	}
+	var sourceBase64 string
+	var targetBase64 string
+	imageData, err := utils.DownloadImage(task.ImgArr[0], "")
+	if err != nil {
+		logger.Error("error with download image: ", err)
+	} else {
+		sourceBase64 = "data:image/png;base64," + base64.StdEncoding.EncodeToString(imageData)
+	}
+	imageData, err = utils.DownloadImage(task.ImgArr[1], "")
+	if err != nil {
+		logger.Error("error with download image: ", err)
+	} else {
+		targetBase64 = "data:image/png;base64," + base64.StdEncoding.EncodeToString(imageData)
+	}
+
+	body := gin.H{
+		"sourceBase64": sourceBase64,
+		"targetBase64": targetBase64,
+		"accountFilter": gin.H{
+			"instanceId": "",
+		},
+		"state": "",
+	}
+	var res ImageRes
+	var errRes ErrRes
+	r, err := c.client.SetTimeout(time.Minute).R().
+		SetHeader("Authorization", "Bearer "+c.Config.ApiKey).
+		SetBody(body).
+		SetSuccessResult(&res).
+		SetErrorResult(&errRes).
+		Post(apiURL)
+	if err != nil {
+		return ImageRes{}, fmt.Errorf("请求 API %s 出错：%v", apiURL, err)
+	}
+
+	if r.IsErrorState() {
+		return ImageRes{}, fmt.Errorf("API 返回错误：%s", errRes.Error.Message)
+	}
+
+	return res, nil
+}
+
+// Upscale 放大指定的图片
+func (c *PlusClient) Upscale(task types.MjTask) (ImageRes, error) {
+	body := map[string]string{
+		"customId": fmt.Sprintf("MJ::JOB::upsample::%d::%s", task.Index, task.MessageHash),
+		"taskId":   task.MessageId,
+	}
+	apiURL := fmt.Sprintf("%s/mj/submit/action", c.apiURL)
+	var res ImageRes
+	var errRes ErrRes
+	r, err := c.client.R().
+		SetHeader("Authorization", "Bearer "+c.Config.ApiKey).
+		SetBody(body).
+		SetSuccessResult(&res).
+		SetErrorResult(&errRes).
+		Post(apiURL)
+	if err != nil {
+		return ImageRes{}, fmt.Errorf("请求 API 出错：%v", err)
+	}
+
+	if r.IsErrorState() {
+		return ImageRes{}, fmt.Errorf("API 返回错误：%s", errRes.Error.Message)
+	}
+
+	return res, nil
+}
+
+// Variation  以指定的图片的视角进行变换再创作，注意需要在对应的频道中关闭 Remix 变换，否则 Variation 指令将不会生效
+func (c *PlusClient) Variation(task types.MjTask) (ImageRes, error) {
+	body := map[string]string{
+		"customId": fmt.Sprintf("MJ::JOB::variation::%d::%s", task.Index, task.MessageHash),
+		"taskId":   task.MessageId,
+	}
+	apiURL := fmt.Sprintf("%s/mj/submit/action", c.apiURL)
+	var res ImageRes
+	var errRes ErrRes
+	r, err := req.C().R().
+		SetHeader("Authorization", "Bearer "+c.Config.ApiKey).
+		SetBody(body).
+		SetSuccessResult(&res).
+		SetErrorResult(&errRes).
+		Post(apiURL)
+	if err != nil {
+		return ImageRes{}, fmt.Errorf("请求 API 出错：%v", err)
+	}
+
+	if r.IsErrorState() {
+		return ImageRes{}, fmt.Errorf("API 返回错误：%s", errRes.Error.Message)
+	}
+
+	return res, nil
+}
+
+func (c *PlusClient) QueryTask(taskId string) (QueryRes, error) {
+	apiURL := fmt.Sprintf("%s/mj/task/%s/fetch", c.apiURL, taskId)
+	var res QueryRes
+	r, err := c.client.R().SetHeader("Authorization", "Bearer "+c.Config.ApiKey).
+		SetSuccessResult(&res).
+		Get(apiURL)
+
+	if err != nil {
+		return QueryRes{}, err
+	}
+
+	if r.IsErrorState() {
+		return QueryRes{}, errors.New("error status:" + r.Status)
+	}
+
+	return res, nil
+}
+
+var _ Client = &PlusClient{}
--- a/api/service/mj/pool.go
+++ b/api/service/mj/pool.go
@@ -0,0 +1,204 @@
+package mj
+
+import (
+	"chatplus/core/types"
+	logger2 "chatplus/logger"
+	"chatplus/service/oss"
+	"chatplus/store"
+	"chatplus/store/model"
+	"fmt"
+	"github.com/go-redis/redis/v8"
+	"time"
+
+	"gorm.io/gorm"
+)
+
+// ServicePool Mj service pool
+type ServicePool struct {
+	services        []*Service
+	taskQueue       *store.RedisQueue
+	notifyQueue     *store.RedisQueue
+	db              *gorm.DB
+	uploaderManager *oss.UploaderManager
+	Clients         *types.LMap[uint, *types.WsClient] // UserId => Client
+}
+
+var logger = logger2.GetLogger()
+
+func NewServicePool(db *gorm.DB, redisCli *redis.Client, manager *oss.UploaderManager, appConfig *types.AppConfig) *ServicePool {
+	services := make([]*Service, 0)
+	taskQueue := store.NewRedisQueue("MidJourney_Task_Queue", redisCli)
+	notifyQueue := store.NewRedisQueue("MidJourney_Notify_Queue", redisCli)
+
+	for k, config := range appConfig.MjPlusConfigs {
+		if config.Enabled == false {
+			continue
+		}
+		cli := NewPlusClient(config)
+		name := fmt.Sprintf("mj-plus-service-%d", k)
+		service := NewService(name, taskQueue, notifyQueue, 4, 600, db, cli)
+		go func() {
+			service.Run()
+		}()
+		services = append(services, service)
+	}
+
+	for k, config := range appConfig.MjProxyConfigs {
+		if config.Enabled == false {
+			continue
+		}
+		cli := NewProxyClient(config)
+		name := fmt.Sprintf("mj-proxy-service-%d", k)
+		service := NewService(name, taskQueue, notifyQueue, 4, 600, db, cli)
+		go func() {
+			service.Run()
+		}()
+		services = append(services, service)
+	}
+
+	return &ServicePool{
+		taskQueue:       taskQueue,
+		notifyQueue:     notifyQueue,
+		services:        services,
+		uploaderManager: manager,
+		db:              db,
+		Clients:         types.NewLMap[uint, *types.WsClient](),
+	}
+}
+
+func (p *ServicePool) CheckTaskNotify() {
+	go func() {
+		for {
+			var userId uint
+			err := p.notifyQueue.LPop(&userId)
+			if err != nil {
+				continue
+			}
+			cli := p.Clients.Get(userId)
+			if cli == nil {
+				continue
+			}
+			err = cli.Send([]byte("Task Updated"))
+			if err != nil {
+				continue
+			}
+		}
+	}()
+}
+
+func (p *ServicePool) DownloadImages() {
+	go func() {
+		var items []model.MidJourneyJob
+		for {
+			res := p.db.Where("img_url = ? AND progress = ?", "", 100).Find(&items)
+			if res.Error != nil {
+				continue
+			}
+
+			// download images
+			for _, v := range items {
+				if v.OrgURL == "" {
+					continue
+				}
+
+				logger.Infof("try to download image: %s", v.OrgURL)
+				var imgURL string
+				var err error
+				if servicePlus := p.getService(v.ChannelId); servicePlus != nil {
+					task, _ := servicePlus.Client.QueryTask(v.TaskId)
+					if len(task.Buttons) > 0 {
+						v.Hash = GetImageHash(task.Buttons[0].CustomId)
+					}
+					imgURL, err = p.uploaderManager.GetUploadHandler().PutImg(v.OrgURL, false)
+				} else {
+					imgURL, err = p.uploaderManager.GetUploadHandler().PutImg(v.OrgURL, true)
+				}
+				if err != nil {
+					logger.Errorf("error with download image %s, %v", v.OrgURL, err)
+					continue
+				} else {
+					logger.Infof("download image %s successfully.", v.OrgURL)
+				}
+
+				v.ImgURL = imgURL
+				p.db.Updates(&v)
+
+				cli := p.Clients.Get(uint(v.UserId))
+				if cli == nil {
+					continue
+				}
+				err = cli.Send([]byte("Task Updated"))
+				if err != nil {
+					continue
+				}
+			}
+
+			time.Sleep(time.Second * 5)
+		}
+	}()
+}
+
+// PushTask push a new mj task in to task queue
+func (p *ServicePool) PushTask(task types.MjTask) {
+	logger.Debugf("add a new MidJourney task to the task list: %+v", task)
+	p.taskQueue.RPush(task)
+}
+
+// HasAvailableService check if it has available mj service in pool
+func (p *ServicePool) HasAvailableService() bool {
+	return len(p.services) > 0
+}
+
+// SyncTaskProgress 异步拉取任务
+func (p *ServicePool) SyncTaskProgress() {
+	go func() {
+		var items []model.MidJourneyJob
+		for {
+			res := p.db.Where("progress < ?", 100).Find(&items)
+			if res.Error != nil {
+				continue
+			}
+
+			for _, job := range items {
+				// 失败或者 30 分钟还没完成的任务删除并退回算力
+				if time.Now().Sub(job.CreatedAt) > time.Minute*30 || job.Progress == -1 {
+					// 删除任务
+					p.db.Delete(&job)
+					// 退回算力
+					tx := p.db.Model(&model.User{}).Where("id = ?", job.UserId).UpdateColumn("power", gorm.Expr("power + ?", job.Power))
+					if tx.Error == nil && tx.RowsAffected > 0 {
+						var user model.User
+						p.db.Where("id = ?", job.UserId).First(&user)
+						p.db.Create(&model.PowerLog{
+							UserId:    user.Id,
+							Username:  user.Username,
+							Type:      types.PowerConsume,
+							Amount:    job.Power,
+							Balance:   user.Power + job.Power,
+							Mark:      types.PowerAdd,
+							Model:     "mid-journey",
+							Remark:    fmt.Sprintf("绘画任务失败，退回算力。任务ID：%s", job.TaskId),
+							CreatedAt: time.Now(),
+						})
+					}
+					continue
+				}
+
+				if servicePlus := p.getService(job.ChannelId); servicePlus != nil {
+					_ = servicePlus.Notify(job)
+				}
+			}
+
+			time.Sleep(time.Second)
+		}
+	}()
+}
+
+func (p *ServicePool) getService(name string) *Service {
+	for _, s := range p.services {
+		if s.Name == name {
+			return s
+		}
+	}
+	return nil
+}
--- a/api/service/mj/proxy_client.go
+++ b/api/service/mj/proxy_client.go
@@ -0,0 +1,178 @@
+package mj
+
+import (
+	"chatplus/core/types"
+	"chatplus/utils"
+	"encoding/base64"
+	"errors"
+	"fmt"
+	"github.com/imroc/req/v3"
+	"io"
+)
+
+// ProxyClient MidJourney Proxy Client
+type ProxyClient struct {
+	Config types.MjProxyConfig
+	apiURL string
+}
+
+func NewProxyClient(config types.MjProxyConfig) *ProxyClient {
+	return &ProxyClient{Config: config, apiURL: config.ApiURL}
+}
+
+func (c *ProxyClient) Imagine(task types.MjTask) (ImageRes, error) {
+	apiURL := fmt.Sprintf("%s/mj/submit/imagine", c.apiURL)
+	prompt := fmt.Sprintf("%s %s", task.Prompt, task.Params)
+	if task.NegPrompt != "" {
+		prompt += fmt.Sprintf(" --no %s", task.NegPrompt)
+	}
+	body := ImageReq{
+		Prompt:      prompt,
+		Base64Array: make([]string, 0),
+	}
+	// 生成图片 Base64 编码
+	if len(task.ImgArr) > 0 {
+		imageData, err := utils.DownloadImage(task.ImgArr[0], "")
+		if err != nil {
+			logger.Error("error with download image: ", err)
+		} else {
+			body.Base64Array = append(body.Base64Array, "data:image/png;base64,"+base64.StdEncoding.EncodeToString(imageData))
+		}
+
+	}
+	logger.Info("API URL: ", apiURL)
+	var res ImageRes
+	var errRes ErrRes
+	r, err := req.C().R().
