Merge remote-tracking branch 'upstream/main'

Signed-off-by: wozulong <>

.github/ISSUE_TEMPLATE/config.yml

@@ -1,5 +1,5 @@
 blank_issues_enabled: false
 contact_links:
-  - name: 项目群聊
-    url: https://private-user-images.githubusercontent.com/61247483/283011625-de536a8a-0161-47a7-a0a2-66ef6de81266.jpeg?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTEiLCJleHAiOjE3MDIyMjQzOTAsIm5iZiI6MTcwMjIyNDA5MCwicGF0aCI6Ii82MTI0NzQ4My8yODMwMTE2MjUtZGU1MzZhOGEtMDE2MS00N2E3LWEwYTItNjZlZjZkZTgxMjY2LmpwZWc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBSVdOSllBWDRDU1ZFSDUzQSUyRjIwMjMxMjEwJTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDIzMTIxMFQxNjAxMzBaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT02MGIxYmM3ZDQyYzBkOTA2ZTYyYmVmMzQ1NjY4NjM1YjY0NTUzNTM5NjE1NDZkYTIzODdhYTk4ZjZjODJmYzY2JlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.TJ8CTfOSwR0-CHS1KLfomqgL0e4YH1luy8lSLrkv5Zg
-    about: QQ 群：629454374
+  - name: 交流社区
+    url: https://linux.do
+    about: 项目交流社区

.github/workflows/docker-image-amd64.yml

@@ -1,9 +1,6 @@
 name: Publish Docker image (amd64)
 
 on:
-  push:
-    tags:
-      - '*'
   workflow_dispatch:
     inputs:
       name:
@@ -42,7 +39,7 @@ jobs:
         uses: docker/metadata-action@v4
         with:
           images: |
-            calciumion/new-api
+            pengzhile/new-api
             ghcr.io/${{ github.repository }}
 
       - name: Build and push Docker images

.github/workflows/docker-image-arm64.yml

@@ -48,7 +48,7 @@ jobs:
         uses: docker/metadata-action@v4
         with:
           images: |
-            calciumion/new-api
+            pengzhile/new-api
             ghcr.io/${{ github.repository }}
 
       - name: Build and push Docker images

Makefile

@@ -7,7 +7,7 @@ all: build-frontend start-backend
 
 build-frontend:
 	@echo "Building frontend..."
-	@cd $(FRONTEND_DIR) && npm install && DISABLE_ESLINT_PLUGIN='true' REACT_APP_VERSION=$(cat VERSION) npm run build npm run build
+	@cd $(FRONTEND_DIR) && yarn install --network-timeout 1000000 && DISABLE_ESLINT_PLUGIN='true' REACT_APP_VERSION=$(cat VERSION) yarn build
 
 start-backend:
 	@echo "Starting backend dev server..."

common/constants.go

@@ -11,12 +11,12 @@ import (
 
 // Pay Settings
 
-var PayAddress = ""
-var CustomCallbackAddress = ""
-var EpayId = ""
-var EpayKey = ""
-var Price = 7.3
-var MinTopUp = 1
+var StripeApiSecret = ""
+var StripeWebhookSecret = ""
+var StripePriceId = ""
+var PaymentEnabled = false
+var StripeUnitPrice = 8.0
+var MinTopUp = 5
 
 var StartTime = time.Now().Unix() // unit: second
 var Version = "v0.0.0"            // this hard coding will be replaced automatically when building, no need to manually change
@@ -50,10 +50,12 @@ var PasswordLoginEnabled = true
 var PasswordRegisterEnabled = true
 var EmailVerificationEnabled = false
 var GitHubOAuthEnabled = false
+var LinuxDoOAuthEnabled = false
 var WeChatAuthEnabled = false
 var TelegramOAuthEnabled = false
 var TurnstileCheckEnabled = false
 var RegisterEnabled = true
+var UserSelfDeletionEnabled = false
 
 var EmailDomainRestrictionEnabled = false // 是否启用邮箱域名限制
 var EmailAliasRestrictionEnabled = false  // 是否启用邮箱别名限制
@@ -84,6 +86,10 @@ var SMTPToken = ""
 var GitHubClientId = ""
 var GitHubClientSecret = ""
 
+var LinuxDoClientId = ""
+var LinuxDoClientSecret = ""
+var LinuxDoMinLevel = 0
+
 var WeChatServerAddress = ""
 var WeChatServerToken = ""
 var WeChatAccountQRCodeImageURL = ""
@@ -185,6 +191,12 @@ const (
 	ChannelStatusAutoDisabled     = 3
 )
 
+const (
+	TopUpStatusPending = "pending"
+	TopUpStatusSuccess = "success"
+	TopUpStatusExpired = "expired"
+)
+
 const (
 	ChannelTypeUnknown        = 0
 	ChannelTypeOpenAI         = 1

common/hash.go

@@ -0,0 +1,84 @@
+package common
+
+import (
+	"crypto/hmac"
+	"crypto/sha1"
+	"crypto/sha256"
+	"encoding/hex"
+	"math/rand"
+	"time"
+)
+
+func Sha256Raw(data string) []byte {
+	h := sha256.New()
+	h.Write([]byte(data))
+	return h.Sum(nil)
+}
+
+func Sha1Raw(data []byte) []byte {
+	h := sha1.New()
+	h.Write([]byte(data))
+	return h.Sum(nil)
+}
+
+func Sha1(data string) string {
+	return hex.EncodeToString(Sha1Raw([]byte(data)))
+}
+
+func HmacSha256Raw(message, key []byte) []byte {
+	h := hmac.New(sha256.New, key)
+	h.Write(message)
+	return h.Sum(nil)
+}
+
+func HmacSha256(message, key string) string {
+	return hex.EncodeToString(HmacSha256Raw([]byte(message), []byte(key)))
+}
+
+func RandomBytes(length int) []byte {
+	rand.Seed(time.Now().UnixNano())
+	b := make([]byte, length)
+	if _, err := rand.Read(b); err != nil {
+		panic(err)
+	}
+
+	return b
+}
+
+func RandomString(length int) string {
+	const chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
+	result := make([]byte, length)
+	randomBytes := RandomBytes(length)
+	for i := 0; i < length; i++ {
+		result[i] = chars[randomBytes[i]%byte(len(chars))]
+	}
+
+	return string(result)
+}
+
+func RandomHex(length int) string {
+	const chars = "abcdef0123456789"
+	result := make([]byte, length)
+	randomBytes := RandomBytes(length)
+	for i := 0; i < length; i++ {
+		result[i] = chars[randomBytes[i]%byte(len(chars))]
+	}
+
+	return string(result)
+}
+
+func RandomNumber(length int) string {
+	const chars = "0123456789"
+	result := make([]byte, length)
+	randomBytes := RandomBytes(length)
+	for i := 0; i < length; i++ {
+		result[i] = chars[randomBytes[i]%byte(len(chars))]
+	}
+
+	return string(result)
+}
+
+func RandomUUID() string {
+	all := RandomHex(32)
+	return all[:8] + "-" + all[8:12] + "-" + all[12:16] + "-" + all[16:20] + "-" + all[20:]
+}

common/logger.go

@@ -98,3 +98,11 @@ func LogQuota(quota int) string {
 		return fmt.Sprintf("%d 点额度", quota)
 	}
 }
+
+func LogQuotaF(quota float64) string {
+	if DisplayInCurrencyEnabled {
+		return fmt.Sprintf("＄%.6f 额度", quota/QuotaPerUnit)
+	} else {
+		return fmt.Sprintf("%d 点额度", int64(quota))
+	}
+}

common/model-ratio.go

@@ -26,7 +26,7 @@ var DefaultModelRatio = map[string]float64{
 	"gpt-4-turbo-preview":       5,    // $0.01 / 1K tokens
 	"gpt-4-vision-preview":      5,    // $0.01 / 1K tokens
 	"gpt-4-1106-vision-preview": 5,    // $0.01 / 1K tokens
-	"gpt-3.5-turbo":             0.25, // $0.0015 / 1K tokens
+	"gpt-3.5-turbo":             0.25, // $0.0005 / 1K tokens
 	"gpt-3.5-turbo-0301":        0.75,
 	"gpt-3.5-turbo-0613":        0.75,
 	"gpt-3.5-turbo-16k":         1.5, // $0.003 / 1K tokens
@@ -190,15 +190,17 @@ func GetModelRatio(name string) float64 {
 
 func GetCompletionRatio(name string) float64 {
 	if strings.HasPrefix(name, "gpt-3.5") {
-		if name == "gpt-3.5-turbo" || strings.HasSuffix(name, "0125") {
-			// https://openai.com/blog/new-embedding-models-and-api-updates
-			// Updated GPT-3.5 Turbo model and lower pricing
+		if strings.HasSuffix(name, "0125") {
 			return 3
 		}
 		if strings.HasSuffix(name, "1106") {
 			return 2
 		}
-		return 4.0 / 3.0
+		if name == "gpt-3.5-turbo" {
+			return 3
+		}
+
+		return 1.333333
 	}
 	if strings.HasPrefix(name, "gpt-4") {
 		if strings.HasSuffix(name, "preview") {

controller/github.go

@@ -123,6 +123,8 @@ func GitHubOAuth(c *gin.Context) {
 		}
 	} else {
 		if common.RegisterEnabled {
+			user.InviterId, _ = model.GetUserIdByAffCode(c.Query("aff"))
+
 			user.Username = "github_" + strconv.Itoa(model.GetMaxUserId()+1)
 			if githubUser.Name != "" {
 				user.DisplayName = githubUser.Name
@@ -133,7 +135,7 @@ func GitHubOAuth(c *gin.Context) {
 			user.Role = common.RoleCommonUser
 			user.Status = common.UserStatusEnabled
 
-			if err := user.Insert(0); err != nil {
+			if err := user.Insert(user.InviterId); err != nil {
 				c.JSON(http.StatusOK, gin.H{
 					"success": false,
 					"message": err.Error(),

controller/linuxdo.go

@@ -0,0 +1,239 @@
+package controller
+
+import (
+	"bytes"
+	"encoding/base64"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-gonic/gin"
+	"net/http"
+	"net/url"
+	"one-api/common"
+	"one-api/model"
+	"strconv"
+	"time"
+)
+
+type LinuxDoOAuthResponse struct {
+	AccessToken string `json:"access_token"`
+	Scope       string `json:"scope"`
+	TokenType   string `json:"token_type"`
+}
+
+type LinuxDoUser struct {
+	ID         int    `json:"id"`
+	Username   string `json:"username"`
+	Name       string `json:"name"`
+	Active     bool   `json:"active"`
+	TrustLevel int    `json:"trust_level"`
+	Silenced   bool   `json:"silenced"`
+}
+
+func getLinuxDoUserInfoByCode(code string) (*LinuxDoUser, error) {
+	if code == "" {
+		return nil, errors.New("无效的参数")
+	}
+	auth := base64.StdEncoding.EncodeToString([]byte(common.LinuxDoClientId + ":" + common.LinuxDoClientSecret))
+	form := url.Values{
+		"grant_type": {"authorization_code"},
+		"code":       {code},
+	}
+	req, err := http.NewRequest("POST", "https://connect.linux.do/oauth2/token", bytes.NewBufferString(form.Encode()))
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
+	req.Header.Set("Authorization", "Basic "+auth)
+	req.Header.Set("Accept", "application/json")
+	client := http.Client{
+		Timeout: 5 * time.Second,
+	}
+	res, err := client.Do(req)
+	if err != nil {
+		common.SysLog(err.Error())
+		return nil, errors.New("无法连接至 LINUX DO 服务器，请稍后重试！")
+	}
+	defer res.Body.Close()
+	var oAuthResponse LinuxDoOAuthResponse
+	err = json.NewDecoder(res.Body).Decode(&oAuthResponse)
+	if err != nil {
+		return nil, err
+	}
+	req, err = http.NewRequest("GET", "https://connect.linux.do/api/user", nil)
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", oAuthResponse.AccessToken))
+	res2, err := client.Do(req)
+	if err != nil {
+		common.SysLog(err.Error())
+		return nil, errors.New("无法连接至 LINUX DO 服务器，请稍后重试！")
+	}
+	defer res2.Body.Close()
+	var linuxdoUser LinuxDoUser
+	err = json.NewDecoder(res2.Body).Decode(&linuxdoUser)
+	if err != nil {
+		return nil, err
+	}
+	if linuxdoUser.ID == 0 {
+		return nil, errors.New("返回值非法，用户字段为空，请稍后重试！")
+	}
+	if linuxdoUser.TrustLevel < common.LinuxDoMinLevel {
+		return nil, errors.New("用户 LINUX DO 信任等级不足！")
+	}
+	return &linuxdoUser, nil
+}
+
+func LinuxDoOAuth(c *gin.Context) {
+	session := sessions.Default(c)
+	state := c.Query("state")
+	if state == "" || session.Get("oauth_state") == nil || state != session.Get("oauth_state").(string) {
+		c.JSON(http.StatusForbidden, gin.H{
+			"success": false,
+			"message": "state is empty or not same",
+		})
+		return
+	}
+	username := session.Get("username")
+	if username != nil {
+		LinuxDoBind(c)
+		return
+	}
+
+	if !common.LinuxDoOAuthEnabled {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": "管理员未开启通过 LINUX DO 登录以及注册",
+		})
+		return
+	}
+	code := c.Query("code")
+	linuxdoUser, err := getLinuxDoUserInfoByCode(code)
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": err.Error(),
+		})
+		return
+	}
+	user := model.User{
+		LinuxDoId:    strconv.Itoa(linuxdoUser.ID),
+		LinuxDoLevel: linuxdoUser.TrustLevel,
+	}
+	if model.IsLinuxDoIdAlreadyTaken(user.LinuxDoId) {
+		err := user.FillUserByLinuxDoId()
+		if err != nil {
+			c.JSON(http.StatusOK, gin.H{
+				"success": false,
+				"message": err.Error(),
+			})
+			return
+		}
+
+		user.LinuxDoLevel = linuxdoUser.TrustLevel
+		err = user.Update(false)
+		if err != nil {
+			c.JSON(http.StatusOK, gin.H{
+				"success": false,
+				"message": err.Error(),
+			})
+			return
+		}
+	} else {
+		if common.RegisterEnabled {
+			affCode := c.Query("aff")
+			user.InviterId, _ = model.GetUserIdByAffCode(affCode)
+
+			user.Username = "linuxdo_" + strconv.Itoa(model.GetMaxUserId()+1)
+			if linuxdoUser.Name != "" {
+				user.DisplayName = linuxdoUser.Name
+			} else {
+				user.DisplayName = linuxdoUser.Username
+			}
+			user.Role = common.RoleCommonUser
+			user.Status = common.UserStatusEnabled
+
+			if err := user.Insert(user.InviterId); err != nil {
+				c.JSON(http.StatusOK, gin.H{
+					"success": false,
+					"message": err.Error(),
+				})
+				return
+			}
+		} else {
+			c.JSON(http.StatusOK, gin.H{
+				"success": false,
+				"message": "管理员关闭了新用户注册",
+			})
+			return
+		}
+	}
+
+	if user.Status != common.UserStatusEnabled {
+		c.JSON(http.StatusOK, gin.H{
+			"message": "用户已被封禁",
+			"success": false,
+		})
+		return
+	}
+	setupLogin(&user, c)
+}
+
+func LinuxDoBind(c *gin.Context) {
+	if !common.LinuxDoOAuthEnabled {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": "管理员未开启通过 LINUX DO 登录以及注册",
+		})
+		return
+	}
+	code := c.Query("code")
+	linuxdoUser, err := getLinuxDoUserInfoByCode(code)
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": err.Error(),
+		})
+		return
+	}
+	user := model.User{
+		LinuxDoId:    strconv.Itoa(linuxdoUser.ID),
+		LinuxDoLevel: linuxdoUser.TrustLevel,
+	}
+	if model.IsLinuxDoIdAlreadyTaken(user.LinuxDoId) {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": "该 LINUX DO 账户已被绑定",
+		})
+		return
+	}
+	session := sessions.Default(c)
+	id := session.Get("id")
+	// id := c.GetInt("id")  // critical bug!
+	user.Id = id.(int)
+	err = user.FillUserById()
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": err.Error(),
+		})
+		return
+	}
+	user.LinuxDoId = strconv.Itoa(linuxdoUser.ID)
+	user.LinuxDoLevel = linuxdoUser.TrustLevel
+	err = user.Update(false)
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": err.Error(),
+		})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{
+		"success": true,
+		"message": "bind",
+	})
+	return
+}

