temp user realname

frontend/providers/aiproxy/app/api/user/token/[id]/route.ts

@@ -1,6 +1,7 @@
 import { NextRequest, NextResponse } from 'next/server'
-import { parseJwtToken } from '@/utils/backend/auth'
+import { getSealosUserUid, parseJwtToken } from '@/utils/backend/auth'
 import { ApiProxyBackendResp, ApiResp } from '@/types/api'
+import { validateSealosUserRealNameInfo } from '@/utils/backend/db'
 
 export const dynamic = 'force-dynamic'
 
@@ -130,6 +131,20 @@ export async function POST(
       )
     }
 
+    const sealosUserUid = await getSealosUserUid(request.headers)
+    const isRealName = await validateSealosUserRealNameInfo(sealosUserUid)
+
+    if (!isRealName) {
+      return NextResponse.json(
+        {
+          code: 400,
+          message: 'user not real name',
+          error: 'user not real name'
+        },
+        { status: 400 }
+      )
+    }
+
     const updateTokenBody: UpdateTokenRequestBody = await request.json()
 
     if (typeof updateTokenBody.status !== 'number') {

frontend/providers/aiproxy/app/api/user/token/route.ts

@@ -1,8 +1,9 @@
 import { NextRequest, NextResponse } from 'next/server'
 import { TokenInfo } from '@/types/user/token'
 
-import { parseJwtToken } from '@/utils/backend/auth'
+import { getSealosUserUid, parseJwtToken } from '@/utils/backend/auth'
 import { ApiProxyBackendResp, ApiResp } from '@/types/api'
+import { validateSealosUserRealNameInfo } from '@/utils/backend/db'
 
 export const dynamic = 'force-dynamic'
 
@@ -190,6 +191,19 @@ export async function POST(request: NextRequest): Promise<NextResponse<ApiResp<T
       )
     }
 
+    const sealosUserUid = await getSealosUserUid(request.headers)
+    const isRealName = await validateSealosUserRealNameInfo(sealosUserUid)
+
+    if (!isRealName) {
+      return NextResponse.json(
+        {
+          code: 400,
+          message: 'user not real name',
+          error: 'user not real name'
+        },
+        { status: 400 }
+      )
+    }
     // 创建Token
     const newToken = await createToken(body.name, group)
 

frontend/providers/aiproxy/package.json

@@ -13,6 +13,7 @@
     "@sealos/ui": "workspace:*",
     "@tanstack/react-query": "^4.35.3",
     "@tanstack/react-table": "^8.10.7",
+    "@types/pg": "^8.11.10",
     "accept-language": "^3.0.20",
     "axios": "^1.7.7",
     "date-fns": "^2.30.0",
@@ -25,6 +26,7 @@
     "immer": "^10.1.1",
     "jsonwebtoken": "^9.0.2",
     "next": "14.2.5",
+    "pg": "^8.13.1",
     "react": "^18",
     "react-day-picker": "^8.8.2",
     "react-dom": "^18",

frontend/providers/aiproxy/utils/backend/auth.ts

@@ -37,3 +37,28 @@ export async function parseJwtToken(headers: Headers): Promise<string> {
     return Promise.reject('Auth: Invalid token')
   }
 }
+
+export async function getSealosUserUid(headers: Headers): Promise<string> {
+  try {
+    const token = headers.get('authorization')
+    if (!token) {
+      return Promise.reject('Auth: Token is missing')
+    }
+
+    const decoded = jwt.verify(
+      token,
+      global.AppConfig?.auth.appTokenJwtKey || ''
+    ) as AppTokenPayload
+    const now = Math.floor(Date.now() / 1000)
+    if (decoded.exp && decoded.exp < now) {
+      return Promise.reject('Auth: Token expired')
+    }
+    if (!decoded.workspaceId) {
+      return Promise.reject('Auth: Invalid token')
+    }
+    return decoded.userUid
+  } catch (error) {
+    console.error('Auth: Token parsing error:', error)
+    return Promise.reject('Auth: Invalid token')
+  }
+}