+		SetHeader("mj-api-secret", c.Config.ApiKey).
+		SetBody(body).
+		SetSuccessResult(&res).
+		SetErrorResult(&errRes).
+		Post(apiURL)
+	if err != nil {
+		return ImageRes{}, fmt.Errorf("请求 API %s 出错：%v", apiURL, err)
+	}
+
+	if r.IsErrorState() {
+		errStr, _ := io.ReadAll(r.Body)
+		return ImageRes{}, fmt.Errorf("API 返回错误：%s，%v", errRes.Error.Message, string(errStr))
+	}
+
+	return res, nil
+}
+
+// Blend 融图
+func (c *ProxyClient) Blend(task types.MjTask) (ImageRes, error) {
+	apiURL := fmt.Sprintf("%s/mj/submit/blend", c.apiURL)
+	body := ImageReq{
+		Dimensions:  "SQUARE",
+		Base64Array: make([]string, 0),
+	}
+	// 生成图片 Base64 编码
+	if len(task.ImgArr) > 0 {
+		for _, imgURL := range task.ImgArr {
+			imageData, err := utils.DownloadImage(imgURL, "")
+			if err != nil {
+				logger.Error("error with download image: ", err)
+			} else {
+				body.Base64Array = append(body.Base64Array, "data:image/png;base64,"+base64.StdEncoding.EncodeToString(imageData))
+			}
+		}
+	}
+	var res ImageRes
+	var errRes ErrRes
+	r, err := req.C().R().
+		SetHeader("mj-api-secret", c.Config.ApiKey).
+		SetBody(body).
+		SetSuccessResult(&res).
+		SetErrorResult(&errRes).
+		Post(apiURL)
+	if err != nil {
+		return ImageRes{}, fmt.Errorf("请求 API %s 出错：%v", apiURL, err)
+	}
+
+	if r.IsErrorState() {
+		return ImageRes{}, fmt.Errorf("API 返回错误：%s", errRes.Error.Message)
+	}
+
+	return res, nil
+}
+
+// SwapFace 换脸
+func (c *ProxyClient) SwapFace(_ types.MjTask) (ImageRes, error) {
+	return ImageRes{}, errors.New("MidJourney-Proxy暂未实现该功能，请使用 MidJourney-Plus")
+}
+
+// Upscale 放大指定的图片
+func (c *ProxyClient) Upscale(task types.MjTask) (ImageRes, error) {
+	body := map[string]interface{}{
+		"action": "UPSCALE",
+		"index":  task.Index,
+		"taskId": task.MessageId,
+	}
+	apiURL := fmt.Sprintf("%s/mj/submit/change", c.apiURL)
+	var res ImageRes
+	var errRes ErrRes
+	r, err := req.C().R().
+		SetHeader("mj-api-secret", c.Config.ApiKey).
+		SetBody(body).
+		SetSuccessResult(&res).
+		SetErrorResult(&errRes).
+		Post(apiURL)
+	if err != nil {
+		return ImageRes{}, fmt.Errorf("请求 API 出错：%v", err)
+	}
+
+	if r.IsErrorState() {
+		return ImageRes{}, fmt.Errorf("API 返回错误：%s", errRes.Error.Message)
+	}
+
+	return res, nil
+}
+
+// Variation  以指定的图片的视角进行变换再创作，注意需要在对应的频道中关闭 Remix 变换，否则 Variation 指令将不会生效
+func (c *ProxyClient) Variation(task types.MjTask) (ImageRes, error) {
+	body := map[string]interface{}{
+		"action": "VARIATION",
+		"index":  task.Index,
+		"taskId": task.MessageId,
+	}
+	apiURL := fmt.Sprintf("%s/mj/submit/change", c.apiURL)
+	var res ImageRes
+	var errRes ErrRes
+	r, err := req.C().R().
+		SetHeader("mj-api-secret", c.Config.ApiKey).
+		SetBody(body).
+		SetSuccessResult(&res).
+		SetErrorResult(&errRes).
+		Post(apiURL)
+	if err != nil {
+		return ImageRes{}, fmt.Errorf("请求 API 出错：%v", err)
+	}
+
+	if r.IsErrorState() {
+		return ImageRes{}, fmt.Errorf("API 返回错误：%s", errRes.Error.Message)
+	}
+
+	return res, nil
+}
+
+func (c *ProxyClient) QueryTask(taskId string) (QueryRes, error) {
+	apiURL := fmt.Sprintf("%s/mj/task/%s/fetch", c.apiURL, taskId)
+	var res QueryRes
+	r, err := req.C().R().SetHeader("mj-api-secret", c.Config.ApiKey).
+		SetSuccessResult(&res).
+		Get(apiURL)
+
+	if err != nil {
+		return QueryRes{}, err
+	}
+
+	if r.IsErrorState() {
+		return QueryRes{}, errors.New("error status:" + r.Status)
+	}
+
+	return res, nil
+}
+
+var _ Client = &ProxyClient{}
--- a/api/service/mj/service.go
+++ b/api/service/mj/service.go
@@ -0,0 +1,223 @@
+package mj
+
+import (
+	"chatplus/core/types"
+	"chatplus/service"
+	"chatplus/store"
+	"chatplus/store/model"
+	"chatplus/utils"
+	"fmt"
+	"strings"
+	"sync/atomic"
+	"time"
+
+	"gorm.io/gorm"
+)
+
+// Service MJ 绘画服务
+type Service struct {
+	Name             string // service Name
+	Client           Client // MJ Client
+	taskQueue        *store.RedisQueue
+	notifyQueue      *store.RedisQueue
+	db               *gorm.DB
+	maxHandleTaskNum int32             // max task number current service can handle
+	HandledTaskNum   int32             // already handled task number
+	taskStartTimes   map[int]time.Time // task start time, to check if the task is timeout
+	taskTimeout      int64
+}
+
+func NewService(name string, taskQueue *store.RedisQueue, notifyQueue *store.RedisQueue, maxTaskNum int32, timeout int64, db *gorm.DB, cli Client) *Service {
+	return &Service{
+		Name:             name,
+		db:               db,
+		taskQueue:        taskQueue,
+		notifyQueue:      notifyQueue,
+		Client:           cli,
+		taskTimeout:      timeout,
+		maxHandleTaskNum: maxTaskNum,
+		taskStartTimes:   make(map[int]time.Time, 0),
+	}
+}
+
+func (s *Service) Run() {
+	logger.Infof("Starting MidJourney job consumer for %s", s.Name)
+	for {
+		s.checkTasks()
+		if !s.canHandleTask() {
+			// current service is full, can not handle more task
+			// waiting for running task finish
+			time.Sleep(time.Second * 3)
+			continue
+		}
+
+		var task types.MjTask
+		err := s.taskQueue.LPop(&task)
+		if err != nil {
+			logger.Errorf("taking task with error: %v", err)
+			continue
+		}
+
+		//  如果配置了多个中转平台的 API KEY
+		// U,V 操作必须和 Image 操作属于同一个平台，否则找不到关联任务，需重新放回任务列表
+		if task.ChannelId != "" && task.ChannelId != s.Name {
+			logger.Debugf("handle other service task, name: %s, channel_id: %s, drop it.", s.Name, task.ChannelId)
+			s.taskQueue.RPush(task)
+			time.Sleep(time.Second)
+			continue
+		}
+
+		// translate prompt
+		if utils.HasChinese(task.Prompt) {
+			content, err := utils.OpenAIRequest(s.db, fmt.Sprintf(service.TranslatePromptTemplate, task.Prompt))
+			if err == nil {
+				task.Prompt = content
+			} else {
+				logger.Warnf("error with translate prompt: %v", err)
+			}
+		}
+		// translate negative prompt
+		if task.NegPrompt != "" && utils.HasChinese(task.NegPrompt) {
+			content, err := utils.OpenAIRequest(s.db, fmt.Sprintf(service.TranslatePromptTemplate, task.NegPrompt))
+			if err == nil {
+				task.NegPrompt = content
+			} else {
+				logger.Warnf("error with translate prompt: %v", err)
+			}
+		}
+
+		var job model.MidJourneyJob
+		tx := s.db.Where("id = ?", task.Id).First(&job)
+		if tx.Error != nil {
+			logger.Error("任务不存在，任务ID：", task.TaskId)
+			continue
+		}
+
+		logger.Infof("%s handle a new MidJourney task: %+v", s.Name, task)
+		var res ImageRes
+		switch task.Type {
+		case types.TaskImage:
+			res, err = s.Client.Imagine(task)
+			break
+		case types.TaskUpscale:
+			res, err = s.Client.Upscale(task)
+			break
+		case types.TaskVariation:
+			res, err = s.Client.Variation(task)
+			break
+		case types.TaskBlend:
+			res, err = s.Client.Blend(task)
+			break
+		case types.TaskSwapFace:
+			res, err = s.Client.SwapFace(task)
+			break
+		}
+
+		if err != nil || (res.Code != 1 && res.Code != 22) {
+			errMsg := fmt.Sprintf("%v,%s", err, res.Description)
+			logger.Error("绘画任务执行失败：", errMsg)
+			job.Progress = -1
+			job.ErrMsg = errMsg
+			// update the task progress
+			s.db.Updates(&job)
+			// 任务失败，通知前端
+			s.notifyQueue.RPush(task.UserId)
+			continue
+		}
+		logger.Infof("任务提交成功：%+v", res)
+		// lock the task until the execute timeout
+		s.taskStartTimes[int(task.Id)] = time.Now()
+		atomic.AddInt32(&s.HandledTaskNum, 1)
+		// 更新任务 ID/频道
+		job.TaskId = res.Result
+		job.ChannelId = s.Name
+		s.db.Updates(&job)
+	}
+}
+
+// check if current service instance can handle more task
+func (s *Service) canHandleTask() bool {
+	handledNum := atomic.LoadInt32(&s.HandledTaskNum)
+	return handledNum < s.maxHandleTaskNum
+}
+
+// remove the timeout tasks
+func (s *Service) checkTasks() {
+	for k, t := range s.taskStartTimes {
+		if time.Now().Unix()-t.Unix() > s.taskTimeout {
+			delete(s.taskStartTimes, k)
+			atomic.AddInt32(&s.HandledTaskNum, -1)
+