controller/log.go

@@ -24,7 +24,7 @@ func GetAllLogs(c *gin.Context) {
 	tokenName := c.Query("token_name")
 	modelName := c.Query("model_name")
 	channel, _ := strconv.Atoi(c.Query("channel"))
-	logs, err := model.GetAllLogs(logType, startTimestamp, endTimestamp, modelName, username, tokenName, p*pageSize, pageSize, channel)
+	logs, total, err := model.GetAllLogs(logType, startTimestamp, endTimestamp, modelName, username, tokenName, p*pageSize, pageSize, channel)
 	if err != nil {
 		c.JSON(http.StatusOK, gin.H{
 			"success": false,
@@ -35,6 +35,7 @@ func GetAllLogs(c *gin.Context) {
 	c.JSON(http.StatusOK, gin.H{
 		"success": true,
 		"message": "",
+		"total":   total,
 		"data":    logs,
 	})
 	return
@@ -58,7 +59,7 @@ func GetUserLogs(c *gin.Context) {
 	endTimestamp, _ := strconv.ParseInt(c.Query("end_timestamp"), 10, 64)
 	tokenName := c.Query("token_name")
 	modelName := c.Query("model_name")
-	logs, err := model.GetUserLogs(userId, logType, startTimestamp, endTimestamp, modelName, tokenName, p*pageSize, pageSize)
+	logs, total, err := model.GetUserLogs(userId, logType, startTimestamp, endTimestamp, modelName, tokenName, p*pageSize, pageSize)
 	if err != nil {
 		c.JSON(http.StatusOK, gin.H{
 			"success": false,
@@ -69,6 +70,7 @@ func GetUserLogs(c *gin.Context) {
 	c.JSON(http.StatusOK, gin.H{
 		"success": true,
 		"message": "",
+		"total":   total,
 		"data":    logs,
 	})
 	return

controller/misc.go

@@ -38,6 +38,8 @@ func GetStatus(c *gin.Context) {
 			"email_verification":       common.EmailVerificationEnabled,
 			"github_oauth":             common.GitHubOAuthEnabled,
 			"github_client_id":         common.GitHubClientId,
+			"linuxdo_oauth":            common.LinuxDoOAuthEnabled,
+			"linuxdo_client_id":        common.LinuxDoClientId,
 			"telegram_oauth":           common.TelegramOAuthEnabled,
 			"telegram_bot_name":        common.TelegramBotName,
 			"system_name":              common.SystemName,
@@ -46,7 +48,7 @@ func GetStatus(c *gin.Context) {
 			"wechat_qrcode":            common.WeChatAccountQRCodeImageURL,
 			"wechat_login":             common.WeChatAuthEnabled,
 			"server_address":           common.ServerAddress,
-			"price":                    common.Price,
+			"stripe_unit_price":        common.StripeUnitPrice,
 			"min_topup":                common.MinTopUp,
 			"turnstile_check":          common.TurnstileCheckEnabled,
 			"turnstile_site_key":       common.TurnstileSiteKey,
@@ -60,7 +62,7 @@ func GetStatus(c *gin.Context) {
 			"enable_data_export":       common.DataExportEnabled,
 			"data_export_default_time": common.DataExportDefaultTime,
 			"default_collapse_sidebar": common.DefaultCollapseSidebar,
-			"enable_online_topup":      common.PayAddress != "" && common.EpayId != "" && common.EpayKey != "",
+			"payment_enabled":          common.PaymentEnabled,
 			"mj_notify_enabled":        constant.MjNotifyEnabled,
 		},
 	})

controller/option.go

@@ -50,6 +50,14 @@ func UpdateOption(c *gin.Context) {
 			})
 			return
 		}
+	case "LinuxDoOAuthEnabled":
+		if option.Value == "true" && common.LinuxDoClientId == "" {
+			c.JSON(http.StatusOK, gin.H{
+				"success": false,
+				"message": "无法启用 LINUX DO OAuth，请先填入 LINUX DO Client Id 以及 LINUX DO Client Secret！",
+			})
+			return
+		}
 	case "EmailDomainRestrictionEnabled":
 		if option.Value == "true" && len(common.EmailDomainWhitelist) == 0 {
 			c.JSON(http.StatusOK, gin.H{

controller/stripe.go

@@ -0,0 +1,97 @@
+package controller
+
+import (
+	"github.com/gin-gonic/gin"
+	"github.com/stripe/stripe-go/v76"
+	"github.com/stripe/stripe-go/v76/webhook"
+	"io"
+	"log"
+	"net/http"
+	"one-api/common"
+	"one-api/model"
+	"strconv"
+	"strings"
+)
+
+func StripeWebhook(c *gin.Context) {
+	payload, err := io.ReadAll(c.Request.Body)
+	if err != nil {
+		log.Printf("解析Stripe Webhook参数失败: %v\n", err)
+		c.AbortWithStatus(http.StatusServiceUnavailable)
+		return
+	}
+
+	signature := c.GetHeader("Stripe-Signature")
+	endpointSecret := common.StripeWebhookSecret
+	event, err := webhook.ConstructEvent(payload, signature, endpointSecret)
+
+	if err != nil {
+		log.Printf("Stripe Webhook验签失败: %v\n", err)
+		c.AbortWithStatus(http.StatusBadRequest)
+		return
+	}
+
+	switch event.Type {
+	case stripe.EventTypeCheckoutSessionCompleted:
+		sessionCompleted(event)
+	case stripe.EventTypeCheckoutSessionExpired:
+		sessionExpired(event)
+	default:
+		log.Printf("不支持的Stripe Webhook事件类型: %s\n", event.Type)
+	}
+
+	c.Status(http.StatusOK)
+}
+
+func sessionCompleted(event stripe.Event) {
+	customerId := event.GetObjectValue("customer")
+	referenceId := event.GetObjectValue("client_reference_id")
+	status := event.GetObjectValue("status")
+	if "complete" != status {
+		log.Println("错误的Stripe Checkout完成状态:", status, ",", referenceId)
+		return
+	}
+
+	err := model.Recharge(referenceId, customerId)
+	if err != nil {
+		log.Println(err.Error(), referenceId)
+		return
+	}
+
+	total, _ := strconv.ParseFloat(event.GetObjectValue("amount_total"), 64)
+	currency := strings.ToUpper(event.GetObjectValue("currency"))
+	log.Printf("收到款项：%s, %.2f(%s)", referenceId, total/100, currency)
+}
+
+func sessionExpired(event stripe.Event) {
+	referenceId := event.GetObjectValue("client_reference_id")
+	status := event.GetObjectValue("status")
+	if "expired" != status {
+		log.Println("错误的Stripe Checkout过期状态:", status, ",", referenceId)
+		return
+	}
+
+	if "" == referenceId {
+		log.Println("未提供支付单号")
+		return
+	}
+
+	topUp := model.GetTopUpByTradeNo(referenceId)
+	if topUp == nil {
+		log.Println("充值订单不存在", referenceId)
+		return
+	}
+
+	if topUp.Status != common.TopUpStatusPending {
+		log.Println("充值订单状态错误", referenceId)
+	}
+
+	topUp.Status = common.TopUpStatusExpired
+	err := topUp.Update()
+	if err != nil {
+		log.Println("过期充值订单失败", referenceId, ", err:", err.Error())
+		return
+	}
+
+	log.Println("充值订单已过期", referenceId)
+}

controller/topup.go

@@ -1,21 +1,20 @@
 package controller
 
+import "C"
 import (
 	"fmt"
 	"github.com/gin-gonic/gin"
-	"github.com/samber/lo"
-	epay "github.com/star-horizon/go-epay"
+	"github.com/stripe/stripe-go/v76"
+	"github.com/stripe/stripe-go/v76/checkout/session"
 	"log"
-	"net/url"
 	"one-api/common"
 	"one-api/model"
-	"one-api/service"
 	"strconv"
-	"sync"
+	"strings"
 	"time"
 )
 
-type EpayRequest struct {
+type PayRequest struct {
 	Amount        int    `json:"amount"`
 	PaymentMethod string `json:"payment_method"`
 	TopUpCode     string `json:"top_up_code"`
@@ -26,196 +25,114 @@ type AmountRequest struct {
 	TopUpCode string `json:"top_up_code"`
 }
 
-func GetEpayClient() *epay.Client {
-	if common.PayAddress == "" || common.EpayId == "" || common.EpayKey == "" {
-		return nil
+func genStripeLink(referenceId string, customerId string, email string, amount int64) (string, error) {
+	if !strings.HasPrefix(common.StripeApiSecret, "sk_") {
+		return "", fmt.Errorf("无效的Stripe API密钥")
 	}
-	withUrl, err := epay.NewClientWithUrl(&epay.Config{
-		PartnerID: common.EpayId,
-		Key:       common.EpayKey,
-	}, common.PayAddress)
+
+	stripe.Key = common.StripeApiSecret
+
+	params := &stripe.CheckoutSessionParams{
+		ClientReferenceID: stripe.String(referenceId),
+		SuccessURL:        stripe.String(common.ServerAddress + "/log"),
+		CancelURL:         stripe.String(common.ServerAddress + "/topup"),
+		LineItems: []*stripe.CheckoutSessionLineItemParams{
+			{
+				Price:    stripe.String(common.StripePriceId),
+				Quantity: stripe.Int64(amount),
+			},
+		},
+		Mode: stripe.String(string(stripe.CheckoutSessionModePayment)),
+	}
+
+	if "" == customerId {
+		if "" != email {
+			params.CustomerEmail = stripe.String(email)
+		}
+
+		params.CustomerCreation = stripe.String(string(stripe.CheckoutSessionCustomerCreationAlways))
+	} else {
+		params.Customer = stripe.String(customerId)
+	}
+
+	result, err := session.New(params)
 	if err != nil {
-		return nil
+		return "", err
 	}
-	return withUrl
+
+	return result.URL, nil
 }
 
-func getPayMoney(amount float64, user model.User) float64 {
-	if !common.DisplayInCurrencyEnabled {
-		amount = amount / common.QuotaPerUnit
-	}
-	// 别问为什么用float64，问就是这么点钱没必要
-	topupGroupRatio := common.GetTopupGroupRatio(user.Group)
-	if topupGroupRatio == 0 {
-		topupGroupRatio = 1
-	}
-	payMoney := amount * common.Price * topupGroupRatio
-	return payMoney
+func GetPayAmount(count float64) float64 {
+	return count * common.StripeUnitPrice
 }
 
-func getMinTopup() int {
-	minTopup := common.MinTopUp
-	if !common.DisplayInCurrencyEnabled {
-		minTopup = minTopup * int(common.QuotaPerUnit)
+func GetChargedAmount(count float64, user model.User) float64 {
+	topUpGroupRatio := common.GetTopupGroupRatio(user.Group)
+	if topUpGroupRatio == 0 {
+		topUpGroupRatio = 1
 	}
-	return minTopup
+
+	return count * topUpGroupRatio
 }
 
