Expose task progress contract

Expose enterprise video pricing config
fix: feed provider health into circuit breaker
2026-06-10 16:20:11 +08:00 · 2026-06-10 14:27:42 +08:00 · 2026-06-09 12:02:29 +08:00 · 2026-06-09 11:32:53 +08:00 · 2026-06-08 20:57:55 +08:00 · 2026-06-08 18:30:20 +08:00
28 changed files with 2256 additions and 478 deletions
@@ -20,6 +20,13 @@ JWT_EXPIRES_IN=7d
 # Connection pool
 PG_POOL_MAX=10
 # Provider polling reliability
 # Shared across PM2 workers through Postgres-backed poll slots.
 TASK_PROVIDER_POLL_MAX_CONCURRENCY=8
 TASK_PROVIDER_POLL_SLOT_TTL_MS=30000
 TASK_PROVIDER_POLL_REQUEST_TIMEOUT_MS=25000
 GRSAI_IMAGE_SUBMIT_TIMEOUT_MS=30000
 # CORS (comma separated allowed origins, * for all)
 CORS_ORIGINS=*
@@ -14,7 +14,12 @@
    "audit-routes": "node src/cli/auditModelRoutes.js",
    "import-config": "node src/cli/importConfig.js",
    "init-pools": "node src/cli/initPools.js",
-    "test:community-routes": "node scripts/communityRouteContract.test.js"
+    "test:community-routes": "node scripts/communityRouteContract.test.js",
    "test:enterprise-video-pricing": "node scripts/enterpriseVideoPricingContract.test.js",
    "test:key-manager": "node scripts/keyManagerReleaseContract.test.js",
    "test:provider-poll-limiter": "node scripts/providerPollLimiterContract.test.js",
    "test:task-progress-contract": "node scripts/taskProgressContract.test.js",
    "test": "npm run test:community-routes && npm run test:enterprise-video-pricing && npm run test:key-manager && npm run test:provider-poll-limiter && npm run test:task-progress-contract"
  },
  "dependencies": {
    "alipay-sdk": "^4.14.0",
@@ -0,0 +1,54 @@
 const assert = require("node:assert/strict");
 const {
  calculateEnterpriseVideoCredits,
  getEnterpriseVideoCreditRate,
  getEnterpriseVideoPricingConfig,
 } = require("../src/enterpriseVideoBilling");
 function getRule(config, id) {
  const rule = config.rules.find((item) => item.id === id);
  assert(rule, `missing enterprise video pricing rule: ${id}`);
  return rule;
 }
 const config = getEnterpriseVideoPricingConfig();
 assert.equal(config.currency, "CNY");
 assert.equal(config.creditsPerCny, 100);
 assert.equal(config.billingUnit, "per_second");
 assert.deepEqual(config.resolutions, ["720P", "1080P"]);
 assert.equal(getRule(config, "happyhorse").rates["720P"], 0.72);
 assert.equal(getRule(config, "happyhorse").rates["1080P"], 1.28);
 assert.equal(getRule(config, "wanxiang-i2v").rates["720P"], 0.6);
 assert.equal(getRule(config, "kling-muted").rates["1080P"], 0.8);
 assert.equal(
  getEnterpriseVideoCreditRate({
    model: "happyhorse-1.0",
    resolution: "1080P",
  }),
  getRule(config, "happyhorse").rates["1080P"],
 );
 assert.equal(
  getEnterpriseVideoCreditRate({
    model: "kling-3.0-dashscope",
    resolution: "720P",
    muted: true,
    hasReferenceVideo: false,
  }),
  getRule(config, "kling-muted").rates["720P"],
 );
 assert.equal(
  calculateEnterpriseVideoCredits({
    model: "vidu-q3-turbo",
    resolution: "1080P",
    durationSeconds: 5,
  }),
  500,
 );
 console.log("enterprise video pricing contract tests passed");
@@ -0,0 +1,73 @@
 const assert = require("node:assert/strict");
 const { createRequire } = require("node:module");
 const nodeRequire = createRequire(__filename);
 function loadKeyManagerWithPool(pool) {
  const dbPath = nodeRequire.resolve("../src/db");
  const keyManagerPath = nodeRequire.resolve("../src/keyManager");
  const originalDbModule = nodeRequire.cache[dbPath];
  const originalKeyManagerModule = nodeRequire.cache[keyManagerPath];
  delete nodeRequire.cache[keyManagerPath];
  nodeRequire.cache[dbPath] = {
    id: dbPath,
    filename: dbPath,
    loaded: true,
    exports: {
      pool,
      withTransaction: async (fn) => fn(pool),
    },
  };
  return {
    keyManager: nodeRequire("../src/keyManager"),
    restore() {
      delete nodeRequire.cache[keyManagerPath];
      if (originalKeyManagerModule) nodeRequire.cache[keyManagerPath] = originalKeyManagerModule;
      if (originalDbModule) nodeRequire.cache[dbPath] = originalDbModule;
      else delete nodeRequire.cache[dbPath];
    },
  };
 }
 function createReleasePool() {
  const calls = [];
  return {
    calls,
    async query(sql, params) {
      calls.push({ sql, params });
      if (/WITH candidate AS/i.test(sql)) {
        return {
          rows: [{
            id: 10,
            key_id: 20,
            lease_user_id: 30,
            lease_enterprise_id: 40,
            provider: "dashscope",
          }],
        };
      }
      if (/UPDATE api_keys SET active_count/i.test(sql)) return { rows: [] };
      if (/INSERT INTO usage_logs/i.test(sql)) return { rows: [] };
      throw new Error(`Unexpected SQL: ${sql}`);
    },
  };
 }
 (async () => {
  const pool = createReleasePool();
  const { keyManager, restore } = loadKeyManagerWithPool(pool);
  try {
    const result = await keyManager.releaseKey("lease-token-without-user-context");
    assert.equal(result.released, true);
    const usageLogCall = pool.calls.find((call) => /INSERT INTO usage_logs/i.test(call.sql));
    assert.deepEqual(usageLogCall.params, [30, 40, 20, 20, "release"]);
  } finally {
    restore();
  }
 })().catch((error) => {
  console.error(error);
  process.exitCode = 1;
 });
@@ -0,0 +1,96 @@
 const assert = require("node:assert/strict");
 const { createRequire } = require("node:module");
 const nodeRequire = createRequire(__filename);
 function loadLimiterWithPool(pool) {
  const dbPath = nodeRequire.resolve("../src/db");
  const limiterPath = nodeRequire.resolve("../src/providerPollLimiter");
  const originalDbModule = nodeRequire.cache[dbPath];
  const originalLimiterModule = nodeRequire.cache[limiterPath];
  delete nodeRequire.cache[limiterPath];
  nodeRequire.cache[dbPath] = {
    id: dbPath,
    filename: dbPath,
    loaded: true,
    exports: { pool },
  };
  return {
    limiter: nodeRequire("../src/providerPollLimiter"),
    restore() {
      delete nodeRequire.cache[limiterPath];
      if (originalLimiterModule) nodeRequire.cache[limiterPath] = originalLimiterModule;
      if (originalDbModule) nodeRequire.cache[dbPath] = originalDbModule;
      else delete nodeRequire.cache[dbPath];
    },
  };
 }
 function createPool(options = {}) {
  const calls = [];
  return {
    calls,
    async query(sql, params = []) {
      calls.push({ sql, params });
      if (/CREATE TABLE IF NOT EXISTS generation_provider_poll_slots/i.test(sql)) return { rows: [] };
      if (/WITH candidate AS/i.test(sql)) {
        if (options.noAvailableSlot) return { rows: [] };
        return { rows: [{ scope: params[0], slot_no: 2 }] };
      }
      if (/DELETE FROM generation_provider_poll_slots/i.test(sql)) return { rows: [] };
      throw new Error(`Unexpected SQL: ${sql}`);
    },
  };
 }
 (async () => {
  const previousLimit = process.env.TASK_PROVIDER_POLL_MAX_CONCURRENCY;
  process.env.TASK_PROVIDER_POLL_MAX_CONCURRENCY = "3";
  const pool = createPool();
  const { limiter, restore } = loadLimiterWithPool(pool);
  try {
    const outcome = await limiter.withProviderPollSlot(101, async () => "polled");
    assert.equal(outcome.acquired, true);
    assert.equal(outcome.value, "polled");
    const acquireCall = pool.calls.find((call) => /WITH candidate AS/i.test(call.sql));
    assert.equal(acquireCall.params[1], 3);
    assert.equal(acquireCall.params[3], 101);
    const releaseCall = pool.calls.find((call) => /DELETE FROM generation_provider_poll_slots/i.test(call.sql));
    assert.equal(releaseCall.params[0], acquireCall.params[0]);
    assert.equal(releaseCall.params[1], 2);
    assert.equal(releaseCall.params[2], acquireCall.params[2]);
  } finally {
    if (previousLimit === undefined) delete process.env.TASK_PROVIDER_POLL_MAX_CONCURRENCY;
    else process.env.TASK_PROVIDER_POLL_MAX_CONCURRENCY = previousLimit;
    restore();
  }
  const saturatedPool = createPool({ noAvailableSlot: true });
  const { limiter: saturatedLimiter, restore: restoreSaturated } = loadLimiterWithPool(saturatedPool);
  try {
    let called = false;
    const outcome = await saturatedLimiter.withProviderPollSlot(202, async () => {
      called = true;
      return "should-not-run";
    });
    assert.equal(outcome.acquired, false);
    assert.equal(outcome.value, undefined);
    assert.equal(called, false);
    assert.equal(
      saturatedPool.calls.some((call) => /DELETE FROM generation_provider_poll_slots/i.test(call.sql)),
      false,
    );
  } finally {
    restoreSaturated();
  }
 })().catch((error) => {
  console.error(error);
  process.exitCode = 1;
 });
@@ -0,0 +1,90 @@
 const assert = require("node:assert/strict");
 const {
  DEFAULT_IMAGE_EXPECTED_DURATION_MS,
  DEFAULT_VIDEO_EXPECTED_DURATION_MS,
  PROGRESS_SOURCE_ESTIMATED,
  PROGRESS_SOURCE_REAL,
  formatTaskProgressPayload,
  getExpectedDurationMs,
  parseTaskParams,
 } = require("../src/taskProgressContract");
 const createdAt = "2026-06-10T08:00:00.000Z";
 {
  const payload = formatTaskProgressPayload({
    id: 101,
    status: "completed",
    progress: 0,
    created_at: createdAt,
    params_json: "{}",
    result_url: "https://oss.example/result.png",
  });
  assert.equal(payload.taskId, 101);
  assert.equal(payload.progress, 100);
  assert.equal(payload.progressSource, PROGRESS_SOURCE_REAL);
  assert.equal(payload.stage, "\u5b8c\u6210");
  assert.equal(payload.startedAt, createdAt);
  assert.equal(payload.resultUrl, "https://oss.example/result.png");
 }
 {
  const payload = formatTaskProgressPayload({
    id: 102,
    status: "running",
    progress: 43,
    progress_source: PROGRESS_SOURCE_REAL,
    created_at: createdAt,
    params_json: JSON.stringify({ model: "kling-3.0-dashscope", duration: 5 }),
    type: "video",
  });
  assert.equal(payload.progress, 43);
  assert.equal(payload.progressSource, PROGRESS_SOURCE_REAL);
  assert.equal(payload.stage, "\u751f\u6210\u4e2d");
  assert.equal(payload.expectedDurationMs, 300_000);
 }
 {
  const payload = formatTaskProgressPayload({
    id: 103,
    status: "running",
    progress: 0,
    created_at: createdAt,
    params_json: JSON.stringify({
      requestedModel: "nano-banana-pro",
      referenceUrls: ["https://oss.example/a.png", "https://oss.example/b.png"],
    }),
    type: "image",
  });
  assert.equal(payload.progressSource, PROGRESS_SOURCE_ESTIMATED);
  assert.equal(payload.stage, "\u5df2\u63d0\u4ea4");
  assert.equal(payload.expectedDurationMs, 250_000);
 }
 {
  const expectedDurationMs = getExpectedDurationMs({
    type: "video",
    params_json: JSON.stringify({ model: "kling-3.0-dashscope", duration: 10 }),
  });
  assert.equal(expectedDurationMs, 400_000);
 }
 {
  assert.deepEqual(parseTaskParams("{bad json"), {});
  assert.deepEqual(parseTaskParams({ model: "gpt-image-2" }), { model: "gpt-image-2" });
  assert.equal(
    getExpectedDurationMs({ type: "image", params_json: "{}" }),
    DEFAULT_IMAGE_EXPECTED_DURATION_MS,
  );
  assert.equal(
    getExpectedDurationMs({ type: "video", params_json: "{}" }),
    DEFAULT_VIDEO_EXPECTED_DURATION_MS,
  );
 }
 console.log("task progress contract tests passed");
@@ -6,7 +6,6 @@ const { getJwtSecret } = require("./securityConfig");
 const JWT_SECRET = getJwtSecret();
 const JWT_EXPIRES_IN = process.env.JWT_EXPIRES_IN || "7d";
 const MAX_CONCURRENT_SESSIONS = 2;
 const USER_CONTEXT_SELECT = `
  SELECT
@@ -170,25 +169,26 @@ function verifyToken(token) {
 async function startUserSession(userId, userAgent) {
  const sessionId = crypto.randomUUID();
-  await pool.query(
+  const client = await pool.connect();
-    "INSERT INTO user_sessions (id, user_id, user_agent, created_at) VALUES ($1, $2, $3, NOW())",
+  try {
-    [sessionId, userId, userAgent || null],
+    await client.query("BEGIN");
-  );
+    await client.query("SELECT id FROM users WHERE id = $1 FOR UPDATE", [userId]);
-  await pool.query(
+    await client.query("DELETE FROM user_sessions WHERE user_id = $1", [userId]);
-    `DELETE FROM user_sessions
+    await client.query(
-     WHERE user_id = $1
+      "INSERT INTO user_sessions (id, user_id, user_agent, created_at) VALUES ($1, $2, $3, NOW())",
-       AND id NOT IN (
+      [sessionId, userId, userAgent || null],
-         SELECT id FROM user_sessions
+    );
-         WHERE user_id = $1
+    await client.query(
-         ORDER BY created_at DESC
+      "UPDATE users SET current_session_id = $1, current_session_started_at = NOW(), updated_at = NOW() WHERE id = $2",
-         LIMIT $2
+      [sessionId, userId],
-       )`,
+    );
-    [userId, MAX_CONCURRENT_SESSIONS],
+    await client.query("COMMIT");
-  );
+  } catch (error) {
-  await pool.query(
+    await client.query("ROLLBACK");
-    "UPDATE users SET current_session_id = $1, current_session_started_at = NOW(), updated_at = NOW() WHERE id = $2",
+    throw error;
-    [sessionId, userId],
+  } finally {
-  );
+    client.release();
  }
  return sessionId;
 }
@@ -1,29 +1,46 @@
 /**
- * Billing module — handles balance deduction (in cents), package quotas,
+ * Billing module — handles balance deduction, package quotas,
 * transactions, and key-lease pre-authorization.