+			s.db.Model(&model.MidJourneyJob{Id: uint(k)}).UpdateColumns(map[string]interface{}{
+				"progress": -1,
+				"err_msg":  "任务超时",
+			})
+		}
+	}
+}
+
+type CBReq struct {
+	Id          string      `json:"id"`
+	Action      string      `json:"action"`
+	Status      string      `json:"status"`
+	Prompt      string      `json:"prompt"`
+	PromptEn    string      `json:"promptEn"`
+	Description string      `json:"description"`
+	SubmitTime  int64       `json:"submitTime"`
+	StartTime   int64       `json:"startTime"`
+	FinishTime  int64       `json:"finishTime"`
+	Progress    string      `json:"progress"`
+	ImageUrl    string      `json:"imageUrl"`
+	FailReason  interface{} `json:"failReason"`
+	Properties  struct {
+		FinalPrompt string `json:"finalPrompt"`
+	} `json:"properties"`
+}
+
+func (s *Service) Notify(job model.MidJourneyJob) error {
+	task, err := s.Client.QueryTask(job.TaskId)
+	if err != nil {
+		return err
+	}
+
+	// 任务执行失败了
+	if task.FailReason != "" {
+		s.db.Model(&model.MidJourneyJob{Id: job.Id}).UpdateColumns(map[string]interface{}{
+			"progress": -1,
+			"err_msg":  task.FailReason,
+		})
+		return fmt.Errorf("task failed: %v", task.FailReason)
+	}
+
+	if len(task.Buttons) > 0 {
+		job.Hash = GetImageHash(task.Buttons[0].CustomId)
+	}
+	oldProgress := job.Progress
+	job.Progress = utils.IntValue(strings.Replace(task.Progress, "%", "", 1), 0)
+	job.Prompt = task.PromptEn
+	if task.ImageUrl != "" {
+		job.OrgURL = task.ImageUrl
+	}
+	job.MessageId = task.Id
+	tx := s.db.Updates(&job)
+	if tx.Error != nil {
+		return fmt.Errorf("error with update database: %v", tx.Error)
+	}
+	if task.Status == "SUCCESS" {
+		// release lock task
+		atomic.AddInt32(&s.HandledTaskNum, -1)
+	}
+	// 通知前端更新任务进度
+	if oldProgress != job.Progress {
+		s.notifyQueue.RPush(job.UserId)
+	}
+	return nil
+}
+
+func GetImageHash(action string) string {
+	split := strings.Split(action, "::")
+	if len(split) > 5 {
+		return split[4]
+	}
+	return split[len(split)-1]
+}
--- a/api/service/oss/aliyun_oss.go
+++ b/api/service/oss/aliyun_oss.go
@@ -0,0 +1,130 @@
+package oss
+
+import (
+	"bytes"
+	"chatplus/core/types"
+	"chatplus/utils"
+	"encoding/base64"
+	"fmt"
+	"net/url"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/aliyun/aliyun-oss-go-sdk/oss"
+	"github.com/gin-gonic/gin"
+)
+
+type AliYunOss struct {
+	config   *types.AliYunOssConfig
+	bucket   *oss.Bucket
+	proxyURL string
+}
+
+func NewAliYunOss(appConfig *types.AppConfig) (*AliYunOss, error) {
+	config := &appConfig.OSS.AliYun
+	// 创建 OSS 客户端
+	client, err := oss.New(config.Endpoint, config.AccessKey, config.AccessSecret)
+	if err != nil {
+		return nil, err
+	}
+
+	// 获取存储空间
+	bucket, err := client.Bucket(config.Bucket)
+	if err != nil {
+		return nil, err
+	}
+
+	if config.SubDir == "" {
+		config.SubDir = "gpt"
+	}
+
+	return &AliYunOss{
+		config:   config,
+		bucket:   bucket,
+		proxyURL: appConfig.ProxyURL,
+	}, nil
+
+}
+
+func (s AliYunOss) PutFile(ctx *gin.Context, name string) (File, error) {
+	// 解析表单
+	file, err := ctx.FormFile(name)
+	if err != nil {
+		return File{}, err
+	}
+	// 打开上传文件
+	src, err := file.Open()
+	if err != nil {
+		return File{}, err
+	}
+	defer src.Close()
+
+	fileExt := filepath.Ext(file.Filename)
+	objectKey := fmt.Sprintf("%s/%d%s", s.config.SubDir, time.Now().UnixMicro(), fileExt)
+	// 上传文件
+	err = s.bucket.PutObject(objectKey, src)
+	if err != nil {
+		return File{}, err
+	}
+
+	return File{
+		Name:   file.Filename,
+		ObjKey: objectKey,
+		URL:    fmt.Sprintf("%s/%s", s.config.Domain, objectKey),
+		Ext:    fileExt,
+		Size:   file.Size,
+	}, nil
+}
+
+func (s AliYunOss) PutImg(imageURL string, useProxy bool) (string, error) {
+	var imageData []byte
+	var err error
+	if useProxy {
+		imageData, err = utils.DownloadImage(imageURL, s.proxyURL)
+	} else {
+		imageData, err = utils.DownloadImage(imageURL, "")
+	}
+	if err != nil {
+		return "", fmt.Errorf("error with download image: %v", err)
+	}
+	parse, err := url.Parse(imageURL)
+	if err != nil {
+		return "", fmt.Errorf("error with parse image URL: %v", err)
+	}
+	fileExt := utils.GetImgExt(parse.Path)
+	objectKey := fmt.Sprintf("%s/%d%s", s.config.SubDir, time.Now().UnixMicro(), fileExt)
+	// 上传文件字节数据
+	err = s.bucket.PutObject(objectKey, bytes.NewReader(imageData))
+	if err != nil {
+		return "", err
+	}
+	return fmt.Sprintf("%s/%s", s.config.Domain, objectKey), nil
+}
+
+func (s AliYunOss) PutBase64(base64Img string) (string, error) {
+	imageData, err := base64.StdEncoding.DecodeString(base64Img)
+	if err != nil {
+		return "", fmt.Errorf("error decoding base64:%v", err)
+	}
+	objectKey := fmt.Sprintf("%s/%d.png", s.config.SubDir, time.Now().UnixMicro())
+	// 上传文件字节数据
+	err = s.bucket.PutObject(objectKey, bytes.NewReader(imageData))
+	if err != nil {
+		return "", err
+	}
+	return fmt.Sprintf("%s/%s", s.config.Domain, objectKey), nil
+}
+
+func (s AliYunOss) Delete(fileURL string) error {
+	var objectKey string
+	if strings.HasPrefix(fileURL, "http") {
+		filename := filepath.Base(fileURL)
+		objectKey = fmt.Sprintf("%s/%s", s.config.SubDir, filename)
+	} else {
+		objectKey = fileURL
+	}
+	return s.bucket.DeleteObject(objectKey)
+}
+
+var _ Uploader = AliYunOss{}
--- a/api/service/oss/localstorage.go
+++ b/api/service/oss/localstorage.go
@@ -0,0 +1,98 @@
+package oss
+
+import (
+	"chatplus/core/types"
+	"chatplus/utils"
+	"encoding/base64"
+	"fmt"
+	"github.com/gin-gonic/gin"
+	"net/url"
+	"os"
+	"path/filepath"
+	"strings"
+)
+
+type LocalStorage struct {
+	config   *types.LocalStorageConfig
+	proxyURL string
+}
+
+func NewLocalStorage(config *types.AppConfig) LocalStorage {
+	return LocalStorage{
+		config:   &config.OSS.Local,
+		proxyURL: config.ProxyURL,
+	}
+}
+
+func (s LocalStorage) PutFile(ctx *gin.Context, name string) (File, error) {
+	file, err := ctx.FormFile(name)
+	if err != nil {
+		return File{}, fmt.Errorf("error with get form: %v", err)
+	}
+
+	path, err := utils.GenUploadPath(s.config.BasePath, file.Filename, false)
+	if err != nil {
+		return File{}, fmt.Errorf("error with generate filename: %s", err.Error())
+	}
+	// 将文件保存到指定路径
+	err = ctx.SaveUploadedFile(file, path)
+	if err != nil {
+		return File{}, fmt.Errorf("error with save upload file: %s", err.Error())
+	}
+
+	ext := filepath.Ext(file.Filename)
+	return File{
+		Name:   file.Filename,
+		ObjKey: path,
+		URL:    utils.GenUploadUrl(s.config.BasePath, s.config.BaseURL, path),
+		Ext:    ext,
+		Size:   file.Size,
+	}, nil
+}
+
+func (s LocalStorage) PutImg(imageURL string, useProxy bool) (string, error) {
+	parse, err := url.Parse(imageURL)
+	if err != nil {
+		return "", fmt.Errorf("error with parse image URL: %v", err)
+	}
+	filename := filepath.Base(parse.Path)
+	filePath, err := utils.GenUploadPath(s.config.BasePath, filename, true)
+	if err != nil {
+		return "", fmt.Errorf("error with generate image dir: %v", err)
+	}
+
+	if useProxy {
+		err = utils.DownloadFile(imageURL, filePath, s.proxyURL)
+	} else {
+		err = utils.DownloadFile(imageURL, filePath, "")
+	}
+	if err != nil {
+		return "", fmt.Errorf("error with download image: %v", err)
+	}
+
+	return utils.GenUploadUrl(s.config.BasePath, s.config.BaseURL, filePath), nil
+}
+
+func (s LocalStorage) PutBase64(base64Img string) (string, error) {
+	imageData, err := base64.StdEncoding.DecodeString(base64Img)
+	if err != nil {
+		return "", fmt.Errorf("error decoding base64:%v", err)
+	}
+	filePath, err := utils.GenUploadPath(s.config.BasePath, "", true)
+	err = os.WriteFile(filePath, imageData, 0644)
+	if err != nil {
+		return "", fmt.Errorf("error writing to file:%v", err)
+	}
+
+	return utils.GenUploadUrl(s.config.BasePath, s.config.BaseURL, filePath), nil
+}
+
+func (s LocalStorage) Delete(fileURL string) error {
+	if _, err := os.Stat(fileURL); err == nil {
