fix: restore prompt cache and reuse connections in websocket mode

Since v2.2.7, requests without an explicit session identifier got a
random stateless- connection ID per request on the WS upstream path,
which leaked into both the prompt_cache_key body field and the
Session_id/Conversation_id handshake headers. The upstream prompt cache
therefore never hit in WS mode (HTTP mode was unaffected), and sustained
load opened a new WS connection per request until the upstream throttled
handshakes (bad handshake -> 503 at ~200 RPM).

- Inject a deterministic prompt cache key (derived from the downstream
  API key, falling back to the account) when the body has none, matching
  HTTP-path behavior; stateless IDs no longer overwrite it
- Send the deterministic key in WS handshake session headers; the
  stateless ID is only used for local connection pool isolation
- Reuse WS connections for sessionless requests via per-(account, cache
  key) slots (8), falling back to one-shot connections when all slots
  are busy, eliminating per-request handshakes under high RPM

Verified against live upstream: cache hits ~86% of input tokens from the
second request on (previously 0%), and 200 RPM yields 200/200 success
with zero handshake failures (previously 72x 503).

Author: james-6-23

proxy/executor.go

@@ -260,7 +260,16 @@ func ExecuteRequest(ctx context.Context, account *auth.Account, requestBody []by
 	if wantWebsocket {
 		sessionID = strings.TrimSpace(sessionID)
 		if sessionID == "" {
+			// stateless 连接 ID 仅用于 WS 连接池隔离，保证同一 API Key 的并发请求
+			// 不挤在一条连接上排队。prompt cache key 必须保持确定性：若请求体没有
+			// 显式 prompt_cache_key，这里注入与 HTTP 路径同源的确定性 key，否则
+			// 上游 prompt cache 每次请求都会 miss（v2.2.7 引入的回归）。
 			sessionID = statelessWebsocketSessionID()
+			if strings.TrimSpace(gjson.GetBytes(requestBody, "prompt_cache_key").String()) == "" {
+				if cacheKey := deterministicPromptCacheKey(apiKey, account); cacheKey != "" {
+					requestBody, _ = sjson.SetBytes(requestBody, "prompt_cache_key", cacheKey)
+				}
+			}
 		}
 	}
 	if wantWebsocket && WebsocketExecuteFunc != nil {
@@ -688,8 +697,31 @@ func ResolveExplicitSessionID(headers http.Header, body []byte) string {
 	return ""
 }
 
+const statelessWebsocketSessionPrefix = "stateless-"
+
 func statelessWebsocketSessionID() string {
-	return "stateless-" + uuid.NewString()
+	return statelessWebsocketSessionPrefix + uuid.NewString()
+}
+
+// IsStatelessWebsocketSessionID 判断是否为 WS 路径生成的一次性连接 ID。
+// 这类 ID 只用于连接池隔离，不能当作 prompt cache key 发往上游。
+func IsStatelessWebsocketSessionID(sessionID string) bool {
+	return strings.HasPrefix(sessionID, statelessWebsocketSessionPrefix)
+}
+
+// deterministicPromptCacheKey 生成与 ResolveSessionID 兜底逻辑同源的确定性
+// prompt cache key：优先按下游 API Key 派生，无 API Key 时按账号派生。
+func deterministicPromptCacheKey(apiKey string, account *auth.Account) string {
+	apiKey = strings.TrimSpace(apiKey)
+	if apiKey != "" {
+		return uuid.NewSHA1(uuid.NameSpaceOID, []byte("codex2api:prompt-cache:"+apiKey)).String()
+	}
+	if account != nil {
+		if id := account.ID(); id > 0 {
+			return uuid.NewSHA1(uuid.NameSpaceOID, []byte(fmt.Sprintf("codex2api:prompt-cache:auth:%d", id))).String()
+		}
+	}
+	return ""
 }
 
 // ReadSSEStream 从上游 SSE 响应读取事件流

proxy/executor_test.go

@@ -9,6 +9,7 @@ import (
 	"testing"
 