-func RequestEpay(c *gin.Context) {
-	var req EpayRequest
+func RequestPayLink(c *gin.Context) {
+	var req PayRequest
 	err := c.ShouldBindJSON(&req)
 	if err != nil {
-		c.JSON(200, gin.H{"message": "error", "data": "参数错误"})
+		c.JSON(200, gin.H{"message": err.Error(), "data": 10})
 		return
 	}
-	if req.Amount < getMinTopup() {
-		c.JSON(200, gin.H{"message": "error", "data": fmt.Sprintf("充值数量不能小于 %d", getMinTopup())})
+	if !common.PaymentEnabled {
+		c.JSON(200, gin.H{"message": "error", "data": "管理员未开启在线支付"})
+		return
+	}
+	if req.PaymentMethod != "stripe" {
+		c.JSON(200, gin.H{"message": "error", "data": "不支持的支付渠道"})
+		return
+	}
+	if req.Amount < common.MinTopUp {
+		c.JSON(200, gin.H{"message": fmt.Sprintf("充值数量不能小于 %d", common.MinTopUp), "data": 10})
+		return
+	}
+	if req.Amount > 10000 {
+		c.JSON(200, gin.H{"message": "充值数量不能大于 10000", "data": 10})
 		return
 	}
 
 	id := c.GetInt("id")
 	user, _ := model.GetUserById(id, false)
-	payMoney := getPayMoney(float64(req.Amount), *user)
-	if payMoney < 0.01 {
-		c.JSON(200, gin.H{"message": "error", "data": "充值金额过低"})
-		return
-	}
+	chargedMoney := GetChargedAmount(float64(req.Amount), *user)
 
-	var payType epay.PurchaseType
-	if req.PaymentMethod == "zfb" {
-		payType = epay.Alipay
-	}
-	if req.PaymentMethod == "wx" {
-		req.PaymentMethod = "wxpay"
-		payType = epay.WechatPay
-	}
-	callBackAddress := service.GetCallbackAddress()
-	returnUrl, _ := url.Parse(common.ServerAddress + "/log")
-	notifyUrl, _ := url.Parse(callBackAddress + "/api/user/epay/notify")
-	tradeNo := fmt.Sprintf("%s%d", common.GetRandomString(6), time.Now().Unix())
-	client := GetEpayClient()
-	if client == nil {
-		c.JSON(200, gin.H{"message": "error", "data": "当前管理员未配置支付信息"})
-		return
-	}
-	uri, params, err := client.Purchase(&epay.PurchaseArgs{
-		Type:           payType,
-		ServiceTradeNo: "A" + tradeNo,
-		Name:           "B" + tradeNo,
-		Money:          strconv.FormatFloat(payMoney, 'f', 2, 64),
-		Device:         epay.PC,
-		NotifyUrl:      notifyUrl,
-		ReturnUrl:      returnUrl,
-	})
+	reference := fmt.Sprintf("new-api-ref-%d-%d-%s", user.Id, time.Now().UnixMilli(), common.RandomString(4))
+	referenceId := "ref_" + common.Sha1(reference)
+
+	payLink, err := genStripeLink(referenceId, user.StripeCustomer, user.Email, int64(req.Amount))
 	if err != nil {
+		log.Println("获取Stripe Checkout支付链接失败", err)
 		c.JSON(200, gin.H{"message": "error", "data": "拉起支付失败"})
 		return
 	}
-	amount := req.Amount
-	if !common.DisplayInCurrencyEnabled {
-		amount = amount / int(common.QuotaPerUnit)
-	}
+
 	topUp := &model.TopUp{
 		UserId:     id,
-		Amount:     amount,
-		Money:      payMoney,
-		TradeNo:    "A" + tradeNo,
+		Amount:     req.Amount,
+		Money:      chargedMoney,
+		TradeNo:    referenceId,
 		CreateTime: time.Now().Unix(),
-		Status:     "pending",
+		Status:     common.TopUpStatusPending,
 	}
 	err = topUp.Insert()
 	if err != nil {
 		c.JSON(200, gin.H{"message": "error", "data": "创建订单失败"})
 		return
 	}
-	c.JSON(200, gin.H{"message": "success", "data": params, "url": uri})
-}
-
-// tradeNo lock
-var orderLocks sync.Map
-var createLock sync.Mutex
-
-// LockOrder 尝试对给定订单号加锁
-func LockOrder(tradeNo string) {
-	lock, ok := orderLocks.Load(tradeNo)
-	if !ok {
-		createLock.Lock()
-		defer createLock.Unlock()
-		lock, ok = orderLocks.Load(tradeNo)
-		if !ok {
-			lock = new(sync.Mutex)
-			orderLocks.Store(tradeNo, lock)
-		}
-	}
-	lock.(*sync.Mutex).Lock()
-}
-
-// UnlockOrder 释放给定订单号的锁
-func UnlockOrder(tradeNo string) {
-	lock, ok := orderLocks.Load(tradeNo)
-	if ok {
-		lock.(*sync.Mutex).Unlock()
-	}
-}
-
-func EpayNotify(c *gin.Context) {
-	params := lo.Reduce(lo.Keys(c.Request.URL.Query()), func(r map[string]string, t string, i int) map[string]string {
-		r[t] = c.Request.URL.Query().Get(t)
-		return r
-	}, map[string]string{})
-	client := GetEpayClient()
-	if client == nil {
-		log.Println("易支付回调失败 未找到配置信息")
-		_, err := c.Writer.Write([]byte("fail"))
-		if err != nil {
-			log.Println("易支付回调写入失败")
-			return
-		}
-	}
-	verifyInfo, err := client.Verify(params)
-	if err == nil && verifyInfo.VerifyStatus {
-		_, err := c.Writer.Write([]byte("success"))
-		if err != nil {
-			log.Println("易支付回调写入失败")
-		}
-	} else {
-		_, err := c.Writer.Write([]byte("fail"))
-		if err != nil {
-			log.Println("易支付回调写入失败")
-		}
-		log.Println("易支付回调签名验证失败")
-		return
-	}
-
-	if verifyInfo.TradeStatus == epay.StatusTradeSuccess {
-		log.Println(verifyInfo)
-		LockOrder(verifyInfo.ServiceTradeNo)
-		defer UnlockOrder(verifyInfo.ServiceTradeNo)
-		topUp := model.GetTopUpByTradeNo(verifyInfo.ServiceTradeNo)
-		if topUp == nil {
-			log.Printf("易支付回调未找到订单: %v", verifyInfo)
-			return
-		}
-		if topUp.Status == "pending" {
-			topUp.Status = "success"
-			err := topUp.Update()
-			if err != nil {
-				log.Printf("易支付回调更新订单失败: %v", topUp)
-				return
-			}
-			//user, _ := model.GetUserById(topUp.UserId, false)
-			//user.Quota += topUp.Amount * 500000
-			err = model.IncreaseUserQuota(topUp.UserId, topUp.Amount*int(common.QuotaPerUnit))
-			if err != nil {
-				log.Printf("易支付回调更新用户失败: %v", topUp)
-				return
-			}
-			log.Printf("易支付回调更新用户成功 %v", topUp)
-			model.RecordLog(topUp.UserId, model.LogTypeTopup, fmt.Sprintf("使用在线充值成功，充值金额: %v，支付金额：%f", common.LogQuota(topUp.Amount*int(common.QuotaPerUnit)), topUp.Money))
-		}
-	} else {
-		log.Printf("易支付异常回调: %v", verifyInfo)
-	}
+	c.JSON(200, gin.H{
+		"message": "success",
+		"data": gin.H{
+			"payLink": payLink,
+		},
+	})
 }
 
 func RequestAmount(c *gin.Context) {
@@ -225,17 +142,23 @@ func RequestAmount(c *gin.Context) {
 		c.JSON(200, gin.H{"message": "error", "data": "参数错误"})
 		return
 	}
-
-	if req.Amount < getMinTopup() {
-		c.JSON(200, gin.H{"message": "error", "data": fmt.Sprintf("充值数量不能小于 %d", getMinTopup())})
+	if !common.PaymentEnabled {
+		c.JSON(200, gin.H{"message": "error", "data": "管理员未开启在线支付"})
+		return
+	}
+	if req.Amount < common.MinTopUp {
+		c.JSON(200, gin.H{"message": "error", "data": fmt.Sprintf("充值数量不能小于 %d", common.MinTopUp)})
 		return
 	}
 	id := c.GetInt("id")
 	user, _ := model.GetUserById(id, false)
-	payMoney := getPayMoney(float64(req.Amount), *user)
-	if payMoney <= 0.01 {
-		c.JSON(200, gin.H{"message": "error", "data": "充值金额过低"})
-		return
-	}
-	c.JSON(200, gin.H{"message": "success", "data": strconv.FormatFloat(payMoney, 'f', 2, 64)})
+	payMoney := GetPayAmount(float64(req.Amount))
+	chargedMoney := GetChargedAmount(float64(req.Amount), *user)
+	c.JSON(200, gin.H{
+		"message": "success",
+		"data": gin.H{
+			"payAmount":     strconv.FormatFloat(payMoney, 'f', 2, 64),
+			"chargedAmount": strconv.FormatFloat(chargedMoney, 'f', 2, 64),
+		},
+	})
 }

controller/user.go

@@ -66,6 +66,7 @@ func setupLogin(user *model.User, c *gin.Context) {
 	session.Set("username", user.Username)
 	session.Set("role", user.Role)
 	session.Set("status", user.Status)
+	session.Set("linuxdo_enable", user.LinuxDoId == "" || user.LinuxDoLevel >= common.LinuxDoMinLevel)
 	err := session.Save()
 	if err != nil {
 		c.JSON(http.StatusOK, gin.H{
@@ -516,7 +517,7 @@ func UpdateSelf(c *gin.Context) {
 	return
 }
 
-func DeleteUser(c *gin.Context) {
+func HardDeleteUser(c *gin.Context) {
 	id, err := strconv.Atoi(c.Param("id"))
 	if err != nil {
 		c.JSON(http.StatusOK, gin.H{
@@ -525,7 +526,7 @@ func DeleteUser(c *gin.Context) {
 		})
 		return
 	}
-	originUser, err := model.GetUserById(id, false)
+	originUser, err := model.GetUserByIdUnscoped(id, false)
 	if err != nil {
 		c.JSON(http.StatusOK, gin.H{
 			"success": false,
@@ -549,9 +550,23 @@ func DeleteUser(c *gin.Context) {
 		})
 		return
 	}
+
+	c.JSON(http.StatusOK, gin.H{
+		"success": true,
+		"message": "",
+	})
+	return
 }
 
 func DeleteSelf(c *gin.Context) {
+	if !common.UserSelfDeletionEnabled {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": "当前设置不允许用户自我删除账号",
+		})
+		return
+	}
+
 	id := c.GetInt("id")
 	user, _ := model.GetUserById(id, false)
 

docker-compose.yml

@@ -2,18 +2,17 @@ version: '3.4'
 
 services:
   new-api:
-    image: calciumion/new-api:latest
-    # build: .
+    image: pengzhile/new-api:latest
     container_name: new-api
     restart: always
     command: --log-dir /app/logs
     ports:
       - "3000:3000"
     volumes:
-      - ./data:/data
+      - ./data/new-api:/data
       - ./logs:/app/logs
     environment:
-      - SQL_DSN=root:123456@tcp(host.docker.internal:3306)/new-api  # 修改此行，或注释掉以使用 SQLite 作为数据库
+      - SQL_DSN=newapi:123456@tcp(db:3306)/new-api  # 修改此行，或注释掉以使用 SQLite 作为数据库
       - REDIS_CONN_STRING=redis://redis
       - SESSION_SECRET=random_string  # 修改为随机字符串
       - TZ=Asia/Shanghai
@@ -23,13 +22,22 @@ services:
 
     depends_on:
       - redis
-    healthcheck:
-      test: [ "CMD-SHELL", "wget -q -O - http://localhost:3000/api/status | grep -o '\"success\":\\s*true' | awk -F: '{print $2}'" ]
-      interval: 30s
-      timeout: 10s
-      retries: 3
+      - db
 
   redis:
     image: redis:latest
     container_name: redis
     restart: always
+
+  db:
+    image: mysql:8.2.0
+    container_name: mysql
+    restart: always
+    volumes:
+      - ./data/mysql:/var/lib/mysql  # 挂载目录，持久化存储
+    environment:
+      TZ: Asia/Shanghai   # 设置时区
+      MYSQL_ROOT_PASSWORD: 'OneAPI@justsong' # 设置 root 用户的密码
+      MYSQL_USER: newapi   # 创建专用用户
+      MYSQL_PASSWORD: '123456'    # 设置专用用户密码
+      MYSQL_DATABASE: new-api   # 自动创建数据库

go.mod

@@ -59,6 +59,7 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pelletier/go-toml/v2 v2.0.8 // indirect
+	github.com/stripe/stripe-go/v76 v76.21.0 // indirect
 	github.com/tklauser/go-sysconf v0.3.12 // indirect
 	github.com/tklauser/numcpus v0.6.1 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect

go.sum

@@ -153,6 +153,8 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stripe/stripe-go/v76 v76.21.0 h1:O3GHImHS4oUI3qWMOClHN3zAQF5/oswS/NB7leV1fsU=
+github.com/stripe/stripe-go/v76 v76.21.0/go.mod h1:rw1MxjlAKKcZ+3FOXgTHgwiOa2ya6CPq6ykpJ0Q6Po4=
 github.com/tklauser/go-sysconf v0.3.12 h1:0QaGUFOdQaIVdPgfITYzaTegZvdCjmYO52cSFAEVmqU=
 github.com/tklauser/go-sysconf v0.3.12/go.mod h1:Ho14jnntGE1fpdOqQEEaiKRpvIavV0hSfmBq8nJbHYI=
 github.com/tklauser/numcpus v0.6.1 h1:ng9scYS7az0Bk4OZLvrNXNSAO2Pxr1XXRAPyjhIx+Fk=
@@ -178,6 +180,7 @@ golang.org/x/exp v0.0.0-20220303212507-bbda1eaf7a17/go.mod h1:lgLbSvA5ygNOMpwM/9
 golang.org/x/image v0.15.0 h1:kOELfmgrmJlw4Cdb7g/QGuB3CvDrXbqEIww/pNtNBm8=
 golang.org/x/image v0.15.0/go.mod h1:HUYqC05R2ZcZ3ejNQsIHQDQiwWM4JBqmm6MKANTp4LE=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
 golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o=
@@ -185,6 +188,7 @@ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=

middleware/auth.go

@@ -15,6 +15,7 @@ func authHelper(c *gin.Context, minRole int) {
 	role := session.Get("role")
 	id := session.Get("id")
 	status := session.Get("status")
+	linuxDoEnable := session.Get("linuxdo_enable")
 	if username == nil {
 		// Check access token
 		accessToken := c.Request.Header.Get("Authorization")
@@ -33,6 +34,7 @@ func authHelper(c *gin.Context, minRole int) {
 			role = user.Role
 			id = user.Id
 			status = user.Status
+			linuxDoEnable = user.LinuxDoId == "" || user.LinuxDoLevel >= common.LinuxDoMinLevel
 		} else {
 			c.JSON(http.StatusOK, gin.H{
 				"success": false,
@@ -50,6 +52,14 @@ func authHelper(c *gin.Context, minRole int) {
 		c.Abort()
 		return
 	}
+	if nil != linuxDoEnable && !linuxDoEnable.(bool) {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": "用户 LINUX DO 信任等级不足",
+		})
+		c.Abort()
+		return
+	}
 	if role.(int) < minRole {
 		c.JSON(http.StatusOK, gin.H{
 			"success": false,
@@ -112,6 +122,15 @@ func TokenAuth() func(c *gin.Context) {
 			abortWithOpenAiMessage(c, http.StatusForbidden, "用户已被封禁")
 			return
 		}
+		linuxDoEnabled, err := model.CacheIsLinuxDoEnabled(token.UserId)
+		if err != nil {
+			abortWithOpenAiMessage(c, http.StatusInternalServerError, err.Error())
+			return
+		}
+		if !linuxDoEnabled {
+			abortWithOpenAiMessage(c, http.StatusForbidden, "用户 LINUX DO 信任等级不足")
+			return
+		}
 		c.Set("id", token.UserId)
 		c.Set("token_id", token.Id)
 		c.Set("token_name", token.Name)

model/cache.go

@@ -204,6 +204,30 @@ func CacheIsUserEnabled(userId int) (bool, error) {
 	return userEnabled, err
 }
 
