fix: only enable cors for relay routers to avoid csrf attack

chore: update channel test prompt
chore: update error code
2025-10-24 02:13:42 +08:00 · 2023-09-17 11:44:38 +08:00 · 2023-09-17 11:34:06 +08:00 · 2023-09-17 11:30:20 +08:00 · 2023-09-15 00:24:20 +08:00 · 2023-09-13 23:22:53 +08:00
27 changed files with 376 additions and 129 deletions
--- a/README.md
+++ b/README.md
@@ -71,10 +71,10 @@ _✨ 通过标准的 OpenAI API 格式访问所有的大模型，开箱即用
   + [x] [360 智脑](https://ai.360.cn)
 2. 支持配置镜像以及众多第三方代理服务：
   + [x] [OpenAI-SB](https://openai-sb.com)
+   + [x] [CloseAI](https://console.closeai-asia.com/r/2412)
   + [x] [API2D](https://api2d.com/r/197971)
   + [x] [OhMyGPT](https://aigptx.top?aff=uFpUl2Kf)
   + [x] [AI Proxy](https://aiproxy.io/?i=OneAPI) （邀请码：`OneAPI`）
-   + [x] [CloseAI](https://console.closeai-asia.com/r/2412)
   + [x] 自定义渠道：例如各种未收录的第三方代理服务
 3. 支持通过**负载均衡**的方式访问多个渠道。
 4. 支持 **stream 模式**，可以通过流式传输实现打字机效果。
@@ -109,7 +109,7 @@ _✨ 通过标准的 OpenAI API 格式访问所有的大模型，开箱即用

 数据将会保存在宿主机的 `/home/ubuntu/data/one-api` 目录，请确保该目录存在且具有写入权限，或者更改为合适的目录。

-如果启动失败，请添加 `--privileged=true`，具体参考 #482。
+如果启动失败，请添加 `--privileged=true`，具体参考 https://github.com/songquanpeng/one-api/issues/482 。

 如果上面的镜像无法拉取，可以尝试使用 GitHub 的 Docker 镜像，将上面的 `justsong/one-api` 替换为 `ghcr.io/songquanpeng/one-api` 即可。

@@ -211,6 +211,13 @@ docker run --name chatgpt-web -d -p 3002:3002 -e OPENAI_API_BASE_URL=https://ope

 注意修改端口号、`OPENAI_API_BASE_URL` 和 `OPENAI_API_KEY`。

+#### QChatGPT - QQ机器人
+项目主页：https://github.com/RockChinQ/QChatGPT
+
+根据文档完成部署后，在`config.py`设置配置项`openai_config`的`reverse_proxy`为 One API 后端地址，设置`api_key`为 One API 生成的key，并在配置项`completion_api_params`的`model`参数设置为 One API 支持的模型名称。
+
+可安装 [Switcher 插件](https://github.com/RockChinQ/Switcher)在运行时切换所使用的模型。
+
 ### 部署到第三方平台
 <details>
 <summary><strong>部署到 Sealos </strong></summary>
@@ -308,8 +315,12 @@ graph LR
   + 例子：`POLLING_INTERVAL=5`
 10. `BATCH_UPDATE_ENABLED`：启用数据库批量更新聚合，会导致用户额度的更新存在一定的延迟可选值为 `true` 和 `false`，未设置则默认为 `false`。
    + 例子：`BATCH_UPDATE_ENABLED=true`
+    + 如果你遇到了数据库连接数过多的问题，可以尝试启用该选项。
 11. `BATCH_UPDATE_INTERVAL=5`：批量更新聚合的时间间隔，单位为秒，默认为 `5`。
    + 例子：`BATCH_UPDATE_INTERVAL=5`
+12. 请求频率限制：
+    + `GLOBAL_API_RATE_LIMIT`：全局 API 速率限制（除中继请求外），单 ip 三分钟内的最大请求数，默认为 `180`。
+    + `GLOBAL_WEB_RATE_LIMIT`：全局 Web 速率限制，单 ip 三分钟内的最大请求数，默认为 `60`。

 ### 命令行参数
 1. `--port <port_number>`: 指定服务器监听的端口号，默认为 `3000`。
@@ -360,4 +371,4 @@ https://openai.justsong.cn

 同样适用于基于本项目的二开项目。

-依据 MIT 协议，使用者需自行承担使用本项目的风险与责任，本开源项目开发者与此无关。
+依据 MIT 协议，使用者需自行承担使用本项目的风险与责任，本开源项目开发者与此无关。
--- a/common/constants.go
+++ b/common/constants.go
@@ -114,10 +114,10 @@ var (
 // All duration's unit is seconds
 // Shouldn't larger then RateLimitKeyExpirationDuration
 var (
-	GlobalApiRateLimitNum            = 180
+	GlobalApiRateLimitNum            = GetOrDefault("GLOBAL_API_RATE_LIMIT", 180)
 	GlobalApiRateLimitDuration int64 = 3 * 60

-	GlobalWebRateLimitNum            = 60
+	GlobalWebRateLimitNum            = GetOrDefault("GLOBAL_WEB_RATE_LIMIT", 60)
 	GlobalWebRateLimitDuration int64 = 3 * 60