 	"github.com/codex2api/auth"
+	"github.com/tidwall/gjson"
 )
 
 func TestReadSSEStream_MergesMultilineData(t *testing.T) {
@@ -517,22 +518,38 @@ func TestExecuteRequestForcedWebsocketUsesStatelessSessionWhenMissing(t *testing
 
 	previousWS := WebsocketExecuteFunc
 	t.Cleanup(func() { WebsocketExecuteFunc = previousWS })
-	var gotSessionID string
+	var gotSessionIDs []string
+	var gotCacheKeys []string
 	WebsocketExecuteFunc = func(ctx context.Context, account *auth.Account, requestBody []byte, sessionID string, proxyOverride string, apiKey string, deviceCfg *DeviceProfileConfig, headers http.Header) (*http.Response, error) {
-		gotSessionID = sessionID
+		gotSessionIDs = append(gotSessionIDs, sessionID)
+		gotCacheKeys = append(gotCacheKeys, gjson.GetBytes(requestBody, "prompt_cache_key").String())
 		return &http.Response{
 			StatusCode: http.StatusOK,
 			Header:     make(http.Header),
 			Body:       io.NopCloser(strings.NewReader(`{"id":"resp_test"}`)),
 		}, nil
 	}
 
-	resp, err := ExecuteRequest(context.Background(), &auth.Account{DBID: 1, AccessToken: "token"}, []byte(`{"model":"gpt-5.4"}`), "", "", "sk-local", nil, http.Header{})
-	if err != nil {
-		t.Fatalf("ExecuteRequest() error = %v", err)
+	for i := 0; i < 2; i++ {
+		resp, err := ExecuteRequest(context.Background(), &auth.Account{DBID: 1, AccessToken: "token"}, []byte(`{"model":"gpt-5.4"}`), "", "", "sk-local", nil, http.Header{})
+		if err != nil {
+			t.Fatalf("ExecuteRequest() error = %v", err)
+		}
+		resp.Body.Close()
+	}
+	for _, sessionID := range gotSessionIDs {
+		if !strings.HasPrefix(sessionID, "stateless-") {
+			t.Fatalf("sessionID = %q, want stateless-*", sessionID)
+		}
+	}
+	if gotSessionIDs[0] == gotSessionIDs[1] {
+		t.Fatalf("stateless sessionIDs should differ per request, both = %q", gotSessionIDs[0])
+	}
+	// prompt cache key 必须是确定性的：两次请求一致，且不等于一次性连接 ID
+	if gotCacheKeys[0] == "" || gotCacheKeys[0] != gotCacheKeys[1] {
+		t.Fatalf("prompt_cache_key = %q / %q, want identical deterministic key", gotCacheKeys[0], gotCacheKeys[1])
 	}
-	defer resp.Body.Close()
-	if !strings.HasPrefix(gotSessionID, "stateless-") {
-		t.Fatalf("sessionID = %q, want stateless-*", gotSessionID)
+	if strings.HasPrefix(gotCacheKeys[0], "stateless-") {
+		t.Fatalf("prompt_cache_key = %q, must not be a stateless connection ID", gotCacheKeys[0])
 	}
 }

proxy/wsrelay/executor.go

@@ -88,6 +88,16 @@ func (e *Executor) ExecuteRequestViaWebsocket(
 	// 准备请求体
 	wsBody := e.prepareWebsocketBody(requestBody, sessionID)
 
+	// 握手头中的 Session_id/Conversation_id 会影响上游 prompt cache 路由，必须与
+	// 请求体的确定性 prompt_cache_key 一致；stateless 连接 ID 是每请求随机的，
+	// 发给上游会导致 prompt cache 永远 miss，它只用于本地连接池隔离。
+	headerSessionID := sessionID
+	if proxy.IsStatelessWebsocketSessionID(sessionID) {
+		if cacheKey := strings.TrimSpace(gjson.GetBytes(wsBody, "prompt_cache_key").String()); cacheKey != "" {
+			headerSessionID = cacheKey
+		}
+	}
+
 	// 构建 WebSocket URL
 	httpURL := proxy.CodexBaseURL + CodexWsEndpoint
 	wsURL, err := buildWebsocketURL(httpURL)
@@ -101,24 +111,33 @@ func (e *Executor) ExecuteRequestViaWebsocket(
 	}
 