+func CacheIsLinuxDoEnabled(userId int) (bool, error) {
+	if !common.RedisEnabled {
+		return IsLinuxDoEnabled(userId)
+	}
+	enabled, err := common.RedisGet(fmt.Sprintf("linuxdo_enabled:%d", userId))
+	if err == nil {
+		return enabled == "1", nil
+	}
+
+	linuxDoEnabled, err := IsLinuxDoEnabled(userId)
+	if err != nil {
+		return false, err
+	}
+	enabled = "0"
+	if linuxDoEnabled {
+		enabled = "1"
+	}
+	err = common.RedisSet(fmt.Sprintf("linuxdo_enabled:%d", userId), enabled, time.Duration(UserId2StatusCacheSeconds)*time.Second)
+	if err != nil {
+		common.SysError("Redis set linuxdo enabled error: " + err.Error())
+	}
+	return linuxDoEnabled, err
+}
+
 var group2model2channels map[string]map[string][]*Channel
 var channelsIDM map[int]*Channel
 var channelSyncLock sync.RWMutex

model/log.go

@@ -90,7 +90,7 @@ func RecordConsumeLog(ctx context.Context, userId int, channelId int, promptToke
 	}
 }
 
-func GetAllLogs(logType int, startTimestamp int64, endTimestamp int64, modelName string, username string, tokenName string, startIdx int, num int, channel int) (logs []*Log, err error) {
+func GetAllLogs(logType int, startTimestamp int64, endTimestamp int64, modelName string, username string, tokenName string, startIdx int, num int, channel int) (logs []*Log, total int64, err error) {
 	var tx *gorm.DB
 	if logType == LogTypeUnknown {
 		tx = DB
@@ -115,11 +115,17 @@ func GetAllLogs(logType int, startTimestamp int64, endTimestamp int64, modelName
 	if channel != 0 {
 		tx = tx.Where("channel_id = ?", channel)
 	}
+
+	err = tx.Model(&Log{}).Count(&total).Error
+	if err != nil {
+		return nil, 0, err
+	}
+
 	err = tx.Order("id desc").Limit(num).Offset(startIdx).Find(&logs).Error
-	return logs, err
+	return logs, total, err
 }
 
-func GetUserLogs(userId int, logType int, startTimestamp int64, endTimestamp int64, modelName string, tokenName string, startIdx int, num int) (logs []*Log, err error) {
+func GetUserLogs(userId int, logType int, startTimestamp int64, endTimestamp int64, modelName string, tokenName string, startIdx int, num int) (logs []*Log, total int64, err error) {
 	var tx *gorm.DB
 	if logType == LogTypeUnknown {
 		tx = DB.Where("user_id = ?", userId)
@@ -138,8 +144,14 @@ func GetUserLogs(userId int, logType int, startTimestamp int64, endTimestamp int
 	if endTimestamp != 0 {
 		tx = tx.Where("created_at <= ?", endTimestamp)
 	}
+
+	err = tx.Model(&Log{}).Count(&total).Error
+	if err != nil {
+		return nil, 0, err
+	}
+
 	err = tx.Order("id desc").Limit(num).Offset(startIdx).Omit("id").Find(&logs).Error
-	return logs, err
+	return logs, total, err
 }
 
 func SearchAllLogs(keyword string) (logs []*Log, err error) {

model/option.go

@@ -31,10 +31,12 @@ func InitOptionMap() {
 	common.OptionMap["PasswordRegisterEnabled"] = strconv.FormatBool(common.PasswordRegisterEnabled)
 	common.OptionMap["EmailVerificationEnabled"] = strconv.FormatBool(common.EmailVerificationEnabled)
 	common.OptionMap["GitHubOAuthEnabled"] = strconv.FormatBool(common.GitHubOAuthEnabled)
+	common.OptionMap["LinuxDoOAuthEnabled"] = strconv.FormatBool(common.LinuxDoOAuthEnabled)
 	common.OptionMap["TelegramOAuthEnabled"] = strconv.FormatBool(common.TelegramOAuthEnabled)
 	common.OptionMap["WeChatAuthEnabled"] = strconv.FormatBool(common.WeChatAuthEnabled)
 	common.OptionMap["TurnstileCheckEnabled"] = strconv.FormatBool(common.TurnstileCheckEnabled)
 	common.OptionMap["RegisterEnabled"] = strconv.FormatBool(common.RegisterEnabled)
+	common.OptionMap["UserSelfDeletionEnabled"] = strconv.FormatBool(common.UserSelfDeletionEnabled)
 	common.OptionMap["AutomaticDisableChannelEnabled"] = strconv.FormatBool(common.AutomaticDisableChannelEnabled)
 	common.OptionMap["AutomaticEnableChannelEnabled"] = strconv.FormatBool(common.AutomaticEnableChannelEnabled)
 	common.OptionMap["LogConsumeEnabled"] = strconv.FormatBool(common.LogConsumeEnabled)
@@ -59,15 +61,18 @@ func InitOptionMap() {
 	common.OptionMap["SystemName"] = common.SystemName
 	common.OptionMap["Logo"] = common.Logo
 	common.OptionMap["ServerAddress"] = ""
-	common.OptionMap["PayAddress"] = ""
-	common.OptionMap["CustomCallbackAddress"] = ""
-	common.OptionMap["EpayId"] = ""
-	common.OptionMap["EpayKey"] = ""
-	common.OptionMap["Price"] = strconv.FormatFloat(common.Price, 'f', -1, 64)
+	common.OptionMap["StripeApiSecret"] = common.StripeApiSecret
+	common.OptionMap["StripeWebhookSecret"] = common.StripeWebhookSecret
+	common.OptionMap["StripePriceId"] = common.StripePriceId
+	common.OptionMap["PaymentEnabled"] = strconv.FormatBool(common.PaymentEnabled)
+	common.OptionMap["StripeUnitPrice"] = strconv.FormatFloat(common.StripeUnitPrice, 'f', -1, 64)
 	common.OptionMap["MinTopUp"] = strconv.Itoa(common.MinTopUp)
 	common.OptionMap["TopupGroupRatio"] = common.TopupGroupRatio2JSONString()
 	common.OptionMap["GitHubClientId"] = ""
 	common.OptionMap["GitHubClientSecret"] = ""
+	common.OptionMap["LinuxDoClientId"] = ""
+	common.OptionMap["LinuxDoClientSecret"] = ""
+	common.OptionMap["LinuxDoMinLevel"] = strconv.Itoa(common.LinuxDoMinLevel)
 	common.OptionMap["TelegramBotToken"] = ""
 	common.OptionMap["TelegramBotName"] = ""
 	common.OptionMap["WeChatServerAddress"] = ""
@@ -165,6 +170,8 @@ func updateOptionMap(key string, value string) (err error) {
 			common.EmailVerificationEnabled = boolValue
 		case "GitHubOAuthEnabled":
 			common.GitHubOAuthEnabled = boolValue
+		case "LinuxDoOAuthEnabled":
+			common.LinuxDoOAuthEnabled = boolValue
 		case "WeChatAuthEnabled":
 			common.WeChatAuthEnabled = boolValue
 		case "TelegramOAuthEnabled":
@@ -173,6 +180,8 @@ func updateOptionMap(key string, value string) (err error) {
 			common.TurnstileCheckEnabled = boolValue
 		case "RegisterEnabled":
 			common.RegisterEnabled = boolValue
+		case "UserSelfDeletionEnabled":
+			common.UserSelfDeletionEnabled = boolValue
 		case "EmailDomainRestrictionEnabled":
 			common.EmailDomainRestrictionEnabled = boolValue
 		case "EmailAliasRestrictionEnabled":
@@ -223,16 +232,16 @@ func updateOptionMap(key string, value string) (err error) {
 		common.SMTPToken = value
 	case "ServerAddress":
 		common.ServerAddress = value
-	case "PayAddress":
-		common.PayAddress = value
-	case "CustomCallbackAddress":
-		common.CustomCallbackAddress = value
-	case "EpayId":
-		common.EpayId = value
-	case "EpayKey":
-		common.EpayKey = value
-	case "Price":
-		common.Price, _ = strconv.ParseFloat(value, 64)
+	case "StripeApiSecret":
+		common.StripeApiSecret = value
+	case "StripeWebhookSecret":
+		common.StripeWebhookSecret = value
+	case "StripePriceId":
+		common.StripePriceId = value
+	case "PaymentEnabled":
+		common.PaymentEnabled, _ = strconv.ParseBool(value)
+	case "StripeUnitPrice":
+		common.StripeUnitPrice, _ = strconv.ParseFloat(value, 64)
 	case "MinTopUp":
 		common.MinTopUp, _ = strconv.Atoi(value)
 	case "TopupGroupRatio":
@@ -241,6 +250,12 @@ func updateOptionMap(key string, value string) (err error) {
 		common.GitHubClientId = value
 	case "GitHubClientSecret":
 		common.GitHubClientSecret = value
+	case "LinuxDoClientId":
+		common.LinuxDoClientId = value
+	case "LinuxDoClientSecret":
+		common.LinuxDoClientSecret = value
+	case "LinuxDoMinLevel":
+		common.LinuxDoMinLevel, _ = strconv.Atoi(value)
 	case "Footer":
 		common.Footer = value
 	case "SystemName":

model/topup.go

@@ -1,13 +1,21 @@
 package model
 
+import (
+	"errors"
+	"fmt"
+	"gorm.io/gorm"
+	"one-api/common"
+)
+
 type TopUp struct {
-	Id         int     `json:"id"`
-	UserId     int     `json:"user_id" gorm:"index"`
-	Amount     int     `json:"amount"`
-	Money      float64 `json:"money"`
-	TradeNo    string  `json:"trade_no"`
-	CreateTime int64   `json:"create_time"`
-	Status     string  `json:"status"`
+	Id           int     `json:"id"`
+	UserId       int     `json:"user_id" gorm:"index"`
+	Amount       int     `json:"amount"`
+	Money        float64 `json:"money"`
+	TradeNo      string  `json:"trade_no" gorm:"unique"`
+	CreateTime   int64   `json:"create_time"`
+	CompleteTime int64   `json:"complete_time"`
+	Status       string  `json:"status"`
 }
 
 func (topUp *TopUp) Insert() error {
@@ -41,3 +49,51 @@ func GetTopUpByTradeNo(tradeNo string) *TopUp {
 	}
 	return topUp
 }
+
+func Recharge(referenceId string, customerId string) (err error) {
+	if referenceId == "" {
+		return errors.New("未提供支付单号")
+	}
+
+	var quota float64
+	topUp := &TopUp{}
+
+	refCol := "`trade_no`"
+	if common.UsingPostgreSQL {
+		refCol = `"trade_no"`
+	}
+
+	err = DB.Transaction(func(tx *gorm.DB) error {
+		err := tx.Set("gorm:query_option", "FOR UPDATE").Where(refCol+" = ?", referenceId).First(topUp).Error
+		if err != nil {
+			return errors.New("充值订单不存在")
+		}
+
+		if topUp.Status != common.TopUpStatusPending {
+			return errors.New("充值订单状态错误")
+		}
+
+		topUp.CompleteTime = common.GetTimestamp()
+		topUp.Status = common.TopUpStatusSuccess
+		err = tx.Save(topUp).Error
+		if err != nil {
+			return err
+		}
+
+		quota = topUp.Money * common.QuotaPerUnit
+		err = tx.Model(&User{}).Where("id = ?", topUp.UserId).Updates(map[string]interface{}{"stripe_customer": customerId, "quota": gorm.Expr("quota + ?", quota)}).Error
+		if err != nil {
+			return err
+		}
+
+		return nil
+	})
+
+	if err != nil {
+		return errors.New("充值失败，" + err.Error())
+	}
+
+	RecordLog(topUp.UserId, LogTypeTopup, fmt.Sprintf("使用在线充值成功，充值金额: %v，支付金额：%d", common.LogQuotaF(quota), topUp.Amount))
+
+	return nil
+}

model/user.go

@@ -22,6 +22,8 @@ type User struct {
 	Status           int            `json:"status" gorm:"type:int;default:1"` // enabled, disabled
 	Email            string         `json:"email" gorm:"index" validate:"max=50"`
 	GitHubId         string         `json:"github_id" gorm:"column:github_id;index"`
+	LinuxDoId        string         `json:"linuxdo_id" gorm:"column:linuxdo_id;index"`
+	LinuxDoLevel     int            `json:"linuxdo_level" gorm:"column:linuxdo_level;type:int;default:0"`
 	WeChatId         string         `json:"wechat_id" gorm:"column:wechat_id;index"`
 	TelegramId       string         `json:"telegram_id" gorm:"column:telegram_id;index"`
 	VerificationCode string         `json:"verification_code" gorm:"-:all"`                                    // this field is only for Email verification, don't save it to database!
@@ -35,6 +37,7 @@ type User struct {
 	AffQuota         int            `json:"aff_quota" gorm:"type:int;default:0;column:aff_quota"`           // 邀请剩余额度
 	AffHistoryQuota  int            `json:"aff_history_quota" gorm:"type:int;default:0;column:aff_history"` // 邀请历史额度
 	InviterId        int            `json:"inviter_id" gorm:"type:int;column:inviter_id;index"`
+	StripeCustomer   string         `json:"stripe_customer" gorm:"column:stripe_customer;index"`
 	DeletedAt        gorm.DeletedAt `gorm:"index"`
 }
 