 	UploadRateLimitNum            = 10
@@ -179,29 +179,31 @@ const (
 	ChannelType360            = 19
 	ChannelTypeOpenRouter     = 20
 	ChannelTypeAIProxyLibrary = 21
+	ChannelTypeFastGPT        = 22
 )

 var ChannelBaseURLs = []string{
-	"",                               // 0
-	"https://api.openai.com",         // 1
-	"https://oa.api2d.net",           // 2
-	"",                               // 3
-	"https://api.closeai-proxy.xyz",  // 4
-	"https://api.openai-sb.com",      // 5
-	"https://api.openaimax.com",      // 6
-	"https://api.ohmygpt.com",        // 7
-	"",                               // 8
-	"https://api.caipacity.com",      // 9
-	"https://api.aiproxy.io",         // 10
-	"",                               // 11
-	"https://api.api2gpt.com",        // 12
-	"https://api.aigc2d.com",         // 13
-	"https://api.anthropic.com",      // 14
-	"https://aip.baidubce.com",       // 15
-	"https://open.bigmodel.cn",       // 16
-	"https://dashscope.aliyuncs.com", // 17
-	"",                               // 18
-	"https://ai.360.cn",              // 19
-	"https://openrouter.ai/api",      // 20
-	"https://api.aiproxy.io",         // 21
+	"",                                // 0
+	"https://api.openai.com",          // 1
+	"https://oa.api2d.net",            // 2
+	"",                                // 3
+	"https://api.closeai-proxy.xyz",   // 4
+	"https://api.openai-sb.com",       // 5
+	"https://api.openaimax.com",       // 6
+	"https://api.ohmygpt.com",         // 7
+	"",                                // 8
+	"https://api.caipacity.com",       // 9
+	"https://api.aiproxy.io",          // 10
+	"",                                // 11
+	"https://api.api2gpt.com",         // 12
+	"https://api.aigc2d.com",          // 13
+	"https://api.anthropic.com",       // 14
+	"https://aip.baidubce.com",        // 15
+	"https://open.bigmodel.cn",        // 16
+	"https://dashscope.aliyuncs.com",  // 17
+	"",                                // 18
+	"https://ai.360.cn",               // 19
+	"https://openrouter.ai/api",       // 20
+	"https://api.aiproxy.io",          // 21
+	"https://fastgpt.run/api/openapi", // 22
 }
--- a/common/model-ratio.go
+++ b/common/model-ratio.go
@@ -50,9 +50,10 @@ var ModelRatio = map[string]float64{
 	"chatglm_pro":               0.7143, // ￥0.01 / 1k tokens
 	"chatglm_std":               0.3572, // ￥0.005 / 1k tokens
 	"chatglm_lite":              0.1429, // ￥0.002 / 1k tokens
-	"qwen-v1":                   0.8572, // TBD: https://help.aliyun.com/document_detail/2399482.html?spm=a2c4g.2399482.0.0.1ad347feilAgag
-	"qwen-plus-v1":              0.5715, // Same as above
-	"SparkDesk":                 0.8572, // TBD
+	"qwen-v1":                   0.8572, // ￥0.012 / 1k tokens
+	"qwen-plus-v1":              1,      // ￥0.014 / 1k tokens
+	"text-embedding-v1":         0.05,   // ￥0.0007 / 1k tokens
+	"SparkDesk":                 1.2858, // ￥0.018 / 1k tokens
 	"360GPT_S2_V9":              0.8572, // ¥0.012 / 1k tokens
 	"embedding-bert-512-v1":     0.0715, // ¥0.001 / 1k tokens
 	"embedding_s1_v1":           0.0715, // ¥0.001 / 1k tokens
--- a/controller/billing.go
+++ b/controller/billing.go
@@ -29,7 +29,7 @@ func GetSubscription(c *gin.Context) {
 	if err != nil {
 		openAIError := OpenAIError{
 			Message: err.Error(),
-			Type:    "one_api_error",
+			Type:    "upstream_error",
 		}
 		c.JSON(200, gin.H{
 			"error": openAIError,
--- a/controller/channel-test.go
+++ b/controller/channel-test.go
@@ -14,7 +14,7 @@ import (
 	"time"
 )

-func testChannel(channel *model.Channel, request ChatRequest) (error, *OpenAIError) {
+func testChannel(channel *model.Channel, request ChatRequest) (err error, openaiErr *OpenAIError) {
 	switch channel.Type {
 	case common.ChannelTypePaLM:
 		fallthrough
@@ -32,6 +32,11 @@ func testChannel(channel *model.Channel, request ChatRequest) (error, *OpenAIErr
 		return errors.New("该渠道类型当前版本不支持测试，请手动测试"), nil
 	case common.ChannelTypeAzure:
 		request.Model = "gpt-35-turbo"
+		defer func() {
+			if err != nil {
+				err = errors.New("请确保已在 Azure 上创建了 gpt-35-turbo 模型，并且 apiVersion 已正确填写！")
+			}
+		}()
 	default:
 		request.Model = "gpt-3.5-turbo"
 	}
--- a/controller/github.go
+++ b/controller/github.go
@@ -79,6 +79,14 @@ func getGitHubUserInfoByCode(code string) (*GitHubUser, error) {