+		return os.Remove(fileURL)
+	}
+	filePath := strings.Replace(fileURL, s.config.BaseURL, s.config.BasePath, 1)
+	return os.Remove(filePath)
+}
+
+var _ Uploader = LocalStorage{}
--- a/api/service/oss/minio_oss.go
+++ b/api/service/oss/minio_oss.go
@@ -0,0 +1,130 @@
+package oss
+
+import (
+	"chatplus/core/types"
+	"chatplus/utils"
+	"context"
+	"encoding/base64"
+	"fmt"
+	"net/url"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/minio/minio-go/v7"
+	"github.com/minio/minio-go/v7/pkg/credentials"
+)
+
+type MiniOss struct {
+	config   *types.MiniOssConfig
+	client   *minio.Client
+	proxyURL string
+}
+
+func NewMiniOss(appConfig *types.AppConfig) (MiniOss, error) {
+	config := &appConfig.OSS.Minio
+	minioClient, err := minio.New(config.Endpoint, &minio.Options{
+		Creds:  credentials.NewStaticV4(config.AccessKey, config.AccessSecret, ""),
+		Secure: config.UseSSL,
+	})
+	if err != nil {
+		return MiniOss{}, err
+	}
+	if config.SubDir == "" {
+		config.SubDir = "gpt"
+	}
+	return MiniOss{config: config, client: minioClient, proxyURL: appConfig.ProxyURL}, nil
+}
+
+func (s MiniOss) PutImg(imageURL string, useProxy bool) (string, error) {
+	var imageData []byte
+	var err error
+	if useProxy {
+		imageData, err = utils.DownloadImage(imageURL, s.proxyURL)
+	} else {
+		imageData, err = utils.DownloadImage(imageURL, "")
+	}
+	if err != nil {
+		return "", fmt.Errorf("error with download image: %v", err)
+	}
+	parse, err := url.Parse(imageURL)
+	if err != nil {
+		return "", fmt.Errorf("error with parse image URL: %v", err)
+	}
+	fileExt := filepath.Ext(parse.Path)
+	filename := fmt.Sprintf("%s/%d%s", s.config.SubDir, time.Now().UnixMicro(), fileExt)
+	info, err := s.client.PutObject(
+		context.Background(),
+		s.config.Bucket,
+		filename,
+		strings.NewReader(string(imageData)),
+		int64(len(imageData)),
+		minio.PutObjectOptions{ContentType: "image/png"})
+	if err != nil {
+		return "", err
+	}
+	return fmt.Sprintf("%s/%s/%s", s.config.Domain, s.config.Bucket, info.Key), nil
+}
+
+func (s MiniOss) PutFile(ctx *gin.Context, name string) (File, error) {
+	file, err := ctx.FormFile(name)
+	if err != nil {
+		return File{}, fmt.Errorf("error with get form: %v", err)
+	}
+	// Open the uploaded file
+	fileReader, err := file.Open()
+	if err != nil {
+		return File{}, fmt.Errorf("error opening file: %v", err)
+	}
+	defer fileReader.Close()
+
+	fileExt := utils.GetImgExt(file.Filename)
+	filename := fmt.Sprintf("%s/%d%s", s.config.SubDir, time.Now().UnixMicro(), fileExt)
+	info, err := s.client.PutObject(ctx, s.config.Bucket, filename, fileReader, file.Size, minio.PutObjectOptions{
+		ContentType: file.Header.Get("Content-Type"),
+	})
+	if err != nil {
+		return File{}, fmt.Errorf("error uploading to MinIO: %v", err)
+	}
+
+	return File{
+		Name:   file.Filename,
+		ObjKey: info.Key,
+		URL:    fmt.Sprintf("%s/%s/%s", s.config.Domain, s.config.Bucket, info.Key),
+		Ext:    fileExt,
+		Size:   file.Size,
+	}, nil
+}
+
+func (s MiniOss) PutBase64(base64Img string) (string, error) {
+	imageData, err := base64.StdEncoding.DecodeString(base64Img)
+	if err != nil {
+		return "", fmt.Errorf("error decoding base64:%v", err)
+	}
+	objectKey := fmt.Sprintf("%s/%d.png", s.config.SubDir, time.Now().UnixMicro())
+	info, err := s.client.PutObject(
+		context.Background(),
+		s.config.Bucket,
+		objectKey,
+		strings.NewReader(string(imageData)),
+		int64(len(imageData)),
+		minio.PutObjectOptions{ContentType: "image/png"})
+	if err != nil {
+		return "", err
+	}
+	return fmt.Sprintf("%s/%s/%s", s.config.Domain, s.config.Bucket, info.Key), nil
+}
+
+func (s MiniOss) Delete(fileURL string) error {
+	var objectKey string
+	if strings.HasPrefix(fileURL, "http") {
+		filename := filepath.Base(fileURL)
+		objectKey = fmt.Sprintf("%s/%s", s.config.SubDir, filename)
+	} else {
+		objectKey = fileURL
+	}
+	return s.client.RemoveObject(context.Background(), s.config.Bucket, objectKey, minio.RemoveObjectOptions{})
+}
+
+var _ Uploader = MiniOss{}
--- a/api/service/oss/qiniu_oss.go
+++ b/api/service/oss/qiniu_oss.go
@@ -0,0 +1,144 @@
+package oss
+
+import (
+	"bytes"
+	"chatplus/core/types"
+	"chatplus/utils"
+	"context"
+	"encoding/base64"
+	"fmt"
+	"net/url"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/qiniu/go-sdk/v7/auth/qbox"
+	"github.com/qiniu/go-sdk/v7/storage"
+)
+
+type QinNiuOss struct {
+	config    *types.QiNiuOssConfig
+	mac       *qbox.Mac
+	putPolicy storage.PutPolicy
+	uploader  *storage.FormUploader
+	manager   *storage.BucketManager
+	proxyURL  string
+}
+
+func NewQiNiuOss(appConfig *types.AppConfig) QinNiuOss {
+	config := &appConfig.OSS.QiNiu
+	// build storage uploader
+	zone, ok := storage.GetRegionByID(storage.RegionID(config.Zone))
+	if !ok {
+		zone = storage.ZoneHuanan
+	}
+	storeConfig := storage.Config{Zone: &zone}
+	formUploader := storage.NewFormUploader(&storeConfig)
+	// generate token
+	mac := qbox.NewMac(config.AccessKey, config.AccessSecret)
+	putPolicy := storage.PutPolicy{
+		Scope: config.Bucket,
+	}
+	if config.SubDir == "" {
+		config.SubDir = "gpt"
+	}
+	return QinNiuOss{
+		config:    config,
+		mac:       mac,
+		putPolicy: putPolicy,
+		uploader:  formUploader,
+		manager:   storage.NewBucketManager(mac, &storeConfig),
+		proxyURL:  appConfig.ProxyURL,
+	}
+}
+
+func (s QinNiuOss) PutFile(ctx *gin.Context, name string) (File, error) {
+	// 解析表单
+	file, err := ctx.FormFile(name)
+	if err != nil {
+		return File{}, err
+	}
+	// 打开上传文件
+	src, err := file.Open()
+	if err != nil {
+		return File{}, err
+	}
+	defer src.Close()
+
+	fileExt := filepath.Ext(file.Filename)
+	key := fmt.Sprintf("%s/%d%s", s.config.SubDir, time.Now().UnixMicro(), fileExt)
+	// 上传文件
+	ret := storage.PutRet{}
+	extra := storage.PutExtra{}
+	err = s.uploader.Put(ctx, &ret, s.putPolicy.UploadToken(s.mac), key, src, file.Size, &extra)
+	if err != nil {
+		return File{}, err
+	}
+
+	return File{
+		Name:   file.Filename,
+		ObjKey: key,
+		URL:    fmt.Sprintf("%s/%s", s.config.Domain, ret.Key),
+		Ext:    fileExt,
+		Size:   file.Size,
+	}, nil
+
+}
+
+func (s QinNiuOss) PutImg(imageURL string, useProxy bool) (string, error) {
+	var imageData []byte
+	var err error
+	if useProxy {
+		imageData, err = utils.DownloadImage(imageURL, s.proxyURL)
+	} else {
+		imageData, err = utils.DownloadImage(imageURL, "")
+	}
+	if err != nil {
+		return "", fmt.Errorf("error with download image: %v", err)
+	}
+	parse, err := url.Parse(imageURL)
+	if err != nil {
+		return "", fmt.Errorf("error with parse image URL: %v", err)
+	}
+	fileExt := utils.GetImgExt(parse.Path)
+	key := fmt.Sprintf("%s/%d%s", s.config.SubDir, time.Now().UnixMicro(), fileExt)
+	ret := storage.PutRet{}
+	extra := storage.PutExtra{}
+	// 上传文件字节数据
+	err = s.uploader.Put(context.Background(), &ret, s.putPolicy.UploadToken(s.mac), key, bytes.NewReader(imageData), int64(len(imageData)), &extra)
+	if err != nil {
+		return "", err
+	}
+	return fmt.Sprintf("%s/%s", s.config.Domain, ret.Key), nil
+}
+
+func (s QinNiuOss) PutBase64(base64Img string) (string, error) {
+	imageData, err := base64.StdEncoding.DecodeString(base64Img)
+	if err != nil {
+		return "", fmt.Errorf("error decoding base64:%v", err)
+	}
+	objectKey := fmt.Sprintf("%s/%d.png", s.config.SubDir, time.Now().UnixMicro())
+	ret := storage.PutRet{}
+	extra := storage.PutExtra{}
+	// 上传文件字节数据
+	err = s.uploader.Put(context.Background(), &ret, s.putPolicy.UploadToken(s.mac), objectKey, bytes.NewReader(imageData), int64(len(imageData)), &extra)
+	if err != nil {
+		return "", err
+	}
+	return fmt.Sprintf("%s/%s", s.config.Domain, ret.Key), nil
+}
+
+func (s QinNiuOss) Delete(fileURL string) error {
+	var objectKey string
+	if strings.HasPrefix(fileURL, "http") {
+		filename := filepath.Base(fileURL)