 	// 准备请求头
-	headers := e.prepareWebsocketHeaders(accessToken, accountIDStr, sessionID, apiKey, deviceCfg, ginHeaders)
+	headers := e.prepareWebsocketHeaders(accessToken, accountIDStr, headerSessionID, apiKey, deviceCfg, ginHeaders)
 
 	// Resin 反代：注入账号身份头
 	if proxy.IsResinEnabled() {
 		headers.Set("X-Resin-Account", proxy.ResinAccountID(account))
 	}
 
-	// 获取或创建连接
-	wc, pr, err := e.manager.AcquireConnection(ctx, account, wsURL, sessionID, headers, proxyOverride)
-	if err != nil {
-		return nil, err
+	// 获取或创建连接。无显式会话的请求（stateless 连接 ID）在确定性 cache key
+	// 的槽位池内复用连接，避免持续高 RPM 下逐请求握手触发上游限流。
+	poolSessionID := sessionID
+	var wc *WsConnection
+	var pr *PendingRequest
+	var err2 error
+	if proxy.IsStatelessWebsocketSessionID(sessionID) && headerSessionID != sessionID {
+		wc, pr, poolSessionID, err2 = e.manager.AcquireReusableConnection(ctx, account, wsURL, headerSessionID, sessionID, StatelessConnectionSlots, headers, proxyOverride)
+	} else {
+		wc, pr, err2 = e.manager.AcquireConnection(ctx, account, wsURL, sessionID, headers, proxyOverride)
+	}
+	if err2 != nil {
+		return nil, err2
 	}
 
 	// 发送请求，失败时最多重试 2 次（重建连接）
 	sendErr := e.sendRequest(wc, wsBody, pr.RequestID)
 	for retries := 0; sendErr != nil && retries < 2; retries++ {
 		wc.session.RemovePendingRequest(pr.RequestID)
-		e.manager.RemoveConnection(account.ID(), wsURL, sessionID, proxyOverride)
+		e.manager.RemoveConnection(account.ID(), wsURL, poolSessionID, proxyOverride)
 
 		// 短暂退避，避免瞬间重连风暴
 		select {
@@ -127,9 +146,9 @@ func (e *Executor) ExecuteRequestViaWebsocket(
 		case <-time.After(time.Duration(retries+1) * 200 * time.Millisecond):
 		}
 
-		wc, pr, err = e.manager.AcquireConnection(ctx, account, wsURL, sessionID, headers, proxyOverride)
-		if err != nil {
-			return nil, err
+		wc, pr, err2 = e.manager.AcquireConnection(ctx, account, wsURL, poolSessionID, headers, proxyOverride)
+		if err2 != nil {
+			return nil, err2
 		}
 		sendErr = e.sendRequest(wc, wsBody, pr.RequestID)
 	}
@@ -145,7 +164,7 @@ func (e *Executor) ExecuteRequestViaWebsocket(
 	return &WsResponse{
 		conn:        wc,
 		pendingReq:  pr,
-		sessionID:   sessionID,
+		sessionID:   poolSessionID,
 		manager:     e.manager,
 		readErrChan: make(chan error, 1),
 	}, nil
@@ -171,8 +190,11 @@ func (e *Executor) prepareWebsocketBody(body []byte, sessionID string) []byte {
 	wsBody, _ = sjson.DeleteBytes(wsBody, "disable_response_storage")
 
 	// 3. 注入 prompt_cache_key
+	// stateless sessionID 只是连接池隔离用的一次性随机 ID，注入它会让上游
+	// prompt cache 每次请求都 miss；此时保留请求体中已有的确定性 cache key
+	//（由 proxy.ExecuteRequest 注入或客户端自带）。
 	existingCacheKey := strings.TrimSpace(gjson.GetBytes(wsBody, "prompt_cache_key").String())
-	if sessionID != "" {
+	if sessionID != "" && !proxy.IsStatelessWebsocketSessionID(sessionID) {
 		wsBody, _ = sjson.SetBytes(wsBody, "prompt_cache_key", sessionID)
 	} else if existingCacheKey != "" {
 		wsBody, _ = sjson.SetBytes(wsBody, "prompt_cache_key", existingCacheKey)

proxy/wsrelay/executor_test.go

@@ -113,6 +113,26 @@ func TestPrepareWebsocketBodyPreservesPreviousResponseID(t *testing.T) {
 	}
 }
 