 func GitHubOAuth(c *gin.Context) {
 	session := sessions.Default(c)
+	state := c.Query("state")
+	if state == "" || session.Get("oauth_state") == nil || state != session.Get("oauth_state").(string) {
+		c.JSON(http.StatusForbidden, gin.H{
+			"success": false,
+			"message": "state is empty or not same",
+		})
+		return
+	}
 	username := session.Get("username")
 	if username != nil {
 		GitHubBind(c)
@@ -205,3 +213,22 @@ func GitHubBind(c *gin.Context) {
 	})
 	return
 }
+
+func GenerateOAuthCode(c *gin.Context) {
+	session := sessions.Default(c)
+	state := common.GetRandomString(12)
+	session.Set("oauth_state", state)
+	err := session.Save()
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": err.Error(),
+		})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{
+		"success": true,
+		"message": "",
+		"data":    state,
+	})
+}
--- a/controller/model.go
+++ b/controller/model.go
@@ -360,6 +360,15 @@ func init() {
 			Root:       "qwen-plus-v1",
 			Parent:     nil,
 		},
+		{
+			Id:         "text-embedding-v1",
+			Object:     "model",
+			Created:    1677649963,
+			OwnedBy:    "ali",
+			Permission: permission,
+			Root:       "text-embedding-v1",
+			Parent:     nil,
+		},
 		{
 			Id:         "SparkDesk",
 			Object:     "model",
--- a/controller/relay-ali.go
+++ b/controller/relay-ali.go
@@ -35,6 +35,29 @@ type AliChatRequest struct {
 	Parameters AliParameters `json:"parameters,omitempty"`
 }

+type AliEmbeddingRequest struct {
+	Model string `json:"model"`
+	Input struct {
+		Texts []string `json:"texts"`
+	} `json:"input"`
+	Parameters *struct {
+		TextType string `json:"text_type,omitempty"`
+	} `json:"parameters,omitempty"`
+}
+
+type AliEmbedding struct {
+	Embedding []float64 `json:"embedding"`
+	TextIndex int       `json:"text_index"`
+}
+
+type AliEmbeddingResponse struct {
+	Output struct {
+		Embeddings []AliEmbedding `json:"embeddings"`
+	} `json:"output"`
+	Usage AliUsage `json:"usage"`
+	AliError
+}
+
 type AliError struct {
 	Code      string `json:"code"`
 	Message   string `json:"message"`
@@ -44,6 +67,7 @@ type AliError struct {
 type AliUsage struct {
 	InputTokens  int `json:"input_tokens"`
 	OutputTokens int `json:"output_tokens"`
+	TotalTokens  int `json:"total_tokens"`
 }

 type AliOutput struct {
@@ -95,6 +119,70 @@ func requestOpenAI2Ali(request GeneralOpenAIRequest) *AliChatRequest {
 	}
 }

+func embeddingRequestOpenAI2Ali(request GeneralOpenAIRequest) *AliEmbeddingRequest {
+	return &AliEmbeddingRequest{
+		Model: "text-embedding-v1",
+		Input: struct {
+			Texts []string `json:"texts"`
+		}{
+			Texts: request.ParseInput(),
+		},
+	}
+}
+
+func aliEmbeddingHandler(c *gin.Context, resp *http.Response) (*OpenAIErrorWithStatusCode, *Usage) {
+	var aliResponse AliEmbeddingResponse
+	err := json.NewDecoder(resp.Body).Decode(&aliResponse)
+	if err != nil {
+		return errorWrapper(err, "unmarshal_response_body_failed", http.StatusInternalServerError), nil
+	}
+
+	err = resp.Body.Close()
+	if err != nil {
+		return errorWrapper(err, "close_response_body_failed", http.StatusInternalServerError), nil
+	}
+
+	if aliResponse.Code != "" {
+		return &OpenAIErrorWithStatusCode{
+			OpenAIError: OpenAIError{
+				Message: aliResponse.Message,
+				Type:    aliResponse.Code,
+				Param:   aliResponse.RequestId,
+				Code:    aliResponse.Code,
+			},
+			StatusCode: resp.StatusCode,
+		}, nil
+	}
+
+	fullTextResponse := embeddingResponseAli2OpenAI(&aliResponse)
+	jsonResponse, err := json.Marshal(fullTextResponse)
+	if err != nil {
+		return errorWrapper(err, "marshal_response_body_failed", http.StatusInternalServerError), nil
+	}
+	c.Writer.Header().Set("Content-Type", "application/json")
+	c.Writer.WriteHeader(resp.StatusCode)
+	_, err = c.Writer.Write(jsonResponse)
+	return nil, &fullTextResponse.Usage
+}
+
+func embeddingResponseAli2OpenAI(response *AliEmbeddingResponse) *OpenAIEmbeddingResponse {
+	openAIEmbeddingResponse := OpenAIEmbeddingResponse{
+		Object: "list",
+		Data:   make([]OpenAIEmbeddingResponseItem, 0, len(response.Output.Embeddings)),
+		Model:  "text-embedding-v1",
+		Usage:  Usage{TotalTokens: response.Usage.TotalTokens},
+	}
+
+	for _, item := range response.Output.Embeddings {
+		openAIEmbeddingResponse.Data = append(openAIEmbeddingResponse.Data, OpenAIEmbeddingResponseItem{
+			Object:    `embedding`,
+			Index:     item.TextIndex,
+			Embedding: item.Embedding,
+		})
+	}
+	return &openAIEmbeddingResponse
+}
+
 func responseAli2OpenAI(response *AliChatResponse) *OpenAITextResponse {
 	choice := OpenAITextResponseChoice{
 		Index: 0,
--- a/controller/relay-baidu.go
+++ b/controller/relay-baidu.go
@@ -144,20 +144,9 @@ func streamResponseBaidu2OpenAI(baiduResponse *BaiduChatStreamResponse) *ChatCom
 }

 func embeddingRequestOpenAI2Baidu(request GeneralOpenAIRequest) *BaiduEmbeddingRequest {
-	baiduEmbeddingRequest := BaiduEmbeddingRequest{
-		Input: nil,
+	return &BaiduEmbeddingRequest{
+		Input: request.ParseInput(),
 	}
-	switch request.Input.(type) {
-	case string:
-		baiduEmbeddingRequest.Input = []string{request.Input.(string)}
-	case []any:
-		for _, item := range request.Input.([]any) {
-			if str, ok := item.(string); ok {
-				baiduEmbeddingRequest.Input = append(baiduEmbeddingRequest.Input, str)
-			}
-		}
-	}
-	return &baiduEmbeddingRequest
 }

