merge: 合并 upstream/main 并保留本地图片计费功能

backend/internal/service/admin_service.go

@@ -123,6 +123,7 @@ type UpdateGroupInput struct {
 
 type CreateAccountInput struct {
 	Name        string
+	Notes       *string
 	Platform    string
 	Type        string
 	Credentials map[string]any
@@ -138,6 +139,7 @@ type CreateAccountInput struct {
 
 type UpdateAccountInput struct {
 	Name                  string
+	Notes                 *string
 	Type                  string // Account type: oauth, setup-token, apikey
 	Credentials           map[string]any
 	Extra                 map[string]any
@@ -687,6 +689,7 @@ func (s *adminServiceImpl) CreateAccount(ctx context.Context, input *CreateAccou
 
 	account := &Account{
 		Name:        input.Name,
+		Notes:       normalizeAccountNotes(input.Notes),
 		Platform:    input.Platform,
 		Type:        input.Type,
 		Credentials: input.Credentials,
@@ -723,6 +726,9 @@ func (s *adminServiceImpl) UpdateAccount(ctx context.Context, id int64, input *U
 	if input.Type != "" {
 		account.Type = input.Type
 	}
+	if input.Notes != nil {
+		account.Notes = normalizeAccountNotes(input.Notes)
+	}
 	if len(input.Credentials) > 0 {
 		account.Credentials = input.Credentials
 	}
@@ -730,7 +736,12 @@ func (s *adminServiceImpl) UpdateAccount(ctx context.Context, id int64, input *U
 		account.Extra = input.Extra
 	}
 	if input.ProxyID != nil {
+		// 0 表示清除代理（前端发送 0 而不是 null 来表达清除意图）
+		if *input.ProxyID == 0 {
+			account.ProxyID = nil
+		} else {
 			account.ProxyID = input.ProxyID
+		}
 		account.Proxy = nil // 清除关联对象，防止 GORM Save 时根据 Proxy.ID 覆盖 ProxyID
 	}
 	// 只在指针非 nil 时更新 Concurrency（支持设置为 0）

backend/internal/service/antigravity_gateway_service_test.go

+package service
+
+import (
+	"encoding/json"
+	"testing"
+
+	"github.com/Wei-Shaw/sub2api/internal/pkg/antigravity"
+	"github.com/stretchr/testify/require"
+)
+
+func TestStripSignatureSensitiveBlocksFromClaudeRequest(t *testing.T) {
+	req := &antigravity.ClaudeRequest{
+		Model: "claude-sonnet-4-5",
+		Thinking: &antigravity.ThinkingConfig{
+			Type:         "enabled",
+			BudgetTokens: 1024,
+		},
+		Messages: []antigravity.ClaudeMessage{
+			{
+				Role: "assistant",
+				Content: json.RawMessage(`[
+					{"type":"thinking","thinking":"secret plan","signature":""},
+					{"type":"tool_use","id":"t1","name":"Bash","input":{"command":"ls"}}
+				]`),
+			},
+			{
+				Role: "user",
+				Content: json.RawMessage(`[
+					{"type":"tool_result","tool_use_id":"t1","content":"ok","is_error":false},
+					{"type":"redacted_thinking","data":"..."}
+				]`),
+			},
+		},
+	}
+
+	changed, err := stripSignatureSensitiveBlocksFromClaudeRequest(req)
+	require.NoError(t, err)
+	require.True(t, changed)
+	require.Nil(t, req.Thinking)
+
+	require.Len(t, req.Messages, 2)
+
+	var blocks0 []map[string]any
+	require.NoError(t, json.Unmarshal(req.Messages[0].Content, &blocks0))
+	require.Len(t, blocks0, 2)
+	require.Equal(t, "text", blocks0[0]["type"])
+	require.Equal(t, "secret plan", blocks0[0]["text"])
+	require.Equal(t, "text", blocks0[1]["type"])
+
+	var blocks1 []map[string]any
+	require.NoError(t, json.Unmarshal(req.Messages[1].Content, &blocks1))
+	require.Len(t, blocks1, 1)
+	require.Equal(t, "text", blocks1[0]["type"])
+	require.NotEmpty(t, blocks1[0]["text"])
+}
+
+func TestStripThinkingFromClaudeRequest_DoesNotDowngradeTools(t *testing.T) {
+	req := &antigravity.ClaudeRequest{
+		Model: "claude-sonnet-4-5",
+		Thinking: &antigravity.ThinkingConfig{
+			Type:         "enabled",
+			BudgetTokens: 1024,
+		},
+		Messages: []antigravity.ClaudeMessage{
+			{
+				Role:    "assistant",
+				Content: json.RawMessage(`[{"type":"thinking","thinking":"secret plan"},{"type":"tool_use","id":"t1","name":"Bash","input":{"command":"ls"}}]`),
+			},
+		},
+	}
+
+	changed, err := stripThinkingFromClaudeRequest(req)
+	require.NoError(t, err)
+	require.True(t, changed)
+	require.Nil(t, req.Thinking)
+
+	var blocks []map[string]any
+	require.NoError(t, json.Unmarshal(req.Messages[0].Content, &blocks))
+	require.Len(t, blocks, 2)
+	require.Equal(t, "text", blocks[0]["type"])
+	require.Equal(t, "secret plan", blocks[0]["text"])
+	require.Equal(t, "tool_use", blocks[1]["type"])
+}

