update sth at 2025-10-16 14:55:36

.env.example

@@ -0,0 +1,53 @@
+# 代理服务配置文件示例
+# 复制此文件为 .env 并根据需要修改配置值
+
+# ========== API 基础配置 ==========
+# 客户端认证密钥（您自定义的 API 密钥，用于客户端访问本服务）
+AUTH_TOKEN=sk-your-api-key
+
+# 跳过客户端认证（仅开发环境使用）
+SKIP_AUTH_TOKEN=false
+
+# ========== Z.ai Token池配置 ==========
+# Token失败阈值（失败多少次后标记为不可用）
+TOKEN_FAILURE_THRESHOLD=3
+
+# Token恢复超时时间（秒，失败token在此时间后重新尝试）
+TOKEN_RECOVERY_TIMEOUT=1800
+
+# Z.AI 匿名用户模式
+# false: 使用认证 Token 令牌，失败时自动降级为匿名请求
+# true: 自动从 Z.ai 获取临时访问令牌，避免对话历史共享
+ANONYMOUS_MODE=true
+
+# ========== LongCat 配置 ==========
+# LongCat token（单个token）
+# LONGCAT_TOKEN=your_passport_token_here
+
+# ========== 服务器配置 ==========
+# 服务监听端口
+LISTEN_PORT=7860
+
+# 服务名称
+SERVICE_NAME=z-ai2api-server
+
+# 调试日志
+DEBUG_LOGGING=false
+
+# Nginx 反向代理路径前缀（可选，用于在子路径下部署）
+# 例如：ROOT_PATH=/ai2api 则服务部署在 http://domain.com/ai2api
+# 留空表示部署在根路径
+ROOT_PATH=
+
+# Function Call 功能开关
+TOOL_SUPPORT=true
+
+# 工具调用扫描限制（字符数）
+SCAN_LIMIT=200000
+
+# ========== 管理后台认证 ==========
+# 管理后台登录密码（建议修改为复杂密码）
+ADMIN_PASSWORD=admin123
+
+# Session 密钥（用于加密会话，建议生成随机字符串）
+SESSION_SECRET_KEY=your-secret-key-change-in-production

.gitattributes

@@ -1,35 +1,2 @@
-*.7z filter=lfs diff=lfs merge=lfs -text
-*.arrow filter=lfs diff=lfs merge=lfs -text
-*.bin filter=lfs diff=lfs merge=lfs -text
-*.bz2 filter=lfs diff=lfs merge=lfs -text
-*.ckpt filter=lfs diff=lfs merge=lfs -text
-*.ftz filter=lfs diff=lfs merge=lfs -text
-*.gz filter=lfs diff=lfs merge=lfs -text
-*.h5 filter=lfs diff=lfs merge=lfs -text
-*.joblib filter=lfs diff=lfs merge=lfs -text
-*.lfs.* filter=lfs diff=lfs merge=lfs -text
-*.mlmodel filter=lfs diff=lfs merge=lfs -text
-*.model filter=lfs diff=lfs merge=lfs -text
-*.msgpack filter=lfs diff=lfs merge=lfs -text
-*.npy filter=lfs diff=lfs merge=lfs -text
-*.npz filter=lfs diff=lfs merge=lfs -text
-*.onnx filter=lfs diff=lfs merge=lfs -text
-*.ot filter=lfs diff=lfs merge=lfs -text
-*.parquet filter=lfs diff=lfs merge=lfs -text
-*.pb filter=lfs diff=lfs merge=lfs -text
-*.pickle filter=lfs diff=lfs merge=lfs -text
-*.pkl filter=lfs diff=lfs merge=lfs -text
-*.pt filter=lfs diff=lfs merge=lfs -text
-*.pth filter=lfs diff=lfs merge=lfs -text
-*.rar filter=lfs diff=lfs merge=lfs -text
-*.safetensors filter=lfs diff=lfs merge=lfs -text
-saved_model/**/* filter=lfs diff=lfs merge=lfs -text
-*.tar.* filter=lfs diff=lfs merge=lfs -text
-*.tar filter=lfs diff=lfs merge=lfs -text
-*.tflite filter=lfs diff=lfs merge=lfs -text
-*.tgz filter=lfs diff=lfs merge=lfs -text
-*.wasm filter=lfs diff=lfs merge=lfs -text
-*.xz filter=lfs diff=lfs merge=lfs -text
-*.zip filter=lfs diff=lfs merge=lfs -text
-*.zst filter=lfs diff=lfs merge=lfs -text
-*tfevents* filter=lfs diff=lfs merge=lfs -text
+# Auto detect text files and perform LF normalization
+* text=auto

.github/workflows/docker.yml

@@ -0,0 +1,64 @@
+name: Build and Push Docker Image
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - 'v*'
+
+env:
+  IMAGE_NAME: z-ai2api-python
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Login to Docker Hub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ghcr.io/${{ github.repository }}
+            ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=raw,value=latest,enable={{is_default_branch}}
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./deploy/Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.gitignore

@@ -0,0 +1,180 @@
+# Custom
+.vs/
+.vscode/
+.idea/
+.conda/
+*.zip
+*.txt
+*.pid
+docs/
+output/
+main.build/
+main.dist/
+main.onefile-build/
+*report.xml
+*.yaml
+logs/
+backup/
+uv.lock
+AGENTS.md
+*.db
+
+# AI Toolset
+.augment/
+.cursor/
+.claude/
+CLAUDE.md
+
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# poetry
+#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+#poetry.lock
+
+# pdm
+#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
+#pdm.lock
+#   pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
+#   in version control.
+#   https://pdm.fming.dev/#use-with-ide
+.pdm.toml
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/

Dockerfile

@@ -1,24 +1,24 @@
-# Build stage
-FROM golang:1.24-alpine AS builder
-WORKDIR /app
-COPY go.mod go.sum ./
-RUN go mod download
-COPY . .
-RUN CGO_ENABLED=0 go build -o main .
+FROM python:3.12-slim
 
-# Final stage
-FROM alpine:latest
-RUN apk --no-cache add ca-certificates
+# Set working directory
 WORKDIR /app
-COPY --from=builder /app/main .
 
-# Labels
-LABEL maintainer="z2"
-LABEL description="z2 API"
-LABEL version="1.0.5"
+# Create data and logs directories with proper permissions
+RUN mkdir -p /app/data /app/logs && \
+    chmod 755 /app/data /app/logs
+
+# Install dependencies
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Copy application code
+COPY . .
+
+# Set environment variable for database path
+ENV DB_PATH=/app/data/tokens.db
 
 # Expose port
 EXPOSE 7860
 
 # Run the application
-CMD ["./main"]
+CMD ["python", "main.py"]

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 ZyphrZero
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

app/__init__.py

@@ -0,0 +1,6 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from app import core, models, utils
+
+__all__ = ["core", "models", "utils"]

app/admin/__init__.py

@@ -0,0 +1,3 @@
+"""
+管理后台模块初始化
+"""

app/admin/api.py

@@ -0,0 +1,728 @@
+"""
+管理后台 API 接口
+用于 htmx 调用的 HTML 片段返回
+"""
+from fastapi import APIRouter, Request
+from fastapi.templating import Jinja2Templates
+from fastapi.responses import HTMLResponse, JSONResponse, Response
+from datetime import datetime
+from app.utils.logger import logger
+import os
+
+router = APIRouter(prefix="/admin/api", tags=["admin-api"])
+templates = Jinja2Templates(directory="app/templates")
+
+
+# ==================== 认证 API ====================
+
+@router.post("/login")
+async def login(request: Request):
+    """管理后台登录"""
+    from app.admin.auth import create_session
+
+    try:
+        data = await request.json()
+        password = data.get("password", "")
+
+        # 创建 session
+        session_token = create_session(password)
+
+        if session_token:
+            # 登录成功，设置 cookie
+            response = JSONResponse({
+                "success": True,
+                "message": "登录成功"
+            })
+            response.set_cookie(
+                key="admin_session",
+                value=session_token,
+                httponly=True,
+                max_age=86400,  # 24小时
+                samesite="lax"
+            )
+            logger.info("✅ 管理后台登录成功")
+            return response
+        else:
+            # 密码错误
+            logger.warning("❌ 管理后台登录失败：密码错误")
+            return JSONResponse({
+                "success": False,
+                "message": "密码错误"
+            }, status_code=401)
+
+    except Exception as e:
+        logger.error(f"❌ 登录异常: {e}")
+        return JSONResponse({
+            "success": False,
+            "message": "登录失败"
+        }, status_code=500)
+
+
+@router.post("/logout")
+async def logout(request: Request):
+    """管理后台登出"""
+    from app.admin.auth import delete_session, get_session_token_from_request
+
+    session_token = get_session_token_from_request(request)
+    delete_session(session_token)
+
+    # 清除 cookie
+    response = JSONResponse({
+        "success": True,
+        "message": "已登出"
+    })
+    response.delete_cookie("admin_session")
+    logger.info("✅ 管理后台已登出")
+    return response
+
+
+async def reload_settings():
+    """热重载配置（重新加载环境变量并更新 settings 对象）"""
+    from app.core.config import settings
+    from app.utils.logger import setup_logger
+    from dotenv import load_dotenv
+
+    # 重新加载 .env 文件
+    load_dotenv(override=True)
+
+    # 重新创建 Settings 对象并更新全局配置
+    new_settings = type(settings)()
+
+    # 更新全局 settings 的所有属性
+    for field_name in new_settings.model_fields.keys():
+        setattr(settings, field_name, getattr(new_settings, field_name))
+
+    # 重新初始化 logger（使用新的 DEBUG_LOGGING 配置）
+    setup_logger(log_dir="logs", debug_mode=settings.DEBUG_LOGGING)
+
+    logger.info(f"🔄 配置已热重载 (DEBUG_LOGGING={settings.DEBUG_LOGGING})")
+
+
+@router.get("/token-pool", response_class=HTMLResponse)
+async def get_token_pool_status(request: Request):
+    """获取 Token 池状态（HTML 片段）"""
+    from app.utils.token_pool import get_token_pool
+
+    token_pool = get_token_pool()
+
+    if not token_pool:
+        # Token 池未初始化
+        context = {
+            "request": request,
+            "tokens": [],
+        }
+        return templates.TemplateResponse("components/token_pool.html", context)
+
+    # 获取 token 状态统计
+    pool_status = token_pool.get_pool_status()
+    tokens_info = []
+
+    for idx, token_info in enumerate(pool_status.get("tokens", []), 1):
+        is_available = token_info.get("is_available", False)
+        is_healthy = token_info.get("is_healthy", False)
+
+        # 确定状态和颜色
+        if is_healthy:
+            status = "健康"
+            status_color = "bg-green-100 text-green-800"
+        elif is_available:
+            status = "可用"
+            status_color = "bg-yellow-100 text-yellow-800"
+        else:
+            status = "失败"
+            status_color = "bg-red-100 text-red-800"
+
+        # 格式化最后使用时间
+        last_success = token_info.get("last_success_time", 0)
+        if last_success > 0:
+            from datetime import datetime
+            last_used = datetime.fromtimestamp(last_success).strftime("%Y-%m-%d %H:%M:%S")
+        else:
+            last_used = "从未使用"
+
+        tokens_info.append({
+            "index": idx,
+            "key": token_info.get("token", "")[:20] + "...",
+            "status": status,
+            "status_color": status_color,
+            "last_used": last_used,
+            "failure_count": token_info.get("failure_count", 0),
+            "success_rate": token_info.get("success_rate", "0%"),
+            "token_type": token_info.get("token_type", "unknown"),
+        })
+
+    context = {
+        "request": request,
+        "tokens": tokens_info,
+    }
+
+    return templates.TemplateResponse("components/token_pool.html", context)
+
+
+@router.get("/recent-logs", response_class=HTMLResponse)
+async def get_recent_logs(request: Request):
+    """获取最近的请求日志（HTML 片段）"""
+    # TODO: 从数据库或日志文件读取
+    logs = [
+        {
+            "timestamp": datetime.now().strftime("%Y-%m-%d %H:%M:%S"),
+            "endpoint": "/v1/chat/completions",
+            "model": "gpt-4o",
+            "status": 200,
+            "duration": "1.23s",
+            "provider": "zai",
+        }
+    ]
+
+    context = {
+        "request": request,
+        "logs": logs,
+    }
+
+    return templates.TemplateResponse("components/recent_logs.html", context)
+
+
+@router.post("/config/save")
+async def save_config(request: Request):
+    """保存配置到 .env 文件并热重载"""
+    try:
+        form_data = await request.form()
+
+        # 构建 .env 内容
+        env_lines = [
+            "# Z.AI2API 配置文件",
+            "",
+            "# ========== 服务器配置 ==========",
+            f"SERVICE_NAME={form_data.get('service_name', 'Z.AI2API')}",
+            f"LISTEN_PORT={form_data.get('listen_port', '7860')}",
+            f"DEBUG_LOGGING={'true' if 'debug_logging' in form_data else 'false'}",
+            "",
+            "# ========== 认证配置 ==========",
+            f"AUTH_TOKEN={form_data.get('auth_token', 'sk-your-api-key')}",
+            f"SKIP_AUTH_TOKEN={'true' if 'skip_auth_token' in form_data else 'false'}",
+            f"ANONYMOUS_MODE={'true' if 'anonymous_mode' in form_data else 'false'}",
+            "",
+            "# ========== 功能配置 ==========",
+            f"TOOL_SUPPORT={'true' if 'tool_support' in form_data else 'false'}",
+            f"SCAN_LIMIT={form_data.get('scan_limit', '200000')}",
+            "",
+            "# ========== Token 池配置 ==========",
+            f"TOKEN_FAILURE_THRESHOLD={form_data.get('token_failure_threshold', '3')}",
+            f"TOKEN_RECOVERY_TIMEOUT={form_data.get('token_recovery_timeout', '1800')}",
+            "",
+            "# ========== 提供商配置 ==========",
+            f"DEFAULT_PROVIDER={form_data.get('default_provider', 'zai')}",
+        ]
+
+        # LongCat Token（可选）
+        longcat_token = form_data.get('longcat_token', '').strip()
+        if longcat_token:
+            env_lines.append(f"LONGCAT_TOKEN={longcat_token}")
+
+        # 写入 .env 文件
+        with open(".env", "w", encoding="utf-8") as f:
+            f.write("\n".join(env_lines))
+
+        logger.info("✅ 配置文件已保存")
+
+        # 热重载配置
+        await reload_settings()
+
+        return HTMLResponse("""
+        <div class="bg-green-100 border border-green-400 text-green-700 px-4 py-3 rounded relative" role="alert">
+            <strong class="font-bold">成功！</strong>
+            <span class="block sm:inline">配置已保存并重载成功</span>
+        </div>
+        """)
+
+    except Exception as e:
+        logger.error(f"❌ 配置保存失败: {str(e)}")
+        return HTMLResponse(f"""
+        <div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded relative" role="alert">
+            <strong class="font-bold">错误！</strong>
+            <span class="block sm:inline">保存失败: {str(e)}</span>
+        </div>
+        """)
+
+
+@router.get("/env-preview")
+async def get_env_preview():
+    """获取 .env 文件预览"""
+    try:
+        with open(".env", "r", encoding="utf-8") as f:
+            content = f.read()
+        return HTMLResponse(f"<pre>{content}</pre>")
+    except FileNotFoundError:
+        return HTMLResponse("<pre># .env 文件不存在</pre>")
+    except Exception as e:
+        return HTMLResponse(f"<pre># 读取失败: {str(e)}</pre>")
+
+
+@router.get("/provider-status", response_class=HTMLResponse)
+async def get_provider_status(request: Request):
+    """获取提供商状态详情（HTML 片段）"""
+    from app.services.token_dao import get_token_dao
+
+    dao = get_token_dao()
+
+    # 获取所有提供商的统计信息
+    providers = ["zai", "k2think", "longcat"]
+    provider_stats_list = []
+
+    for provider in providers:
+        stats = await dao.get_provider_stats(provider)
+        tokens = await dao.get_tokens_by_provider(provider, enabled_only=False)
+
+        # 计算成功率
+        total_requests = stats.get("total_requests", 0) or 0
+        successful_requests = stats.get("successful_requests", 0) or 0
+        failed_requests = stats.get("failed_requests", 0) or 0
+
+        if total_requests > 0:
+            success_rate = f"{(successful_requests / total_requests * 100):.1f}%"
+        else:
+            success_rate = "N/A"
+
+        # Token 类型统计
+        user_tokens = sum(1 for t in tokens if t.get("token_type") == "user")
+        guest_tokens = sum(1 for t in tokens if t.get("token_type") == "guest")
+        unknown_tokens = sum(1 for t in tokens if t.get("token_type") == "unknown")
+
+        provider_stats_list.append({
+            "name": provider,  # 小写名称（用于 URL 参数）
+            "name_upper": provider.upper(),  # 大写名称（用于显示）
+            "display_name": {
+                "zai": "Z.AI",
+                "k2think": "K2Think",
+                "longcat": "LongCat"
+            }.get(provider, provider.upper()),
+            "total_tokens": stats.get("total_tokens", 0) or 0,
+            "enabled_tokens": stats.get("enabled_tokens", 0) or 0,
+            "user_tokens": user_tokens,
+            "guest_tokens": guest_tokens,
+            "unknown_tokens": unknown_tokens,
+            "total_requests": total_requests,
+            "successful_requests": successful_requests,
+            "failed_requests": failed_requests,
+            "success_rate": success_rate,
+        })
+
+    context = {
+        "request": request,
+        "providers": provider_stats_list,
+    }
+
+    return templates.TemplateResponse("components/provider_status.html", context)
+
+
+@router.get("/live-logs", response_class=HTMLResponse)
+async def get_live_logs():
+    """获取实时日志（最新 50 行）"""
+    import os
+    from datetime import datetime
+
+    logs = []
+
+    # 尝试读取日志文件
+    log_dir = "logs"
+    if os.path.exists(log_dir):
+        log_files = sorted([f for f in os.listdir(log_dir) if f.endswith('.log')], reverse=True)
+        if log_files:
+            log_file = os.path.join(log_dir, log_files[0])
+            try:
+                with open(log_file, 'r', encoding='utf-8') as f:
+                    # 读取最后 50 行
+                    lines = f.readlines()[-50:]
+                    logs = lines
+            except Exception as e:
+                logs = [f"# [{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}] 读取日志失败: {str(e)}"]
+
+    if not logs:
+        logs = [f"# [{datetime.now().strftime('%Y-%m-%d %H:%M:%S')}] 暂无日志数据"]
+
+    html = ""
+    for log in logs:
+        log_line = log.strip()
+        if not log_line:
+            continue
+
+        # 根据日志级别设置颜色和样式
+        if "ERROR" in log_line or "CRITICAL" in log_line:
+            color_class = "text-red-400 font-semibold"
+            icon = "❌"
+        elif "WARNING" in log_line or "WARN" in log_line:
+            color_class = "text-yellow-400"
+            icon = "⚠️"
+        elif "SUCCESS" in log_line or "✅" in log_line:
+            color_class = "text-green-400"
+            icon = "✅"
+        elif "INFO" in log_line:
+            color_class = "text-blue-400"
+            icon = "ℹ️"
+        elif "DEBUG" in log_line:
+            color_class = "text-gray-400 text-xs"
+            icon = "🔍"
+        else:
+            color_class = "text-gray-300"
+            icon = "•"
+
+        # 转义 HTML 特殊字符
+        log_escaped = log_line.replace('<', '&lt;').replace('>', '&gt;')
+
+        html += f'<div class="{color_class} py-0.5 hover:bg-gray-800 px-2 rounded transition-colors">{icon} {log_escaped}</div>'
+
+    return HTMLResponse(html)
+
+
+# ==================== Token 管理 API ====================
+
+@router.get("/tokens/list", response_class=HTMLResponse)
+async def get_tokens_list(request: Request, provider: str = "zai"):
+    """获取 Token 列表（HTML 片段）"""
+    from app.services.token_dao import get_token_dao
+
+    dao = get_token_dao()
+    tokens = await dao.get_tokens_by_provider(provider, enabled_only=False)
+
+    context = {
+        "request": request,
+        "tokens": tokens,
+        "provider": provider
+    }
+
+    return templates.TemplateResponse("components/token_list.html", context)
+
+
+@router.post("/tokens/add")
+async def add_tokens(request: Request):
+    """添加 Token"""
+    from app.services.token_dao import get_token_dao
+    from app.utils.token_pool import get_token_pool
+
+    form_data = await request.form()
+    provider = form_data.get("provider", "zai")
+    single_token = form_data.get("single_token", "").strip()
+    bulk_tokens = form_data.get("bulk_tokens", "").strip()
+
+    dao = get_token_dao()
+    added_count = 0
+    failed_count = 0
+
+    # 添加单个 Token（带验证）
+    if single_token:
+        token_id = await dao.add_token(provider, single_token, validate=True)
+        if token_id:
+            added_count += 1
+        else:
+            failed_count += 1
+
+    # 批量添加 Token（带验证）
+    if bulk_tokens:
+        # 支持换行和逗号分隔
+        tokens = []
+        for line in bulk_tokens.split('\n'):
+            line = line.strip()
+            if ',' in line:
+                tokens.extend([t.strip() for t in line.split(',') if t.strip()])
+            elif line:
+                tokens.append(line)
+
+        success, failed = await dao.bulk_add_tokens(provider, tokens, validate=True)
+        added_count += success
+        failed_count += failed
+
+    # 同步 Token 池状态（如果有新增成功的 Token）
+    if added_count > 0:
+        pool = get_token_pool()
+        if pool:
+            await pool.sync_from_database(provider)
+            logger.info(f"✅ Token 池已同步，新增 {added_count} 个 Token ({provider})")
+
+    # 生成响应
+    if added_count > 0 and failed_count == 0:
+        return HTMLResponse(f"""
+        <div class="bg-green-100 border border-green-400 text-green-700 px-4 py-3 rounded relative" role="alert">
+            <strong class="font-bold">成功！</strong>
+            <span class="block sm:inline">已添加 {added_count} 个有效 Token</span>
+        </div>
+        """)
+    elif added_count > 0 and failed_count > 0:
+        return HTMLResponse(f"""
+        <div class="bg-yellow-100 border border-yellow-400 text-yellow-700 px-4 py-3 rounded relative" role="alert">
+            <strong class="font-bold">部分成功！</strong>
+            <span class="block sm:inline">已添加 {added_count} 个 Token，{failed_count} 个失败（可能是重复、无效或匿名 Token）</span>
+        </div>
+        """)
+    else:
+        return HTMLResponse("""
+        <div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded relative" role="alert">
+            <strong class="font-bold">失败！</strong>
+            <span class="block sm:inline">所有 Token 添加失败（可能是重复、无效或匿名 Token）</span>
+        </div>
+        """)
+
+
+@router.post("/tokens/toggle/{token_id}")
+async def toggle_token(token_id: int, enabled: bool):
+    """切换 Token 启用状态"""
+    from app.services.token_dao import get_token_dao
+    from app.utils.token_pool import get_token_pool
+
+    dao = get_token_dao()
+    await dao.update_token_status(token_id, enabled)
+
+    # 同步 Token 池状态
+    pool = get_token_pool()
+    if pool:
+        # 获取 Token 的提供商信息
+        async with dao.get_connection() as conn:
+            cursor = await conn.execute("SELECT provider FROM tokens WHERE id = ?", (token_id,))
+            row = await cursor.fetchone()
+            if row:
+                provider = row[0]
+                await pool.sync_from_database(provider)
+                logger.info(f"✅ Token 池已同步 ({provider})")
+
+    # 根据状态返回不同样式的按钮
+    if enabled:
+        button_class = "bg-green-100 text-green-800 hover:bg-green-200"
+        indicator_class = "bg-green-500"
+        label = "已启用"
+        next_state = "false"
+    else:
+        button_class = "bg-red-100 text-red-800 hover:bg-red-200"
+        indicator_class = "bg-red-500"
+        label = "已禁用"
+        next_state = "true"
+
+    return HTMLResponse(f"""
+    <button hx-post="/admin/api/tokens/toggle/{token_id}?enabled={next_state}"
+            hx-swap="outerHTML"
+            class="inline-flex items-center px-2.5 py-0.5 text-xs font-semibold rounded-full transition-colors {button_class}">
+        <span class="h-2 w-2 rounded-full mr-1.5 {indicator_class}"></span>
+        {label}
+    </button>
+    """)
+
+
+@router.delete("/tokens/delete/{token_id}")
+async def delete_token(token_id: int):
+    """删除 Token"""
+    from app.services.token_dao import get_token_dao
+    from app.utils.token_pool import get_token_pool
+
+    dao = get_token_dao()
+
+    # 获取 Token 信息以确定提供商
+    async with dao.get_connection() as conn:
+        cursor = await conn.execute("SELECT provider FROM tokens WHERE id = ?", (token_id,))
+        row = await cursor.fetchone()
+        provider = row[0] if row else "zai"
+
+    await dao.delete_token(token_id)
+
+    # 同步 Token 池状态
+    pool = get_token_pool()
+    if pool:
+        await pool.sync_from_database(provider)
+        logger.info(f"✅ Token 池已同步 ({provider})")
+
+    return HTMLResponse("")  # 返回空内容，让 htmx 移除元素
+
+
+@router.get("/tokens/stats", response_class=HTMLResponse)
+async def get_tokens_stats(request: Request, provider: str = "zai"):
+    """获取 Token 统计信息（HTML 片段）"""
+    from app.services.token_dao import get_token_dao
+
+    dao = get_token_dao()
+
+    # 获取提供商统计
+    stats = await dao.get_provider_stats(provider)
+
+    # 获取所有 Token 进行类型统计
+    tokens = await dao.get_tokens_by_provider(provider, enabled_only=False)
+
+    user_tokens = sum(1 for t in tokens if t.get("token_type") == "user")
+    guest_tokens = sum(1 for t in tokens if t.get("token_type") == "guest")
+    unknown_tokens = sum(1 for t in tokens if t.get("token_type") == "unknown")
+
+    stats_data = {
+        "total_tokens": stats.get("total_tokens", 0) or 0,
+        "enabled_tokens": stats.get("enabled_tokens", 0) or 0,
+        "user_tokens": user_tokens,
+        "guest_tokens": guest_tokens,
+        "unknown_tokens": unknown_tokens,
+        "total_requests": stats.get("total_requests", 0) or 0,
+        "successful_requests": stats.get("successful_requests", 0) or 0,
+        "failed_requests": stats.get("failed_requests", 0) or 0,
+    }
+
+    context = {
+        "request": request,
+        "stats": stats_data,
+        "provider": provider
+    }
+
+    return templates.TemplateResponse("components/token_stats.html", context)
+
+
+@router.post("/tokens/validate")
+async def validate_tokens(request: Request):
+    """批量验证 Token"""
+    from app.services.token_dao import get_token_dao
+
+    form_data = await request.form()
+    provider = form_data.get("provider", "zai")
+
+    dao = get_token_dao()
+
+    # 执行批量验证
+    stats = await dao.validate_all_tokens(provider)
+
+    valid_count = stats.get("valid", 0)
+    guest_count = stats.get("guest", 0)
+    invalid_count = stats.get("invalid", 0)
+
+    # 生成通知消息
+    if guest_count > 0:
+        message_class = "bg-yellow-100 border-yellow-400 text-yellow-700"
+        message = f"验证完成：有效 {valid_count} 个，匿名 {guest_count} 个，无效 {invalid_count} 个。匿名 Token 已标记。"
+    elif invalid_count > 0:
+        message_class = "bg-blue-100 border-blue-400 text-blue-700"
+        message = f"验证完成：有效 {valid_count} 个，无效 {invalid_count} 个。"
+    else:
+        message_class = "bg-green-100 border-green-400 text-green-700"
+        message = f"验证完成：所有 {valid_count} 个 Token 均有效！"
+
+    return HTMLResponse(f"""
+    <div class="{message_class} border px-4 py-3 rounded relative" role="alert">
+        <strong class="font-bold">批量验证完成！</strong>
+        <span class="block sm:inline">{message}</span>
+    </div>
+    """)
+
+
+@router.post("/tokens/validate-single/{token_id}")
+async def validate_single_token(request: Request, token_id: int):
+    """验证单个 Token 并返回更新后的行"""
+    from app.services.token_dao import get_token_dao
+
+    dao = get_token_dao()
+
+    # 验证 Token
+    is_valid = await dao.validate_and_update_token(token_id)
+
+    # 获取更新后的 Token 信息
+    async with dao.get_connection() as conn:
+        cursor = await conn.execute("""
+            SELECT t.*, ts.total_requests, ts.successful_requests, ts.failed_requests,
+                   ts.last_success_time, ts.last_failure_time
+            FROM tokens t
+            LEFT JOIN token_stats ts ON t.id = ts.token_id
+            WHERE t.id = ?
+        """, (token_id,))
+        row = await cursor.fetchone()
+
+    if row:
+        # 返回更新后的单行 HTML
+        token = dict(row)
+        context = {
+            "request": request,
+            "token": token,
+        }
+        # 使用单行模板渲染
+        return templates.TemplateResponse("components/token_row.html", context)
+    else:
+        return HTMLResponse("")
+
+
+@router.post("/tokens/health-check")
+async def health_check_tokens(request: Request):
+    """执行 Token 池健康检查"""
+    from app.utils.token_pool import get_token_pool
+
+    form_data = await request.form()
+    provider = form_data.get("provider", "zai")
+
+    pool = get_token_pool()
+
+    if not pool:
+        return HTMLResponse("""
+        <div class="bg-yellow-100 border border-yellow-400 text-yellow-700 px-4 py-3 rounded relative" role="alert">
+            <strong class="font-bold">提示！</strong>
+            <span class="block sm:inline">Token 池未初始化，请重启服务。</span>
+        </div>
+        """)
+
+    # 执行健康检查
+    await pool.health_check_all()
+
+    # 获取健康状态
+    status = pool.get_pool_status()
+    healthy_count = status.get("healthy_tokens", 0)
+    total_count = status.get("total_tokens", 0)
+
+    if healthy_count == total_count:
+        message_class = "bg-green-100 border-green-400 text-green-700"
+        message = f"所有 {total_count} 个 Token 均健康！"
+    elif healthy_count > 0:
+        message_class = "bg-blue-100 border-blue-400 text-blue-700"
+        message = f"健康检查完成：{healthy_count}/{total_count} 个 Token 健康。"
+    else:
+        message_class = "bg-red-100 border-red-400 text-red-700"
+        message = f"警告：0/{total_count} 个 Token 健康，请检查配置。"
+
+    return HTMLResponse(f"""
+    <div class="{message_class} border px-4 py-3 rounded relative" role="alert">
+        <strong class="font-bold">健康检查完成！</strong>
+        <span class="block sm:inline">{message}</span>
+    </div>
+    """)
+
+
+@router.post("/tokens/sync-pool")
+async def sync_token_pool(request: Request):
+    """手动同步 Token 池（从数据库重新加载）"""
+    from app.utils.token_pool import get_token_pool
+
+    form_data = await request.form()
+    provider = form_data.get("provider", "zai")
+
+    pool = get_token_pool()
+
+    if not pool:
+        return HTMLResponse("""
+        <div class="bg-yellow-100 border border-yellow-400 text-yellow-700 px-4 py-3 rounded relative" role="alert">
+            <strong class="font-bold">提示！</strong>
+            <span class="block sm:inline">Token 池未初始化，请重启服务。</span>
+        </div>
+        """)
+
+    # 从数据库同步
+    await pool.sync_from_database(provider)
+
+    # 获取同步后的状态
+    status = pool.get_pool_status()
+    total_count = status.get("total_tokens", 0)
+    available_count = status.get("available_tokens", 0)
+    user_count = status.get("user_tokens", 0)
+
+    logger.info(f"✅ Token 池手动同步完成: {provider}, 总计 {total_count} 个 Token, 可用 {available_count} 个, 认证用户 {user_count} 个")
+
+    if total_count == 0:
+        message_class = "bg-yellow-100 border-yellow-400 text-yellow-700"
+        message = f"同步完成：当前没有可用的 {provider.upper()} Token，请在数据库中启用 Token。"
+    elif available_count == 0:
+        message_class = "bg-orange-100 border-orange-400 text-orange-700"
+        message = f"同步完成：共 {total_count} 个 Token，但无可用 Token（可能都已禁用）。"
+    else:
+        message_class = "bg-green-100 border-green-400 text-green-700"
+        message = f"同步完成：共 {total_count} 个 Token，{available_count} 个可用，{user_count} 个认证用户。"
+
+    return HTMLResponse(f"""
+    <div class="{message_class} border px-4 py-3 rounded relative" role="alert">
+        <strong class="font-bold">Token 池同步完成！</strong>
+        <span class="block sm:inline">{message}</span>
+    </div>
+    """)

app/admin/auth.py

@@ -0,0 +1,129 @@
+"""
+管理后台认证中间件
+"""
+from fastapi import Request, HTTPException, status
+from fastapi.responses import RedirectResponse
+from typing import Optional
+import hashlib
+import secrets
+from datetime import datetime, timedelta
+
+from app.core.config import settings
+
+# 简单的内存 Session 存储（生产环境建议使用 Redis）
+_sessions = {}
+
+# Session 有效期（小时）
+SESSION_EXPIRE_HOURS = 24
+
+
+def generate_session_token() -> str:
+    """生成随机 session token"""
+    return secrets.token_urlsafe(32)
+
+
+def create_session(password: str) -> Optional[str]:
+    """
+    创建 session
+
+    Args:
+        password: 用户输入的密码
+
+    Returns:
+        session_token 或 None（密码错误）
+    """
+    # 验证密码
+    if password != settings.ADMIN_PASSWORD:
+        return None
+
+    # 生成 session token
+    session_token = generate_session_token()
+
+    # 存储 session（包含过期时间）
+    _sessions[session_token] = {
+        "created_at": datetime.now(),
+        "expires_at": datetime.now() + timedelta(hours=SESSION_EXPIRE_HOURS),
+        "authenticated": True
+    }
+
+    return session_token
+
+
+def verify_session(session_token: Optional[str]) -> bool:
+    """
+    验证 session 是否有效
+
+    Args:
+        session_token: Session token
+
+    Returns:
+        是否已认证
+    """
+    if not session_token:
+        return False
+
+    session = _sessions.get(session_token)
+    if not session:
+        return False
+
+    # 检查是否过期
+    if datetime.now() > session["expires_at"]:
+        # 删除过期 session
+        del _sessions[session_token]
+        return False
+
+    return session.get("authenticated", False)
+
+
+def delete_session(session_token: Optional[str]):
+    """删除 session（登出）"""
+    if session_token and session_token in _sessions:
+        del _sessions[session_token]
+
+
+def get_session_token_from_request(request: Request) -> Optional[str]:
+    """从请求中获取 session token"""
+    return request.cookies.get("admin_session")
+
+
+async def require_auth(request: Request):
+    """
+    认证依赖项：要求用户已登录
+
+    在路由中使用：
+    @router.get("/admin", dependencies=[Depends(require_auth)])
+    """
+    session_token = get_session_token_from_request(request)
+
+    if not verify_session(session_token):
+        # 未认证，重定向到登录页
+        raise HTTPException(
+            status_code=status.HTTP_303_SEE_OTHER,
+            detail="未登录",
+            headers={"Location": "/admin/login"}
+        )
+
+
+def get_authenticated_user(request: Request) -> bool:
+    """
+    获取当前认证状态（用于模板）
+
+    Returns:
+        是否已认证
+    """
+    session_token = get_session_token_from_request(request)
+    return verify_session(session_token)
+
+
+def cleanup_expired_sessions():
+    """清理过期的 session（定时任务调用）"""
+    now = datetime.now()
+    expired_tokens = [
+        token for token, session in _sessions.items()
+        if now > session["expires_at"]
+    ]
+
+    for token in expired_tokens:
+        del _sessions[token]
+
+    return len(expired_tokens)

app/admin/routes.py

@@ -0,0 +1,116 @@
+"""
+管理后台路由模块
+"""
+from fastapi import APIRouter, Request, Form, Depends
+from fastapi.templating import Jinja2Templates
+from fastapi.responses import HTMLResponse
+from datetime import datetime
+import os
+
+from app.admin.auth import require_auth
+
+router = APIRouter(prefix="/admin", tags=["admin"])
+templates = Jinja2Templates(directory="app/templates")
+
+
+@router.get("/login", response_class=HTMLResponse)
+async def login_page(request: Request):
+    """登录页面"""
+    return templates.TemplateResponse("login.html", {"request": request})
+
+
+@router.get("/", response_class=HTMLResponse, dependencies=[Depends(require_auth)])
+async def dashboard(request: Request):
+    """仪表盘首页"""
+    from app.utils.token_pool import get_token_pool
+    from app.services.token_dao import get_token_dao
+
+    token_pool = get_token_pool()
+    dao = get_token_dao()
+
+    # 统计 Token 池状态（内存中）
+    if token_pool:
+        pool_status = token_pool.get_pool_status()
+        available_tokens = pool_status.get("available_tokens", 0)
+        total_tokens = pool_status.get("total_tokens", 0)
+        healthy_tokens = pool_status.get("healthy_tokens", 0)
+        user_tokens = pool_status.get("user_tokens", 0)
+        guest_tokens = pool_status.get("guest_tokens", 0)
+    else:
+        available_tokens = 0
+        total_tokens = 0
+        healthy_tokens = 0
+        user_tokens = 0
+        guest_tokens = 0
+
+    # 基础统计信息
+    stats = {
+        "uptime": "N/A",
+        "total_requests": 0,
+        "success_rate": 0,
+        "available_tokens": available_tokens,
+        "total_tokens": total_tokens,
+        "healthy_tokens": healthy_tokens,
+        "user_tokens": user_tokens,
+        "guest_tokens": guest_tokens,
+    }
+
+    context = {
+        "request": request,
+        "stats": stats,
+        "current_time": datetime.now().strftime("%Y-%m-%d %H:%M:%S")
+    }
+
+    return templates.TemplateResponse("index.html", context)
+
+
+@router.get("/config", response_class=HTMLResponse, dependencies=[Depends(require_auth)])
+async def config_page(request: Request):
+    """配置管理页面"""
+    from app.core.config import settings
+
+    # 读取 .env 文件内容
+    env_content = ""
+    try:
+        with open(".env", "r", encoding="utf-8") as f:
+            env_content = f.read()
+    except FileNotFoundError:
+        env_content = "# .env 文件不存在"
+
+    context = {
+        "request": request,
+        "config": {
+            "SERVICE_NAME": settings.SERVICE_NAME,
+            "LISTEN_PORT": settings.LISTEN_PORT,
+            "DEBUG_LOGGING": settings.DEBUG_LOGGING,
+            "ANONYMOUS_MODE": settings.ANONYMOUS_MODE,
+            "AUTH_TOKEN": settings.AUTH_TOKEN,
+            "SKIP_AUTH_TOKEN": settings.SKIP_AUTH_TOKEN,
+            "TOOL_SUPPORT": settings.TOOL_SUPPORT,
+            "TOKEN_FAILURE_THRESHOLD": settings.TOKEN_FAILURE_THRESHOLD,
+            "TOKEN_RECOVERY_TIMEOUT": settings.TOKEN_RECOVERY_TIMEOUT,
+            "SCAN_LIMIT": settings.SCAN_LIMIT,
+            "LONGCAT_TOKEN": settings.LONGCAT_TOKEN or "",
+            "DEFAULT_PROVIDER": settings.DEFAULT_PROVIDER,
+        },
+        "env_content": env_content,
+    }
+    return templates.TemplateResponse("config.html", context)
+
+
+@router.get("/monitor", response_class=HTMLResponse, dependencies=[Depends(require_auth)])
+async def monitor_page(request: Request):
+    """服务监控页面"""
+    context = {
+        "request": request,
+    }
+    return templates.TemplateResponse("monitor.html", context)
+
+
+@router.get("/tokens", response_class=HTMLResponse, dependencies=[Depends(require_auth)])
+async def tokens_page(request: Request):
+    """Token 管理页面"""
+    context = {
+        "request": request,
+    }
+    return templates.TemplateResponse("tokens.html", context)

app/core/__init__.py

@@ -0,0 +1,6 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from app.core import config, openai
+
+__all__ = ["config", "openai"]