+		objectKey = fmt.Sprintf("%s/%s", s.config.SubDir, filename)
+	} else {
+		objectKey = fileURL
+	}
+
+	return s.manager.Delete(s.config.Bucket, objectKey)
+}
+
+var _ Uploader = QinNiuOss{}
--- a/api/service/oss/uploader.go
+++ b/api/service/oss/uploader.go
@@ -0,0 +1,22 @@
+package oss
+
+import "github.com/gin-gonic/gin"
+
+const Local = "LOCAL"
+const Minio = "MINIO"
+const QiNiu = "QINIU"
+const AliYun = "ALIYUN"
+
+type File struct {
+	Name   string `json:"name"`
+	ObjKey string `json:"obj_key"`
+	Size   int64  `json:"size"`
+	URL    string `json:"url"`
+	Ext    string `json:"ext"`
+}
+type Uploader interface {
+	PutFile(ctx *gin.Context, name string) (File, error)
+	PutImg(imageURL string, useProxy bool) (string, error)
+	PutBase64(imageData string) (string, error)
+	Delete(fileURL string) error
+}
--- a/api/service/oss/uploader_manager.go
+++ b/api/service/oss/uploader_manager.go
@@ -0,0 +1,46 @@
+package oss
+
+import (
+	"chatplus/core/types"
+	"strings"
+)
+
+type UploaderManager struct {
+	handler Uploader
+}
+
+func NewUploaderManager(config *types.AppConfig) (*UploaderManager, error) {
+	active := Local
+	if config.OSS.Active != "" {
+		active = strings.ToUpper(config.OSS.Active)
+	}
+	var handler Uploader
+	switch active {
+	case Local:
+		handler = NewLocalStorage(config)
+		break
+	case Minio:
+		client, err := NewMiniOss(config)
+		if err != nil {
+			return nil, err
+		}
+		handler = client
+		break
+	case QiNiu:
+		handler = NewQiNiuOss(config)
+		break
+	case AliYun:
+		client, err := NewAliYunOss(config)
+		if err != nil {
+			return nil, err
+		}
+		handler = client
+		break
+	}
+
+	return &UploaderManager{handler: handler}, nil
+}
+
+func (m *UploaderManager) GetUploadHandler() Uploader {
+	return m.handler
+}
--- a/api/service/payment/alipay_service.go
+++ b/api/service/payment/alipay_service.go
@@ -0,0 +1,142 @@
+package payment
+
+import (
+	"chatplus/core/types"
+	logger2 "chatplus/logger"
+	"fmt"
+	"github.com/smartwalle/alipay/v3"
+	"log"
+	"net/url"
+	"os"
+)
+
+type AlipayService struct {
+	config *types.AlipayConfig
+	client *alipay.Client
+}
+
+var logger = logger2.GetLogger()
+
+func NewAlipayService(appConfig *types.AppConfig) (*AlipayService, error) {
+	config := appConfig.AlipayConfig
+	if !config.Enabled {
+		logger.Info("Disabled Alipay service")
+		return nil, nil
+	}
+	priKey, err := readKey(config.PrivateKey)
+	if err != nil {
+		return nil, fmt.Errorf("error with read App Private key: %v", err)
+	}
+
+	xClient, err := alipay.New(config.AppId, priKey, !config.SandBox)
+	if err != nil {
+		return nil, fmt.Errorf("error with initialize alipay service: %v", err)
+	}
+
+	if err = xClient.LoadAppCertPublicKeyFromFile(config.PublicKey); err != nil {
+		return nil, fmt.Errorf("error with loading App PublicKey: %v", err)
+	}
+	if err = xClient.LoadAliPayRootCertFromFile(config.RootCert); err != nil {
+		return nil, fmt.Errorf("error with loading alipay RootCert: %v", err)
+	}
+	if err = xClient.LoadAlipayCertPublicKeyFromFile(config.AlipayPublicKey); err != nil {
+		return nil, fmt.Errorf("error with loading Alipay PublicKey: %v", err)
+	}
+
+	return &AlipayService{config: &config, client: xClient}, nil
+}
+
+func (s *AlipayService) PayUrlMobile(outTradeNo string, notifyURL string, returnURL string, Amount string, subject string) (string, error) {
+	var p = alipay.TradeWapPay{}
+	p.NotifyURL = notifyURL
+	p.ReturnURL = returnURL
+	p.Subject = subject
+	p.OutTradeNo = outTradeNo
+	p.TotalAmount = Amount
+	p.ProductCode = "QUICK_WAP_WAY"
+	res, err := s.client.TradeWapPay(p)
+	if err != nil {
+		return "", err
+	}
+
+	return res.String(), err
+}
+
+func (s *AlipayService) PayUrlPc(outTradeNo string, notifyURL string, returnURL string, amount string, subject string) (string, error) {
+	var p = alipay.TradePagePay{}
+	p.NotifyURL = notifyURL
+	p.ReturnURL = returnURL
+	p.Subject = subject
+	p.OutTradeNo = outTradeNo
+	p.TotalAmount = amount
+	p.ProductCode = "FAST_INSTANT_TRADE_PAY"
+	res, err := s.client.TradePagePay(p)
+	if err != nil {
+		return "", nil
+	}
+
+	return res.String(), err
+}
+
+// TradeVerify 交易验证
+func (s *AlipayService) TradeVerify(reqForm url.Values) NotifyVo {
+	err := s.client.VerifySign(reqForm)
+	if err != nil {
+		log.Println("异步通知验证签名发生错误", err)
+		return NotifyVo{
+			Status:  0,
+			Message: "异步通知验证签名发生错误",
+		}
+	}
+
+	return s.TradeQuery(reqForm.Get("out_trade_no"))
+}
+
+func (s *AlipayService) TradeQuery(outTradeNo string) NotifyVo {
+	var p = alipay.TradeQuery{}
+	p.OutTradeNo = outTradeNo
+	rsp, err := s.client.TradeQuery(p)
+	if err != nil {
+		return NotifyVo{
+			Status:  0,
+			Message: "异步查询验证订单信息发生错误" + outTradeNo + err.Error(),
+		}
+	}
+
+	if rsp.IsSuccess() == true && rsp.TradeStatus == "TRADE_SUCCESS" {
+		return NotifyVo{
+			Status:     1,
+			OutTradeNo: rsp.OutTradeNo,
+			TradeNo:    rsp.TradeNo,
+			Amount:     rsp.TotalAmount,
+			Subject:    rsp.Subject,
+			Message:    "OK",
+		}
+	} else {
+		return NotifyVo{
+			Status:  0,
+			Message: "异步查询验证订单信息发生错误" + outTradeNo,
+		}
+	}
+}
+
+func readKey(filename string) (string, error) {
+	data, err := os.ReadFile(filename)
+	if err != nil {
+		return "", err
+	}
+	return string(data), nil
+}
+
+type NotifyVo struct {
+	Status     int
+	OutTradeNo string
+	TradeNo    string
+	Amount     string
+	Message    string
+	Subject    string
+}
+
+func (v NotifyVo) Success() bool {
+	return v.Status == 1
+}
--- a/api/service/payment/hupipay_serive.go
+++ b/api/service/payment/hupipay_serive.go
@@ -0,0 +1,162 @@
+package payment
+
+import (
+	"chatplus/core/types"
+	"chatplus/utils"
+	"crypto/md5"
+	"encoding/hex"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"sort"
+	"strconv"
+	"strings"
+	"time"
+)
+
+type HuPiPayService struct {
+	appId     string
+	appSecret string
+	apiURL    string
+}
+
+func NewHuPiPay(config *types.AppConfig) *HuPiPayService {
+	return &HuPiPayService{
+		appId:     config.HuPiPayConfig.AppId,
+		appSecret: config.HuPiPayConfig.AppSecret,
+		apiURL:    config.HuPiPayConfig.ApiURL,
+	}
+}
+
+type HuPiPayReq struct {
+	AppId        string `json:"appid"`
+	Version      string `json:"version"`
+	TradeOrderId string `json:"trade_order_id"`
+	TotalFee     string `json:"total_fee"`
+	Title        string `json:"title"`
+	NotifyURL    string `json:"notify_url"`
+	ReturnURL    string `json:"return_url"`
+	WapName      string `json:"wap_name"`
+	CallbackURL  string `json:"callback_url"`
+	Time         string `json:"time"`
+	NonceStr     string `json:"nonce_str"`
+}
+
+type HuPiResp struct {
+	Openid    interface{} `json:"openid"`
+	UrlQrcode string      `json:"url_qrcode"`
+	URL       string      `json:"url"`
+	ErrCode   int         `json:"errcode"`
+	ErrMsg    string      `json:"errmsg,omitempty"`
+}
+
+// Pay 执行支付请求操作
+func (s *HuPiPayService) Pay(params HuPiPayReq) (HuPiResp, error) {
+	data := url.Values{}
+	simple := strconv.FormatInt(time.Now().Unix(), 10)
+	params.AppId = s.appId
+	params.Time = simple
+	params.NonceStr = simple
+	encode := utils.JsonEncode(params)
+	m := make(map[string]string)
+	_ = utils.JsonDecode(encode, &m)
+	for k, v := range m {
+		data.Add(k, fmt.Sprintf("%v", v))
+	}
+	// 生成签名
+	data.Add("hash", s.Sign(data))
+	// 发送支付请求
+	apiURL := fmt.Sprintf("%s/payment/do.html", s.apiURL)
+	resp, err := http.PostForm(apiURL, data)
+	if err != nil {
+		return HuPiResp{}, fmt.Errorf("error with requst api: %v", err)
+	}
+	defer resp.Body.Close()
+	all, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return HuPiResp{}, fmt.Errorf("error with reading response: %v", err)
+	}
+
+	var res HuPiResp
+	err = utils.JsonDecode(string(all), &res)
+	if err != nil {
+		return HuPiResp{}, fmt.Errorf("error with decode payment result: %v", err)
+	}
+
+	if res.ErrCode != 0 {