 *
- * Money conventions:
+ * Unit conventions:
- *   - balance: cents (分, 1/100 CNY) — stored in users.balance_cents and enterprises.balance_cents
+ *   - payment_orders.amount_cents / packages.price_cents: cash amount in CNY cents.
- *   - prices: mills (厘, 1/1000 CNY) — stored in model_prices.*_mills
+ *   - users.balance_cents / enterprises.balance_cents / transactions.amount_cents:
- *   - cost calculation: mills → convert to cents at deduction time (divide by 10, floor)
+ *     credit units, where 100 units = 1 platform credit.
- *   - transactions: cents — amount_cents, balance_after_cents
+ *   - model_prices.*_mills: CNY mills. 1 CNY = 100 credits, so 1 mill = 10 credit units.
 *
 * Flow:
 *   - Enterprise admin recharges enterprise pool → distributes to employee users
- *   - API deductions come from users.balance_cents (per-user)
+ *   - API deductions come from users.balance_cents (per-user credit balance)
 *   - Personal users recharge their own users.balance_cents directly
 */
 const { pool, withTransaction } = require("./db");
 const { calculateCostMills, getModelPrice } = require("./pricing");
-const IMAGE_GENERATION_FLAT_COST_CENTS = 20;
+const CREDIT_UNITS_PER_CREDIT = 100;
 const CREDITS_PER_CNY = 100;
 const CREDIT_UNITS_PER_CNY_CENT = 100;
 const CREDIT_UNITS_PER_CNY_MILL = 10;
 const IMAGE_GENERATION_FLAT_COST_CREDITS = 20;
 const IMAGE_GENERATION_FLAT_COST_CENTS = IMAGE_GENERATION_FLAT_COST_CREDITS * CREDIT_UNITS_PER_CREDIT;
 function creditsToCreditUnits(credits) {
  return Math.max(0, Math.round(Number(credits || 0) * CREDIT_UNITS_PER_CREDIT));
 }
 function formatCreditsFromCents(amountCents) {
-  const value = Number(amountCents || 0) / 100;
+  const value = Number(amountCents || 0) / CREDIT_UNITS_PER_CREDIT;
  return Number.isInteger(value) ? String(value) : String(Number(value.toFixed(2)));
 }
 function cashCentsToCreditUnits(amountCents) {
  return Math.max(0, Math.round(Number(amountCents || 0) * CREDIT_UNITS_PER_CNY_CENT));
 }
 function millsToCreditUnits(mills) {
  return Math.max(0, Math.round(Number(mills || 0) * CREDIT_UNITS_PER_CNY_MILL));
 }
 async function recordEnterpriseCreditLedger(client, entry) {
  const enterpriseId = entry?.enterpriseId || null;
  const userId = entry?.userId || null;
@@ -114,10 +131,6 @@ async function getEnterpriseName(enterpriseId) {
  return rows[0] ? rows[0].name : null;
 }
 function millsToCents(mills) {
  return Math.floor(mills / 10);
 }
 // ── Atomic balance helpers ───────────────────────────────────────────
 async function atomicDeductUserBalance(client, userId, amountCents) {
@@ -167,7 +180,7 @@ async function preauthorizeCall(userId, provider) {
  const { rows } = await pool.query(
    `
-    SELECT COALESCE(CAST(ROUND(AVG(cost_estimate * 100)::numeric) AS INTEGER), 0) AS avg_cents
+    SELECT COALESCE(CAST(ROUND(AVG(cost_estimate * 10000)::numeric) AS INTEGER), 0) AS avg_cents
    FROM api_call_logs
    WHERE provider = $1
      AND status = 'success'
@@ -185,10 +198,9 @@ async function preauthorizeCall(userId, provider) {
  const bufferedEstimate = Math.ceil(estimatedCostCents * 1.2);
  if (balanceCents < bufferedEstimate) {
    const credits = Math.floor(balanceCents / 100);
    return {
      authorized: false,
-      message: `账户积分不足，请充值 (当前 ${credits} 积分，预估需要 ${Math.ceil(bufferedEstimate / 100)} 积分)`,
+      message: `账户积分不足，请充值 (当前 ${formatCreditsFromCents(balanceCents)} 积分，预估需要 ${formatCreditsFromCents(bufferedEstimate)} 积分)`,
    };
  }
@@ -205,9 +217,9 @@ async function deductForApiCall(userId, model, promptTokens, completionTokens) {
    return { success: true, costCents: 0, deductionType: "none", message: "No pricing" };
  }
-  const costCents = millsToCents(costMills);
+  const costCents = millsToCreditUnits(costMills);
  if (costCents <= 0) {
-    return { success: true, costCents: 0, deductionType: "none", message: "Cost below 1 cent" };
+    return { success: true, costCents: 0, deductionType: "none", message: "Cost below minimum credit unit" };
  }
  const billingState = await getUserBillingState(userId);
@@ -408,7 +420,7 @@ async function tryDeductFromUserBalance(userId, enterpriseId, amountCents, ledge
        userId,
        -amountCents,
        newBal,
-        `API 调用扣费 ${Math.ceil(amountCents / 100)} 积分`,
+        `API 调用扣费 ${formatCreditsFromCents(amountCents)} 积分`,
      ],
    );
@@ -429,16 +441,15 @@ async function tryDeductFromUserBalance(userId, enterpriseId, amountCents, ledge
  if (newBalanceCents == null) {
    const currentBalance = await getUserBalanceCents(userId);
    const credits = Math.floor((currentBalance || 0) / 100);
    return {
      success: false,
-      message: `积分不足 (当前 ${credits} 积分，需要 ${Math.ceil(amountCents / 100)} 积分)`,
+      message: `积分不足 (当前 ${formatCreditsFromCents(currentBalance || 0)} 积分，需要 ${formatCreditsFromCents(amountCents)} 积分)`,
    };
  }
  return {
    success: true,
-    message: `Deducted ${Math.ceil(amountCents / 100)} credits, balance: ${Math.floor(newBalanceCents / 100)} credits`,
+    message: `Deducted ${formatCreditsFromCents(amountCents)} credits, balance: ${formatCreditsFromCents(newBalanceCents)} credits`,
  };
 }
@@ -484,7 +495,7 @@ async function settleLease(leaseId, actualCostCents) {
            userId,
            -diffCents,
            newBal,
-            `API 预估差额扣费 ${Math.ceil(diffCents / 100)} 积分`,
+            `API 预估差额扣费 ${formatCreditsFromCents(diffCents)} 积分`,
          ],
        );
      }
@@ -503,7 +514,7 @@ async function settleLease(leaseId, actualCostCents) {
            userId,
            refundCents,
            newBal,
-            `API 预估差额退回 ${Math.ceil(refundCents / 100)} 积分`,
+            `API 预估差额退回 ${formatCreditsFromCents(refundCents)} 积分`,
          ],
        );
      }
@@ -628,7 +639,7 @@ async function distributeCredits(enterpriseId, targetUserId, amountCents, adminU
        targetUserId,
        amountCents,
        newUserBal,
-        `从企业池获得 ${Math.floor(amountCents / 100)} 积分`,
+        `从企业池获得 ${formatCreditsFromCents(amountCents)} 积分`,
        adminUserId,
      ],
    );
@@ -761,4 +772,8 @@ module.exports = {
  preauthorizeCall,
  settleLease,
  forceSettleLease,
  creditsToCreditUnits,
  cashCentsToCreditUnits,
  millsToCreditUnits,
  formatCreditsFromCents,
 };
@@ -353,16 +353,8 @@ async function migrateGenerationTasksBillingColumns(client) {
  );
 }
-async function migrateGenerationTaskResultPersistence(client) {
+async function migrateGenerationTaskProgressContract() {
-  await addColumnIfMissing("generation_tasks", "result_persist_status TEXT NOT NULL DEFAULT 'pending'");
+  await addColumnIfMissing("generation_tasks", "progress_source TEXT");
  await addColumnIfMissing("generation_tasks", "result_persist_attempts INTEGER NOT NULL DEFAULT 0");
  await addColumnIfMissing("generation_tasks", "result_persist_error TEXT");
  await addColumnIfMissing("generation_tasks", "result_persisted_at TIMESTAMPTZ");
  await client.query(`
    CREATE INDEX IF NOT EXISTS idx_generation_tasks_result_persist_retry
      ON generation_tasks(result_persist_status, updated_at)
      WHERE status = 'completed' AND result_url IS NOT NULL
  `);
 }
 async function ensureModelPriceSeed() {
@@ -531,6 +523,7 @@ async function migrateGenerationTasksSchema(client) {
      params_json TEXT NOT NULL DEFAULT '{}',
      result_url VARCHAR(2000),
      progress INTEGER NOT NULL DEFAULT 0,
      progress_source TEXT,
      error TEXT,
      dedupe_key VARCHAR(256),
      source_device_id VARCHAR(128),
@@ -971,7 +964,7 @@ async function ensureSchema() {
  await runMigration("030_generation_tasks_user_status_index", migrateGenerationTasksUserStatusIndex);
  await runMigration("031_generation_tasks_billing_columns", migrateGenerationTasksBillingColumns);
  await runMigration("032_ecommerce_video_history", migrateEcommerceVideoHistorySchema);
-  await runMigration("033_generation_task_result_persistence", migrateGenerationTaskResultPersistence);
+  await runMigration("033_generation_task_progress_contract", migrateGenerationTaskProgressContract);
  await ensureModelPriceSeed();
 }
@@ -19,6 +19,56 @@ const ENTERPRISE_VIDEO_ALLOWED_MODELS = new Set([
  "pixverse-c1-i2v",
 ]);
 const CREDITS_PER_CNY = 100;
 const CREDIT_UNITS_PER_CREDIT = 100;
 const ENTERPRISE_VIDEO_RESOLUTIONS = ["720P", "1080P"];
 const ENTERPRISE_VIDEO_DEFAULT_RESOLUTION = "1080P";
 const ENTERPRISE_VIDEO_PRICING_RULES = [
  {
    id: "happyhorse",
    modelIncludes: ["happyhorse"],
    rates: { "720P": 0.72, "1080P": 1.28 },
  },
  {
    id: "wanxiang-i2v",
    modelIncludes: ["wan2.7-i2v", "wanxiang"],
    rates: { "720P": 0.6, "1080P": 1 },
  },
  {
    id: "wan-animate-s2v",
    modelIncludes: ["animate-mix", "s2v"],
    rates: { "720P": 0.6, "1080P": 1 },
  },
  {
    id: "kling-muted-reference",
    modelIncludes: ["kling"],
    when: { muted: true, hasReferenceVideo: true },
    rates: { "720P": 0.9, "1080P": 1.2 },
  },
  {
    id: "kling-muted",
    modelIncludes: ["kling"],
    when: { muted: true, hasReferenceVideo: false },
    rates: { "720P": 0.6, "1080P": 0.8 },
  },
  {
    id: "kling-default",
    modelIncludes: ["kling"],
    rates: { "720P": 0.9, "1080P": 1.2 },
  },
  {
    id: "vidu",
    modelIncludes: ["vidu"],
    rates: { "720P": 0.6, "1080P": 1 },
  },
  {
    id: "pixverse",
    modelIncludes: ["pixverse"],
    rates: { "720P": 0.6, "1080P": 1 },
  },
 ];
 function normalizeModel(value) {
  return String(value || "").trim().toLowerCase();
 }
@@ -33,6 +83,21 @@ function normalizeEnterpriseVideoDuration(value) {
  return Math.max(1, Math.ceil(numeric));
 }
 function enterpriseVideoPricingRuleMatches(rule, input, model) {
  if (!rule.modelIncludes.some((pattern) => model.includes(pattern))) return false;
  if (!rule.when) return true;
  if (Object.prototype.hasOwnProperty.call(rule.when, "muted") && Boolean(input.muted) !== rule.when.muted) {
    return false;
  }
  if (
    Object.prototype.hasOwnProperty.call(rule.when, "hasReferenceVideo") &&
    Boolean(input.hasReferenceVideo) !== rule.when.hasReferenceVideo
  ) {
    return false;
  }
  return true;
 }
 function isEnterpriseVideoBillingUser(user) {
  return Boolean(user?.enterpriseId);
 }
@@ -66,33 +131,10 @@ function getEnterpriseVideoCreditRate(input) {
  const resolution = normalizeEnterpriseVideoResolution(input.resolution || input.quality);
  const model = normalizeModel(input.model || input.requestedModel);
-  if (model.includes("happyhorse")) {
+  const rule = ENTERPRISE_VIDEO_PRICING_RULES.find((candidate) =>
-    return resolution === "720P" ? 0.72 : 1.28;
+    enterpriseVideoPricingRuleMatches(candidate, input, model),
-  }
+  );
-
+  if (rule) return rule.rates[resolution] ?? rule.rates[ENTERPRISE_VIDEO_DEFAULT_RESOLUTION];
  if (model.includes("wan2.7-i2v") || model.includes("wanxiang")) {
    return resolution === "720P" ? 0.6 : 1;
  }
  if (model.includes("animate-mix") || model.includes("s2v")) {
    return resolution === "720P" ? 0.6 : 1;
  }
  if (model.includes("kling")) {
    if (input.muted) {
      if (input.hasReferenceVideo) return resolution === "720P" ? 0.9 : 1.2;
      return resolution === "720P" ? 0.6 : 0.8;
    }
    return resolution === "720P" ? 0.9 : 1.2;
  }
  if (model.includes("vidu")) {
    return resolution === "720P" ? 0.6 : 1.0;
  }
  if (model.includes("pixverse")) {
    return resolution === "720P" ? 0.6 : 1.0;
  }
  const error = new Error(`Unsupported enterprise video model: ${input.model || input.requestedModel}`);
  error.status = 403;
@@ -100,9 +142,25 @@ function getEnterpriseVideoCreditRate(input) {