app/core/config.py

@@ -0,0 +1,95 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+import os
+from typing import Dict, List, Optional
+from pydantic_settings import BaseSettings
+
+
+class Settings(BaseSettings):
+    """Application settings"""
+
+    # API Configuration
+    API_ENDPOINT: str = "https://chat.z.ai/api/chat/completions"
+    
+    # Authentication
+    AUTH_TOKEN: Optional[str] = os.getenv("AUTH_TOKEN")
+
+    # Token池配置
+    TOKEN_FAILURE_THRESHOLD: int = int(os.getenv("TOKEN_FAILURE_THRESHOLD", "3"))  # 失败3次后标记为不可用
+    TOKEN_RECOVERY_TIMEOUT: int = int(os.getenv("TOKEN_RECOVERY_TIMEOUT", "1800"))  # 30分钟后重试失败的token
+
+    # Model Configuration
+    GLM45_MODEL: str = os.getenv("GLM45_MODEL", "GLM-4.5")
+    GLM45_THINKING_MODEL: str = os.getenv("GLM45_THINKING_MODEL", "GLM-4.5-Thinking")
+    GLM45_SEARCH_MODEL: str = os.getenv("GLM45_SEARCH_MODEL", "GLM-4.5-Search")
+    GLM45_AIR_MODEL: str = os.getenv("GLM45_AIR_MODEL", "GLM-4.5-Air")
+    GLM45V_MODEL: str = os.getenv("GLM45V_MODEL", "GLM-4.5V")
+    GLM46_MODEL: str = os.getenv("GLM46_MODEL", "GLM-4.6")
+    GLM46_THINKING_MODEL: str = os.getenv("GLM46_THINKING_MODEL", "GLM-4.6-Thinking")
+    GLM46_SEARCH_MODEL: str = os.getenv("GLM46_SEARCH_MODEL", "GLM-4.6-Search")
+    GLM46_ADVANCED_SEARCH_MODEL: str = os.getenv("GLM46_ADVANCED_SEARCH_MODEL", "GLM-4.6-advanced-search")
+
+    # Provider Model Mapping
+    @property
+    def provider_model_mapping(self) -> Dict[str, str]:
+        """模型到提供商的映射"""
+        return {
+            # Z.AI models
+            "GLM-4.5": "zai",
+            "GLM-4.5-Thinking": "zai",
+            "GLM-4.5-Search": "zai",
+            "GLM-4.5-Air": "zai",
+            "GLM-4.5V": "zai",
+            "GLM-4.6": "zai",
+            "GLM-4.6-Thinking": "zai",
+            "GLM-4.6-Search": "zai",
+            "GLM-4.6-advanced-search": "zai",
+            # K2Think models
+            "MBZUAI-IFM/K2-Think": "k2think",
+            # LongCat models
+            "LongCat-Flash": "longcat",
+            "LongCat": "longcat",
+            "LongCat-Search": "longcat",
+        }
+
+    # Server Configuration
+    LISTEN_PORT: int = int(os.getenv("LISTEN_PORT", "7860"))
+    DEBUG_LOGGING: bool = os.getenv("DEBUG_LOGGING", "true").lower() == "true"
+    SERVICE_NAME: str = os.getenv("SERVICE_NAME", "z-ai2api-server")
+    ROOT_PATH: str = os.getenv("ROOT_PATH", "")  # For Nginx reverse proxy path prefix, e.g., "/api" or "/path-prefix"
+
+    ANONYMOUS_MODE: bool = os.getenv("ANONYMOUS_MODE", "true").lower() == "true"
+    TOOL_SUPPORT: bool = os.getenv("TOOL_SUPPORT", "true").lower() == "true"
+    SCAN_LIMIT: int = int(os.getenv("SCAN_LIMIT", "200000"))
+    SKIP_AUTH_TOKEN: bool = os.getenv("SKIP_AUTH_TOKEN", "false").lower() == "true"
+
+    # LongCat Configuration
+    LONGCAT_TOKEN: Optional[str] = os.getenv("LONGCAT_TOKEN")
+
+    # Provider Configuration
+    DEFAULT_PROVIDER: str = os.getenv("DEFAULT_PROVIDER", "zai")  # 默认提供商：zai/k2think/longcat
+
+    # Admin Panel Authentication
+    ADMIN_PASSWORD: str = os.getenv("ADMIN_PASSWORD", "admin123")  # 管理后台密码
+    SESSION_SECRET_KEY: str = os.getenv("SESSION_SECRET_KEY", "your-secret-key-change-in-production")  # Session 密钥
+
+    # Browser Headers
+    CLIENT_HEADERS: Dict[str, str] = {
+        "Content-Type": "application/json",
+        "Accept": "application/json, text/event-stream",
+        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Edg/139.0.0.0",
+        "Accept-Language": "zh-CN",
+        "sec-ch-ua": '"Not;A=Brand";v="99", "Microsoft Edge";v="139", "Chromium";v="139"',
+        "sec-ch-ua-mobile": "?0",
+        "sec-ch-ua-platform": '"Windows"',
+        "X-FE-Version": "prod-fe-1.0.98",
+        "Origin": "https://chat.z.ai",
+    }
+
+    class Config:
+        env_file = ".env"
+        extra = "ignore"  # 忽略额外字段，防止环境变量中的未知字段导致验证错误
+
+
+settings = Settings()

app/core/openai.py

@@ -0,0 +1,189 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+import time
+import json
+from typing import List, Dict, Any
+from fastapi import APIRouter, Header, HTTPException
+from fastapi.responses import StreamingResponse, JSONResponse
+
+from app.core.config import settings
+from app.models.schemas import OpenAIRequest, Message, ModelsResponse, Model, OpenAIResponse, Choice, Usage
+from app.utils.logger import get_logger
+from app.providers import get_provider_router
+from app.utils.token_pool import get_token_pool
+
+logger = get_logger()
+router = APIRouter()
+
+# 全局提供商路由器实例
+provider_router = None
+
+
+def get_provider_router_instance():
+    """获取提供商路由器实例"""
+    global provider_router
+    if provider_router is None:
+        provider_router = get_provider_router()
+    return provider_router
+
+
+def create_chunk(chat_id: str, model: str, delta: Dict[str, Any], finish_reason: str = None) -> Dict[str, Any]:
+    """创建标准的 OpenAI chunk 结构"""
+    return {
+        "choices": [{
+            "delta": delta,
+            "finish_reason": finish_reason,
+            "index": 0,
+            "logprobs": None,
+        }],
+        "created": int(time.time()),
+        "id": chat_id,
+        "model": model,
+        "object": "chat.completion.chunk",
+        "system_fingerprint": "fp_zai_001",
+    }
+
+
+async def handle_non_stream_response(stream_response, request: OpenAIRequest) -> JSONResponse:
+    """处理非流式响应"""
+    logger.info("📄 开始处理非流式响应")
+
+    # 收集所有流式数据
+    full_content = []
+    async for chunk_data in stream_response():
+        if chunk_data.startswith("data: "):
+            chunk_str = chunk_data[6:].strip()
+            if chunk_str and chunk_str != "[DONE]":
+                try:
+                    chunk = json.loads(chunk_str)
+                    if "choices" in chunk and chunk["choices"]:
+                        choice = chunk["choices"][0]
+                        if "delta" in choice and "content" in choice["delta"]:
+                            content = choice["delta"]["content"]
+                            if content:
+                                full_content.append(content)
+                except json.JSONDecodeError:
+                    continue
+
+    # 构建响应
+    response_data = OpenAIResponse(
+        id=f"chatcmpl-{int(time.time())}",
+        object="chat.completion",
+        created=int(time.time()),
+        model=request.model,
+        choices=[Choice(
+            index=0,
+            message=Message(
+                role="assistant",
+                content="".join(full_content),
+                tool_calls=None
+            ),
+            finish_reason="stop"
+        )],
+        usage=Usage(
+            prompt_tokens=0,
+            completion_tokens=0,
+            total_tokens=0
+        )
+    )
+
+    logger.info("✅ 非流式响应处理完成")
+    return JSONResponse(content=response_data.model_dump(exclude_none=True))
+
+
+@router.get("/v1/models")
+@router.get("/api/v1/models")
+@router.get("/hf/v1/models")
+async def list_models():
+    """List available models from all providers"""
+    try:
+        router_instance = get_provider_router_instance()
+        models_data = router_instance.get_models_list()
+        return JSONResponse(content=models_data)
+    except Exception as e:
+        logger.error(f"❌ 获取模型列表失败: {e}")
+        # 返回默认模型列表作为后备
+        current_time = int(time.time())
+        fallback_response = ModelsResponse(
+            data=[
+                Model(id=settings.GLM46_MODEL, created=current_time, owned_by="z.ai"),
+                Model(id=settings.GLM46_THINKING_MODEL, created=current_time, owned_by="z.ai"),
+                Model(id=settings.GLM46_SEARCH_MODEL, created=current_time, owned_by="z.ai"),
+                Model(id=settings.GLM45_AIR_MODEL, created=current_time, owned_by="z.ai"),
+            ]
+        )
+        return fallback_response
+
+
+@router.post("/v1/chat/completions")
+@router.post("/api/v1/chat/completions")
+@router.post("/hf/v1/chat/completions")
+async def chat_completions(request: OpenAIRequest, authorization: str = Header(...)):
+    """Handle chat completion requests with multi-provider architecture"""
+    role = request.messages[0].role if request.messages else "unknown"
+    logger.info(f"😶‍🌫️ 收到客户端请求 - 模型: {request.model}, 流式: {request.stream}, 消息数: {len(request.messages)}, 角色: {role}, 工具数: {len(request.tools) if request.tools else 0}")
+
+    # 获取提供商信息（用于统计）
+    provider = "unknown"
+
+    try:
+        # Validate API key (skip if SKIP_AUTH_TOKEN is enabled)
+        if not settings.SKIP_AUTH_TOKEN:
+            if not authorization.startswith("Bearer "):
+                raise HTTPException(status_code=401, detail="Missing or invalid Authorization header")
+
+            api_key = authorization[7:]
+            if api_key != settings.AUTH_TOKEN:
+                raise HTTPException(status_code=401, detail="Invalid API key")
+
+        # 使用多提供商路由器处理请求
+        router_instance = get_provider_router_instance()
+
+        # 从路由器获取提供商信息
+        provider_info = router_instance.get_provider_for_model(request.model)
+        if provider_info:
+            provider = provider_info.get("provider", "unknown")
+
+        result = await router_instance.route_request(request)
+
+        # 检查是否有错误
+        if isinstance(result, dict) and "error" in result:
+            error_info = result["error"]
+
+            if error_info.get("code") == "model_not_found":
+                raise HTTPException(status_code=404, detail=error_info["message"])
+            else:
+                raise HTTPException(status_code=500, detail=error_info["message"])
+
+        # 处理响应
+        if request.stream:
+            # 流式响应
+            if hasattr(result, '__aiter__'):
+                # 结果是异步生成器
+                return StreamingResponse(
+                    result,
+                    media_type="text/event-stream",
+                    headers={
+                        "Cache-Control": "no-cache",
+                        "Connection": "keep-alive",
+                        "Access-Control-Allow-Origin": "*",
+                    }
+                )
+            else:
+                # 结果是字典，可能包含错误
+                raise HTTPException(status_code=500, detail="Expected streaming response but got non-streaming result")
+        else:
+            # 非流式响应
+            if isinstance(result, dict):
+                return JSONResponse(content=result)
+            else:
+                # 如果是异步生成器，需要收集所有内容
+                return await handle_non_stream_response(result, request)
+
+    except HTTPException as http_exc:
+        # 重新抛出 HTTP 异常
+        raise
+    except Exception as e:
+        logger.error(f"❌ 请求处理失败: {e}")
+        raise HTTPException(status_code=500, detail=f"Internal server error: {str(e)}")

app/models/__init__.py

@@ -0,0 +1,6 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from app.models import schemas
+
+__all__ = ["schemas"]

app/models/request_log.py

@@ -0,0 +1,31 @@
+"""
+请求日志数据库模型
+用于存储API请求的详细记录
+"""
+
+import os
+
+# 数据库路径 - 支持环境变量配置
+DB_PATH = os.getenv("DB_PATH", "tokens.db")  # 复用 tokens 数据库
+
+# 创建请求日志表的SQL
+SQL_CREATE_REQUEST_LOGS_TABLE = """
+CREATE TABLE IF NOT EXISTS request_logs (
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
+    timestamp DATETIME DEFAULT CURRENT_TIMESTAMP,
+    provider TEXT NOT NULL,
+    model TEXT NOT NULL,
+    success BOOLEAN NOT NULL,
+    duration REAL,
+    first_token_time REAL,
+    input_tokens INTEGER DEFAULT 0,
+    output_tokens INTEGER DEFAULT 0,
+    total_tokens INTEGER DEFAULT 0,
+    error_message TEXT,
+    created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE INDEX IF NOT EXISTS idx_request_logs_timestamp ON request_logs(timestamp);
+CREATE INDEX IF NOT EXISTS idx_request_logs_model ON request_logs(model);
+CREATE INDEX IF NOT EXISTS idx_request_logs_provider ON request_logs(provider);
+"""

app/models/schemas.py

@@ -0,0 +1,151 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from typing import Dict, List, Optional, Any, Union, Literal
+from pydantic import BaseModel
+
+
+class ImageUrl(BaseModel):
+    """Image URL model for vision content"""
+    url: str
+
+
+class ContentPart(BaseModel):
+    """Content part model for OpenAI's new content format"""
+
+    type: str
+    text: Optional[str] = None
+    image_url: Optional[ImageUrl] = None  # 添加 image_url 字段
+
+
+class Message(BaseModel):
+    """Chat message model"""
+
+    role: str
+    content: Optional[Union[str, List[ContentPart]]] = None
+    reasoning_content: Optional[str] = None
+    tool_calls: Optional[List[Dict[str, Any]]] = None
+
+
+class OpenAIRequest(BaseModel):
+    """OpenAI-compatible request model"""
+
+    model: str
+    messages: List[Message]
+    stream: Optional[bool] = False
+    temperature: Optional[float] = None
+    max_tokens: Optional[int] = None
+    tools: Optional[List[Dict[str, Any]]] = None
+    tool_choice: Optional[Any] = None
+
+
+class ModelItem(BaseModel):
+    """Model information item"""
+
+    id: str
+    name: str
+    owned_by: str
+
+
+class UpstreamRequest(BaseModel):
+    """Upstream service request model"""
+
+    stream: bool
+    model: str
+    messages: List[Message]
+    params: Dict[str, Any] = {}
+    features: Dict[str, Any] = {}
+    background_tasks: Optional[Dict[str, bool]] = None
+    chat_id: Optional[str] = None
+    id: Optional[str] = None
+    mcp_servers: Optional[List[str]] = None
+    model_item: Optional[Dict[str, Any]] = {}  # Model item dictionary
+    tools: Optional[List[Dict[str, Any]]] = None  # Add tools field for OpenAI compatibility
+    variables: Optional[Dict[str, str]] = None
+    model_config = {"protected_namespaces": ()}
+
+
+class Delta(BaseModel):
+    """Stream delta model"""
+
+    role: Optional[str] = None
+    content: Optional[str] = "" or None
+    reasoning_content: Optional[str] = None
+    tool_calls: Optional[List[Dict[str, Any]]] = None
+
+
+class Choice(BaseModel):
+    """Response choice model"""
+
+    index: int
+    message: Optional[Message] = None
+    delta: Optional[Delta] = None
+    finish_reason: Optional[str] = None
+
+
+class Usage(BaseModel):
+    """Token usage statistics"""
+
+    prompt_tokens: int = 0
+    completion_tokens: int = 0
+    total_tokens: int = 0
+
+
+class OpenAIResponse(BaseModel):
+    """OpenAI-compatible response model"""
+
+    id: str
+    object: str
+    created: int
+    model: str
+    choices: List[Choice]
+    usage: Optional[Usage] = None
+
+
+class UpstreamError(BaseModel):
+    """Upstream error model"""
+
+    detail: str
+    code: int
+
+
+class UpstreamDataInner(BaseModel):
+    """Inner upstream data model"""
+
+    error: Optional[UpstreamError] = None
+
+
+class UpstreamDataData(BaseModel):
+    """Upstream data content model"""
+
+    delta_content: str = ""
+    edit_content: str = ""
+    phase: str = ""
+    done: bool = False
+    usage: Optional[Usage] = None
+    error: Optional[UpstreamError] = None
+    inner: Optional[UpstreamDataInner] = None
+
+
+class UpstreamData(BaseModel):
+    """Upstream data model"""
+
+    type: str
+    data: UpstreamDataData
+    error: Optional[UpstreamError] = None
+
+
+class Model(BaseModel):
+    """Model information for listing"""
+
+    id: str
+    object: str = "model"
+    created: int
+    owned_by: str
+
+
+class ModelsResponse(BaseModel):
+    """Models list response model"""
+
+    object: str = "list"
+    data: List[Model]

app/models/token_db.py

@@ -0,0 +1,48 @@
+"""
+Token 数据库模型定义
+使用 SQLite 存储各提供商的 Token
+"""
+
+import os
+
+SQL_CREATE_TABLES = """
+-- Token 配置表
+CREATE TABLE IF NOT EXISTS tokens (
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
+    provider TEXT NOT NULL,              -- 提供商: zai, k2think, longcat
+    token TEXT NOT NULL UNIQUE,          -- Token 值（唯一）
+    token_type TEXT DEFAULT 'user',      -- Token 类型: user, guest, unknown
+    is_enabled BOOLEAN DEFAULT 1,        -- 是否启用
+    priority INTEGER DEFAULT 0,          -- 优先级（用于排序）
+    created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+    updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+    UNIQUE(provider, token)              -- 同一提供商内 Token 唯一
+);
+
+-- Token 使用统计表
+CREATE TABLE IF NOT EXISTS token_stats (
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
+    token_id INTEGER NOT NULL,
+    total_requests INTEGER DEFAULT 0,
+    successful_requests INTEGER DEFAULT 0,
+    failed_requests INTEGER DEFAULT 0,
+    last_success_time DATETIME,
+    last_failure_time DATETIME,
+    FOREIGN KEY (token_id) REFERENCES tokens(id) ON DELETE CASCADE
+);
+
+-- 创建索引
+CREATE INDEX IF NOT EXISTS idx_tokens_provider ON tokens(provider);
+CREATE INDEX IF NOT EXISTS idx_tokens_enabled ON tokens(is_enabled);
+CREATE INDEX IF NOT EXISTS idx_token_stats_token_id ON token_stats(token_id);
+
+-- 触发器：自动更新 updated_at
+CREATE TRIGGER IF NOT EXISTS update_tokens_timestamp
+AFTER UPDATE ON tokens
+BEGIN
+    UPDATE tokens SET updated_at = CURRENT_TIMESTAMP WHERE id = NEW.id;
+END;
+"""
+
+# 数据库文件路径 - 支持环境变量配置
+DB_PATH = os.getenv("DB_PATH", "tokens.db")

app/providers/__init__.py

@@ -0,0 +1,26 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+"""
+多提供商架构包
+提供统一的提供商接口和路由机制
+"""
+
+from app.providers.base import BaseProvider, ProviderConfig, provider_registry
+from app.providers.zai_provider import ZAIProvider
+from app.providers.k2think_provider import K2ThinkProvider
+from app.providers.longcat_provider import LongCatProvider
+from app.providers.provider_factory import ProviderFactory, ProviderRouter, get_provider_router, initialize_providers
+
+__all__ = [
+    "BaseProvider",
+    "ProviderConfig", 
+    "provider_registry",
+    "ZAIProvider",
+    "K2ThinkProvider", 
+    "LongCatProvider",
+    "ProviderFactory",
+    "ProviderRouter",
+    "get_provider_router",
+    "initialize_providers"
+]

app/providers/base.py

@@ -0,0 +1,268 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+"""
+基础提供商抽象层
+定义统一的提供商接口规范
+"""
+
+import json
+import time
+import uuid
+from abc import ABC, abstractmethod
+from typing import Dict, List, Any, Optional, AsyncGenerator, Union
+from dataclasses import dataclass
+
+from app.models.schemas import OpenAIRequest, Message
+from app.utils.logger import get_logger
+
+logger = get_logger()
+
+
+@dataclass
+class ProviderConfig:
+    """提供商配置"""
+    name: str
+    api_endpoint: str
+    timeout: int = 30
+    headers: Optional[Dict[str, str]] = None
+    extra_config: Optional[Dict[str, Any]] = None
+
+
+@dataclass
+class ProviderResponse:
+    """提供商响应"""
+    success: bool
+    content: str = ""
+    error: Optional[str] = None
+    usage: Optional[Dict[str, int]] = None
+    extra_data: Optional[Dict[str, Any]] = None
+
+
+class BaseProvider(ABC):
+    """基础提供商抽象类"""
+    
+    def __init__(self, config: ProviderConfig):
+        """初始化提供商"""
+        self.config = config
+        self.name = config.name
+        self.logger = get_logger()
+        
+    @abstractmethod
+    async def chat_completion(
+        self, 
+        request: OpenAIRequest,
+        **kwargs
+    ) -> Union[Dict[str, Any], AsyncGenerator[str, None]]:
+        """
+        聊天完成接口
+        
+        Args:
+            request: OpenAI格式的请求
+            **kwargs: 额外参数
+            
+        Returns:
+            非流式: Dict[str, Any] - OpenAI格式的响应
+            流式: AsyncGenerator[str, None] - SSE格式的流式响应
+        """
+        pass
+    
+    @abstractmethod
+    async def transform_request(self, request: OpenAIRequest) -> Dict[str, Any]:
+        """
+        转换OpenAI请求为提供商特定格式
+        
+        Args:
+            request: OpenAI格式的请求
+            
+        Returns:
+            Dict[str, Any]: 提供商特定格式的请求
+        """
+        pass
+    
+    @abstractmethod
+    async def transform_response(
+        self, 
+        response: Any, 
+        request: OpenAIRequest
+    ) -> Union[Dict[str, Any], AsyncGenerator[str, None]]:
+        """
+        转换提供商响应为OpenAI格式
+        
+        Args:
+            response: 提供商的原始响应
+            request: 原始请求（用于构造响应）
+            
+        Returns:
+            Union[Dict[str, Any], AsyncGenerator[str, None]]: OpenAI格式的响应
+        """
+        pass
+    
+    def get_supported_models(self) -> List[str]:
+        """获取支持的模型列表"""
+        return []
+    
+    def create_chat_id(self) -> str:
+        """生成聊天ID"""
+        return f"chatcmpl-{uuid.uuid4().hex}"
+    
+    def create_openai_chunk(
+        self, 
+        chat_id: str, 
+        model: str, 
+        delta: Dict[str, Any], 
+        finish_reason: Optional[str] = None
+    ) -> Dict[str, Any]:
+        """创建OpenAI格式的流式响应块"""
+        return {
+            "id": chat_id,
+            "object": "chat.completion.chunk",
+            "created": int(time.time()),
+            "model": model,
+            "choices": [{
+                "index": 0,
+                "delta": delta,
+                "finish_reason": finish_reason,
+                "logprobs": None,
+            }],
+            "system_fingerprint": f"fp_{self.name}_001",
+        }
+    
+    def create_openai_response(
+        self, 
+        chat_id: str, 
+        model: str, 
+        content: str, 
+        usage: Optional[Dict[str, int]] = None
+    ) -> Dict[str, Any]:
+        """创建OpenAI格式的非流式响应"""
+        return {
+            "id": chat_id,
+            "object": "chat.completion",
+            "created": int(time.time()),
+            "model": model,
+            "choices": [{
+                "index": 0,
+                "message": {
+                    "role": "assistant",
+                    "content": content
+                },
+                "finish_reason": "stop",
+                "logprobs": None,
+            }],
+            "usage": usage or {
+                "prompt_tokens": 0,
+                "completion_tokens": 0,
+                "total_tokens": 0
+            },
+            "system_fingerprint": f"fp_{self.name}_001",
+        }
+
+    def create_openai_response_with_reasoning(
+        self,
+        chat_id: str,
+        model: str,
+        content: str,
+        reasoning_content: str = None,
+        usage: Optional[Dict[str, int]] = None
+    ) -> Dict[str, Any]:
+        """创建包含推理内容的OpenAI格式非流式响应"""
+        message = {
+            "role": "assistant",
+            "content": content
+        }
+
+        # 只有当推理内容存在且不为空时才添加
+        if reasoning_content and reasoning_content.strip():
+            message["reasoning_content"] = reasoning_content
+
+        return {
+            "id": chat_id,
+            "object": "chat.completion",
+            "created": int(time.time()),
+            "model": model,
+            "choices": [{
+                "index": 0,
+                "message": message,
+                "finish_reason": "stop",
+                "logprobs": None,
+            }],
+            "usage": usage or {
+                "prompt_tokens": 0,
+                "completion_tokens": 0,
+                "total_tokens": 0
+            },
+            "system_fingerprint": f"fp_{self.name}_001",
+        }
+
+    async def format_sse_chunk(self, chunk: Dict[str, Any]) -> str:
+        """格式化SSE响应块"""
+        return f"data: {json.dumps(chunk, ensure_ascii=False)}\n\n"
+    
+    async def format_sse_done(self) -> str:
+        """格式化SSE结束标记"""
+        return "data: [DONE]\n\n"
+    
+    def log_request(self, request: OpenAIRequest):
+        """记录请求日志"""
+        self.logger.info(f"🔄 {self.name} 处理请求: {request.model}")
+        self.logger.debug(f"  消息数量: {len(request.messages)}")
+        self.logger.debug(f"  流式模式: {request.stream}")
+        
+    def log_response(self, success: bool, error: Optional[str] = None):
+        """记录响应日志"""
+        if success:
+            self.logger.info(f"✅ {self.name} 响应成功")
+        else:
+            self.logger.error(f"❌ {self.name} 响应失败: {error}")
+    
+    def handle_error(self, error: Exception, context: str = "") -> Dict[str, Any]:
+        """统一错误处理"""
+        error_msg = f"{self.name} {context} 错误: {str(error)}"
+        self.logger.error(error_msg)
+        
+        return {
+            "error": {
+                "message": error_msg,
+                "type": "provider_error",
+                "code": "internal_error"
+            }
+        }
+
+
+class ProviderRegistry:
+    """提供商注册表"""
+    
+    def __init__(self):
+        self._providers: Dict[str, BaseProvider] = {}
+        self._model_mapping: Dict[str, str] = {}
+    
+    def register(self, provider: BaseProvider, models: List[str]):
+        """注册提供商"""
+        self._providers[provider.name] = provider
+        for model in models:
+            self._model_mapping[model] = provider.name
+        logger.info(f"📝 注册提供商: {provider.name}, 模型: {models}")
+    
+    def get_provider(self, model: str) -> Optional[BaseProvider]:
+        """根据模型获取提供商"""
+        provider_name = self._model_mapping.get(model)
+        if provider_name:
+            return self._providers.get(provider_name)
+        return None
+    
+    def get_provider_by_name(self, name: str) -> Optional[BaseProvider]:
+        """根据名称获取提供商"""
+        return self._providers.get(name)
+    
+    def list_models(self) -> List[str]:
+        """列出所有支持的模型"""
+        return list(self._model_mapping.keys())
+    
+    def list_providers(self) -> List[str]:
+        """列出所有提供商"""
+        return list(self._providers.keys())
+
+
+# 全局提供商注册表
+provider_registry = ProviderRegistry()

app/providers/k2think_provider.py

@@ -0,0 +1,509 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+"""
+K2Think 提供商适配器
+"""
+
+import json
+import re
+import time
+import uuid
+import httpx
+from typing import Dict, List, Any, Optional, AsyncGenerator, Union
+
+from app.providers.base import BaseProvider, ProviderConfig
+from app.models.schemas import OpenAIRequest, Message
+from app.utils.logger import get_logger
+
+logger = get_logger()
+
+
+class K2ThinkProvider(BaseProvider):
+    """K2Think 提供商"""
+    
+    def __init__(self):
+        config = ProviderConfig(
+            name="k2think",
+            api_endpoint="https://www.k2think.ai/api/guest/chat/completions",
+            timeout=30,
+            headers={
+                'Accept': 'text/event-stream',
+                'Accept-Encoding': 'gzip, deflate, br, zstd',
+                'Accept-Language': 'en-US,en;q=0.9,zh-CN;q=0.8,zh;q=0.7',
+                'Content-Type': 'application/json',
+                'Origin': 'https://www.k2think.ai',
+                'Pragma': 'no-cache',
+                'Referer': 'https://www.k2think.ai/guest',
+                'Sec-Ch-Ua': '"Chromium";v="124", "Google Chrome";v="124", "Not-A.Brand";v="99"',
+                'Sec-Ch-Ua-Mobile': '?0',
+                'Sec-Ch-Ua-Platform': '"macOS"',
+                'Sec-Fetch-Dest': 'empty',
+                'Sec-Fetch-Mode': 'cors',
+                'Sec-Fetch-Site': 'same-origin',
+                'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36',
+            }
+        )
+        super().__init__(config)
+
+        # K2Think 特定配置
+        self.handshake_url = "https://www.k2think.ai/guest"
+        self.new_chat_url = "https://www.k2think.ai/api/v1/chats/guest/new"
+        
+        # 内容解析正则表达式 - 使用DOTALL标志确保.匹配换行符
+        self.reasoning_pattern = re.compile(r'<details type="reasoning"[^>]*>.*?<summary>.*?</summary>(.*?)</details>', re.DOTALL)
+        self.answer_pattern = re.compile(r'<answer>(.*?)</answer>', re.DOTALL)
+    
+    def get_supported_models(self) -> List[str]:
+        """获取支持的模型列表"""
+        return ["MBZUAI-IFM/K2-Think"]
+    
+    def parse_cookies(self, headers) -> str:
+        """解析Cookie"""
+        cookies = []
+        for key, value in headers.items():
+            if key.lower() == 'set-cookie':
+                cookies.append(value.split(';')[0])
+        return '; '.join(cookies)
+    
+    def extract_reasoning_and_answer(self, content: str) -> tuple[str, str]:
+        """提取推理内容和答案内容"""
+        if not content:
+            return "", ""
+        
+        try:
+            reasoning_match = self.reasoning_pattern.search(content)
+            reasoning = reasoning_match.group(1).strip() if reasoning_match else ""
+            
+            answer_match = self.answer_pattern.search(content)
+            answer = answer_match.group(1).strip() if answer_match else ""
+            
+            return reasoning, answer
+        except Exception as e:
+            self.logger.error(f"提取K2内容错误: {e}")
+            return "", ""
+    
+    def calculate_delta(self, previous: str, current: str) -> str:
+        """计算内容增量"""
+        if not previous:
+            return current
+        if not current or len(current) < len(previous):
+            return ""
+        return current[len(previous):]
+    
+    def parse_api_response(self, obj: Any) -> tuple[str, bool]:
+        """解析API响应"""
+        if not obj or not isinstance(obj, dict):
+            return "", False
+        
+        if obj.get("done") is True:
+            return "", True
+        
+        choices = obj.get("choices", [])
+        if choices and len(choices) > 0:
+            delta = choices[0].get("delta", {})
+            return delta.get("content", ""), False
+        
+        content = obj.get("content")
+        if isinstance(content, str):
+            return content, False
+        
+        return "", False
+    
+    async def get_k2_auth_data(self, request: OpenAIRequest) -> Dict[str, Any]:
+        """获取K2Think认证数据"""
+        # 1. 握手请求 - 使用更简单的Accept-Encoding来避免Brotli问题
+        headers_for_handshake = {**self.config.headers}
+        headers_for_handshake['Accept-Encoding'] = 'gzip, deflate'  # 移除br和zstd
+
+        async with httpx.AsyncClient() as client:
+            handshake_response = await client.get(
+                self.handshake_url,
+                headers=headers_for_handshake,
+                follow_redirects=True
+            )
+            if not handshake_response.is_success:
+                try:
+                    # 使用httpx的text属性，它会自动处理解压缩和编码
+                    error_text = handshake_response.text
+                    raise Exception(f"K2 握手失败: {handshake_response.status_code} {error_text[:200]}")
+                except Exception as e:
+                    raise Exception(f"K2 握手失败: {handshake_response.status_code}")
+            
+            initial_cookies = self.parse_cookies(handshake_response.headers)
+        
+        # 2. 准备消息
+        prepared_messages = self.prepare_k2_messages(request.messages)
+        first_user_message = next((m for m in prepared_messages if m["role"] == "user"), None)
+        if not first_user_message:
+            raise Exception("没有找到用户消息来初始化对话")
+        
+        # 3. 创建新对话
+        message_id = str(uuid.uuid4())
+        now = int(time.time() * 1000)
+        model_id = request.model or "MBZUAI-IFM/K2-Think"
+        
+        new_chat_payload = {
+            "chat": {
+                "id": "",
+                "title": "Guest Chat",
+                "models": [model_id],
+                "params": {},
+                "history": {
+                    "messages": {
+                        message_id: {
+                            "id": message_id,
+                            "parentId": None,
+                            "childrenIds": [],
+                            "role": "user",
+                            "content": first_user_message["content"],
+                            "timestamp": now // 1000,
+                            "models": [model_id]
+                        }
+                    },
+                    "currentId": message_id
+                },
+                "messages": [{
+                    "id": message_id,
+                    "parentId": None,
+                    "childrenIds": [],
+                    "role": "user",
+                    "content": first_user_message["content"],
+                    "timestamp": now // 1000,
+                    "models": [model_id]
+                }],
+                "tags": [],
+                "timestamp": now
+            }
+        }
+        
+        headers_with_cookies = {**self.config.headers, 'Cookie': initial_cookies}
+        headers_with_cookies['Accept-Encoding'] = 'gzip, deflate'  # 移除br和zstd
+
+        async with httpx.AsyncClient() as client:
+            new_chat_response = await client.post(
+                self.new_chat_url,
+                headers=headers_with_cookies,
+                json=new_chat_payload,
+                follow_redirects=True
+            )
+            if not new_chat_response.is_success:
+                try:
+                    # 使用httpx的text属性，它会自动处理解压缩和编码
+                    error_text = new_chat_response.text
+                except Exception:
+                    error_text = f"Status: {new_chat_response.status_code}"
+                raise Exception(f"K2 新对话创建失败: {new_chat_response.status_code} {error_text[:200]}")
+
+            try:
+                new_chat_data = new_chat_response.json()
+            except Exception as e:
+                # 如果JSON解析失败，尝试获取原始内容
+                try:
+                    # 使用httpx的text属性，它会自动处理解压缩和编码
+                    content_str = new_chat_response.text
+                    self.logger.debug(f"K2 响应原始内容: {content_str[:500]}")
+                    raise Exception(f"K2 响应JSON解析失败: {e}, 原始内容: {content_str[:200]}")
+                except Exception as decode_error:
+                    # 如果text也失败，尝试手动处理
+                    try:
+                        raw_bytes = new_chat_response.content
+                        content_str = raw_bytes.decode('utf-8', errors='replace')
+                        raise Exception(f"K2 响应解析失败: {e}, 手动解码内容: {content_str[:200]}")
+                    except Exception:
+                        raise Exception(f"K2 响应解析完全失败: {e}, 解码错误: {decode_error}")
+            conversation_id = new_chat_data.get("id")
+            if not conversation_id:
+                raise Exception("无法从K2 /new端点获取conversation_id")
+            
+            chat_specific_cookies = self.parse_cookies(new_chat_response.headers)
+        
+        # 4. 组合最终Cookie
+        base_cookies = [initial_cookies, chat_specific_cookies]
+        base_cookies = [c for c in base_cookies if c]
+        final_cookie = '; '.join(base_cookies) + '; guest_conversation_count=1'
+        
+        # 5. 构建最终请求载荷
+        final_payload = {
+            "stream": True,
+            "model": model_id,
+            "messages": prepared_messages,
+            "conversation_id": conversation_id,
+            "params": {}
+        }
+        
+        # 添加可选参数
+        if request.temperature is not None:
+            final_payload["params"]["temperature"] = request.temperature
+        if request.max_tokens is not None:
+            final_payload["params"]["max_tokens"] = request.max_tokens
+        
+        final_headers = {**self.config.headers, 'Cookie': final_cookie}
+        
+        return {
+            "payload": final_payload,
+            "headers": final_headers
+        }
+    
+    def prepare_k2_messages(self, messages: List[Message]) -> List[Dict[str, Any]]:
+        """准备K2Think消息格式"""
+        result = []
+        system_content = ""
+        
+        for msg in messages:
+            if msg.role == "system":
+                system_content = system_content + "\n\n" + msg.content if system_content else msg.content
+            else:
+                content = msg.content
+                if isinstance(content, list):
+                    # 处理多模态内容，提取文本
+                    text_parts = [part.text for part in content if hasattr(part, 'text') and part.text]
+                    content = "\n".join(text_parts)
+                
+                result.append({
+                    "role": msg.role,
+                    "content": content
+                })
+        
+        # 将系统消息合并到第一个用户消息中
+        if system_content:
+            first_user_idx = next((i for i, m in enumerate(result) if m["role"] == "user"), -1)
+            if first_user_idx >= 0:
+                result[first_user_idx]["content"] = f"{system_content}\n\n{result[first_user_idx]['content']}"
+            else:
+                result.insert(0, {"role": "user", "content": system_content})
+        
+        return result
+
+    async def _handle_stream_request(
+        self,
+        transformed: Dict[str, Any],
+        request: OpenAIRequest
+    ) -> AsyncGenerator[str, None]:
+        """处理流式请求 - 在client.stream上下文内直接处理"""
+        chat_id = self.create_chat_id()
+        model = transformed["model"]
+
+        # 准备请求头
+        headers_for_request = {**transformed["headers"]}
+        headers_for_request['Accept-Encoding'] = 'gzip, deflate'
+
+        self.logger.info(f"🌊 开始K2Think流式请求")
+
+        async with httpx.AsyncClient(timeout=30.0) as client:
+            async with client.stream(
+                "POST",
+                transformed["url"],
+                headers=headers_for_request,
+                json=transformed["payload"]
+            ) as response:
+                if not response.is_success:
+                    error_msg = f"K2Think API 错误: {response.status_code}"
+                    self.log_response(False, error_msg)
+                    # 对于流式响应，我们需要yield错误信息
+                    yield await self.format_sse_chunk({
+                        "error": {
+                            "message": error_msg,
+                            "type": "provider_error",
+                            "code": "api_error"
+                        }
+                    })
+                    return
+
+                # 发送初始角色块
+                yield await self.format_sse_chunk(
+                    self.create_openai_chunk(chat_id, model, {"role": "assistant"})
+                )
+
+                # 处理流式数据
+                accumulated_content = ""
+                previous_reasoning = ""
+                previous_answer = ""
+                reasoning_phase = True
+                chunk_count = 0
+
+                try:
+                    async for line in response.aiter_lines():
+                        chunk_count += 1
+                        self.logger.debug(f"📦 收到数据块 #{chunk_count}: {line[:100]}...")
+
+                        if not line.startswith("data:"):
+                            continue
+
+                        data_str = line[5:].strip()
+                        if self._is_end_marker(data_str):
+                            self.logger.debug(f"🏁 检测到结束标记: {data_str}")
+                            continue
+
+                        content = self._parse_data_string(data_str)
+                        if not content:
+                            continue
+
+                        accumulated_content = content
+                        current_reasoning, current_answer = self.extract_reasoning_and_answer(accumulated_content)
+
+                        # 处理推理阶段
+                        if reasoning_phase and current_reasoning:
+                            delta = self.calculate_delta(previous_reasoning, current_reasoning)
+                            if delta.strip():
+                                self.logger.debug(f"🧠 推理增量: {delta[:50]}...")
+                                yield await self.format_sse_chunk(
+                                    self.create_openai_chunk(chat_id, model, {"reasoning_content": delta})
+                                )
+                                previous_reasoning = current_reasoning
+
+                        # 切换到答案阶段
+                        if current_answer and reasoning_phase:
+                            reasoning_phase = False
+                            self.logger.debug("🔄 切换到答案阶段")
+                            # 发送剩余的推理内容
+                            final_reasoning_delta = self.calculate_delta(previous_reasoning, current_reasoning)
+                            if final_reasoning_delta.strip():
+                                yield await self.format_sse_chunk(
+                                    self.create_openai_chunk(chat_id, model, {"reasoning_content": final_reasoning_delta})
+                                )
+
+                        # 处理答案阶段
+                        if not reasoning_phase and current_answer:
+                            delta = self.calculate_delta(previous_answer, current_answer)
+                            if delta.strip():
+                                self.logger.debug(f"💬 答案增量: {delta[:50]}...")
+                                yield await self.format_sse_chunk(
+                                    self.create_openai_chunk(chat_id, model, {"content": delta})
+                                )
+                                previous_answer = current_answer
+
+                except Exception as e:
+                    self.logger.error(f"流式响应处理错误: {e}")
+                    yield await self.format_sse_chunk({
+                        "error": {
+                            "message": f"流式处理错误: {str(e)}",
+                            "type": "stream_error",
+                            "code": "processing_error"
+                        }
+                    })
+                    return
+
+                # 发送结束块
+                self.logger.info(f"✅ K2Think流式响应完成，共处理 {chunk_count} 个数据块")
+                yield await self.format_sse_chunk(
+                    self.create_openai_chunk(chat_id, model, {}, "stop")
+                )
+                yield await self.format_sse_done()
+
+    async def transform_request(self, request: OpenAIRequest) -> Dict[str, Any]:
+        """转换OpenAI请求为K2Think格式"""
+        self.logger.info(f"🔄 转换 OpenAI 请求到 K2Think 格式: {request.model}")
+        
+        auth_data = await self.get_k2_auth_data(request)
+        
+        return {
+            "url": self.config.api_endpoint,
+            "headers": auth_data["headers"],
+            "payload": auth_data["payload"],
+            "model": request.model
+        }
+    
+    async def chat_completion(
+        self,
+        request: OpenAIRequest
+    ) -> Union[Dict[str, Any], AsyncGenerator[str, None]]:
+        """聊天完成接口"""
+        self.log_request(request)
+
+        try:
+            # 转换请求
+            transformed = await self.transform_request(request)
+
+            # 发送请求 - 使用更兼容的压缩设置
+            headers_for_request = {**transformed["headers"]}
+            headers_for_request['Accept-Encoding'] = 'gzip, deflate'  # 移除br和zstd
+
+            if request.stream:
+                # 流式请求 - 直接在这里处理流式响应
+                return self._handle_stream_request(transformed, request)
+            else:
+                # 非流式请求 - 使用传统的 client.post()
+                async with httpx.AsyncClient(timeout=30.0) as client:
+                    response = await client.post(
+                        transformed["url"],
+                        headers=headers_for_request,
+                        json=transformed["payload"]
+                    )
+
+                    if not response.is_success:
+                        error_msg = f"K2Think API 错误: {response.status_code}"
+                        self.log_response(False, error_msg)
+                        return self.handle_error(Exception(error_msg))
+
+                    # 转换非流式响应
+                    return await self.transform_response(response, request, transformed)
+
+        except Exception as e:
+            self.log_response(False, str(e))
+            return self.handle_error(e, "请求处理")
+    
+    async def transform_response(
+        self,
+        response: httpx.Response,
+        request: OpenAIRequest,
+        transformed: Dict[str, Any]
+    ) -> Dict[str, Any]:
+        """转换K2Think响应为OpenAI格式 - 仅用于非流式请求"""
+        chat_id = self.create_chat_id()
+        model = transformed["model"]
+
+        # 流式请求现在由 _handle_stream_request 直接处理
+        # 这里只处理非流式请求
+        return await self._handle_non_stream_response(response, chat_id, model)
+
+    def _is_end_marker(self, data: str) -> bool:
+        """检查是否为结束标记"""
+        return not data or data in ["-1", "[DONE]", "DONE", "done"]
+    
+    def _parse_data_string(self, data_str: str) -> str:
+        """解析数据字符串"""
+        try:
+            obj = json.loads(data_str)
+            content, is_done = self.parse_api_response(obj)
+            return "" if is_done else content
+        except:
+            return data_str
+    
+    async def _handle_non_stream_response(
+        self,
+        response: httpx.Response,
+        chat_id: str,
+        model: str
+    ) -> Dict[str, Any]:
+        """处理K2Think非流式响应"""
+        # 聚合流式内容 - 使用httpx的aiter_lines，它���自动处理解压缩
+        final_content = ""
+
+        try:
+            # 使用aiter_lines()，httpx会自动处理压缩和编码
+            async for line in response.aiter_lines():
+                if not line.startswith("data:"):
+                    continue
+
+                data_str = line[5:].strip()
+                if self._is_end_marker(data_str):
+                    continue
+
+                content = self._parse_data_string(data_str)
+                if content:
+                    final_content = content
+
+        except Exception as e:
+            self.logger.error(f"非流式响应处理错误: {e}")
+            raise
+
+        # 提取推理内容和答案内容
+        reasoning, answer = self.extract_reasoning_and_answer(final_content)
+
+        # 清理内容格式
+        reasoning = reasoning.replace("\\n", "\n") if reasoning else ""
+        answer = answer.replace("\\n", "\n") if answer else final_content
+
+        # 创建包含推理内容的响应
+        return self.create_openai_response_with_reasoning(chat_id, model, answer, reasoning)