 func embeddingResponseBaidu2OpenAI(response *BaiduEmbeddingResponse) *OpenAIEmbeddingResponse {
--- a/controller/relay-text.go
+++ b/controller/relay-text.go
@@ -174,6 +174,9 @@ func relayTextHelper(c *gin.Context, relayMode int) *OpenAIErrorWithStatusCode {
 		fullRequestURL = fmt.Sprintf("https://open.bigmodel.cn/api/paas/v3/model-api/%s/%s", textRequest.Model, method)
 	case APITypeAli:
 		fullRequestURL = "https://dashscope.aliyuncs.com/api/v1/services/aigc/text-generation/generation"
+		if relayMode == RelayModeEmbeddings {
+			fullRequestURL = "https://dashscope.aliyuncs.com/api/v1/services/embeddings/text-embedding/text-embedding"
+		}
 	case APITypeAIProxyLibrary:
 		fullRequestURL = fmt.Sprintf("%s/api/library/ask", baseURL)
 	}
@@ -262,8 +265,16 @@ func relayTextHelper(c *gin.Context, relayMode int) *OpenAIErrorWithStatusCode {
 		}
 		requestBody = bytes.NewBuffer(jsonStr)
 	case APITypeAli:
-		aliRequest := requestOpenAI2Ali(textRequest)
-		jsonStr, err := json.Marshal(aliRequest)
+		var jsonStr []byte
+		var err error
+		switch relayMode {
+		case RelayModeEmbeddings:
+			aliEmbeddingRequest := embeddingRequestOpenAI2Ali(textRequest)
+			jsonStr, err = json.Marshal(aliEmbeddingRequest)
+		default:
+			aliRequest := requestOpenAI2Ali(textRequest)
+			jsonStr, err = json.Marshal(aliRequest)
+		}
 		if err != nil {
 			return errorWrapper(err, "marshal_text_request_failed", http.StatusInternalServerError)
 		}
@@ -336,6 +347,15 @@ func relayTextHelper(c *gin.Context, relayMode int) *OpenAIErrorWithStatusCode {
 		isStream = isStream || strings.HasPrefix(resp.Header.Get("Content-Type"), "text/event-stream")

 		if resp.StatusCode != http.StatusOK {
+			if preConsumedQuota != 0 {
+				go func() {
+					// return pre-consumed quota
+					err := model.PostConsumeTokenQuota(tokenId, -preConsumedQuota)
+					if err != nil {
+						common.SysError("error return pre-consumed quota: " + err.Error())
+					}
+				}()
+			}
 			return relayErrorHandler(resp)
 		}
 	}
@@ -377,7 +397,6 @@ func relayTextHelper(c *gin.Context, relayMode int) *OpenAIErrorWithStatusCode {
 					logContent := fmt.Sprintf("模型倍率 %.2f，分组倍率 %.2f", modelRatio, groupRatio)
 					model.RecordConsumeLog(userId, promptTokens, completionTokens, textRequest.Model, tokenName, quota, logContent)
 					model.UpdateUserUsedQuotaAndRequestCount(userId, quota)
-
 					model.UpdateChannelUsedQuota(channelId, quota)
 				}
 			}
@@ -503,7 +522,14 @@ func relayTextHelper(c *gin.Context, relayMode int) *OpenAIErrorWithStatusCode {
 			}
 			return nil
 		} else {
-			err, usage := aliHandler(c, resp)
+			var err *OpenAIErrorWithStatusCode
+			var usage *Usage
+			switch relayMode {
+			case RelayModeEmbeddings:
+				err, usage = aliEmbeddingHandler(c, resp)
+			default:
+				err, usage = aliHandler(c, resp)
+			}
 			if err != nil {
 				return err
 			}
--- a/controller/relay-utils.go
+++ b/controller/relay-utils.go
@@ -146,7 +146,7 @@ func relayErrorHandler(resp *http.Response) (openAIErrorWithStatusCode *OpenAIEr
 		StatusCode: resp.StatusCode,
 		OpenAIError: OpenAIError{
 			Message: fmt.Sprintf("bad response status code %d", resp.StatusCode),
-			Type:    "one_api_error",
+			Type:    "upstream_error",
 			Code:    "bad_response_status_code",
 			Param:   strconv.Itoa(resp.StatusCode),
 		},
--- a/controller/relay.go
+++ b/controller/relay.go
@@ -44,6 +44,25 @@ type GeneralOpenAIRequest struct {
 	Functions   any       `json:"functions,omitempty"`
 }