+func TestPrepareWebsocketBodyKeepsCacheKeyForStatelessSession(t *testing.T) {
+	exec := NewExecutor()
+
+	got := exec.prepareWebsocketBody([]byte(`{"model":"gpt-5.4","prompt_cache_key":"deterministic-key","input":[]}`), "stateless-abc123")
+
+	if cacheKey := gjson.GetBytes(got, "prompt_cache_key").String(); cacheKey != "deterministic-key" {
+		t.Fatalf("prompt_cache_key = %q, want deterministic-key (stateless sessionID must not overwrite); body=%s", cacheKey, got)
+	}
+}
+
+func TestPrepareWebsocketBodyStatelessSessionWithoutCacheKey(t *testing.T) {
+	exec := NewExecutor()
+
+	got := exec.prepareWebsocketBody([]byte(`{"model":"gpt-5.4","input":[]}`), "stateless-abc123")
+
+	if cacheKey := gjson.GetBytes(got, "prompt_cache_key").String(); cacheKey != "" {
+		t.Fatalf("prompt_cache_key = %q, want empty (stateless sessionID must not be injected); body=%s", cacheKey, got)
+	}
+}
+
 func TestNormalizeWebsocketHandshakeResponse(t *testing.T) {
 	t.Run("switching protocols is successful websocket handshake", func(t *testing.T) {
 		statusCode, _, failed := normalizeWebsocketHandshakeResponse(&http.Response{

proxy/wsrelay/manager.go

@@ -391,6 +391,79 @@ func (m *Manager) AcquireConnection(
 	}
 }
 
+// StatelessConnectionSlots 无显式会话的请求在每个 (account, cacheKey) 维度下
+// 复用的持久连接槽位数。槽位内空闲连接直接复用,避免每个请求都重新握手——
+// 持续高 RPM 下逐请求握手会触发上游 WS 握手限流（bad handshake → 503）。
+const StatelessConnectionSlots = 8
+
+// AcquireReusableConnection 在固定槽位内复用或创建连接，返回实际使用的 session key。
+// 第一遍只复用已存在且空闲的连接；第二遍在空槽位新建持久连接；槽位全忙时回退到
+// fallbackKey 的一次性连接，保持与原 stateless 行为一致的并发上限（无上限）。
+func (m *Manager) AcquireReusableConnection(
+	ctx context.Context,
+	account *auth.Account,
+	wsURL string,
+	baseKey string,
+	fallbackKey string,
+	slots int,
+	headers http.Header,
+	proxyOverride string,
+) (*WsConnection, *PendingRequest, string, error) {
+	proxyURL := effectiveProxyURL(account, proxyOverride)
+	// 第一遍：复用空闲连接（探活失败或已断开的顺手清理，让第二遍可以补位）
+	for i := 0; i < slots; i++ {
+		slotSession := fmt.Sprintf("%s#%d", baseKey, i)
+		key := m.poolKey(account.ID(), wsURL, slotSession, proxyURL)
+		lock := m.keyLock(key)
+		lock.Lock()
+		if v, ok := m.connections.Load(key); ok {
+			wc := v.(*WsConnection)
+			if canReuseConnection(wc) {
+				if m.probe(wc) {
+					pr := wc.session.AddPendingRequest(slotSession)
+					wc.Touch()
+					lock.Unlock()
+					return wc, pr, slotSession, nil
+				}
+				m.connections.Delete(key)
+				m.sessions.Delete(key)
+				wc.Close()
+			} else if !wc.IsConnected() || wc.IsExpired() {
+				m.connections.Delete(key)
+				m.sessions.Delete(key)
+				wc.Close()
+			}
+		}
+		lock.Unlock()
+	}
+	// 第二遍：在空槽位新建持久连接
+	for i := 0; i < slots; i++ {
+		slotSession := fmt.Sprintf("%s#%d", baseKey, i)
+		key := m.poolKey(account.ID(), wsURL, slotSession, proxyURL)
+		lock := m.keyLock(key)
+		lock.Lock()
+		if _, ok := m.connections.Load(key); ok {
+			lock.Unlock()
+			continue
+		}
+		wc, err := m.createConnection(ctx, account, wsURL, slotSession, headers, proxyOverride)
+		if err != nil {
+			lock.Unlock()
+			return nil, nil, "", err
+		}
+		m.connections.Store(key, wc)
+		pr := wc.session.AddPendingRequest(slotSession)
+		lock.Unlock()
+		if fn := m.getOnConnected(); fn != nil {
+			fn(account.ID(), wc.session)
+		}
+		return wc, pr, slotSession, nil
+	}
+	// 槽位全忙：回退一次性连接
+	wc, pr, err := m.AcquireConnection(ctx, account, wsURL, fallbackKey, headers, proxyOverride)
+	return wc, pr, fallbackKey, err
+}
+
 func canReuseConnection(wc *WsConnection) bool {
 	if wc == nil {
 		return false