app/providers/longcat_provider.py

@@ -0,0 +1,466 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+"""
+LongCat 提供商适配器
+"""
+
+import json
+import time
+import httpx
+import random
+import asyncio
+from typing import Dict, List, Any, Optional, AsyncGenerator, Union
+
+from app.providers.base import BaseProvider, ProviderConfig
+from app.models.schemas import OpenAIRequest, Message
+from app.utils.logger import get_logger
+from app.utils.user_agent import get_dynamic_headers
+from app.core.config import settings
+
+logger = get_logger()
+
+
+class LongCatProvider(BaseProvider):
+    """LongCat 提供商"""
+
+    def __init__(self):
+        # 使用动态生成的 headers，不包含 User-Agent（将在请求时动态生成）
+        config = ProviderConfig(
+            name="longcat",
+            api_endpoint="https://longcat.chat/api/v1/chat-completion",
+            timeout=30,
+            headers={
+                'accept': 'text/event-stream,application/json',
+                'content-type': 'application/json',
+                'origin': 'https://longcat.chat',
+                'referer': 'https://longcat.chat/t',
+            }
+        )
+        super().__init__(config)
+        self.base_url = "https://longcat.chat"
+        self.session_create_url = f"{self.base_url}/api/v1/session-create"
+        self.session_delete_url = f"{self.base_url}/api/v1/session-delete"
+    
+    def get_supported_models(self) -> List[str]:
+        """获取支持的模型列表"""
+        return ["LongCat-Flash", "LongCat", "LongCat-Search"]
+
+    def get_passport_token(self) -> Optional[str]:
+        """获取 LongCat passport token"""
+        # 优先使用环境变量中的单个token
+        if settings.LONGCAT_TOKEN:
+            return settings.LONGCAT_TOKEN
+
+        # 从token文件中随机选择一个
+        token_list = settings.longcat_token_list
+        if token_list:
+            return random.choice(token_list)
+
+        return None
+
+    def create_headers_with_auth(self, token: str, user_agent: str, referer: str = None) -> Dict[str, str]:
+        """创建带认证的请求头"""
+        headers = {
+            "User-Agent": user_agent,
+            "Content-Type": "application/json",
+            "x-requested-with": "XMLHttpRequest",
+            "X-Client-Language": "zh",
+            "Cookie": f"passport_token_key={token}",
+            "Accept": "text/event-stream,application/json",
+            "Origin": "https://longcat.chat"
+        }
+        if referer:
+            headers["Referer"] = referer
+        else:
+            headers["Referer"] = f"{self.base_url}/"
+        return headers
+
+    async def create_session(self, token: str, user_agent: str) -> str:
+        """创建会话并返回 conversation_id"""
+        headers = self.create_headers_with_auth(token, user_agent)
+        data = {"model": "", "agentId": ""}
+
+        async with httpx.AsyncClient(timeout=30.0) as client:
+            response = await client.post(
+                self.session_create_url,
+                headers=headers,
+                json=data
+            )
+
+            if response.status_code != 200:
+                raise Exception(f"会话创建失败: {response.status_code}")
+
+            response_data = response.json()
+            if response_data.get("code") != 0:
+                raise Exception(f"会话创建错误: {response_data.get('message')}")
+
+            return response_data["data"]["conversationId"]
+
+    async def delete_session(self, conversation_id: str, token: str, user_agent: str) -> None:
+        """删除会话"""
+        try:
+            headers = self.create_headers_with_auth(
+                token,
+                user_agent,
+                f"{self.base_url}/c/{conversation_id}"
+            )
+
+            async with httpx.AsyncClient(timeout=30.0) as client:
+                url = f"{self.session_delete_url}?conversationId={conversation_id}"
+                response = await client.get(url, headers=headers)
+
+                if response.status_code == 200:
+                    self.logger.debug(f"成功删除会话 {conversation_id}")
+                else:
+                    self.logger.warning(f"删除会话失败: {response.status_code}")
+        except Exception as e:
+            self.logger.error(f"删除会话出错: {e}")
+
+    def schedule_session_deletion(self, conversation_id: str, token: str, user_agent: str):
+        """异步删除会话（不等待）"""
+        asyncio.create_task(self.delete_session(conversation_id, token, user_agent))
+
+    def format_messages_for_longcat(self, messages: List[Message]) -> str:
+        """格式化消息为 LongCat 格式"""
+        formatted_messages = []
+        for msg in messages:
+            content = msg.content
+            if isinstance(content, list):
+                # 处理多模态内容，提取文本
+                text_parts = []
+                for part in content:
+                    if hasattr(part, 'text') and part.text:
+                        text_parts.append(part.text)
+                content = "\n".join(text_parts)
+            formatted_messages.append(f"{msg.role}:{content}")
+        return ";".join(formatted_messages)
+    
+    async def transform_request(self, request: OpenAIRequest) -> Dict[str, Any]:
+        """转换OpenAI请求为LongCat格式"""
+        # 获取认证token
+        passport_token = self.get_passport_token()
+        if not passport_token:
+            raise Exception("未配置 LongCat passport token，请设置 LONGCAT_TOKEN 环境变量")
+
+        # 生成动态 User-Agent
+        dynamic_headers = get_dynamic_headers()
+        user_agent = dynamic_headers.get("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36")
+
+        # 创建会话
+        conversation_id = await self.create_session(passport_token, user_agent)
+
+        # 格式化消息内容
+        formatted_content = self.format_messages_for_longcat(request.messages)
+
+        # 构建LongCat请求载荷
+        payload = {
+            "conversationId": conversation_id,
+            "content": formatted_content,
+            "reasonEnabled": 0,
+            "searchEnabled": 1 if "search" in request.model.lower() else 0,
+            "parentMessageId": 0
+        }
+
+        # 创建带认证的请求头
+        headers = self.create_headers_with_auth(
+            passport_token,
+            user_agent,
+            f"{self.base_url}/c/{conversation_id}"
+        )
+
+        return {
+            "url": self.config.api_endpoint,
+            "headers": headers,
+            "payload": payload,
+            "model": request.model,
+            "conversation_id": conversation_id,
+            "passport_token": passport_token,
+            "user_agent": user_agent
+        }
+    
+    async def chat_completion(
+        self,
+        request: OpenAIRequest,
+        **kwargs
+    ) -> Union[Dict[str, Any], AsyncGenerator[str, None]]:
+        """聊天完成接口"""
+        self.log_request(request)
+
+        try:
+            # 转换请求
+            transformed = await self.transform_request(request)
+
+            # 发送请求
+            async with httpx.AsyncClient(timeout=30.0) as client:
+                response = await client.post(
+                    transformed["url"],
+                    headers=transformed["headers"],
+                    json=transformed["payload"]
+                )
+
+                if not response.is_success:
+                    error_msg = f"LongCat API 错误: {response.status_code}"
+                    try:
+                        error_detail = await response.atext()
+                        self.logger.error(f"❌ API 错误详情: {error_detail}")
+                    except:
+                        pass
+                    self.log_response(False, error_msg)
+                    return self.handle_error(Exception(error_msg))
+
+                # 转换响应
+                return await self.transform_response(response, request, transformed)
+
+        except Exception as e:
+            self.logger.error(f"❌ LongCat 请求处理异常: {e}")
+            self.log_response(False, str(e))
+            return self.handle_error(e, "请求处理")
+    
+    async def transform_response(
+        self,
+        response: httpx.Response,
+        request: OpenAIRequest,
+        transformed: Dict[str, Any]
+    ) -> Union[Dict[str, Any], AsyncGenerator[str, None]]:
+        """转换LongCat响应为OpenAI格式"""
+        chat_id = self.create_chat_id()
+        model = transformed["model"]
+        conversation_id = transformed["conversation_id"]
+        passport_token = transformed["passport_token"]
+        user_agent = transformed["user_agent"]
+
+        if request.stream:
+            return self._handle_stream_response(
+                response, chat_id, model, conversation_id, passport_token, user_agent
+            )
+        else:
+            return await self._handle_non_stream_response(
+                response, chat_id, model, conversation_id, passport_token, user_agent
+            )
+    
+    async def _handle_stream_response(
+        self,
+        response: httpx.Response,
+        chat_id: str,
+        model: str,
+        conversation_id: str,
+        passport_token: str,
+        user_agent: str
+    ) -> AsyncGenerator[str, None]:
+        """处理LongCat流式响应"""
+        session_deleted = False
+
+        try:
+            # 发送初始角色块
+            yield await self.format_sse_chunk(
+                self.create_openai_chunk(chat_id, model, {"role": "assistant"})
+            )
+
+            stream_finished = False
+
+            async for line in response.aiter_lines():
+                line = line.strip()
+
+                # 首先检查是否是错误响应（JSON格式但不是SSE格式）
+                if not line.startswith('data:'):
+                    # 尝试解析为JSON错误响应
+                    try:
+                        error_data = json.loads(line)
+                        if isinstance(error_data, dict) and 'code' in error_data and 'message' in error_data:
+                            # 这是一个错误响应
+                            self.logger.error(f"❌ LongCat API 返回错误: {error_data}")
+                            error_message = error_data.get('message', '未知错误')
+                            error_code = error_data.get('code', 'unknown')
+
+                            # 使用统一的错误处理函数
+                            error_exception = Exception(f"LongCat API 错误 ({error_code}): {error_message}")
+                            error_response = self.handle_error(error_exception, "API响应")
+
+                            # 发送错误响应块
+                            yield await self.format_sse_chunk(error_response)
+                            yield await self.format_sse_done()
+
+                            # 清理会话
+                            if not session_deleted:
+                                self.schedule_session_deletion(conversation_id, passport_token, user_agent)
+                                session_deleted = True
+                            return
+                    except json.JSONDecodeError:
+                        # 不是JSON，跳过这行
+                        continue
+
+                    # 如果不是错误响应，跳过
+                    continue
+
+                data_str = line[5:].strip()
+                if data_str == '[DONE]':
+                    # 如果还没有发送完成块，发送一个
+                    if not stream_finished:
+                        yield await self.format_sse_chunk(
+                            self.create_openai_chunk(chat_id, model, {}, "stop")
+                        )
+                    yield await self.format_sse_done()
+
+                    # 清理会话
+                    if not session_deleted:
+                        self.schedule_session_deletion(conversation_id, passport_token, user_agent)
+                        session_deleted = True
+                    break
+
+                try:
+                    longcat_data = json.loads(data_str)
+
+                    # 获取 delta 内容
+                    choices = longcat_data.get("choices", [])
+                    if not choices:
+                        continue
+
+                    delta = choices[0].get("delta", {})
+                    content = delta.get("content")
+                    finish_reason = choices[0].get("finishReason")
+
+                    # 只有当内容不为空时才发送内容块
+                    if content is not None and content != "":
+                        openai_chunk = self.create_openai_chunk(
+                            chat_id,
+                            model,
+                            {"content": content}
+                        )
+                        yield await self.format_sse_chunk(openai_chunk)
+
+                    # 检查是否为流的结束
+                    # LongCat 使用 lastOne=true 来标识最后一个块
+                    if longcat_data.get("lastOne") and not stream_finished:
+                        yield await self.format_sse_chunk(
+                            self.create_openai_chunk(chat_id, model, {}, "stop")
+                        )
+                        yield await self.format_sse_done()
+                        stream_finished = True
+
+                        # 清理会话
+                        if not session_deleted:
+                            self.schedule_session_deletion(conversation_id, passport_token, user_agent)
+                            session_deleted = True
+                        break
+
+                    # 备用检查：如果有 finishReason 但没有 lastOne，也可能是结束
+                    elif finish_reason == "stop" and longcat_data.get("contentStatus") == "FINISHED" and not stream_finished:
+                        yield await self.format_sse_chunk(
+                            self.create_openai_chunk(chat_id, model, {}, "stop")
+                        )
+                        yield await self.format_sse_done()
+                        stream_finished = True
+
+                        # 清理会话
+                        if not session_deleted:
+                            self.schedule_session_deletion(conversation_id, passport_token, user_agent)
+                            session_deleted = True
+                        break
+
+                except json.JSONDecodeError as e:
+                    self.logger.error(f"❌ 解析LongCat流数据错误: {e}")
+                    continue
+                except Exception as e:
+                    self.logger.error(f"❌ 处理LongCat流数据错误: {e}")
+                    continue
+
+        except Exception as e:
+            self.logger.error(f"❌ LongCat流处理错误: {e}")
+            # 发送错误结束块（只有在还没有结束的情况下）
+            if not stream_finished:
+                yield await self.format_sse_chunk(
+                    self.create_openai_chunk(chat_id, model, {}, "stop")
+                )
+                yield await self.format_sse_done()
+        finally:
+            # 确保会话被清理
+            if not session_deleted:
+                self.schedule_session_deletion(conversation_id, passport_token, user_agent)
+    
+    async def _handle_non_stream_response(
+        self,
+        response: httpx.Response,
+        chat_id: str,
+        model: str,
+        conversation_id: str,
+        passport_token: str,
+        user_agent: str
+    ) -> Dict[str, Any]:
+        """处理LongCat非流式响应"""
+        full_content = ""
+        usage_info = {
+            "prompt_tokens": 0,
+            "completion_tokens": 0,
+            "total_tokens": 0
+        }
+
+        try:
+            async for line in response.aiter_lines():
+                line = line.strip()
+                if not line.startswith('data:'):
+                    # 检查是否是错误响应
+                    try:
+                        error_data = json.loads(line)
+                        if isinstance(error_data, dict) and 'code' in error_data and 'message' in error_data:
+                            # 这是一个错误响应
+                            self.logger.error(f"❌ LongCat API 返回错误: {error_data}")
+                            error_message = error_data.get('message', '未知错误')
+                            error_code = error_data.get('code', 'unknown')
+
+                            # 使用统一的错误处理函数
+                            error_exception = Exception(f"LongCat API 错误 ({error_code}): {error_message}")
+
+                            # 清理会话
+                            self.schedule_session_deletion(conversation_id, passport_token, user_agent)
+
+                            return self.handle_error(error_exception, "API响应")
+                    except json.JSONDecodeError:
+                        # 不是JSON，跳过这行
+                        pass
+                    continue
+
+                data_str = line[5:].strip()
+                if data_str == '[DONE]':
+                    break
+
+                try:
+                    chunk = json.loads(data_str)
+
+                    # 提取内容 - 只有当内容不为空时才添加
+                    choices = chunk.get("choices", [])
+                    if choices:
+                        delta = choices[0].get("delta", {})
+                        content = delta.get("content")
+                        if content is not None and content != "":
+                            full_content += content
+
+                    # 提取使用信息（通常在最后的块中）
+                    if chunk.get("tokenInfo"):
+                        token_info = chunk["tokenInfo"]
+                        usage_info = {
+                            "prompt_tokens": token_info.get("promptTokens", 0),
+                            "completion_tokens": token_info.get("completionTokens", 0),
+                            "total_tokens": token_info.get("totalTokens", 0)
+                        }
+
+                    # 如果是最后一个块，可以提前结束
+                    if chunk.get("lastOne"):
+                        break
+
+                except json.JSONDecodeError:
+                    continue
+
+        except Exception as e:
+            self.logger.error(f"❌ 处理LongCat非流式响应错误: {e}")
+            full_content = "处理响应时发生错误"
+        finally:
+            # 清理会话
+            self.schedule_session_deletion(conversation_id, passport_token, user_agent)
+
+        return self.create_openai_response(
+            chat_id,
+            model,
+            full_content.strip(),
+            usage_info
+        )

app/providers/provider_factory.py

@@ -0,0 +1,208 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+"""
+提供商工厂和路由机制
+负责根据模型名称自动选择合适的提供商
+"""
+
+import time
+from typing import Dict, List, Optional, Union, AsyncGenerator, Any
+from app.providers.base import BaseProvider, provider_registry
+from app.providers.zai_provider import ZAIProvider
+from app.providers.k2think_provider import K2ThinkProvider
+from app.providers.longcat_provider import LongCatProvider
+from app.models.schemas import OpenAIRequest
+from app.core.config import settings
+from app.utils.logger import get_logger
+
+logger = get_logger()
+
+
+class ProviderFactory:
+    """提供商工厂"""
+    
+    def __init__(self):
+        self._initialized = False
+        self._default_provider = "zai"
+    
+    def initialize(self):
+        """初始化所有提供商"""
+        if self._initialized:
+            return
+
+        try:
+            # 注册 Z.AI 提供商
+            zai_provider = ZAIProvider()
+            provider_registry.register(
+                zai_provider, 
+                zai_provider.get_supported_models()
+            )
+            
+            # 注册 K2Think 提供商
+            k2think_provider = K2ThinkProvider()
+            provider_registry.register(
+                k2think_provider,
+                k2think_provider.get_supported_models()
+            )
+            
+            # 注册 LongCat 提供商
+            longcat_provider = LongCatProvider()
+            provider_registry.register(
+                longcat_provider,
+                longcat_provider.get_supported_models()
+            )
+            
+            self._initialized = True
+            
+        except Exception as e:
+            logger.error(f"❌ 提供商工厂初始化失败: {e}")
+            raise
+    
+    def get_provider_for_model(self, model: str) -> Optional[BaseProvider]:
+        """根据模型名称获取提供商"""
+        if not self._initialized:
+            self.initialize()
+        
+        # 首先尝试从配置的映射中获取
+        provider_mapping = settings.provider_model_mapping
+        provider_name = provider_mapping.get(model)
+        
+        if provider_name:
+            provider = provider_registry.get_provider_by_name(provider_name)
+            if provider:
+                logger.debug(f"🎯 模型 {model} 映射到提供商 {provider_name}")
+                return provider
+        
+        # 尝试从注册表中直接获取
+        provider = provider_registry.get_provider(model)
+        if provider:
+            logger.debug(f"🎯 模型 {model} 找到提供商 {provider.name}")
+            return provider
+        
+        # 使用默认提供商
+        default_provider = provider_registry.get_provider_by_name(self._default_provider)
+        if default_provider:
+            logger.warning(f"⚠️ 模型 {model} 未找到专用提供商，使用默认提供商 {self._default_provider}")
+            return default_provider
+        
+        logger.error(f"❌ 无法为模型 {model} 找到任何提供商")
+        return None
+    
+    def list_supported_models(self) -> List[str]:
+        """列出所有支持的模型"""
+        if not self._initialized:
+            self.initialize()
+        return provider_registry.list_models()
+    
+    def list_providers(self) -> List[str]:
+        """列出所有提供商"""
+        if not self._initialized:
+            self.initialize()
+        return provider_registry.list_providers()
+    
+    def get_models_for_provider(self, provider_name: str) -> List[str]:
+        """获取指定提供商支持的模型"""
+        if not self._initialized:
+            self.initialize()
+        
+        provider = provider_registry.get_provider_by_name(provider_name)
+        if provider:
+            return provider.get_supported_models()
+        return []
+
+
+class ProviderRouter:
+    """提供商路由器"""
+    
+    def __init__(self):
+        self.factory = ProviderFactory()
+    
+    async def route_request(
+        self, 
+        request: OpenAIRequest,
+        **kwargs
+    ) -> Union[Dict[str, Any], AsyncGenerator[str, None]]:
+        """路由请求到合适的提供商"""
+        logger.info(f"🚦 路由请求: 模型={request.model}, 流式={request.stream}")
+        
+        # 获取提供商
+        provider = self.factory.get_provider_for_model(request.model)
+        if not provider:
+            error_msg = f"不支持的模型: {request.model}"
+            logger.error(f"❌ {error_msg}")
+            return {
+                "error": {
+                    "message": error_msg,
+                    "type": "invalid_request_error",
+                    "code": "model_not_found"
+                }
+            }
+        
+        logger.info(f"✅ 使用提供商: {provider.name}")
+        
+        try:
+            # 调用提供商处理请求
+            result = await provider.chat_completion(request, **kwargs)
+            logger.info(f"🎉 请求处理��成: {provider.name}")
+            return result
+            
+        except Exception as e:
+            error_msg = f"提供商 {provider.name} 处理请求失败: {str(e)}"
+            logger.error(f"❌ {error_msg}")
+            return provider.handle_error(e, "路由处理")
+    
+    def get_provider_for_model(self, model: str) -> Optional[Dict[str, str]]:
+        """
+        获取模型对应的提供商信息
+
+        Returns:
+            包含提供商名称的字典，例如 {"provider": "zai"}
+        """
+        provider = self.factory.get_provider_for_model(model)
+        if provider:
+            return {"provider": provider.name}
+        return None
+
+    def get_models_list(self) -> Dict[str, Any]:
+        """获取模型列表（OpenAI格式）"""
+        models = []
+        current_time = int(time.time())
+
+        # 按提供商分组获取模型
+        for provider_name in self.factory.list_providers():
+            provider_models = self.factory.get_models_for_provider(provider_name)
+            for model in provider_models:
+                models.append({
+                    "id": model,
+                    "object": "model",
+                    "created": current_time,
+                    "owned_by": provider_name
+                })
+
+        return {
+            "object": "list",
+            "data": models
+        }
+
+
+# 全局路由器实例
+_router: Optional[ProviderRouter] = None
+
+
+def get_provider_router() -> ProviderRouter:
+    """获取全局提供商路由器"""
+    global _router
+    if _router is None:
+        _router = ProviderRouter()
+        # 确保工厂已初始化
+        _router.factory.initialize()
+    return _router
+
+
+def initialize_providers():
+    """初始化提供商系统"""
+    logger.info("🚀 初始化提供商系统...")
+    router = get_provider_router()
+    logger.info("✅ 提供商系统初始化完成")
+    return router