+func (r GeneralOpenAIRequest) ParseInput() []string {
+	if r.Input == nil {
+		return nil
+	}
+	var input []string
+	switch r.Input.(type) {
+	case string:
+		input = []string{r.Input.(string)}
+	case []any:
+		input = make([]string, 0, len(r.Input.([]any)))
+		for _, item := range r.Input.([]any) {
+			if str, ok := item.(string); ok {
+				input = append(input, str)
+			}
+		}
+	}
+	return input
+}
+
 type ChatRequest struct {
 	Model     string    `json:"model"`
 	Messages  []Message `json:"messages"`
--- a/i18n/en.json
+++ b/i18n/en.json
@@ -523,5 +523,6 @@
  "按照如下格式输入：": "Enter in the following format:",
  "模型版本": "Model version",
  "请输入星火大模型版本，注意是接口地址中的版本号，例如：v2.1": "Please enter the version of the Starfire model, note that it is the version number in the interface address, for example: v2.1",
-  "点击查看": "click to view"
+  "点击查看": "click to view",
+  "请确保已在 Azure 上创建了 gpt-35-turbo 模型，并且 apiVersion 已正确填写！": "Please make sure that the gpt-35-turbo model has been created on Azure, and the apiVersion has been filled in correctly!"
 }
--- a/main.go
+++ b/main.go
@@ -7,7 +7,6 @@ import (
 	"github.com/gin-gonic/gin"
 	"one-api/common"
 	"one-api/controller"
-	"one-api/middleware"
 	"one-api/model"
 	"one-api/router"
 	"os"
@@ -88,7 +87,6 @@ func main() {
 	server := gin.Default()
 	// This will cause SSE not to work!!!
 	//server.Use(gzip.Gzip(gzip.DefaultCompression))
-	server.Use(middleware.CORS())

 	// Initialize session store
 	store := cookie.NewStore([]byte(common.SessionSecret))
--- a/middleware/auth.go
+++ b/middleware/auth.go
@@ -100,7 +100,18 @@ func TokenAuth() func(c *gin.Context) {
 			c.Abort()
 			return
 		}
-		if !model.CacheIsUserEnabled(token.UserId) {
+		userEnabled, err := model.IsUserEnabled(token.UserId)
+		if err != nil {
+			c.JSON(http.StatusInternalServerError, gin.H{
+				"error": gin.H{
+					"message": err.Error(),
+					"type":    "one_api_error",
+				},
+			})
+			c.Abort()
+			return
+		}
+		if !userEnabled {
 			c.JSON(http.StatusForbidden, gin.H{
 				"error": gin.H{
 					"message": "用户已被封禁",
--- a/model/cache.go
+++ b/model/cache.go
@@ -103,23 +103,28 @@ func CacheDecreaseUserQuota(id int, quota int) error {
 	return err
 }

-func CacheIsUserEnabled(userId int) bool {
+func CacheIsUserEnabled(userId int) (bool, error) {
 	if !common.RedisEnabled {
 		return IsUserEnabled(userId)
 	}
 	enabled, err := common.RedisGet(fmt.Sprintf("user_enabled:%d", userId))
-	if err != nil {
-		status := common.UserStatusDisabled
-		if IsUserEnabled(userId) {
-			status = common.UserStatusEnabled
-		}
-		enabled = fmt.Sprintf("%d", status)
-		err = common.RedisSet(fmt.Sprintf("user_enabled:%d", userId), enabled, time.Duration(UserId2StatusCacheSeconds)*time.Second)
-		if err != nil {
-			common.SysError("Redis set user enabled error: " + err.Error())
-		}
+	if err == nil {
+		return enabled == "1", nil
 	}
-	return enabled == "1"
+
+	userEnabled, err := IsUserEnabled(userId)
+	if err != nil {
+		return false, err
+	}
+	enabled = "0"
+	if userEnabled {
+		enabled = "1"
+	}
+	err = common.RedisSet(fmt.Sprintf("user_enabled:%d", userId), enabled, time.Duration(UserId2StatusCacheSeconds)*time.Second)
+	if err != nil {
+		common.SysError("Redis set user enabled error: " + err.Error())
+	}
+	return userEnabled, err
 }

 var group2model2channels map[string]map[string][]*Channel
--- a/model/token.go
+++ b/model/token.go
@@ -39,32 +39,35 @@ func ValidateUserToken(key string) (token *Token, err error) {
 	}
 	token, err = CacheGetTokenByKey(key)
 	if err == nil {
+		if token.Status == common.TokenStatusExhausted {
+			return nil, errors.New("该令牌额度已用尽")
+		} else if token.Status == common.TokenStatusExpired {
+			return nil, errors.New("该令牌已过期")
+		}
 		if token.Status != common.TokenStatusEnabled {
 			return nil, errors.New("该令牌状态不可用")
 		}
 		if token.ExpiredTime != -1 && token.ExpiredTime < common.GetTimestamp() {
-			token.Status = common.TokenStatusExpired
-			err := token.SelectUpdate()
-			if err != nil {
-				common.SysError("failed to update token status" + err.Error())
+			if !common.RedisEnabled {
+				token.Status = common.TokenStatusExpired
+				err := token.SelectUpdate()
+				if err != nil {
+					common.SysError("failed to update token status" + err.Error())
+				}
 			}
 			return nil, errors.New("该令牌已过期")
 		}
 		if !token.UnlimitedQuota && token.RemainQuota <= 0 {
-			token.Status = common.TokenStatusExhausted
-			err := token.SelectUpdate()
-			if err != nil {
-				common.SysError("failed to update token status" + err.Error())
+			if !common.RedisEnabled {
+				// in this case, we can make sure the token is exhausted
+				token.Status = common.TokenStatusExhausted
+				err := token.SelectUpdate()
+				if err != nil {
+					common.SysError("failed to update token status" + err.Error())
+				}
 			}
 			return nil, errors.New("该令牌额度已用尽")
 		}
-		go func() {
-			token.AccessedTime = common.GetTimestamp()
-			err := token.SelectUpdate()
-			if err != nil {
-				common.SysError("failed to update token" + err.Error())
-			}
-		}()
 		return token, nil
 	}
 	return nil, errors.New("无效的令牌")
@@ -141,8 +144,9 @@ func IncreaseTokenQuota(id int, quota int) (err error) {
 func increaseTokenQuota(id int, quota int) (err error) {
 	err = DB.Model(&Token{}).Where("id = ?", id).Updates(
 		map[string]interface{}{
-			"remain_quota": gorm.Expr("remain_quota + ?", quota),
-			"used_quota":   gorm.Expr("used_quota - ?", quota),
+			"remain_quota":  gorm.Expr("remain_quota + ?", quota),
+			"used_quota":    gorm.Expr("used_quota - ?", quota),
+			"accessed_time": common.GetTimestamp(),
 		},
 	).Error
 	return err
@@ -162,8 +166,9 @@ func DecreaseTokenQuota(id int, quota int) (err error) {
 func decreaseTokenQuota(id int, quota int) (err error) {
 	err = DB.Model(&Token{}).Where("id = ?", id).Updates(
 		map[string]interface{}{
-			"remain_quota": gorm.Expr("remain_quota - ?", quota),
-			"used_quota":   gorm.Expr("used_quota + ?", quota),
+			"remain_quota":  gorm.Expr("remain_quota - ?", quota),
+			"used_quota":    gorm.Expr("used_quota + ?", quota),
+			"accessed_time": common.GetTimestamp(),
 		},
 	).Error
 	return err
--- a/model/user.go
+++ b/model/user.go
@@ -226,17 +226,16 @@ func IsAdmin(userId int) bool {
 	return user.Role >= common.RoleAdminUser
 }