  throw error;
 }
 function getEnterpriseVideoPricingConfig() {
  return {
    currency: "CNY",
    creditsPerCny: CREDITS_PER_CNY,
    billingUnit: "per_second",
    defaultResolution: ENTERPRISE_VIDEO_DEFAULT_RESOLUTION,
    resolutions: [...ENTERPRISE_VIDEO_RESOLUTIONS],
    rules: ENTERPRISE_VIDEO_PRICING_RULES.map((rule) => ({
      id: rule.id,
      modelIncludes: [...rule.modelIncludes],
      when: rule.when ? { ...rule.when } : undefined,
      rates: { ...rule.rates },
    })),
  };
 }
 function calculateEnterpriseVideoCredits(input) {
  const duration = normalizeEnterpriseVideoDuration(input.durationSeconds || input.duration);
-  return Number((getEnterpriseVideoCreditRate(input) * duration).toFixed(2));
+  return Number((getEnterpriseVideoCreditRate(input) * duration * CREDITS_PER_CNY).toFixed(2));
 }
 function calculateEnterpriseVideoCost(input) {
@@ -113,7 +171,7 @@ function calculateEnterpriseVideoCost(input) {
    resolution,
    durationSeconds,
  });
-  const rateCentsPerSecond = Math.round(rateCreditsPerSecond * 100);
+  const rateCentsPerSecond = Math.round(rateCreditsPerSecond * CREDITS_PER_CNY * CREDIT_UNITS_PER_CREDIT);
  return {
    resolution,
    durationSeconds,
@@ -230,6 +288,7 @@ module.exports = {
  assertEnterpriseVideoModelAllowed,
  calculateEnterpriseVideoCost,
  calculateEnterpriseVideoCredits,
  getEnterpriseVideoPricingConfig,
  getEnterpriseVideoCreditRate,
  isEnterpriseVideoBillingUser,
  isEnterpriseVideoModelAllowed,
@@ -3,8 +3,17 @@ const express = require('express')
 const rateLimit = require('express-rate-limit')
 const cors = require('cors')
 const helmet = require('helmet')
-const { startSettlementWorker } = require('./settlementWorker')
+const { startSettlementWorker, stopSettlementWorker } = require('./settlementWorker')
-const { startProviderHealthMonitor } = require('./providerHealthMonitor')
+const { startProviderHealthMonitor, stopProviderHealthMonitor } = require('./providerHealthMonitor')
 const {
  startStaleTaskCleanup,
  startTaskEventListener,
  startPollerRecovery,
  stopStaleTaskCleanup,
  stopTaskEventListener,
  stopPollerRecovery,
  stopAllPollers,
 } = require('./aiTaskWorker')
 const { ensureDatabase } = require('./dbSetup')
 const { assertRuntimeSecurityConfig } = require('./securityConfig')
 const { loadPriceCache } = require('./pricing')
@@ -17,6 +26,7 @@ const PORT = Number(process.env.PORT) || 3600
 const HOST = process.env.HOST || '0.0.0.0'
 const IS_PRODUCTION = process.env.NODE_ENV === 'production'
 let server = null
 let staleLeaseCleanupTimer = null
 // CORS: in production, require explicit allowlist; in dev, allow all with credentials
 function buildCorsOptions() {
@@ -133,18 +143,20 @@ async function main() {
  // Periodic stale lease cleanup (every 5 min)
  const { cleanStaleLeases } = require('./keyManager')
-  setInterval(() => {
+  staleLeaseCleanupTimer = setInterval(() => {
    cleanStaleLeases().then((cleaned) => {
      if (cleaned > 0) console.log(`[cleanup] Released ${cleaned} stale lease(s)`)
    }).catch((err) => {
      console.error('[cleanup] error:', err)
    })
  }, 5 * 60 * 1000)
  if (staleLeaseCleanupTimer.unref) staleLeaseCleanupTimer.unref()
  startSettlementWorker()
  startProviderHealthMonitor()
-  const { startStaleTaskCleanup } = require('./aiTaskWorker')
+  await startTaskEventListener()
  startPollerRecovery()
  startStaleTaskCleanup()
  server = app.listen(PORT, HOST, () => {
@@ -173,29 +185,47 @@ process.on('uncaughtException', (err) => {
 // ── Graceful shutdown ───────────────────────────────────────────────────
 let shuttingDown = false
-function gracefulShutdown(signal) {
+async function shutdownRuntimeState() {
  if (staleLeaseCleanupTimer) {
    clearInterval(staleLeaseCleanupTimer)
    staleLeaseCleanupTimer = null
  }
  stopSettlementWorker()
  stopProviderHealthMonitor()
  stopPollerRecovery()
  stopStaleTaskCleanup()
  await Promise.allSettled([stopTaskEventListener(), stopAllPollers()])
 }
 function closeServer() {
  if (!server || !server.listening) return Promise.resolve()
  return new Promise((resolve) => {
    server.close(() => {
      console.log('[shutdown] Server closed, cleaning up...')
      resolve()
    })
  })
 }
 async function gracefulShutdown(signal) {
  if (shuttingDown) return
  shuttingDown = true
  console.log('[shutdown] Received ' + signal + ', draining connections...')
-  if (server && server.listening) {
+  setTimeout(() => {
-    server.close(() => {
+    console.error('[shutdown] Forced exit after timeout')
-      console.log('[shutdown] Server closed, cleaning up...')
+    process.exit(1)
-      const { stopProviderHealthMonitor } = require('./providerHealthMonitor')
+  }, 15000).unref()
      stopProviderHealthMonitor()
      const { pool } = require('./db')
      pool.end().then(() => {
        console.log('[shutdown] Database pool closed')
        process.exit(0)
      }).catch(() => process.exit(0))
    })
-    // Force exit after timeout
+  try {
-    setTimeout(() => {
+    await shutdownRuntimeState()
-      console.error('[shutdown] Forced exit after timeout')
+    await closeServer()
-      process.exit(1)
+    const { pool } = require('./db')
-    }, 15000).unref()
+    await pool.end()
-  } else {
+    console.log('[shutdown] Database pool closed')
    process.exit(0)
  } catch (err) {
    console.error('[shutdown] error:', err)
    process.exit(0)
  }
 }
@@ -297,8 +297,7 @@ async function releaseLeaseInternal(leaseToken, user, options = {}) {
        WHERE id = (SELECT id FROM candidate)
        RETURNING id, key_id
      )
-      SELECT r.id, r.key_id, c.provider
+      SELECT r.id, r.key_id, c.user_id AS lease_user_id, c.enterprise_id AS lease_enterprise_id, c.provider
           , c.user_id, c.enterprise_id
      FROM released r
      JOIN candidate c ON c.key_id = r.key_id
    `,
@@ -340,7 +339,13 @@ async function releaseLeaseInternal(leaseToken, user, options = {}) {
      INSERT INTO usage_logs (user_id, enterprise_id, provider, key_id, action)
      VALUES ($1, $2, (SELECT provider FROM api_keys WHERE id = $3), $4, $5)
    `,
-      [userId ?? lease.user_id, enterpriseId ?? lease.enterprise_id, lease.key_id, lease.key_id, "release"],
+      [
        userId || lease.lease_user_id,
        enterpriseId || lease.lease_enterprise_id,
        lease.key_id,
        lease.key_id,
        "release",
      ],
    );
    return {
@@ -1,7 +1,7 @@
 const fs = require("node:fs");
 const { AlipaySdk } = require("alipay-sdk");
 const { pool, withTransaction } = require("./db");
-const { creditBalance, creditUserBalance, activatePackage } = require("./billing");
+const { cashCentsToCreditUnits, creditBalance, creditUserBalance, activatePackage, formatCreditsFromCents } = require("./billing");
 let alipayInstance = null;
@@ -130,17 +130,19 @@ async function handlePaymentSuccess(orderNo, tradeNo) {
    );
    if (order.type === "personal_recharge" && order.user_id) {
      const creditUnits = cashCentsToCreditUnits(order.amount_cents);
      await creditUserBalance(
        order.user_id,
-        order.amount_cents,
+        creditUnits,
-        `支付宝充值 ${Math.floor(order.amount_cents / 100)} 积分`,
+        `支付宝充值 ${formatCreditsFromCents(creditUnits)} 积分`,
        orderNo,
      );
    } else if (order.type === "recharge") {
      const creditUnits = cashCentsToCreditUnits(order.amount_cents);
      await creditBalance(
        order.enterprise_id,
-        order.amount_cents,
+        creditUnits,
-        `支付宝充值 ${Math.floor(order.amount_cents / 100)} 积分`,
+        `支付宝充值 ${formatCreditsFromCents(creditUnits)} 积分`,
        orderNo,
      );
    } else if (order.type === "package" && order.package_id) {
@@ -2,7 +2,7 @@ const _crypto = require("node:crypto");
 const fs = require("node:fs");
 const WxPay = require("wechatpay-node-v3");
 const { pool, withTransaction } = require("./db");
-const { creditBalance, creditUserBalance, activatePackage } = require("./billing");
+const { cashCentsToCreditUnits, creditBalance, creditUserBalance, activatePackage, formatCreditsFromCents } = require("./billing");
 let wxPayInstance = null;
@@ -140,17 +140,19 @@ async function handlePaymentSuccess(orderNo, transactionId) {
    );
    if (order.type === "personal_recharge" && order.user_id) {
      const creditUnits = cashCentsToCreditUnits(order.amount_cents);
      await creditUserBalance(
        order.user_id,
-        order.amount_cents,
+        creditUnits,
-        `微信充值 ${Math.floor(order.amount_cents / 100)} 积分`,
+        `微信充值 ${formatCreditsFromCents(creditUnits)} 积分`,
        orderNo,
      );
    } else if (order.type === "recharge") {
      const creditUnits = cashCentsToCreditUnits(order.amount_cents);
      await creditBalance(
        order.enterprise_id,
-        order.amount_cents,
+        creditUnits,
-        `微信充值 ${Math.floor(order.amount_cents / 100)} 积分`,
+        `微信充值 ${formatCreditsFromCents(creditUnits)} 积分`,
        orderNo,
      );
    } else if (order.type === "package" && order.package_id) {
@@ -176,7 +176,7 @@ async function getAverageCostCents(provider) {
  const { rows } = await pool.query(
    `
    SELECT CAST(ROUND(AVG(CASE
-      WHEN cost_estimate IS NOT NULL THEN cost_estimate * 100
+      WHEN cost_estimate IS NOT NULL THEN cost_estimate * 10000
      ELSE 0
    END)::numeric) AS INTEGER) AS avg_cents
    FROM api_call_logs
@@ -7,6 +7,7 @@
 */
 const { pool } = require("./db");
 const { recordProviderSuccess, recordProviderFailure, getAllBreakerStats } = require("./providerCircuitBreaker");
 const CHECK_INTERVAL_MS = 5 * 60 * 1000;
 const DASHSCOPE_TEST_MODEL = "qwen-max";
@@ -21,6 +22,15 @@ const providerHealthCache = {
  grsai: { status: "unknown", lastCheck: null, lastError: null, details: null },
 };
 function recordProbeOutcome(provider, result, latencyMs) {
  if (!provider) return;
  if (result?.ok) {
    recordProviderSuccess(provider, latencyMs);
  } else {
    recordProviderFailure(provider);
  }
 }
 async function getDashScopeKey() {
  const { rows } = await pool.query(
    "SELECT id, api_key FROM api_keys WHERE provider LIKE '%dashscope%' AND enabled = 1 ORDER BY id LIMIT 1"
@@ -120,8 +130,10 @@ async function runHealthCheck() {
  // ── DashScope ──
  const dashKey = await getDashScopeKey();
  if (dashKey) {
    const startedAt = Date.now();
    try {
      const result = await probeDashScope(dashKey);
      recordProbeOutcome("dashscope", result, Date.now() - startedAt);
      const prev = providerHealthCache.dashscope.status;
      providerHealthCache.dashscope = {
        status: result.status,
@@ -144,6 +156,7 @@ async function runHealthCheck() {
        }
      }
    } catch (err) {
      recordProviderFailure("dashscope");
      providerHealthCache.dashscope = {
        status: "timeout",
        lastCheck: new Date().toISOString(),
@@ -164,8 +177,10 @@ async function runHealthCheck() {
  // ── GrsAI ──
  const grsaiKey = await getGrsaiKey();
  if (grsaiKey) {
    const startedAt = Date.now();
    try {
      const result = await probeGrsai(grsaiKey);
      recordProbeOutcome("grsai", result, Date.now() - startedAt);
      const prev = providerHealthCache.grsai.status;
      providerHealthCache.grsai = {
        status: result.status,
@@ -186,6 +201,7 @@ async function runHealthCheck() {
        }
      }
    } catch (err) {
      recordProviderFailure("grsai");
      providerHealthCache.grsai = {
        status: "timeout",
        lastCheck: new Date().toISOString(),
@@ -204,10 +220,7 @@ async function runHealthCheck() {