backend/internal/service/auth_service.go

@@ -221,9 +221,33 @@ func (s *AuthService) SendVerifyCodeAsync(ctx context.Context, email string) (*S
 
 // VerifyTurnstile 验证Turnstile token
 func (s *AuthService) VerifyTurnstile(ctx context.Context, token string, remoteIP string) error {
+	required := s.cfg != nil && s.cfg.Server.Mode == "release" && s.cfg.Turnstile.Required
+
+	if required {
+		if s.settingService == nil {
+			log.Println("[Auth] Turnstile required but settings service is not configured")
+			return ErrTurnstileNotConfigured
+		}
+		enabled := s.settingService.IsTurnstileEnabled(ctx)
+		secretConfigured := s.settingService.GetTurnstileSecretKey(ctx) != ""
+		if !enabled || !secretConfigured {
+			log.Printf("[Auth] Turnstile required but not configured (enabled=%v, secret_configured=%v)", enabled, secretConfigured)
+			return ErrTurnstileNotConfigured
+		}
+	}
+
 	if s.turnstileService == nil {
+		if required {
+			log.Println("[Auth] Turnstile required but service not configured")
+			return ErrTurnstileNotConfigured
+		}
 		return nil // 服务未配置则跳过验证
 	}
+
+	if !required && s.settingService != nil && s.settingService.IsTurnstileEnabled(ctx) && s.settingService.GetTurnstileSecretKey(ctx) == "" {
+		log.Println("[Auth] Turnstile enabled but secret key not configured")
+	}
+
 	return s.turnstileService.VerifyToken(ctx, token, remoteIP)
 }
 

backend/internal/service/billing_cache_service.go

@@ -17,6 +17,7 @@ import (
 // 注：ErrDailyLimitExceeded/ErrWeeklyLimitExceeded/ErrMonthlyLimitExceeded在subscription_service.go中定义
 var (
 	ErrSubscriptionInvalid       = infraerrors.Forbidden("SUBSCRIPTION_INVALID", "subscription is invalid or expired")
+	ErrBillingServiceUnavailable = infraerrors.ServiceUnavailable("BILLING_SERVICE_ERROR", "Billing service temporarily unavailable. Please retry later.")
 )
 
 // subscriptionCacheData 订阅缓存数据结构（内部使用）
@@ -76,6 +77,7 @@ type BillingCacheService struct {
 	userRepo       UserRepository
 	subRepo        UserSubscriptionRepository
 	cfg            *config.Config
+	circuitBreaker *billingCircuitBreaker
 
 	cacheWriteChan     chan cacheWriteTask
 	cacheWriteWg       sync.WaitGroup
@@ -95,6 +97,7 @@ func NewBillingCacheService(cache BillingCache, userRepo UserRepository, subRepo
 		subRepo:  subRepo,
 		cfg:      cfg,
 	}
+	svc.circuitBreaker = newBillingCircuitBreaker(cfg.Billing.CircuitBreaker)
 	svc.startCacheWriteWorkers()
 	return svc
 }
@@ -450,6 +453,9 @@ func (s *BillingCacheService) CheckBillingEligibility(ctx context.Context, user
 	if s.cfg.RunMode == config.RunModeSimple {
 		return nil
 	}
+	if s.circuitBreaker != nil && !s.circuitBreaker.Allow() {
+		return ErrBillingServiceUnavailable
+	}
 