app/providers/zai_provider.py

@@ -0,0 +1,1152 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+"""
+Z.AI 提供商适配器
+"""
+
+import json
+import time
+import uuid
+import httpx
+import hmac
+import hashlib
+import base64
+from urllib.parse import urlencode
+import os
+import uuid
+import random
+from datetime import datetime
+from typing import Dict, List, Any, Optional, AsyncGenerator, Union
+from app.utils.user_agent import get_random_user_agent
+from app.providers.base import BaseProvider, ProviderConfig
+from app.models.schemas import OpenAIRequest, Message
+from app.core.config import settings
+from app.utils.logger import get_logger
+from app.utils.token_pool import get_token_pool
+from app.utils.tool_call_handler import (
+    process_messages_with_tools,
+    parse_and_extract_tool_calls,
+)
+
+logger = get_logger()
+
+def generate_uuid() -> str:
+    """生成UUID v4"""
+    return str(uuid.uuid4())
+
+def get_zai_dynamic_headers(chat_id: str = "") -> Dict[str, str]:
+    """生成 Z.AI 特定的动态浏览器 headers"""
+    browser_choices = ["chrome", "chrome", "chrome", "edge", "edge", "firefox", "safari"]
+    browser_type = random.choice(browser_choices)
+    user_agent = get_random_user_agent(browser_type)
+
+    chrome_version = "139"
+    edge_version = "139"
+
+    if "Chrome/" in user_agent:
+        try:
+            chrome_version = user_agent.split("Chrome/")[1].split(".")[0]
+        except:
+            pass
+
+    if "Edg/" in user_agent:
+        try:
+            edge_version = user_agent.split("Edg/")[1].split(".")[0]
+            sec_ch_ua = f'"Microsoft Edge";v="{edge_version}", "Chromium";v="{chrome_version}", "Not_A Brand";v="24"'
+        except:
+            sec_ch_ua = f'"Not_A Brand";v="8", "Chromium";v="{chrome_version}", "Google Chrome";v="{chrome_version}"'
+    elif "Firefox/" in user_agent:
+        sec_ch_ua = None
+    else:
+        sec_ch_ua = f'"Not_A Brand";v="8", "Chromium";v="{chrome_version}", "Google Chrome";v="{chrome_version}"'
+
+    headers = {
+        "Content-Type": "application/json",
+        "Accept": "application/json, text/event-stream",
+        "Connection": "keep-alive",
+        "Cache-Control": "no-cache",
+        "User-Agent": user_agent,
+        "Accept-Language": "zh-CN,zh;q=0.9,en;q=0.8",
+        "X-FE-Version": "prod-fe-1.0.98",
+        "Origin": "https://chat.z.ai",
+    }
+
+    if sec_ch_ua:
+        headers["sec-ch-ua"] = sec_ch_ua
+        headers["sec-ch-ua-mobile"] = "?0"
+        headers["sec-ch-ua-platform"] = '"Windows"'
+
+    if chat_id:
+        headers["Referer"] = f"https://chat.z.ai/c/{chat_id}"
+    else:
+        headers["Referer"] = "https://chat.z.ai/"
+
+    return headers
+
+def _urlsafe_b64decode(data: str) -> bytes:
+    """Decode a URL-safe base64 string with proper padding."""
+    if isinstance(data, str):
+        data_bytes = data.encode("utf-8")
+    else:
+        data_bytes = data
+    padding = b"=" * (-len(data_bytes) % 4)
+    return base64.urlsafe_b64decode(data_bytes + padding)
+
+
+def _decode_jwt_payload(token: str) -> Dict[str, Any]:
+    """Decode JWT payload without verification to extract metadata."""
+    try:
+        parts = token.split(".")
+        if len(parts) < 2:
+            return {}
+        payload_raw = _urlsafe_b64decode(parts[1])
+        return json.loads(payload_raw.decode("utf-8", errors="ignore"))
+    except Exception:
+        return {}
+
+
+def _extract_user_id_from_token(token: str) -> str:
+    """Extract user_id from a JWT's payload. Fallback to 'guest'."""
+    payload = _decode_jwt_payload(token) if token else {}
+    for key in ("id", "user_id", "uid", "sub"):
+        val = payload.get(key)
+        if isinstance(val, (str, int)) and str(val):
+            return str(val)
+    return "guest"
+
+
+def generate_signature(message_text: str, request_id: str, timestamp_ms: int, user_id: str, secret: str = "junjie") -> str:
+    """Dual-layer HMAC-SHA256 signature.
+
+    Layer1: derived key = HMAC(secret, window_index)
+    Layer2: signature = HMAC(derived_key, canonical_string)
+    canonical_string = "requestId,<id>,timestamp,<ts>,user_id,<uid>|<msg>|<ts>"
+    """
+    r = str(timestamp_ms)
+    e = f"requestId,{request_id},timestamp,{timestamp_ms},user_id,{user_id}"
+    t = message_text or ""
+    # Add content_base64 processing for new signature algorithm
+    content_base64 = base64.b64encode(t.encode('utf-8')).decode('ascii')
+    i = f"{e}|{content_base64}|{r}"
+
+    window_index = timestamp_ms // (5 * 60 * 1000)
+    root_key = (secret or "junjie").encode("utf-8")
+    derived_hex = hmac.new(root_key, str(window_index).encode("utf-8"), hashlib.sha256).hexdigest()
+    signature = hmac.new(derived_hex.encode("utf-8"), i.encode("utf-8"), hashlib.sha256).hexdigest()
+    return signature
+
+
+class ZAIProvider(BaseProvider):
+    """Z.AI 提供商"""
+    
+    def __init__(self):
+        config = ProviderConfig(
+            name="zai",
+            api_endpoint=settings.API_ENDPOINT,
+            timeout=30,
+            headers=get_zai_dynamic_headers()
+        )
+        super().__init__(config)
+        
+        # Z.AI 特定配置
+        self.base_url = "https://chat.z.ai"
+        self.auth_url = f"{self.base_url}/api/v1/auths/"
+        
+        # 模型映射
+        self.model_mapping = {
+            settings.GLM45_MODEL: "0727-360B-API",  # GLM-4.5
+            settings.GLM45_THINKING_MODEL: "0727-360B-API",  # GLM-4.5-Thinking
+            settings.GLM45_SEARCH_MODEL: "0727-360B-API",  # GLM-4.5-Search
+            settings.GLM45_AIR_MODEL: "0727-106B-API",  # GLM-4.5-Air
+            settings.GLM45V_MODEL: "glm-4.5v",  # GLM-4.5V多模态
+            settings.GLM46_MODEL: "GLM-4-6-API-V1",  # GLM-4.6
+            settings.GLM46_THINKING_MODEL: "GLM-4-6-API-V1",  # GLM-4.6-Thinking
+            settings.GLM46_SEARCH_MODEL: "GLM-4-6-API-V1",  # GLM-4.6-Search
+            settings.GLM46_ADVANCED_SEARCH_MODEL: "GLM-4-6-API-V1",  # GLM-4.6-advanced-search
+        }
+    
+    def get_supported_models(self) -> List[str]:
+        """获取支持的模型列表"""
+        return [
+            settings.GLM45_MODEL,
+            settings.GLM45_THINKING_MODEL,
+            settings.GLM45_SEARCH_MODEL,
+            settings.GLM45_AIR_MODEL,
+            settings.GLM45V_MODEL,
+            settings.GLM46_MODEL,
+            settings.GLM46_THINKING_MODEL,
+            settings.GLM46_SEARCH_MODEL,
+            settings.GLM46_ADVANCED_SEARCH_MODEL,
+        ]
+    
+    async def get_token(self) -> str:
+        """获取认证令牌"""
+        # 如果启用匿名模式，只尝试获取访客令牌
+        if settings.ANONYMOUS_MODE:
+            try:
+                headers = get_zai_dynamic_headers()
+                async with httpx.AsyncClient() as client:
+                    response = await client.get(self.auth_url, headers=headers, timeout=10.0)
+                    if response.status_code == 200:
+                        data = response.json()
+                        token = data.get("token", "")
+                        if token:
+                            # 判断令牌类型（通过检查邮箱或user_id）
+                            email = data.get("email", "")
+                            is_guest = "@guest.com" in email or "Guest-" in email
+                            token_type = "匿名用户" if is_guest else "认证用户"
+                            self.logger.debug(f"获取令牌成功 ({token_type}): {token[:20]}...")
+                            return token
+            except Exception as e:
+                self.logger.warning(f"异步获取访客令牌失败: {e}")
+
+            # 匿名模式下，如果获取访客令牌失败，直接返回空
+            self.logger.error("❌ 匿名模式下获取访客令牌失败")
+            return ""
+
+        # 非匿名模式：首先使用token池获取备份令牌
+        token_pool = get_token_pool()
+        if token_pool:
+            token = token_pool.get_next_token()
+            if token:
+                self.logger.debug(f"从token池获取令牌: {token[:20]}...")
+                return token
+
+        # 如果token池为空或没有可用token，使用配置的AUTH_TOKEN
+        if settings.AUTH_TOKEN and settings.AUTH_TOKEN != "sk-your-api-key":
+            self.logger.debug(f"使用配置的AUTH_TOKEN")
+            return settings.AUTH_TOKEN
+
+        self.logger.error("❌ 无法获取有效的认证令牌")
+        return ""
+    
+    def mark_token_failure(self, token: str, error: Exception = None):
+        """标记token使用失败"""
+        token_pool = get_token_pool()
+        if token_pool:
+            token_pool.mark_token_failure(token, error)
+
+    async def upload_image(self, data_url: str, chat_id: str, token: str, user_id: str) -> Optional[Dict]:
+        """上传 base64 编码的图片到 Z.AI 服务器
+
+        Args:
+            data_url: data:image/xxx;base64,... 格式的图片数据
+            chat_id: 当前对话ID
+            token: 认证令牌
+            user_id: 用户ID
+
+        Returns:
+            上传成功返回完整的文件信息字典，失败返回None
+        """
+        if settings.ANONYMOUS_MODE or not data_url.startswith("data:"):
+            return None
+
+        try:
+            # 解析 data URL
+            header, encoded = data_url.split(",", 1)
+            mime_type = header.split(";")[0].split(":")[1] if ":" in header else "image/jpeg"
+
+            # 解码 base64 数据
+            image_data = base64.b64decode(encoded)
+            filename = str(uuid.uuid4())
+
+            self.logger.debug(f"📤 上传图片: {filename}, 大小: {len(image_data)} bytes")
+
+            # 构建上传请求 - 使用简化的请求头配置
+            upload_url = f"{self.base_url}/api/v1/files/"
+            headers = {
+                "Accept": "*/*",
+                "Accept-Language": "zh-CN,zh;q=0.9",
+                "Cache-Control": "no-cache",
+                "Connection": "keep-alive",
+                "Origin": f"{self.base_url}",
+                "Pragma": "no-cache",
+                "Referer": f"{self.base_url}/c/{chat_id}",
+                "Sec-Ch-Ua": '"Microsoft Edge";v="141", "Not?A_Brand";v="8", "Chromium";v="141"',
+                "Sec-Ch-Ua-Mobile": "?0",
+                "Sec-Ch-Ua-Platform": '"Windows"',
+                "Sec-Fetch-Dest": "empty",
+                "Sec-Fetch-Mode": "cors",
+                "Sec-Fetch-Site": "same-origin",
+                "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 Edg/141.0.0.0",
+                "Authorization": f"Bearer {token}",
+            }
+
+            # 使用 httpx 上传文件
+            async with httpx.AsyncClient(timeout=30.0) as client:
+                files = {
+                    "file": (filename, image_data, mime_type)
+                }
+                response = await client.post(upload_url, files=files, headers=headers)
+
+                if response.status_code == 200:
+                    result = response.json()
+                    file_id = result.get("id")
+                    file_name = result.get("filename")
+                    file_size = len(image_data)
+
+                    self.logger.info(f"✅ 图片上传成功: {file_id}_{file_name}")
+
+                    # 返回符合 Z.AI 格式的文件信息
+                    current_timestamp = int(time.time())
+                    return {
+                        "type": "image",
+                        "file": {
+                            "id": file_id,
+                            "user_id": user_id,
+                            "hash": None,
+                            "filename": file_name,
+                            "data": {},
+                            "meta": {
+                                "name": file_name,
+                                "content_type": mime_type,
+                                "size": file_size,
+                                "data": {},
+                            },
+                            "created_at": current_timestamp,
+                            "updated_at": current_timestamp
+                        },
+                        "id": file_id,
+                        "url": f"/api/v1/files/{file_id}/content",
+                        "name": file_name,
+                        "status": "uploaded",
+                        "size": file_size,
+                        "error": "",
+                        "itemId": str(uuid.uuid4()),
+                        "media": "image"
+                    }
+                else:
+                    self.logger.error(f"❌ 图片上传失败: {response.status_code} - {response.text}")
+                    return None
+
+        except Exception as e:
+            self.logger.error(f"❌ 图片上传异常: {e}")
+            return None
+
+    async def transform_request(self, request: OpenAIRequest) -> Dict[str, Any]:
+        """转换OpenAI请求为Z.AI格式"""
+        self.logger.info(f"🔄 转换 OpenAI 请求到 Z.AI 格式: {request.model}")
+
+        # 获取认证令牌
+        token = await self.get_token()
+        user_id = _extract_user_id_from_token(token)
+
+        # 生成 chat_id（用于图片上传）
+        chat_id = generate_uuid()
+
+        # 处理消息格式 - Z.AI 使用单独的 files 字段传递图片
+        messages = []
+        files = []  # 存储上传的图片文件信息
+
+        for msg in request.messages:
+            if isinstance(msg.content, str):
+                # 纯文本消息
+                messages.append({
+                    "role": msg.role,
+                    "content": msg.content
+                })
+            elif isinstance(msg.content, list):
+                # 多模态内容：分离文本和图片
+                text_parts = []
+                image_parts = []  # 存储图片引用
+
+                for part in msg.content:
+                    if hasattr(part, 'type'):
+                        if part.type == 'text' and hasattr(part, 'text'):
+                            # 文本部分
+                            text_parts.append(part.text or '')
+                        elif part.type == 'image_url' and hasattr(part, 'image_url'):
+                            # 图片部分 - 提取并上传
+                            image_url = None
+                            if hasattr(part.image_url, 'url'):
+                                image_url = part.image_url.url
+                            elif isinstance(part.image_url, dict) and 'url' in part.image_url:
+                                image_url = part.image_url['url']
+
+                            if image_url:
+                                self.logger.debug(f"✅ 检测到图片: {image_url[:50]}...")
+
+                                # 如果是 base64 编码的图片，上传并添加到 files 数组
+                                if image_url.startswith("data:") and not settings.ANONYMOUS_MODE:
+                                    self.logger.info(f"🔄 上传 base64 图片到 Z.AI 服务器")
+                                    file_info = await self.upload_image(image_url, chat_id, token, user_id)
+
+                                    if file_info:
+                                        files.append(file_info)
+                                        self.logger.info(f"✅ 图片已添加到 files 数组")
+
+                                        # 在消息中保留图片引用
+                                        image_ref = f"{file_info['id']}_{file_info['name']}"
+                                        image_parts.append({
+                                            "type": "image_url",
+                                            "image_url": {
+                                                "url": image_ref
+                                            }
+                                        })
+                                        self.logger.debug(f"📎 图片引用: {image_ref}")
+                                    else:
+                                        # 上传失败，添加错误提示
+                                        self.logger.warning(f"⚠️ 图片上传失败")
+                                        text_parts.append("[系统提示: 图片上传失败]")
+                                else:
+                                    # 非 base64 图片或匿名模式，直接使用原URL
+                                    if not settings.ANONYMOUS_MODE:
+                                        self.logger.warning(f"⚠️ 非 base64 图片或匿名模式，保留原始URL")
+                                    image_parts.append({
+                                        "type": "image_url",
+                                        "image_url": {"url": image_url}
+                                    })
+                    elif isinstance(part, dict):
+                        # 直接是字典格式的内容
+                        if part.get('type') == 'text':
+                            text_parts.append(part.get('text', ''))
+                        elif part.get('type') == 'image_url':
+                            image_url = part.get('image_url', {}).get('url', '')
+                            if image_url:
+                                self.logger.debug(f"✅ 检测到图片: {image_url[:50]}...")
+
+                                # 如果是 base64 编码的图片，上传并添加到 files 数组
+                                if image_url.startswith("data:") and not settings.ANONYMOUS_MODE:
+                                    self.logger.info(f"🔄 上传 base64 图片到 Z.AI 服务器")
+                                    file_info = await self.upload_image(image_url, chat_id, token, user_id)
+
+                                    if file_info:
+                                        files.append(file_info)
+                                        self.logger.info(f"✅ 图片已添加到 files 数组")
+
+                                        # 在消息中保留图片引用
+                                        image_ref = f"{file_info['id']}_{file_info['name']}"
+                                        image_parts.append({
+                                            "type": "image_url",
+                                            "image_url": {
+                                                "url": image_ref
+                                            }
+                                        })
+                                        self.logger.debug(f"📎 图片引用: {image_ref}")
+                                    else:
+                                        # 上传失败，添加错误提示
+                                        self.logger.warning(f"⚠️ 图片上传失败")
+                                        text_parts.append("[系统提示: 图片上传失败]")
+                                else:
+                                    # 非 base64 图片或匿名模式
+                                    if not settings.ANONYMOUS_MODE:
+                                        self.logger.warning(f"⚠️ 非 base64 图片或匿名模式，保留原始URL")
+                                    image_parts.append({
+                                        "type": "image_url",
+                                        "image_url": {"url": image_url}
+                                    })
+                    elif isinstance(part, str):
+                        # 纯字符串部分
+                        text_parts.append(part)
+
+                # 构建多模态消息内容
+                message_content = []
+
+                # 添加文本部分
+                combined_text = " ".join(text_parts).strip()
+                if combined_text:
+                    message_content.append({
+                        "type": "text",
+                        "text": combined_text
+                    })
+
+                # 添加图片部分（保持图片引用在消息中）
+                message_content.extend(image_parts)
+
+                # 只有在有内容时才添加消息
+                if message_content:
+                    messages.append({
+                        "role": msg.role,
+                        "content": message_content  # ✅ 多模态内容数组
+                    })
+        
+        # 确定请求的模型特性
+        # Extract last user message text for signing (提取最后一条用户消息的文本用于签名)
+        last_user_text = ""
+        for m in reversed(messages):
+            if m.get("role") == "user":
+                content = m.get("content")
+                if isinstance(content, str):
+                    # 纯文本消息
+                    last_user_text = content
+                    break
+                elif isinstance(content, list):
+                    # 多模态消息：只提取文本部分用于签名
+                    texts = [p.get("text", "") for p in content if isinstance(p, dict) and p.get("type") == "text"]
+                    last_user_text = " ".join([t for t in texts if t]).strip()
+                    break
+        requested_model = request.model
+        is_thinking = "-thinking" in requested_model.casefold()
+        is_search = "-search" in requested_model.casefold()
+        is_advanced_search = requested_model == settings.GLM46_ADVANCED_SEARCH_MODEL
+        is_air = "-air" in requested_model.casefold()
+
+        # 获取上游模型ID
+        upstream_model_id = self.model_mapping.get(requested_model, "0727-360B-API")
+
+        # ⚠️ 重要：在构建 body 之前处理工具调用！
+        # 处理工具支持 - 使用提示词注入方式
+        if settings.TOOL_SUPPORT and not is_thinking and request.tools:
+            tool_choice = getattr(request, 'tool_choice', 'auto') or 'auto'
+            messages = process_messages_with_tools(
+                messages=messages,
+                tools=request.tools,
+                tool_choice=tool_choice
+            )
+            self.logger.info(f"🔧 工具调用已通过提示词注入: {len(request.tools)} 个工具")
+
+        # 构建MCP服务器列表
+        mcp_servers = []
+        if is_advanced_search:
+            mcp_servers.append("advanced-search")
+            self.logger.info("🔍 检测到高级搜索模型，添加 advanced-search MCP 服务器")
+        elif is_search and "-4.5" in requested_model:
+            mcp_servers.append("deep-web-search")
+            self.logger.info("🔍 检测到搜索模型，添加 deep-web-search MCP 服务器")
+
+        # 构建上游请求体（chat_id 已在前面生成）
+
+        body = {
+            "stream": True,  # 总是使用流式
+            "model": upstream_model_id,
+            "messages": messages,  # ✅ messages 已经包含工具提示词
+            "signature_prompt": last_user_text,  # 用于签名的最后一条用户消息
+            "files": files,  # 图片文件数组
+            "params": {},
+            "features": {
+                "image_generation": False,
+                "web_search": is_search or is_advanced_search,
+                "auto_web_search": is_search or is_advanced_search,
+                "preview_mode": is_search or is_advanced_search,
+                "flags": [],
+                "features": [
+                    {
+                        "type": "mcp",
+                        "server": "vibe-coding",
+                        "status": "hidden"
+                    },
+                    {
+                        "type": "mcp",
+                        "server": "ppt-maker",
+                        "status": "hidden"
+                    },
+                    {
+                        "type": "mcp",
+                        "server": "image-search",
+                        "status": "hidden"
+                    },
+                    {
+                        "type": "mcp",
+                        "server": "deep-research",
+                        "status": "hidden"
+                    },
+                    {
+                        "type": "tool_selector",
+                        "server": "tool_selector",
+                        "status": "hidden"
+                    },
+                    {
+                        "type": "mcp",
+                        "server": "advanced-search",
+                        "status": "hidden"
+                    }
+                ],
+                "enable_thinking": is_thinking,
+            },
+            "background_tasks": {
+                "title_generation": False,
+                "tags_generation": False,
+            },
+            "mcp_servers": mcp_servers,
+            "variables": {
+                "{{USER_NAME}}": "Guest",
+                "{{USER_LOCATION}}": "Unknown",
+                "{{CURRENT_DATETIME}}": datetime.now().strftime("%Y-%m-%d %H:%M:%S"),
+                "{{CURRENT_DATE}}": datetime.now().strftime("%Y-%m-%d"),
+                "{{CURRENT_TIME}}": datetime.now().strftime("%H:%M:%S"),
+                "{{CURRENT_WEEKDAY}}": datetime.now().strftime("%A"),
+                "{{CURRENT_TIMEZONE}}": "Asia/Shanghai",
+                "{{USER_LANGUAGE}}": "zh-CN",
+            },
+            "model_item": {
+                "id": upstream_model_id,
+                "name": requested_model,
+                "owned_by": "z.ai"
+            },
+            "chat_id": chat_id,
+            "id": generate_uuid(),
+        }
+
+        # 不传递 tools 给上游,使用提示工程方式
+        body["tools"] = None
+        
+        # 处理其他参数
+        if request.temperature is not None:
+            body["params"]["temperature"] = request.temperature
+        if request.max_tokens is not None:
+            body["params"]["max_tokens"] = request.max_tokens
+        
+        # 构建请求头
+        headers = get_zai_dynamic_headers(chat_id)
+        if token:
+            headers["Authorization"] = f"Bearer {token}"
+
+        # Dual-layer HMAC signing metadata and header
+        user_id = _extract_user_id_from_token(token)
+        timestamp_ms = int(time.time() * 1000)
+        request_id = generate_uuid()
+        secret = os.getenv("ZAI_SIGNING_SECRET", "junjie") or "junjie"
+        signature = generate_signature(
+            message_text=last_user_text,
+            request_id=request_id,
+            timestamp_ms=timestamp_ms,
+            user_id=user_id,
+            secret=secret,
+        )
+        query_params = {
+            "timestamp": timestamp_ms,
+            "requestId": request_id,
+            "user_id": user_id,
+            "token": token or "",
+            "current_url": f"https://chat.z.ai/c/{chat_id}",
+            "pathname": f"/c/{chat_id}",
+            "signature_timestamp": timestamp_ms,
+        }
+        signed_url = f"{self.config.api_endpoint}?{urlencode(query_params)}"
+        headers["X-Signature"] = signature
+        
+        # 存储当前token用于错误处理
+        self._current_token = token
+
+        return {
+            "url": signed_url,
+            "headers": headers,
+            "body": body,
+            "token": token,
+            "chat_id": chat_id,
+            "model": requested_model
+        }
+    
+    async def chat_completion(
+        self,
+        request: OpenAIRequest,
+        **kwargs
+    ) -> Union[Dict[str, Any], AsyncGenerator[str, None]]:
+        """聊天完成接口"""
+        self.log_request(request)
+
+        try:
+            # 转换请求
+            transformed = await self.transform_request(request)
+
+            # 根据请求类型返回响应
+            if request.stream:
+                # 流式响应
+                return self._create_stream_response(request, transformed)
+            else:
+                # 非流式响应
+                async with httpx.AsyncClient(timeout=30.0) as client:
+                    response = await client.post(
+                        transformed["url"],
+                        headers=transformed["headers"],
+                        json=transformed["body"]
+                    )
+
+                    if not response.is_success:
+                        error_msg = f"Z.AI API 错误: {response.status_code}"
+                        self.log_response(False, error_msg)
+                        return self.handle_error(Exception(error_msg))
+
+                    return await self.transform_response(response, request, transformed)
+
+        except Exception as e:
+            self.log_response(False, str(e))
+            return self.handle_error(e, "请求处理")
+
+    
+    async def _create_stream_response(
+        self,
+        request: OpenAIRequest,
+        transformed: Dict[str, Any]
+    ) -> AsyncGenerator[str, None]:
+
+        current_token = transformed.get("token", "")
+        try:
+            async with httpx.AsyncClient(
+                timeout=60.0,
+                http2=True,
+            ) as client:
+                self.logger.info(f"🎯 发送请求到 Z.AI: {transformed['url']}")
+                # self.logger.info(f"📦 请求体 model: {transformed['body']['model']}")
+                # self.logger.info(f"📦 请求体 messages: {json.dumps(transformed['body']['messages'], ensure_ascii=False)}")
+                async with client.stream(
+                    "POST",
+                    transformed["url"],
+                    json=transformed["body"],
+                    headers=transformed["headers"],
+                ) as response:
+                    if response.status_code != 200:
+                        self.logger.error(f"❌ 上游返回错误: {response.status_code}")
+                        error_text = await response.aread()
+                        error_msg = error_text.decode('utf-8', errors='ignore')
+                        if error_msg:
+                            self.logger.error(f"❌ 错误详情: {error_msg}")
+                        error_response = {
+                            "error": {
+                                "message": f"Upstream error: {response.status_code}",
+                                "type": "upstream_error",
+                                "code": response.status_code
+                            }
+                        }
+                        yield f"data: {json.dumps(error_response)}\n\n"
+                        yield "data: [DONE]\n\n"
+                        return
+
+                    if current_token and not settings.ANONYMOUS_MODE:
+                        token_pool = get_token_pool()
+                        if token_pool:
+                            token_pool.mark_token_success(current_token)
+
+                    chat_id = transformed["chat_id"]
+                    model = transformed["model"]
+                    async for chunk in self._handle_stream_response(response, chat_id, model, request, transformed):
+                        yield chunk
+                    return
+        except Exception as e:
+            self.logger.error(f"❌ 流处理错误: {e}")
+            import traceback
+            self.logger.error(traceback.format_exc())
+            if current_token and not settings.ANONYMOUS_MODE:
+                self.mark_token_failure(current_token, e)
+            error_response = {
+                "error": {
+                    "message": str(e),
+                    "type": "stream_error"
+                }
+            }
+            yield f"data: {json.dumps(error_response)}\n\n"
+            yield "data: [DONE]\n\n"
+            return
+
+    async def transform_response(
+        self, 
+        response: httpx.Response, 
+        request: OpenAIRequest,
+        transformed: Dict[str, Any]
+    ) -> Union[Dict[str, Any], AsyncGenerator[str, None]]:
+        """转换Z.AI响应为OpenAI格式"""
+        chat_id = transformed["chat_id"]
+        model = transformed["model"]
+        
+        if request.stream:
+            return self._handle_stream_response(response, chat_id, model, request, transformed)
+        else:
+            return await self._handle_non_stream_response(response, chat_id, model)
+    
+    async def _handle_stream_response(
+        self,
+        response: httpx.Response,
+        chat_id: str,
+        model: str,
+        request: OpenAIRequest,
+        transformed: Dict[str, Any]
+    ) -> AsyncGenerator[str, None]:
+        """处理Z.AI流式响应"""
+        self.logger.info(f"✅ Z.AI 响应成功，开始处理 SSE 流")
+
+        # 检查是否启用了工具调用 (通过检查原始请求)
+        has_tools = settings.TOOL_SUPPORT and request.tools is not None and len(request.tools) > 0
+
+        # 累积内容缓冲区,用于提取工具调用
+        buffered_content = ""
+        has_sent_role = False
+
+        # 处理状态
+        has_thinking = False
+        thinking_signature = None
+
+        # 处理SSE流
+        buffer = ""
+        line_count = 0
+        self.logger.debug("📡 开始接收 SSE 流数据...")
+
+        try:
+            async for line in response.aiter_lines():
+                line_count += 1
+                if not line:
+                    continue
+
+                # 累积到buffer处理完整的数据行
+                buffer += line + "\n"
+
+                # 检查是否有完整的data行
+                while "\n" in buffer:
+                    current_line, buffer = buffer.split("\n", 1)
+                    if not current_line.strip():
+                        continue
+
+                    if current_line.startswith("data:"):
+                        chunk_str = current_line[5:].strip()
+                        if not chunk_str or chunk_str == "[DONE]":
+                            if chunk_str == "[DONE]":
+                                yield "data: [DONE]\n\n"
+                            continue
+
+                        self.logger.debug(f"📦 解析数据块: {chunk_str[:1000]}..." if len(chunk_str) > 1000 else f"📦 解析数据块: {chunk_str}")
+
+                        try:
+                            chunk = json.loads(chunk_str)
+
+                            if chunk.get("type") == "chat:completion":
+                                data = chunk.get("data", {})
+                                phase = data.get("phase")
+
+                                # 记录每个阶段（只在阶段变化时记录）
+                                if phase and phase != getattr(self, '_last_phase', None):
+                                    self.logger.info(f"📈 SSE 阶段: {phase}")
+                                    self._last_phase = phase
+
+                                # 处理思考内容
+                                if phase == "thinking":
+                                    if not has_thinking:
+                                        has_thinking = True
+                                        # 发送初始角色
+                                        role_chunk = self.create_openai_chunk(
+                                            chat_id,
+                                            model,
+                                            {"role": "assistant"}
+                                        )
+                                        yield await self.format_sse_chunk(role_chunk)
+
+                                    delta_content = data.get("delta_content", "")
+                                    if delta_content:
+                                        # 处理思考内容格式
+                                        if delta_content.startswith("<details"):
+                                            content = (
+                                                delta_content.split("</summary>\n>")[-1].strip()
+                                                if "</summary>\n>" in delta_content
+                                                else delta_content
+                                            )
+                                        else:
+                                            content = delta_content
+
+                                        thinking_chunk = self.create_openai_chunk(
+                                            chat_id,
+                                            model,
+                                            {
+                                                "role": "assistant",
+                                                "reasoning_content": content
+                                            }
+                                        )
+                                        yield await self.format_sse_chunk(thinking_chunk)
+
+                                # 处理答案内容
+                                elif phase == "answer":
+                                    delta_content = data.get("delta_content", "")
+                                    edit_content = data.get("edit_content", "")
+
+                                    # 累积内容(用于工具调用提取)
+                                    if delta_content:
+                                        buffered_content += delta_content
+                                    elif edit_content:
+                                        buffered_content = edit_content
+
+                                    # 如果包含 usage,说明流式结束
+                                    if data.get("usage"):
+                                        usage = data["usage"]
+                                        self.logger.info(f"📦 完成响应 - 使用统计: {json.dumps(usage)}")
+
+                                        # 尝试从缓冲区提取 tool_calls
+                                        tool_calls = None
+                                        cleaned_content = buffered_content
+
+                                        if has_tools:
+                                            tool_calls, cleaned_content = parse_and_extract_tool_calls(buffered_content)
+
+                                        if tool_calls:
+                                            # 发现工具调用
+                                            self.logger.info(f"🔧 从响应中提取到 {len(tool_calls)} 个工具调用")
+
+                                            if not has_sent_role:
+                                                role_chunk = self.create_openai_chunk(
+                                                    chat_id,
+                                                    model,
+                                                    {"role": "assistant"}
+                                                )
+                                                yield await self.format_sse_chunk(role_chunk)
+                                                has_sent_role = True
+
+                                            # 发送工具调用
+                                            for idx, tc in enumerate(tool_calls):
+                                                tool_chunk = self.create_openai_chunk(
+                                                    chat_id,
+                                                    model,
+                                                    {
+                                                        "role": "assistant",
+                                                        "tool_calls": [{
+                                                            "index": idx,
+                                                            "id": tc.get("id", f"call_{idx}"),
+                                                            "type": "function",
+                                                            "function": {
+                                                                "name": tc.get("function", {}).get("name", ""),
+                                                                "arguments": tc.get("function", {}).get("arguments", "")
+                                                            }
+                                                        }]
+                                                    }
+                                                )
+                                                yield await self.format_sse_chunk(tool_chunk)
+
+                                            # 发送完成块
+                                            finish_chunk = self.create_openai_chunk(
+                                                chat_id,
+                                                model,
+                                                {"role": "assistant"},
+                                                "tool_calls"
+                                            )
+                                            finish_chunk["usage"] = usage
+                                            yield await self.format_sse_chunk(finish_chunk)
+                                            yield "data: [DONE]\n\n"
+
+                                        else:
+                                            # 没有工具调用,正常返回内容
+                                            # 处理思考结束和答案开始
+                                            if edit_content and "</details>\n" in edit_content:
+                                                if has_thinking:
+                                                    # 发送思考签名
+                                                    thinking_signature = str(int(time.time() * 1000))
+                                                    sig_chunk = self.create_openai_chunk(
+                                                        chat_id,
+                                                        model,
+                                                        {
+                                                            "role": "assistant",
+                                                            "thinking": {
+                                                                "content": "",
+                                                                "signature": thinking_signature,
+                                                            }
+                                                        }
+                                                    )
+                                                    yield await self.format_sse_chunk(sig_chunk)
+
+                                                # 提取答案内容
+                                                cleaned_content = edit_content.split("</details>\n")[-1]
+
+                                            if not has_sent_role and not has_thinking:
+                                                role_chunk = self.create_openai_chunk(
+                                                    chat_id,
+                                                    model,
+                                                    {"role": "assistant"}
+                                                )
+                                                yield await self.format_sse_chunk(role_chunk)
+                                                has_sent_role = True
+
+                                            if cleaned_content:
+                                                content_chunk = self.create_openai_chunk(
+                                                    chat_id,
+                                                    model,
+                                                    {
+                                                        "role": "assistant",
+                                                        "content": cleaned_content
+                                                    }
+                                                )
+                                                yield await self.format_sse_chunk(content_chunk)
+
+                                            finish_chunk = self.create_openai_chunk(
+                                                chat_id,
+                                                model,
+                                                {"role": "assistant", "content": ""},
+                                                "stop"
+                                            )
+                                            finish_chunk["usage"] = usage
+                                            yield await self.format_sse_chunk(finish_chunk)
+                                            yield "data: [DONE]\n\n"
+                                    else:
+                                        # 流式过程中,输出答案内容（即使有工具调用也要显示）
+                                        # 处理思考结束和答案开始
+                                        if edit_content and "</details>\n" in edit_content:
+                                            if has_thinking:
+                                                # 发送思考签名
+                                                thinking_signature = str(int(time.time() * 1000))
+                                                sig_chunk = self.create_openai_chunk(
+                                                    chat_id,
+                                                    model,
+                                                    {
+                                                        "role": "assistant",
+                                                        "thinking": {
+                                                            "content": "",
+                                                            "signature": thinking_signature,
+                                                        }
+                                                    }
+                                                )
+                                                yield await self.format_sse_chunk(sig_chunk)
+
+                                            # 提取答案内容
+                                            content_after = edit_content.split("</details>\n")[-1]
+                                            if content_after:
+                                                content_chunk = self.create_openai_chunk(
+                                                    chat_id,
+                                                    model,
+                                                    {
+                                                        "role": "assistant",
+                                                        "content": content_after
+                                                    }
+                                                )
+                                                yield await self.format_sse_chunk(content_chunk)
+
+                                        # 处理增量内容
+                                        elif delta_content:
+                                            if not has_sent_role and not has_thinking:
+                                                role_chunk = self.create_openai_chunk(
+                                                    chat_id,
+                                                    model,
+                                                    {"role": "assistant"}
+                                                )
+                                                yield await self.format_sse_chunk(role_chunk)
+                                                has_sent_role = True
+
+                                            content_chunk = self.create_openai_chunk(
+                                                chat_id,
+                                                model,
+                                                {
+                                                    "role": "assistant",
+                                                    "content": delta_content
+                                                }
+                                            )
+                                            output_data = await self.format_sse_chunk(content_chunk)
+                                            self.logger.debug(f"➡️ 输出内容块到客户端: {output_data}")
+                                            yield output_data
+
+                        except json.JSONDecodeError as e:
+                            self.logger.debug(f"❌ JSON解析错误: {e}, 内容: {chunk_str[:1000]}")
+                        except Exception as e:
+                            self.logger.error(f"❌ 处理chunk错误: {e}")
+
+            self.logger.info(f"✅ SSE 流处理完成，共处理 {line_count} 行数据")
+
+        except Exception as e:
+            self.logger.error(f"❌ 流式响应处理错误: {e}")
+            import traceback
+            self.logger.error(traceback.format_exc())
+            # 发送错误结束块
+            yield await self.format_sse_chunk(
+                self.create_openai_chunk(chat_id, model, {}, "stop")
+            )
+            yield "data: [DONE]\n\n"
+    
+    async def _handle_non_stream_response(
+        self, 
+        response: httpx.Response, 
+        chat_id: str, 
+        model: str
+    ) -> Dict[str, Any]:
+        """处理非流式响应
+
+        说明：上游始终以 SSE 形式返回（transform_request 固定 stream=True），
+        因此这里需要聚合 aiter_lines() 的 data: 块，提取 usage、思考内容与答案内容，
+        并最终产出一次性 OpenAI 格式响应。
+        """
+        final_content = ""
+        reasoning_content = ""
+        usage_info: Dict[str, int] = {
+            "prompt_tokens": 0,
+            "completion_tokens": 0,
+            "total_tokens": 0,
+        }
+
+        try:
+            async for line in response.aiter_lines():
+                if not line:
+                    continue
+
+                line = line.strip()
+
+                # 仅处理以 data: 开头的 SSE 行，其余行尝试作为错误/JSON 忽略
+                if not line.startswith("data:"):
+                    # 尝试解析为错误 JSON
+                    try:
+                        maybe_err = json.loads(line)
+                        if isinstance(maybe_err, dict) and (
+                            "error" in maybe_err or "code" in maybe_err or "message" in maybe_err
+                        ):
+                            # 统一错误处理
+                            msg = (
+                                (maybe_err.get("error") or {}).get("message")
+                                if isinstance(maybe_err.get("error"), dict)
+                                else maybe_err.get("message")
+                            ) or "上游返回错误"
+                            return self.handle_error(Exception(msg), "API响应")
+                    except Exception:
+                        pass
+                    continue
+
+                data_str = line[5:].strip()
+                if not data_str or data_str in ("[DONE]", "DONE", "done"):
+                    continue
+
+                # 解析 SSE 数据块
+                try:
+                    chunk = json.loads(data_str)
+                except json.JSONDecodeError:
+                    continue
+
+                if chunk.get("type") != "chat:completion":
+                    continue
+
+                data = chunk.get("data", {})
+                phase = data.get("phase")
+                delta_content = data.get("delta_content", "")
+                edit_content = data.get("edit_content", "")
+
+                # 记录用量（通常在最后块中出现，但这里每次覆盖保持最新）
+                if data.get("usage"):
+                    try:
+                        usage_info = data["usage"]
+                    except Exception:
+                        pass
+
+                # 思考阶段聚合（去除 <details><summary>... 包裹头）
+                if phase == "thinking":
+                    if delta_content:
+                        if delta_content.startswith("<details"):
+                            cleaned = (
+                                delta_content.split("</summary>\n>")[-1].strip()
+                                if "</summary>\n>" in delta_content
+                                else delta_content
+                            )
+                        else:
+                            cleaned = delta_content
+                        reasoning_content += cleaned
+
+                # 答案阶段聚合
+                elif phase == "answer":
+                    # 当 edit_content 同时包含思考结束标记与答案时，提取答案部分
+                    if edit_content and "</details>\n" in edit_content:
+                        content_after = edit_content.split("</details>\n")[-1]
+                        if content_after:
+                            final_content += content_after
+                    elif delta_content:
+                        final_content += delta_content
+
+        except Exception as e:
+            self.logger.error(f"❌ 非流式响应处理错误: {e}")
+            import traceback
+            self.logger.error(traceback.format_exc())
+            # 返回统一错误响应
+            return self.handle_error(e, "非流式聚合")
+
+        # 清理并返回
+        final_content = (final_content or "").strip()
+        reasoning_content = (reasoning_content or "").strip()
+
+        # 若没有聚合到答案，但有思考内容，则保底返回思考内容
+        if not final_content and reasoning_content:
+            final_content = reasoning_content
+
+        # 返回包含推理内容的标准响应（若无推理则不会携带）
+        return self.create_openai_response_with_reasoning(
+            chat_id,
+            model,
+            final_content,
+            reasoning_content,
+            usage_info,
+        )

app/services/request_log_dao.py

@@ -0,0 +1,267 @@
+"""
+请求日志数据访问层 (DAO)
+提供请求日志的 CRUD 操作和查询功能
+"""
+import aiosqlite
+import sqlite3
+from typing import List, Dict, Optional
+from datetime import datetime, timedelta
+from contextlib import asynccontextmanager
+import os
+
+from app.models.request_log import SQL_CREATE_REQUEST_LOGS_TABLE, DB_PATH
+from app.utils.logger import logger
+
+
+class RequestLogDAO:
+    """请求日志数据访问对象"""
+
+    def __init__(self, db_path: str = DB_PATH):
+        """初始化 DAO"""
+        self.db_path = db_path
+        self._ensure_db_directory()
+        self._init_db()
+
+    def _ensure_db_directory(self):
+        """确保数据库目录存在"""
+        db_dir = os.path.dirname(self.db_path)
+        if db_dir and not os.path.exists(db_dir):
+            os.makedirs(db_dir, exist_ok=True)
+
+    def _init_db(self):
+        """初始化数据库表"""
+        try:
+            conn = sqlite3.connect(self.db_path)
+            conn.executescript(SQL_CREATE_REQUEST_LOGS_TABLE)
+            conn.commit()
+            conn.close()
+            logger.debug("请求日志表初始化成功")
+        except Exception as e:
+            logger.error(f"初始化请求日志表失败: {e}")
+
+    @asynccontextmanager
+    async def get_connection(self):
+        """获取异步数据库连接"""
+        conn = await aiosqlite.connect(self.db_path)
+        conn.row_factory = aiosqlite.Row
+        try:
+            yield conn
+        finally:
+            await conn.close()
+
+    async def add_log(
+        self,
+        provider: str,
+        model: str,
+        success: bool,
+        duration: float = 0.0,
+        first_token_time: float = 0.0,
+        input_tokens: int = 0,
+        output_tokens: int = 0,
+        error_message: str = None
+    ) -> int:
+        """
+        添加请求日志
+
+        Args:
+            provider: 提供商名称
+            model: 模型名称
+            success: 是否成功
+            duration: 总耗时（秒）
+            first_token_time: 首字延迟（秒）
+            input_tokens: 输入 token 数
+            output_tokens: 输出 token 数
+            error_message: 错误信息
+
+        Returns:
+            日志 ID
+        """
+        total_tokens = input_tokens + output_tokens
+
+        async with self.get_connection() as conn:
+            cursor = await conn.execute(
+                """
+                INSERT INTO request_logs
+                (provider, model, success, duration, first_token_time,
+                 input_tokens, output_tokens, total_tokens, error_message)
+                VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
+                """,
+                (provider, model, success, duration, first_token_time,
+                 input_tokens, output_tokens, total_tokens, error_message)
+            )
+            await conn.commit()
+            return cursor.lastrowid
+
+    async def get_recent_logs(
+        self,
+        limit: int = 100,
+        provider: str = None,
+        model: str = None,
+        success: bool = None
+    ) -> List[Dict]:
+        """
+        获取最近的请求日志
+
+        Args:
+            limit: 返回数量限制
+            provider: 过滤提供商
+            model: 过滤模型
+            success: 过滤成功/失败状态
+
+        Returns:
+            日志列表
+        """
+        query = "SELECT * FROM request_logs WHERE 1=1"
+        params = []
+
+        if provider:
+            query += " AND provider = ?"
+            params.append(provider)
+
+        if model:
+            query += " AND model = ?"
+            params.append(model)
+
+        if success is not None:
+            query += " AND success = ?"
+            params.append(success)
+
+        query += " ORDER BY timestamp DESC LIMIT ?"
+        params.append(limit)
+
+        async with self.get_connection() as conn:
+            cursor = await conn.execute(query, params)
+            rows = await cursor.fetchall()
+            return [dict(row) for row in rows]
+
+    async def get_logs_by_time_range(
+        self,
+        start_time: datetime,
+        end_time: datetime,
+        provider: str = None,
+        model: str = None
+    ) -> List[Dict]:
+        """
+        按时间范围获取日志
+
+        Args:
+            start_time: 开始时间
+            end_time: 结束时间
+            provider: 过滤提供商
+            model: 过滤模型
+
+        Returns:
+            日志列表
+        """
+        query = "SELECT * FROM request_logs WHERE timestamp BETWEEN ? AND ?"
+        params = [start_time.isoformat(), end_time.isoformat()]
+
+        if provider:
+            query += " AND provider = ?"
+            params.append(provider)
+
+        if model:
+            query += " AND model = ?"
+            params.append(model)
+
+        query += " ORDER BY timestamp DESC"
+
+        async with self.get_connection() as conn:
+            cursor = await conn.execute(query, params)
+            rows = await cursor.fetchall()
+            return [dict(row) for row in rows]
+
+    async def get_model_stats_from_db(self, hours: int = 24) -> Dict:
+        """
+        从数据库获取模型统计（最近N小时）
+
+        Args:
+            hours: 小时数
+
+        Returns:
+            模型统计数据
+        """
+        start_time = datetime.now() - timedelta(hours=hours)
+
+        async with self.get_connection() as conn:
+            cursor = await conn.execute(
+                """
+                SELECT
+                    model,
+                    COUNT(*) as total,
+                    SUM(CASE WHEN success = 1 THEN 1 ELSE 0 END) as success,
+                    SUM(CASE WHEN success = 0 THEN 1 ELSE 0 END) as failed,
+                    SUM(input_tokens) as input_tokens,
+                    SUM(output_tokens) as output_tokens,
+                    SUM(total_tokens) as total_tokens,
+                    AVG(duration) as avg_duration,
+                    AVG(first_token_time) as avg_first_token_time
+                FROM request_logs
+                WHERE timestamp >= ?
+                GROUP BY model
+                ORDER BY total DESC
+                """,
+                (start_time.isoformat(),)
+            )
+            rows = await cursor.fetchall()
+
+            result = {}
+            for row in rows:
+                model = row['model']
+                result[model] = {
+                    'total': row['total'],
+                    'success': row['success'],
+                    'failed': row['failed'],
+                    'input_tokens': row['input_tokens'] or 0,
+                    'output_tokens': row['output_tokens'] or 0,
+                    'total_tokens': row['total_tokens'] or 0,
+                    'avg_duration': round(row['avg_duration'] or 0, 2),
+                    'avg_first_token_time': round(row['avg_first_token_time'] or 0, 2),
+                    'success_rate': round((row['success'] / row['total'] * 100) if row['total'] > 0 else 0, 1)
+                }
+
+            return result
+
+    async def delete_old_logs(self, days: int = 30) -> int:
+        """
+        删除旧日志
+
+        Args:
+            days: 保留天数
+
+        Returns:
+            删除的记录数
+        """
+        cutoff_time = datetime.now() - timedelta(days=days)
+
+        async with self.get_connection() as conn:
+            cursor = await conn.execute(
+                "DELETE FROM request_logs WHERE timestamp < ?",
+                (cutoff_time.isoformat(),)
+            )
+            await conn.commit()
+            return cursor.rowcount
+
+
+# 全局单例实例
+_request_log_dao: Optional[RequestLogDAO] = None
+
+
+def get_request_log_dao() -> RequestLogDAO:
+    """
+    获取请求日志 DAO 单例
+
+    Returns:
+        RequestLogDAO 实例
+    """
+    global _request_log_dao
+    if _request_log_dao is None:
+        _request_log_dao = RequestLogDAO()
+    return _request_log_dao
+
+
+def init_request_log_dao():
+    """初始化请求日志 DAO"""
+    global _request_log_dao
+    _request_log_dao = RequestLogDAO()
+    return _request_log_dao

app/services/token_dao.py

@@ -0,0 +1,480 @@
+"""
+Token 数据访问层 (DAO)
+提供 Token 的 CRUD 操作和查询功能
+"""
+import aiosqlite
+import sqlite3
+from typing import List, Optional, Dict, Tuple
+from datetime import datetime
+from contextlib import asynccontextmanager
+import os
+
+from app.models.token_db import SQL_CREATE_TABLES, DB_PATH
+from app.utils.logger import logger
+
+
+class TokenDAO:
+    """Token 数据访问对象"""
+
+    def __init__(self, db_path: str = DB_PATH):
+        """初始化 DAO"""
+        self.db_path = db_path
+        self._ensure_db_directory()
+
+    def _ensure_db_directory(self):
+        """确保数据库目录存在"""
+        db_dir = os.path.dirname(self.db_path)
+        if db_dir and not os.path.exists(db_dir):
+            os.makedirs(db_dir, exist_ok=True)
+
+    @asynccontextmanager
+    async def get_connection(self):
+        """获取异步数据库连接"""
+        conn = await aiosqlite.connect(self.db_path)
+        conn.row_factory = aiosqlite.Row  # 返回字典式结果
+
+        # 启用外键约束（SQLite 默认关闭）
+        await conn.execute("PRAGMA foreign_keys = ON")
+
+        try:
+            yield conn
+        finally:
+            await conn.close()
+
+    def get_sync_connection(self):
+        """获取同步数据库连接（用于初始化）"""
+        conn = sqlite3.connect(self.db_path)
+        # 启用外键约束
+        conn.execute("PRAGMA foreign_keys = ON")
+        return conn
+
+    async def init_database(self):
+        """初始化数据库表结构"""
+        try:
+            # 使用同步连接创建表（避免异步初始化问题）
+            conn = self.get_sync_connection()
+            conn.executescript(SQL_CREATE_TABLES)
+            conn.commit()
+            conn.close()
+        except Exception as e:
+            logger.error(f"❌ Token 数据库初始化失败: {e}")
+            raise
+
+    # ==================== Token CRUD 操作 ====================
+
+    async def add_token(
+        self,
+        provider: str,
+        token: str,
+        token_type: str = "user",
+        priority: int = 0,
+        validate: bool = True
+    ) -> Optional[int]:
+        """
+        添加新 Token（可选验证）
+
+        Args:
+            provider: 提供商名称
+            token: Token 值
+            token_type: Token 类型（如果 validate=True 将被验证结果覆盖）
+            priority: 优先级
+            validate: 是否验证 Token（仅针对 zai 提供商）
+
+        Returns:
+            token_id 或 None（验证失败或已存在）
+        """
+        try:
+            # 对于 zai 提供商，强制验证 Token
+            if provider == "zai" and validate:
+                from app.utils.token_pool import ZAITokenValidator
+
+                validated_type, is_valid, error_msg = await ZAITokenValidator.validate_token(token)
+
+                # 拒绝 guest token
+                if validated_type == "guest":
+                    logger.warning(f"🚫 拒绝添加匿名用户 Token: {token[:20]}... - {error_msg}")
+                    return None
+
+                # 拒绝无效 token
+                if not is_valid:
+                    logger.warning(f"🚫 Token 验证失败: {token[:20]}... - {error_msg}")
+                    return None
+
+                # 使用验证后的类型
+                token_type = validated_type
+
+            async with self.get_connection() as conn:
+                cursor = await conn.execute("""
+                    INSERT OR IGNORE INTO tokens (provider, token, token_type, priority)
+                    VALUES (?, ?, ?, ?)
+                """, (provider, token, token_type, priority))
+
+                await conn.commit()
+
+                if cursor.lastrowid > 0:
+                    # 同时创建统计记录
+                    await conn.execute("""
+                        INSERT INTO token_stats (token_id)
+                        VALUES (?)
+                    """, (cursor.lastrowid,))
+                    await conn.commit()
+                    logger.info(f"✅ 添加 Token: {provider} ({token_type}) - {token[:20]}...")
+                    return cursor.lastrowid
+                else:
+                    logger.warning(f"⚠️ Token 已存在: {provider} - {token[:20]}...")
+                    return None
+        except Exception as e:
+            logger.error(f"❌ 添加 Token 失败: {e}")
+            return None
+
+    async def get_tokens_by_provider(self, provider: str, enabled_only: bool = True) -> List[Dict]:
+        """
+        获取指定提供商的所有 Token
+
+        Args:
+            provider: 提供商名称
+            enabled_only: 是否只返回启用的 Token
+        """
+        try:
+            async with self.get_connection() as conn:
+                query = """
+                    SELECT t.*, ts.total_requests, ts.successful_requests, ts.failed_requests,
+                           ts.last_success_time, ts.last_failure_time
+                    FROM tokens t
+                    LEFT JOIN token_stats ts ON t.id = ts.token_id
+                    WHERE t.provider = ?
+                """
+                params = [provider]
+
+                if enabled_only:
+                    query += " AND t.is_enabled = 1"
+
+                query += " ORDER BY t.priority DESC, t.id ASC"
+
+                cursor = await conn.execute(query, params)
+                rows = await cursor.fetchall()
+
+                return [dict(row) for row in rows]
+        except Exception as e:
+            logger.error(f"❌ 查询 Token 失败: {e}")
+            return []
+
+    async def get_all_tokens(self, enabled_only: bool = False) -> List[Dict]:
+        """获取所有 Token"""
+        try:
+            async with self.get_connection() as conn:
+                query = """
+                    SELECT t.*, ts.total_requests, ts.successful_requests, ts.failed_requests,
+                           ts.last_success_time, ts.last_failure_time
+                    FROM tokens t
+                    LEFT JOIN token_stats ts ON t.id = ts.token_id
+                """
+
+                if enabled_only:
+                    query += " WHERE t.is_enabled = 1"
+
+                query += " ORDER BY t.provider, t.priority DESC, t.id ASC"
+
+                cursor = await conn.execute(query)
+                rows = await cursor.fetchall()
+
+                return [dict(row) for row in rows]
+        except Exception as e:
+            logger.error(f"❌ 查询所有 Token 失败: {e}")
+            return []
+
+    async def update_token_status(self, token_id: int, is_enabled: bool):
+        """更新 Token 启用状态"""
+        try:
+            async with self.get_connection() as conn:
+                await conn.execute("""
+                    UPDATE tokens SET is_enabled = ? WHERE id = ?
+                """, (is_enabled, token_id))
+                await conn.commit()
+                logger.info(f"✅ 更新 Token 状态: id={token_id}, enabled={is_enabled}")
+        except Exception as e:
+            logger.error(f"❌ 更新 Token 状态失败: {e}")
+
+    async def update_token_type(self, token_id: int, token_type: str):
+        """更新 Token 类型"""
+        try:
+            async with self.get_connection() as conn:
+                await conn.execute("""
+                    UPDATE tokens SET token_type = ? WHERE id = ?
+                """, (token_type, token_id))
+                await conn.commit()
+                logger.info(f"✅ 更新 Token 类型: id={token_id}, type={token_type}")
+        except Exception as e:
+            logger.error(f"❌ 更新 Token 类型失败: {e}")
+
+    async def delete_token(self, token_id: int):
+        """删除 Token（级联删除统计数据）"""
+        try:
+            async with self.get_connection() as conn:
+                await conn.execute("DELETE FROM tokens WHERE id = ?", (token_id,))
+                await conn.commit()
+                logger.info(f"✅ 删除 Token: id={token_id}")
+        except Exception as e:
+            logger.error(f"❌ 删除 Token 失败: {e}")
+
+    async def delete_tokens_by_provider(self, provider: str):
+        """删除指定提供商的所有 Token"""
+        try:
+            async with self.get_connection() as conn:
+                await conn.execute("DELETE FROM tokens WHERE provider = ?", (provider,))
+                await conn.commit()
+                logger.info(f"✅ 删除提供商所有 Token: {provider}")
+        except Exception as e:
+            logger.error(f"❌ 删除提供商 Token 失败: {e}")
+
+    # ==================== Token 统计操作 ====================
+
+    async def record_success(self, token_id: int):
+        """记录 Token 使用成功"""
+        try:
+            async with self.get_connection() as conn:
+                await conn.execute("""
+                    UPDATE token_stats
+                    SET total_requests = total_requests + 1,
+                        successful_requests = successful_requests + 1,
+                        last_success_time = CURRENT_TIMESTAMP
+                    WHERE token_id = ?
+                """, (token_id,))
+                await conn.commit()
+        except Exception as e:
+            logger.error(f"❌ 记录成功失败: {e}")
+
+    async def record_failure(self, token_id: int):
+        """记录 Token 使用失败"""
+        try:
+            async with self.get_connection() as conn:
+                await conn.execute("""
+                    UPDATE token_stats
+                    SET total_requests = total_requests + 1,
+                        failed_requests = failed_requests + 1,
+                        last_failure_time = CURRENT_TIMESTAMP
+                    WHERE token_id = ?
+                """, (token_id,))
+                await conn.commit()
+        except Exception as e:
+            logger.error(f"❌ 记录失败失败: {e}")
+
+    async def get_token_stats(self, token_id: int) -> Optional[Dict]:
+        """获取 Token 统计信息"""
+        try:
+            async with self.get_connection() as conn:
+                cursor = await conn.execute("""
+                    SELECT * FROM token_stats WHERE token_id = ?
+                """, (token_id,))
+                row = await cursor.fetchone()
+                return dict(row) if row else None
+        except Exception as e:
+            logger.error(f"❌ 获取统计信息失败: {e}")
+            return None
+
+    # ==================== 批量操作 ====================
+
+    async def bulk_add_tokens(
+        self,
+        provider: str,
+        tokens: List[str],
+        token_type: str = "user",
+        validate: bool = True
+    ) -> Tuple[int, int]:
+        """
+        批量添加 Token（可选验证）
+
+        Args:
+            provider: 提供商名称
+            tokens: Token 列表
+            token_type: Token 类型（如果 validate=True 将被覆盖）
+            validate: 是否验证 Token（仅针对 zai）
+
+        Returns:
+            (成功添加数量, 失败数量)
+        """
+        added_count = 0
+        failed_count = 0
+
+        for token in tokens:
+            if token.strip():  # 过滤空 token
+                token_id = await self.add_token(
+                    provider,
+                    token.strip(),
+                    token_type,
+                    validate=validate
+                )
+                if token_id:
+                    added_count += 1
+                else:
+                    failed_count += 1
+
+        logger.info(f"✅ 批量添加完成: {provider} - 成功 {added_count}/{len(tokens)}，失败 {failed_count}")
+        return added_count, failed_count
+
+    async def replace_tokens(self, provider: str, tokens: List[str],
+                            token_type: str = "user"):
+        """
+        替换指定提供商的所有 Token（先删除后添加）
+        """
+        # 删除旧 Token
+        await self.delete_tokens_by_provider(provider)
+
+        # 添加新 Token
+        added_count = await self.bulk_add_tokens(provider, tokens, token_type)
+
+        logger.info(f"✅ 替换 Token 完成: {provider} - {added_count} 个")
+        return added_count
+
+    # ==================== 实用方法 ====================
+
+    async def get_token_by_value(self, provider: str, token: str) -> Optional[Dict]:
+        """根据 Token 值查询"""
+        try:
+            async with self.get_connection() as conn:
+                cursor = await conn.execute("""
+                    SELECT t.*, ts.total_requests, ts.successful_requests, ts.failed_requests
+                    FROM tokens t
+                    LEFT JOIN token_stats ts ON t.id = ts.token_id
+                    WHERE t.provider = ? AND t.token = ?
+                """, (provider, token))
+                row = await cursor.fetchone()
+                return dict(row) if row else None
+        except Exception as e:
+            logger.error(f"❌ 查询 Token 失败: {e}")
+            return None
+
+    async def get_provider_stats(self, provider: str) -> Dict:
+        """获取提供商统计信息"""
+        try:
+            async with self.get_connection() as conn:
+                cursor = await conn.execute("""
+                    SELECT
+                        COUNT(*) as total_tokens,
+                        SUM(CASE WHEN is_enabled = 1 THEN 1 ELSE 0 END) as enabled_tokens,
+                        SUM(ts.total_requests) as total_requests,
+                        SUM(ts.successful_requests) as successful_requests,
+                        SUM(ts.failed_requests) as failed_requests
+                    FROM tokens t
+                    LEFT JOIN token_stats ts ON t.id = ts.token_id
+                    WHERE t.provider = ?
+                """, (provider,))
+                row = await cursor.fetchone()
+                return dict(row) if row else {}
+        except Exception as e:
+            logger.error(f"❌ 获取提供商统计失败: {e}")
+            return {}
+
+    # ==================== Token 验证操作 ====================
+
+    async def validate_and_update_token(self, token_id: int) -> bool:
+        """
+        验证单个 Token 并更新其类型
+
+        Args:
+            token_id: Token 数据库 ID
+
+        Returns:
+            是否为有效的认证用户 Token
+        """
+        try:
+            # 获取 Token 信息
+            async with self.get_connection() as conn:
+                cursor = await conn.execute("""
+                    SELECT provider, token FROM tokens WHERE id = ?
+                """, (token_id,))
+                row = await cursor.fetchone()
+
+                if not row:
+                    logger.error(f"❌ Token ID {token_id} 不存在")
+                    return False
+
+                provider = row["provider"]
+                token = row["token"]
+
+            # 仅对 zai 提供商验证
+            if provider != "zai":
+                logger.info(f"⏭️ 跳过非 zai 提供商的 Token 验证: {provider}")
+                return True
+
+            # 验证 Token
+            from app.utils.token_pool import ZAITokenValidator
+
+            token_type, is_valid, error_msg = await ZAITokenValidator.validate_token(token)
+
+            # 更新 Token 类型
+            await self.update_token_type(token_id, token_type)
+
+            if not is_valid:
+                logger.warning(f"⚠️ Token 验证失败: id={token_id}, type={token_type}, error={error_msg}")
+
+            return is_valid
+
+        except Exception as e:
+            logger.error(f"❌ 验证 Token 失败: {e}")
+            return False
+
+    async def validate_all_tokens(self, provider: str = "zai") -> Dict[str, int]:
+        """
+        批量验证所有 Token
+
+        Args:
+            provider: 提供商名称（默认 zai）
+
+        Returns:
+            统计结果 {"valid": 数量, "guest": 数量, "invalid": 数量}
+        """
+        try:
+            tokens = await self.get_tokens_by_provider(provider, enabled_only=False)
+
+            if not tokens:
+                logger.warning(f"⚠️ 没有需要验证的 {provider} Token")
+                return {"valid": 0, "guest": 0, "invalid": 0}
+
+            logger.info(f"🔍 开始批量验证 {len(tokens)} 个 {provider} Token...")
+
+            stats = {"valid": 0, "guest": 0, "invalid": 0}
+
+            for token_record in tokens:
+                token_id = token_record["id"]
+                is_valid = await self.validate_and_update_token(token_id)
+
+                # 重新查询更新后的类型
+                async with self.get_connection() as conn:
+                    cursor = await conn.execute("""
+                        SELECT token_type FROM tokens WHERE id = ?
+                    """, (token_id,))
+                    row = await cursor.fetchone()
+                    token_type = row["token_type"] if row else "unknown"
+
+                if token_type == "user":
+                    stats["valid"] += 1
+                elif token_type == "guest":
+                    stats["guest"] += 1
+                else:
+                    stats["invalid"] += 1
+
+            logger.info(f"✅ 批量验证完成: 有效 {stats['valid']}, 匿名 {stats['guest']}, 无效 {stats['invalid']}")
+            return stats
+
+        except Exception as e:
+            logger.error(f"❌ 批量验证失败: {e}")
+            return {"valid": 0, "guest": 0, "invalid": 0}
+
+
+# 全局单例
+_token_dao: Optional[TokenDAO] = None
+
+
+def get_token_dao() -> TokenDAO:
+    """获取全局 TokenDAO 实例"""
+    global _token_dao
+    if _token_dao is None:
+        _token_dao = TokenDAO()
+    return _token_dao
+
+
+async def init_token_database():
+    """初始化 Token 数据库"""
+    dao = get_token_dao()
+    await dao.init_database()