  }
  // ── Circuit breaker summary ──
-  try {
+  providerHealthCache.circuitBreaker = getAllBreakerStats();
    const cb = require("./providerCircuitBreaker");
    providerHealthCache.circuitBreaker = cb.getProviderStatusMap ? cb.getProviderStatusMap() : null;
  } catch {}
  // ── Admin low-balance alert ──
  try {
@@ -0,0 +1,120 @@
 "use strict";
 const crypto = require("node:crypto");
 const { pool } = require("./db");
 const DEFAULT_MAX_CONCURRENCY = 8;
 const DEFAULT_SLOT_TTL_MS = 30_000;
 const POLL_SCOPE = "generation-provider-poll:global";
 const OWNER_ID = `${process.pid}-${crypto.randomUUID()}`;
 let storeReady = null;
 function normalizePositiveInteger(value, fallback) {
  const numeric = Number(value);
  if (!Number.isFinite(numeric) || numeric <= 0) return fallback;
  return Math.max(1, Math.trunc(numeric));
 }
 function getMaxConcurrency() {
  return normalizePositiveInteger(process.env.TASK_PROVIDER_POLL_MAX_CONCURRENCY, DEFAULT_MAX_CONCURRENCY);
 }
 function getSlotTtlInterval() {
  const ttlMs = normalizePositiveInteger(process.env.TASK_PROVIDER_POLL_SLOT_TTL_MS, DEFAULT_SLOT_TTL_MS);
  return `${Math.max(1, Math.ceil(ttlMs / 1000))} seconds`;
 }
 async function ensureProviderPollLimiterStore() {
  if (storeReady) return storeReady;
  storeReady = pool.query(`
    CREATE TABLE IF NOT EXISTS generation_provider_poll_slots (
      scope TEXT NOT NULL,
      slot_no INTEGER NOT NULL,
      owner_id TEXT NOT NULL,
      task_id INTEGER,
      expires_at TIMESTAMPTZ NOT NULL,
      acquired_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
      updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
      PRIMARY KEY (scope, slot_no)
    );
    CREATE INDEX IF NOT EXISTS idx_generation_provider_poll_slots_expires
      ON generation_provider_poll_slots(expires_at);
  `).catch((err) => {
    storeReady = null;
    throw err;
  });
  return storeReady;
 }
 async function acquireProviderPollSlot(taskId, options = {}) {
  await ensureProviderPollLimiterStore();
  const scope = options.scope || POLL_SCOPE;
  const maxConcurrency = normalizePositiveInteger(options.maxConcurrency, getMaxConcurrency());
  const ttlInterval = options.ttlInterval || getSlotTtlInterval();
  const { rows } = await pool.query(
    `
    WITH candidate AS (
      SELECT s.slot_no
      FROM generate_series(1, $2::integer) AS s(slot_no)
      LEFT JOIN generation_provider_poll_slots l
        ON l.scope = $1 AND l.slot_no = s.slot_no
      WHERE l.scope IS NULL OR l.expires_at < NOW()
      ORDER BY s.slot_no ASC
      LIMIT 1
    ),
    claimed AS (
      INSERT INTO generation_provider_poll_slots (
        scope, slot_no, owner_id, task_id, expires_at, acquired_at, updated_at
      )
      SELECT $1, slot_no, $3, $4, NOW() + ($5::text)::interval, NOW(), NOW()
      FROM candidate
      ON CONFLICT (scope, slot_no) DO UPDATE SET
        owner_id = EXCLUDED.owner_id,
        task_id = EXCLUDED.task_id,
        expires_at = EXCLUDED.expires_at,
        acquired_at = NOW(),
        updated_at = NOW()
      WHERE generation_provider_poll_slots.expires_at < NOW()
      RETURNING scope, slot_no
    )
    SELECT scope, slot_no FROM claimed
  `,
    [scope, maxConcurrency, OWNER_ID, taskId || null, ttlInterval],
  );
  const slot = rows[0];
  return slot ? { scope: slot.scope, slotNo: slot.slot_no, ownerId: OWNER_ID } : null;
 }
 async function releaseProviderPollSlot(slot) {
  if (!slot?.scope || !slot?.slotNo) return;
  await ensureProviderPollLimiterStore();
  await pool.query(
    "DELETE FROM generation_provider_poll_slots WHERE scope = $1 AND slot_no = $2 AND owner_id = $3",
    [slot.scope, slot.slotNo, slot.ownerId || OWNER_ID],
  );
 }
 async function withProviderPollSlot(taskId, fn, options = {}) {
  const slot = await acquireProviderPollSlot(taskId, options);
  if (!slot) return { acquired: false, value: undefined };
  try {
    return { acquired: true, value: await fn() };
  } finally {
    await releaseProviderPollSlot(slot).catch((err) => {
      console.error(`[providerPollLimiter] failed to release poll slot ${slot.scope}:${slot.slotNo}:`, err.message);
    });
  }
 }
 module.exports = {
  acquireProviderPollSlot,
  ensureProviderPollLimiterStore,
  getMaxConcurrency,
  normalizePositiveInteger,
  releaseProviderPollSlot,
  withProviderPollSlot,
 };
@@ -6,6 +6,8 @@ const {
  listModelPrices,
  loadPriceCache,
  creditUserBalance,
  creditsToCreditUnits,
  formatCreditsFromCents,
  pool,
  validateUsername,
  validatePassword,
@@ -156,14 +158,18 @@ function registerAdminRoutes(router) {
  router.post("/admin/users/:id/credit", requireAuth, requireAdmin, async (req, res) => {
    const targetUserId = Number(req.params.id);
-    const { amountCents } = req.body;
+    const { amountCredits, amountCents } = req.body;
-    if (!amountCents || amountCents <= 0) return res.status(400).json({ error: "积分必须大于 0" });
+    const creditUnits =
      amountCredits !== undefined && amountCredits !== null && amountCredits !== ""
        ? creditsToCreditUnits(amountCredits)
        : Number(amountCents);
    if (!creditUnits || creditUnits <= 0) return res.status(400).json({ error: "积分必须大于 0" });
    try {
      const newBalance = await creditUserBalance(
        targetUserId,
-        amountCents,
+        creditUnits,
-        `管理员 ${req.user.username} 发放 ${Math.floor(amountCents / 100)} 积分`,
+        `管理员 ${req.user.username} 发放 ${formatCreditsFromCents(creditUnits)} 积分`,
      );
      res.json({ success: true, newBalanceCents: newBalance });
    } catch (err) {
@@ -547,6 +553,8 @@ function registerAdminRoutes(router) {
      name,
      description = "",
      priceCents,
      credits,
      amountCredits,
      creditsCents = 0,
      imageQuota = 0,
      videoQuota = 0,
@@ -572,7 +580,9 @@ function registerAdminRoutes(router) {
          name,
          description,
          Number(priceCents),
-          Number(creditsCents || 0),
+          credits !== undefined || amountCredits !== undefined
            ? creditsToCreditUnits(credits ?? amountCredits)
            : Number(creditsCents || 0),
          Number(imageQuota || 0),
          Number(videoQuota || 0),
          Number(textQuota || 0),
@@ -599,6 +609,8 @@ function registerAdminRoutes(router) {
      name,
      description,
      priceCents,
      credits,
      amountCredits,
      creditsCents,
      imageQuota,
      videoQuota,
@@ -623,7 +635,10 @@ function registerAdminRoutes(router) {
      updates.push(`price_cents = $${idx++}`);
      params.push(Number(priceCents));
    }
-    if (creditsCents !== undefined) {
+    if (credits !== undefined || amountCredits !== undefined) {
      updates.push(`credits_cents = $${idx++}`);
      params.push(creditsToCreditUnits(credits ?? amountCredits));
    } else if (creditsCents !== undefined) {
      updates.push(`credits_cents = $${idx++}`);
      params.push(Number(creditsCents));
    }
@@ -4,7 +4,7 @@ const crypto = require("node:crypto");
 const { requireAuth, keyManager, preauthorizeCall, pool, withTransaction, deductImageGenerationCredits } = require("./context");
 const { putObject, isOssConfigured } = require("../ossClient");
 const { buildImageProviderDebug, resolveImageProviderCandidates, resolveVideoProvider, resolveTextProvider, getPostUrl } = require("../aiProviderRouter");
-const { shouldSkipProvider, recordProviderSuccess, recordProviderFailure } = require("../providerCircuitBreaker");
+const { shouldSkipProvider, recordProviderSuccess, recordProviderFailure, getAdaptiveTimeout } = require("../providerCircuitBreaker");
 const {
  isEnterpriseVideoBillingUser,
  markEnterpriseVideoCreditsAccepted,
@@ -16,7 +16,7 @@ const {
 } = require("../enterpriseVideoBilling");
 const {
  startPolling,
-  cancelTask,
+  cancelTaskRuntimeState,
  updateTaskInDb,
  extractProviderTaskId,
  extractImageUrl,
@@ -32,6 +32,10 @@ const {
  normalizeImageUpscaleFactor,
  normalizeVideoStyleTransformOptions,
 } = require("../aiUpscaleHelpers");
 const {
  formatTaskProgressPayload,
  parseTaskParams,
 } = require("../taskProgressContract");
 const GRSAI_IMAGE_QUALITY_MODEL_OVERRIDES = new Map([
  ["gpt-image-2", "1K"],
@@ -60,6 +64,7 @@ function toViapiAccessibleUrl(url) {
 const SUPER_RESOLVE_POLL_INTERVAL_MS = 3000;
 const SUPER_RESOLVE_MAX_POLL_ATTEMPTS = 200;
 const IMAGE_PROVIDER_SUBMIT_TIMEOUT_MS = 90_000;
 const GRSAI_IMAGE_SUBMIT_TIMEOUT_MS = Number(process.env.GRSAI_IMAGE_SUBMIT_TIMEOUT_MS || 30_000);
 const GEMINI_IMAGE_SUBMIT_TIMEOUT_MS = 180_000;
 const DASHSCOPE_VIDEO_STYLE_ENDPOINT = "https://dashscope.aliyuncs.com/api/v1/services/aigc/video-generation/video-synthesis";
 const DASHSCOPE_IMAGE_EDIT_ENDPOINT = "https://dashscope.aliyuncs.com/api/v1/services/aigc/image2image/image-synthesis";
@@ -98,6 +103,18 @@ function clampImageQualityForModel(model, quality) {
  return normalized;
 }
 function isDashscopeWan27Limited2KScene(params) {
  const model = String(params?.model || "").toLowerCase();
  if (model !== "wan2.7-image-pro") return false;
  const hasReferenceImages = Array.isArray(params.referenceUrls) && params.referenceUrls.some(Boolean);
  return hasReferenceImages || getGridCount(params.gridMode) > 1;
 }
 function resolveDashscopeImageQuality(params) {
  const quality = clampImageQualityForModel(params.model, params.quality);
  return isDashscopeWan27Limited2KScene(params) && quality === "4K" ? "2K" : quality;
 }
 function clampGrsaiImageQualityForModel(model, quality) {
  const normalized = normalizeQuality(quality, "1K");
  const maxQuality = GRSAI_IMAGE_MAX_QUALITY.get(String(model || "").toLowerCase());
@@ -335,18 +352,25 @@ async function assertUserGenerationConcurrencyLimit(userId, client = pool) {
    [userId],
  );
  const { rows: limitRows } = await client.query(
    "SELECT max_concurrency FROM users WHERE id = $1",
    [userId],
  );
  const rawLimit = Number(limitRows[0]?.max_concurrency);
  const concurrencyLimit = Number.isFinite(rawLimit) && rawLimit > 0 ? rawLimit : MAX_USER_ACTIVE_GENERATION_TASKS;
  const { rows } = await client.query(
    "SELECT COUNT(*)::int AS active_count FROM generation_tasks WHERE user_id = $1 AND status IN ('pending', 'running')",
    [userId],
  );
  const activeCount = Number(rows[0]?.active_count ?? rows[0]?.count ?? 0);
-  if (activeCount < MAX_USER_ACTIVE_GENERATION_TASKS) return;
+  if (activeCount < concurrencyLimit) return;
-  const error = new Error(GENERATION_CONCURRENCY_LIMIT_MESSAGE);
+  const error = new Error(`最多只能同时进行${concurrencyLimit}个任务`);
  error.status = 429;
  error.code = "GENERATION_CONCURRENCY_LIMIT";
  error.activeCount = activeCount;
-  error.maxActiveTasks = MAX_USER_ACTIVE_GENERATION_TASKS;
+  error.maxActiveTasks = concurrencyLimit;
  throw error;
 }
@@ -413,16 +437,8 @@ function sanitizeUpstreamError(value, fallback = "上游服务暂时不可用，
  return compact.slice(0, 320);
 }
 function parseTaskParams(value) {
  if (!value || typeof value !== "string") return {};
  try {
    return JSON.parse(value);
  } catch {
    return {};
  }
 }
 function formatAiTaskRow(row) {
  const progressPayload = formatTaskProgressPayload(row);
  return {
    taskId: String(row.id),
    projectId: row.project_id,
@@ -430,9 +446,13 @@ function formatAiTaskRow(row) {
    clientQueueId: row.client_queue_id || null,
    type: row.type,
    status: row.status,
-    progress: Number(row.progress || 0),
+    progress: progressPayload.progress,
-    resultUrl: row.result_url || null,
+    progressSource: progressPayload.progressSource,
-    error: row.error || null,
