refactor: optimize middleware with pure ASGI implementation and enhance security measures

- Replace BaseHTTPMiddleware with pure ASGI implementation in plugin middleware for better streaming response handling - Add trusted proxy count configuration for client IP extraction in reverse proxy environments - Implement audit log cleanup scheduler with configurable retention period - Replace plaintext token logging with SHA256 hash fingerprints for security - Fix database session lifecycle management in middleware - Improve request tracing and error logging throughout the system - Add comprehensive tests for pipeline architecture
2026-01-12 04:28:28 +08:00 · 2025-12-18 19:07:20 +08:00
parent c7b971cfe7
commit 7b932d7afb
24 changed files with 497 additions and 219 deletions
--- a/src/services/usage/service.py
+++ b/src/services/usage/service.py
@@ -1217,15 +1217,19 @@ class UsageService:
        request_id: str,
        status: str,
        error_message: Optional[str] = None,
+        provider: Optional[str] = None,
+        target_model: Optional[str] = None,
    ) -> Optional[Usage]:
        """
-        快速更新使用记录状态（不更新其他字段）
+        快速更新使用记录状态

        Args:
            db: 数据库会话
            request_id: 请求ID
            status: 新状态 (pending, streaming, completed, failed)
            error_message: 错误消息（仅在 failed 状态时使用）
+            provider: 提供商名称（可选，streaming 状态时更新）
+            target_model: 映射后的目标模型名（可选）

        Returns:
            更新后的 Usage 记录，如果未找到则返回 None
@@ -1239,6 +1243,10 @@ class UsageService:
        usage.status = status
        if error_message:
            usage.error_message = error_message
+        if provider:
+            usage.provider = provider
+        if target_model:
+            usage.target_model = target_model

        db.commit()

--- a/src/services/usage/stream.py
+++ b/src/services/usage/stream.py
@@ -457,7 +457,7 @@ class StreamUsageTracker:

        logger.debug(f"ID:{self.request_id} | 开始跟踪流式响应 | 估算输入tokens:{self.input_tokens}")

-        # 更新状态为 streaming
+        # 更新状态为 streaming，同时更新 provider
        if self.request_id:
            try:
                from src.services.usage.service import UsageService
@@ -465,6 +465,7 @@ class StreamUsageTracker:
                    db=self.db,
                    request_id=self.request_id,
                    status="streaming",
+                    provider=self.provider,
                )
            except Exception as e:
                logger.warning(f"更新使用记录状态为 streaming 失败: {e}")