app/templates/base.html

@@ -0,0 +1,201 @@
+<!DOCTYPE html>
+<html lang="zh-CN" class="h-full bg-gray-50">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>{% block title %}管理后台{% endblock %} - Z.AI2API</title>
+
+    <!-- Tailwind CSS (CDN) -->
+    <script src="https://cdn.tailwindcss.com"></script>
+
+    <!-- Alpine.js (CDN) -->
+    <script defer src="https://cdn.jsdelivr.net/npm/[email protected]/dist/cdn.min.js"></script>
+
+    <!-- htmx (CDN) -->
+    <script src="https://unpkg.com/[email protected]"></script>
+
+    <!-- Chart.js (CDN) -->
+    <script src="https://cdn.jsdelivr.net/npm/[email protected]"></script>
+
+    <!-- 自定义样式 -->
+    <style>
+        /* 自定义滚动条 */
+        ::-webkit-scrollbar {
+            width: 8px;
+            height: 8px;
+        }
+        ::-webkit-scrollbar-track {
+            background: #f1f1f1;
+        }
+        ::-webkit-scrollbar-thumb {
+            background: #888;
+            border-radius: 4px;
+        }
+        ::-webkit-scrollbar-thumb:hover {
+            background: #555;
+        }
+
+        /* htmx 加载指示器 */
+        .htmx-indicator {
+            display: none;
+        }
+        .htmx-request .htmx-indicator {
+            display: inline-block;
+        }
+        .htmx-request.htmx-indicator {
+            display: inline-block;
+        }
+
+        /* 平滑过渡 */
+        .fade-in {
+            animation: fadeIn 0.3s ease-in;
+        }
+        @keyframes fadeIn {
+            from { opacity: 0; }
+            to { opacity: 1; }
+        }
+    </style>
+
+    {% block extra_head %}{% endblock %}
+</head>
+<body class="h-full" x-data="{
+    sidebarOpen: true,
+    async logout() {
+        if (confirm('确定要登出吗？')) {
+            try {
+                const response = await fetch('/admin/api/logout', {
+                    method: 'POST'
+                });
+                if (response.ok) {
+                    window.location.href = '/admin/login';
+                }
+            } catch (err) {
+                console.error('登出失败:', err);
+                alert('登出失败，请稍后重试');
+            }
+        }
+    }
+}">
+    <div class="min-h-full">
+        <!-- 顶部导航栏 -->
+        <nav class="bg-indigo-600 shadow-lg">
+            <div class="mx-auto px-4 sm:px-6 lg:px-8">
+                <div class="flex h-16 items-center justify-between">
+                    <!-- Logo 和切换按钮 -->
+                    <div class="flex items-center">
+                        <button @click="sidebarOpen = !sidebarOpen" class="text-white hover:bg-indigo-700 p-2 rounded-md">
+                            <svg class="h-6 w-6" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                                <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M4 6h16M4 12h16M4 18h16" />
+                            </svg>
+                        </button>
+                        <div class="ml-4 flex items-center">
+                            <h1 class="text-2xl font-bold text-white">API 管理后台</h1>
+                        </div>
+                    </div>
+
+                    <!-- 右侧信息 -->
+                    <div class="flex items-center space-x-4">
+                        <!-- 实时状态指示器 -->
+                        <div class="flex items-center text-white">
+                            <span class="relative flex h-3 w-3">
+                                <span class="animate-ping absolute inline-flex h-full w-full rounded-full bg-green-400 opacity-75"></span>
+                                <span class="relative inline-flex rounded-full h-3 w-3 bg-green-500"></span>
+                            </span>
+                            <span class="ml-2 text-sm">服务运行中</span>
+                        </div>
+
+                        <!-- 登出按钮 -->
+                        <button
+                            @click="logout()"
+                            class="flex items-center text-white hover:bg-indigo-700 px-3 py-2 rounded-md text-sm font-medium transition-colors">
+                            <svg class="h-5 w-5 mr-1" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                                <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M17 16l4-4m0 0l-4-4m4 4H7m6 4v1a3 3 0 01-3 3H6a3 3 0 01-3-3V7a3 3 0 013-3h4a3 3 0 013 3v1" />
+                            </svg>
+                            登出
+                        </button>
+                    </div>
+                </div>
+            </div>
+        </nav>
+
+        <div class="flex">
+            <!-- 侧边栏 -->
+            <aside
+                x-show="sidebarOpen"
+                x-transition:enter="transition ease-out duration-200"
+                x-transition:enter-start="transform -translate-x-full"
+                x-transition:enter-end="transform translate-x-0"
+                x-transition:leave="transition ease-in duration-200"
+                x-transition:leave-start="transform translate-x-0"
+                x-transition:leave-end="transform -translate-x-full"
+                class="w-64 bg-white shadow-lg min-h-screen">
+                <nav class="mt-5 px-2 space-y-1">
+                    {% set current_path = request.url.path %}
+
+                    <!-- 仪表盘 -->
+                    <a href="/admin"
+                       class="{% if current_path == '/admin' or current_path == '/admin/' %}bg-indigo-100 text-indigo-700{% else %}text-gray-700 hover:bg-gray-100{% endif %} group flex items-center px-3 py-2 text-sm font-medium rounded-md">
+                        <svg class="mr-3 h-6 w-6" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M3 12l2-2m0 0l7-7 7 7M5 10v10a1 1 0 001 1h3m10-11l2 2m-2-2v10a1 1 0 01-1 1h-3m-6 0a1 1 0 001-1v-4a1 1 0 011-1h2a1 1 0 011 1v4a1 1 0 001 1m-6 0h6" />
+                        </svg>
+                        仪表盘
+                    </a>
+
+                    <!-- 配置管理 -->
+                    <a href="/admin/config"
+                       class="{% if '/config' in current_path %}bg-indigo-100 text-indigo-700{% else %}text-gray-700 hover:bg-gray-100{% endif %} group flex items-center px-3 py-2 text-sm font-medium rounded-md">
+                        <svg class="mr-3 h-6 w-6" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M10.325 4.317c.426-1.756 2.924-1.756 3.35 0a1.724 1.724 0 002.573 1.066c1.543-.94 3.31.826 2.37 2.37a1.724 1.724 0 001.065 2.572c1.756.426 1.756 2.924 0 3.35a1.724 1.724 0 00-1.066 2.573c.94 1.543-.826 3.31-2.37 2.37a1.724 1.724 0 00-2.572 1.065c-.426 1.756-2.924 1.756-3.35 0a1.724 1.724 0 00-2.573-1.066c-1.543.94-3.31-.826-2.37-2.37a1.724 1.724 0 00-1.065-2.572c-1.756-.426-1.756-2.924 0-3.35a1.724 1.724 0 001.066-2.573c-.94-1.543.826-3.31 2.37-2.37.996.608 2.296.07 2.572-1.065z" />
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M15 12a3 3 0 11-6 0 3 3 0 016 0z" />
+                        </svg>
+                        配置管理
+                    </a>
+
+                    <!-- 服务监控 -->
+                    <a href="/admin/monitor"
+                       class="{% if '/monitor' in current_path %}bg-indigo-100 text-indigo-700{% else %}text-gray-700 hover:bg-gray-100{% endif %} group flex items-center px-3 py-2 text-sm font-medium rounded-md">
+                        <svg class="mr-3 h-6 w-6" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 19v-6a2 2 0 00-2-2H5a2 2 0 00-2 2v6a2 2 0 002 2h2a2 2 0 002-2zm0 0V9a2 2 0 012-2h2a2 2 0 012 2v10m-6 0a2 2 0 002 2h2a2 2 0 002-2m0 0V5a2 2 0 012-2h2a2 2 0 012 2v14a2 2 0 01-2 2h-2a2 2 0 01-2-2z" />
+                        </svg>
+                        服务监控
+                    </a>
+
+                    <!-- Token 管理 -->
+                    <a href="/admin/tokens"
+                       class="{% if '/tokens' in current_path %}bg-indigo-100 text-indigo-700{% else %}text-gray-700 hover:bg-gray-100{% endif %} group flex items-center px-3 py-2 text-sm font-medium rounded-md">
+                        <svg class="mr-3 h-6 w-6" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M15 7a2 2 0 012 2m4 0a6 6 0 01-7.743 5.743L11 17H9v2H7v2H4a1 1 0 01-1-1v-2.586a1 1 0 01.293-.707l5.964-5.964A6 6 0 1121 9z" />
+                        </svg>
+                        Token 管理
+                    </a>
+
+                    <!-- 分隔线 -->
+                    <div class="border-t border-gray-200 my-4"></div>
+
+                    <!-- API 文档 -->
+                    <a href="/docs" target="_blank"
+                       class="text-gray-700 hover:bg-gray-100 group flex items-center px-3 py-2 text-sm font-medium rounded-md">
+                        <svg class="mr-3 h-6 w-6" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12h6m-6 4h6m2 5H7a2 2 0 01-2-2V5a2 2 0 012-2h5.586a1 1 0 01.707.293l5.414 5.414a1 1 0 01.293.707V19a2 2 0 01-2 2z" />
+                        </svg>
+                        API 文档
+                    </a>
+                </nav>
+            </aside>
+
+            <!-- 主内容区 -->
+            <main class="flex-1 p-6">
+                <!-- 通知区域 -->
+                <div id="notification" class="mb-4"></div>
+
+                <!-- 页面内容 -->
+                <div class="fade-in">
+                    {% block content %}{% endblock %}
+                </div>
+            </main>
+        </div>
+    </div>
+
+    {% block extra_scripts %}{% endblock %}
+</body>
+</html>

app/templates/components/provider_status.html

@@ -0,0 +1,78 @@
+<!-- 提供商状态详情组件 -->
+<div class="grid grid-cols-1 md:grid-cols-3 gap-6">
+    {% for provider in providers %}
+    <div class="border rounded-lg p-6 hover:shadow-md transition-shadow">
+        <!-- 提供商头部 -->
+        <div class="mb-4">
+            <h4 class="text-lg font-semibold text-gray-900">{{ provider.display_name }}</h4>
+        </div>
+
+        <!-- Token 统计 -->
+        <div class="space-y-3 mb-4">
+            <div class="bg-gray-50 rounded-md p-3">
+                <h5 class="text-xs font-medium text-gray-500 mb-2">Token 统计</h5>
+                <div class="space-y-2 text-sm">
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">总计:</span>
+                        <span class="font-medium text-gray-900">{{ provider.total_tokens }}</span>
+                    </div>
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">已启用:</span>
+                        <span class="font-medium text-green-600">{{ provider.enabled_tokens }}</span>
+                    </div>
+                    <div class="flex justify-between text-xs text-gray-500">
+                        <span>认证用户:</span>
+                        <span>{{ provider.user_tokens }}</span>
+                    </div>
+                    <div class="flex justify-between text-xs text-gray-500">
+                        <span>匿名用户:</span>
+                        <span>{{ provider.guest_tokens }}</span>
+                    </div>
+                    <div class="flex justify-between text-xs text-gray-500">
+                        <span>未知类型:</span>
+                        <span>{{ provider.unknown_tokens }}</span>
+                    </div>
+                </div>
+            </div>
+
+            <!-- 请求统计 -->
+            <div class="bg-gray-50 rounded-md p-3">
+                <h5 class="text-xs font-medium text-gray-500 mb-2">请求统计</h5>
+                <div class="space-y-2 text-sm">
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">总请求数:</span>
+                        <span class="font-medium text-gray-900">{{ provider.total_requests }}</span>
+                    </div>
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">成功:</span>
+                        <span class="font-medium text-green-600">{{ provider.successful_requests }}</span>
+                    </div>
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">失败:</span>
+                        <span class="font-medium text-red-600">{{ provider.failed_requests }}</span>
+                    </div>
+                    <div class="flex justify-between">
+                        <span class="text-gray-600">成功率:</span>
+                        <span class="font-medium text-indigo-600">{{ provider.success_rate }}</span>
+                    </div>
+                </div>
+            </div>
+        </div>
+
+        <!-- 快速操作 -->
+        <div class="pt-3 border-t border-gray-200">
+            <a href="/admin/tokens?provider={{ provider.name }}"
+               class="text-sm text-indigo-600 hover:text-indigo-800 font-medium transition-colors">
+                管理 Token →
+            </a>
+        </div>
+    </div>
+    {% endfor %}
+</div>
+
+<!-- 无提供商状态 -->
+{% if not providers %}
+<div class="text-center py-8 text-gray-500">
+    <p>暂无提供商状态信息</p>
+</div>
+{% endif %}

app/templates/components/recent_logs.html

@@ -0,0 +1,50 @@
+<!-- 最近请求日志列表 -->
+<div class="overflow-x-auto">
+    <table class="min-w-full divide-y divide-gray-200">
+        <thead class="bg-gray-50">
+            <tr>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">时间</th>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">端点</th>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">模型</th>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">提供商</th>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">状态</th>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">耗时</th>
+            </tr>
+        </thead>
+        <tbody class="bg-white divide-y divide-gray-200">
+            {% for log in logs %}
+            <tr class="hover:bg-gray-50">
+                <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-900">{{ log.timestamp }}</td>
+                <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">{{ log.endpoint }}</td>
+                <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">{{ log.model }}</td>
+                <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
+                    <span class="px-2 py-1 text-xs font-semibold rounded-full bg-blue-100 text-blue-800">
+                        {{ log.provider }}
+                    </span>
+                </td>
+                <td class="px-6 py-4 whitespace-nowrap text-sm">
+                    {% if log.status == 200 %}
+                    <span class="px-2 py-1 text-xs font-semibold rounded-full bg-green-100 text-green-800">
+                        {{ log.status }}
+                    </span>
+                    {% else %}
+                    <span class="px-2 py-1 text-xs font-semibold rounded-full bg-red-100 text-red-800">
+                        {{ log.status }}
+                    </span>
+                    {% endif %}
+                </td>
+                <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">{{ log.duration }}</td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+
+    {% if not logs %}
+    <div class="text-center py-8 text-gray-500">
+        <svg class="mx-auto h-12 w-12 text-gray-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12h6m-6 4h6m2 5H7a2 2 0 01-2-2V5a2 2 0 012-2h5.586a1 1 0 01.707.293l5.414 5.414a1 1 0 01.293.707V19a2 2 0 01-2 2z" />
+        </svg>
+        <p class="mt-2">暂无请求日志</p>
+    </div>
+    {% endif %}
+</div>

app/templates/components/token_list.html

@@ -0,0 +1,80 @@
+<!-- Token 列表表格 -->
+<div class="overflow-x-auto">
+    <table class="min-w-full divide-y divide-gray-200">
+        <thead class="bg-gray-50">
+            <tr>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">ID</th>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Token</th>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">类型</th>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">健康度</th>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">状态</th>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">使用统计</th>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">创建时间</th>
+                <th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">操作</th>
+            </tr>
+        </thead>
+        <tbody class="bg-white divide-y divide-gray-200">
+            {% for token in tokens %}
+            {% include "components/token_row.html" %}
+            {% endfor %}
+        </tbody>
+    </table>
+
+    {% if not tokens %}
+    <div class="text-center py-12 text-gray-500">
+        <svg class="mx-auto h-12 w-12 text-gray-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M20 13V6a2 2 0 00-2-2H6a2 2 0 00-2 2v7m16 0v5a2 2 0 01-2 2H6a2 2 0 01-2-2v-5m16 0h-2.586a1 1 0 00-.707.293l-2.414 2.414a1 1 0 01-.707.293h-3.172a1 1 0 01-.707-.293l-2.414-2.414A1 1 0 006.586 13H4" />
+        </svg>
+        <p class="mt-2 font-medium">暂无 Token</p>
+        <p class="mt-1 text-sm">点击右上角"添加 Token"按钮开始添加</p>
+    </div>
+    {% endif %}
+</div>
+
+<!-- Token 数量统计（更新页面标题） -->
+<script>
+    (function() {
+        const tokenCount = {{ tokens|length }};
+        const countElement = document.getElementById('token-count');
+        if (countElement) {
+            countElement.textContent = `(共 ${tokenCount} 个)`;
+        }
+    })();
+</script>
+
+<!-- 复制到剪贴板函数 -->
+<script>
+    function copyToClipboard(text) {
+        if (navigator.clipboard && navigator.clipboard.writeText) {
+            navigator.clipboard.writeText(text).then(() => {
+                // 显示临时提示
+                const notification = document.createElement('div');
+                notification.className = 'fixed bottom-4 right-4 bg-green-500 text-white px-4 py-2 rounded shadow-lg z-50';
+                notification.textContent = '✓ Token 已复制到剪贴板';
+                document.body.appendChild(notification);
+
+                setTimeout(() => {
+                    notification.remove();
+                }, 2000);
+            }).catch(err => {
+                console.error('复制失败:', err);
+                alert('复制失败，请手动复制');
+            });
+        } else {
+            // 降级方案：使用 execCommand
+            const textArea = document.createElement('textarea');
+            textArea.value = text;
+            textArea.style.position = 'fixed';
+            textArea.style.left = '-999999px';
+            document.body.appendChild(textArea);
+            textArea.select();
+            try {
+                document.execCommand('copy');
+                alert('Token 已复制到剪贴板');
+            } catch (err) {
+                alert('复制失败，请手动复制');
+            }
+            document.body.removeChild(textArea);
+        }
+    }
+</script>

app/templates/components/token_pool.html

@@ -0,0 +1,40 @@
+<!-- Token 池状态卡片 -->
+<div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-4">
+    {% for token in tokens %}
+    <div class="border rounded-lg p-4 hover:shadow-lg transition-shadow">
+        <div class="flex items-center justify-between mb-2">
+            <span class="text-sm font-medium text-gray-700">Token #{{ token.index }}</span>
+            <span class="px-2 py-1 text-xs font-semibold rounded-full {{ token.status_color }}">
+                {{ token.status }}
+            </span>
+        </div>
+        <div class="space-y-1 text-sm text-gray-600">
+            <div class="truncate">
+                <span class="font-mono text-xs bg-gray-100 px-2 py-1 rounded">{{ token.key }}</span>
+            </div>
+            <div>类型:
+                {% if token.token_type == 'user' %}
+                <span class="text-green-600 font-semibold">认证用户</span>
+                {% elif token.token_type == 'guest' %}
+                <span class="text-yellow-600 font-semibold">匿名用户</span>
+                {% else %}
+                <span class="text-gray-600">未知</span>
+                {% endif %}
+            </div>
+            <div>成功率: <span class="font-medium">{{ token.success_rate }}</span></div>
+            <div>失败次数: <span class="font-medium">{{ token.failure_count }}</span></div>
+            <div class="text-xs text-gray-500">最后使用: {{ token.last_used }}</div>
+        </div>
+    </div>
+    {% endfor %}
+
+    {% if not tokens %}
+    <div class="col-span-full text-center py-8 text-gray-500">
+        <svg class="mx-auto h-12 w-12 text-gray-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M20 13V6a2 2 0 00-2-2H6a2 2 0 00-2 2v7m16 0v5a2 2 0 01-2 2H6a2 2 0 01-2-2v-5m16 0h-2.586a1 1 0 00-.707.293l-2.414 2.414a1 1 0 01-.707.293h-3.172a1 1 0 01-.707-.293l-2.414-2.414A1 1 0 006.586 13H4" />
+        </svg>
+        <p class="mt-2">暂无 Token 配置</p>
+        <p class="mt-1 text-sm">请在配置管理页面添加 Token</p>
+    </div>
+    {% endif %}
+</div>

app/templates/components/token_row.html

@@ -0,0 +1,153 @@
+<!-- 单个 Token 行模板 -->
+{% set success_rate = (token.successful_requests / token.total_requests * 100) if token.total_requests else 0 %}
+{% set is_healthy = (token.token_type == 'user' and token.is_enabled and (success_rate >= 50 or token.total_requests <= 3)) %}
+<tr class="hover:bg-gray-50 transition-colors" id="token-row-{{ token.id }}">
+    <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-900 font-medium">
+        {{ token.id }}
+    </td>
+    <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
+        <div class="flex items-center space-x-2">
+            <span class="font-mono text-xs bg-gray-100 px-2 py-1 rounded">
+                {{ token.token[:30] }}...
+            </span>
+            <button onclick="copyToClipboard('{{ token.token }}')"
+                    class="text-gray-400 hover:text-indigo-600 transition-colors"
+                    title="复制完整 Token">
+                <svg class="h-4 w-4" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                    <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M8 16H6a2 2 0 01-2-2V6a2 2 0 012-2h8a2 2 0 012 2v2m-6 12h8a2 2 0 002-2v-8a2 2 0 00-2-2h-8a2 2 0 00-2 2v8a2 2 0 002 2z" />
+                </svg>
+            </button>
+        </div>
+    </td>
+    <td class="px-6 py-4 whitespace-nowrap text-sm">
+        {% if token.token_type == 'user' %}
+        <span class="inline-flex items-center px-2.5 py-0.5 text-xs font-semibold rounded-full bg-green-100 text-green-800">
+            <svg class="h-3 w-3 mr-1" fill="currentColor" viewBox="0 0 20 20">
+                <path fill-rule="evenodd" d="M10 9a3 3 0 100-6 3 3 0 000 6zm-7 9a7 7 0 1114 0H3z" clip-rule="evenodd" />
+            </svg>
+            认证用户
+        </span>
+        {% elif token.token_type == 'guest' %}
+        <span class="inline-flex items-center px-2.5 py-0.5 text-xs font-semibold rounded-full bg-yellow-100 text-yellow-800">
+            <svg class="h-3 w-3 mr-1" fill="currentColor" viewBox="0 0 20 20">
+                <path fill-rule="evenodd" d="M18 10a8 8 0 11-16 0 8 8 0 0116 0zm-7 4a1 1 0 11-2 0 1 1 0 012 0zm-1-9a1 1 0 00-1 1v4a1 1 0 102 0V6a1 1 0 00-1-1z" clip-rule="evenodd" />
+            </svg>
+            匿名用户
+        </span>
+        {% else %}
+        <span class="inline-flex items-center px-2.5 py-0.5 text-xs font-semibold rounded-full bg-gray-100 text-gray-800">
+            <svg class="h-3 w-3 mr-1" fill="currentColor" viewBox="0 0 20 20">
+                <path fill-rule="evenodd" d="M18 10a8 8 0 11-16 0 8 8 0 0116 0zm-8-3a1 1 0 00-.867.5 1 1 0 11-1.731-1A3 3 0 0113 8a3.001 3.001 0 01-2 2.83V11a1 1 0 11-2 0v-1a1 1 0 011-1 1 1 0 100-2zm0 8a1 1 0 100-2 1 1 0 000 2z" clip-rule="evenodd" />
+            </svg>
+            未知
+        </span>
+        {% endif %}
+    </td>
+    <td class="px-6 py-4 whitespace-nowrap text-sm">
+        <!-- 健康度指示器 -->
+        <div class="flex items-center space-x-2">
+            {% if is_healthy %}
+            <div class="flex items-center">
+                <svg class="h-5 w-5 text-green-500" fill="currentColor" viewBox="0 0 20 20">
+                    <path fill-rule="evenodd" d="M10 18a8 8 0 100-16 8 8 0 000 16zm3.707-9.293a1 1 0 00-1.414-1.414L9 10.586 7.707 9.293a1 1 0 00-1.414 1.414l2 2a1 1 0 001.414 0l4-4z" clip-rule="evenodd" />
+                </svg>
+                <span class="ml-1 text-green-700 font-medium">健康</span>
+            </div>
+            {% elif token.token_type == 'guest' %}
+            <div class="flex items-center">
+                <svg class="h-5 w-5 text-yellow-500" fill="currentColor" viewBox="0 0 20 20">
+                    <path fill-rule="evenodd" d="M8.257 3.099c.765-1.36 2.722-1.36 3.486 0l5.58 9.92c.75 1.334-.213 2.98-1.742 2.98H4.42c-1.53 0-2.493-1.646-1.743-2.98l5.58-9.92zM11 13a1 1 0 11-2 0 1 1 0 012 0zm-1-8a1 1 0 00-1 1v3a1 1 0 002 0V6a1 1 0 00-1-1z" clip-rule="evenodd" />
+                </svg>
+                <span class="ml-1 text-yellow-700 font-medium">匿名</span>
+            </div>
+            {% elif not token.is_enabled %}
+            <div class="flex items-center">
+                <svg class="h-5 w-5 text-gray-500" fill="currentColor" viewBox="0 0 20 20">
+                    <path fill-rule="evenodd" d="M13.477 14.89A6 6 0 015.11 6.524l8.367 8.368zm1.414-1.414L6.524 5.11a6 6 0 018.367 8.367zM18 10a8 8 0 11-16 0 8 8 0 0116 0z" clip-rule="evenodd" />
+                </svg>
+                <span class="ml-1 text-gray-700 font-medium">已禁用</span>
+            </div>
+            {% else %}
+            <div class="flex items-center">
+                <svg class="h-5 w-5 text-red-500" fill="currentColor" viewBox="0 0 20 20">
+                    <path fill-rule="evenodd" d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.707 7.293a1 1 0 00-1.414 1.414L8.586 10l-1.293 1.293a1 1 0 101.414 1.414L10 11.414l1.293 1.293a1 1 0 001.414-1.414L11.414 10l1.293-1.293a1 1 0 00-1.414-1.414L10 8.586 8.707 7.293z" clip-rule="evenodd" />
+                </svg>
+                <span class="ml-1 text-red-700 font-medium">不健康</span>
+            </div>
+            {% endif %}
+        </div>
+    </td>
+    <td class="px-6 py-4 whitespace-nowrap text-sm">
+        <button hx-post="/admin/api/tokens/toggle/{{ token.id }}?enabled={{ 'false' if token.is_enabled else 'true' }}"
+                hx-swap="outerHTML"
+                class="inline-flex items-center px-2.5 py-0.5 text-xs font-semibold rounded-full transition-colors {{ 'bg-green-100 text-green-800 hover:bg-green-200' if token.is_enabled else 'bg-red-100 text-red-800 hover:bg-red-200' }}">
+            <span class="h-2 w-2 rounded-full mr-1.5 {{ 'bg-green-500' if token.is_enabled else 'bg-red-500' }}"></span>
+            {{ '已启用' if token.is_enabled else '已禁用' }}
+        </button>
+    </td>
+    <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
+        {% if token.total_requests %}
+        <div class="space-y-1">
+            <div class="flex items-center justify-between">
+                <span class="text-xs text-gray-600">成功:</span>
+                <span class="font-medium text-green-600">{{ token.successful_requests }}</span>
+            </div>
+            <div class="flex items-center justify-between">
+                <span class="text-xs text-gray-600">失败:</span>
+                <span class="font-medium text-red-600">{{ token.failed_requests }}</span>
+            </div>
+            <div class="flex items-center justify-between">
+                <span class="text-xs text-gray-600">成功率:</span>
+                <span class="font-medium {{ 'text-green-600' if success_rate >= 50 else 'text-red-600' }}">
+                    {{ "%.1f"|format(success_rate) }}%
+                </span>
+            </div>
+            <!-- 成功率进度条 -->
+            <div class="w-full bg-gray-200 rounded-full h-1.5 mt-1">
+                <div class="h-1.5 rounded-full transition-all {{ 'bg-green-500' if success_rate >= 50 else 'bg-red-500' }}"
+                     style="width: {{ success_rate }}%"></div>
+            </div>
+        </div>
+        {% else %}
+        <span class="text-gray-400 text-xs">未使用</span>
+        {% endif %}
+    </td>
+    <td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
+        <div class="flex flex-col space-y-1">
+            <span class="text-xs">{{ token.created_at[:10] if token.created_at else 'N/A' }}</span>
+            <span class="text-xs text-gray-400">{{ token.created_at[11:19] if token.created_at else '' }}</span>
+        </div>
+    </td>
+    <td class="px-6 py-4 whitespace-nowrap text-sm font-medium">
+        <div class="flex items-center space-x-3">
+            <!-- 验证按钮 -->
+            <button hx-post="/admin/api/tokens/validate-single/{{ token.id }}"
+                    hx-target="#token-row-{{ token.id }}"
+                    hx-swap="outerHTML"
+                    hx-indicator="#validate-spinner-{{ token.id }}"
+                    class="text-blue-600 hover:text-blue-900 transition-colors relative validate-token-btn"
+                    title="验证 Token"
+                    data-token-id="{{ token.id }}">
+                <svg class="h-4 w-4" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                    <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z" />
+                </svg>
+                <!-- 加载指示器 -->
+                <svg id="validate-spinner-{{ token.id }}" class="htmx-indicator absolute inset-0 h-4 w-4 animate-spin text-blue-600" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
+                    <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
+                    <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+                </svg>
+            </button>
+            <!-- 删除按钮 -->
+            <button hx-delete="/admin/api/tokens/delete/{{ token.id }}"
+                    hx-target="#token-row-{{ token.id }}"
+                    hx-swap="outerHTML swap:1s"
+                    hx-confirm="确定要删除这个 Token 吗？"
+                    class="text-red-600 hover:text-red-900 transition-colors"
+                    title="删除 Token">
+                <svg class="h-4 w-4" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                    <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M19 7l-.867 12.142A2 2 0 0116.138 21H7.862a2 2 0 01-1.995-1.858L5 7m5 4v6m4-6v6m1-10V4a1 1 0 00-1-1h-4a1 1 0 00-1 1v3M4 7h16" />
+                </svg>
+            </button>
+        </div>
+    </td>
+</tr>

app/templates/components/token_stats.html

@@ -0,0 +1,125 @@
+<!-- Token 统计面板 -->
+<div class="grid grid-cols-1 gap-5 sm:grid-cols-2 lg:grid-cols-4">
+    <!-- 总数 -->
+    <div class="bg-white overflow-hidden shadow rounded-lg">
+        <div class="p-5">
+            <div class="flex items-center">
+                <div class="flex-shrink-0">
+                    <svg class="h-6 w-6 text-gray-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M7 21a4 4 0 01-4-4V5a2 2 0 012-2h4a2 2 0 012 2v12a4 4 0 01-4 4zm0 0h12a2 2 0 002-2v-4a2 2 0 00-2-2h-2.343M11 7.343l1.657-1.657a2 2 0 012.828 0l2.829 2.829a2 2 0 010 2.828l-8.486 8.485M7 17h.01" />
+                    </svg>
+                </div>
+                <div class="ml-5 w-0 flex-1">
+                    <dl>
+                        <dt class="text-sm font-medium text-gray-500 truncate">Token 总数</dt>
+                        <dd class="text-2xl font-bold text-gray-900">{{ stats.total_tokens }}</dd>
+                    </dl>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <!-- 已启用 -->
+    <div class="bg-white overflow-hidden shadow rounded-lg">
+        <div class="p-5">
+            <div class="flex items-center">
+                <div class="flex-shrink-0">
+                    <svg class="h-6 w-6 text-green-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z" />
+                    </svg>
+                </div>
+                <div class="ml-5 w-0 flex-1">
+                    <dl>
+                        <dt class="text-sm font-medium text-gray-500 truncate">已启用</dt>
+                        <dd class="flex items-baseline">
+                            <div class="text-2xl font-bold text-green-600">{{ stats.enabled_tokens }}</div>
+                            {% if stats.total_tokens > 0 %}
+                            <div class="ml-2 flex items-baseline text-sm font-semibold text-green-600">
+                                {{ "%.0f"|format(stats.enabled_tokens / stats.total_tokens * 100) }}%
+                            </div>
+                            {% endif %}
+                        </dd>
+                    </dl>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <!-- 认证用户 -->
+    <div class="bg-white overflow-hidden shadow rounded-lg">
+        <div class="p-5">
+            <div class="flex items-center">
+                <div class="flex-shrink-0">
+                    <svg class="h-6 w-6 text-blue-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M16 7a4 4 0 11-8 0 4 4 0 018 0zM12 14a7 7 0 00-7 7h14a7 7 0 00-7-7z" />
+                    </svg>
+                </div>
+                <div class="ml-5 w-0 flex-1">
+                    <dl>
+                        <dt class="text-sm font-medium text-gray-500 truncate">认证用户</dt>
+                        <dd class="flex items-baseline">
+                            <div class="text-2xl font-bold text-blue-600">{{ stats.user_tokens }}</div>
+                            {% if stats.guest_tokens > 0 %}
+                            <div class="ml-2 flex items-baseline text-sm font-semibold text-yellow-600">
+                                <svg class="h-4 w-4 mr-0.5" fill="currentColor" viewBox="0 0 20 20">
+                                    <path fill-rule="evenodd" d="M8.257 3.099c.765-1.36 2.722-1.36 3.486 0l5.58 9.92c.75 1.334-.213 2.98-1.742 2.98H4.42c-1.53 0-2.493-1.646-1.743-2.98l5.58-9.92zM11 13a1 1 0 11-2 0 1 1 0 012 0zm-1-8a1 1 0 00-1 1v3a1 1 0 002 0V6a1 1 0 00-1-1z" clip-rule="evenodd" />
+                                </svg>
+                                {{ stats.guest_tokens }} 个匿名
+                            </div>
+                            {% endif %}
+                        </dd>
+                    </dl>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <!-- 成功率 -->
+    <div class="bg-white overflow-hidden shadow rounded-lg">
+        <div class="p-5">
+            <div class="flex items-center">
+                <div class="flex-shrink-0">
+                    {% if stats.total_requests > 0 %}
+                        {% set success_rate = (stats.successful_requests / stats.total_requests * 100) %}
+                        {% if success_rate >= 80 %}
+                        <svg class="h-6 w-6 text-green-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M13 7h8m0 0v8m0-8l-8 8-4-4-6 6" />
+                        </svg>
+                        {% elif success_rate >= 50 %}
+                        <svg class="h-6 w-6 text-yellow-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M13 7h8m0 0v8m0-8l-8 8-4-4-6 6" />
+                        </svg>
+                        {% else %}
+                        <svg class="h-6 w-6 text-red-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M13 17h8m0 0v-8m0 8l-8-8-4 4-6-6" />
+                        </svg>
+                        {% endif %}
+                    {% else %}
+                    <svg class="h-6 w-6 text-gray-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 19v-6a2 2 0 00-2-2H5a2 2 0 00-2 2v6a2 2 0 002 2h2a2 2 0 002-2zm0 0V9a2 2 0 012-2h2a2 2 0 012 2v10m-6 0a2 2 0 002 2h2a2 2 0 002-2m0 0V5a2 2 0 012-2h2a2 2 0 012 2v14a2 2 0 01-2 2h-2a2 2 0 01-2-2z" />
+                    </svg>
+                    {% endif %}
+                </div>
+                <div class="ml-5 w-0 flex-1">
+                    <dl>
+                        <dt class="text-sm font-medium text-gray-500 truncate">总成功率</dt>
+                        <dd>
+                            {% if stats.total_requests > 0 %}
+                                {% set success_rate = (stats.successful_requests / stats.total_requests * 100) %}
+                                <div class="text-2xl font-bold {{ 'text-green-600' if success_rate >= 80 else ('text-yellow-600' if success_rate >= 50 else 'text-red-600') }}">
+                                    {{ "%.1f"|format(success_rate) }}%
+                                </div>
+                                <div class="mt-1 text-xs text-gray-500">
+                                    {{ stats.successful_requests }} / {{ stats.total_requests }} 请求
+                                </div>
+                            {% else %}
+                                <div class="text-2xl font-bold text-gray-400">N/A</div>
+                                <div class="mt-1 text-xs text-gray-500">暂无请求</div>
+                            {% endif %}
+                        </dd>
+                    </dl>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