+    stage: progressPayload.stage,
    startedAt: progressPayload.startedAt,
    expectedDurationMs: progressPayload.expectedDurationMs,
    resultUrl: progressPayload.resultUrl,
    error: progressPayload.error,
    params: parseTaskParams(row.params_json),
    createdAt: row.created_at,
    updatedAt: row.updated_at,
@@ -470,17 +490,22 @@ function buildDashscopeImageBody(params) {
    if (url) content.push({ image: url });
  }
  content.push({ text: params.prompt });
-  const quality = clampImageQualityForModel(params.model, params.quality);
+  const quality = resolveDashscopeImageQuality(params);
  const gridCount = getGridCount(params.gridMode);
  const parameters = {
    size: mapAspectRatioToDashscopeSize(params.ratio, quality),
    n: gridCount,
    watermark: false,
  };
  if (gridCount > 1) {
    parameters.enable_sequential = true;
  }
  return {
    model: params.model,
    input: {
      messages: [{ role: "user", content }],
    },
-    parameters: {
+    parameters,
      size: mapAspectRatioToDashscopeSize(params.ratio, quality),
      n: params.gridMode === "grid-4" ? 4 : params.gridMode === "grid-9" ? 9 : 1,
      watermark: false,
    },
  };
 }
@@ -1048,6 +1073,16 @@ function registerAiRoutes(router) {
          error.costCents = billingResult.costCents;
          throw error;
        }
        if (billingResult.costCents > 0) {
          await client.query(
            "UPDATE generation_tasks SET cost_cents = $1, billing_target = $2, billing_refunded = 0, updated_at = NOW() WHERE id = $3",
            [
              billingResult.costCents,
              billingResult.deductionType === "enterprise_image_flat" ? "enterprise_image" : "user",
              nextTaskRow.id,
            ],
          );
        }
        return { taskRow: nextTaskRow, imageBilling: billingResult };
      });
      const preauth = { authorized: true, estimatedCostCents: 0, billingMode: imageBilling.deductionType };
@@ -1062,9 +1097,11 @@ function registerAiRoutes(router) {
        },
        providerDebug: buildImageProviderDebug(model),
      });
-      submitImageWithProviderFallback(taskRow.id, providerCandidates, req.user, preauth, params).catch((err) => {
+      submitImageWithProviderFallback(taskRow.id, providerCandidates, req.user, preauth, params).catch(async (err) => {
        console.error("[ai/image] submit error:", err.message);
-        updateTaskInDb(taskRow.id, { status: "failed", error: err.message });
+        await updateTaskInDb(taskRow.id, { status: "failed", error: err.message }).catch((updateErr) => {
          console.error(`[ai/image] failed to persist task ${taskRow.id} failure:`, updateErr.message);
        });
      });
    } catch (err) {
      console.error("[ai/image] error:", err.message);
@@ -1176,6 +1213,10 @@ function registerAiRoutes(router) {
            ...enterpriseBilling,
            taskId: nextTaskRow.id,
          });
          await client.query(
            "UPDATE generation_tasks SET cost_cents = $1, billing_target = 'enterprise_video', billing_refunded = 0, updated_at = NOW() WHERE id = $2",
            [nextBilling.amountCents, nextTaskRow.id],
          );
          return { taskRow: nextTaskRow, reservedBilling: nextBilling, regularBilling: null };
        }
        // Regular user: deduct from personal balance
@@ -1198,6 +1239,10 @@ function registerAiRoutes(router) {
          "INSERT INTO transactions (user_id, type, amount_cents, balance_after_cents, description) VALUES ($1, 'deduct', $2, $3, $4)",
          [req.user.id, -costCents, deducted.balance_cents, `视频生成扣费 ${credits} 积分`],
        );
        await client.query(
          "UPDATE generation_tasks SET cost_cents = $1, billing_target = 'user', billing_refunded = 0, updated_at = NOW() WHERE id = $2",
          [costCents, nextTaskRow.id],
        );
        return { taskRow: nextTaskRow, reservedBilling: null, regularBilling: { costCents, balanceAfterCents: deducted.balance_cents, credits } };
      });
@@ -1719,6 +1764,29 @@ function registerAiRoutes(router) {
    }
  });
  const streamTaskStatusPoll = async (taskId, userId, emit) => {
    const { rows } = await pool.query(
      "SELECT * FROM generation_tasks WHERE id = $1 AND user_id = $2",
      [taskId, userId],
    );
    const row = rows[0];
    if (!row) return { found: false, terminal: true };
    if (row.status === "pending" || row.status === "running") {
      pool.query(
        "UPDATE generation_tasks SET last_poll_at = NOW() WHERE id = $1",
        [taskId],
      ).catch(() => {});
    }
    const event = formatTaskProgressPayload(row);
    emit(event);
    return {
      found: true,
      terminal: ["completed", "failed", "cancelled"].includes(row.status),
    };
  };
  router.get("/ai/tasks/:taskId/stream", requireAuth, async (req, res) => {
    const { taskId } = req.params;
    try {
@@ -1736,13 +1804,7 @@ function registerAiRoutes(router) {
      });
      const row = rows[0];
-      const initial = {
+      const initial = formatTaskProgressPayload(row);
        taskId: row.id,
        status: row.status,
        progress: row.progress,
        resultUrl: row.result_url || null,
        error: row.error || null,
      };
      res.write(`data: ${JSON.stringify(initial)}\n\n`);
      if (["completed", "failed", "cancelled"].includes(row.status)) {
@@ -1750,16 +1812,43 @@ function registerAiRoutes(router) {
        return;
      }
      let closed = false;
      let lastSnapshot = JSON.stringify(initial);
      let dbPollTimer = null;
      const endStream = () => {
        if (closed) return;
        closed = true;
        if (dbPollTimer) clearInterval(dbPollTimer);
        taskEvents.off(`task:${taskId}`, onUpdate);
        res.end();
      };
      const emitIfChanged = (evt) => {
        if (closed) return;
        const snapshot = JSON.stringify(evt);
        if (snapshot === lastSnapshot) return;
        lastSnapshot = snapshot;
        res.write(`data: ${snapshot}\n\n`);
      };
      const onUpdate = (evt) => {
-        res.write(`data: ${JSON.stringify(evt)}\n\n`);
+        emitIfChanged(evt);
        if (["completed", "failed", "cancelled"].includes(evt.status)) {
-          res.end();
+          endStream();
        }
      };
      taskEvents.on(`task:${taskId}`, onUpdate);
      dbPollTimer = setInterval(() => {
        streamTaskStatusPoll(taskId, req.user.id, emitIfChanged)
          .then((result) => {
            if (!result.found || result.terminal) endStream();
          })
          .catch((pollErr) => {
            console.error(`[ai/task-stream] db poll failed for task ${taskId}:`, pollErr.message);
          });
      }, 3000);
      req.on("close", () => {
-        taskEvents.off(`task:${taskId}`, onUpdate);
+        endStream();
      });
    } catch (err) {
      if (!res.headersSent) res.status(err.name === "AbortError" ? 504 : 500).json({ error: err.name === "AbortError" ? "AI 上游响应超时，请重试" : err.message });
@@ -1771,9 +1860,13 @@ function registerAiRoutes(router) {
    if (!Number.isFinite(taskId)) return res.status(400).json({ error: "Invalid task id" });
    try {
-      const task = await cancelTask(taskId, req.user.id);
+      const { rows } = await pool.query(
-      if (!task) return res.status(404).json({ error: "Task not found or not in active state" });
+        "UPDATE generation_tasks SET status = 'cancelled', updated_at = NOW() WHERE id = $1 AND user_id = $2 AND status IN ('pending', 'running') RETURNING id, status",
-      res.json({ id: task.id, status: task.status });
+        [taskId, req.user.id],
      );
      if (rows.length === 0) return res.status(404).json({ error: "Task not found or not in active state" });
      await cancelTaskRuntimeState(taskId, keyManager);
      res.json({ id: rows[0].id, status: rows[0].status });
    } catch (err) {
      console.error("[ai/task-cancel] error:", err.message);
      res.status(500).json({ error: "取消任务失败" });
@@ -1931,7 +2024,12 @@ async function submitImageToProvider(taskDbId, providerConfig, slotResult, param
  const { headers, body } = buildImageRequest(providerConfig, params, slotResult.apiKey);
  await updateTaskInDb(taskDbId, { status: "running", progress: 10 });
-  const submitTimeout = providerConfig.transport === "gemini-image" ? GEMINI_IMAGE_SUBMIT_TIMEOUT_MS : IMAGE_PROVIDER_SUBMIT_TIMEOUT_MS;
+  const defaultSubmitTimeout = providerConfig.transport === "gemini-image"
    ? GEMINI_IMAGE_SUBMIT_TIMEOUT_MS
    : providerConfig.transport === "grsai-image"
      ? GRSAI_IMAGE_SUBMIT_TIMEOUT_MS
      : IMAGE_PROVIDER_SUBMIT_TIMEOUT_MS;
  const submitTimeout = getAdaptiveTimeout(providerConfig.provider, defaultSubmitTimeout);
  const response = await fetchWithTimeout(url, { method: "POST", headers, body: JSON.stringify(body) }, submitTimeout);
  if (!response.ok) {
    const errText = await response.text().catch(() => "provider error");
@@ -0,0 +1,519 @@
 "use strict";
 const { getUserContextById, requireAuth, verifyToken } = require("../auth");
 const { pool, withTransaction } = require("../db");
 const { loadBetaInviteCodes, normalizeBetaInviteCode } = require("../betaInviteCodes");
 const REVIEW_USERNAMES = new Set(["xqy1912"]);
 const EMAIL_PATTERN = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
 function cleanText(value, maxLength) {
  return String(value || "").trim().slice(0, maxLength);
 }
 function cleanTextArray(value, maxItems = 20, maxLength = 200) {
  if (!Array.isArray(value)) return [];
  return value.map((item) => cleanText(item, maxLength)).filter(Boolean).slice(0, maxItems);
 }
 function normalizeEmail(email) {
  return String(email || "").trim().toLowerCase();
 }
 function validateEmail(email) {
  const normalized = normalizeEmail(email);
  if (!normalized) return "请填写用于接收内测码的邮箱";
  if (!EMAIL_PATTERN.test(normalized)) return "邮箱格式不正确";
  return null;
 }
 function parseJson(value, fallback) {
  if (!value || typeof value !== "string") return fallback;
  try {
    return JSON.parse(value);
  } catch {
    return fallback;
  }
 }
 function safeJsonString(value, fallback) {
  try {
    return JSON.stringify(value ?? fallback);
  } catch {
    return JSON.stringify(fallback);
  }
 }
 function buildSmtpTransportOptions(scope) {
  const prefix = scope ? `${scope}_` : "";
  return {
    host: process.env[`${prefix}SMTP_HOST`] || process.env.SMTP_HOST,
    port: Number(process.env[`${prefix}SMTP_PORT`] || process.env.SMTP_PORT) || 587,
    secure: String(process.env[`${prefix}SMTP_SECURE`] || process.env.SMTP_SECURE || "") === "1",
    auth: {
      user: process.env[`${prefix}SMTP_USER`] || process.env.SMTP_USER,
      pass: process.env[`${prefix}SMTP_PASS`] || process.env.SMTP_PASS,
    },
  };
 }
 function formatEmailAddress(address, displayName) {
  const email = String(address || "").trim();
  const name = String(displayName || "").trim();
  if (!name) return email;
  const escapedName = name.replace(/"/g, '\\"');
  return `"${escapedName}" <${email}>`;
 }
 function getRequestIp(req) {
  const forwardedFor = String(req.headers["x-forwarded-for"] || "").split(",")[0].trim();
  return forwardedFor || req.socket?.remoteAddress || "";
 }
 async function optionalAuth(req, _res, next) {
  const authHeader = req.headers.authorization;
  if (!authHeader?.startsWith("Bearer ")) {
    next();
    return;
  }
  try {
    const payload = verifyToken(authHeader.slice(7));
    const user = await getUserContextById(payload.userId);
    if (user?.enabled) req.user = user;
  } catch {
    // Public application submission should still work without a valid session.
