fix(admin): record unauthorized errors and reduce batch render load

Author: james-6-23

admin/batch_test_test.go

@@ -211,3 +211,39 @@ func TestRunSingleBatchTestSuccessRecoversBannedAccount(t *testing.T) {
 		t.Fatal("successful batch test should record scheduler success")
 	}
 }
+
+func TestRunSingleBatchTestUnauthorizedRecordsErrorMessage(t *testing.T) {
+	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusUnauthorized)
+		_, _ = w.Write([]byte(`{"error":{"code":"token_invalidated","message":"token invalidated"},"status":401}`))
+	}))
+	defer server.Close()
+
+	store := auth.NewStore(nil, nil, nil)
+	account := &auth.Account{
+		DBID:         1,
+		UpstreamType: auth.UpstreamOpenAIResponses,
+		BaseURL:      server.URL,
+		APIKey:       "test-key",
+		Models:       []string{"gpt-4o-mini"},
+		Status:       auth.StatusReady,
+		HealthTier:   auth.HealthTierHealthy,
+	}
+	store.AddAccount(account)
+	handler := &Handler{store: store}
+
+	status, msg := handler.runSingleBatchTest(context.Background(), account)
+	if status != "banned" {
+		t.Fatalf("status = %q, message = %q, want banned", status, msg)
+	}
+	if got := account.RuntimeStatus(); got != "unauthorized" {
+		t.Fatalf("RuntimeStatus() = %q, want unauthorized", got)
+	}
+	account.Mu().RLock()
+	errorMsg := account.ErrorMsg
+	account.Mu().RUnlock()
+	if !strings.Contains(errorMsg, "token_invalidated") {
+		t.Fatalf("ErrorMsg = %q, want token_invalidated", errorMsg)
+	}
+}

admin/test_connection.go

@@ -94,17 +94,18 @@ func (h *Handler) TestConnection(c *gin.Context) {
 			proxy.SyncCodexUsageState(h.store, account, resp)
 		}
 		errBody, _ := io.ReadAll(resp.Body)
+		errMsg := fmt.Sprintf("上游返回 %d: %s", resp.StatusCode, truncate(string(errBody), 500))
 		switch resp.StatusCode {
 		case http.StatusUnauthorized:
-			h.store.MarkCooldown(account, 24*time.Hour, "unauthorized")
+			h.store.MarkCooldownWithError(account, 24*time.Hour, "unauthorized", errMsg)
 		case http.StatusTooManyRequests:
 			if isOpenAIResponsesAccount {
 				h.store.MarkCooldown(account, time.Minute, "rate_limited")
 			} else {
 				proxy.Apply429Cooldown(h.store, account, errBody, resp, testModel)
 			}
 		}
-		sendTestEvent(c, testEvent{Type: "error", Error: fmt.Sprintf("上游返回 %d: %s", resp.StatusCode, truncate(string(errBody), 500))})
+		sendTestEvent(c, testEvent{Type: "error", Error: errMsg})
 		return
 	}
 
@@ -754,7 +755,7 @@ func (h *Handler) runSingleBatchTest(ctx context.Context, acc *auth.Account) (st
 		if !acc.IsOpenAIResponsesAPI() {
 			proxy.SyncCodexUsageState(h.store, acc, resp)
 		}
-		h.store.MarkCooldown(acc, 24*time.Hour, "unauthorized")
+		h.store.MarkCooldownWithError(acc, 24*time.Hour, "unauthorized", fmt.Sprintf("上游返回 %d: %s", resp.StatusCode, truncate(string(body), 300)))
 		return "banned", "账号授权失败"
 	case http.StatusTooManyRequests:
 		if acc.IsOpenAIResponsesAPI() {

admin/test_connection_test.go

@@ -1,11 +1,15 @@
 package admin
 
 import (
+	"net/http"
+	"net/http/httptest"
 	"strings"
 	"testing"
 	"time"
 
+	"github.com/codex2api/auth"
 	"github.com/codex2api/proxy"
+	"github.com/gin-gonic/gin"
 	"github.com/tidwall/gjson"
 )
 