+		return HuPiResp{}, fmt.Errorf("error with generate pay url: %s", res.ErrMsg)
+	}
+
+	return res, nil
+}
+
+// Sign 签名方法
+func (s *HuPiPayService) Sign(params url.Values) string {
+	params.Del(`Sign`)
+	var keys = make([]string, 0, 0)
+	for key := range params {
+		if params.Get(key) != `` {
+			keys = append(keys, key)
+		}
+	}
+	sort.Strings(keys)
+
+	var pList = make([]string, 0, 0)
+	for _, key := range keys {
+		var value = strings.TrimSpace(params.Get(key))
+		if len(value) > 0 {
+			pList = append(pList, key+"="+value)
+		}
+	}
+	var src = strings.Join(pList, "&")
+	src += s.appSecret
+
+	md5bs := md5.Sum([]byte(src))
+	return hex.EncodeToString(md5bs[:])
+}
+
+// Check 校验订单状态
+func (s *HuPiPayService) Check(tradeNo string) error {
+	data := url.Values{}
+	data.Add("appid", s.appId)
+	data.Add("open_order_id", tradeNo)
+	stamp := strconv.FormatInt(time.Now().Unix(), 10)
+	data.Add("time", stamp)
+	data.Add("nonce_str", stamp)
+	data.Add("hash", s.Sign(data))
+
+	apiURL := fmt.Sprintf("%s/payment/query.html", s.apiURL)
+	resp, err := http.PostForm(apiURL, data)
+	if err != nil {
+		return fmt.Errorf("error with http reqeust: %v", err)
+	}
+
+	defer resp.Body.Close()
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return fmt.Errorf("error with reading response: %v", err)
+	}
+
+	var r struct {
+		ErrCode int `json:"errcode"`
+		Data    struct {
+			Status      string `json:"status"`
+			OpenOrderId string `json:"open_order_id"`
+		} `json:"data,omitempty"`
+		ErrMsg string `json:"errmsg"`
+		Hash   string `json:"hash"`
+	}
+	err = utils.JsonDecode(string(body), &r)
+	if err != nil {
+		return fmt.Errorf("error with decode response: %v", err)
+	}
+
+	if r.ErrCode == 0 && r.Data.Status == "OD" {
+		return nil
+	} else {
+		logger.Debugf("%+v", r)
+		return errors.New("order not paid：" + r.ErrMsg)
+	}
+}
--- a/api/service/payment/payjs_service.go
+++ b/api/service/payment/payjs_service.go
@@ -0,0 +1,148 @@
+package payment
+
+import (
+	"chatplus/core/types"
+	"chatplus/utils"
+	"crypto/md5"
+	"encoding/hex"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"sort"
+	"strings"
+)
+
+type PayJS struct {
+	config *types.JPayConfig
+}
+
+func NewPayJS(appConfig *types.AppConfig) *PayJS {
+	return &PayJS{
+		config: &appConfig.JPayConfig,
+	}
+}
+
+type JPayReq struct {
+	TotalFee   int    `json:"total_fee"`
+	OutTradeNo string `json:"out_trade_no"`
+	Subject    string `json:"body"`
+	NotifyURL  string `json:"notify_url"`
+	ReturnURL  string `json:"callback_url"`
+}
+type JPayReps struct {
+	OutTradeNo string `json:"out_trade_no"`
+	OrderId    string `json:"payjs_order_id"`
+	ReturnCode int    `json:"return_code"`
+	ReturnMsg  string `json:"return_msg"`
+	Sign       string `json:"Sign"`
+	TotalFee   string `json:"total_fee"`
+	CodeUrl    string `json:"code_url,omitempty"`
+	Qrcode     string `json:"qrcode,omitempty"`
+}
+
+func (r JPayReps) IsOK() bool {
+	return r.ReturnMsg == "SUCCESS"
+}
+
+func (js *PayJS) Pay(param JPayReq) JPayReps {
+	param.NotifyURL = js.config.NotifyURL
+	var p = url.Values{}
+	encode := utils.JsonEncode(param)
+	m := make(map[string]interface{})
+	_ = utils.JsonDecode(encode, &m)
+	for k, v := range m {
+		p.Add(k, fmt.Sprintf("%v", v))
+	}
+	p.Add("mchid", js.config.AppId)
+
+	p.Add("sign", js.sign(p))
+
+	cli := http.Client{}
+	apiURL := fmt.Sprintf("%s/api/native", js.config.ApiURL)
+	r, err := cli.PostForm(apiURL, p)
+	if err != nil {
+		return JPayReps{ReturnMsg: err.Error()}
+	}
+	defer r.Body.Close()
+	bs, err := io.ReadAll(r.Body)
+	if err != nil {
+		return JPayReps{ReturnMsg: err.Error()}
+	}
+
+	var data JPayReps
+	err = utils.JsonDecode(string(bs), &data)
+	if err != nil {
+		return JPayReps{ReturnMsg: err.Error()}
+	}
+	return data
+}
+
+func (js *PayJS) PayH5(p url.Values) string {
+	p.Add("mchid", js.config.AppId)
+	p.Add("sign", js.sign(p))
+	return fmt.Sprintf("%s/api/cashier?%s", js.config.ApiURL, p.Encode())
+}
+
+func (js *PayJS) sign(params url.Values) string {
+	params.Del(`sign`)
+	var keys = make([]string, 0, 0)
+	for key := range params {
+		if params.Get(key) != `` {
+			keys = append(keys, key)
+		}
+	}
+	sort.Strings(keys)
+
+	var pList = make([]string, 0, 0)
+	for _, key := range keys {
+		var value = strings.TrimSpace(params.Get(key))
+		if len(value) > 0 {
+			pList = append(pList, key+"="+value)
+		}
+	}
+	var src = strings.Join(pList, "&")
+	src += "&key=" + js.config.PrivateKey
+
+	md5bs := md5.Sum([]byte(src))
+	md5res := hex.EncodeToString(md5bs[:])
+	return strings.ToUpper(md5res)
+}
+
+// Check 查询订单支付状态
+// @param tradeNo 支付平台交易 ID
+func (js *PayJS) Check(tradeNo string) error {
+	apiURL := fmt.Sprintf("%s/api/check", js.config.ApiURL)
+	params := url.Values{}
+	params.Add("payjs_order_id", tradeNo)
+	params.Add("sign", js.sign(params))
+	data := strings.NewReader(params.Encode())
+	resp, err := http.Post(apiURL, "application/x-www-form-urlencoded", data)
+	defer resp.Body.Close()
+	if err != nil {
+		return fmt.Errorf("error with http reqeust: %v", err)
+	}
+
+	defer resp.Body.Close()
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return fmt.Errorf("error with reading response: %v", err)
+	}
+
+	var r struct {
+		ReturnCode int `json:"return_code"`
+		Status     int `json:"status"`
+	}
+	err = utils.JsonDecode(string(body), &r)
+	if err != nil {
+		return fmt.Errorf("error with decode response: %v", err)
+	}
+
+	if r.ReturnCode == 1 && r.Status == 1 {
+		return nil
+	} else {
+		logger.Errorf("PayJs 支付验证响应：%s", string(body))
+		return errors.New("order not paid")
+	}
+}
--- a/api/service/sd/pool.go
+++ b/api/service/sd/pool.go
@@ -0,0 +1,124 @@
+package sd
+
+import (
+	"chatplus/core/types"
+	"chatplus/service/oss"
+	"chatplus/store"
+	"chatplus/store/model"
+	"fmt"
+	"time"
+
+	"github.com/go-redis/redis/v8"
+	"gorm.io/gorm"
+)
+
+type ServicePool struct {
+	services    []*Service
+	taskQueue   *store.RedisQueue
+	notifyQueue *store.RedisQueue
+	db          *gorm.DB
+	Clients     *types.LMap[uint, *types.WsClient] // UserId => Client
+}
+
+func NewServicePool(db *gorm.DB, redisCli *redis.Client, manager *oss.UploaderManager, appConfig *types.AppConfig, levelDB *store.LevelDB) *ServicePool {
+	services := make([]*Service, 0)
+	taskQueue := store.NewRedisQueue("StableDiffusion_Task_Queue", redisCli)
+	notifyQueue := store.NewRedisQueue("StableDiffusion_Queue", redisCli)
+	// create mj client and service
+	for _, config := range appConfig.SdConfigs {
+		if config.Enabled == false {
+			continue
+		}
+
+		// create sd service
+		name := fmt.Sprintf("StableDifffusion Service-%s", config.Model)
+		service := NewService(name, config, taskQueue, notifyQueue, db, manager, levelDB)
+		// run sd service
+		go func() {
+			service.Run()
+		}()
+
+		services = append(services, service)
+	}
+
+	return &ServicePool{
+		taskQueue:   taskQueue,
+		notifyQueue: notifyQueue,
+		services:    services,
+		db:          db,
+		Clients:     types.NewLMap[uint, *types.WsClient](),
+	}
+}
+
+// PushTask push a new mj task in to task queue
+func (p *ServicePool) PushTask(task types.SdTask) {
+	logger.Debugf("add a new MidJourney task to the task list: %+v", task)
+	p.taskQueue.RPush(task)
+}
+
+func (p *ServicePool) CheckTaskNotify() {
+	go func() {
+		logger.Info("Running Stable-Diffusion task notify checking ...")
+		for {
+			var userId uint
+			err := p.notifyQueue.LPop(&userId)
+			if err != nil {
+				continue
+			}
+			client := p.Clients.Get(userId)
+			if client == nil {
+				continue
+			}
+			err = client.Send([]byte("Task Updated"))
+			if err != nil {
+				continue
+			}
+		}
+	}()
+}
+
+// CheckTaskStatus 检查任务状态，自动删除过期或者失败的任务
+func (p *ServicePool) CheckTaskStatus() {
+	go func() {
+		logger.Info("Running Stable-Diffusion task status checking ...")