  }
  next();
 }
 function canReviewBetaApplications(user) {
  if (!user) return false;
  const role = String(user.role || "").trim().toLowerCase();
  const username = String(user.username || "").trim().toLowerCase();
  return role === "admin" || REVIEW_USERNAMES.has(username);
 }
 function requireBetaApplicationReviewer(req, res, next) {
  if (!canReviewBetaApplications(req.user)) {
    return res.status(403).json({ error: "无权审核内测申请" });
  }
  next();
 }
 async function ensureBetaApplicationSchema() {
  await pool.query(`
    CREATE TABLE IF NOT EXISTS beta_applications (
      id SERIAL PRIMARY KEY,
      user_id INTEGER REFERENCES users(id) ON DELETE SET NULL,
      name TEXT,
      email TEXT,
      phone TEXT,
      wechat TEXT,
      industry TEXT,
      company TEXT,
      city TEXT,
      ai_tools TEXT,
      ai_duration TEXT,
      ai_track TEXT,
      ai_direction_json TEXT NOT NULL DEFAULT '[]',
      weekly_usage TEXT,
      feedback_willing TEXT,
      want_feature_json TEXT NOT NULL DEFAULT '[]',
      self_statement TEXT,
      signature TEXT,
      application_date TEXT,
      agree_rules INTEGER NOT NULL DEFAULT 0,
      status TEXT NOT NULL DEFAULT 'pending',
      invite_code TEXT,
      review_note TEXT,
      reviewed_by INTEGER REFERENCES users(id) ON DELETE SET NULL,
      reviewed_at TIMESTAMPTZ,
      ip_address TEXT,
      user_agent TEXT,
      created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
      updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
    );
    CREATE INDEX IF NOT EXISTS idx_beta_applications_status_created
      ON beta_applications(status, created_at DESC);
    CREATE INDEX IF NOT EXISTS idx_beta_applications_user_created
      ON beta_applications(user_id, created_at DESC);
    ALTER TABLE beta_applications
      ADD COLUMN IF NOT EXISTS email TEXT;
    ALTER TABLE beta_applications
      ADD COLUMN IF NOT EXISTS application_date TEXT;
    CREATE INDEX IF NOT EXISTS idx_beta_applications_email
      ON beta_applications(LOWER(email));
  `);
 }
 function normalizeApplicationBody(body) {
  return {
    name: cleanText(body?.name, 120),
    email: normalizeEmail(body?.email),
    phone: cleanText(body?.phone, 60),
    wechat: cleanText(body?.wechat, 120),
    industry: cleanText(body?.industry, 160),
    company: cleanText(body?.company, 200),
    city: cleanText(body?.city, 120),
    aiTools: cleanText(body?.aiTools ?? body?.ai_tools, 1000),
    aiDuration: cleanText(body?.aiDuration ?? body?.ai_duration, 120),
    aiTrack: cleanText(body?.aiTrack ?? body?.ai_track, 160),
    aiDirection: cleanTextArray(body?.aiDirection ?? body?.ai_direction),
    weeklyUsage: cleanText(body?.weeklyUsage ?? body?.weekly_usage, 120),
    feedbackWilling: cleanText(body?.feedbackWilling ?? body?.feedback_willing, 160),
    wantFeature: cleanTextArray(body?.wantFeature ?? body?.want_feature),
    selfStatement: cleanText(body?.selfStatement ?? body?.self_statement, 5000),
    signature: cleanText(body?.signature, 120),
    applicationDate: cleanText(body?.applicationDate ?? body?.application_date, 120),
    agreeRules: body?.agreeRules === true || body?.agree_rules === true || body?.agreeRules === 1 || body?.agree_rules === 1,
  };
 }
 function formatApplication(row) {
  return {
    id: Number(row.id),
    userId: row.user_id == null ? null : Number(row.user_id),
    username: row.username || null,
    name: row.name || "",
    email: row.email || "",
    phone: row.phone || "",
    wechat: row.wechat || "",
    industry: row.industry || "",
    company: row.company || "",
    city: row.city || "",
    aiTools: row.ai_tools || "",
    aiDuration: row.ai_duration || "",
    aiTrack: row.ai_track || "",
    aiDirection: parseJson(row.ai_direction_json, []),
    weeklyUsage: row.weekly_usage || "",
    feedbackWilling: row.feedback_willing || "",
    wantFeature: parseJson(row.want_feature_json, []),
    selfStatement: row.self_statement || "",
    signature: row.signature || "",
    applicationDate: row.application_date || "",
    agreeRules: Boolean(row.agree_rules),
    status: row.status || "pending",
    inviteCode: row.invite_code || null,
    reviewNote: row.review_note || null,
    reviewedBy: row.reviewed_by == null ? null : Number(row.reviewed_by),
    reviewerUsername: row.reviewer_username || null,
    reviewedAt: row.reviewed_at || null,
    ipAddress: row.ip_address || null,
    userAgent: row.user_agent || null,
    createdAt: row.created_at,
    updatedAt: row.updated_at,
  };
 }
 async function selectApplicationById(client, id) {
  const { rows } = await client.query(
    `
    SELECT a.*, u.username, reviewer.username AS reviewer_username
    FROM beta_applications a
    LEFT JOIN users u ON u.id = a.user_id
    LEFT JOIN users reviewer ON reviewer.id = a.reviewed_by
    WHERE a.id = $1
    LIMIT 1
  `,
    [id],
  );
  return rows[0] || null;
 }
 async function issueNextBetaInviteCode(client) {
  const codes = Array.from(loadBetaInviteCodes()).map(normalizeBetaInviteCode).filter(Boolean).sort();
  for (const code of codes) {
    const { rows } = await client.query(
      `
      SELECT 1
      FROM beta_invite_code_uses
      WHERE code = $1
      UNION ALL
      SELECT 1
      FROM beta_applications
      WHERE invite_code = $1 AND status = 'approved'
      LIMIT 1
    `,
      [code],
    );
    if (rows.length === 0) return code;
  }
  return null;
 }
 async function createNotification(client, userId, input) {
  if (!userId) return;
  await client.query(
    `
    INSERT INTO web_notifications (
      user_id, type, title, description, target_type, target_id, metadata_json
    )
    VALUES ($1, $2, $3, $4, $5, $6, $7)
  `,
    [
      userId,
      input.type,
      input.title,
      input.description || null,
      input.targetType || "beta_application",
      input.targetId ? String(input.targetId) : null,
      safeJsonString(input.metadata, {}),
    ],
  );
 }
 function buildReviewEmailContent(application, action, inviteCode, reviewNote) {
  const name = application.name || "内测申请人";
  if (action === "approve") {
    const text = [
      `${name}，您好：`,
      "",
      "您的 OmniAI 内测申请已通过。",
      `内测码：${inviteCode}`,
      "",
      "请在注册页面填写该内测码完成账号注册。内测码仅限本人使用，请勿转发。",
      "",
      "OmniAI 团队",
    ].join("\n");
    const html = `
      <div style="font-family:Arial,'Microsoft YaHei',sans-serif;max-width:560px;margin:0 auto;padding:24px;color:#222">
        <h2 style="margin:0 0 16px;color:#166534">OmniAI 内测申请已通过</h2>
        <p>${name}，您好：</p>
        <p>您的 OmniAI 内测申请已通过。</p>
        <p style="padding:14px 16px;background:#f0fdf4;border:1px solid #bbf7d0;border-radius:8px;font-size:20px;font-weight:700;letter-spacing:1px;color:#166534">内测码：${inviteCode}</p>
        <p>请在注册页面填写该内测码完成账号注册。内测码仅限本人使用，请勿转发。</p>
        <p style="margin-top:24px;color:#666">OmniAI 团队</p>
      </div>
    `;
    return { subject: "[OmniAI] 内测申请已通过", text, html };
  }
  const reason = reviewNote || "很遗憾，您的内测申请暂未通过。";
  const text = [
    `${name}，您好：`,
    "",
    "您未通过 OmniAI 内测申请。",
    `审核备注：${reason}`,
    "",
    "感谢您的关注。",
    "",
    "OmniAI 团队",
  ].join("\n");
  const html = `
    <div style="font-family:Arial,'Microsoft YaHei',sans-serif;max-width:560px;margin:0 auto;padding:24px;color:#222">
      <h2 style="margin:0 0 16px;color:#991b1b">OmniAI 内测申请未通过</h2>
      <p>${name}，您好：</p>
      <p>您未通过 OmniAI 内测申请。</p>
      <p style="padding:12px 14px;background:#fef2f2;border:1px solid #fecaca;border-radius:8px;color:#7f1d1d">审核备注：${reason}</p>
      <p>感谢您的关注。</p>
      <p style="margin-top:24px;color:#666">OmniAI 团队</p>
    </div>
  `;
  return { subject: "[OmniAI] 内测申请未通过", text, html };
 }
 async function sendBetaApplicationReviewEmail(application, action, inviteCode, reviewNote) {
  const email = normalizeEmail(application.email);
  const emailError = validateEmail(email);
  if (emailError) {
    const err = new Error(`申请邮箱无效，无法发送审核结果：${emailError}`);
    err.status = 409;
    throw err;
  }
  const provider = String(process.env.EMAIL_PROVIDER || "mock").trim().toLowerCase();
  const content = buildReviewEmailContent(application, action, inviteCode, reviewNote);
  if (provider === "smtp") {
    const nodemailer = require("nodemailer");
    const smtpOptions = buildSmtpTransportOptions("BETA");
    const transporter = nodemailer.createTransport(smtpOptions);
    const fromAddress = process.env.BETA_SMTP_FROM || process.env.SMTP_FROM || smtpOptions.auth.user;
    const fromName = process.env.BETA_SMTP_FROM_NAME || process.env.SMTP_FROM_NAME || "万物可爱";
    await transporter.sendMail({
      from: formatEmailAddress(fromAddress, fromName),
      to: email,
      subject: content.subject,
      text: content.text,
      html: content.html,
    });
    return { provider: "smtp" };
  }
  console.log(`[beta-application-email:${action}] ${email} ${content.subject}`);
  return { provider: "mock" };
 }
 function registerBetaApplicationRoutes(router) {
  router.post("/beta-applications", optionalAuth, async (req, res) => {
    try {
      await ensureBetaApplicationSchema();
      const app = normalizeApplicationBody(req.body);
      const emailError = validateEmail(app.email);
      if (!app.name || emailError || !app.phone || !app.wechat || !app.selfStatement || !app.signature || !app.applicationDate || !app.agreeRules) {
        return res.status(400).json({ error: emailError || "请填写姓名、手机号、微信、申请自述、签名、申请日期并同意内测规则" });
      }
      const { rows } = await pool.query(
        `
        INSERT INTO beta_applications (
          user_id, name, email, phone, wechat, industry, company, city,
          ai_tools, ai_duration, ai_track, ai_direction_json,
          weekly_usage, feedback_willing, want_feature_json,
          self_statement, signature, application_date, agree_rules, ip_address, user_agent
        )
        VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, $19, $20, $21)
        RETURNING id, status, created_at
      `,
        [
          req.user?.id || null,
          app.name,
          app.email,
          app.phone,
          app.wechat,
          app.industry || null,
          app.company || null,
          app.city || null,
          app.aiTools || null,
          app.aiDuration || null,
          app.aiTrack || null,
          safeJsonString(app.aiDirection, []),
          app.weeklyUsage || null,
          app.feedbackWilling || null,
          safeJsonString(app.wantFeature, []),
          app.selfStatement,
          app.signature,
          app.applicationDate,
          app.agreeRules ? 1 : 0,
          getRequestIp(req),
          cleanText(req.headers["user-agent"], 1000) || null,
        ],
      );
      res.status(201).json({
        application: {
          id: rows[0].id,
          status: rows[0].status,
          createdAt: rows[0].created_at,
        },
      });
    } catch (err) {
      console.error("[beta-applications] create failed:", err.message);
      res.status(500).json({ error: "提交内测申请失败" });
    }
  });
  router.get("/admin/beta-applications", requireAuth, requireBetaApplicationReviewer, async (req, res) => {
    try {
      await ensureBetaApplicationSchema();
      const status = cleanText(req.query.status, 32);
      const params = [];
      const where = [];
      if (status) {
        params.push(status);
        where.push(`a.status = $${params.length}`);
      }
      const { rows } = await pool.query(
        `
        SELECT a.*, u.username, reviewer.username AS reviewer_username
        FROM beta_applications a
        LEFT JOIN users u ON u.id = a.user_id
        LEFT JOIN users reviewer ON reviewer.id = a.reviewed_by
        ${where.length ? `WHERE ${where.join(" AND ")}` : ""}
        ORDER BY
          CASE a.status WHEN 'pending' THEN 0 WHEN 'approved' THEN 1 ELSE 2 END,
          a.created_at DESC
        LIMIT 300
      `,
        params,
      );
      res.json({ applications: rows.map(formatApplication) });
    } catch (err) {
      console.error("[admin/beta-applications] list failed:", err.message);
      res.status(500).json({ error: "读取内测申请失败" });
    }
  });
  router.patch("/admin/beta-applications/:id", requireAuth, requireBetaApplicationReviewer, async (req, res) => {
    const id = Number(req.params.id);
    const action = cleanText(req.body?.action, 32);
    const reviewNote = cleanText(req.body?.reviewNote ?? req.body?.review_note, 1000) || null;
    if (!Number.isFinite(id)) return res.status(400).json({ error: "申请 ID 不正确" });
    if (action !== "approve" && action !== "reject") return res.status(400).json({ error: "审核动作不正确" });
    try {
      await ensureBetaApplicationSchema();
      const application = await withTransaction(async (client) => {
        const current = await selectApplicationById(client, id);
        if (!current) {
          const err = new Error("申请不存在");
          err.status = 404;
          throw err;
        }
        if (current.status !== "pending") {
          const err = new Error("该申请已审核");
          err.status = 409;
          throw err;
        }
        let inviteCode = null;
        if (action === "approve") {
          inviteCode = await issueNextBetaInviteCode(client);
          if (!inviteCode) {
            const err = new Error("暂无可用内测码，请先补充内测码");
            err.status = 409;
            throw err;
          }
        }
        const { rows } = await client.query(
          `
          UPDATE beta_applications
          SET status = $1,
              invite_code = $2,