@@ -48,6 +52,52 @@ func TestFormatUsageLimitedTestErrorReportsSuccessfulProbeAsLimited(t *testing.T
 	}
 }
 
+func TestConnectionUnauthorizedRecordsErrorMessage(t *testing.T) {
+	gin.SetMode(gin.TestMode)
+	upstreamBody := `{"error":{"message":"Your authentication token has been invalidated.","code":"token_invalidated"},"status":401}`
+	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusUnauthorized)
+		_, _ = w.Write([]byte(upstreamBody))
+	}))
+	defer server.Close()
+
+	store := auth.NewStore(nil, nil, nil)
+	account := &auth.Account{
+		DBID:         42,
+		UpstreamType: auth.UpstreamOpenAIResponses,
+		BaseURL:      server.URL,
+		APIKey:       "sk-test",
+		Models:       []string{"gpt-4o-mini"},
+		Status:       auth.StatusReady,
+		HealthTier:   auth.HealthTierHealthy,
+	}
+	store.AddAccount(account)
+	handler := &Handler{store: store}
+	router := gin.New()
+	router.GET("/api/admin/accounts/:id/test", handler.TestConnection)
+
+	recorder := httptest.NewRecorder()
+	request := httptest.NewRequest(http.MethodGet, "/api/admin/accounts/42/test", nil)
+	router.ServeHTTP(recorder, request)
+
+	if recorder.Code != http.StatusOK {
+		t.Fatalf("status = %d, want 200", recorder.Code)
+	}
+	if !strings.Contains(recorder.Body.String(), "token_invalidated") {
+		t.Fatalf("SSE response %q does not contain token_invalidated", recorder.Body.String())
+	}
+	if got := account.RuntimeStatus(); got != "unauthorized" {
+		t.Fatalf("RuntimeStatus() = %q, want unauthorized", got)
+	}
+	account.Mu().RLock()
+	errorMsg := account.ErrorMsg
+	account.Mu().RUnlock()
+	if !strings.Contains(errorMsg, "token_invalidated") {
+		t.Fatalf("ErrorMsg = %q, want token_invalidated", errorMsg)
+	}
+}
+
 func TestExtractCompletedOutputText(t *testing.T) {
 	event := []byte(`{
 		"type":"response.completed",

admin/usage_probe.go

@@ -46,13 +46,13 @@ func (h *Handler) ProbeUsageSnapshot(ctx context.Context, account *auth.Account)
 func (h *Handler) probeUsageViaWham(ctx context.Context, account *auth.Account) error {
 	usage, resp, err := proxy.QueryWhamUsage(ctx, account, h.store.ResolveProxyForAccount(account))
 	if resp != nil {
-		// QueryWhamUsage 在非 200 时不会读 body；这里关闭，并按状态码做冷却
-		_, _ = io.Copy(io.Discard, resp.Body)
+		// QueryWhamUsage 在非 200 时不会读 body；这里读取一小段用于账号错误详情。
+		body, _ := io.ReadAll(io.LimitReader(resp.Body, 64<<10))
 		_ = resp.Body.Close()
 		switch resp.StatusCode {
 		case http.StatusUnauthorized:
 			h.store.ReportRequestFailure(account, "client", 0)
-			h.store.MarkCooldown(account, 24*time.Hour, "unauthorized")
+			h.store.MarkCooldownWithError(account, 24*time.Hour, "unauthorized", fmt.Sprintf("用量探针 wham 上游返回 %d: %s", resp.StatusCode, truncate(string(body), 300)))
 		case http.StatusTooManyRequests:
 			h.store.ReportRequestFailure(account, "client", 0)
 		}
@@ -97,7 +97,7 @@ func (h *Handler) probeUsageViaResponses(ctx context.Context, account *auth.Acco
 		return nil
 	case http.StatusUnauthorized:
 		h.store.ReportRequestFailure(account, "client", 0)
-		h.store.MarkCooldown(account, 24*time.Hour, "unauthorized")
+		h.store.MarkCooldownWithError(account, 24*time.Hour, "unauthorized", fmt.Sprintf("用量探针上游返回 %d: %s", resp.StatusCode, truncate(string(body), 300)))
 		return nil
 	case http.StatusTooManyRequests:
 		h.store.ReportRequestFailure(account, "client", 0)