@@ -64,7 +67,7 @@ func CheckUserExistOrDeleted(username string, email string) (bool, error) {
 
 func GetMaxUserId() int {
 	var user User
-	DB.Last(&user)
+	DB.Unscoped().Last(&user)
 	return user.Id
 }
 
@@ -110,6 +113,20 @@ func GetUserById(id int, selectAll bool) (*User, error) {
 	return &user, err
 }
 
+func GetUserByIdUnscoped(id int, selectAll bool) (*User, error) {
+	if id == 0 {
+		return nil, errors.New("id 为空！")
+	}
+	user := User{Id: id}
+	var err error = nil
+	if selectAll {
+		err = DB.Unscoped().First(&user, "id = ?", id).Error
+	} else {
+		err = DB.Unscoped().Omit("password").First(&user, "id = ?", id).Error
+	}
+	return &user, err
+}
+
 func GetUserIdByAffCode(affCode string) (int, error) {
 	if affCode == "" {
 		return 0, errors.New("affCode 为空！")
@@ -312,6 +329,14 @@ func (user *User) FillUserByGitHubId() error {
 	return nil
 }
 
+func (user *User) FillUserByLinuxDoId() error {
+	if user.LinuxDoId == "" {
+		return errors.New("LINUX DO id 为空！")
+	}
+	DB.Where(User{LinuxDoId: user.LinuxDoId}).First(user)
+	return nil
+}
+
 func (user *User) FillUserByWeChatId() error {
 	if user.WeChatId == "" {
 		return errors.New("WeChat id 为空！")
@@ -351,6 +376,10 @@ func IsGitHubIdAlreadyTaken(githubId string) bool {
 	return DB.Where("github_id = ?", githubId).Find(&User{}).RowsAffected == 1
 }
 
+func IsLinuxDoIdAlreadyTaken(linuxdoId string) bool {
+	return DB.Where("linuxdo_id = ?", linuxdoId).Find(&User{}).RowsAffected == 1
+}
+
 func IsUsernameAlreadyTaken(username string) bool {
 	return DB.Where("username = ?", username).Find(&User{}).RowsAffected == 1
 }
@@ -396,6 +425,18 @@ func IsUserEnabled(userId int) (bool, error) {
 	return user.Status == common.UserStatusEnabled, nil
 }
 
+func IsLinuxDoEnabled(userId int) (bool, error) {
+	if userId == 0 {
+		return false, errors.New("user id is empty")
+	}
+	var user User
+	err := DB.Where("id = ?", userId).Select("linuxdo_id, linuxdo_level").Find(&user).Error
+	if err != nil {
+		return false, err
+	}
+	return user.LinuxDoId == "" || user.LinuxDoLevel >= common.LinuxDoMinLevel, nil
+}
+
 func ValidateAccessToken(token string) (user *User) {
 	if token == "" {
 		return nil

router/api-router.go

@@ -17,12 +17,13 @@ func SetApiRouter(router *gin.Engine) {
 		apiRouter.GET("/status/test", middleware.AdminAuth(), controller.TestStatus)
 		apiRouter.GET("/notice", controller.GetNotice)
 		apiRouter.GET("/about", controller.GetAbout)
-		//apiRouter.GET("/midjourney", controller.GetMidjourney)
+		apiRouter.GET("/midjourney", controller.GetMidjourney)
 		apiRouter.GET("/home_page_content", controller.GetHomePageContent)
 		apiRouter.GET("/verification", middleware.CriticalRateLimit(), middleware.TurnstileCheck(), controller.SendEmailVerification)
 		apiRouter.GET("/reset_password", middleware.CriticalRateLimit(), middleware.TurnstileCheck(), controller.SendPasswordResetEmail)
 		apiRouter.POST("/user/reset", middleware.CriticalRateLimit(), controller.ResetPassword)
 		apiRouter.GET("/oauth/github", middleware.CriticalRateLimit(), controller.GitHubOAuth)
+		apiRouter.GET("/oauth/linuxdo", middleware.CriticalRateLimit(), controller.LinuxDoOAuth)
 		apiRouter.GET("/oauth/state", middleware.CriticalRateLimit(), controller.GenerateOAuthCode)
 		apiRouter.GET("/oauth/wechat", middleware.CriticalRateLimit(), controller.WeChatAuth)
 		apiRouter.GET("/oauth/wechat/bind", middleware.CriticalRateLimit(), middleware.UserAuth(), controller.WeChatBind)
@@ -30,13 +31,14 @@ func SetApiRouter(router *gin.Engine) {
 		apiRouter.GET("/oauth/telegram/login", middleware.CriticalRateLimit(), controller.TelegramLogin)
 		apiRouter.GET("/oauth/telegram/bind", middleware.CriticalRateLimit(), middleware.UserAuth(), controller.TelegramBind)
 
+		apiRouter.POST("/stripe/webhook", controller.StripeWebhook)
+
 		userRoute := apiRouter.Group("/user")
 		{
 			userRoute.POST("/register", middleware.CriticalRateLimit(), middleware.TurnstileCheck(), controller.Register)
 			userRoute.POST("/login", middleware.CriticalRateLimit(), middleware.TurnstileCheck(), controller.Login)
 			//userRoute.POST("/tokenlog", middleware.CriticalRateLimit(), controller.TokenLog)
 			userRoute.GET("/logout", controller.Logout)
-			userRoute.GET("/epay/notify", controller.EpayNotify)
 
 			selfRoute := userRoute.Group("/")
 			selfRoute.Use(middleware.UserAuth())
@@ -47,8 +49,8 @@ func SetApiRouter(router *gin.Engine) {
 				selfRoute.DELETE("/self", controller.DeleteSelf)
 				selfRoute.GET("/token", controller.GenerateAccessToken)
 				selfRoute.GET("/aff", controller.GetAffCode)
-				selfRoute.POST("/topup", controller.TopUp)
-				selfRoute.POST("/pay", controller.RequestEpay)
+				selfRoute.POST("/topup", middleware.CriticalRateLimit(), controller.TopUp)
+				selfRoute.POST("/pay", middleware.CriticalRateLimit(), controller.RequestPayLink)
 				selfRoute.POST("/amount", controller.RequestAmount)
 				selfRoute.POST("/aff_transfer", controller.TransferAffQuota)
 			}
@@ -62,7 +64,7 @@ func SetApiRouter(router *gin.Engine) {
 				adminRoute.POST("/", controller.CreateUser)
 				adminRoute.POST("/manage", controller.ManageUser)
 				adminRoute.PUT("/", controller.UpdateUser)
-				adminRoute.DELETE("/:id", controller.DeleteUser)
+				adminRoute.DELETE("/:id", controller.HardDeleteUser)
 			}
 		}
 		optionRoute := apiRouter.Group("/option")

service/epay.go

@@ -1,10 +0,0 @@
-package service
-
-import "one-api/common"
-
-func GetCallbackAddress() string {
-	if common.CustomCallbackAddress == "" {
-		return common.ServerAddress
-	}
-	return common.CustomCallbackAddress
-}

web/.gitignore

@@ -10,6 +10,7 @@
 
 # production
 /build
+/dist
 
 # misc
 .DS_Store
@@ -21,6 +22,4 @@
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
-.idea
-package-lock.json
-yarn.lock
+.idea/

web/.prettierrc.mjs

@@ -1 +1 @@
-module.exports = require("@so1ve/prettier-config");
+module.exports = require('@so1ve/prettier-config');

web/src/App.js

@@ -11,6 +11,7 @@ import EditUser from './pages/User/EditUser';
 import { getLogo, getSystemName } from './helpers';
 import PasswordResetForm from './components/PasswordResetForm';
 import GitHubOAuth from './components/GitHubOAuth';
+import LinuxDoOAuth from './components/LinuxDoOAuth';
 import PasswordResetConfirm from './components/PasswordResetConfirm';
 import { UserContext } from './context/User';
 import Channel from './pages/Channel';
@@ -171,6 +172,14 @@ function App() {
               </Suspense>
             }
           />
+          <Route
+            path='/oauth/linuxdo'
+            element={
+              <Suspense fallback={<Loading></Loading>}>
+                <LinuxDoOAuth />
+              </Suspense>
+            }
+          />
           <Route
             path='/setting'
             element={

web/src/components/GitHubOAuth.js

@@ -14,9 +14,14 @@ const GitHubOAuth = () => {
   let navigate = useNavigate();
 
   const sendCode = async (code, state, count) => {
-    const res = await API.get(`/api/oauth/github?code=${code}&state=${state}`);
+    let aff = localStorage.getItem('aff');
+    const res = await API.get(
+      `/api/oauth/github?code=${code}&state=${state}&aff=${aff}`,
+    );
     const { success, message, data } = res.data;
     if (success) {
+      localStorage.removeItem('aff');
+
       if (message === 'bind') {
         showSuccess('绑定成功！');
         navigate('/setting');
@@ -41,6 +46,14 @@ const GitHubOAuth = () => {
   };
 
   useEffect(() => {
+    let error = searchParams.get('error');
+    if (error) {
+      let errorDescription = searchParams.get('error_description');
+      showError(`授权错误：${error}: ${errorDescription}`);
+      navigate('/setting');
+      return;
+    }
+
     let code = searchParams.get('code');
     let state = searchParams.get('state');
     sendCode(code, state, 0).then();