              review_note = $3,
              reviewed_by = $4,
              reviewed_at = NOW(),
              updated_at = NOW()
          WHERE id = $5
          RETURNING *
        `,
          [action === "approve" ? "approved" : "rejected", inviteCode, reviewNote, req.user.id, id],
        );
        const updated = rows[0];
        await sendBetaApplicationReviewEmail(updated, action, inviteCode, reviewNote);
        if (updated.user_id) {
          if (action === "approve") {
            await createNotification(client, updated.user_id, {
              type: "review_passed",
              title: "内测申请已通过",
              description: `您的内测申请已通过，内测码：${inviteCode}`,
              targetId: updated.id,
              metadata: { inviteCode },
            });
          } else {
            await createNotification(client, updated.user_id, {
              type: "review_rejected",
              title: "您未通过内测申请",
              description: reviewNote || "很遗憾，您的内测申请暂未通过。",
              targetId: updated.id,
            });
          }
        }
        return selectApplicationById(client, id);
      });
      res.json({ application: formatApplication(application) });
    } catch (err) {
      const status = Number(err.status || 500);
      if (status >= 400 && status < 500) return res.status(status).json({ error: err.message });
      console.error("[admin/beta-applications] review failed:", err.message);
      res.status(500).json({ error: "审核内测申请失败" });
    }
  });
 }
 module.exports = { registerBetaApplicationRoutes, canReviewBetaApplications };
@@ -0,0 +1,96 @@
 const express = require("express");
 const { requireAuth, requireAdmin } = require("../auth");
 const { pool } = require("../db");
 const { creditUserBalance } = require("../billing");
 const router = express.Router();
 router.post("/bug-feedback", requireAuth, async (req, res) => {
  const userId = req.user.id;
  const { title, description, screenshotUrl } = req.body;
  if (!title || String(title).trim().length === 0) return res.status(400).json({ error: "标题不能为空" });
  if (!description || String(description).trim().length === 0) return res.status(400).json({ error: "描述不能为空" });
  if (String(title).length > 200) return res.status(400).json({ error: "标题不能超过200字" });
  if (String(description).length > 5000) return res.status(400).json({ error: "描述不能超过5000字" });
  try {
    const result = await pool.query(
      `INSERT INTO bug_feedback (user_id, title, description, screenshot_url) VALUES ($1, $2, $3, $4) RETURNING id, status, created_at`,
      [userId, String(title).trim(), String(description).trim(), screenshotUrl || null]
    );
    res.json({ feedback: { id: result.rows[0].id, status: result.rows[0].status, createdAt: result.rows[0].created_at } });
  } catch (err) {
    console.error("[bug-feedback] submit failed:", err.message);
    res.status(500).json({ error: "提交失败，请稍后重试" });
  }
 });
 router.get("/bug-feedback/mine", requireAuth, async (req, res) => {
  const userId = req.user.id;
  try {
    const result = await pool.query(
      `SELECT id, title, description, screenshot_url, status, admin_note, created_at FROM bug_feedback WHERE user_id = $1 ORDER BY created_at DESC LIMIT 50`,
      [userId]
    );
    res.json({ feedbacks: result.rows.map(r => ({ id: r.id, title: r.title, description: r.description, screenshotUrl: r.screenshot_url, status: r.status, adminNote: r.admin_note, createdAt: r.created_at })) });
  } catch (err) {
    console.error("[bug-feedback] list mine failed:", err.message);
    res.status(500).json({ error: "获取反馈列表失败" });
  }
 });
 router.get("/admin/bug-feedback", requireAuth, requireAdmin, async (req, res) => {
  const status = req.query.status || null;
  const limit = Math.min(Number(req.query.limit) || 20, 100);
  const offset = Number(req.query.offset) || 0;
  try {
    const where = status ? "WHERE bf.status = $1" : "";
    const params = status ? [status, limit, offset] : [limit, offset];
    const countWhere = status ? "WHERE status = $1" : "";
    const countParams = status ? [status] : [];
    const [dataRes, countRes] = await Promise.all([
      pool.query(`SELECT bf.id, bf.title, bf.description, bf.screenshot_url, bf.status, bf.admin_note, bf.reward_credited, bf.created_at, u.username FROM bug_feedback bf JOIN users u ON u.id = bf.user_id ${where} ORDER BY bf.created_at DESC LIMIT $${status ? 2 : 1} OFFSET $${status ? 3 : 2}`, params),
      pool.query(`SELECT COUNT(*)::int AS total FROM bug_feedback ${countWhere}`, countParams),
    ]);
    res.json({
      feedbacks: dataRes.rows.map(r => ({ id: r.id, title: r.title, description: r.description, screenshotUrl: r.screenshot_url, status: r.status, adminNote: r.admin_note, rewardCredited: r.reward_credited, username: r.username, createdAt: r.created_at })),
      total: countRes.rows[0].total,
    });
  } catch (err) {
    console.error("[admin/bug-feedback] list failed:", err.message);
    res.status(500).json({ error: "获取反馈列表失败" });
  }
 });
 router.patch("/admin/bug-feedback/:id", requireAuth, requireAdmin, async (req, res) => {
  const feedbackId = Number(req.params.id);
  const { status, adminNote } = req.body;
  if (!["approved", "rejected"].includes(status)) return res.status(400).json({ error: "状态只能是 approved 或 rejected" });
  const client = await pool.connect();
  try {
    await client.query("BEGIN");
    const existing = await client.query("SELECT id, user_id, status, reward_credited FROM bug_feedback WHERE id = $1 FOR UPDATE", [feedbackId]);
    if (existing.rows.length === 0) { await client.query("ROLLBACK"); return res.status(404).json({ error: "反馈不存在" }); }
    const row = existing.rows[0];
    await client.query("UPDATE bug_feedback SET status = $1, admin_note = $2, updated_at = NOW() WHERE id = $3", [status, adminNote || null, feedbackId]);
    let rewardCredited = row.reward_credited;
    if (status === "approved" && !row.reward_credited) {
      await creditUserBalance(row.user_id, 100, "Bug反馈奖励 1 积分");
      await client.query("UPDATE bug_feedback SET reward_credited = TRUE WHERE id = $1", [feedbackId]);
      rewardCredited = true;
    }
    await client.query("COMMIT");
    res.json({ success: true, rewardCredited });
  } catch (err) {
    await client.query("ROLLBACK");
    console.error("[admin/bug-feedback] patch failed:", err.message);
    res.status(500).json({ error: "操作失败" });
  } finally {
    client.release();
  }
 });
 module.exports = router;
@@ -32,6 +32,8 @@ const {
  getUserEnterpriseId,
  getEnterpriseName,
  preauthorizeCall,
  creditsToCreditUnits,
  formatCreditsFromCents,
 } = require("../billing");
 const wechatPay = require("../paymentWechat");
 const alipay = require("../paymentAlipay");
@@ -210,28 +212,123 @@ function hashEmailCode(email, code) {
  return crypto.createHash("sha256").update(email + ":" + code + ":" + secret).digest("hex");
 }
 function buildSmtpTransportOptions(scope) {
  const prefix = scope ? `${scope}_` : "";
  return {
    host: process.env[`${prefix}SMTP_HOST`] || process.env.SMTP_HOST,
    port: Number(process.env[`${prefix}SMTP_PORT`] || process.env.SMTP_PORT) || 587,
    secure: String(process.env[`${prefix}SMTP_SECURE`] || process.env.SMTP_SECURE || "") === "1",
    auth: {
      user: process.env[`${prefix}SMTP_USER`] || process.env.SMTP_USER,
      pass: process.env[`${prefix}SMTP_PASS`] || process.env.SMTP_PASS,
    },
  };
 }
 function formatEmailAddress(address, displayName) {
  const email = String(address || "").trim();
  const name = String(displayName || "").trim();
  if (!name) return email;
  const escapedName = name.replace(/"/g, '\\"');
  return `"${escapedName}" <${email}>`;
 }
 function escapeEmailHtml(value) {
  return String(value || "")
    .replace(/&/g, "&amp;")
    .replace(/</g, "&lt;")
    .replace(/>/g, "&gt;")
    .replace(/"/g, "&quot;");
 }
 function buildEmailCodeContent(code, purpose) {
  const purposeText = purpose === "register" ? "注册" : purpose === "login" ? "登录" : "重置密码";
  const ttlText = String(EMAIL_CODE_TTL_MINUTES);
  const safeCode = escapeEmailHtml(code);
  const safePurposeText = escapeEmailHtml(purposeText);
  const preheader = `您的 OmniAI ${purposeText}验证码是 ${code}，${ttlText} 分钟内有效。`;
  return {
    subject: "[OmniAI] 邮箱验证码",
    text:
      `您的验证码是：${code}\n` +
      `用途：${purposeText}\n` +
      `有效期：${ttlText} 分钟\n` +
      "请勿将验证码转发给他人。如非本人操作，请忽略此邮件。",
    html: `<!doctype html>
 <html lang="zh-CN">
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>OmniAI 邮箱验证码</title>
  </head>
  <body style="margin:0;padding:0;background:#f4f7fb;color:#1f2937;font-family:-apple-system,BlinkMacSystemFont,'Segoe UI','PingFang SC','Microsoft YaHei',Arial,sans-serif;">
    <div style="display:none;max-height:0;overflow:hidden;opacity:0;color:transparent;">${escapeEmailHtml(preheader)}</div>
    <table role="presentation" width="100%" cellspacing="0" cellpadding="0" style="width:100%;background:#f4f7fb;margin:0;padding:28px 12px;">
      <tr>
        <td align="center">
          <table role="presentation" width="100%" cellspacing="0" cellpadding="0" style="width:100%;max-width:560px;background:#ffffff;border-radius:16px;overflow:hidden;border:1px solid #e5ebf3;box-shadow:0 18px 45px rgba(31,41,55,0.08);">
            <tr>
              <td style="padding:28px 28px 20px;background:#101827;color:#ffffff;">
                <div style="font-size:13px;letter-spacing:2px;text-transform:uppercase;color:#a7f3d0;font-weight:700;">OmniAI</div>
                <h1 style="margin:10px 0 0;font-size:24px;line-height:1.35;font-weight:800;color:#ffffff;">万物可爱邮箱验证</h1>
                <p style="margin:10px 0 0;font-size:14px;line-height:1.8;color:#cbd5e1;">请使用下方验证码完成${safePurposeText}操作。</p>
              </td>
            </tr>
            <tr>
              <td style="padding:28px;">
                <div style="border:1px solid #dbe6f4;background:#f8fbff;border-radius:14px;padding:22px 18px;text-align:center;">
                  <div style="font-size:13px;color:#64748b;margin-bottom:10px;">验证码</div>
                  <div style="font-size:38px;line-height:1.2;letter-spacing:8px;font-weight:800;color:#0f766e;font-family:'SFMono-Regular',Consolas,'Liberation Mono',monospace;">${safeCode}</div>
                  <div style="font-size:13px;color:#64748b;margin-top:14px;">${ttlText} 分钟内有效</div>
                </div>
                <table role="presentation" width="100%" cellspacing="0" cellpadding="0" style="margin-top:22px;border-collapse:collapse;">
                  <tr>
                    <td style="padding:12px 0;border-bottom:1px solid #edf2f7;color:#64748b;font-size:14px;">用途</td>
                    <td align="right" style="padding:12px 0;border-bottom:1px solid #edf2f7;color:#111827;font-size:14px;font-weight:700;">${safePurposeText}</td>
                  </tr>
                  <tr>
                    <td style="padding:12px 0;border-bottom:1px solid #edf2f7;color:#64748b;font-size:14px;">有效期</td>
                    <td align="right" style="padding:12px 0;border-bottom:1px solid #edf2f7;color:#111827;font-size:14px;font-weight:700;">${ttlText} 分钟</td>
                  </tr>
                </table>
                <div style="margin-top:22px;padding:14px 16px;border-radius:12px;background:#fff7ed;border:1px solid #fed7aa;color:#9a3412;font-size:13px;line-height:1.8;">
                  请勿将验证码转发给他人。万物可爱工作人员不会向您索要邮箱验证码。
                </div>
                <p style="margin:22px 0 0;color:#64748b;font-size:13px;line-height:1.8;">如果不是您本人操作，可以直接忽略此邮件。</p>
              </td>
            </tr>
            <tr>
              <td style="padding:18px 28px;background:#f8fafc;border-top:1px solid #edf2f7;color:#94a3b8;font-size:12px;line-height:1.7;text-align:center;">
                此邮件由系统自动发送，请勿直接回复。<br>OmniAI · 万物可爱
              </td>
            </tr>
          </table>
        </td>
      </tr>
    </table>
  </body>
 </html>`,
  };
 }
 async function sendEmailCode(email, code, purpose) {
  const provider = String(process.env.EMAIL_PROVIDER || "mock").trim().toLowerCase();
  if (provider === "smtp") {
    const nodemailer = require("nodemailer");
-    const transporter = nodemailer.createTransport({
+    const smtpOptions = buildSmtpTransportOptions("SYSTEM");
-      host: process.env.SMTP_HOST,
+    const transporter = nodemailer.createTransport(smtpOptions);
-      port: Number(process.env.SMTP_PORT) || 587,
+    const fromAddress = process.env.SYSTEM_SMTP_FROM || process.env.SMTP_FROM || smtpOptions.auth.user;
-      secure: process.env.SMTP_SECURE === "1",
+    const fromName = process.env.SYSTEM_SMTP_FROM_NAME || process.env.SMTP_FROM_NAME || "万物可爱";
      auth: {
        user: process.env.SMTP_USER,
        pass: process.env.SMTP_PASS,
      },
    });
-    const purposeText = purpose === "register" ? "注册" : purpose === "login" ? "登录" : "重置密码";
+    const content = buildEmailCodeContent(code, purpose);
    await transporter.sendMail({
-      from: process.env.SMTP_FROM || process.env.SMTP_USER,
+      from: formatEmailAddress(fromAddress, fromName),
      to: email,
-      subject: "[OmniAI] \u90ae\u7bb1\u9a8c\u8bc1\u7801",
+      subject: content.subject,
-      text: "\u60a8\u7684\u9a8c\u8bc1\u7801\u662f\uff1a" + code + "\n\u7528\u9014\uff1a" + purposeText + "\n\u6709\u6548\u671f\uff1a" + String(process.env.EMAIL_CODE_TTL_MINUTES || 10) + " \u5206\u949f\n\u5982\u679c\u4e0d\u662f\u60a8\u672c\u4eba\u64cd\u4f5c\uff0c\u8bf7\u5ffd\u7565\u6b64\u90ae\u4ef6\u3002",
+      text: content.text,