-func IsUserEnabled(userId int) bool {
+func IsUserEnabled(userId int) (bool, error) {
 	if userId == 0 {
-		return false
+		return false, errors.New("user id is empty")
 	}
 	var user User
 	err := DB.Where("id = ?", userId).Select("status").Find(&user).Error
 	if err != nil {
-		common.SysError("no such user " + err.Error())
-		return false
+		return false, err
 	}
-	return user.Status == common.UserStatusEnabled
+	return user.Status == common.UserStatusEnabled, nil
 }

 func ValidateAccessToken(token string) (user *User) {
--- a/router/api-router.go
+++ b/router/api-router.go
@@ -21,6 +21,7 @@ func SetApiRouter(router *gin.Engine) {
 		apiRouter.GET("/reset_password", middleware.CriticalRateLimit(), middleware.TurnstileCheck(), controller.SendPasswordResetEmail)
 		apiRouter.POST("/user/reset", middleware.CriticalRateLimit(), controller.ResetPassword)
 		apiRouter.GET("/oauth/github", middleware.CriticalRateLimit(), controller.GitHubOAuth)
+		apiRouter.GET("/oauth/state", middleware.CriticalRateLimit(), controller.GenerateOAuthCode)
 		apiRouter.GET("/oauth/wechat", middleware.CriticalRateLimit(), controller.WeChatAuth)
 		apiRouter.GET("/oauth/wechat/bind", middleware.CriticalRateLimit(), middleware.UserAuth(), controller.WeChatBind)
 		apiRouter.GET("/oauth/email/bind", middleware.CriticalRateLimit(), middleware.UserAuth(), controller.EmailBind)
--- a/router/relay-router.go
+++ b/router/relay-router.go
@@ -8,6 +8,7 @@ import (
 )

 func SetRelayRouter(router *gin.Engine) {
+	router.Use(middleware.CORS())
 	// https://platform.openai.com/docs/api-reference/introduction
 	modelsRouter := router.Group("/v1/models")
 	modelsRouter.Use(middleware.TokenAuth())
--- a/web/src/components/ChannelsTable.js
+++ b/web/src/components/ChannelsTable.js
@@ -1,7 +1,7 @@
 import React, { useEffect, useState } from 'react';
 import { Button, Form, Label, Pagination, Popup, Table } from 'semantic-ui-react';
 import { Link } from 'react-router-dom';
-import { API, showError, showInfo, showSuccess, timestamp2string } from '../helpers';
+import { API, showError, showInfo, showNotice, showSuccess, timestamp2string } from '../helpers';

 import { CHANNEL_OPTIONS, ITEMS_PER_PAGE } from '../constants';
 import { renderGroup, renderNumber } from '../helpers/render';
@@ -195,6 +195,7 @@ const ChannelsTable = () => {
      showInfo(`通道 ${name} 测试成功，耗时 ${time.toFixed(2)} 秒。`);
    } else {
      showError(message);
+      showNotice("当前版本测试是通过按照 OpenAI API 格式使用 gpt-3.5-turbo 模型进行非流式请求实现的，因此测试报错并不一定代表通道不可用，该功能后续会修复。")
    }
  };

--- a/web/src/components/GitHubOAuth.js
+++ b/web/src/components/GitHubOAuth.js
@@ -13,8 +13,8 @@ const GitHubOAuth = () => {

  let navigate = useNavigate();

-  const sendCode = async (code, count) => {
-    const res = await API.get(`/api/oauth/github?code=${code}`);
+  const sendCode = async (code, state, count) => {
+    const res = await API.get(`/api/oauth/github?code=${code}&state=${state}`);
    const { success, message, data } = res.data;
    if (success) {
      if (message === 'bind') {
@@ -36,13 +36,14 @@ const GitHubOAuth = () => {
      count++;
      setPrompt(`出现错误，第 ${count} 次重试中...`);
      await new Promise((resolve) => setTimeout(resolve, count * 2000));
-      await sendCode(code, count);
+      await sendCode(code, state, count);
    }
  };

  useEffect(() => {
    let code = searchParams.get('code');
-    sendCode(code, 0).then();
+    let state = searchParams.get('state');
+    sendCode(code, state, 0).then();
  }, []);

  return (
--- a/web/src/components/LoginForm.js
+++ b/web/src/components/LoginForm.js
@@ -3,6 +3,7 @@ import { Button, Divider, Form, Grid, Header, Image, Message, Modal, Segment } f
 import { Link, useNavigate, useSearchParams } from 'react-router-dom';
 import { UserContext } from '../context/User';
 import { API, getLogo, showError, showSuccess } from '../helpers';
+import { getOAuthState, onGitHubOAuthClicked } from './utils';

 const LoginForm = () => {
  const [inputs, setInputs] = useState({
@@ -31,12 +32,6 @@ const LoginForm = () => {

  const [showWeChatLoginModal, setShowWeChatLoginModal] = useState(false);