web/src/components/LinuxDoIcon.js

@@ -0,0 +1,27 @@
+import React from 'react';
+import { Icon } from '@douyinfe/semi-ui';
+
+const LinuxDoIcon = (props) => {
+  function CustomIcon() {
+    return (
+      <svg
+        className='icon'
+        viewBox='0 0 24 24'
+        version='1.1'
+        xmlns='http://www.w3.org/2000/svg'
+        width='1em'
+        height='1em'
+        {...props}
+      >
+        <path
+          d='M19.7,17.6c-0.1-0.2-0.2-0.4-0.2-0.6c0-0.4-0.2-0.7-0.5-1c-0.1-0.1-0.3-0.2-0.4-0.2c0.6-1.8-0.3-3.6-1.3-4.9c0,0,0,0,0,0c-0.8-1.2-2-2.1-1.9-3.7c0-1.9,0.2-5.4-3.3-5.1C8.5,2.3,9.5,6,9.4,7.3c0,1.1-0.5,2.2-1.3,3.1c-0.2,0.2-0.4,0.5-0.5,0.7c-1,1.2-1.5,2.8-1.5,4.3c-0.2,0.2-0.4,0.4-0.5,0.6c-0.1,0.1-0.2,0.2-0.2,0.3c-0.1,0.1-0.3,0.2-0.5,0.3c-0.4,0.1-0.7,0.3-0.9,0.7c-0.1,0.3-0.2,0.7-0.1,1.1c0.1,0.2,0.1,0.4,0,0.7c-0.2,0.4-0.2,0.9,0,1.4c0.3,0.4,0.8,0.5,1.5,0.6c0.5,0,1.1,0.2,1.6,0.4l0,0c0.5,0.3,1.1,0.5,1.7,0.5c0.3,0,0.7-0.1,1-0.2c0.3-0.2,0.5-0.4,0.6-0.7c0.4,0,1-0.2,1.7-0.2c0.6,0,1.2,0.2,2,0.1c0,0.1,0,0.2,0.1,0.3c0.2,0.5,0.7,0.9,1.3,1c0.1,0,0.1,0,0.2,0c0.8-0.1,1.6-0.5,2.1-1.1l0,0c0.4-0.4,0.9-0.7,1.4-0.9c0.6-0.3,1-0.5,1.1-1C20.3,18.6,20.1,18.2,19.7,17.6z M12.8,4.8c0.6,0.1,1.1,0.6,1,1.2c0,0.3-0.1,0.6-0.3,0.9c0,0,0,0-0.1,0c-0.2-0.1-0.3-0.1-0.4-0.2c0.1-0.1,0.1-0.3,0.2-0.5c0-0.4-0.2-0.7-0.4-0.7c-0.3,0-0.5,0.3-0.5,0.7c0,0,0,0.1,0,0.1c-0.1-0.1-0.3-0.1-0.4-0.2c0,0,0-0.1,0-0.1C11.8,5.5,12.2,4.9,12.8,4.8z M12.5,6.8c0.1,0.1,0.3,0.2,0.4,0.2c0.1,0,0.3,0.1,0.4,0.2c0.2,0.1,0.4,0.2,0.4,0.5c0,0.3-0.3,0.6-0.9,0.8c-0.2,0.1-0.3,0.1-0.4,0.2c-0.3,0.2-0.6,0.3-1,0.3c-0.3,0-0.6-0.2-0.8-0.4c-0.1-0.1-0.2-0.2-0.4-0.3C10.1,8.2,9.9,8,9.8,7.7c0-0.1,0.1-0.2,0.2-0.3c0.3-0.2,0.4-0.3,0.5-0.4l0.1-0.1c0.2-0.3,0.6-0.5,1-0.5C11.9,6.5,12.2,6.6,12.5,6.8z M10.4,5c0.4,0,0.7,0.4,0.8,1.1c0,0.1,0,0.1,0,0.2c-0.1,0-0.3,0.1-0.4,0.2c0,0,0-0.1,0-0.2c0-0.3-0.2-0.6-0.4-0.5c-0.2,0-0.3,0.3-0.3,0.6c0,0.2,0.1,0.3,0.2,0.4l0,0c0,0-0.1,0.1-0.2,0.1C9.9,6.7,9.7,6.4,9.7,6.1C9.7,5.5,10,5,10.4,5z M9.4,21.1c-0.7,0.3-1.6,0.2-2.2-0.2c-0.6-0.3-1.1-0.4-1.8-0.4c-0.5-0.1-1-0.1-1.1-0.3c-0.1-0.2-0.1-0.5,0.1-1c0.1-0.3,0.1-0.6,0-0.9c-0.1-0.3-0.1-0.5,0-0.8C4.5,17.2,4.7,17.1,5,17c0.3-0.1,0.5-0.2,0.7-0.4c0.1-0.1,0.2-0.2,0.3-0.4c0.3-0.4,0.5-0.6,0.8-0.6c0.6,0.1,1.1,1,1.5,1.9c0.2,0.3,0.4,0.7,0.7,1c0.4,0.5,0.9,1.2,0.9,1.6C9.9,20.6,9.7,20.9,9.4,21.1z M14.3,18.9c0,0.1,0,0.1-0.1,0.2c-1.2,0.9-2.8,1-4.1,0.3c-0.2-0.3-0.4-0.6-0.6-0.9c0.9-0.1,0.7-1.3-1.2-2.5c-2-1.3-0.6-3.7,0.1-4.8c0.1-0.1,0.1,0-0.3,0.8c-0.3,0.6-0.9,2.1-0.1,3.2c0-0.8,0.2-1.6,0.5-2.4c0.7-1.3,1.2-2.8,1.5-4.3c0.1,0.1,0.1,0.1,0.2,0.1c0.1,0.1,0.2,0.2,0.3,0.2c0.2,0.3,0.6,0.4,0.9,0.4c0,0,0.1,0,0.1,0c0.4,0,0.8-0.1,1.1-0.4c0.1-0.1,0.2-0.2,0.4-0.2c0.3-0.1,0.6-0.3,0.9-0.6c0.4,1.3,0.8,2.5,1.4,3.6c0.4,0.8,0.7,1.6,0.9,2.5c0.3,0,0.7,0.1,1,0.3c0.8,0.4,1.1,0.7,1,1.2c-0.1,0-0.1,0-0.2,0c0-0.3-0.2-0.6-0.9-0.9c-0.7-0.3-1.3-0.3-1.5,0.4c-0.1,0-0.2,0.1-0.3,0.1c-0.8,0.4-0.8,1.5-0.9,2.6C14.5,18.2,14.4,18.5,14.3,18.9z M18.9,19.5c-0.6,0.2-1.1,0.6-1.5,1.1c-0.4,0.6-1.1,1-1.9,0.9c-0.4,0-0.8-0.3-0.9-0.7c-0.1-0.6-0.1-1.2,0.2-1.8c0.1-0.4,0.2-0.7,0.3-1.1c0.1-1.2,0.1-1.9,0.6-2.2h0c0,0.5,0.3,0.8,0.7,1c0.5,0,1-0.1,1.4-0.5c0.1,0,0.1,0,0.2,0c0.3,0,0.5,0,0.7,0.2c0.2,0.2,0.3,0.5,0.3,0.7c0,0.3,0.2,0.6,0.3,0.9c0.5,0.5,0.5,0.8,0.5,0.9C19.7,19.1,19.3,19.3,18.9,19.5z M9.9,7.5c-0.1,0-0.1,0-0.1,0.1c0,0,0,0.1,0.1,0.1c0,0,0,0,0,0c0.1,0,0.1,0.1,0.1,0.1c0.3,0.4,0.8,0.6,1.4,0.7c0.5-0.1,1-0.2,1.5-0.6c0.2-0.1,0.4-0.2,0.6-0.3c0.1,0,0.1-0.1,0.1-0.1c0-0.1,0-0.1-0.1-0.1l0,0c-0.2,0.1-0.5,0.2-0.7,0.3c-0.4,0.3-0.9,0.5-1.4,0.5c-0.5,0-0.9-0.3-1.2-0.6C10.1,7.6,10,7.5,9.9,7.5z'
+          fill='currentColor'
+        />
+      </svg>
+    );
+  }
+
+  return <Icon svg={<CustomIcon />} />;
+};
+
+export default LinuxDoIcon;

web/src/components/LinuxDoOAuth.js

@@ -0,0 +1,71 @@
+import React, { useContext, useEffect, useState } from 'react';
+import { Dimmer, Loader, Segment } from 'semantic-ui-react';
+import { useNavigate, useSearchParams } from 'react-router-dom';
+import { API, showError, showSuccess } from '../helpers';
+import { UserContext } from '../context/User';
+
+const LinuxDoOAuth = () => {
+  const [searchParams, setSearchParams] = useSearchParams();
+
+  const [userState, userDispatch] = useContext(UserContext);
+  const [prompt, setPrompt] = useState('处理中...');
+  const [processing, setProcessing] = useState(true);
+
+  let navigate = useNavigate();
+
+  const sendCode = async (code, state, count) => {
+    let aff = localStorage.getItem('aff');
+    const res = await API.get(
+      `/api/oauth/linuxdo?code=${code}&state=${state}&aff=${aff}`,
+    );
+    const { success, message, data } = res.data;
+    if (success) {
+      localStorage.removeItem('aff');
+
+      if (message === 'bind') {
+        showSuccess('绑定成功！');
+        navigate('/setting');
+      } else {
+        userDispatch({ type: 'login', payload: data });
+        localStorage.setItem('user', JSON.stringify(data));
+        showSuccess('登录成功！');
+        navigate('/');
+      }
+    } else {
+      showError(message);
+      if (count === 0) {
+        setPrompt(`操作失败，重定向至登录界面中...`);
+        navigate('/setting'); // in case this is failed to bind GitHub
+        return;
+      }
+      count++;
+      setPrompt(`出现错误，第 ${count} 次重试中...`);
+      await new Promise((resolve) => setTimeout(resolve, count * 2000));
+      await sendCode(code, state, count);
+    }
+  };
+
+  useEffect(() => {
+    let error = searchParams.get('error');
+    if (error) {
+      let errorDescription = searchParams.get('error_description');
+      showError(`授权错误：${error}: ${errorDescription}`);
+      navigate('/setting');
+      return;
+    }
+
+    let code = searchParams.get('code');
+    let state = searchParams.get('state');
+    sendCode(code, state, 0).then();
+  }, []);
+
+  return (
+    <Segment style={{ minHeight: '300px' }}>
+      <Dimmer active inverted>
+        <Loader size='large'>{prompt}</Loader>
+      </Dimmer>
+    </Segment>
+  );
+};
+
+export default LinuxDoOAuth;

web/src/components/LoginForm.js

@@ -2,7 +2,7 @@ import React, { useContext, useEffect, useState } from 'react';
 import { Link, useNavigate, useSearchParams } from 'react-router-dom';
 import { UserContext } from '../context/User';
 import { API, getLogo, showError, showInfo, showSuccess } from '../helpers';
-import { onGitHubOAuthClicked } from './utils';
+import { onGitHubOAuthClicked, onLinuxDoOAuthClicked } from './utils';
 import Turnstile from 'react-turnstile';
 import {
   Button,
@@ -18,6 +18,7 @@ import Text from '@douyinfe/semi-ui/lib/es/typography/text';
 import TelegramLoginButton from 'react-telegram-login';
 
 import { IconGithubLogo } from '@douyinfe/semi-icons';
+import LinuxDoIcon from './LinuxDoIcon';
 import WeChatIcon from './WeChatIcon';
 
 const LoginForm = () => {
@@ -207,6 +208,7 @@ const LoginForm = () => {
                   </Text>
                 </div>
                 {status.github_oauth ||
+                status.linuxdo_oauth ||
                 status.wechat_login ||
                 status.telegram_oauth ? (
                   <>
@@ -224,6 +226,7 @@ const LoginForm = () => {
                         <Button
                           type='primary'
                           icon={<IconGithubLogo />}
+                          style={{ margin: '0 5px' }}
                           onClick={() =>
                             onGitHubOAuthClicked(status.github_client_id)
                           }
@@ -231,10 +234,25 @@ const LoginForm = () => {
                       ) : (
                         <></>
                       )}
+                      {status.linuxdo_oauth ? (
+                        <Button
+                          type='primary'
+                          icon={<LinuxDoIcon />}
+                          style={{ color: '#000', margin: '0 5px' }}
+                          onClick={() =>
+                            onLinuxDoOAuthClicked(status.linuxdo_client_id)
+                          }
+                        />
+                      ) : (
+                        <></>
+                      )}
                       {status.wechat_login ? (
                         <Button
                           type='primary'
-                          style={{ color: 'rgba(var(--semi-green-5), 1)' }}
+                          style={{
+                            color: 'rgba(var(--semi-green-5), 1)',
+                            margin: '0 5px',
+                          }}
                           icon={<Icon svg={<WeChatIcon />} />}
                           onClick={onWeChatLoginClicked}
                         />
@@ -244,6 +262,8 @@ const LoginForm = () => {
 
                       {status.telegram_oauth ? (
                         <TelegramLoginButton
+                          className='semi-button semi-button-with-icon semi-button-with-icon-only'
+                          buttonSize='medium'
                           dataOnauth={onTelegramLoginClicked}
                           botName={status.telegram_bot_name}
                         />

web/src/components/LogsTable.js

@@ -312,7 +312,7 @@ const LogsTable = () => {
   const [loading, setLoading] = useState(false);
   const [loadingStat, setLoadingStat] = useState(false);
   const [activePage, setActivePage] = useState(1);
-  const [logCount, setLogCount] = useState(ITEMS_PER_PAGE);
+  const [logCount, setLogCount] = useState(0);
   const [pageSize, setPageSize] = useState(ITEMS_PER_PAGE);
   const [searchKeyword, setSearchKeyword] = useState('');
   const [searching, setSearching] = useState(false);
@@ -409,14 +409,14 @@ const LogsTable = () => {
     }
   };
 
-  const setLogsFormat = (logs) => {
+  const setLogsFormat = (logs, total) => {
     for (let i = 0; i < logs.length; i++) {
       logs[i].timestamp2string = timestamp2string(logs[i].created_at);
       logs[i].key = '' + logs[i].id;
     }
     // data.key = '' + data.id
     setLogs(logs);
-    setLogCount(logs.length + ITEMS_PER_PAGE);
+    setLogCount(total);
     // console.log(logCount);
   };
 
@@ -432,14 +432,14 @@ const LogsTable = () => {
       url = `/api/log/self/?p=${startIdx}&page_size=${pageSize}&type=${logType}&token_name=${token_name}&model_name=${model_name}&start_timestamp=${localStartTimestamp}&end_timestamp=${localEndTimestamp}`;
     }
     const res = await API.get(url);
-    const { success, message, data } = res.data;
+    const { success, message, total, data } = res.data;
     if (success) {
       if (startIdx === 0) {
-        setLogsFormat(data);
+        setLogsFormat(data, total);
       } else {
         let newLogs = [...logs];
         newLogs.splice(startIdx * pageSize, data.length, ...data);
-        setLogsFormat(newLogs);
+        setLogsFormat(newLogs, total);
       }
     } else {
       showError(message);
@@ -606,7 +606,9 @@ const LogsTable = () => {
                 type='primary'
                 htmlType='submit'
                 className='btn-margin-right'
-                onClick={refresh}
+                onClick={() => {
+                  refresh(logType).then();
+                }}
                 loading={loading}
               >
                 查询

web/src/components/PersonalSetting.js

@@ -10,7 +10,7 @@ import {
 } from '../helpers';
 import Turnstile from 'react-turnstile';
 import { UserContext } from '../context/User';
-import { onGitHubOAuthClicked } from './utils';
+import { onGitHubOAuthClicked, onLinuxDoOAuthClicked } from './utils';
 import {
   Avatar,
   Banner,
@@ -519,6 +519,39 @@ const PersonalSetting = () => {
                   </div>
                 </div>
               </div>
+              <div style={{ marginTop: 10 }}>
+                <Typography.Text strong>LINUX DO</Typography.Text>
+                <div
+                  style={{ display: 'flex', justifyContent: 'space-between' }}
+                >
+                  <div>
+                    <Input
+                      value={
+                        userState.user && userState.user.linuxdo_id !== ''
+                          ? userState.user.linuxdo_id +
+                            '（' +
+                            userState.user.linuxdo_level +
+                            '级）'
+                          : '未绑定'
+                      }
+                      readonly={true}
+                    ></Input>
+                  </div>
+                  <div>
+                    <Button
+                      onClick={() => {
+                        onLinuxDoOAuthClicked(status.linuxdo_client_id);
+                      }}
+                      disabled={
+                        (userState.user && userState.user.linuxdo_id !== '') ||
+                        !status.linuxdo_oauth
+                      }
+                    >
+                      {status.linuxdo_oauth ? '绑定' : '未启用'}
+                    </Button>
+                  </div>
+                </div>
+              </div>
 