app/templates/config.html

@@ -0,0 +1,222 @@
+{% extends "base.html" %}
+
+{% block title %}配置管理{% endblock %}
+
+{% block content %}
+<div class="space-y-6" x-data="{
+    showAdvanced: false,
+    tokenCount: 1,
+    saveStatus: ''
+}">
+    <!-- 页面标题 -->
+    <div class="flex items-center justify-between">
+        <h2 class="text-3xl font-bold text-gray-900">配置管理</h2>
+        <button
+            @click="showAdvanced = !showAdvanced"
+            class="px-4 py-2 bg-gray-200 hover:bg-gray-300 rounded-md text-sm font-medium">
+            <span x-text="showAdvanced ? '隐藏高级选项' : '显示高级选项'"></span>
+        </button>
+    </div>
+
+    <!-- 基础配置 -->
+    <div class="bg-white shadow rounded-lg">
+        <div class="px-6 py-4 border-b border-gray-200">
+            <h3 class="text-lg font-medium text-gray-900">基础配置</h3>
+        </div>
+        <form hx-post="/admin/api/config/save"
+              hx-target="#save-notification"
+              hx-swap="innerHTML"
+              class="p-6 space-y-6">
+
+            <!-- 服务名称 -->
+            <div>
+                <label class="block text-sm font-medium text-gray-700">服务名称</label>
+                <input type="text"
+                       name="service_name"
+                       value="{{ config.SERVICE_NAME or 'Z.AI2API' }}"
+                       class="mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 sm:text-sm">
+                <p class="mt-1 text-sm text-gray-500">显示在进程列表中的服务名称</p>
+            </div>
+
+            <!-- 监听端口 -->
+            <div>
+                <label class="block text-sm font-medium text-gray-700">监听端口</label>
+                <input type="number"
+                       name="listen_port"
+                       value="{{ config.LISTEN_PORT or 8000 }}"
+                       class="mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 sm:text-sm">
+                <p class="mt-1 text-sm text-gray-500">服务监听的端口号</p>
+            </div>
+
+            <!-- 调试模式 -->
+            <div class="flex items-center">
+                <input type="checkbox"
+                       name="debug_logging"
+                       {{ 'checked' if config.DEBUG_LOGGING else '' }}
+                       class="h-4 w-4 rounded border-gray-300 text-indigo-600 focus:ring-indigo-500">
+                <label class="ml-2 block text-sm text-gray-900">启用调试日志</label>
+            </div>
+
+            <!-- 匿名模式 -->
+            <div class="flex items-center">
+                <input type="checkbox"
+                       name="anonymous_mode"
+                       {{ 'checked' if config.ANONYMOUS_MODE else '' }}
+                       class="h-4 w-4 rounded border-gray-300 text-indigo-600 focus:ring-indigo-500">
+                <label class="ml-2 block text-sm text-gray-900">启用匿名模式（自动获取临时 Token）</label>
+            </div>
+
+            <!-- 认证配置 -->
+            <div>
+                <label class="block text-sm font-medium text-gray-700">客户端认证密钥</label>
+                <input type="text"
+                       name="auth_token"
+                       value="{{ config.AUTH_TOKEN or 'sk-your-api-key' }}"
+                       class="mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 sm:text-sm">
+                <p class="mt-1 text-sm text-gray-500">客户端访问本服务时使用的 API 密钥</p>
+            </div>
+
+            <!-- 跳过认证 -->
+            <div class="flex items-center">
+                <input type="checkbox"
+                       name="skip_auth_token"
+                       {{ 'checked' if config.SKIP_AUTH_TOKEN else '' }}
+                       class="h-4 w-4 rounded border-gray-300 text-indigo-600 focus:ring-indigo-500">
+                <label class="ml-2 block text-sm text-gray-900">跳过客户端认证（仅开发环境）</label>
+            </div>
+
+            <!-- 工具调用支持 -->
+            <div class="flex items-center">
+                <input type="checkbox"
+                       name="tool_support"
+                       {{ 'checked' if config.TOOL_SUPPORT else '' }}
+                       class="h-4 w-4 rounded border-gray-300 text-indigo-600 focus:ring-indigo-500">
+                <label class="ml-2 block text-sm text-gray-900">启用 Function Call（工具调用）功能</label>
+            </div>
+
+            <!-- 高级选项 -->
+            <div x-show="showAdvanced" x-transition class="border-t pt-6 space-y-6">
+                <h4 class="text-md font-medium text-gray-900">高级选项</h4>
+
+                <!-- Token 失败阈值 -->
+                <div>
+                    <label class="block text-sm font-medium text-gray-700">Token 失败阈值</label>
+                    <input type="number"
+                           name="token_failure_threshold"
+                           value="{{ config.TOKEN_FAILURE_THRESHOLD or 3 }}"
+                           class="mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 sm:text-sm">
+                    <p class="mt-1 text-sm text-gray-500">连续失败多少次后标记 Token 为失败状态</p>
+                </div>
+
+                <!-- Token 恢复超时 -->
+                <div>
+                    <label class="block text-sm font-medium text-gray-700">Token 恢复超时（秒）</label>
+                    <input type="number"
+                           name="token_recovery_timeout"
+                           value="{{ config.TOKEN_RECOVERY_TIMEOUT or 1800 }}"
+                           class="mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 sm:text-sm">
+                    <p class="mt-1 text-sm text-gray-500">Token 失败后多久自动恢复（默认 1800 秒 / 30 分钟）</p>
+                </div>
+
+                <!-- 工具调用扫描限制 -->
+                <div>
+                    <label class="block text-sm font-medium text-gray-700">工具调用扫描限制（字符数）</label>
+                    <input type="number"
+                           name="scan_limit"
+                           value="{{ config.SCAN_LIMIT or 200000 }}"
+                           class="mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 sm:text-sm">
+                    <p class="mt-1 text-sm text-gray-500">Function Call 功能扫描的最大字符数</p>
+                </div>
+
+                <!-- LongCat Token -->
+                <div>
+                    <label class="block text-sm font-medium text-gray-700">LongCat Passport Token</label>
+                    <input type="text"
+                           name="longcat_token"
+                           value="{{ config.LONGCAT_TOKEN or '' }}"
+                           placeholder="可选，用于 LongCat 提供商"
+                           class="mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 sm:text-sm">
+                    <p class="mt-1 text-sm text-gray-500">LongCat 提供商的 passport token（可选）</p>
+                </div>
+
+                <!-- 默认提供商 -->
+                <div>
+                    <label class="block text-sm font-medium text-gray-700">默认提供商</label>
+                    <select name="default_provider"
+                            class="mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 sm:text-sm">
+                        <option value="zai" {{ 'selected' if config.DEFAULT_PROVIDER == 'zai' else '' }}>Z.AI</option>
+                        <option value="k2think" {{ 'selected' if config.DEFAULT_PROVIDER == 'k2think' else '' }}>K2Think</option>
+                        <option value="longcat" {{ 'selected' if config.DEFAULT_PROVIDER == 'longcat' else '' }}>LongCat</option>
+                    </select>
+                </div>
+            </div>
+
+            <!-- 保存按钮 -->
+            <div class="flex items-center justify-between pt-6 border-t">
+                <div id="save-notification" class="flex-1"></div>
+                <div class="flex space-x-3">
+                    <button type="button"
+                            hx-get="/admin/config/reset"
+                            hx-confirm="确定要重置所有配置吗？"
+                            class="px-4 py-2 border border-gray-300 rounded-md shadow-sm text-sm font-medium text-gray-700 bg-white hover:bg-gray-50">
+                        重置
+                    </button>
+                    <button type="submit"
+                            class="px-4 py-2 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-indigo-600 hover:bg-indigo-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-indigo-500">
+                        💾 保存并重载
+                    </button>
+                </div>
+            </div>
+
+            <!-- 配置说明 -->
+            <div class="mt-4 bg-blue-50 border-l-4 border-blue-400 p-4">
+                <div class="flex">
+                    <div class="flex-shrink-0">
+                        <svg class="h-5 w-5 text-blue-400" viewBox="0 0 20 20" fill="currentColor">
+                            <path fill-rule="evenodd" d="M18 10a8 8 0 11-16 0 8 8 0 0116 0zm-7-4a1 1 0 11-2 0 1 1 0 012 0zM9 9a1 1 0 000 2v3a1 1 0 001 1h1a1 1 0 100-2v-3a1 1 0 00-1-1H9z" clip-rule="evenodd" />
+                        </svg>
+                    </div>
+                    <div class="ml-3">
+                        <p class="text-sm text-blue-700">
+                            <strong>提示：</strong>配置保存后会自动热重载，大部分配置无需重启服务即可生效。<br>
+                            仅 <code class="bg-blue-100 px-1 py-0.5 rounded">监听端口</code> 和 <code class="bg-blue-100 px-1 py-0.5 rounded">服务名称</code> 需要手动重启服务。
+                        </p>
+                    </div>
+                </div>
+            </div>
+        </form>
+    </div>
+
+    <!-- 配置文件预览 -->
+    <div class="bg-white shadow rounded-lg">
+        <div class="px-6 py-4 border-b border-gray-200 flex items-center justify-between">
+            <h3 class="text-lg font-medium text-gray-900">.env 文件预览</h3>
+            <button
+                hx-get="/admin/api/env-preview"
+                hx-target="#env-preview"
+                class="text-sm text-indigo-600 hover:text-indigo-700">
+                刷新
+            </button>
+        </div>
+        <div class="p-6">
+            <div id="env-preview" class="bg-gray-50 rounded-md p-4 font-mono text-sm overflow-x-auto">
+                <pre>{{ env_content or '加载中...' }}</pre>
+            </div>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
+{% block extra_scripts %}
+<script>
+    // 配置保存成功后的处理
+    document.body.addEventListener('htmx:afterSwap', function(evt) {
+        if (evt.detail.target.id === 'save-notification') {
+            // 3秒后自动隐藏通知
+            setTimeout(() => {
+                evt.detail.target.innerHTML = '';
+            }, 3000);
+        }
+    });
+</script>
+{% endblock %}

app/templates/index.html

@@ -0,0 +1,174 @@
+{% extends "base.html" %}
+
+{% block title %}仪表盘{% endblock %}
+
+{% block content %}
+<div class="space-y-6">
+    <!-- 页面标题 -->
+    <div class="flex items-center justify-between">
+        <h2 class="text-3xl font-bold text-gray-900">仪表盘</h2>
+        <div class="text-sm text-gray-500">
+            最后更新: <span id="last-update">{{ current_time }}</span>
+        </div>
+    </div>
+
+    <!-- 统计卡片 -->
+    <div class="grid grid-cols-1 gap-6 sm:grid-cols-2 lg:grid-cols-4">
+        <!-- 运行时间 -->
+        <div class="bg-white overflow-hidden shadow rounded-lg">
+            <div class="p-5">
+                <div class="flex items-center">
+                    <div class="flex-shrink-0">
+                        <svg class="h-6 w-6 text-indigo-600" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 8v4l3 3m6-3a9 9 0 11-18 0 9 9 0 0118 0z" />
+                        </svg>
+                    </div>
+                    <div class="ml-5 w-0 flex-1">
+                        <dl>
+                            <dt class="text-sm font-medium text-gray-500 truncate">运行时间</dt>
+                            <dd class="text-2xl font-semibold text-gray-900">{{ stats.uptime }}</dd>
+                        </dl>
+                    </div>
+                </div>
+            </div>
+        </div>
+
+        <!-- 总请求数 -->
+        <div class="bg-white overflow-hidden shadow rounded-lg">
+            <div class="p-5">
+                <div class="flex items-center">
+                    <div class="flex-shrink-0">
+                        <svg class="h-6 w-6 text-green-600" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z" />
+                        </svg>
+                    </div>
+                    <div class="ml-5 w-0 flex-1">
+                        <dl>
+                            <dt class="text-sm font-medium text-gray-500 truncate">总请求数</dt>
+                            <dd class="text-2xl font-semibold text-gray-900">{{ stats.total_requests }}</dd>
+                        </dl>
+                    </div>
+                </div>
+            </div>
+        </div>
+
+        <!-- 成功率 -->
+        <div class="bg-white overflow-hidden shadow rounded-lg">
+            <div class="p-5">
+                <div class="flex items-center">
+                    <div class="flex-shrink-0">
+                        <svg class="h-6 w-6 text-blue-600" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M13 7h8m0 0v8m0-8l-8 8-4-4-6 6" />
+                        </svg>
+                    </div>
+                    <div class="ml-5 w-0 flex-1">
+                        <dl>
+                            <dt class="text-sm font-medium text-gray-500 truncate">成功率</dt>
+                            <dd class="text-2xl font-semibold text-gray-900">{{ stats.success_rate }}%</dd>
+                        </dl>
+                    </div>
+                </div>
+            </div>
+        </div>
+
+        <!-- Token 池状态 -->
+        <div class="bg-white overflow-hidden shadow rounded-lg">
+            <div class="p-5">
+                <div class="flex items-center">
+                    <div class="flex-shrink-0">
+                        {% if stats.healthy_tokens >= stats.total_tokens * 0.8 %}
+                        <svg class="h-6 w-6 text-green-600" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z" />
+                        </svg>
+                        {% elif stats.healthy_tokens >= stats.total_tokens * 0.5 %}
+                        <svg class="h-6 w-6 text-yellow-600" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 9v2m0 4h.01m-6.938 4h13.856c1.54 0 2.502-1.667 1.732-3L13.732 4c-.77-1.333-2.694-1.333-3.464 0L3.34 16c-.77 1.333.192 3 1.732 3z" />
+                        </svg>
+                        {% else %}
+                        <svg class="h-6 w-6 text-red-600" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                            <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 8v4m0 4h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z" />
+                        </svg>
+                        {% endif %}
+                    </div>
+                    <div class="ml-5 w-0 flex-1">
+                        <dl>
+                            <dt class="text-sm font-medium text-gray-500 truncate">Token 池健康度</dt>
+                            <dd class="flex items-baseline">
+                                <span class="text-2xl font-semibold text-gray-900">{{ stats.healthy_tokens }}/{{ stats.total_tokens }}</span>
+                                {% if stats.guest_tokens > 0 %}
+                                <span class="ml-2 text-sm font-medium text-yellow-600">({{ stats.guest_tokens }} 个匿名)</span>
+                                {% endif %}
+                            </dd>
+                            <dd class="mt-1 text-xs text-gray-500">可用: {{ stats.available_tokens }} | 认证: {{ stats.user_tokens }}</dd>
+                        </dl>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <!-- Token 池详情 -->
+    <div class="bg-white shadow rounded-lg">
+        <div class="px-6 py-4 border-b border-gray-200">
+            <h3 class="text-lg font-medium text-gray-900">Token 池状态</h3>
+        </div>
+        <div class="p-6">
+            <div
+                id="token-pool-status"
+                hx-get="/admin/api/token-pool"
+                hx-trigger="load, every 5s"
+                hx-swap="innerHTML">
+                <!-- Token 池状态将通过 htmx 加载 -->
+                <div class="flex justify-center items-center py-12">
+                    <svg class="animate-spin h-8 w-8 text-indigo-600" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
+                        <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
+                        <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+                    </svg>
+                    <span class="ml-3 text-gray-500">加载中...</span>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <!-- 最近请求日志 -->
+    <div class="bg-white shadow rounded-lg">
+        <div class="px-6 py-4 border-b border-gray-200 flex items-center justify-between">
+            <h3 class="text-lg font-medium text-gray-900">最近请求日志</h3>
+            <div class="flex items-center space-x-2" x-data="{ autoRefresh: true }">
+                <label class="flex items-center cursor-pointer">
+                    <input type="checkbox" x-model="autoRefresh" class="form-checkbox h-4 w-4 text-indigo-600">
+                    <span class="ml-2 text-sm text-gray-600">自动刷新</span>
+                </label>
+            </div>
+        </div>
+        <div class="p-6">
+            <div
+                id="recent-logs"
+                hx-get="/admin/api/recent-logs"
+                hx-trigger="load, every 3s"
+                hx-swap="innerHTML">
+                <!-- 日志内容将通过 htmx 加载 -->
+                <div class="flex justify-center items-center py-12">
+                    <svg class="animate-spin h-8 w-8 text-indigo-600" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
+                        <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
+                        <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+                    </svg>
+                    <span class="ml-3 text-gray-500">加载中...</span>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
+{% block extra_scripts %}
+<script>
+    // 更新时间显示
+    function updateTime() {
+        const now = new Date();
+        document.getElementById('last-update').textContent = now.toLocaleString('zh-CN');
+    }
+    updateTime();
+    setInterval(updateTime, 1000);
+</script>
+{% endblock %}

app/templates/login.html

@@ -0,0 +1,143 @@
+<!DOCTYPE html>
+<html lang="zh-CN" class="h-full bg-gray-50">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>登录 - Z.AI2API 管理后台</title>
+
+    <!-- Tailwind CSS (CDN) -->
+    <script src="https://cdn.tailwindcss.com"></script>
+
+    <!-- Alpine.js (CDN) -->
+    <script defer src="https://cdn.jsdelivr.net/npm/[email protected]/dist/cdn.min.js"></script>
+
+    <style>
+        .gradient-bg {
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+        }
+    </style>
+</head>
+<body class="h-full">
+    <div class="min-h-full flex items-center justify-center py-12 px-4 sm:px-6 lg:px-8">
+        <div class="max-w-md w-full space-y-8">
+            <!-- Logo 和标题 -->
+            <div>
+                <div class="mx-auto h-16 w-16 flex items-center justify-center rounded-full gradient-bg">
+                    <svg class="h-10 w-10 text-white" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 15v2m-6 4h12a2 2 0 002-2v-6a2 2 0 00-2-2H6a2 2 0 00-2 2v6a2 2 0 002 2zm10-10V7a4 4 0 00-8 0v4h8z" />
+                    </svg>
+                </div>
+                <h2 class="mt-6 text-center text-3xl font-extrabold text-gray-900">
+                    Z.AI2API 管理后台
+                </h2>
+                <p class="mt-2 text-center text-sm text-gray-600">
+                    请输入管理密码以继续
+                </p>
+            </div>
+
+            <!-- 登录表单 -->
+            <div class="mt-8 space-y-6"
+                 x-data="{
+                     password: '',
+                     loading: false,
+                     error: '',
+                     async login() {
+                         if (!this.password) {
+                             this.error = '请输入密码';
+                             return;
+                         }
+
+                         this.loading = true;
+                         this.error = '';
+
+                         try {
+                             const response = await fetch('/admin/api/login', {
+                                 method: 'POST',
+                                 headers: {
+                                     'Content-Type': 'application/json',
+                                 },
+                                 body: JSON.stringify({ password: this.password })
+                             });
+
+                             const data = await response.json();
+
+                             if (response.ok && data.success) {
+                                 window.location.href = '/admin';
+                             } else {
+                                 this.error = data.message || '密码错误，请重试';
+                             }
+                         } catch (err) {
+                             this.error = '登录失败，请稍后重试';
+                         } finally {
+                             this.loading = false;
+                         }
+                     }
+                 }">
+
+                <!-- 错误提示 -->
+                <div x-show="error"
+                     x-transition
+                     class="bg-red-50 border-l-4 border-red-400 p-4">
+                    <div class="flex">
+                        <div class="flex-shrink-0">
+                            <svg class="h-5 w-5 text-red-400" viewBox="0 0 20 20" fill="currentColor">
+                                <path fill-rule="evenodd" d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.707 7.293a1 1 0 00-1.414 1.414L8.586 10l-1.293 1.293a1 1 0 101.414 1.414L10 11.414l1.293 1.293a1 1 0 001.414-1.414L11.414 10l1.293-1.293a1 1 0 00-1.414-1.414L10 8.586 8.707 7.293z" clip-rule="evenodd" />
+                            </svg>
+                        </div>
+                        <div class="ml-3">
+                            <p class="text-sm text-red-700" x-text="error"></p>
+                        </div>
+                    </div>
+                </div>
+
+                <!-- 登录表单 -->
+                <form @submit.prevent="login" class="mt-8 space-y-6">
+                    <div class="rounded-md shadow-sm -space-y-px">
+                        <div>
+                            <label for="password" class="sr-only">密码</label>
+                            <input
+                                id="password"
+                                name="password"
+                                type="password"
+                                autocomplete="current-password"
+                                required
+                                x-model="password"
+                                class="appearance-none rounded-md relative block w-full px-3 py-3 border border-gray-300 placeholder-gray-500 text-gray-900 focus:outline-none focus:ring-indigo-500 focus:border-indigo-500 focus:z-10 sm:text-sm"
+                                placeholder="请输入管理密码"
+                                @keydown.enter="login">
+                        </div>
+                    </div>
+
+                    <div>
+                        <button
+                            type="submit"
+                            :disabled="loading"
+                            class="group relative w-full flex justify-center py-3 px-4 border border-transparent text-sm font-medium rounded-md text-white bg-indigo-600 hover:bg-indigo-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-indigo-500 disabled:opacity-50 disabled:cursor-not-allowed transition-colors">
+                            <span class="absolute left-0 inset-y-0 flex items-center pl-3">
+                                <svg class="h-5 w-5 text-indigo-500 group-hover:text-indigo-400" viewBox="0 0 20 20" fill="currentColor" aria-hidden="true">
+                                    <path fill-rule="evenodd" d="M10 1a4.5 4.5 0 00-4.5 4.5V9H5a2 2 0 00-2 2v6a2 2 0 002 2h10a2 2 0 002-2v-6a2 2 0 00-2-2h-.5V5.5A4.5 4.5 0 0010 1zm3 8V5.5a3 3 0 10-6 0V9h6z" clip-rule="evenodd" />
+                                </svg>
+                            </span>
+                            <span x-show="!loading">登录</span>
+                            <span x-show="loading" class="flex items-center">
+                                <svg class="animate-spin -ml-1 mr-3 h-5 w-5 text-white" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
+                                    <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
+                                    <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+                                </svg>
+                                登录中...
+                            </span>
+                        </button>
+                    </div>
+                </form>
+
+                <!-- 提示信息 -->
+                <div class="text-center">
+                    <p class="text-xs text-gray-500">
+                        默认密码：admin123（请在 .env 中修改 ADMIN_PASSWORD）
+                    </p>
+                </div>
+            </div>
+        </div>
+    </div>
+</body>
+</html>

app/templates/monitor.html

@@ -0,0 +1,83 @@
+{% extends "base.html" %}
+
+{% block title %}服务监控{% endblock %}
+
+{% block content %}
+<div class="space-y-6">
+    <!-- 页面标题 -->
+    <div class="flex items-center justify-between">
+        <h2 class="text-3xl font-bold text-gray-900">服务监控</h2>
+        <div class="flex items-center space-x-4">
+            <!-- 手动刷新按钮 -->
+            <button
+                onclick="window.location.reload()"
+                class="px-4 py-2 bg-indigo-600 text-white rounded-lg hover:bg-indigo-700 transition-colors">
+                刷新页面
+            </button>
+        </div>
+    </div>
+
+    <!-- 提供商状态详情 -->
+    <div class="bg-white shadow rounded-lg">
+        <div class="px-6 py-4 border-b border-gray-200">
+            <h3 class="text-lg font-medium text-gray-900">提供商状态详情</h3>
+        </div>
+        <div
+            id="provider-status"
+            hx-get="/admin/api/provider-status"
+            hx-trigger="load, every 5s"
+            hx-swap="innerHTML"
+            class="p-6">
+            <!-- 加载中状态 -->
+            <div class="flex justify-center items-center py-8">
+                <svg class="animate-spin h-8 w-8 text-indigo-600" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
+                    <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
+                    <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+                </svg>
+            </div>
+        </div>
+    </div>
+
+    <!-- 实时日志流 -->
+    <div class="bg-white shadow rounded-lg">
+        <div class="px-6 py-4 border-b border-gray-200 flex items-center justify-between">
+            <h3 class="text-lg font-medium text-gray-900">实时日志</h3>
+            <div class="flex space-x-2">
+                <button
+                    onclick="document.getElementById('live-logs').innerHTML = '<div class=\'text-center text-gray-500 py-4\'>日志已清空</div>'"
+                    class="px-3 py-1 text-sm bg-gray-200 hover:bg-gray-300 rounded-md transition-colors">
+                    清空
+                </button>
+            </div>
+        </div>
+        <div class="p-6">
+            <div
+                id="live-logs"
+                hx-get="/admin/api/live-logs"
+                hx-trigger="load, every 3s"
+                hx-swap="innerHTML scroll:bottom"
+                class="bg-gray-900 text-gray-100 p-4 rounded-md font-mono text-sm overflow-y-auto"
+                style="max-height: 500px;">
+                <!-- 日志内容 -->
+                <div class="flex justify-center items-center py-8">
+                    <span class="text-gray-500">加载中...</span>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
+{% block extra_scripts %}
+<script>
+    // 自动滚动到日志底部（显示最新日志）
+    const logsContainer = document.getElementById('live-logs');
+
+    // 监听 htmx 更新事件
+    document.body.addEventListener('htmx:afterSwap', function(event) {
+        if (event.detail.target.id === 'live-logs') {
+            logsContainer.scrollTop = logsContainer.scrollHeight;
+        }
+    });
+</script>
+{% endblock %}

app/templates/tokens.html

@@ -0,0 +1,391 @@
+{% extends "base.html" %}
+
+{% block title %}Token 管理{% endblock %}
+
+{% block content %}
+<div class="space-y-6" x-data="{
+    provider: 'zai',
+    showAddModal: false,
+    showValidateModal: false,
+    newToken: '',
+    bulkTokens: '',
+    isValidating: false,
+    init() {
+        // 从 URL 参数读取 provider
+        const urlParams = new URLSearchParams(window.location.search);
+        const providerParam = urlParams.get('provider');
+        if (providerParam && ['zai', 'k2think', 'longcat'].includes(providerParam.toLowerCase())) {
+            this.provider = providerParam.toLowerCase();
+        }
+
+        // 监听 provider 变化并触发刷新
+        this.$watch('provider', (newValue, oldValue) => {
+            if (newValue !== oldValue) {
+                console.log('Provider changed to:', newValue);
+                htmx.trigger('#token-list', 'providerChange');
+                htmx.trigger('#token-stats', 'providerChange');
+            }
+        });
+    }
+}">
+    <!-- 页面标题 -->
+    <div class="flex items-center justify-between">
+        <div>
+            <h2 class="text-3xl font-bold text-gray-900">Token 管理</h2>
+            <p class="mt-1 text-sm text-gray-600">管理和监控 AI 提供商的 Token</p>
+        </div>
+        <div class="flex space-x-3">
+            <button @click="showValidateModal = true"
+                    class="px-4 py-2 bg-blue-600 text-white rounded-md text-sm font-medium hover:bg-blue-700 flex items-center">
+                <svg class="h-5 w-5 mr-1" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                    <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z" />
+                </svg>
+                批量验证
+            </button>
+            <button @click="showAddModal = true"
+                    class="px-4 py-2 bg-indigo-600 text-white rounded-md text-sm font-medium hover:bg-indigo-700 flex items-center">
+                <svg class="h-5 w-5 mr-1" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                    <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 4v16m8-8H4" />
+                </svg>
+                添加 Token
+            </button>
+        </div>
+    </div>
+
+    <!-- 统计面板 -->
+    <div id="token-stats"
+         hx-get="/admin/api/tokens/stats"
+         :hx-vals="JSON.stringify({provider: provider})"
+         hx-trigger="load, providerChange from:body, statsRefresh from:body"
+         hx-swap="innerHTML">
+        <!-- 加载中 -->
+        <div class="grid grid-cols-1 gap-5 sm:grid-cols-2 lg:grid-cols-4">
+            <div class="bg-white overflow-hidden shadow rounded-lg animate-pulse">
+                <div class="p-5">
+                    <div class="h-4 bg-gray-200 rounded w-1/2 mb-2"></div>
+                    <div class="h-8 bg-gray-200 rounded w-1/3"></div>
+                </div>
+            </div>
+            <div class="bg-white overflow-hidden shadow rounded-lg animate-pulse">
+                <div class="p-5">
+                    <div class="h-4 bg-gray-200 rounded w-1/2 mb-2"></div>
+                    <div class="h-8 bg-gray-200 rounded w-1/3"></div>
+                </div>
+            </div>
+            <div class="bg-white overflow-hidden shadow rounded-lg animate-pulse">
+                <div class="p-5">
+                    <div class="h-4 bg-gray-200 rounded w-1/2 mb-2"></div>
+                    <div class="h-8 bg-gray-200 rounded w-1/3"></div>
+                </div>
+            </div>
+            <div class="bg-white overflow-hidden shadow rounded-lg animate-pulse">
+                <div class="p-5">
+                    <div class="h-4 bg-gray-200 rounded w-1/2 mb-2"></div>
+                    <div class="h-8 bg-gray-200 rounded w-1/3"></div>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <!-- 提供商切换和操作栏 -->
+    <div class="bg-white shadow rounded-lg p-4">
+        <div class="flex items-center justify-between flex-wrap gap-4">
+            <!-- 提供商切换 -->
+            <div class="flex space-x-2">
+                <button @click="provider = 'zai'"
+                        :class="provider === 'zai' ? 'bg-indigo-600 text-white' : 'bg-gray-200 text-gray-700'"
+                        class="px-4 py-2 rounded-md text-sm font-medium transition-colors">
+                    Z.AI
+                </button>
+                <button @click="provider = 'k2think'"
+                        :class="provider === 'k2think' ? 'bg-indigo-600 text-white' : 'bg-gray-200 text-gray-700'"
+                        class="px-4 py-2 rounded-md text-sm font-medium transition-colors">
+                    K2Think
+                </button>
+                <button @click="provider = 'longcat'"
+                        :class="provider === 'longcat' ? 'bg-indigo-600 text-white' : 'bg-gray-200 text-gray-700'"
+                        class="px-4 py-2 rounded-md text-sm font-medium transition-colors">
+                    LongCat
+                </button>
+            </div>
+
+            <!-- 刷新按钮 -->
+            <button hx-get="/admin/api/tokens/list"
+                    :hx-vals="JSON.stringify({provider: provider})"
+                    hx-target="#token-list"
+                    class="flex items-center px-3 py-2 text-gray-600 hover:text-indigo-600 hover:bg-gray-50 rounded-md transition-colors"
+                    title="刷新列表">
+                <svg class="h-5 w-5 mr-1" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                    <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M4 4v5h.582m15.356 2A8.001 8.001 0 004.582 9m0 0H9m11 11v-5h-.581m0 0a8.003 8.003 0 01-15.357-2m15.357 2H15" />
+                </svg>
+                <span class="text-sm font-medium">刷新</span>
+            </button>
+        </div>
+    </div>
+
+    <!-- Token 列表 -->
+    <div class="bg-white shadow rounded-lg">
+        <div class="px-6 py-4 border-b border-gray-200 flex items-center justify-between">
+            <h3 class="text-lg font-medium text-gray-900 flex items-center">
+                <span x-text="provider.toUpperCase()"></span> Token 列表
+                <span class="ml-2 text-sm font-normal text-gray-500" id="token-count"></span>
+            </h3>
+            <div class="flex items-center space-x-2">
+                <button hx-post="/admin/api/tokens/sync-pool"
+                        :hx-vals="JSON.stringify({provider: provider})"
+                        hx-target="#notification"
+                        class="text-sm text-purple-600 hover:text-purple-700 flex items-center">
+                    <svg class="h-4 w-4 mr-1" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M4 4v5h.582m15.356 2A8.001 8.001 0 004.582 9m0 0H9m11 11v-5h-.581m0 0a8.003 8.003 0 01-15.357-2m15.357 2H15" />
+                    </svg>
+                    同步 Token 池
+                </button>
+                <button hx-post="/admin/api/tokens/health-check"
+                        :hx-vals="JSON.stringify({provider: provider})"
+                        hx-target="#notification"
+                        class="text-sm text-blue-600 hover:text-blue-700 flex items-center">
+                    <svg class="h-4 w-4 mr-1" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z" />
+                    </svg>
+                    健康检查
+                </button>
+            </div>
+        </div>
+        <div id="token-list"
+             hx-get="/admin/api/tokens/list"
+             :hx-vals="JSON.stringify({provider: provider})"
+             hx-trigger="load, providerChange from:body"
+             hx-swap="innerHTML">
+            <!-- Token 列表内容 -->
+            <div class="flex justify-center items-center py-12">
+                <svg class="animate-spin h-8 w-8 text-indigo-600" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
+                    <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
+                    <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+                </svg>
+            </div>
+        </div>
+    </div>
+
+    <!-- 添加 Token 弹窗 -->
+    <div x-show="showAddModal"
+         x-transition:enter="transition ease-out duration-300"
+         x-transition:enter-start="opacity-0"
+         x-transition:enter-end="opacity-100"
+         class="fixed inset-0 bg-gray-600 bg-opacity-50 overflow-y-auto h-full w-full z-50"
+         @click.self="showAddModal = false"
+         style="display: none;">
+        <div class="relative top-20 mx-auto p-5 border w-full max-w-2xl shadow-lg rounded-md bg-white">
+            <div class="flex items-center justify-between pb-3 border-b">
+                <h3 class="text-lg font-medium">添加 Token</h3>
+                <button @click="showAddModal = false" class="text-gray-400 hover:text-gray-600">
+                    <svg class="h-6 w-6" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M6 18L18 6M6 6l12 12" />
+                    </svg>
+                </button>
+            </div>
+
+            <div class="mt-4 space-y-4">
+                <!-- 提示信息 -->
+                <div class="bg-blue-50 border-l-4 border-blue-400 p-4">
+                    <div class="flex">
+                        <div class="flex-shrink-0">
+                            <svg class="h-5 w-5 text-blue-400" fill="currentColor" viewBox="0 0 20 20">
+                                <path fill-rule="evenodd" d="M18 10a8 8 0 11-16 0 8 8 0 0116 0zm-7-4a1 1 0 11-2 0 1 1 0 012 0zM9 9a1 1 0 000 2v3a1 1 0 001 1h1a1 1 0 100-2v-3a1 1 0 00-1-1H9z" clip-rule="evenodd" />
+                            </svg>
+                        </div>
+                        <div class="ml-3">
+                            <p class="text-sm text-blue-700">
+                                <strong>Z.AI Token 验证：</strong>添加时将自动验证 Token 有效性，
+                                <span class="font-semibold">匿名用户 Token (guest) 将被拒绝</span>。
+                            </p>
+                        </div>
+                    </div>
+                </div>
+
+                <!-- 单个 Token -->
+                <div>
+                    <label class="block text-sm font-medium text-gray-700">单个 Token</label>
+                    <input type="text"
+                           x-model="newToken"
+                           placeholder="输入 Token（以 eyJ 开头的 JWT）"
+                           class="mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 sm:text-sm">
+                </div>
+
+                <!-- 批量导入 -->
+                <div>
+                    <label class="block text-sm font-medium text-gray-700">批量导入（每行一个）</label>
+                    <textarea x-model="bulkTokens"
+                              rows="6"
+                              placeholder="每行一个 Token，支持逗号分隔&#10;eyJhbGc...&#10;eyJhbGc...&#10;或: token1, token2, token3"
+                              class="mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 sm:text-sm font-mono text-xs"></textarea>
+                    <p class="mt-1 text-sm text-gray-500">支持格式：每行一个 Token，或使用逗号分隔</p>
+                </div>
+
+                <!-- 提交按钮 -->
+                <div class="flex justify-end space-x-3 pt-4 border-t">
+                    <button @click="showAddModal = false"
+                            class="px-4 py-2 border border-gray-300 rounded-md text-sm font-medium text-gray-700 bg-white hover:bg-gray-50">
+                        取消
+                    </button>
+                    <button hx-post="/admin/api/tokens/add"
+                            :hx-vals="JSON.stringify({
+                                provider: provider,
+                                single_token: newToken,
+                                bulk_tokens: bulkTokens
+                            })"
+                            hx-target="#notification"
+                            @htmx:after-request="showAddModal = false; newToken = ''; bulkTokens = ''; htmx.trigger('#token-list', 'providerChange'); htmx.trigger('body', 'statsRefresh')"
+                            class="px-4 py-2 bg-indigo-600 text-white rounded-md text-sm font-medium hover:bg-indigo-700">
+                        添加
+                    </button>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <!-- 批量验证弹窗 -->
+    <div x-show="showValidateModal"
+         x-transition:enter="transition ease-out duration-300"
+         x-transition:enter-start="opacity-0"
+         x-transition:enter-end="opacity-100"
+         class="fixed inset-0 bg-gray-600 bg-opacity-50 overflow-y-auto h-full w-full z-50"
+         @click.self="showValidateModal = false"
+         style="display: none;">
+        <div class="relative top-20 mx-auto p-5 border w-full max-w-lg shadow-lg rounded-md bg-white">
+            <div class="flex items-center justify-between pb-3 border-b">
+                <h3 class="text-lg font-medium">批量验证 Token</h3>
+                <button @click="showValidateModal = false" class="text-gray-400 hover:text-gray-600">
+                    <svg class="h-6 w-6" fill="none" viewBox="0 0 24 24" stroke="currentColor">
+                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M6 18L18 6M6 6l12 12" />
+                    </svg>
+                </button>
+            </div>
+
+            <div class="mt-4 space-y-4">
+                <!-- 警告信息 -->
+                <div class="bg-yellow-50 border-l-4 border-yellow-400 p-4">
+                    <div class="flex">
+                        <div class="flex-shrink-0">
+                            <svg class="h-5 w-5 text-yellow-400" fill="currentColor" viewBox="0 0 20 20">
+                                <path fill-rule="evenodd" d="M8.257 3.099c.765-1.36 2.722-1.36 3.486 0l5.58 9.92c.75 1.334-.213 2.98-1.742 2.98H4.42c-1.53 0-2.493-1.646-1.743-2.98l5.58-9.92zM11 13a1 1 0 11-2 0 1 1 0 012 0zm-1-8a1 1 0 00-1 1v3a1 1 0 002 0V6a1 1 0 00-1-1z" clip-rule="evenodd" />
+                            </svg>
+                        </div>
+                        <div class="ml-3">
+                            <p class="text-sm text-yellow-700">
+                                将验证所有 <strong x-text="provider.toUpperCase()"></strong> Token 的有效性。
+                                <br>此操���可能需要较长时间，请耐心等待。
+                            </p>
+                        </div>
+                    </div>
+                </div>
+
+                <!-- 验证说明 -->
+                <div class="text-sm text-gray-600 space-y-2">
+                    <p><strong>验证内容：</strong></p>
+                    <ul class="list-disc list-inside space-y-1 ml-4">
+                        <li>检查 Token 是否有效</li>
+                        <li>识别 Token 类型（认证用户 / 匿名用户）</li>
+                        <li>更新数据库中的 Token 类型</li>
+                        <li>匿名用户 Token 将被标记为不健康</li>
+                    </ul>
+                </div>
+
+                <!-- 进度显示 -->
+                <div id="validate-progress" class="hidden">
+                    <div class="flex items-center justify-center py-4">
+                        <svg class="animate-spin h-8 w-8 text-indigo-600" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
+                            <circle class="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" stroke-width="4"></circle>
+                            <path class="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+                        </svg>
+                        <span class="ml-3 text-gray-700">验证中...</span>
+                    </div>
+                </div>
+
+                <!-- 提交按钮 -->
+                <div class="flex justify-end space-x-3 pt-4 border-t">
+                    <button @click="showValidateModal = false"
+                            :disabled="isValidating"
+                            class="px-4 py-2 border border-gray-300 rounded-md text-sm font-medium text-gray-700 bg-white hover:bg-gray-50 disabled:opacity-50 disabled:cursor-not-allowed">
+                        取消
+                    </button>
+                    <button hx-post="/admin/api/tokens/validate"
+                            :hx-vals="JSON.stringify({provider: provider})"
+                            hx-target="#notification"
+                            @htmx:before-request="isValidating = true; document.getElementById('validate-progress').classList.remove('hidden')"
+                            @htmx:after-request="isValidating = false; showValidateModal = false; document.getElementById('validate-progress').classList.add('hidden'); htmx.trigger('#token-list', 'providerChange'); htmx.trigger('body', 'statsRefresh')"
+                            :disabled="isValidating"
+                            class="px-4 py-2 bg-blue-600 text-white rounded-md text-sm font-medium hover:bg-blue-700 disabled:opacity-50 disabled:cursor-not-allowed">
+                        开始验证
+                    </button>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+{% endblock %}
+
+{% block extra_scripts %}
+<script>
+// 全局通知函数
+function showNotification(message, type = 'success') {
+    const notification = document.createElement('div');
+    const bgColor = type === 'success' ? 'bg-green-500' : type === 'error' ? 'bg-red-500' : 'bg-blue-500';
+    notification.className = `fixed top-4 right-4 ${bgColor} text-white px-6 py-3 rounded-lg shadow-lg z-50 transition-all transform`;
+    notification.style.animation = 'slideInRight 0.3s ease-out';
+    notification.innerHTML = `
+        <div class="flex items-center space-x-2">
+            <svg class="h-5 w-5" fill="currentColor" viewBox="0 0 20 20">
+                <path fill-rule="evenodd" d="M10 18a8 8 0 100-16 8 8 0 000 16zm3.707-9.293a1 1 0 00-1.414-1.414L9 10.586 7.707 9.293a1 1 0 00-1.414 1.414l2 2a1 1 0 001.414 0l4-4z" clip-rule="evenodd" />
+            </svg>
+            <span class="font-medium">${message}</span>
+        </div>
+    `;
+
+    document.body.appendChild(notification);
+
+    // 3秒后自动消失
+    setTimeout(() => {
+        notification.style.opacity = '0';
+        notification.style.transform = 'translateX(100%)';
+        setTimeout(() => notification.remove(), 300);
+    }, 3000);
+}
+
+// 添加动画样式
+if (!document.getElementById('notification-styles')) {
+    const style = document.createElement('style');
+    style.id = 'notification-styles';
+    style.textContent = `
+        @keyframes slideInRight {
+            from {
+                opacity: 0;
+                transform: translateX(100%);
+            }
+            to {
+                opacity: 1;
+                transform: translateX(0);
+            }
+        }
+    `;
+    document.head.appendChild(style);
+}
+
+// 监听验证按钮的完成事件
+document.body.addEventListener('htmx:afterSwap', function(evt) {
+    // 检查是否是验证按钮触发的事件
+    if (evt.detail.target && evt.detail.target.id && evt.detail.target.id.startsWith('token-row-')) {
+        // 从目标元素提取 token ID
+        const tokenId = evt.detail.target.id.replace('token-row-', '');
+
+        // 检查是否是验证操作（通过查看触发元素）
+        const triggerElt = evt.detail.requestConfig?.elt;
+        if (triggerElt && triggerElt.classList.contains('validate-token-btn')) {
+            showNotification(`✓ Token ID ${tokenId} 验证完成`, 'success');
+
+            // 同时刷新统计数据
+            htmx.trigger('body', 'statsRefresh');
+        }
+    }
+});
+</script>
+{% endblock %}