-  const onGitHubOAuthClicked = () => {
-    window.open(
-      `https://github.com/login/oauth/authorize?client_id=${status.github_client_id}&scope=user:email`
-    );
-  };
-
  const onWeChatLoginClicked = () => {
    setShowWeChatLoginModal(true);
  };
@@ -131,7 +126,7 @@ const LoginForm = () => {
                circular
                color='black'
                icon='github'
-                onClick={onGitHubOAuthClicked}
+                onClick={()=>onGitHubOAuthClicked(status.github_client_id)}
              />
            ) : (
              <></>
--- a/web/src/components/PersonalSetting.js
+++ b/web/src/components/PersonalSetting.js
@@ -4,6 +4,7 @@ import { Link, useNavigate } from 'react-router-dom';
 import { API, copy, showError, showInfo, showNotice, showSuccess } from '../helpers';
 import Turnstile from 'react-turnstile';
 import { UserContext } from '../context/User';
+import { onGitHubOAuthClicked } from './utils';

 const PersonalSetting = () => {
  const [userState, userDispatch] = useContext(UserContext);
@@ -130,12 +131,6 @@ const PersonalSetting = () => {
    }
  };

-  const openGitHubOAuth = () => {
-    window.open(
-      `https://github.com/login/oauth/authorize?client_id=${status.github_client_id}&scope=user:email`
-    );
-  };
-
  const sendVerificationCode = async () => {
    setDisableButton(true);
    if (inputs.email === '') return;
@@ -249,7 +244,7 @@ const PersonalSetting = () => {
      </Modal>
      {
        status.github_oauth && (
-          <Button onClick={openGitHubOAuth}>绑定 GitHub 账号</Button>
+          <Button onClick={()=>{onGitHubOAuthClicked(status.github_client_id)}}>绑定 GitHub 账号</Button>
        )
      }
      <Button
--- a/web/src/components/utils.js
+++ b/web/src/components/utils.js
@@ -0,0 +1,20 @@
+import { API, showError } from '../helpers';
+
+export async function getOAuthState() {
+  const res = await API.get('/api/oauth/state');
+  const { success, message, data } = res.data;
+  if (success) {
+    return data;
+  } else {
+    showError(message);
+    return '';
+  }
+}
+
+export async function onGitHubOAuthClicked(github_client_id) {
+  const state = await getOAuthState();
+  if (!state) return;
+  window.open(
+    `https://github.com/login/oauth/authorize?client_id=${github_client_id}&state=${state}&scope=user:email`
+  );
+}
--- a/web/src/constants/channel.constants.js
+++ b/web/src/constants/channel.constants.js
@@ -9,6 +9,7 @@ export const CHANNEL_OPTIONS = [
  { key: 16, text: '智谱 ChatGLM', value: 16, color: 'violet' },
  { key: 19, text: '360 智脑', value: 19, color: 'blue' },
  { key: 8, text: '自定义渠道', value: 8, color: 'pink' },
+  { key: 22, text: '知识库：FastGPT', value: 22, color: 'blue' },
  { key: 21, text: '知识库：AI Proxy', value: 21, color: 'purple' },
  { key: 20, text: '代理：OpenRouter', value: 20, color: 'black' },
  { key: 2, text: '代理：API2D', value: 2, color: 'blue' },
--- a/web/src/pages/Channel/EditChannel.js
+++ b/web/src/pages/Channel/EditChannel.js
@@ -10,6 +10,20 @@ const MODEL_MAPPING_EXAMPLE = {
  'gpt-4-32k-0314': 'gpt-4-32k'
 };

+function type2secretPrompt(type) {
+  // inputs.type === 15 ? '按照如下格式输入：APIKey|SecretKey' : (inputs.type === 18 ? '按照如下格式输入：APPID|APISecret|APIKey' : '请输入渠道对应的鉴权密钥')
+  switch (type) {
+    case 15:
+      return '按照如下格式输入：APIKey|SecretKey';
+    case 18:
+      return '按照如下格式输入：APPID|APISecret|APIKey';
+    case 22:
+      return '按照如下格式输入：APIKey-AppId，例如：fastgpt-0sp2gtvfdgyi4k30jwlgwf1i-64f335d84283f05518e9e041';
+    default:
+      return '请输入渠道对应的鉴权密钥';
+  }
+}
+
 const EditChannel = () => {
  const params = useParams();
  const navigate = useNavigate();
@@ -53,7 +67,7 @@ const EditChannel = () => {
          localModels = ['ERNIE-Bot', 'ERNIE-Bot-turbo', 'Embedding-V1'];
          break;
        case 17:
-          localModels = ['qwen-v1', 'qwen-plus-v1'];
+          localModels = ['qwen-v1', 'qwen-plus-v1', 'text-embedding-v1'];
          break;
        case 16:
          localModels = ['chatglm_pro', 'chatglm_std', 'chatglm_lite'];
@@ -193,6 +207,24 @@ const EditChannel = () => {
    }
  };