               <div style={{ marginTop: 10 }}>
                 <Typography.Text strong>Telegram</Typography.Text>

web/src/components/RegisterForm.js

@@ -77,6 +77,8 @@ const RegisterForm = () => {
       );
       const { success, message } = res.data;
       if (success) {
+        localStorage.removeItem('aff');
+
         navigate('/login');
         showSuccess('注册成功！');
       } else {

web/src/components/SystemSetting.js

@@ -18,6 +18,10 @@ const SystemSetting = () => {
     GitHubOAuthEnabled: '',
     GitHubClientId: '',
     GitHubClientSecret: '',
+    LinuxDoOAuthEnabled: '',
+    LinuxDoClientId: '',
+    LinuxDoClientSecret: '',
+    LinuxDoMinLevel: 0,
     Notice: '',
     SMTPServer: '',
     SMTPPort: '',
@@ -25,13 +29,13 @@ const SystemSetting = () => {
     SMTPFrom: '',
     SMTPToken: '',
     ServerAddress: '',
-    EpayId: '',
-    EpayKey: '',
-    Price: 7.3,
-    MinTopUp: 1,
+    StripeApiSecret: '',
+    StripeWebhookSecret: '',
+    StripePriceId: '',
+    PaymentEnabled: false,
+    StripeUnitPrice: 8.0,
+    MinTopUp: 5,
     TopupGroupRatio: '',
-    PayAddress: '',
-    CustomCallbackAddress: '',
     Footer: '',
     WeChatAuthEnabled: '',
     WeChatServerAddress: '',
@@ -41,6 +45,7 @@ const SystemSetting = () => {
     TurnstileSiteKey: '',
     TurnstileSecretKey: '',
     RegisterEnabled: '',
+    UserSelfDeletionEnabled: false,
     EmailDomainRestrictionEnabled: '',
     EmailAliasRestrictionEnabled: '',
     SMTPSSLEnabled: '',
@@ -96,6 +101,7 @@ const SystemSetting = () => {
       case 'PasswordRegisterEnabled':
       case 'EmailVerificationEnabled':
       case 'GitHubOAuthEnabled':
+      case 'LinuxDoOAuthEnabled':
       case 'WeChatAuthEnabled':
       case 'TelegramOAuthEnabled':
       case 'TurnstileCheckEnabled':
@@ -103,6 +109,8 @@ const SystemSetting = () => {
       case 'EmailAliasRestrictionEnabled':
       case 'SMTPSSLEnabled':
       case 'RegisterEnabled':
+      case 'UserSelfDeletionEnabled':
+      case 'PaymentEnabled':
         value = inputs[key] === 'true' ? 'false' : 'true';
         break;
       default:
@@ -117,9 +125,6 @@ const SystemSetting = () => {
       if (key === 'EmailDomainWhitelist') {
         value = value.split(',');
       }
-      if (key === 'Price') {
-        value = parseFloat(value);
-      }
       setInputs((inputs) => ({
         ...inputs,
         [key]: value,
@@ -140,12 +145,16 @@ const SystemSetting = () => {
       name === 'Notice' ||
       (name.startsWith('SMTP') && name !== 'SMTPSSLEnabled') ||
       name === 'ServerAddress' ||
-      name === 'EpayId' ||
-      name === 'EpayKey' ||
-      name === 'Price' ||
-      name === 'PayAddress' ||
+      name === 'StripeApiSecret' ||
+      name === 'StripeWebhookSecret' ||
+      name === 'StripePriceId' ||
+      name === 'StripeUnitPrice' ||
+      name === 'MinTopUp' ||
       name === 'GitHubClientId' ||
       name === 'GitHubClientSecret' ||
+      name === 'LinuxDoClientId' ||
+      name === 'LinuxDoClientSecret' ||
+      name === 'LinuxDoMinLevel' ||
       name === 'WeChatServerAddress' ||
       name === 'WeChatServerToken' ||
       name === 'WeChatAccountQRCodeImageURL' ||
@@ -167,7 +176,7 @@ const SystemSetting = () => {
     await updateOption('ServerAddress', ServerAddress);
   };
 
-  const submitPayAddress = async () => {
+  const submitPaymentConfig = async () => {
     if (inputs.ServerAddress === '') {
       showError('请先填写服务器地址');
       return;
@@ -179,15 +188,31 @@ const SystemSetting = () => {
       }
       await updateOption('TopupGroupRatio', inputs.TopupGroupRatio);
     }
-    let PayAddress = removeTrailingSlash(inputs.PayAddress);
-    await updateOption('PayAddress', PayAddress);
-    if (inputs.EpayId !== '') {
-      await updateOption('EpayId', inputs.EpayId);
+    let stripeApiSecret = removeTrailingSlash(inputs.StripeApiSecret);
+    if (stripeApiSecret && !stripeApiSecret.startsWith('sk_')) {
+      showError('输入了无效的Stripe API密钥');
+      return;
     }
-    if (inputs.EpayKey !== '') {
-      await updateOption('EpayKey', inputs.EpayKey);
+    stripeApiSecret && (await updateOption('StripeApiSecret', stripeApiSecret));
+
+    let stripeWebhookSecret = removeTrailingSlash(inputs.StripeWebhookSecret);
+    if (stripeWebhookSecret && !stripeWebhookSecret.startsWith('whsec_')) {
+      showError('输入了无效的Stripe Webhook签名密钥');
+      return;
     }
-    await updateOption('Price', '' + inputs.Price);
+    stripeWebhookSecret &&
+      (await updateOption('StripeWebhookSecret', stripeWebhookSecret));
+
+    let stripePriceId = removeTrailingSlash(inputs.StripePriceId);
+    if (stripePriceId && !stripePriceId.startsWith('price_')) {
+      showError('输入了无效的Stripe 物品价格ID');
+      return;
+    }
+    await updateOption('StripePriceId', stripePriceId);
+
+    await updateOption('PaymentEnable', inputs.PaymentEnabled);
+    await updateOption('StripeUnitPrice', inputs.StripeUnitPrice);
+    await updateOption('MinTopUp', inputs.MinTopUp);
   };
 
   const submitSMTP = async () => {
@@ -263,6 +288,21 @@ const SystemSetting = () => {
     }
   };
 
+  const submitLinuxDoOAuth = async () => {
+    if (originInputs['LinuxDoClientId'] !== inputs.LinuxDoClientId) {
+      await updateOption('LinuxDoClientId', inputs.LinuxDoClientId);
+    }
+    if (
+      originInputs['LinuxDoClientSecret'] !== inputs.LinuxDoClientSecret &&
+      inputs.LinuxDoClientSecret !== ''
+    ) {
+      await updateOption('LinuxDoClientSecret', inputs.LinuxDoClientSecret);
+    }
+    if (originInputs['LinuxDoMinLevel'] !== inputs.LinuxDoMinLevel) {
+      await updateOption('LinuxDoMinLevel', inputs.LinuxDoMinLevel);
+    }
+  };
+
   const submitTelegramSettings = async () => {
     // await updateOption('TelegramOAuthEnabled', inputs.TelegramOAuthEnabled);
     await updateOption('TelegramBotToken', inputs.TelegramBotToken);
@@ -322,52 +362,72 @@ const SystemSetting = () => {
           </Form.Button>
           <Divider />
           <Header as='h3'>
-            支付设置（当前仅支持易支付接口，默认使用上方服务器地址作为回调地址！）
+            支付设置（当前仅支持Stripe Checkout）
+            <Header.Subheader>
+              密钥、Webhook 等设置请
+              <a
+                href='https://dashboard.stripe.com/developers'
+                target='_blank'
+                rel='noreferrer'
+              >
+                点击此处
+              </a>
+              进行设置，最好先在
+              <a
+                href='https://dashboard.stripe.com/test/developers'
+                target='_blank'
+                rel='noreferrer'
+              >
+                测试环境
+              </a>
+              进行测试
+            </Header.Subheader>
           </Header>
+          <Message>
+            Webhook 填：
+            <code>{`${inputs.ServerAddress}/api/stripe/webhook`}</code>
+            ，需要包含事件：<code>checkout.session.completed</code> 和{' '}
+            <code>checkout.session.expired</code>
+          </Message>
           <Form.Group widths='equal'>
             <Form.Input
-              label='支付地址，不填写则不启用在线支付'
-              placeholder='例如：https://yourdomain.com'
-              value={inputs.PayAddress}
-              name='PayAddress'
+              label='API密钥'
+              placeholder='sk_xxx的Stripe密钥，敏感信息不显示'
+              value={inputs.StripeApiSecret}
+              name='StripeApiSecret'
               onChange={handleInputChange}
             />
             <Form.Input
-              label='易支付商户ID'
-              placeholder='例如：0001'
-              value={inputs.EpayId}
-              name='EpayId'
+              label='Webhook签名密钥'
+              placeholder='whsec_xxx的Webhook签名密钥，敏感信息不显示'
+              value={inputs.StripeWebhookSecret}
+              name='StripeWebhookSecret'
               onChange={handleInputChange}
             />
             <Form.Input
-              label='易支付商户密钥'
-              placeholder='例如：dejhfueqhujasjmndbjkqaw'
-              value={inputs.EpayKey}
-              name='EpayKey'
+              label='商品价格ID'
+              placeholder='price_xxx的商品价格ID，新建产品后可获得'
+              value={inputs.StripePriceId}
+              name='StripePriceId'
               onChange={handleInputChange}
             />
           </Form.Group>
           <Form.Group widths='equal'>
             <Form.Input
-              label='回调地址，不填写则使用上方服务器地址作为回调地址'
-              placeholder='例如：https://yourdomain.com'
-              value={inputs.CustomCallbackAddress}
-              name='CustomCallbackAddress'
-              onChange={handleInputChange}
-            />
-            <Form.Input
-              label='充值价格（x元/美金）'
-              placeholder='例如：7，就是7元/美金'
-              value={inputs.Price}
-              name='Price'
+              label='商品单价（元）'
+              placeholder='商品的人民币价格'
+              value={inputs.StripeUnitPrice}
+              name='StripeUnitPrice'
+              type={'number'}
               min={0}
               onChange={handleInputChange}
             />
             <Form.Input
-              label='最低充值美元数量（以美金为单位，如果使用额度请自行换算！）'
-              placeholder='例如：2，就是最低充值2$'
+              label='最低充值数量'
+              placeholder='例如：2，就是最低充值2件商品'
               value={inputs.MinTopUp}
               name='MinTopUp'
+              type={'number'}
               min={1}
               onChange={handleInputChange}
             />
@@ -383,7 +443,17 @@ const SystemSetting = () => {
               placeholder='为一个 JSON 文本，键为组名称，值为倍率'
             />
           </Form.Group>
-          <Form.Button onClick={submitPayAddress}>更新支付设置</Form.Button>
+          <Form.Group inline>
+            <Form.Button onClick={submitPaymentConfig}>
+              更新支付设置
+            </Form.Button>
+            <Form.Checkbox
+              checked={inputs.PaymentEnabled === 'true'}
+              label='开启在线支付'
+              name='PaymentEnabled'
+              onChange={handleInputChange}
+            />
+          </Form.Group>
           <Divider />
           <Header as='h3'>配置登录注册</Header>
           <Form.Group inline>
@@ -440,6 +510,12 @@ const SystemSetting = () => {
               name='GitHubOAuthEnabled'
               onChange={handleInputChange}
             />
+            <Form.Checkbox
+              checked={inputs.LinuxDoOAuthEnabled === 'true'}
+              label='允许通过 LINUX DO 账户登录 & 注册'
+              name='LinuxDoOAuthEnabled'
+              onChange={handleInputChange}
+            />
             <Form.Checkbox
               checked={inputs.WeChatAuthEnabled === 'true'}
               label='允许通过微信登录 & 注册'
@@ -466,6 +542,12 @@ const SystemSetting = () => {
               name='TurnstileCheckEnabled'
               onChange={handleInputChange}
             />
+            <Form.Checkbox
+              checked={inputs.UserSelfDeletionEnabled === 'true'}
+              label='允许用户自行删除账户'
+              name='UserSelfDeletionEnabled'
+              onChange={handleInputChange}
+            />
           </Form.Group>
           <Divider />
           <Header as='h3'>
@@ -634,6 +716,58 @@ const SystemSetting = () => {
             保存 GitHub OAuth 设置
           </Form.Button>
           <Divider />
+          <Header as='h3'>
+            配置 LINUX DO Oauth
+            <Header.Subheader>
+              用以支持通过 LINUX DO 进行登录注册，
+              <a
+                href='https://connect.linux.do'
+                target='_blank'
+                rel='noreferrer'
+              >
+                点击此处
+              </a>
+              管理你的 LINUX DO OAuth
+            </Header.Subheader>
+          </Header>
+          <Message>
+            Homepage URL 填 <code>{inputs.ServerAddress}</code>
+            ，Authorization callback URL 填{' '}
+            <code>{`${inputs.ServerAddress}/oauth/linuxdo`}</code>
+          </Message>
+          <Form.Group widths={3}>
+            <Form.Input
+              label='LINUX DO Client ID'
+              name='LinuxDoClientId'
+              onChange={handleInputChange}
+              autoComplete='new-password'
+              value={inputs.LinuxDoClientId}
+              placeholder='输入你注册的 LINUX DO OAuth 的 ID'
+            />
+            <Form.Input
+              label='LINUX DO Client Secret'
+              name='LinuxDoClientSecret'
+              onChange={handleInputChange}
+              type='password'
+              autoComplete='new-password'
+              value={inputs.LinuxDoClientSecret}
+              placeholder='敏感信息不会发送到前端显示'
+            />
+            <Form.Input
+              label='限制最低信任等级'
+              name='LinuxDoMinLevel'
+              onChange={handleInputChange}
+              type='number'
+              min={0}
+              max={4}
+              value={inputs.LinuxDoMinLevel}
+              placeholder='输入允许使用的最低 LINUX DO 信任等级'
+            />
+          </Form.Group>
+          <Form.Button onClick={submitLinuxDoOAuth}>
+            保存 LINUX DO OAuth 设置
+          </Form.Button>
+          <Divider />
           <Header as='h3'>
             配置 WeChat Server
             <Header.Subheader>