+		for {
+			var jobs []model.SdJob
+			res := p.db.Where("progress < ?", 100).Find(&jobs)
+			if res.Error != nil {
+				time.Sleep(5 * time.Second)
+				continue
+			}
+
+			for _, job := range jobs {
+				// 5 分钟还没完成的任务直接删除
+				if time.Now().Sub(job.CreatedAt) > time.Minute*5 || job.Progress == -1 {
+					p.db.Delete(&job)
+					var user model.User
+					p.db.Where("id = ?", job.UserId).First(&user)
+					// 退回绘图次数
+					res = p.db.Model(&model.User{}).Where("id = ?", job.UserId).UpdateColumn("power", gorm.Expr("power + ?", job.Power))
+					if res.Error == nil && res.RowsAffected > 0 {
+						p.db.Create(&model.PowerLog{
+							UserId:    user.Id,
+							Username:  user.Username,
+							Type:      types.PowerConsume,
+							Amount:    job.Power,
+							Balance:   user.Power + job.Power,
+							Mark:      types.PowerAdd,
+							Model:     "stable-diffusion",
+							Remark:    fmt.Sprintf("任务失败，退回算力。任务ID：%s", job.TaskId),
+							CreatedAt: time.Now(),
+						})
+					}
+					continue
+				}
+			}
+
+		}
+	}()
+}
+
+// HasAvailableService check if it has available mj service in pool
+func (p *ServicePool) HasAvailableService() bool {
+	return len(p.services) > 0
+}
--- a/api/service/sd/service.go
+++ b/api/service/sd/service.go
@@ -0,0 +1,219 @@
+package sd
+
+import (
+	"chatplus/core/types"
+	"chatplus/service"
+	"chatplus/service/oss"
+	"chatplus/store"
+	"chatplus/store/model"
+	"chatplus/utils"
+	"fmt"
+	"github.com/imroc/req/v3"
+	"gorm.io/gorm"
+	"strings"
+	"time"
+)
+
+// SD 绘画服务
+
+type Service struct {
+	httpClient    *req.Client
+	config        types.StableDiffusionConfig
+	taskQueue     *store.RedisQueue
+	notifyQueue   *store.RedisQueue
+	db            *gorm.DB
+	uploadManager *oss.UploaderManager
+	name          string // service name
+	leveldb       *store.LevelDB
+}
+
+func NewService(name string, config types.StableDiffusionConfig, taskQueue *store.RedisQueue, notifyQueue *store.RedisQueue, db *gorm.DB, manager *oss.UploaderManager, levelDB *store.LevelDB) *Service {
+	config.ApiURL = strings.TrimRight(config.ApiURL, "/")
+	return &Service{
+		name:          name,
+		config:        config,
+		httpClient:    req.C(),
+		taskQueue:     taskQueue,
+		notifyQueue:   notifyQueue,
+		db:            db,
+		leveldb:       levelDB,
+		uploadManager: manager,
+	}
+}
+
+func (s *Service) Run() {
+	for {
+		var task types.SdTask
+		err := s.taskQueue.LPop(&task)
+		if err != nil {
+			logger.Errorf("taking task with error: %v", err)
+			continue
+		}
+
+		// translate prompt
+		if utils.HasChinese(task.Params.Prompt) {
+			content, err := utils.OpenAIRequest(s.db, fmt.Sprintf(service.RewritePromptTemplate, task.Params.Prompt))
+			if err == nil {
+				task.Params.Prompt = content
+			} else {
+				logger.Warnf("error with translate prompt: %v", err)
+			}
+		}
+
+		// translate negative prompt
+		if task.Params.NegPrompt != "" && utils.HasChinese(task.Params.NegPrompt) {
+			content, err := utils.OpenAIRequest(s.db, fmt.Sprintf(service.TranslatePromptTemplate, task.Params.NegPrompt))
+			if err == nil {
+				task.Params.NegPrompt = content
+			} else {
+				logger.Warnf("error with translate prompt: %v", err)
+			}
+		}
+
+		logger.Infof("%s handle a new Stable-Diffusion task: %+v", s.name, task)
+		err = s.Txt2Img(task)
+		if err != nil {
+			logger.Error("绘画任务执行失败：", err.Error())
+			// update the task progress
+			s.db.Model(&model.SdJob{Id: uint(task.Id)}).UpdateColumns(map[string]interface{}{
+				"progress": -1,
+				"err_msg":  err.Error(),
+			})
+			// 通知前端，任务失败
+			s.notifyQueue.RPush(task.UserId)
+			continue
+		}
+	}
+}
+
+// Txt2ImgReq 文生图请求实体
+type Txt2ImgReq struct {
+	Prompt            string  `json:"prompt"`
+	NegativePrompt    string  `json:"negative_prompt"`
+	Seed              int64   `json:"seed,omitempty"`
+	Steps             int     `json:"steps"`
+	CfgScale          float32 `json:"cfg_scale"`
+	Width             int     `json:"width"`
+	Height            int     `json:"height"`
+	SamplerName       string  `json:"sampler_name"`
+	EnableHr          bool    `json:"enable_hr,omitempty"`
+	HrScale           int     `json:"hr_scale,omitempty"`
+	HrUpscaler        string  `json:"hr_upscaler,omitempty"`
+	HrSecondPassSteps int     `json:"hr_second_pass_steps,omitempty"`
+	DenoisingStrength float32 `json:"denoising_strength,omitempty"`
+	ForceTaskId       string  `json:"force_task_id,omitempty"`
+}
+
+// Txt2ImgResp 文生图响应实体
+type Txt2ImgResp struct {
+	Images     []string `json:"images"`
+	Parameters struct {
+	} `json:"parameters"`
+	Info string `json:"info"`
+}
+
+// TaskProgressResp 任务进度响应实体
+type TaskProgressResp struct {
+	Progress     float64 `json:"progress"`
+	EtaRelative  float64 `json:"eta_relative"`
+	CurrentImage string  `json:"current_image"`
+}
+
+// Txt2Img 文生图 API
+func (s *Service) Txt2Img(task types.SdTask) error {
+	body := Txt2ImgReq{
+		Prompt:         task.Params.Prompt,
+		NegativePrompt: task.Params.NegPrompt,
+		Steps:          task.Params.Steps,
+		CfgScale:       task.Params.CfgScale,
+		Width:          task.Params.Width,
+		Height:         task.Params.Height,
+		SamplerName:    task.Params.Sampler,
+		ForceTaskId:    task.Params.TaskId,
+	}
+	if task.Params.Seed > 0 {
+		body.Seed = task.Params.Seed
+	}
+	if task.Params.HdFix {
+		body.EnableHr = true
+		body.HrScale = task.Params.HdScale
+		body.HrUpscaler = task.Params.HdScaleAlg
+		body.HrSecondPassSteps = task.Params.HdSteps
+		body.DenoisingStrength = task.Params.HdRedrawRate
+	}
+	var res Txt2ImgResp
+	var errChan = make(chan error)
+	apiURL := fmt.Sprintf("%s/sdapi/v1/txt2img", s.config.ApiURL)
+	logger.Debugf("send image request to %s", apiURL)
+	go func() {
+		response, err := s.httpClient.R().SetBody(body).SetSuccessResult(&res).Post(apiURL)
+		if err != nil {
+			errChan <- err
+			return
+		}
+		if response.IsErrorState() {
+			errChan <- fmt.Errorf("error http code status: %v", response.Status)
+			return
+		}
+
+		// 保存 Base64 图片
+		imgURL, err := s.uploadManager.GetUploadHandler().PutBase64(res.Images[0])
+		if err != nil {
+			errChan <- fmt.Errorf("error with upload image: %v", err)
+			return
+		}
+		// 获取绘画真实的 seed
+		var info map[string]interface{}
+		err = utils.JsonDecode(res.Info, &info)
+		if err != nil {
+			errChan <- fmt.Errorf("error with decode task response: %v", err)
+			return
+		}
+		task.Params.Seed = int64(utils.IntValue(utils.InterfaceToString(info["seed"]), -1))
+		s.db.Model(&model.SdJob{Id: uint(task.Id)}).UpdateColumns(model.SdJob{ImgURL: imgURL, Params: utils.JsonEncode(task.Params)})
+		errChan <- nil
+	}()
+
+	for {
+		select {
+		case err := <-errChan: // 任务完成
+			if err != nil {
+				return err
+			}
+			s.db.Model(&model.SdJob{Id: uint(task.Id)}).UpdateColumn("progress", 100)
+			s.notifyQueue.RPush(task.UserId)
+			// 从 leveldb 中删除预览图片数据
+			_ = s.leveldb.Delete(task.Params.TaskId)
+			return nil
+		default:
+			err, resp := s.checkTaskProgress()
+			// 更新任务进度
+			if err == nil && resp.Progress > 0 {
+				s.db.Model(&model.SdJob{Id: uint(task.Id)}).UpdateColumn("progress", int(resp.Progress*100))
+				// 发送更新状态信号
+				s.notifyQueue.RPush(task.UserId)
+				// 保存预览图片数据
+				if resp.CurrentImage != "" {
+					_ = s.leveldb.Put(task.Params.TaskId, resp.CurrentImage)
+				}
+			}
+			time.Sleep(time.Second)
+		}
+	}
+
+}
+
+// 执行任务
+func (s *Service) checkTaskProgress() (error, *TaskProgressResp) {
+	apiURL := fmt.Sprintf("%s/sdapi/v1/progress?skip_current_image=false", s.config.ApiURL)
+	var res TaskProgressResp
+	response, err := s.httpClient.R().SetSuccessResult(&res).Get(apiURL)