+  const addCustomModel = () => {
+    if (customModel.trim() === '') return;
+    if (inputs.models.includes(customModel)) return;
+    let localModels = [...inputs.models];
+    localModels.push(customModel);
+    let localModelOptions = [];
+    localModelOptions.push({
+      key: customModel,
+      text: customModel,
+      value: customModel
+    });
+    setModelOptions(modelOptions => {
+      return [...modelOptions, ...localModelOptions];
+    });
+    setCustomModel('');
+    handleInputChange(null, { name: 'models', value: localModels });
+  };
+
  return (
    <>
      <Segment loading={loading}>
@@ -336,29 +368,19 @@ const EditChannel = () => {
            }}>清除所有模型</Button>
            <Input
              action={
-                <Button type={'button'} onClick={() => {
-                  if (customModel.trim() === '') return;
-                  if (inputs.models.includes(customModel)) return;
-                  let localModels = [...inputs.models];
-                  localModels.push(customModel);
-                  let localModelOptions = [];
-                  localModelOptions.push({
-                    key: customModel,
-                    text: customModel,
-                    value: customModel
-                  });
-                  setModelOptions(modelOptions => {
-                    return [...modelOptions, ...localModelOptions];
-                  });
-                  setCustomModel('');
-                  handleInputChange(null, { name: 'models', value: localModels });
-                }}>填入</Button>
+                <Button type={'button'} onClick={addCustomModel}>填入</Button>
              }
              placeholder='输入自定义模型名称'
              value={customModel}
              onChange={(e, { value }) => {
                setCustomModel(value);
              }}
+              onKeyDown={(e) => {
+                if (e.key === 'Enter') {
+                  addCustomModel();
+                  e.preventDefault();
+                }
+              }}
            />
          </div>
          <Form.Field>
@@ -389,7 +411,7 @@ const EditChannel = () => {
                label='密钥'
                name='key'
                required
-                placeholder={inputs.type === 15 ? '按照如下格式输入：APIKey|SecretKey' : (inputs.type === 18 ? '按照如下格式输入：APPID|APISecret|APIKey' : '请输入渠道对应的鉴权密钥')}
+                placeholder={type2secretPrompt(inputs.type)}
                onChange={handleInputChange}
                value={inputs.key}
                autoComplete='new-password'
@@ -407,7 +429,7 @@ const EditChannel = () => {
            )
          }
          {
-            inputs.type !== 3 && inputs.type !== 8 && (
+            inputs.type !== 3 && inputs.type !== 8 && inputs.type !== 22 && (
              <Form.Field>
                <Form.Input
                  label='代理'
@@ -420,6 +442,20 @@ const EditChannel = () => {
              </Form.Field>
            )
          }
+          {
+            inputs.type === 22 && (
+              <Form.Field>
+                <Form.Input
+                  label='私有部署地址'
+                  name='base_url'
+                  placeholder={'请输入私有部署地址，格式为：https://fastgpt.run/api/openapi'}
+                  onChange={handleInputChange}
+                  value={inputs.base_url}
+                  autoComplete='new-password'
+                />
+              </Form.Field>
+            )
+          }
          <Button onClick={handleCancel}>取消</Button>
          <Button type={isEdit ? 'button' : 'submit'} positive onClick={submit}>提交</Button>
        </Form>
Author	SHA1	Message	Date
JustSong	25c4c111ab	fix: only enable cors for relay routers to avoid csrf attack	2023-09-17 11:44:38 +08:00
JustSong	0d50ad4b2b	chore: update channel test prompt	2023-09-17 11:34:06 +08:00
JustSong	959bcdef88	chore: update error code	2023-09-17 11:30:20 +08:00
JustSong	39ae8075e4	fix: fix oauth2 state not checking	2023-09-15 00:24:20 +08:00
JustSong	b57a0eca16	docs: update readme	2023-09-13 23:22:53 +08:00
Junyan Qin	1b4cc78890	docs: add QChatGPT (#522 ) * doc(README.md): 添加支持One API的项目QChatGPT * Update README.md --------- Co-authored-by: JustSong <39998050+songquanpeng@users.noreply.github.com>	2023-09-13 23:18:53 +08:00
JustSong	420c375140	perf: only return quota when it's not zero	2023-09-13 22:05:10 +08:00
JustSong	01863d3e44	fix: fix quota not return when error occurred (close #518 )	2023-09-13 21:50:45 +08:00
igophper	d0a0e871e1	fix: support ali's embedding model (#481 , close #469 ) * feat:支持阿里的 embedding 模型 * fix: add to model list --------- Co-authored-by: JustSong <songquanpeng@foxmail.com> Co-authored-by: JustSong <39998050+songquanpeng@users.noreply.github.com>	2023-09-03 22:12:35 +08:00
JustSong	bd6fe1e93c	feat: able to config rate limit (close #477 )	2023-09-03 21:56:37 +08:00
JustSong	c55bb67818	docs: update README (close #482 )	2023-09-03 21:50:00 +08:00
JustSong	0f949c3782	docs: update README (close #482 )	2023-09-03 21:49:41 +08:00
JustSong	a721a5b6f9	chore: add error prompt for Azure	2023-09-03 21:46:07 +08:00
JustSong	276163affd	fix: press enter to submit custom model name	2023-09-03 21:40:58 +08:00
JustSong	621eb91b46	chore: pass through error out	2023-09-03 21:31:58 +08:00
JustSong	7e575abb95	feat: add channel type FastGPT	2023-09-03 15:50:49 +08:00
JustSong	9db93316c4	docs: update README	2023-09-03 15:12:54 +08:00