proxy/wsrelay/manager_test.go

@@ -158,3 +158,66 @@ func TestAcquireConnectionWaitsWhileSessionHasPendingRequest(t *testing.T) {
 		t.Fatal("expected acquire to stop when session stays busy until context timeout")
 	}
 }
+
+func newTestSlotConnection(manager *Manager, account *auth.Account, wsURL, slotSession string) (*WsConnection, *Session) {
+	key := manager.poolKey(account.ID(), wsURL, slotSession, "")
+	session := NewSession(account.ID(), manager)
+	session.SetConnected(true)
+	conn := &WsConnection{
+		session:  session,
+		URL:      wsURL,
+		PoolKey:  key,
+		httpResp: &http.Response{StatusCode: http.StatusSwitchingProtocols},
+	}
+	conn.SetState(StateConnected)
+	conn.Touch()
+	manager.connections.Store(key, conn)
+	manager.sessions.Store(key, session)
+	return conn, session
+}
+
+func TestAcquireReusableConnectionReusesIdleSlot(t *testing.T) {
+	manager := NewManager()
+	t.Cleanup(manager.Stop)
+	manager.probeFunc = func(wc *WsConnection) bool { return true }
+
+	account := &auth.Account{DBID: 42}
+	wsURL := "wss://example.test/responses"
+	conn, _ := newTestSlotConnection(manager, account, wsURL, "cache-key#0")
+
+	got, pr, usedKey, err := manager.AcquireReusableConnection(context.Background(), account, wsURL, "cache-key", "stateless-xyz", 4, http.Header{}, "")
+	if err != nil {
+		t.Fatalf("AcquireReusableConnection() error = %v", err)
+	}
+	if got != conn {
+		t.Fatal("expected idle slot connection to be reused")
+	}
+	if usedKey != "cache-key#0" {
+		t.Fatalf("usedKey = %q, want cache-key#0", usedKey)
+	}
+	got.session.RemovePendingRequest(pr.RequestID)
+}
+
+func TestAcquireReusableConnectionSkipsBusySlot(t *testing.T) {
+	manager := NewManager()
+	t.Cleanup(manager.Stop)
+	manager.probeFunc = func(wc *WsConnection) bool { return true }
+
+	account := &auth.Account{DBID: 42}
+	wsURL := "wss://example.test/responses"
+	_, busySession := newTestSlotConnection(manager, account, wsURL, "cache-key#0")
+	busySession.AddPendingRequest("cache-key#0") // 占用 slot 0
+	idleConn, _ := newTestSlotConnection(manager, account, wsURL, "cache-key#1")
+
+	got, pr, usedKey, err := manager.AcquireReusableConnection(context.Background(), account, wsURL, "cache-key", "stateless-xyz", 4, http.Header{}, "")
+	if err != nil {
+		t.Fatalf("AcquireReusableConnection() error = %v", err)
+	}
+	if got != idleConn {
+		t.Fatal("expected busy slot 0 to be skipped and idle slot 1 reused")
+	}
+	if usedKey != "cache-key#1" {
+		t.Fatalf("usedKey = %q, want cache-key#1", usedKey)
+	}
+	got.session.RemovePendingRequest(pr.RequestID)
+}