app/utils/__init__.py

@@ -0,0 +1,6 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from app.utils import sse_tool_handler, reload_config, logger
+
+__all__ = ["sse_tool_handler", "reload_config", "logger"]

app/utils/logger.py

@@ -0,0 +1,106 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+import sys
+from pathlib import Path
+from loguru import logger
+
+# Global logger instance
+app_logger = None
+
+
+def setup_logger(log_dir, log_retention_days=7, log_rotation="1 day", debug_mode=False):
+    """
+    Create a logger instance
+
+    Parameters:
+        log_dir (str): 日志目录
+        log_retention_days (int): 日志保留天数
+        log_rotation (str): 日志轮转间隔
+        debug_mode (bool): 是否开启调试模式
+    """
+    global app_logger
+
+    # 移除所有现有的日志处理器（支持热重载）
+    logger.remove()
+
+    log_level = "DEBUG" if debug_mode else "INFO"
+
+    console_format = (
+        "<green>{time:HH:mm:ss}</green> | <level>{level: <8}</level> | <level>{message}</level>"
+        if not debug_mode
+        else "<green>{time:YYYY-MM-DD HH:mm:ss}</green> | <level>{level: <8}</level> | "
+        "<cyan>{name}</cyan>:<cyan>{function}</cyan>:<cyan>{line}</cyan> | <level>{message}</level>"
+    )
+
+    # 添加控制台输出（根据 debug_mode 设置级别）
+    logger.add(sys.stderr, level=log_level, format=console_format, colorize=True)
+
+    # 只有在 debug_mode 时才添加文件输出
+    if debug_mode:
+        try:
+            log_path = Path(log_dir)
+            log_path.mkdir(parents=True, exist_ok=True)
+
+            log_file = log_path / "{time:YYYY-MM-DD}.log"
+            file_format = "{time:YYYY-MM-DD HH:mm:ss.SSS} | {level: <8} | {name}:{function}:{line} | {message}"
+
+            logger.add(
+                str(log_file),
+                level=log_level,
+                format=file_format,
+                rotation=log_rotation,
+                retention=f"{log_retention_days} days",
+                encoding="utf-8",
+                compression="zip",
+                enqueue=True,
+                catch=True,
+            )
+            logger.info(f"✅ 日志文件输出已启用: {log_dir}")
+        except (PermissionError, OSError) as e:
+            # 如果无法创建日志目录或文件，降级为仅控制台输出
+            logger.warning(f"⚠️ 无法创建日志文件 ({e})，将仅使用控制台输出")
+
+    app_logger = logger
+
+    return logger
+
+
+def get_logger():
+    """Get the logger instance"""
+    global app_logger
+    if app_logger is None:
+        # 如果没有设置过logger，使用默认配置
+        logger.remove()  # 移除所有现有处理器
+        logger.add(sys.stderr, level="INFO", format="<green>{time:YYYY-MM-DD HH:mm:ss.SSS}</green> | <level>{level: <8}</level> | <cyan>{name}</cyan>:<cyan>{function}</cyan>:<cyan>{line}</cyan> | <level>{message}</level>")
+        app_logger = logger
+    return app_logger
+
+
+if __name__ == "__main__":
+    """Test the logger"""
+    import tempfile
+
+    with tempfile.TemporaryDirectory() as temp_dir:
+        try:
+            setup_logger(temp_dir, debug_mode=True)
+
+            logger.debug("这是一条调试日志")
+            logger.info("这是一条信息日志")
+            logger.warning("这是一条警告日志")
+            logger.error("这是一条错误日志")
+            logger.critical("这是一条严重日志")
+
+            try:
+                1 / 0
+            except ZeroDivisionError:
+                logger.exception("发生了除零异常")
+
+            print("✅ 日志测试完成")
+
+            logger.remove()
+
+        except Exception as e:
+            print(f"❌ 日志测试失败: {e}")
+            logger.remove()
+            raise

app/utils/reload_config.py

@@ -0,0 +1,89 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+"""
+热重载配置模块
+定义 Granian 服务器热重载时需要忽略的目录和文件模式
+"""
+
+# 忽略的目录列表
+RELOAD_IGNORE_DIRS = [
+    "logs",  # 忽略日志目录
+    "storage",  # 忽略存储目录
+    "__pycache__",  # 忽略 Python 缓存
+    ".git",  # 忽略 git 目录
+    "node_modules",  # 忽略 node_modules
+    "migrations",  # 忽略数据库迁移目录
+    ".pytest_cache",  # 忽略 pytest 缓存
+    ".venv",  # 忽略虚拟环境
+    "venv",  # 忽略虚拟环境
+    "env",  # 忽略环境目录
+    ".mypy_cache",  # 忽略 mypy 缓存
+    ".ruff_cache",  # 忽略 ruff 缓存
+    "dist",  # 忽略构建分发目录
+    "build",  # 忽略构建目录
+    ".coverage",  # 忽略测试覆盖率文件
+    "htmlcov",  # 忽略覆盖率报告目录
+    "tests",  # 忽略测试目录
+    "z-ai2api-server.pid",  # 忽略 PID 文件
+]
+
+# 忽略的文件模式（正则表达式）
+RELOAD_IGNORE_PATTERNS = [
+    # 日志文件
+    r".*\.log$",
+    r".*\.log\.\d+$",
+    # 数据库文件
+    r".*\.sqlite3.*",
+    r".*\.db$",
+    r".*\.db-.*$",
+    # Python 相关
+    r".*\.pyc$",
+    r".*\.pyo$",
+    r".*\.pyd$",
+    # 临时文件
+    r".*\.tmp$",
+    r".*\.temp$",
+    r".*\.swp$",
+    r".*\.swo$",
+    r".*~$",
+    # 系统文件
+    r".*\.DS_Store$",
+    r".*Thumbs\.db$",
+    r".*\.directory$",
+    # 编辑器文件
+    r".*\.vscode.*",
+    r".*\.idea.*",
+    # 测试和覆盖率
+    r".*\.coverage$",
+    r".*\.pytest_cache.*",
+    # 构建文件
+    r".*\.egg-info.*",
+    r".*\.wheel$",
+    r".*\.whl$",
+    # 版本控制
+    r".*\.git.*",
+    r".*\.gitignore$",
+    r".*\.gitkeep$",
+    # 配置文件备份
+    r".*\.bak$",
+    r".*\.backup$",
+    r".*\.orig$",
+    # 锁文件
+    r".*\.lock$",
+    r".*\.pid$",
+]
+
+# 监视的路径（只监视应用相关代码）
+RELOAD_WATCH_PATHS = [
+    "app",  # 应用主目录
+    "main.py",  # 主入口文件
+]
+
+# 热重载配置
+RELOAD_CONFIG = {
+    "reload_ignore_dirs": RELOAD_IGNORE_DIRS,
+    "reload_ignore_patterns": RELOAD_IGNORE_PATTERNS,
+    "reload_paths": RELOAD_WATCH_PATHS,
+    "reload_tick": 100,  # 监视频率（毫秒）
+}

app/utils/sse_tool_handler.py

@@ -0,0 +1,612 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+"""
+SSE Tool Handler
+
+处理 Z.AI SSE 流数据并转换为 OpenAI 兼容格式的工具调用处理器。
+
+主要功能：
+- 解析 glm_block 格式的工具调用
+- 从 metadata.arguments 提取完整参数
+- 支持多阶段处理：thinking → tool_call → other → answer
+- 输出符合 OpenAI API 规范的流式响应
+"""
+
+import json
+import time
+from typing import Dict, Any, Generator
+from enum import Enum
+
+from app.utils.logger import get_logger
+
+logger = get_logger()
+
+
+class SSEPhase(Enum):
+    """SSE 处理阶段枚举"""
+    THINKING = "thinking"
+    TOOL_CALL = "tool_call"
+    OTHER = "other"
+    ANSWER = "answer"
+    DONE = "done"
+
+
+class SSEToolHandler:
+    """SSE 工具调用处理器"""
+
+    def __init__(self, model: str, stream: bool = True):
+        self.model = model
+        self.stream = stream
+
+        # 状态管理
+        self.current_phase = None
+        self.has_tool_call = False
+
+        # 工具调用状态
+        self.tool_id = ""
+        self.tool_name = ""
+        self.tool_args = ""
+        self.tool_call_usage = {}
+        self.content_index = 0  # 工具调用索引
+
+        # 性能优化：内容缓冲
+        self.content_buffer = ""
+        self.buffer_size = 0
+        self.last_flush_time = time.time()
+        self.flush_interval = 0.05  # 50ms 刷新间隔
+        self.max_buffer_size = 100  # 最大缓冲字符数
+
+        logger.debug(f"🔧 初始化工具处理器: model={model}, stream={stream}")
+
+    def process_sse_chunk(self, chunk_data: Dict[str, Any]) -> Generator[str, None, None]:
+        """
+        处理 SSE 数据块，返回 OpenAI 格式的流式响应
+
+        Args:
+            chunk_data: Z.AI SSE 数据块
+
+        Yields:
+            str: OpenAI 格式的 SSE 响应行
+        """
+        try:
+            phase = chunk_data.get("phase")
+            edit_content = chunk_data.get("edit_content", "")
+            delta_content = chunk_data.get("delta_content", "")
+            edit_index = chunk_data.get("edit_index")
+            usage = chunk_data.get("usage", {})
+
+            # 数据验证
+            if not phase:
+                logger.warning("⚠️ 收到无效的 SSE 块：缺少 phase 字段")
+                return
+
+            # 阶段变化检测和日志
+            if phase != self.current_phase:
+                # 阶段变化时强制刷新缓冲区
+                if hasattr(self, 'content_buffer') and self.content_buffer:
+                    yield from self._flush_content_buffer()
+
+                logger.info(f"📈 SSE 阶段变化: {self.current_phase} → {phase}")
+                content_preview = edit_content or delta_content
+                if content_preview:
+                    logger.debug(f"   📝 内容预览: {content_preview[:1000]}{'...' if len(content_preview) > 1000 else ''}")
+                if edit_index is not None:
+                    logger.debug(f"   📍 edit_index: {edit_index}")
+                self.current_phase = phase
+
+            # 根据阶段处理
+            if phase == SSEPhase.THINKING.value:
+                yield from self._process_thinking_phase(delta_content)
+
+            elif phase == SSEPhase.TOOL_CALL.value:
+                yield from self._process_tool_call_phase(edit_content)
+
+            elif phase == SSEPhase.OTHER.value:
+                yield from self._process_other_phase(usage, edit_content)
+
+            elif phase == SSEPhase.ANSWER.value:
+                yield from self._process_answer_phase(delta_content)
+
+            elif phase == SSEPhase.DONE.value:
+                yield from self._process_done_phase(chunk_data)
+            else:
+                logger.warning(f"⚠️ 未知的 SSE 阶段: {phase}")
+
+        except Exception as e:
+            logger.error(f"❌ 处理 SSE 块时发生错误: {e}")
+            logger.debug(f"   📦 错误块数据: {chunk_data}")
+            # 不中断流，继续处理后续块
+
+    def _process_thinking_phase(self, delta_content: str) -> Generator[str, None, None]:
+        """处理思考阶段"""
+        if not delta_content:
+            return
+
+        logger.debug(f"🤔 思考内容: +{len(delta_content)} 字符")
+
+        # 在流模式下输出思考内容
+        if self.stream:
+            chunk = self._create_content_chunk(delta_content)
+            yield f"data: {json.dumps(chunk, ensure_ascii=False)}\n\n"
+
+    def _process_tool_call_phase(self, edit_content: str) -> Generator[str, None, None]:
+        """处理工具调用阶段"""
+        if not edit_content:
+            return
+
+        logger.debug(f"🔧 进入工具调用阶段，内容长度: {len(edit_content)}")
+
+        # 检测 glm_block 标记
+        if "<glm_block " in edit_content:
+            yield from self._handle_glm_blocks(edit_content)
+        else:
+            # 没有 glm_block 标记，可能是参数补充
+            if self.has_tool_call:
+                # 只累积���数部分，找到第一个 ", "result"" 之前的内容
+                result_pos = edit_content.find('", "result"')
+                if result_pos > 0:
+                    param_fragment = edit_content[:result_pos]
+                    self.tool_args += param_fragment
+                    logger.debug(f"📦 累积参数片段: {param_fragment}")
+                else:
+                    # 如果没有找到结束标记，累积整个内容（可能是中间片段）
+                    self.tool_args += edit_content
+                    logger.debug(f"📦 累积参数片段: {edit_content[:100]}...")
+
+    def _handle_glm_blocks(self, edit_content: str) -> Generator[str, None, None]:
+        """处理 glm_block 标记的内容"""
+        blocks = edit_content.split('<glm_block ')
+        logger.debug(f"📦 分割得到 {len(blocks)} 个块")
+
+        for index, block in enumerate(blocks):
+            if not block.strip():
+                continue
+
+            if index == 0:
+                # 第一个块：提取参数片段
+                if self.has_tool_call:
+                    logger.debug(f"📦 从第一个块提取参数片段")
+                    # 找到 "result" 的位置，提取之前的参数片段
+                    result_pos = edit_content.find('"result"')
+                    if result_pos > 0:
+                        # 往前退3个字符去掉 ", "
+                        param_fragment = edit_content[:result_pos - 3]
+                        self.tool_args += param_fragment
+                        logger.debug(f"📦 累积参数片段: {param_fragment}")
+                else:
+                    # 没有活跃工具调用，跳过第一个块
+                    continue
+            else:
+                # 后续块：处理新工具调用
+                if "</glm_block>" not in block:
+                    continue
+
+                # 如果有活跃的工具调用，先完成它
+                if self.has_tool_call:
+                    # 补全参数并完成工具调用
+                    self.tool_args += '"'  # 补全最后的引号
+                    yield from self._finish_current_tool()
+
+                # 处理新工具调用
+                yield from self._process_metadata_block(block)
+
+    def _process_metadata_block(self, block: str) -> Generator[str, None, None]:
+        """处理包含工具元数据的块"""
+        try:
+            # 提取 JSON 内容
+            start_pos = block.find('>')
+            end_pos = block.rfind('</glm_block>')
+
+            if start_pos == -1 or end_pos == -1:
+                logger.warning(f"❌ 无法找到 JSON 内容边界: {block[:1000]}...")
+                return
+
+            json_content = block[start_pos + 1:end_pos]
+            logger.debug(f"📦 提取的 JSON 内容: {json_content[:1000]}...")
+
+            # 解析工具元数据
+            metadata_obj = json.loads(json_content)
+
+            if "data" in metadata_obj and "metadata" in metadata_obj["data"]:
+                metadata = metadata_obj["data"]["metadata"]
+
+                # 开始新的工具调用
+                self.tool_id = metadata.get("id", f"call_{int(time.time() * 1000000)}")
+                self.tool_name = metadata.get("name", "unknown")
+                self.has_tool_call = True
+
+                # 只有在这是第二个及以后的工具调用时才递增 index
+                # 第一个工具调用应该使用 index 0
+
+                # 从 metadata.arguments 获取参数起始部分
+                if "arguments" in metadata:
+                    arguments_str = metadata["arguments"]
+                    # 去掉最后一个字符
+                    self.tool_args = arguments_str[:-1] if arguments_str.endswith('"') else arguments_str
+                    logger.debug(f"🎯 新工具调用: {self.tool_name}(id={self.tool_id}), 初始参数: {self.tool_args}")
+                else:
+                    self.tool_args = "{}"
+                    logger.debug(f"🎯 新工具调用: {self.tool_name}(id={self.tool_id}), 空参数")
+
+        except (json.JSONDecodeError, KeyError, AttributeError) as e:
+            logger.error(f"❌ 解析工具元数据失败: {e}, 块内容: {block[:1000]}...")
+
+        # 确保返回生成器（即使为空）
+        if False:  # 永远不会执行，但确保函数是生成器
+            yield
+
+    def _process_other_phase(self, usage: Dict[str, Any], edit_content: str = "") -> Generator[str, None, None]:
+        """处理其他阶段"""
+        # 保存使用统计信息
+        if usage:
+            self.tool_call_usage = usage
+            logger.debug(f"📊 保存使用统计: {usage}")
+
+        # 工具调用完成判断：检测到 "null," 开头的 edit_content
+        if self.has_tool_call and edit_content and edit_content.startswith("null,"):
+            logger.info(f"🏁 检测到工具调用结束标记")
+
+            # 完成当前工具调用
+            yield from self._finish_current_tool()
+
+            # 发��流结束标记
+            if self.stream:
+                yield "data: [DONE]\n\n"
+
+            # 重置状态
+            self._reset_all_state()
+
+    def _process_answer_phase(self, delta_content: str) -> Generator[str, None, None]:
+        """处理回答阶段（优化版本）"""
+        if not delta_content:
+            return
+
+        logger.info(f"📝 工具处理器收到答案内容: {delta_content[:50]}...")
+
+        # 添加到缓冲区
+        self.content_buffer += delta_content
+        self.buffer_size += len(delta_content)
+
+        current_time = time.time()
+        time_since_last_flush = current_time - self.last_flush_time
+
+        # 检查是否需要刷新缓冲区
+        should_flush = (
+            self.buffer_size >= self.max_buffer_size or  # 缓冲区满了
+            time_since_last_flush >= self.flush_interval or  # 时间间隔到了
+            '\n' in delta_content or  # 包含换行符
+            '。' in delta_content or '！' in delta_content or '？' in delta_content  # 包含句子结束符
+        )
+
+        if should_flush and self.content_buffer:
+            yield from self._flush_content_buffer()
+
+    def _flush_content_buffer(self) -> Generator[str, None, None]:
+        """刷新内容缓冲区"""
+        if not self.content_buffer:
+            return
+
+        logger.info(f"💬 工具处理器刷新缓冲区: {self.buffer_size} 字符 - {self.content_buffer[:50]}...")
+
+        if self.stream:
+            chunk = self._create_content_chunk(self.content_buffer)
+            output_data = f"data: {json.dumps(chunk, ensure_ascii=False)}\n\n"
+            logger.info(f"➡️ 工具处理器输出: {output_data[:100]}...")
+            yield output_data
+
+        # 清空缓冲区
+        self.content_buffer = ""
+        self.buffer_size = 0
+        self.last_flush_time = time.time()
+
+    def _process_done_phase(self, chunk_data: Dict[str, Any]) -> Generator[str, None, None]:
+        """处理完成阶段"""
+        logger.info("🏁 对话完成")
+
+        # 先刷新任何剩余的缓冲内容
+        if self.content_buffer:
+            yield from self._flush_content_buffer()
+
+        # 完成任何未完成的工具调用
+        if self.has_tool_call:
+            yield from self._finish_current_tool()
+
+        # 发送流结束标记
+        if self.stream:
+            # 创建最终的完成块
+            final_chunk = {
+                "id": f"chatcmpl-{int(time.time())}",
+                "object": "chat.completion.chunk",
+                "created": int(time.time()),
+                "model": self.model,
+                "choices": [{
+                    "index": 0,
+                    "delta": {},
+                    "finish_reason": "stop"
+                }]
+            }
+
+            # 如果有 usage 信息，添加到最终块中
+            if "usage" in chunk_data:
+                final_chunk["usage"] = chunk_data["usage"]
+
+            yield f"data: {json.dumps(final_chunk, ensure_ascii=False)}\n\n"
+            yield "data: [DONE]\n\n"
+
+        # 重置所有状态
+        self._reset_all_state()
+
+    def _finish_current_tool(self) -> Generator[str, None, None]:
+        """完成当前工具调用"""
+        if not self.has_tool_call:
+            return
+
+        # 修复参数格式
+        fixed_args = self._fix_tool_arguments(self.tool_args)
+        logger.debug(f"✅ 完成工具调用: {self.tool_name}, 参数: {fixed_args}")
+
+        # 输出工具调用（开始 + 参数 + 完成）
+        if self.stream:
+            # 发送工具开始块
+            start_chunk = self._create_tool_start_chunk()
+            yield f"data: {json.dumps(start_chunk, ensure_ascii=False)}\n\n"
+
+            # 发送参数块
+            args_chunk = self._create_tool_arguments_chunk(fixed_args)
+            yield f"data: {json.dumps(args_chunk, ensure_ascii=False)}\n\n"
+
+            # 发送完成块
+            finish_chunk = self._create_tool_finish_chunk()
+            yield f"data: {json.dumps(finish_chunk, ensure_ascii=False)}\n\n"
+
+        # 重置工具状态
+        self._reset_tool_state()
+
+    def _fix_tool_arguments(self, raw_args: str) -> str:
+        """使用 json-repair 库修复工具参数格式"""
+        if not raw_args or raw_args == "{}":
+            return "{}"
+
+        logger.debug(f"🔧 开始修复参数: {raw_args[:1000]}{'...' if len(raw_args) > 1000 else ''}")
+
+        # 统一的修复流程：预处理 -> json-repair -> 后处理
+        try:
+            # 1. 预处理：只处理 json-repair 无法处理的问题
+            processed_args = self._preprocess_json_string(raw_args.strip())
+
+            # 2. 使用 json-repair 进行主要修复
+            from json_repair import repair_json
+            repaired_json = repair_json(processed_args)
+            logger.debug(f"🔧 json-repair 修复结果: {repaired_json}")
+
+            # 3. 解析并后处理
+            args_obj = json.loads(repaired_json)
+            args_obj = self._post_process_args(args_obj)
+
+            # 4. 生成最终结果
+            fixed_result = json.dumps(args_obj, ensure_ascii=False)
+
+            return fixed_result
+
+        except Exception as e:
+            logger.error(f"❌ JSON 修复失败: {e}, 原始参数: {raw_args[:1000]}..., 使用空参数")
+            return "{}"
+
+    def _post_process_args(self, args_obj: Dict[str, Any]) -> Dict[str, Any]:
+        """统一的后处理方法"""
+        # 修复路径中的过度转义
+        args_obj = self._fix_path_escaping_in_args(args_obj)
+
+        # 修复命令中的多余引号
+        args_obj = self._fix_command_quotes(args_obj)
+
+        return args_obj
+
+    def _preprocess_json_string(self, text: str) -> str:
+        """预处理 JSON 字符串，只处理 json-repair 无法处理的问题"""
+        import re
+
+        # 只保留 json-repair 无法处理的预处理步骤
+
+        # 1. 修复缺少开始括号的情况（json-repair 无法处理）
+        if not text.startswith('{') and text.endswith('}'):
+            text = '{' + text
+            logger.debug(f"🔧 补全开始括号")
+
+        # 2. 修复末尾多余的反斜杠和引号（json-repair 可能处理不当）
+        # 匹配模式：字符串值末尾的 \" 后面跟着 } 或 ,
+        # 例如：{"url":"https://www.bilibili.com\"} -> {"url":"https://www.bilibili.com"}
+        # 例如：{"url":"https://www.bilibili.com\",} -> {"url":"https://www.bilibili.com",}
+        pattern = r'([^\\])\\"([}\s,])'
+        if re.search(pattern, text):
+            text = re.sub(pattern, r'\1"\2', text)
+            logger.debug(f"🔧 修复末尾多余的反斜杠")
+
+        return text
+
+    def _fix_path_escaping_in_args(self, args_obj: Dict[str, Any]) -> Dict[str, Any]:
+        """修复参数对象中路径的过度转义问题"""
+        import re
+
+        # 需要检查的路径字段
+        path_fields = ['file_path', 'path', 'directory', 'folder']
+
+        for field in path_fields:
+            if field in args_obj and isinstance(args_obj[field], str):
+                path_value = args_obj[field]
+
+                # 检查是否是Windows路径且包含过度转义
+                if path_value.startswith('C:') and '\\\\' in path_value:
+                    logger.debug(f"🔍 检查路径字段 {field}: {repr(path_value)}")
+
+                    # 分析路径结构：正常路径应该是 C:\Users\...
+                    # 但过度转义的路径可能是 C:\Users\\Documents（多了一个反斜杠）
+                    # 我们需要找到不正常的双反斜杠模式并修复
+
+                    # 先检查是否有不正常的双反斜杠（不在路径开头）
+                    # 正常：C:\Users\Documents
+                    # 异常：C:\Users\\Documents 或 C:\Users\\\\Documents
+
+                    # 使用更精确的模式：匹配路径分隔符后的额外反斜杠
+                    # 但要保留正常的路径分隔符
+                    fixed_path = path_value
+
+                    # 检查是否有连续的多个反斜杠（超过正常的路径分隔符）
+                    if '\\\\' in path_value:
+                        # 计算反斜杠的数量，如果超过正常数量就修复
+                        parts = path_value.split('\\')
+                        # 重新组装路径，去除空的部分（由多余的反斜杠造成）
+                        clean_parts = [part for part in parts if part]
+                        if len(clean_parts) > 1:
+                            fixed_path = '\\'.join(clean_parts)
+
+                    logger.debug(f"🔍 修复后路径: {repr(fixed_path)}")
+
+                    if fixed_path != path_value:
+                        args_obj[field] = fixed_path
+                        logger.debug(f"🔧 修复字段 {field} 的路径转义: {path_value} -> {fixed_path}")
+                    else:
+                        logger.debug(f"🔍 路径无需修复: {path_value}")
+
+        return args_obj
+
+    def _fix_command_quotes(self, args_obj: Dict[str, Any]) -> Dict[str, Any]:
+        """修复命令中的多余引号问题"""
+        import re
+
+        # 检查命令字段
+        if 'command' in args_obj and isinstance(args_obj['command'], str):
+            command = args_obj['command']
+
+            # 检查是否以双引号结尾（多余的引号）
+            if command.endswith('""'):
+                logger.debug(f"🔧 发现命令末尾多余引号: {command}")
+                # 移除最后一个多余的引号
+                fixed_command = command[:-1]
+                args_obj['command'] = fixed_command
+                logger.debug(f"🔧 修复命令引号: {command} -> {fixed_command}")
+
+            # 检查其他可能的引号问题
+            # 例如：路径末尾的 \"" 模式
+            elif re.search(r'\\""+$', command):
+                logger.debug(f"🔧 发现命令末尾引号模式问题: {command}")
+                # 修复路径末尾的引号问题
+                fixed_command = re.sub(r'\\""+$', '\\"', command)
+                args_obj['command'] = fixed_command
+                logger.debug(f"🔧 修复命令引号模式: {command} -> {fixed_command}")
+
+        return args_obj
+
+    def _create_content_chunk(self, content: str) -> Dict[str, Any]:
+        """创建内容块"""
+        return {
+            "id": f"chatcmpl-{int(time.time())}",
+            "object": "chat.completion.chunk",
+            "created": int(time.time()),
+            "model": self.model,
+            "choices": [{
+                "index": 0,
+                "delta": {
+                    "role": "assistant",
+                    "content": content
+                },
+                "finish_reason": None
+            }]
+        }
+
+    def _create_tool_start_chunk(self) -> Dict[str, Any]:
+        """创建工具开始块"""
+        return {
+            "id": f"chatcmpl-{int(time.time())}",
+            "object": "chat.completion.chunk", 
+            "created": int(time.time()),
+            "model": self.model,
+            "choices": [{
+                "index": 0,
+                "delta": {
+                    "role": "assistant",
+                    "tool_calls": [{
+                        "index": self.content_index,
+                        "id": self.tool_id,
+                        "type": "function",
+                        "function": {
+                            "name": self.tool_name,
+                            "arguments": ""
+                        }
+                    }]
+                },
+                "finish_reason": None
+            }]
+        }
+
+    def _create_tool_arguments_chunk(self, arguments: str) -> Dict[str, Any]:
+        """创建工具参数块"""
+        return {
+            "id": f"chatcmpl-{int(time.time())}",
+            "object": "chat.completion.chunk",
+            "created": int(time.time()),
+            "model": self.model,
+            "choices": [{
+                "index": 0,
+                "delta": {
+                    "tool_calls": [{
+                        "index": self.content_index,
+                        "id": self.tool_id,
+                        "function": {
+                            "arguments": arguments
+                        }
+                    }]
+                },
+                "finish_reason": None
+            }]
+        }
+
+    def _create_tool_finish_chunk(self) -> Dict[str, Any]:
+        """创建工具完成块"""
+        chunk = {
+            "id": f"chatcmpl-{int(time.time())}",
+            "object": "chat.completion.chunk",
+            "created": int(time.time()),
+            "model": self.model,
+            "choices": [{
+                "index": 0,
+                "delta": {
+                    "tool_calls": []
+                },
+                "finish_reason": "tool_calls"
+            }]
+        }
+        
+        # 添加使用统计（如果有）
+        if self.tool_call_usage:
+            chunk["usage"] = self.tool_call_usage
+            
+        return chunk
+
+    def _reset_tool_state(self):
+        """重置工具状态"""
+        self.tool_id = ""
+        self.tool_name = ""
+        self.tool_args = ""
+        self.has_tool_call = False
+        # content_index 在单次对话中应该保持不变，只有在新的工具调用开始时才递增
+
+    def _reset_all_state(self):
+        """重置所有状态"""
+        # 先刷新任何剩余的缓冲内容
+        if hasattr(self, 'content_buffer') and self.content_buffer:
+            list(self._flush_content_buffer())  # 消费生成器
+
+        self._reset_tool_state()
+        self.current_phase = None
+        self.tool_call_usage = {}
+
+        # 重置缓冲区
+        self.content_buffer = ""
+        self.buffer_size = 0
+        self.last_flush_time = time.time()
+
+        # content_index 重置为 0，为下一轮对话做准备
+        self.content_index = 0
+        logger.debug("🔄 重置所有处理器状态")

app/utils/token_pool.py

@@ -0,0 +1,598 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+"""
+Token 池管理器 - 基于数据库的 Token 轮询和健康检查
+
+核心功能：
+1. Token 轮询机制 - 负载均衡和容错
+2. Z.AI 官方认证接口验证 - 基于 role 字段区分用户类型
+3. Token 健康度监控 - 自动禁用失败 Token
+4. 数据库集成 - 与 TokenDAO 协同工作
+"""
+
+import asyncio
+import time
+from typing import Dict, List, Optional, Tuple
+from dataclasses import dataclass, field
+from threading import Lock
+import httpx
+
+from app.utils.logger import logger
+
+
+# ==================== Token 状态管理 ====================
+
+
+@dataclass
+class TokenStatus:
+    """Token 运行时状态（内存中）"""
+    token: str
+    token_id: int  # 数据库 ID，用于同步统计
+    token_type: str = "unknown"  # "user", "guest", "unknown"
+    is_available: bool = True
+    failure_count: int = 0
+    last_failure_time: float = 0.0
+    last_success_time: float = 0.0
+    total_requests: int = 0
+    successful_requests: int = 0
+
+    @property
+    def success_rate(self) -> float:
+        """成功率"""
+        if self.total_requests == 0:
+            return 1.0
+        return self.successful_requests / self.total_requests
+
+    @property
+    def is_healthy(self) -> bool:
+        """
+        Token 健康状态判断
+
+        健康标准：
+        1. 必须是认证用户 Token (token_type = "user")
+        2. 当前可用 (is_available = True)
+        3. 成功率 >= 50% 或总请求数 <= 3（新 Token 容错）
+
+        注意：
+        - guest Token 永远不健康
+        - unknown Token 永远不健康
+        """
+        # guest 和 unknown token 永远不健康
+        if self.token_type != "user":
+            return False
+
+        # 不可用的 token 不健康
+        if not self.is_available:
+            return False
+
+        # 新 token 容错：请求数很少时，只要没失败就健康
+        if self.total_requests <= 3:
+            return self.failure_count == 0
+
+        # 基于成功率判断
+        return self.success_rate >= 0.5
+
+
+# ==================== Token 验证服务 ====================
+
+
+class ZAITokenValidator:
+    """Z.AI Token 验证器（使用官方认证接口）"""
+
+    AUTH_URL = "https://chat.z.ai/api/v1/auths/"
+
+    @staticmethod
+    def get_headers(token: str) -> Dict[str, str]:
+        """构建认证请求头"""
+        return {
+            "Accept": "*/*",
+            "Accept-Language": "zh-CN,zh;q=0.9",
+            "Authorization": f"Bearer {token}",
+            "Connection": "keep-alive",
+            "Content-Type": "application/json",
+            "DNT": "1",
+            "Referer": "https://chat.z.ai/",
+            "Sec-Fetch-Dest": "empty",
+            "Sec-Fetch-Mode": "cors",
+            "Sec-Fetch-Site": "same-origin",
+            "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36",
+            "sec-ch-ua": '"Chromium";v="140", "Not=A?Brand";v="24", "Google Chrome";v="140"',
+            "sec-ch-ua-mobile": "?0",
+            "sec-ch-ua-platform": '"Windows"'
+        }
+
+    @classmethod
+    async def validate_token(cls, token: str) -> Tuple[str, bool, Optional[str]]:
+        """
+        验证 Token 有效性并返回类型
+
+        Args:
+            token: 待验证的 Token
+
+        Returns:
+            (token_type, is_valid, error_message)
+            - token_type: "user" | "guest" | "unknown"
+            - is_valid: True 表示是有效的认证用户 Token
+            - error_message: 失败原因（仅在 is_valid=False 时有值）
+        """
+        try:
+            async with httpx.AsyncClient(timeout=15.0) as client:
+                response = await client.get(
+                    cls.AUTH_URL,
+                    headers=cls.get_headers(token)
+                )
+
+                # 解析响应
+                return cls._parse_auth_response(response)
+
+        except httpx.TimeoutException:
+            return ("unknown", False, "请求超时")
+        except httpx.ConnectError:
+            return ("unknown", False, "连接失败")
+        except Exception as e:
+            return ("unknown", False, f"验证异常: {str(e)}")
+
+    @staticmethod
+    def _parse_auth_response(response: httpx.Response) -> Tuple[str, bool, Optional[str]]:
+        """
+        解析 Z.AI 认证接口响应
+
+        响应格式示例：
+        {
+            "id": "...",
+            "email": "[email protected]",
+            "role": "user"  # 或 "guest"
+        }
+
+        验证规则：
+        - role: "user" → 认证用户 Token（有效，可添加）
+        - role: "guest" → 匿名用户 Token（无效，拒绝添加）
+        - 其他情况 → 无效 Token
+        """
+        # 检查 HTTP 状态码
+        if response.status_code != 200:
+            return ("unknown", False, f"HTTP {response.status_code}")
+
+        try:
+            data = response.json()
+
+            # 验证响应格式
+            if not isinstance(data, dict):
+                return ("unknown", False, "无效的响应格式")
+
+            # 检查是否包含错误信息
+            if "error" in data or "message" in data:
+                error_msg = data.get("error") or data.get("message", "未知错误")
+                return ("unknown", False, str(error_msg))
+
+            # 核心验证：检查 role 字段
+            role = data.get("role")
+
+            if role == "user":
+                return ("user", True, None)
+            elif role == "guest":
+                return ("guest", False, "匿名用户 Token 不允许添加")
+            else:
+                return ("unknown", False, f"未知 role: {role}")
+
+        except (ValueError, Exception) as e:
+            return ("unknown", False, f"解析响应失败: {str(e)}")
+
+
+# ==================== Token 池管理器 ====================
+
+
+class TokenPool:
+    """Token 池管理器（数据库驱动）"""
+
+    def __init__(
+        self,
+        tokens: List[Tuple[int, str, str]],  # [(token_id, token_value, token_type), ...]
+        failure_threshold: int = 3,
+        recovery_timeout: int = 1800
+    ):
+        """
+        初始化 Token 池
+
+        Args:
+            tokens: Token 列表 [(token_id, token_value, token_type), ...]
+            failure_threshold: 失败阈值，超过此次数将标记为不可用
+            recovery_timeout: 恢复超时时间（秒），失败 Token 在此时间后重新尝试
+        """
+        self.failure_threshold = failure_threshold
+        self.recovery_timeout = recovery_timeout
+        self._lock = Lock()
+        self._current_index = 0
+
+        # 初始化 Token 状态（内存中）
+        self.token_statuses: Dict[str, TokenStatus] = {}
+        self.token_id_map: Dict[str, int] = {}  # token -> token_id 映射
+
+        for token_id, token_value, token_type in tokens:
+            if token_value and token_value not in self.token_statuses:
+                self.token_statuses[token_value] = TokenStatus(
+                    token=token_value,
+                    token_id=token_id,
+                    token_type=token_type
+                )
+                self.token_id_map[token_value] = token_id
+
+        if not self.token_statuses:
+            logger.warning("⚠️ Token 池为空，将依赖匿名模式")
+
+    def get_next_token(self) -> Optional[str]:
+        """
+        获取下一个可用的认证用户 Token（轮询算法）
+
+        Returns:
+            可用的 Token 字符串，如果没有可用 Token 则返回 None
+        """
+        with self._lock:
+            if not self.token_statuses:
+                return None
+
+            available_tokens = self._get_available_user_tokens()
+            if not available_tokens:
+                # 尝试恢复过期的失败 Token
+                self._try_recover_failed_tokens()
+                available_tokens = self._get_available_user_tokens()
+
+                if not available_tokens:
+                    logger.warning("⚠️ 没有可用的认证用户 Token")
+                    return None
+
+            # 轮询选择
+            token = available_tokens[self._current_index % len(available_tokens)]
+            self._current_index = (self._current_index + 1) % len(available_tokens)
+
+            return token
+
+    def _get_available_user_tokens(self) -> List[str]:
+        """
+        获取当前可用的认证用户 Token 列表
+
+        过滤条件：
+        1. is_available = True
+        2. token_type == "user"
+        """
+        available_user_tokens = [
+            status.token for status in self.token_statuses.values()
+            if status.is_available and status.token_type == "user"
+        ]
+
+        # 警告：如果有 guest token 但没有 user token
+        if not available_user_tokens and self.token_statuses:
+            guest_count = sum(
+                1 for status in self.token_statuses.values()
+                if status.token_type == "guest"
+            )
+            if guest_count > 0:
+                logger.warning(f"⚠️ 检测到 {guest_count} 个匿名用户 Token，轮询机制将跳过这些 Token")
+
+        return available_user_tokens
+
+    def _try_recover_failed_tokens(self):
+        """尝试恢复失败的 Token（仅针对认证用户 Token）"""
+        current_time = time.time()
+        recovered_count = 0
+
+        for status in self.token_statuses.values():
+            # 只恢复认证用户 Token
+            if (
+                status.token_type == "user"
+                and not status.is_available
+                and current_time - status.last_failure_time > self.recovery_timeout
+            ):
+                status.is_available = True
+                status.failure_count = 0
+                recovered_count += 1
+                logger.info(f"🔄 恢复失败 Token: {status.token[:20]}...")
+
+        if recovered_count > 0:
+            logger.info(f"✅ 恢复了 {recovered_count} 个失败的 Token")
+
+    def mark_token_success(self, token: str):
+        """标记 Token 使用成功"""
+        with self._lock:
+            if token in self.token_statuses:
+                status = self.token_statuses[token]
+                status.total_requests += 1
+                status.successful_requests += 1
+                status.last_success_time = time.time()
+                status.failure_count = 0  # 重置失败计数
+
+                if not status.is_available:
+                    status.is_available = True
+                    logger.info(f"✅ Token 恢复可用: {token[:20]}...")
+
+    def mark_token_failure(self, token: str, error: Exception = None):
+        """标记 Token 使用失败"""
+        with self._lock:
+            if token in self.token_statuses:
+                status = self.token_statuses[token]
+                status.total_requests += 1
+                status.failure_count += 1
+                status.last_failure_time = time.time()
+
+                if status.failure_count >= self.failure_threshold:
+                    status.is_available = False
+                    logger.warning(f"🚫 Token 已禁用: {token[:20]}... (失败 {status.failure_count} 次)")
+
+    def get_token_id(self, token: str) -> Optional[int]:
+        """获取 Token 的数据库 ID"""
+        return self.token_id_map.get(token)
+
+    def get_pool_status(self) -> Dict:
+        """获取 Token 池状态信息"""
+        with self._lock:
+            available_count = len(self._get_available_user_tokens())
+            total_count = len(self.token_statuses)
+            healthy_count = sum(1 for status in self.token_statuses.values() if status.is_healthy)
+
+            # 统计各类型 Token
+            user_count = sum(1 for s in self.token_statuses.values() if s.token_type == "user")
+            guest_count = sum(1 for s in self.token_statuses.values() if s.token_type == "guest")
+            unknown_count = sum(1 for s in self.token_statuses.values() if s.token_type == "unknown")
+
+            status_info = {
+                "total_tokens": total_count,
+                "available_tokens": available_count,
+                "unavailable_tokens": total_count - available_count,
+                "healthy_tokens": healthy_count,
+                "unhealthy_tokens": total_count - healthy_count,
+                "user_tokens": user_count,
+                "guest_tokens": guest_count,
+                "unknown_tokens": unknown_count,
+                "current_index": self._current_index,
+                "tokens": []
+            }
+
+            for token, status in self.token_statuses.items():
+                status_info["tokens"].append({
+                    "token": f"{token[:10]}...{token[-10:]}",
+                    "token_id": status.token_id,
+                    "token_type": status.token_type,
+                    "is_available": status.is_available,
+                    "failure_count": status.failure_count,
+                    "success_count": status.successful_requests,
+                    "success_rate": f"{status.success_rate:.2%}",
+                    "total_requests": status.total_requests,
+                    "is_healthy": status.is_healthy,
+                    "last_failure_time": status.last_failure_time,
+                    "last_success_time": status.last_success_time
+                })
+
+            return status_info
+
+    def update_token_type(self, token: str, token_type: str):
+        """更新 Token 类型（用于健康检查后更新）"""
+        with self._lock:
+            if token in self.token_statuses:
+                old_type = self.token_statuses[token].token_type
+                self.token_statuses[token].token_type = token_type
+
+                if old_type != token_type:
+                    logger.info(f"🔄 更新 Token 类型: {token[:20]}... {old_type} → {token_type}")
+
+    async def health_check_token(self, token: str) -> bool:
+        """
+        异步健康检查单个 Token（使用 Z.AI 官方认证接口）
+
+        Args:
+            token: 要检查的 Token
+
+        Returns:
+            Token 是否健康（True = 有效的认证用户 Token）
+        """
+        token_type, is_valid, error_message = await ZAITokenValidator.validate_token(token)
+
+        # 更新 Token 类型
+        self.update_token_type(token, token_type)
+
+        # 更新状态
+        if is_valid:
+            self.mark_token_success(token)
+        else:
+            self.mark_token_failure(token, Exception(error_message or "验证失败"))
+
+        return is_valid
+
+    async def health_check_all(self):
+        """异步健康检查所有 Token"""
+        if not self.token_statuses:
+            logger.warning("⚠️ Token 池为空，跳过健康检查")
+            return
+
+        total_tokens = len(self.token_statuses)
+        logger.info(f"🔍 开始 Token 池健康检查... (共 {total_tokens} 个 Token)")
+
+        # 并发执行所有 Token 的健康检查
+        tasks = [
+            self.health_check_token(token)
+            for token in self.token_statuses.keys()
+        ]
+
+        results = await asyncio.gather(*tasks, return_exceptions=True)
+
+        # 统计结果
+        healthy_count = sum(1 for r in results if r is True)
+        failed_count = sum(1 for r in results if r is False)
+        exception_count = sum(1 for r in results if isinstance(r, Exception))
+
+        health_rate = (healthy_count / total_tokens) * 100 if total_tokens > 0 else 0
+
+        if healthy_count == 0 and total_tokens > 0:
+            logger.warning(f"⚠️ 健康检查完成: 0/{total_tokens} 个 Token 健康 - 请检查 Token 配置")
+        elif failed_count > 0:
+            logger.warning(f"⚠️ 健康检查完成: {healthy_count}/{total_tokens} 个 Token 健康 ({health_rate:.1f}%)")
+        else:
+            logger.info(f"✅ 健康检查完成: {healthy_count}/{total_tokens} 个 Token 健康")
+
+        if exception_count > 0:
+            logger.error(f"💥 {exception_count} 个 Token 检查异常")
+
+    async def sync_from_database(self, provider: str = "zai"):
+        """
+        从数据库同步 Token 状态（禁用/启用状态）
+
+        Args:
+            provider: 提供商名称
+
+        说明：
+            - 从数据库读取最新的 Token 启用状态
+            - 如果数据库中 Token 被禁用，则从池中移除
+            - 如果数据库中有新增的启用 Token，则添加到池中
+            - 保留现有 Token 的运行时统计（请求数、成功率等）
+        """
+        from app.services.token_dao import get_token_dao
+
+        dao = get_token_dao()
+
+        # 从数据库加载所有启用的认证用户 Token
+        token_records = await dao.get_tokens_by_provider(provider, enabled_only=True)
+
+        # 构建数据库中的 Token 映射
+        db_tokens = {
+            record["token"]: (record["id"], record.get("token_type", "unknown"))
+            for record in token_records
+            if record.get("token_type") != "guest"  # 过滤 guest token
+        }
+
+        with self._lock:
+            # 1. 移除已在数据库中禁用的 Token
+            tokens_to_remove = []
+            for token_value in list(self.token_statuses.keys()):
+                if token_value not in db_tokens:
+                    tokens_to_remove.append(token_value)
+
+            for token_value in tokens_to_remove:
+                del self.token_statuses[token_value]
+                del self.token_id_map[token_value]
+                logger.info(f"🗑️ 从池中移除已禁用 Token: {token_value[:20]}...")
+
+            # 2. 添加新启用的 Token
+            new_tokens_count = 0
+            for token_value, (token_id, token_type) in db_tokens.items():
+                if token_value not in self.token_statuses:
+                    self.token_statuses[token_value] = TokenStatus(
+                        token=token_value,
+                        token_id=token_id,
+                        token_type=token_type
+                    )
+                    self.token_id_map[token_value] = token_id
+                    new_tokens_count += 1
+                    logger.info(f"➕ 添加新启用 Token: {token_value[:20]}...")
+
+            # 3. 更新现有 Token 的类型（如果数据库中有更新）
+            for token_value, (token_id, token_type) in db_tokens.items():
+                if token_value in self.token_statuses:
+                    old_type = self.token_statuses[token_value].token_type
+                    if old_type != token_type:
+                        self.token_statuses[token_value].token_type = token_type
+                        logger.info(f"🔄 更新 Token 类型: {token_value[:20]}... {old_type} → {token_type}")
+
+            logger.info(
+                f"✅ Token 池同步完成: "
+                f"当前 {len(self.token_statuses)} 个 Token "
+                f"(移除 {len(tokens_to_remove)}, 新增 {new_tokens_count})"
+            )
+
+
+# ==================== 全局实例管理 ====================
+
+
+_token_pool: Optional[TokenPool] = None
+_pool_lock = Lock()
+
+
+def get_token_pool() -> Optional[TokenPool]:
+    """获取全局 Token 池实例"""
+    return _token_pool
+
+
+async def initialize_token_pool_from_db(
+    provider: str = "zai",
+    failure_threshold: int = 3,
+    recovery_timeout: int = 1800
+) -> Optional[TokenPool]:
+    """
+    从数据库初始化全局 Token 池
+
+    Args:
+        provider: 提供商名称 (zai, k2think, longcat)
+        failure_threshold: 失败阈值
+        recovery_timeout: 恢复超时时间（秒）
+
+    Returns:
+        TokenPool 实例（即使没有 Token 也会创建空池）
+    """
+    global _token_pool
+
+    from app.services.token_dao import get_token_dao
+
+    dao = get_token_dao()
+
+    # 从数据库加载 Token（只加载启用的认证用户 Token）
+    token_records = await dao.get_tokens_by_provider(provider, enabled_only=True)
+
+    # 转换为 TokenPool 所需格式
+    tokens = []
+    if token_records:
+        tokens = [
+            (record["id"], record["token"], record.get("token_type", "unknown"))
+            for record in token_records
+        ]
+
+        # 过滤掉 guest token（不应该在数据库中，但防御性检查）
+        user_tokens = [
+            (tid, tval, ttype) for tid, tval, ttype in tokens
+            if ttype != "guest"
+        ]
+
+        if len(user_tokens) < len(tokens):
+            guest_count = len(tokens) - len(user_tokens)
+            logger.warning(f"⚠️ 过滤了 {guest_count} 个匿名用户 Token")
+
+        tokens = user_tokens
+
+    # 始终创建 Token 池实例（即使为空）
+    with _pool_lock:
+        _token_pool = TokenPool(tokens, failure_threshold, recovery_timeout)
+
+        if not tokens:
+            logger.warning(f"⚠️ {provider} 没有有效的认证用户 Token，已创建空 Token 池")
+        else:
+            logger.info(f"🔧 从数据库初始化 Token 池（{provider}），共 {len(tokens)} 个 Token")
+
+        return _token_pool
+
+
+async def sync_token_stats_to_db():
+    """
+    将内存中的 Token 统计同步到数据库
+
+    应在服务关闭或定期调用，确保统计数据不丢失
+    """
+    pool = get_token_pool()
+    if not pool:
+        return
+
+    from app.services.token_dao import get_token_dao
+
+    dao = get_token_dao()
+
+    with pool._lock:
+        for token, status in pool.token_statuses.items():
+            token_id = status.token_id
+
+            # 更新数据库统计（简化版，实际可能需要增量更新）
+            if status.successful_requests > 0:
+                for _ in range(status.successful_requests):
+                    await dao.record_success(token_id)
+
+            if status.total_requests - status.successful_requests > 0:
+                for _ in range(status.total_requests - status.successful_requests):
+                    await dao.record_failure(token_id)
+
+    logger.info("✅ Token 统计已同步到数据库")