auth/runtime_status_test.go

@@ -1,6 +1,10 @@
 package auth
 
-import "testing"
+import (
+	"strings"
+	"testing"
+	"time"
+)
 
 func TestRuntimeStatusShowsRefreshingForRTWithoutAccessToken(t *testing.T) {
 	acc := &Account{
@@ -43,3 +47,34 @@ func TestMarkErrorAndClearCooldownRoundTrip(t *testing.T) {
 		t.Fatalf("RuntimeStatus() after ClearCooldown = %q, want active", got)
 	}
 }
+
+func TestMarkCooldownWithErrorKeepsUnauthorizedStatusAndMessage(t *testing.T) {
+	store := NewStore(nil, nil, nil)
+	acc := &Account{
+		DBID:        1,
+		AccessToken: "at-test",
+		Status:      StatusReady,
+		HealthTier:  HealthTierHealthy,
+	}
+
+	store.MarkCooldownWithError(acc, 24*time.Hour, "unauthorized", "上游返回 401: token_invalidated")
+
+	if got := acc.RuntimeStatus(); got != "unauthorized" {
+		t.Fatalf("RuntimeStatus() = %q, want unauthorized", got)
+	}
+	acc.Mu().RLock()
+	errorMsg := acc.ErrorMsg
+	cooldownReason := acc.CooldownReason
+	cooldownUntil := acc.CooldownUtil
+	status := acc.Status
+	acc.Mu().RUnlock()
+	if status != StatusCooldown {
+		t.Fatalf("Status = %v, want cooldown", status)
+	}
+	if cooldownReason != "unauthorized" || cooldownUntil.IsZero() {
+		t.Fatalf("cooldown = (%q, %s), want unauthorized with deadline", cooldownReason, cooldownUntil)
+	}
+	if !strings.Contains(errorMsg, "token_invalidated") {
+		t.Fatalf("ErrorMsg = %q, want token_invalidated", errorMsg)
+	}
+}

auth/store.go

@@ -3770,12 +3770,33 @@ func (s *Store) ApplyAccountEnabled(dbID int64, enabled bool) bool {
 	return true
 }
 
+func normalizeAccountErrorMessage(errorMsg string, fallback string) string {
+	errorMsg = strings.TrimSpace(errorMsg)
+	if errorMsg == "" {
+		errorMsg = strings.TrimSpace(fallback)
+	}
+	if len(errorMsg) > 500 {
+		errorMsg = errorMsg[:500]
+	}
+	return errorMsg
+}
+
 // MarkCooldown 标记账号进入冷却，并持久化到数据库
 func (s *Store) MarkCooldown(acc *Account, duration time.Duration, reason string) {
+	s.markCooldown(acc, duration, reason, "")
+}
+
+// MarkCooldownWithError 标记账号进入冷却，并同时记录本次上游错误详情。
+func (s *Store) MarkCooldownWithError(acc *Account, duration time.Duration, reason string, errorMsg string) {
+	s.markCooldown(acc, duration, reason, errorMsg)
+}
+
+func (s *Store) markCooldown(acc *Account, duration time.Duration, reason string, errorMsg string) {
 	if acc == nil {
 		return
 	}
 
+	errorMsg = normalizeAccountErrorMessage(errorMsg, "")
 	now := time.Now()
 	acc.mu.Lock()
 	switch reason {
@@ -3801,6 +3822,9 @@ func (s *Store) MarkCooldown(acc *Account, duration time.Duration, reason string
 			acc.HealthTier = HealthTierRisky
 		}
 	}
+	if errorMsg != "" {
+		acc.ErrorMsg = errorMsg
+	}
 	acc.recomputeSchedulerLocked(atomic.LoadInt64(&s.maxConcurrency))
 	acc.mu.Unlock()
 
@@ -3815,7 +3839,13 @@ func (s *Store) MarkCooldown(acc *Account, duration time.Duration, reason string
 
