diff --git a/backend/internal/repository/http_upstream.go b/backend/internal/repository/http_upstream.go index d72d4006..8d73dc9c 100644 --- a/backend/internal/repository/http_upstream.go +++ b/backend/internal/repository/http_upstream.go @@ -284,27 +284,26 @@ func (s *httpUpstreamService) doViaNodeTLSProxy(req *http.Request, proxyURL stri listenPort = 3456 } + // 克隆请求,避免修改原始 req(重试时需要原始 URL) + proxyReq := req.Clone(req.Context()) + proxyReq.Body = req.Body // Clone 不复制 Body + // 保存原始目标主机,通过自定义头传给 Node.js 代理 originalHost := req.URL.Host - req.Header.Set("X-Forwarded-Host", originalHost) + proxyReq.Header.Set("X-Forwarded-Host", originalHost) // 重写请求 URL:https://api.anthropic.com/v1/... → http://127.0.0.1:3456/v1/... - originalURL := req.URL.String() - req.URL.Scheme = "http" - req.URL.Host = fmt.Sprintf("%s:%d", listenHost, listenPort) + proxyReq.URL.Scheme = "http" + proxyReq.URL.Host = fmt.Sprintf("%s:%d", listenHost, listenPort) slog.Debug("node_tls_proxy_rewrite", "account_id", accountID, - "original_url", originalURL, "original_host", originalHost, - "rewritten_to", req.URL.String(), + "rewritten_to", proxyReq.URL.Host, ) - // 递归保护:标记已经过代理重写,避免 Do() 再次进入本方法 - req.URL.Scheme = "http" // Do() 只拦截 scheme=="https",http 会走正常路径 - // 通过标准 HTTP 客户端发送(不需要 TLS,代理是本地 HTTP) - return s.Do(req, "", accountID, accountConcurrency) + return s.Do(proxyReq, "", accountID, accountConcurrency) } // acquireClientWithTLS 获取或创建带 TLS 指纹的客户端 diff --git a/backend/internal/service/identity_service.go b/backend/internal/service/identity_service.go index 7fc7beb3..db4935f9 100644 --- a/backend/internal/service/identity_service.go +++ b/backend/internal/service/identity_service.go @@ -268,7 +268,12 @@ func (s *IdentityService) RewriteUserID(body []byte, accountID int64, accountUUI // 生成新的session hash: SHA256(salt::accountID::sessionTail) -> UUID格式 // instanceSalt 使不同 sub2api 实例对相同输入产生不同的 hash - seed := fmt.Sprintf("%s::%d::%s", s.instanceSalt, accountID, sessionTail) + var seed string + if s.instanceSalt != "" { + seed = fmt.Sprintf("%s::%d::%s", s.instanceSalt, accountID, sessionTail) + } else { + seed = fmt.Sprintf("%d::%s", accountID, sessionTail) + } newSessionHash := generateUUIDFromSeed(seed) // 根据客户端版本选择输出格式 diff --git a/backend/internal/service/sora_sdk_client.go b/backend/internal/service/sora_sdk_client.go index a8812ff5..f59c257d 100644 --- a/backend/internal/service/sora_sdk_client.go +++ b/backend/internal/service/sora_sdk_client.go @@ -723,7 +723,7 @@ func (c *SoraSDKClient) doSoraBackendJSON( var resp *http.Response if c.httpUpstream != nil { - resp, err = c.httpUpstream.Do(req, proxyURL, accountID, accountConcurrency) + resp, err = c.doSoraHTTP(req, proxyURL, accountID, accountConcurrency) } else { resp, err = http.DefaultClient.Do(req) }