+	if err != nil {
+		return err, nil
+	}
+	if response.IsErrorState() {
+		return fmt.Errorf("error http code status: %v", response.Status), nil
+	}
+
+	return nil, &res
+}
--- a/api/service/sd/types.go
+++ b/api/service/sd/types.go
@@ -0,0 +1,47 @@
+package sd
+
+import logger2 "chatplus/logger"
+
+var logger = logger2.GetLogger()
+
+type TaskInfo struct {
+	UserId      uint          `json:"user_id"`
+	SessionId   string        `json:"session_id"`
+	JobId       int           `json:"job_id"`
+	TaskId      string        `json:"task_id"`
+	Data        []interface{} `json:"data"`
+	EventData   interface{}   `json:"event_data"`
+	FnIndex     int           `json:"fn_index"`
+	SessionHash string        `json:"session_hash"`
+}
+
+type CBReq struct {
+	UserId    uint
+	SessionId string
+	JobId     int
+	TaskId    string
+	ImageName string
+	ImageData string
+	Progress  int
+	Seed      int64
+	Success   bool
+	Message   string
+}
+
+var ParamKeys = map[string]int{
+	"task_id":         0,
+	"prompt":          1,
+	"negative_prompt": 2,
+	"steps":           4,
+	"sampler":         5,
+	"face_fix":        7, // 面部修复
+	"cfg_scale":       8,
+	"seed":            27,
+	"height":          10,
+	"width":           9,
+	"hd_fix":          11,
+	"hd_redraw_rate":  12, //高清修复重绘幅度
+	"hd_scale":        13, // 高清修复放大倍数
+	"hd_scale_alg":    14, // 高清修复放大算法
+	"hd_sample_num":   15, // 高清修复采样次数
+}
--- a/api/service/aliyun_sms_service.go
+++ b/api/service/aliyun_sms_service.go
@@ -1,31 +1,29 @@
-package service
+package sms

 import (
 	"chatplus/core/types"
-	"chatplus/store"
 	"fmt"
 	"github.com/aliyun/alibaba-cloud-sdk-go/services/dysmsapi"
 )

 type AliYunSmsService struct {
-	config *types.AppConfig
-	db     *store.LevelDB
+	config *types.SmsConfigAli
 	client *dysmsapi.Client
 }

-func NewAliYunSmsService(config *types.AppConfig, db *store.LevelDB) (*AliYunSmsService, error) {
+func NewAliYunSmsService(appConfig *types.AppConfig) (*AliYunSmsService, error) {
+	config := &appConfig.SMS.Ali
 	// 创建阿里云短信客户端
 	client, err := dysmsapi.NewClientWithAccessKey(
 		"cn-hangzhou",
-		config.SmsConfig.AccessKey,
-		config.SmsConfig.AccessSecret)
+		config.AccessKey,
+		config.AccessSecret)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create client: %v", err)
 	}

 	return &AliYunSmsService{
 		config: config,
-		db:     db,
 		client: client,
 	}, nil
 }
@@ -34,10 +32,10 @@ func (s *AliYunSmsService) SendVerifyCode(mobile string, code int) error {
 	// 创建短信请求并设置参数
 	request := dysmsapi.CreateSendSmsRequest()
 	request.Scheme = "https"
-	request.Domain = s.config.SmsConfig.Domain
+	request.Domain = s.config.Domain
 	request.PhoneNumbers = mobile
-	request.SignName = "飞行的蜗牛"
-	request.TemplateCode = "SMS_281460317"
+	request.SignName = s.config.Sign
+	request.TemplateCode = s.config.CodeTempId
 	request.TemplateParam = fmt.Sprintf("{\"code\":\"%d\"}", code) // 短信模板中的参数

 	// 发送短信
@@ -49,6 +47,7 @@ func (s *AliYunSmsService) SendVerifyCode(mobile string, code int) error {
 	if response.Code != "OK" {
 		return fmt.Errorf("failed to send SMS:%v", response.Message)
 	}
-
 	return nil
 }
+
+var _ Service = &AliYunSmsService{}
--- a/api/service/sms/bao.go
+++ b/api/service/sms/bao.go
@@ -0,0 +1,72 @@
+package sms
+
+import (
+	"chatplus/core/types"
+	"chatplus/utils"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"strconv"
+	"strings"
+)
+
+type BaoSmsService struct {
+	config *types.SmsConfigBao
+}
+
+func NewSmsBaoSmsService(appConfig *types.AppConfig) *BaoSmsService {
+	config := appConfig.SMS.Bao
+	if config.Domain == "" { // use default domain
+		config.Domain = "api.smsbao.com"
+		logger.Infof("Using default domain for SMS-BAO: %s", config.Domain)
+	}
+	return &BaoSmsService{
+		config: &config,
+	}
+}
+
+var errMsg = map[string]string{
+	"0":  "短信发送成功",
+	"-1": "参数不全",
+	"-2": "服务器空间不支持，请确认支持curl或者fsocket，联系您的空间商解决或者更换空间",
+	"30": "密码错误",
+	"40": "账号不存在",
+	"41": "余额不足",
+	"42": "账户已过期",
+	"43": "IP地址限制",
+	"50": "内容含有敏感词",
+}
+
+func (s *BaoSmsService) SendVerifyCode(mobile string, code int) error {
+
+	content := fmt.Sprintf("%s%s", s.config.Sign, s.config.CodeTemplate)
+	content = strings.ReplaceAll(content, "{code}", strconv.Itoa(code))
+	password := utils.Md5(s.config.Password)
+	params := url.Values{}
+	params.Set("u", s.config.Username)
+	params.Set("p", password)
+	params.Set("m", mobile)
+	params.Set("c", content)
+
+	apiURL := fmt.Sprintf("https://%s/sms?%s", s.config.Domain, params.Encode())
+	response, err := http.Get(apiURL)
+	if err != nil {
+		return err
+	}
+	defer response.Body.Close()
+
+	body, err := io.ReadAll(response.Body)
+	if err != nil {
+		return err
+	}
+	result := string(body)
+	logger.Debugf("send SmsBao result: %v", errMsg[result])
+
+	if result != "0" {
+		return fmt.Errorf("failed to send SMS:%v", errMsg[result])
+	}
+	return nil
+}
+
+var _ Service = &BaoSmsService{}
--- a/api/service/sms/service.go
+++ b/api/service/sms/service.go
@@ -0,0 +1,8 @@
+package sms
+
+const Ali = "ALI"
+const Bao = "BAO"
+
+type Service interface {
+	SendVerifyCode(mobile string, code int) error
+}
--- a/api/service/sms/service_manager.go
+++ b/api/service/sms/service_manager.go
@@ -0,0 +1,39 @@
+package sms
+
+import (
+	"chatplus/core/types"
+	logger2 "chatplus/logger"
+	"strings"
+)
+
+type ServiceManager struct {
+	handler Service
+}
+
+var logger = logger2.GetLogger()
+
+func NewSendServiceManager(config *types.AppConfig) (*ServiceManager, error) {
+	active := Ali
+	if config.SMS.Active != "" {
+		active = strings.ToUpper(config.SMS.Active)
+	}
+	var handler Service
+	switch active {
+	case Ali:
+		client, err := NewAliYunSmsService(config)
+		if err != nil {
+			return nil, err
+		}
+		handler = client
+		break
+	case Bao:
+		handler = NewSmsBaoSmsService(config)
+		break
+	}
+
+	return &ServiceManager{handler: handler}, nil
+}
+
+func (m *ServiceManager) GetService() Service {
+	return m.handler
+}
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				MIIEpQIBAAKCAQEAsYoUD39UPoPQK4DOOrIVai+bG0YWv3X/eQ9T7FshKgDZlphuM2fpLGA1UK3OCs4UkaIuerJv+0wxWE5jOm1vfXv5ylufFscmQeInuagNxeJ9e6bD8g6m/CKJHEJgqYUhQ2l0A+gKF6CzbUzNLwCNnFsQIHm2f77K3Y+TbY7fkadzWDApNYucaLx3HyC8yxBm10F6E/X6OQIR6LU1musR1Sz1BmPasC80MR8wZr8uWTH5znyZJv5g4rE0qgFAefRd3c1P9QEVZBGdcDIG+F6IVgcOorq0H2zJx9piKJgAMMGVRb/rFw2y/cjG0jKP0o1bE0Ka59ENBJ8C6O55pjjOhwIDAQABAoIBAFetNfz1R7hbxjlFshMAkVzQR8wvT9qbvl+dtzdZRcaFhu89NecDIP7+QDYor0FcxoGpU0TazDyRQyk2BQD8vHt+9zv9BVLtZLJSqoWgPbUFBi1DjS8EF2ka8RVYnn35NhUhhd7L//ftL88Bh673mfembQ9srDjoEy1Z01feoABAnCMkNFl986DmEwnarvEufXSDIgeN4ioMxha4NvfIPuI0zpVdV1O9sv+SGC+VEWZBtN3GNsaf4zS/f8FVGvTiU/Abz0gSw/iwSPHclDWQDTN3yFHf/tfqlzh0mH0WfhnuOBFWXzK+R7fbnM+asI9ttvzRcfpzgRGXdPcNcOv/6cECgYEA3DVqpi1k8MYfJixju6SG5gfyhM4VFksFmCMaNPgtatDMBKLMTgV/Ej6LXREojcy29uZl83F09pVlpd41eG39ULIPktixA/BqErQ2UaWh6kOxifycpu22Jh0r09hax6UgVrcBrrnCJEjcFsuJlrZvXQSzc3PBxjWy5gjabS5h9iECgYEAzmVAIh2frF01Y95zsLueAhhZwCtPanm6kf7ivR4r1plIX3b2sNRhWGmEHFgaCE6Braa0ogQ73Hd26kw4ZW+D6QMGC/zjCBEzDLLf++SjdVUHiY5AR4WHqXzq1jdAlsVyo9R661oAOp3lhiJVGLNXkHyEfEVPHsaxJh4osYSbX6cCgYEAx32Qx0i6eDFTyLZQB46uMrgiaVN04QRH5iJuvGvUYT8UhGKjaU8rZfDJOh+wOH2rhxMEaz1uc3C2bERY9mfWI4Ob/jFWc7YZsiYWS3Mcsuhubw4tMECLUg39RWZsHw8ls8kIuixIh6yFzhTH6YQOcRswIrhMZG8DScfdcSmiz2ECgYEAkWP1t5KSpkLKl11etcKUXfl1T8+yk9jIOowIgRw92WAFAWq2AH67TCKYM7dEL1HOO9tRJ0hAOt/U3ttuZtYVYBEHM26jJ02mXm2rJrA7DS4mrxmL4lYH6LbcXqZxU0Qnq4zEQgIWYzRTORf6Rfof1uJAGaJhR9bDd4yLMfGt2cUCgYEAo216Y61xOHUTA4AF1eekk+r+uOcQgQDvLXfs9FkDdJLk0mPG48/+eIYpPFnANJ/riF/DWOp8WGEe2IzA9yUFexzDbNQK8ha9kGcxaSAyiCwzjZ/t9/+hScDSV8kNqWSRSisu/YOFleEHbokT6mbLZ+gdqES8mUUanaEBzRQYGxo=