 	ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
 	defer cancel()
-	if err := s.db.SetCooldown(ctx, acc.DBID, reason, until); err != nil {
+	var err error
+	if errorMsg != "" {
+		err = s.db.SetCooldownWithError(ctx, acc.DBID, reason, until, errorMsg)
+	} else {
+		err = s.db.SetCooldown(ctx, acc.DBID, reason, until)
+	}
+	if err != nil {
 		log.Printf("[账号 %d] 持久化冷却状态失败: %v", acc.DBID, err)
 	}
 }
@@ -3917,13 +3947,7 @@ func (s *Store) MarkError(acc *Account, errorMsg string) {
 		return
 	}
 
-	errorMsg = strings.TrimSpace(errorMsg)
-	if errorMsg == "" {
-		errorMsg = "账号测试失败"
-	}
-	if len(errorMsg) > 500 {
-		errorMsg = errorMsg[:500]
-	}
+	errorMsg = normalizeAccountErrorMessage(errorMsg, "账号测试失败")
 
 	now := time.Now()
 	acc.mu.Lock()

database/postgres.go

@@ -3837,6 +3837,13 @@ func (db *DB) SetCooldown(ctx context.Context, id int64, reason string, until ti
 	return err
 }
 
+// SetCooldownWithError 持久化账号冷却状态，并保留本次错误详情。
+func (db *DB) SetCooldownWithError(ctx context.Context, id int64, reason string, until time.Time, errorMsg string) error {
+	query := `UPDATE accounts SET cooldown_reason = $1, cooldown_until = $2, error_message = $3, updated_at = CURRENT_TIMESTAMP WHERE id = $4`
+	_, err := db.conn.ExecContext(ctx, query, reason, until, errorMsg, id)
+	return err
+}
+
 // ClearCooldown 清除账号冷却状态
 func (db *DB) ClearCooldown(ctx context.Context, id int64) error {
 	query := `UPDATE accounts SET cooldown_reason = '', cooldown_until = NULL, updated_at = CURRENT_TIMESTAMP WHERE id = $1`

database/sqlite_test.go

@@ -1262,6 +1262,42 @@ func TestListActiveIncludesErrorAccounts(t *testing.T) {
 	}
 }
 
+func TestSetCooldownWithErrorPersistsMessage(t *testing.T) {
+	dbPath := filepath.Join(t.TempDir(), "codex2api.db")
+
+	db, err := New("sqlite", dbPath)
+	if err != nil {
+		t.Fatalf("New(sqlite) 返回错误: %v", err)
+	}
+	defer db.Close()
+
+	ctx := context.Background()
+	id, err := db.InsertAccount(ctx, "cooldown-account", "rt-cooldown", "")
+	if err != nil {
+		t.Fatalf("InsertAccount 返回错误: %v", err)
+	}
+	until := time.Now().Add(time.Hour)
+	if err := db.SetCooldownWithError(ctx, id, "unauthorized", until, "上游返回 401: token_invalidated"); err != nil {
+		t.Fatalf("SetCooldownWithError 返回错误: %v", err)
+	}
+
+	var reason string
+	var errorMessage string
+	var cooldownUntil sql.NullTime
+	if err := db.conn.QueryRowContext(ctx, `SELECT cooldown_reason, error_message, cooldown_until FROM accounts WHERE id = $1`, id).Scan(&reason, &errorMessage, &cooldownUntil); err != nil {
+		t.Fatalf("查询账号冷却状态返回错误: %v", err)
+	}
+	if reason != "unauthorized" {
+		t.Fatalf("cooldown_reason = %q, want unauthorized", reason)
+	}
+	if errorMessage != "上游返回 401: token_invalidated" {
+		t.Fatalf("error_message = %q, want recorded upstream error", errorMessage)
+	}
+	if !cooldownUntil.Valid {
+		t.Fatal("cooldown_until 未写入")
+	}
+}
+
 func TestUsageLogsFilterByAPIKeyID(t *testing.T) {
 	dbPath := filepath.Join(t.TempDir(), "codex2api.db")