app/utils/tool_call_handler.py

@@ -0,0 +1,347 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+"""
+工具调用处理模块
+"""
+
+import json
+import re
+from typing import Dict, List, Any, Optional, Tuple
+from app.utils.logger import get_logger
+
+logger = get_logger()
+
+
+def generate_tool_prompt(tools: Optional[List[Dict[str, Any]]]) -> str:
+    """
+    生成工具调用提示词
+    将 OpenAI tools 定义转换为 Markdown 格式的说明文档
+
+    Args:
+        tools: OpenAI 格式的工具定义列表
+
+    Returns:
+        str: Markdown 格式的工具使用说明
+    """
+    if not tools or len(tools) == 0:
+        return ""
+
+    tool_definitions = []
+
+    for tool in tools:
+        if tool.get("type") != "function":
+            continue
+
+        function_spec = tool.get("function", {})
+        function_name = function_spec.get("name", "unknown")
+        function_description = function_spec.get("description", "")
+        parameters = function_spec.get("parameters", {})
+
+        # 创建结构化的工具定义
+        tool_info = [
+            f"## {function_name}",
+            f"**Purpose**: {function_description}"
+        ]
+
+        # 添加参数详情
+        parameter_properties = parameters.get("properties", {})
+        required_parameters = set(parameters.get("required", []))
+
+        if parameter_properties:
+            tool_info.append("**Parameters**:")
+            for param_name, param_info in parameter_properties.items():
+                param_type = param_info.get("type", "string")
+                param_desc = param_info.get("description", "")
+                is_required = param_name in required_parameters
+                required_str = " (required)" if is_required else " (optional)"
+                tool_info.append(f"- `{param_name}` ({param_type}){required_str}: {param_desc}")
+
+        tool_definitions.append("\n".join(tool_info))
+
+    # 组合完整的提示词
+    prompt = (
+        "\n\n---\n"
+        "# Available Tools\n\n"
+        + "\n\n".join(tool_definitions) +
+        "\n\n"
+        "**Tool Invocation Format**:\n"
+        "To use a tool, include a JSON block with this structure:\n"
+        '{"tool_calls": [{"id": "call_ID", "type": "function", "function": {"name": "TOOL_NAME", "arguments": "JSON_STRING"}}]}\n\n'
+        "**Rules**:\n"
+        "- Use tool ONLY when user explicitly requests an action that matches a tool's purpose\n"
+        "- For normal conversation, respond naturally WITHOUT any tool calls\n"
+        "- The `arguments` must be a JSON string, not an object\n"
+        "- Multiple tools can be called by adding more items to the array\n"
+        "---\n\n"
+    )
+
+    logger.debug(f"生成工具提示词,包含 {len(tool_definitions)} 个工具定义")
+    return prompt
+
+
+def process_messages_with_tools(
+    messages: List[Dict[str, Any]],
+    tools: Optional[List[Dict[str, Any]]],
+    tool_choice: str = "auto"
+) -> List[Dict[str, Any]]:
+    """
+    将工具定义注入到消息列表中
+
+    Args:
+        messages: 原始消息列表
+        tools: 工具定义列表
+        tool_choice: 工具选择策略 ("auto", "none", 等)
+
+    Returns:
+        List[Dict]: 处理后的消息列表
+    """
+    if not tools or tool_choice == "none":
+        return messages
+
+    tools_prompt = generate_tool_prompt(tools)
+    if not tools_prompt:
+        return messages
+
+    processed = []
+    has_system = any(m.get("role") == "system" for m in messages)
+
+    if has_system:
+        # 如果有 system 消息,将工具提示追加到第一个 system 消息
+        for msg in messages:
+            if msg.get("role") == "system":
+                new_msg = msg.copy()
+                content = new_msg.get("content", "")
+                if isinstance(content, list):
+                    # 多模态内容
+                    content_str = " ".join([
+                        item.get("text", "") if item.get("type") == "text" else ""
+                        for item in content
+                    ])
+                else:
+                    content_str = str(content)
+                new_msg["content"] = content_str + tools_prompt
+                processed.append(new_msg)
+            else:
+                processed.append(msg)
+    else:
+        # 没有 system 消息,创建一个新的 system 消息
+        processed.append({
+            "role": "system",
+            "content": f"You are a helpful assistant with access to tools.{tools_prompt}"
+        })
+        processed.extend(messages)
+
+    logger.debug(f"工具提示已注入到消息列表,共 {len(processed)} 条消息")
+    return processed
+
+
+def parse_and_extract_tool_calls(content: str) -> Tuple[Optional[List[Dict[str, Any]]], str]:
+    """
+    从响应内容中提取 tool_calls JSON
+    
+    Args:
+        content: 模型返回的文本内容
+
+    Returns:
+        Tuple[Optional[List], str]: (提取的 tool_calls 列表, 清理后的内容)
+    """
+    if not content or not content.strip():
+        return None, content
+
+    tool_calls = None
+    cleaned_content = content
+
+    # 方法1: 尝试解析 JSON 代码块中的 tool_calls
+    # 匹配 ```json ... ``` 或 ```...```
+    json_block_pattern = r'```(?:json)?\s*\n?(\{[\s\S]*?\})\s*\n?```'
+    json_blocks = re.findall(json_block_pattern, content)
+
+    for json_str in json_blocks:
+        try:
+            parsed_data = json.loads(json_str)
+            if "tool_calls" in parsed_data:
+                tool_calls = parsed_data["tool_calls"]
+                if tool_calls and isinstance(tool_calls, list):
+                    # 确保 arguments 字段是字符串
+                    for tc in tool_calls:
+                        if tc.get("function"):
+                            func = tc["function"]
+                            if func.get("arguments"):
+                                if isinstance(func["arguments"], dict):
+                                    # 转换对象为 JSON 字符串
+                                    func["arguments"] = json.dumps(func["arguments"], ensure_ascii=False)
+                                elif not isinstance(func["arguments"], str):
+                                    func["arguments"] = str(func["arguments"])
+                    logger.debug(f"从 JSON 代码块中提取到 {len(tool_calls)} 个工具调用")
+                    break
+        except json.JSONDecodeError:
+            continue
+
+    # 方法2: 尝试从文本中直接查找 JSON 对象
+    if not tool_calls:
+        # 查找包含 "tool_calls" 的 JSON 对象
+        i = 0
+        scannable_text = content
+        while i < len(scannable_text):
+            if scannable_text[i] == '{':
+                # 尝试找到匹配的闭合括号
+                brace_count = 1
+                j = i + 1
+                in_string = False
+                escape_next = False
+
+                while j < len(scannable_text) and brace_count > 0:
+                    if escape_next:
+                        escape_next = False
+                    elif scannable_text[j] == '\\':
+                        escape_next = True
+                    elif scannable_text[j] == '"':
+                        in_string = not in_string
+                    elif not in_string:
+                        if scannable_text[j] == '{':
+                            brace_count += 1
+                        elif scannable_text[j] == '}':
+                            brace_count -= 1
+                    j += 1
+
+                if brace_count == 0:
+                    # 找到完整的 JSON 对象
+                    json_candidate = scannable_text[i:j]
+                    try:
+                        parsed_data = json.loads(json_candidate)
+                        if "tool_calls" in parsed_data:
+                            tool_calls = parsed_data["tool_calls"]
+                            if tool_calls and isinstance(tool_calls, list):
+                                # 确保 arguments 字段是字符串
+                                for tc in tool_calls:
+                                    if tc.get("function"):
+                                        func = tc["function"]
+                                        if func.get("arguments"):
+                                            if isinstance(func["arguments"], dict):
+                                                func["arguments"] = json.dumps(func["arguments"], ensure_ascii=False)
+                                            elif not isinstance(func["arguments"], str):
+                                                func["arguments"] = str(func["arguments"])
+                                logger.debug(f"从内联 JSON 中提取到 {len(tool_calls)} 个工具调用")
+                                break
+                    except json.JSONDecodeError:
+                        pass
+
+                i = j
+            else:
+                i += 1
+
+    # 清理内容 - 移除包含 tool_calls 的 JSON
+    if tool_calls:
+        cleaned_content = remove_tool_json_content(content)
+
+    return tool_calls, cleaned_content
+
+
+def remove_tool_json_content(content: str) -> str:
+    """
+    从响应内容中移除工具调用 JSON
+
+    Args:
+        content: 原始响应内容
+
+    Returns:
+        str: 清理后的内容
+    """
+    if not content:
+        return content
+
+    # 步骤1: 移除 JSON 代码块中包含 tool_calls 的部分
+    cleaned_text = content
+
+    # 匹配 ```json ... ``` 或 ```...```
+    def replace_json_block(match):
+        json_content = match.group(1)
+        try:
+            parsed_data = json.loads(json_content)
+            if "tool_calls" in parsed_data:
+                return ""  # 移除整个代码块
+        except json.JSONDecodeError:
+            pass
+        return match.group(0)  # 保留原文
+
+    json_block_pattern = r'```(?:json)?\s*\n?(\{[\s\S]*?\})\s*\n?```'
+    cleaned_text = re.sub(json_block_pattern, replace_json_block, cleaned_text)
+
+    # 步骤2: 移除内联的 tool JSON - 使用括号平衡方法
+    result = []
+    i = 0
+
+    while i < len(cleaned_text):
+        if cleaned_text[i] == '{':
+            # 尝试找到匹配的闭合括号
+            brace_count = 1
+            j = i + 1
+            in_string = False
+            escape_next = False
+
+            while j < len(cleaned_text) and brace_count > 0:
+                if escape_next:
+                    escape_next = False
+                elif cleaned_text[j] == '\\':
+                    escape_next = True
+                elif cleaned_text[j] == '"':
+                    in_string = not in_string
+                elif not in_string:
+                    if cleaned_text[j] == '{':
+                        brace_count += 1
+                    elif cleaned_text[j] == '}':
+                        brace_count -= 1
+                j += 1
+
+            if brace_count == 0:
+                # 找到完整的 JSON 对象,检查是否包含 tool_calls
+                json_candidate = cleaned_text[i:j]
+                try:
+                    parsed = json.loads(json_candidate)
+                    if "tool_calls" in parsed:
+                        # 这是一个工具调用,跳过它
+                        i = j
+                        continue
+                except json.JSONDecodeError:
+                    pass
+
+            # 不是工具调用或无法解析,保留这个字符
+            result.append(cleaned_text[i])
+            i += 1
+        else:
+            result.append(cleaned_text[i])
+            i += 1
+
+    cleaned_result = "".join(result).strip()
+
+    # 移除多余的空白行
+    cleaned_result = re.sub(r'\n{3,}', '\n\n', cleaned_result)
+
+    logger.debug(f"内容清理完成,原始长度: {len(content)}, 清理后长度: {len(cleaned_result)}")
+    return cleaned_result
+
+
+def content_to_string(content: Any) -> str:
+    """
+    将消息内容转换为字符串
+
+    Args:
+        content: 消息内容,可能是字符串或列表(多模态)
+
+    Returns:
+        str: 字符串格式的内容
+    """
+    if isinstance(content, str):
+        return content
+    elif isinstance(content, list):
+        # 多模态内容,提取文本部分
+        text_parts = []
+        for item in content:
+            if isinstance(item, dict):
+                if item.get("type") == "text":
+                    text_parts.append(item.get("text", ""))
+            elif isinstance(item, str):
+                text_parts.append(item)
+        return " ".join(text_parts)
+    else:
+        return str(content)

app/utils/user_agent.py

@@ -0,0 +1,133 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+"""
+用户代理工具模块
+提供动态随机用户代理生成功能
+"""
+
+import random
+from typing import Dict, Optional
+from fake_useragent import UserAgent
+
+# 全局 UserAgent 实例（单例模式）
+_user_agent_instance: Optional[UserAgent] = None
+
+
+def get_user_agent_instance() -> UserAgent:
+    """获取或创建 UserAgent 实例（单例模式）"""
+    global _user_agent_instance
+    if _user_agent_instance is None:
+        _user_agent_instance = UserAgent()
+    return _user_agent_instance
+
+
+def get_random_user_agent(browser_type: Optional[str] = None) -> str:
+    """
+    获取随机用户代理字符串
+
+    Args:
+        browser_type: 指定浏览器类型 ('chrome', 'firefox', 'safari', 'edge')
+                     如果为 None，则随机选择
+
+    Returns:
+        str: 用户代理字符串
+    """
+    ua = get_user_agent_instance()
+
+    # 如果没有指定浏览器类型，随机选择一个（偏向 Chrome 和 Edge）
+    if browser_type is None:
+        browser_choices = ["chrome", "chrome", "chrome", "edge", "edge", "firefox", "safari"]
+        browser_type = random.choice(browser_choices)
+
+    # 根据浏览器类型获取用户代理
+    if browser_type == "chrome":
+        user_agent = ua.chrome
+    elif browser_type == "edge":
+        user_agent = ua.edge
+    elif browser_type == "firefox":
+        user_agent = ua.firefox
+    elif browser_type == "safari":
+        user_agent = ua.safari
+    else:
+        user_agent = ua.random
+
+    return user_agent
+
+
+# 通用 UserAgent headers 生成函数
+def get_dynamic_headers(
+    referer: Optional[str] = None,
+    origin: Optional[str] = None,
+    browser_type: Optional[str] = None,
+    additional_headers: Optional[Dict[str, str]] = None
+) -> Dict[str, str]:
+    """
+    生成动态浏览器 headers，包含随机 User-Agent
+
+    Args:
+        referer: 引用页面 URL
+        origin: 源站 URL
+        browser_type: 指定浏览器类型
+        additional_headers: 额外的 headers
+
+    Returns:
+        Dict[str, str]: 包含动态 User-Agent 的 headers
+    """
+    user_agent = get_random_user_agent(browser_type)
+
+    # 基础 headers
+    headers = {
+        "User-Agent": user_agent,
+        "Accept": "application/json, text/event-stream",
+        "Accept-Language": "zh-CN,zh;q=0.9,en;q=0.8",
+        "Accept-Encoding": "gzip, deflate, br",
+        "Cache-Control": "no-cache",
+        "Connection": "keep-alive",
+        "Pragma": "no-cache",
+    }
+
+    # 添加可选的 headers
+    if referer:
+        headers["Referer"] = referer
+
+    if origin:
+        headers["Origin"] = origin
+
+    # 根据用户代理添加浏览器特定的 headers
+    if "Chrome/" in user_agent or "Edg/" in user_agent:
+        # Chrome/Edge 特定的 headers
+        chrome_version = "139"
+        edge_version = "139"
+
+        try:
+            if "Chrome/" in user_agent:
+                chrome_version = user_agent.split("Chrome/")[1].split(".")[0]
+        except:
+            pass
+
+        try:
+            if "Edg/" in user_agent:
+                edge_version = user_agent.split("Edg/")[1].split(".")[0]
+                sec_ch_ua = f'"Microsoft Edge";v="{edge_version}", "Chromium";v="{chrome_version}", "Not_A Brand";v="24"'
+            else:
+                sec_ch_ua = f'"Not_A Brand";v="8", "Chromium";v="{chrome_version}", "Google Chrome";v="{chrome_version}"'
+        except:
+            sec_ch_ua = f'"Not_A Brand";v="8", "Chromium";v="{chrome_version}", "Google Chrome";v="{chrome_version}"'
+
+        headers.update({
+            "sec-ch-ua": sec_ch_ua,
+            "sec-ch-ua-mobile": "?0",
+            "sec-ch-ua-platform": '"Windows"',
+            "Sec-Fetch-Dest": "empty",
+            "Sec-Fetch-Mode": "cors",
+            "Sec-Fetch-Site": "same-origin",
+        })
+
+    # 添加额外的 headers
+    if additional_headers:
+        headers.update(additional_headers)
+
+    return headers
+
+

deploy/.dockerignore

@@ -0,0 +1,54 @@
+# Git files
+.git
+.gitignore
+.gitattributes
+
+# Python cache
+__pycache__
+*.py[cod]
+*$py.class
+*.so
+.Python
+
+# Virtual environments
+venv/
+env/
+ENV/
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# Documentation
+*.md
+!README.md
+docs/
+
+# Test files
+tests/
+pytest.ini
+.pytest_cache/
+
+# Local data (will be mounted as volumes)
+*.db
+*.sqlite
+*.sqlite3
+logs/
+data/
+
+# Build artifacts
+build/
+dist/
+*.egg-info/
+
+# Docker files in parent directory
+Dockerfile
+docker-compose.yml
+.dockerignore
+
+# Other
+.env.local
+.DS_Store

deploy/.env.example

@@ -0,0 +1,35 @@
+# ==============================================
+# Z.AI API Server - Docker 环境变量配置示例
+# ==============================================
+
+# 管理后台密码
+ADMIN_PASSWORD=admin123
+
+# API 认证密钥 (用于验证客户端请求)
+AUTH_TOKEN=sk-your-api-key-here
+
+# 是否跳过 API Key 验证 (开发环境可设为 true)
+SKIP_AUTH_TOKEN=false
+
+# 调试日志 (生产环境建议设为 false)
+DEBUG_LOGGING=true
+
+# 匿名模式 (允许无 token 访问,需要配合 SKIP_AUTH_TOKEN=true)
+ANONYMOUS_MODE=false
+
+# Function Call 功能开关 (是否支持工具调用)
+TOOL_SUPPORT=true
+
+# 工具调用扫描限制 (字符数)
+SCAN_LIMIT=200000
+
+# 数据库路径 (Docker 环境使用持久化卷)
+DB_PATH=/app/data/tokens.db
+
+# Token 池配置
+TOKEN_FAILURE_THRESHOLD=3
+TOKEN_RECOVERY_TIMEOUT=300
+
+# 服务配置
+SERVICE_NAME=Z.AI_API_Server
+LISTEN_PORT=7860

deploy/Dockerfile

@@ -0,0 +1,24 @@
+FROM python:3.12-slim
+
+# Set working directory
+WORKDIR /app
+
+# Create data and logs directories with proper permissions
+RUN mkdir -p /app/data /app/logs && \
+    chmod 755 /app/data /app/logs
+
+# Install dependencies
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+
+# Copy application code
+COPY . .
+
+# Set environment variable for database path
+ENV DB_PATH=/app/data/tokens.db
+
+# Expose port
+EXPOSE 7860
+
+# Run the application
+CMD ["python", "main.py"]

deploy/NGINX_SETUP.md

@@ -0,0 +1,278 @@
+# Nginx 反向代理部署指南
+
+本文档说明如何在 Nginx 反向代理后部署 Z.AI2API,支持自定义路径前缀。
+
+## 问题说明
+
+在使用 Nginx 反向代理时,如果需要将服务部署在自定义路径前缀下(例如 `http://domain.com/ai2api`),
+需要正确配置 `ROOT_PATH` 环境变量,否则会出现以下问题:
+
+- 后台管理页面跳转错误(缺少路径前缀)
+- API 接口请求 404(路径不完整)
+- 静态资源加载失败
+
+## 解决方案
+
+### 1. 配置环境变量
+
+在 `.env` 文件中设置 `ROOT_PATH` 变量,值为 Nginx 配置的 location 路径:
+
+```bash
+# 示例:部署在 /ai2api 路径下
+ROOT_PATH=/ai2api
+```
+
+**重要**: `ROOT_PATH` 必须与 Nginx 配置中的 `location` 路径完全一致。
+
+### 2. 配置 Nginx
+
+参考 `deploy/nginx.conf.example` 文件,选择合适的配置模板。
+
+#### 基础配置示例
+
+```nginx
+server {
+    listen 80;
+    server_name your-domain.com;
+
+    location /ai2api {
+        # 代理到后端服务
+        proxy_pass http://127.0.0.1:7860;
+
+        # 传递原始请求信息
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        # SSE 流式响应支持
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_buffering off;
+        proxy_cache off;
+
+        # 超时设置
+        proxy_read_timeout 300s;
+    }
+}
+```
+
+### 3. Docker Compose 配置
+
+如果使用 Docker 部署,需要在 `docker-compose.yml` 中添加 `ROOT_PATH` 环境变量:
+
+```yaml
+version: '3.8'
+services:
+  ai2api:
+    image: z-ai2api:latest
+    environment:
+      - ROOT_PATH=/ai2api
+      - LISTEN_PORT=7860
+      # ... 其他环境变量
+    ports:
+      - "7860:7860"
+```
+
+### 4. 重启服务
+
+```bash
+# 重载 Nginx 配置
+sudo nginx -t
+sudo systemctl reload nginx
+
+# 重启应用(Docker)
+docker-compose restart
+
+# 或重启应用(直接运行)
+# 停止服务后重新启动
+```
+
+## 访问地址
+
+配置完成后,服务访问地址如下:
+
+- **API 端点**: `http://your-domain.com/ai2api/v1/chat/completions`
+- **模型列表**: `http://your-domain.com/ai2api/v1/models`
+- **管理后台**: `http://your-domain.com/ai2api/admin/login`
+- **根路径**: `http://your-domain.com/ai2api/`
+
+## 配置示例
+
+### 示例 1: 部署在 /api 路径下
+
+**.env 配置**:
+```bash
+ROOT_PATH=/api
+```
+
+**Nginx 配置**:
+```nginx
+location /api {
+    proxy_pass http://127.0.0.1:7860;
+    # ... 其他配置
+}
+```
+
+**访问地址**: `http://domain.com/api/admin/login`
+
+### 示例 2: 部署在根路径(无前缀)
+
+**.env 配置**:
+```bash
+ROOT_PATH=
+```
+
+**Nginx 配置**:
+```nginx
+location / {
+    proxy_pass http://127.0.0.1:7860;
+    # ... 其他配置
+}
+```
+
+**访问地址**: `http://domain.com/admin/login`
+
+### 示例 3: 多级路径前缀
+
+**.env 配置**:
+```bash
+ROOT_PATH=/services/ai/chat
+```
+
+**Nginx 配置**:
+```nginx
+location /services/ai/chat {
+    proxy_pass http://127.0.0.1:7860;
+    # ... 其他配置
+}
+```
+
+**访问地址**: `http://domain.com/services/ai/chat/admin/login`
+
+## 常见问题排查
+
+### 1. 404 错误
+
+**现象**: 访问页面或 API 时返回 404
+
+**可能原因**:
+- `ROOT_PATH` 配置与 Nginx location 路径不匹配
+- Nginx 配置错误或未重载
+
+**解决方法**:
+- 检查 `.env` 中的 `ROOT_PATH` 是否与 Nginx `location` 完全一致
+- 确认 Nginx 配置无误: `sudo nginx -t`
+- 重载 Nginx: `sudo systemctl reload nginx`
+- 重启应用服务
+
+### 2. 静态资源加载失败
+
+**现象**: 管理后台页面样式错乱,控制台显示 CSS/JS 404
+
+**可能原因**:
+- `ROOT_PATH` 未配置或配置错误
+- 静态文件路径未包含前缀
+
+**解决方法**:
+- 确保 `ROOT_PATH` 正确配置并重启服务
+- 检查浏览器开发者工具中的资源请求路径
+
+### 3. 流式响应中断
+
+**现象**: SSE 流式响应提前终止或无法正常工作
+
+**可能原因**:
+- Nginx 启用了缓冲
+- 超时时间设置过短
+
+**解决方法**:
+在 Nginx 配置中添加:
+```nginx
+proxy_buffering off;
+proxy_cache off;
+proxy_read_timeout 300s;
+```
+
+### 4. CORS 错误
+
+**现象**: 浏览器控制台显示跨域请求被阻止
+
+**可能原因**:
+- Nginx 未正确传递请求头
+
+**解决方法**:
+确保 Nginx 配置中包含:
+```nginx
+proxy_set_header Host $host;
+proxy_set_header X-Forwarded-Proto $scheme;
+```
+
+## 验证配置
+
+配置完成后,可以通过以下方式验证:
+
+1. **访问健康检查端点**:
+   ```bash
+   curl http://your-domain.com/ai2api/v1/models
+   ```
+
+2. **访问管理后台**:
+   在浏览器打开 `http://your-domain.com/ai2api/admin/login`
+
+3. **测试 API 请求**:
+   ```bash
+   curl -X POST http://your-domain.com/ai2api/v1/chat/completions \
+     -H "Content-Type: application/json" \
+     -H "Authorization: Bearer your-api-key" \
+     -d '{
+       "model": "GLM-4.6",
+       "messages": [{"role": "user", "content": "Hello"}],
+       "stream": false
+     }'
+   ```
+
+## 进阶配置
+
+### HTTPS 配置
+
+```nginx
+server {
+    listen 443 ssl http2;
+    server_name your-domain.com;
+
+    ssl_certificate /path/to/cert.pem;
+    ssl_certificate_key /path/to/key.pem;
+
+    location /ai2api {
+        proxy_pass http://127.0.0.1:7860;
+        proxy_set_header X-Forwarded-Proto https;
+        # ... 其他配置
+    }
+}
+```
+
+### 负载均衡
+
+```nginx
+upstream ai2api_backend {
+    server 127.0.0.1:7860;
+    server 127.0.0.1:8081;
+    server 127.0.0.1:8082;
+}
+
+server {
+    listen 80;
+    location /ai2api {
+        proxy_pass http://ai2api_backend;
+        # ... 其他配置
+    }
+}
+```
+
+## 参考资料
+
+- [FastAPI Behind a Proxy](https://fastapi.tiangolo.com/advanced/behind-a-proxy/)
+- [Nginx Proxy Module](http://nginx.org/en/docs/http/ngx_http_proxy_module.html)
+- 完整配置示例: `deploy/nginx.conf.example`

deploy/README_DOCKER.md

@@ -0,0 +1,357 @@
+# Docker 部署文档
+
+## 快速部署
+
+### 方式一: 使用预构建镜像 (推荐)
+
+从 Docker Hub 拉取镜像:
+
+```bash
+# 拉取最新镜像
+docker pull zyphrzero/z-ai2api-python:latest
+
+# 创建数据目录
+mkdir -p data logs
+
+# 快速启动
+docker run -d \
+  --name z-ai-api-server \
+  -p 7860:7860 \
+  -e ADMIN_PASSWORD=admin123 \
+  -e AUTH_TOKEN=sk-your-api-key \
+  -e ANONYMOUS_MODE=true \
+  -e DB_PATH=/app/data/tokens.db \
+  -v $(pwd)/data:/app/data \
+  -v $(pwd)/logs:/app/logs \
+  --restart unless-stopped \
+  zyphrzero/z-ai2api-python:latest
+```
+
+**优势**:
+- ✅ 无需本地构建,节省时间
+- ✅ GitHub Actions 自动化构建,保证质量
+- ✅ 多架构支持 (amd64/arm64)
+- ✅ 镜像已优化,体积更小
+
+### 方式二: 使用本地构建
+
+适用于需要自定义修改代码的场景:
+
+```bash
+# 进入部署目录
+cd deploy
+
+# 启动服务 (会自动构建镜像)
+docker compose up -d
+
+# 查看日志
+docker compose logs -f api-server
+```
+
+服务将在 `http://localhost:7860` 启动。
+
+## 架构说明
+
+### 持久化存储
+
+容器使用卷映射实现数据持久化:
+
+```yaml
+volumes:
+  - ./data:/app/data      # 数据库存储 (tokens.db)
+  - ./logs:/app/logs      # 应用日志
+```
+
+**目录结构**:
+```
+deploy/
+├── data/
+│   └── tokens.db          # SQLite 数据库 (自动创建)
+├── logs/                  # 应用日志 (自动创建)
+├── docker-compose.yml
+├── Dockerfile
+└── README_DOCKER.md
+```
+
+### 环境变量
+
+核心配置参数 (在 `docker-compose.yml` 中设置):
+
+| 变量 | 默认值 | 说明 |
+|------|--------|------|
+| `DB_PATH` | `/app/data/tokens.db` | 数据库文件路径 |
+| `ADMIN_PASSWORD` | `admin123` | 管理后台密码 |
+| `AUTH_TOKEN` | `sk-your-api-key` | API 认证密钥 |
+| `SKIP_AUTH_TOKEN` | `false` | 跳过 API 验证 |
+| `ANONYMOUS_MODE` | `true` | 匿名访问模式 |
+| `DEBUG_LOGGING` | `true` | 调试日志开关 |
+| `TOOL_SUPPORT` | `true` | Function Call 支持 |
+
+**生产环境建议**:
+- 修改 `ADMIN_PASSWORD` 和 `AUTH_TOKEN`
+- 设置 `DEBUG_LOGGING=false`
+- 设置 `ANONYMOUS_MODE=false`
+
+## 运维操作
+
+### 服务管理
+
+```bash
+# 启动服务
+docker compose up -d
+
+# 停止服务
+docker compose down
+
+# 重启服务
+docker compose restart
+
+# 查看状态
+docker compose ps
+
+# 实时日志
+docker compose logs -f
+```
+
+### 更新应用
+
+**使用预构建镜像**:
+
+```bash
+# 停止当前容器
+docker compose down
+
+# 拉取最新镜像
+docker pull zyphrzero/z-ai2api-python:latest
+
+# 启动新版本 (数据会自动保留)
+docker compose up -d
+
+# 清理旧镜像
+docker image prune -f
+```
+
+**使用本地构建**:
+
+```bash
+# 拉取最新代码
+git pull
+
+# 重新构建并启动 (数据会保留)
+docker compose up -d --build
+
+# 清理旧镜像
+docker image prune -f
+```
+
+### 数据备份与恢复
+
+**备份**:
+```bash
+# 备份数据库
+cp ./data/tokens.db ./data/tokens.db.backup.$(date +%Y%m%d_%H%M%S)
+
+# 完整备份
+tar -czf backup_$(date +%Y%m%d_%H%M%S).tar.gz ./data ./logs
+```
+
+**恢复**:
+```bash
+# 停止服务
+docker compose down
+
+# 恢复数据库
+cp ./data/tokens.db.backup.20250116_120000 ./data/tokens.db
+
+# 启动服务
+docker compose up -d
+```
+
+### 数据库迁移
+
+如需从其他位置迁移现有数据库:
+
+```bash
+# 使用迁移脚本
+./migrate_db.sh /path/to/existing/tokens.db
+
+# 或手动复制
+cp /opt/1panel/docker/compose/k2think/tokens.db ./data/
+chmod 644 ./data/tokens.db
+
+# 启动服务
+docker compose up -d
+```
+
+## 故障排查
+
+### 数据库初始化失败
+
+**错误**: `unable to open database file`
+
+**原因**: 目录权限或卷映射问题
+
+**解决**:
+```bash
+# 停止容器
+docker compose down
+
+# 确保目录存在
+mkdir -p ./data ./logs
+
+# 设置权限
+chmod 755 ./data ./logs
+
+# 重新构建并启动
+docker compose up -d --build
+```
+
+### 容器无法启动
+
+**检查步骤**:
+```bash
+# 查看详细日志
+docker compose logs api-server
+
+# 检查容器状态
+docker compose ps
+
+# 验证配置文件
+docker compose config
+```
+
+### 端口冲突
+
+如端口 7860 被占用,修改 `docker-compose.yml`:
+```yaml
+ports:
+  - "8081:7860"  # 映射到宿主机 8081 端口
+```
+
+### 健康检查失败
+
+```bash
+# 检查健康状态
+docker compose ps
+
+# 手动测试接口
+curl http://localhost:7860/v1/models
+
+# 进入容器排查
+docker exec -it z-ai-api-server bash
+```
+
+## API 访问
+
+| 端点 | 地址 | 说明 |
+|------|------|------|
+| API 根路径 | `http://localhost:7860` | OpenAI 兼容 API |
+| 模型列表 | `http://localhost:7860/v1/models` | 获取可用模型 |
+| 管理后台 | `http://localhost:7860/admin` | Web 管理界面 |
+| API 文档 | `http://localhost:7860/docs` | OpenAPI/Swagger 文档 |
+| 健康检查 | `http://localhost:7860/v1/models` | 服务健康状态 |
+
+## 高级配置
+
+### 自定义数据库路径
+
+修改 `docker-compose.yml` 使用��部路径:
+
+```yaml
+volumes:
+  - /opt/mydata:/app/data  # 使用绝对路径
+
+environment:
+  - DB_PATH=/app/data/tokens.db
+```
+
+### 使用 .env 文件
+
+创建 `.env` 文件 (基于 `.env.example`):
+
+```bash
+cp .env.example .env
+# 编辑配置
+vim .env
+```
+
+修改 `docker-compose.yml`:
+```yaml
+services:
+  api-server:
+    env_file: .env
+```
+
+### 启用日志轮转
+
+在生产环境配置 Docker 日志驱动:
+
+```yaml
+services:
+  api-server:
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "10m"
+        max-file: "3"
+```
+
+### 资源限制
+
+限制容器资源使用:
+
+```yaml
+services:
+  api-server:
+    deploy:
+      resources:
+        limits:
+          cpus: '2'
+          memory: 2G
+        reservations:
+          cpus: '0.5'
+          memory: 512M
+```
+
+## 监控与日志
+
+### 查看日志
+
+```bash
+# 实时日志
+docker compose logs -f
+
+# 最近100行
+docker compose logs --tail=100
+
+# 特定时间段
+docker compose logs --since 30m
+
+# 导出日志
+docker compose logs > app.log
+```
+
+### 容器指标
+
+```bash
+# 资源使用情况
+docker stats z-ai-api-server
+
+# 容器详情
+docker inspect z-ai-api-server
+```
+
+## 安全建议
+
+1. **修改默认密码**: 更改 `ADMIN_PASSWORD` 和 `AUTH_TOKEN`
+2. **限制网络访问**: 生产环境使用反向代理 (Nginx/Caddy)
+3. **启用 HTTPS**: 配置 SSL 证书
+4. **定期备份**: 自动化数据库备份任务
+5. **日志审计**: 定期检查 `request_logs` 表
+6. **最小权限**: 避免以 root 运行容器
+
+## 参考资料
+
+- [Docker Compose 文档](https://docs.docker.com/compose/)
+- [项目主 README](../README.md)
+- [配置示例](.env.example)