From 8d6b5ea81cbfc3f597531848f59374995b0402e9 Mon Sep 17 00:00:00 2001
From: jingrow <support@jingrow.com>
Date: Tue, 6 May 2025 03:55:43 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E7=94=A8=E6=88=B7=E9=AA=8C?=
 =?UTF-8?q?=E8=AF=81=E5=8F=8A=E4=BD=99=E9=A2=9D=E6=A3=80=E6=9F=A5API?=
 =?UTF-8?q?=E6=8E=A5=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 jcloud/api/account.py | 105 +++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 103 insertions(+), 2 deletions(-)

diff --git a/jcloud/api/account.py b/jcloud/api/account.py
index 87c0027..42edd1b 100644
--- a/jcloud/api/account.py
+++ b/jcloud/api/account.py
@@ -1368,8 +1368,7 @@ def get_user_ssh_keys():
 	)
 
 
-@jingrow.whitelist(allow_guest=True)
-# @rate_limit(limit=5, seconds=60 * 60)
+@jingrow.whitelist()
 def is_2fa_enabled(user):
 	return jingrow.db.get_value("User 2FA", user, "enabled")
 
@@ -1538,3 +1537,105 @@ def update_profile_email(email):
 		"user": user_pg,
 		"team": team
 	}
+
+@jingrow.whitelist()
+def verify_api_credentials_and_balance(api_key: str, api_secret: str, amount: float = 0):
+	"""验证API密钥和检查余额
+	
+	参数:
+		api_key: 用户的API密钥
+		api_secret: 用户的API密钥对应的密钥
+		amount: 需要检查的余额金额，默认为0
+		
+	返回:
+		{
+			"success": bool,           # 验证是否成功
+			"message": str            # 错误信息
+		}
+	"""
+	try:
+		# 记录验证请求信息
+		jingrow.log_error("API验证请求参数", f"api_key={api_key}, api_secret={api_secret}, amount={amount}")
+		
+		# 获取当前用户（管理员）的API信息
+		admin_user = jingrow.session.user
+		jingrow.log_error("API验证管理员信息", f"当前用户: {admin_user}")
+		
+		# 验证管理员权限
+		if admin_user != "Administrator":
+			return {
+				"success": False,
+				"message": "只有管理员用户才能访问此API"
+			}
+			
+		# 验证用户的API密钥
+		user = jingrow.db.get_value(
+			"User",
+			{"api_key": api_key},
+			["name", "enabled", "api_secret"]
+		)
+		
+		jingrow.log_error("API验证用户查询", f"用户查询结果: {user}")
+		
+		if not user:
+			return {
+				"success": False,
+				"message": "无效的API密钥"
+			}
+			
+		# 验证用户的API密钥
+		stored_secret = get_decrypted_password("User", user[0], "api_secret")
+		if stored_secret != api_secret:
+			jingrow.log_error("API验证密钥不匹配", f"API密钥不匹配。数据库中的密钥: {stored_secret}")
+			return {
+				"success": False,
+				"message": "无效的API密钥"
+			}
+			
+		if not user[1]:  # 检查用户是否启用
+			return {
+				"success": False,
+				"message": "用户账户已禁用"
+			}
+			
+		# 获取用户团队
+		team = jingrow.db.get_value(
+			"Team",
+			{"user": user[0]},
+			["name", "enabled"]
+		)
+		
+		jingrow.log_error("API验证团队信息", f"团队信息: {team}")
+		
+		if not team:
+			return {
+				"success": False,
+				"message": "未找到用户团队"
+			}
+			
+		if not team[1]:  # 检查团队是否启用
+			return {
+				"success": False,
+				"message": "团队账户已禁用"
+			}
+			
+		# 获取团队余额
+		team_pg = jingrow.get_pg("Team", team[0])
+		balance = team_pg.get_balance()
+		
+		jingrow.log_error("API验证团队余额", f"团队余额: {balance}")
+		
+		# 检查余额是否足够
+		has_sufficient_balance = balance >= amount
+		
+		return {
+			"success": True,
+			"message": "验证成功" if has_sufficient_balance else "余额不足"
+		}
+		
+	except Exception as e:
+		jingrow.log_error("API验证系统错误", f"API验证失败: {str(e)}")
+		return {
+			"success": False,
+			"message": f"验证过程发生错误: {str(e)}"
+		}