feat: able to set model limitation for token (close #178)

2025-11-09 18:23:40 +08:00 · 2024-04-04 02:08:18 +08:00
parent 065da8ef8c
commit dc7aaf2de5
10 changed files with 204 additions and 54 deletions
--- a/middleware/auth.go
+++ b/middleware/auth.go
@@ -1,6 +1,7 @@
 package middleware

 import (
+	"fmt"
 	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
 	"github.com/songquanpeng/one-api/common"
@@ -107,6 +108,18 @@ func TokenAuth() func(c *gin.Context) {
 			abortWithMessage(c, http.StatusForbidden, "用户已被封禁")
 			return
 		}
+		requestModel, err := getRequestModel(c)
+		if err != nil {
+			abortWithMessage(c, http.StatusBadRequest, err.Error())
+			return
+		}
+		c.Set("request_model", requestModel)
+		if token.Models != nil && *token.Models != "" {
+			if !isModelInList(requestModel, *token.Models) {
+				abortWithMessage(c, http.StatusForbidden, fmt.Sprintf("该令牌无权使用模型：%s", requestModel))
+				return
+			}
+		}
 		c.Set("id", token.UserId)
 		c.Set("token_id", token.Id)
 		c.Set("token_name", token.Name)