feat(key): extend key metadata and validation

2026-01-13 17:47:51 +00:00 · 2025-12-19 21:24:24 +08:00
parent 5e98368428
commit 524f8c5a4e
6 changed files with 351 additions and 71 deletions
--- a/internal/model/models.go
+++ b/internal/model/models.go
@@ -26,16 +26,28 @@ type Master struct {
 // Key represents a child access token issued by a Master.
 type Key struct {
 	gorm.Model
-	MasterID         uint   `gorm:"not null;index" json:"master_id"`
-	KeySecret        string `gorm:"size:255;column:key_secret" json:"-"`     // bcrypt hash of child key
-	TokenHash        string `gorm:"size:64;uniqueIndex" json:"token_hash"`   // sha256 digest of child key
-	Group            string `gorm:"size:100;default:'default'" json:"group"` // routing group
-	Scopes           string `gorm:"size:1024" json:"scopes"`                 // Comma-separated scopes
-	DefaultNamespace string `gorm:"size:100;default:'default'" json:"default_namespace"`
-	Namespaces       string `gorm:"size:1024;default:'default'" json:"namespaces"` // Comma-separated namespaces
-	IssuedAtEpoch    int64  `gorm:"not null" json:"issued_at_epoch"`               // copy of master epoch at issuance
-	Status           string `gorm:"size:50;default:'active'" json:"status"`        // active, suspended
-	IssuedBy         string `gorm:"size:20;default:'master'" json:"issued_by"`
+	MasterID           uint       `gorm:"not null;index" json:"master_id"`
+	KeySecret          string     `gorm:"size:255;column:key_secret" json:"-"`     // bcrypt hash of child key
+	TokenHash          string     `gorm:"size:64;uniqueIndex" json:"token_hash"`   // sha256 digest of child key
+	Group              string     `gorm:"size:100;default:'default'" json:"group"` // routing group
+	Scopes             string     `gorm:"size:1024" json:"scopes"`                 // Comma-separated scopes
+	DefaultNamespace   string     `gorm:"size:100;default:'default'" json:"default_namespace"`
+	Namespaces         string     `gorm:"size:1024;default:'default'" json:"namespaces"` // Comma-separated namespaces
+	IssuedAtEpoch      int64      `gorm:"not null" json:"issued_at_epoch"`               // copy of master epoch at issuance
+	Status             string     `gorm:"size:50;default:'active'" json:"status"`        // active, suspended
+	IssuedBy           string     `gorm:"size:20;default:'master'" json:"issued_by"`
+	ModelLimits        string     `gorm:"size:2048" json:"model_limits"`
+	ModelLimitsEnabled bool       `gorm:"default:false" json:"model_limits_enabled"`
+	ExpiresAt          *time.Time `gorm:"index" json:"expires_at"`
+	AllowIPs           string     `gorm:"size:1024" json:"allow_ips"`
+	DenyIPs            string     `gorm:"size:1024" json:"deny_ips"`
+	LastAccessedAt     *time.Time `json:"last_accessed_at"`
+	RequestCount       int64      `gorm:"default:0" json:"request_count"`
+	UsedTokens         int64      `gorm:"default:0" json:"used_tokens"`
+	QuotaLimit         int64      `gorm:"default:-1" json:"quota_limit"`
+	QuotaUsed          int64      `gorm:"default:0" json:"quota_used"`
+	QuotaResetAt       *time.Time `json:"quota_reset_at"`
+	QuotaResetType     string     `gorm:"size:20" json:"quota_reset_type"`
 }

 // Provider remains the same.