-      html: "<div style=\"font-family:sans-serif;max-width:480px;margin:0 auto;padding:24px\"><h2 style=\"color:#333\">OmniAI \u90ae\u7bb1\u9a8c\u8bc1</h2><p style=\"font-size:16px;color:#555\">\u60a8\u7684\u9a8c\u8bc1\u7801\u662f\uff1a</p><p style=\"font-size:32px;font-weight:bold;letter-spacing:6px;color:#1677ff;margin:16px 0\">" + code + "</p><p style=\"color:#888\">\u7528\u9014\uff1a" + purposeText + "</p><p style=\"color:#888\">\u6709\u6548\u671f\uff1a" + String(process.env.EMAIL_CODE_TTL_MINUTES || 10) + " \u5206\u949f</p><hr style=\"border:none;border-top:1px solid #eee;margin:24px 0\"><p style=\"color:#aaa;font-size:13px\">\u5982\u679c\u4e0d\u662f\u60a8\u672c\u4eba\u64cd\u4f5c\uff0c\u8bf7\u5ffd\u7565\u6b64\u90ae\u4ef6\u3002</p></div>",
+      html: content.html,
    });
    return { provider: "smtp" };
  }
@@ -793,6 +890,8 @@ module.exports = {
  getUserEnterpriseId,
  getEnterpriseName,
  preauthorizeCall,
  creditsToCreditUnits,
  formatCreditsFromCents,
  wechatPay,
  alipay,
  crypto,
@@ -2,6 +2,7 @@ const {
  requireAuth,
  requireEnterpriseAdmin,
  distributeCredits,
  creditsToCreditUnits,
  getEnterpriseFinancials,
  getEnterpriseName,
  pool,
@@ -302,25 +303,33 @@ function registerEnterpriseRoutes(router) {
  });
  router.post("/enterprise/distribute", requireAuth, requireEnterpriseAdmin, async (req, res) => {
-    const { userId, amountCents, distributions } = req.body;
+    const { userId, amountCredits, amountCents, distributions } = req.body;
    try {
      if (distributions && Array.isArray(distributions)) {
        for (const d of distributions) {
-          if (!d.userId || !d.amountCents || d.amountCents <= 0) {
+          const creditUnits =
            d.amountCredits !== undefined && d.amountCredits !== null && d.amountCredits !== ""
              ? creditsToCreditUnits(d.amountCredits)
              : Number(d.amountCents);
          if (!d.userId || !creditUnits || creditUnits <= 0) {
            return res
              .status(400)
-              .json({ error: "每条分发记录必须包含有效的 userId 和 amountCents" });
+              .json({ error: "每条分发记录必须包含有效的 userId 和 amountCredits" });
          }
-          await distributeCredits(req.user.enterpriseId, d.userId, d.amountCents, req.user.id);
+          await distributeCredits(req.user.enterpriseId, d.userId, creditUnits, req.user.id);
        }
        res.json({ success: true, count: distributions.length });
-      } else if (userId && amountCents) {
+      } else if (userId && (amountCredits || amountCents)) {
-        if (amountCents <= 0) return res.status(400).json({ error: "分发积分必须大于0" });
+        const creditUnits =
          amountCredits !== undefined && amountCredits !== null && amountCredits !== ""
            ? creditsToCreditUnits(amountCredits)
            : Number(amountCents);
        if (!creditUnits || creditUnits <= 0) return res.status(400).json({ error: "分发积分必须大于0" });
        const result = await distributeCredits(
          req.user.enterpriseId,
          userId,
-          amountCents,
+          creditUnits,
          req.user.id,
        );
        res.json({ success: true, ...result });
@@ -349,7 +358,7 @@ function registerEnterpriseRoutes(router) {
        u.username,
        u.balance_cents AS current_balance_cents,
        COUNT(acl.id) AS total_calls,
-        COALESCE(SUM(CASE WHEN acl.cost_estimate IS NOT NULL THEN CAST(ROUND((acl.cost_estimate * 100)::numeric) AS INTEGER) ELSE 0 END), 0) AS total_cost_cents,
+        COALESCE(SUM(CASE WHEN acl.cost_estimate IS NOT NULL THEN CAST(ROUND((acl.cost_estimate * 10000)::numeric) AS INTEGER) ELSE 0 END), 0) AS total_cost_cents,
        MAX(acl.created_at) AS last_active
      FROM users u
      LEFT JOIN api_call_logs acl ON acl.user_id = u.id AND acl.status = 'success'
@@ -17,9 +17,11 @@ const { registerConversationRoutes } = require('./conversations')
 const { registerReportRoutes } = require('./reports')
 const { registerAssetRoutes } = require('./assets')
 const { registerNotificationRoutes } = require('./notifications')
 const { registerBetaApplicationRoutes } = require('./betaApplications')
 const { registerDraftRoutes } = require('./drafts');
 const { registerFileExtractRoutes } = require('./fileExtract');
 const mountClientErrorRoutes = require('./clientErrors')
 const bugFeedbackRouter = require("./bugFeedback")
 const router = express.Router()
@@ -48,8 +50,10 @@ registerConversationRoutes(router)
 registerReportRoutes(router)
 registerAssetRoutes(router)
 registerNotificationRoutes(router)
 registerBetaApplicationRoutes(router)
 registerDraftRoutes(router)
 registerFileExtractRoutes(router)
 router.use(bugFeedbackRouter)
 registerHealthRoutes(router)
 module.exports = router
@@ -1,11 +1,16 @@
 const { keyManager, listModelPrices, pool } = require("./context");
 const { getEnterpriseVideoPricingConfig } = require("../enterpriseVideoBilling");
 function registerPriceRoutes(router) {
  // ── Public ───────────────────────────────────────────────────────────
  router.get("/prices", async (_req, res) => {
    const prices = await listModelPrices({ enabledOnly: true });
-    res.json(prices);
+    res.json({
      prices,
      modelPrices: prices,
      enterpriseVideoPricing: getEnterpriseVideoPricingConfig(),
    });
  });
 }
@@ -136,8 +136,8 @@ function registerUserRoutes(router) {
           CASE
             WHEN billing_refunded = 1 THEN 0
             WHEN cost_cents > 0 THEN cost_cents
-             WHEN status = 'completed' AND type = 'image' THEN 20
+             WHEN status = 'completed' AND type = 'image' THEN 2000
-             WHEN status = 'completed' AND type = 'video' THEN 500
+             WHEN status = 'completed' AND type = 'video' THEN 50000
             ELSE 0
           END
         ), 0) AS used_cents
@@ -162,7 +162,7 @@ function registerUserRoutes(router) {
        resolution = params.resolution || params.quality || params.ratio || null;
        if (row.status === "completed") {
          if (row.type === "image") {
-            estimatedCents = 20;
+            estimatedCents = 2000;
          } else if (row.type === "video") {
            const dur = params.duration || 5;
            const res = String(params.resolution || params.quality || "").toUpperCase();
@@ -172,7 +172,7 @@ function registerUserRoutes(router) {
            else if (model.includes("wan2.7-i2v") || model.includes("wanxiang")) rate = res === "720P" ? 0.6 : 1;
            else if (model.includes("animate-mix") || model.includes("s2v")) rate = res === "720P" ? 0.6 : 1;
            else if (model.includes("kling")) rate = res === "720P" ? 0.6 : 0.8;
-            estimatedCents = Math.ceil(rate * dur * 100);
+            estimatedCents = Math.ceil(rate * dur * 10000);
          }
        }
      } catch {
@@ -209,8 +209,8 @@ function registerUserRoutes(router) {
           CASE
             WHEN billing_refunded = 1 THEN 0
             WHEN cost_cents > 0 THEN cost_cents
-             WHEN status = 'completed' AND type = 'image' THEN 20
+             WHEN status = 'completed' AND type = 'image' THEN 2000
-             WHEN status = 'completed' AND type = 'video' THEN 500
+             WHEN status = 'completed' AND type = 'video' THEN 50000
             ELSE 0
           END
         ), 0) AS used_cents
@@ -0,0 +1,134 @@
 "use strict";
 const PROGRESS_SOURCE_REAL = "real";
 const PROGRESS_SOURCE_ESTIMATED = "estimated";
 const DEFAULT_IMAGE_EXPECTED_DURATION_MS = 120_000;
 const DEFAULT_VIDEO_EXPECTED_DURATION_MS = 240_000;
 const DEFAULT_SUPER_RESOLUTION_EXPECTED_DURATION_MS = 180_000;
 function parseTaskParams(value) {
  if (!value) return {};
  if (typeof value === "object" && !Array.isArray(value)) return value;
  if (typeof value !== "string") return {};
  try {
    const parsed = JSON.parse(value);
    return parsed && typeof parsed === "object" && !Array.isArray(parsed) ? parsed : {};
  } catch {
    return {};
  }
 }
 function normalizeProgressSource(value) {
  const source = String(value || "").trim().toLowerCase();
  if (source === PROGRESS_SOURCE_REAL) return PROGRESS_SOURCE_REAL;
  if (source === PROGRESS_SOURCE_ESTIMATED) return PROGRESS_SOURCE_ESTIMATED;
  return null;
 }
 function inferProgressSource(row) {
  const explicit = normalizeProgressSource(row?.progress_source || row?.progressSource);
  if (explicit) return explicit;
  if (row?.status === "completed") return PROGRESS_SOURCE_REAL;
  return PROGRESS_SOURCE_ESTIMATED;
 }
 function normalizePositiveNumber(value) {
  const numeric = Number(value);
  return Number.isFinite(numeric) && numeric > 0 ? numeric : null;
 }
 function normalizeProgress(value, status) {
  if (status === "completed") return 100;
  const numeric = Number(value);
  if (!Number.isFinite(numeric)) return 0;
  return Math.max(0, Math.min(100, Math.round(numeric)));
 }
 function getExpectedImageDurationMs(model, params) {
  const normalized = String(model || "").toLowerCase();
  let durationMs = DEFAULT_IMAGE_EXPECTED_DURATION_MS;
  if (normalized.includes("nano-banana-pro")) durationMs = 220_000;
  else if (normalized.includes("nano-banana-2")) durationMs = 180_000;
  else if (normalized.includes("nano-banana-fast")) durationMs = 90_000;
  else if (normalized.includes("wan2.7-image-pro")) durationMs = 180_000;
  else if (normalized.includes("wan2.7-image")) durationMs = 120_000;
  else if (normalized.includes("gpt-image")) durationMs = 120_000;
  const referenceCount = Array.isArray(params.referenceUrls) ? params.referenceUrls.filter(Boolean).length : 0;
  if (referenceCount > 0) durationMs += Math.min(60_000, referenceCount * 15_000);
  return durationMs;
 }
 function getExpectedVideoDurationMs(model, params) {
  const normalized = String(model || "").toLowerCase();
  const seconds = normalizePositiveNumber(params.duration || params.durationSeconds) || 5;
  let durationMs = DEFAULT_VIDEO_EXPECTED_DURATION_MS;
  if (normalized.includes("kling")) durationMs = 300_000;
  else if (normalized.includes("happyhorse")) durationMs = 240_000;
  else if (normalized.includes("wan2.7") || normalized.includes("wanxiang")) durationMs = 240_000;
  else if (normalized.includes("vidu") || normalized.includes("pixverse")) durationMs = 240_000;
  else if (normalized.includes("aliyun-video-super-resolve") || normalized.includes("video-style-transform")) {
    durationMs = DEFAULT_SUPER_RESOLUTION_EXPECTED_DURATION_MS;
  }
  if (seconds > 5) durationMs += Math.min(240_000, Math.ceil(seconds - 5) * 20_000);
  return durationMs;
 }
 function getExpectedDurationMs(rowOrTask) {
  const params = parseTaskParams(rowOrTask?.params_json || rowOrTask?.params);
  const model = params.requestedModel || params.model || rowOrTask?.model || "";
  if (params.operation === "image-edit" || params.function || String(model).includes("imageedit")) {
    return DEFAULT_SUPER_RESOLUTION_EXPECTED_DURATION_MS;
  }
  if (rowOrTask?.type === "video") return getExpectedVideoDurationMs(model, params);
  return getExpectedImageDurationMs(model, params);
 }
 function deriveTaskStage(row) {
  const status = String(row?.status || "");
  if (status === "pending") return "\u6392\u961f\u4e2d";
  if (status === "completed") return "\u5b8c\u6210";
  if (status === "failed") return "\u5931\u8d25";
  if (status === "cancelled") return "\u5df2\u53d6\u6d88";
  if (status !== "running") return "\u5904\u7406\u4e2d";
  const progress = Number(row?.progress || 0);
  if (progress >= 90) return "\u7ed3\u679c\u5904\u7406\u4e2d";
  if (progress >= 15) return "\u751f\u6210\u4e2d";
  return "\u5df2\u63d0\u4ea4";
 }
 function formatTaskProgressPayload(row) {
  const progress = normalizeProgress(row.progress, row.status);
  return {
    taskId: row.id,
    status: row.status,
    progress,
    progressSource: inferProgressSource(row),
    stage: deriveTaskStage(row),
    startedAt: row.created_at,
    expectedDurationMs: getExpectedDurationMs(row),
    resultUrl: row.result_url || null,
    error: row.error || null,
  };
 }
 module.exports = {
  DEFAULT_IMAGE_EXPECTED_DURATION_MS,
  DEFAULT_SUPER_RESOLUTION_EXPECTED_DURATION_MS,
  DEFAULT_VIDEO_EXPECTED_DURATION_MS,
  PROGRESS_SOURCE_ESTIMATED,
  PROGRESS_SOURCE_REAL,
  deriveTaskStage,
  formatTaskProgressPayload,
  getExpectedDurationMs,
  inferProgressSource,
  normalizeProgressSource,
  parseTaskParams,
 };
Author	SHA1	Message	Date
stringadmin	9a6e373181	Expose task progress contract	2026-06-10 16:20:11 +08:00
stringadmin	00eba3e209	Expose enterprise video pricing config	2026-06-10 14:27:42 +08:00
stringadmin	ca84754bd2	fix: feed provider health into circuit breaker	2026-06-09 12:02:29 +08:00
stringadmin	f9da506017	fix: harden provider polling recovery	2026-06-09 11:32:53 +08:00
stringadmin	1166811ee4	fix: harden clustered task status updates	2026-06-08 20:57:55 +08:00
stringadmin	47b7bff2ac	Add beta email review and task safeguards	2026-06-08 18:30:20 +08:00
stringadmin	6f8658bf85	Require auth for beta application review routes	2026-06-08 16:20:45 +08:00
stringadmin	9d604b5dd9	Restore image generation charge to 20 credits	2026-06-08 16:07:01 +08:00
stringadmin	071a98bd96	Scale generation billing charges to 1-to-100 credits	2026-06-08 16:03:49 +08:00
stringadmin	0f94010104	Use latest login session as active device	2026-06-08 15:55:43 +08:00
stringadmin	fdd408d06b	Convert billing to 1-to-100 credits	2026-06-08 15:46:28 +08:00
stringadmin	855fdfc4ff	feat: add beta application review APIs	2026-06-08 15:24:18 +08:00
stringadmin	ea91155f9e	fix: harden generation task coordination	2026-06-08 15:00:19 +08:00