web/src/components/UsersTable.js

@@ -210,21 +210,39 @@ const UsersTable = () => {
               </Button>
             </>
           )}
-          <Popconfirm
-            title='确定是否要删除此用户？'
-            content='硬删除，此修改将不可逆'
-            okType={'danger'}
-            position={'left'}
-            onConfirm={() => {
-              manageUser(record.username, 'delete', record).then(() => {
-                removeRecord(record.id);
-              });
-            }}
-          >
-            <Button theme='light' type='danger' style={{ marginRight: 1 }}>
-              删除
-            </Button>
-          </Popconfirm>
+          {record.DeletedAt !== null ? (
+            <Popconfirm
+              title='确定是否要删除此用户？'
+              content='硬删除，此修改将不可逆'
+              okType={'danger'}
+              position={'left'}
+              onConfirm={() => {
+                hardDeleteUser(record.id).then(() => {
+                  removeRecord(record.id);
+                });
+              }}
+            >
+              <Button theme='light' type='danger' style={{ marginRight: 1 }}>
+                永久删除
+              </Button>
+            </Popconfirm>
+          ) : (
+            <Popconfirm
+              title='确定是否要删除此用户？'
+              content='软删除，数据依然留底'
+              okType={'danger'}
+              position={'left'}
+              onConfirm={() => {
+                manageUser(record.username, 'delete', record).then(() => {
+                  record.DeletedAt = new Date();
+                });
+              }}
+            >
+              <Button theme='light' type='danger' style={{ marginRight: 1 }}>
+                删除
+              </Button>
+            </Popconfirm>
+          )}
         </div>
       ),
     },
@@ -318,6 +336,18 @@ const UsersTable = () => {
       setUsers(newUsers);
     } else {
       showError(message);
+      throw new Error(message);
+    }
+  };
+
+  const hardDeleteUser = async (userId) => {
+    const res = await API.delete('/api/user/' + userId);
+    const { success, message } = res.data;
+    if (success) {
+      showSuccess('操作成功完成！');
+    } else {
+      showError(message);
+      throw new Error(message);
     }
   };
 

web/src/components/utils.js

@@ -14,7 +14,11 @@ export async function getOAuthState() {
 export async function onGitHubOAuthClicked(github_client_id) {
   const state = await getOAuthState();
   if (!state) return;
-  window.open(
-    `https://github.com/login/oauth/authorize?client_id=${github_client_id}&state=${state}&scope=user:email`,
-  );
+  location.href = `https://github.com/login/oauth/authorize?client_id=${github_client_id}&state=${state}&scope=user:email`;
+}
+
+export async function onLinuxDoOAuthClicked(linuxdo_client_id) {
+  const state = await getOAuthState();
+  if (!state) return;
+  location.href = `https://connect.linux.do/oauth2/authorize?client_id=${linuxdo_client_id}&response_type=code&state=${state}&scope=user:profile`;
 }

web/src/helpers/utils.js

@@ -79,6 +79,7 @@ export function showError(error) {
       switch (error.response.status) {
         case 401:
           // toast.error('错误：未登录或登录已过期，请重新登录！', showErrorOptions);
+          localStorage.removeItem('user');
           window.location.href = '/login?expired=true';
           break;
         case 429:
@@ -126,6 +127,10 @@ export function openPage(url) {
 }
 
 export function removeTrailingSlash(url) {
+  if (!url) {
+    return '';
+  }
+
   if (url.endsWith('/')) {
     return url.slice(0, -1);
   } else {

web/src/pages/Home/index.js

@@ -122,6 +122,12 @@ const Home = () => {
                       ? '已启用'
                       : '未启用'}
                   </p>
+                  <p>
+                    LINUX DO 身份验证：
+                    {statusState?.status?.linuxdo_oauth === true
+                      ? '已启用'
+                      : '未启用'}
+                  </p>
                   <p>
                     微信身份验证：
                     {statusState?.status?.wechat_login === true

web/src/pages/TopUp/index.js

@@ -1,10 +1,6 @@
 import React, { useEffect, useState } from 'react';
 import { API, isMobile, showError, showInfo, showSuccess } from '../../helpers';
-import {
-  renderNumber,
-  renderQuota,
-  renderQuotaWithAmount,
-} from '../../helpers/render';
+import { renderNumber, renderQuota } from '../../helpers/render';
 import {
   Col,
   Layout,
@@ -16,7 +12,6 @@ import {
   Divider,
   Space,
   Modal,
-  Toast,
 } from '@douyinfe/semi-ui';
 import Title from '@douyinfe/semi-ui/lib/es/typography/title';
 import Text from '@douyinfe/semi-ui/lib/es/typography/text';
@@ -25,20 +20,22 @@ import { Link } from 'react-router-dom';
 const TopUp = () => {
   const [redemptionCode, setRedemptionCode] = useState('');
   const [topUpCode, setTopUpCode] = useState('');
-  const [topUpCount, setTopUpCount] = useState(0);
+  const [topUpCount, setTopUpCount] = useState(10);
   const [minTopupCount, setMinTopUpCount] = useState(1);
-  const [amount, setAmount] = useState(0.0);
+  const [payAmount, setPayAmount] = useState(0.0);
+  const [chargedAmount, setChargedAmount] = useState(0.0);
   const [minTopUp, setMinTopUp] = useState(1);
   const [topUpLink, setTopUpLink] = useState('');
-  const [enableOnlineTopUp, setEnableOnlineTopUp] = useState(false);
+  const [paymentEnabled, setPaymentEnabled] = useState(false);
   const [userQuota, setUserQuota] = useState(0);
   const [isSubmitting, setIsSubmitting] = useState(false);
+  const [isPaying, setIsPaying] = useState(false);
   const [open, setOpen] = useState(false);
   const [payWay, setPayWay] = useState('');
 
   const topUp = async () => {
     if (redemptionCode === '') {
-      showInfo('请输入兑换码！');
+      showError('请输入兑换码！');
       return;
     }
     setIsSubmitting(true);
@@ -77,11 +74,17 @@ const TopUp = () => {
   };
 
   const preTopUp = async (payment) => {
-    if (!enableOnlineTopUp) {
+    if (!paymentEnabled) {
       showError('管理员未开启在线充值！');
       return;
     }
-    await getAmount();
+    if (!Number.isInteger(Number(topUpCount))) {
+      showError('充值数量必须是整数！');
+      return;
+    }
+    if (payAmount === 0) {
+      await getAmount();
+    }
     if (topUpCount < minTopUp) {
       showError('充值数量不能小于' + minTopUp);
       return;
@@ -91,7 +94,7 @@ const TopUp = () => {
   };
 
   const onlineTopUp = async () => {
-    if (amount === 0) {
+    if (payAmount === 0) {
       await getAmount();
     }
     if (topUpCount < minTopUp) {
@@ -100,6 +103,7 @@ const TopUp = () => {
     }
     setOpen(false);
     try {
+      setIsPaying(true);
       const res = await API.post('/api/user/pay', {
         amount: parseInt(topUpCount),
         top_up_code: topUpCode,
@@ -109,34 +113,13 @@ const TopUp = () => {
         const { message, data } = res.data;
         // showInfo(message);
         if (message === 'success') {
-          let params = data;
-          let url = res.data.url;
-          let form = document.createElement('form');
-          form.action = url;
-          form.method = 'POST';
-          // 判断是否为safari浏览器
-          let isSafari =
-            navigator.userAgent.indexOf('Safari') > -1 &&
-            navigator.userAgent.indexOf('Chrome') < 1;
-          if (!isSafari) {
-            form.target = '_blank';
-          }
-          for (let key in params) {
-            let input = document.createElement('input');
-            input.type = 'hidden';
-            input.name = key;
-            input.value = params[key];
-            form.appendChild(input);
-          }
-          document.body.appendChild(form);
-          form.submit();
-          document.body.removeChild(form);
+          location.href = data.payLink;
         } else {
+          setIsPaying(false);
           showError(data);
-          // setTopUpCount(parseInt(res.data.count));
-          // setAmount(parseInt(data));
         }
       } else {
+        setIsPaying(false);
         showError(res);
       }
     } catch (err) {
@@ -165,8 +148,8 @@ const TopUp = () => {
       if (status.min_topup) {
         setMinTopUp(status.min_topup);
       }
-      if (status.enable_online_topup) {
-        setEnableOnlineTopUp(status.enable_online_topup);
+      if (status.payment_enabled) {
+        setPaymentEnabled(status.payment_enabled);
       }
     }
     getUserQuota().then();
@@ -174,7 +157,7 @@ const TopUp = () => {
 
   const renderAmount = () => {
     // console.log(amount);
-    return amount + '元';
+    return payAmount + '元';
   };
 
   const getAmount = async (value) => {
@@ -190,10 +173,10 @@ const TopUp = () => {
         const { message, data } = res.data;
         // showInfo(message);
         if (message === 'success') {
-          setAmount(parseFloat(data));
+          setPayAmount(parseFloat(data.payAmount));
+          setChargedAmount(parseFloat(data.chargedAmount));
         } else {
-          setAmount(0);
-          Toast.error({ content: '错误：' + data, id: 'getAmount' });
+          showError(data);
           // setTopUpCount(parseInt(res.data.count));
           // setAmount(parseInt(data));
         }
@@ -226,7 +209,9 @@ const TopUp = () => {
             size={'small'}
             centered={true}
           >
-            <p>充值数量：{topUpCount}</p>
+            <p>
+              充值数量：{topUpCount}$（实到：{chargedAmount}$）
+            </p>
             <p>实付金额：{renderAmount()}</p>
             <p>是否确认充值？</p>
           </Modal>
@@ -271,52 +256,51 @@ const TopUp = () => {
                   </Space>
                 </Form>
               </div>
-              <div style={{ marginTop: 20 }}>
-                <Divider>在线充值</Divider>
-                <Form>
-                  <Form.Input
-                    disabled={!enableOnlineTopUp}
-                    field={'redemptionCount'}
-                    label={'实付金额：' + renderAmount()}
-                    placeholder={
-                      '充值数量，最低 ' + renderQuotaWithAmount(minTopUp)
-                    }
-                    name='redemptionCount'
-                    type={'number'}
-                    value={topUpCount}
-                    onChange={async (value) => {
-                      if (value < 1) {
-                        value = 1;
-                      }
-                      setTopUpCount(value);
-                      await getAmount(value);
-                    }}
-                  />
-                  <Space>
-                    <Button
-                      type={'primary'}
-                      theme={'solid'}
-                      onClick={async () => {
-                        preTopUp('zfb');
+              {paymentEnabled ? (
+                <div style={{ marginTop: 20 }}>
+                  <Divider>在线充值</Divider>
+                  <Form>
+                    <Form.Input
+                      disabled={!paymentEnabled}
+                      field={'redemptionCount'}
+                      label={'实付金额：' + renderAmount()}
+                      placeholder={'充值数量，必须整数，最低' + minTopUp + '$'}
+                      name='redemptionCount'
+                      type={'number'}
+                      value={topUpCount}
+                      suffix={'$'}
+                      min={minTopUp}
+                      defaultValue={minTopUp}
+                      max={100000}
+                      onChange={async (value) => {
+                        if (value < 1) {
+                          value = 1;
+                        }
+                        if (value > 100000) {
+                          value = 100000;
+                        }
+                        setTopUpCount(value);
+                        await getAmount(value);
                       }}
-                    >
-                      支付宝
-                    </Button>
-                    <Button
-                      style={{
-                        backgroundColor: 'rgba(var(--semi-green-5), 1)',
-                      }}
-                      type={'primary'}
-                      theme={'solid'}
-                      onClick={async () => {
-                        preTopUp('wx');
-                      }}
-                    >
-                      微信
-                    </Button>
-                  </Space>
-                </Form>
-              </div>
+                    />
+                    <Space>
+                      <Button
+                        style={{ backgroundColor: '#b161fe' }}
+                        type={'primary'}
+                        disabled={isPaying}
+                        theme={'solid'}
+                        onClick={async () => {
+                          preTopUp('stripe');
+                        }}
+                      >
+                        {isPaying ? '支付中...' : '去支付'}
+                      </Button>
+                    </Space>
+                  </Form>
+                </div>
+              ) : (
+                <></>
+              )}
               {/*<div style={{ display: 'flex', justifyContent: 'right' }}>*/}
               {/*    <Text>*/}
               {/*        <Link onClick={*/}

web/src/pages/User/EditUser.js

@@ -22,7 +22,10 @@ const EditUser = (props) => {
     display_name: '',
     password: '',
     github_id: '',
+    linuxdo_id: '',
+    linuxdo_level: 0,
     wechat_id: '',
+    telegram_id: '',
     email: '',
     quota: 0,
     group: 'default',
@@ -33,6 +36,8 @@ const EditUser = (props) => {
     display_name,
     password,
     github_id,
+    linuxdo_id,
+    linuxdo_level,
     wechat_id,
     telegram_id,
     email,
@@ -213,6 +218,16 @@ const EditUser = (props) => {
             placeholder='此项只读，需要用户通过个人设置页面的相关绑定按钮进行绑定，不可直接修改'
             readonly
           />
+          <div style={{ marginTop: 20 }}>
+            <Typography.Text>已绑定的 LINUX DO 账户</Typography.Text>
+          </div>
+          <Input
+            name='linuxdo_id'
+            value={linuxdo_id + '（' + linuxdo_level + '级）'}
+            autoComplete='new-password'
+            placeholder='此项只读，需要用户通过个人设置页面的相关绑定按钮进行绑定，不可直接修改'
+            readonly
+          />
           <div style={{ marginTop: 20 }}>
             <Typography.Text>已绑定的微信账户</Typography.Text>
           </div>
@@ -223,6 +238,16 @@ const EditUser = (props) => {
             placeholder='此项只读，需要用户通过个人设置页面的相关绑定按钮进行绑定，不可直接修改'
             readonly
           />
+          <div style={{ marginTop: 20 }}>
+            <Typography.Text>已绑定的 Telegram 账户</Typography.Text>
+          </div>
+          <Input
+            name='telegram_id'
+            value={telegram_id}
+            autoComplete='new-password'
+            placeholder='此项只读，需要用户通过个人设置页面的相关绑定按钮进行绑定，不可直接修改'
+            readonly
+          />
           <div style={{ marginTop: 20 }}>
             <Typography.Text>已绑定的邮箱账户</Typography.Text>
           </div>
@@ -233,16 +258,6 @@ const EditUser = (props) => {
             placeholder='此项只读，需要用户通过个人设置页面的相关绑定按钮进行绑定，不可直接修改'
             readonly
           />
-          <div style={{ marginTop: 20 }}>
-            <Typography.Text>已绑定的Telegram账户</Typography.Text>
-          </div>
-          <Input
-            name='telegram_id'
-            value={telegram_id}
-            autoComplete='new-password'
-            placeholder='此项只读，需要用户通过个人设置页面的相关绑定按钮进行绑定，不可直接修改'
-            readonly
-          />
         </Spin>
       </SideSheet>
     </>