 	// 判断计费模式
 	isSubscriptionMode := group != nil && group.IsSubscriptionType() && subscription != nil
@@ -465,9 +471,14 @@ func (s *BillingCacheService) CheckBillingEligibility(ctx context.Context, user
 func (s *BillingCacheService) checkBalanceEligibility(ctx context.Context, userID int64) error {
 	balance, err := s.GetUserBalance(ctx, userID)
 	if err != nil {
-		// 缓存/数据库错误，允许通过（降级处理）
-		log.Printf("Warning: get user balance failed, allowing request: %v", err)
-		return nil
+		if s.circuitBreaker != nil {
+			s.circuitBreaker.OnFailure(err)
+		}
+		log.Printf("ALERT: billing balance check failed for user %d: %v", userID, err)
+		return ErrBillingServiceUnavailable.WithCause(err)
+	}
+	if s.circuitBreaker != nil {
+		s.circuitBreaker.OnSuccess()
 	}
 
 	if balance <= 0 {
@@ -482,9 +493,14 @@ func (s *BillingCacheService) checkSubscriptionEligibility(ctx context.Context,
 	// 获取订阅缓存数据
 	subData, err := s.GetSubscriptionStatus(ctx, userID, group.ID)
 	if err != nil {
-		// 缓存/数据库错误，降级使用传入的subscription进行检查
-		log.Printf("Warning: get subscription cache failed, using fallback: %v", err)
-		return s.checkSubscriptionLimitsFallback(subscription, group)
+		if s.circuitBreaker != nil {
+			s.circuitBreaker.OnFailure(err)
+		}
+		log.Printf("ALERT: billing subscription check failed for user %d group %d: %v", userID, group.ID, err)
+		return ErrBillingServiceUnavailable.WithCause(err)
+	}
+	if s.circuitBreaker != nil {
+		s.circuitBreaker.OnSuccess()
 	}
 
 	// 检查订阅状态
@@ -513,27 +529,133 @@ func (s *BillingCacheService) checkSubscriptionEligibility(ctx context.Context,
 	return nil
 }
 
-// checkSubscriptionLimitsFallback 降级检查订阅限额
-func (s *BillingCacheService) checkSubscriptionLimitsFallback(subscription *UserSubscription, group *Group) error {
-	if subscription == nil {
-		return ErrSubscriptionInvalid
+type billingCircuitBreakerState int
+
+const (
+	billingCircuitClosed billingCircuitBreakerState = iota
+	billingCircuitOpen
+	billingCircuitHalfOpen
+)
+
+type billingCircuitBreaker struct {
+	mu                sync.Mutex
+	state             billingCircuitBreakerState
+	failures          int
+	openedAt          time.Time
+	failureThreshold  int
+	resetTimeout      time.Duration
+	halfOpenRequests  int
+	halfOpenRemaining int
+}
+
+func newBillingCircuitBreaker(cfg config.CircuitBreakerConfig) *billingCircuitBreaker {
+	if !cfg.Enabled {
+		return nil
+	}
+	resetTimeout := time.Duration(cfg.ResetTimeoutSeconds) * time.Second
+	if resetTimeout <= 0 {
+		resetTimeout = 30 * time.Second
+	}
+	halfOpen := cfg.HalfOpenRequests
+	if halfOpen <= 0 {
+		halfOpen = 1
 	}
+	threshold := cfg.FailureThreshold
+	if threshold <= 0 {
+		threshold = 5
+	}
+	return &billingCircuitBreaker{
+		state:            billingCircuitClosed,
+		failureThreshold: threshold,
+		resetTimeout:     resetTimeout,
+		halfOpenRequests: halfOpen,
+	}
+}
 
-	if !subscription.IsActive() {
-		return ErrSubscriptionInvalid
+func (b *billingCircuitBreaker) Allow() bool {
+	b.mu.Lock()
+	defer b.mu.Unlock()
+
+	switch b.state {
+	case billingCircuitClosed:
+		return true
+	case billingCircuitOpen:
+		if time.Since(b.openedAt) < b.resetTimeout {
+			return false
+		}
+		b.state = billingCircuitHalfOpen
+		b.halfOpenRemaining = b.halfOpenRequests
+		log.Printf("ALERT: billing circuit breaker entering half-open state")
+		fallthrough
+	case billingCircuitHalfOpen:
+		if b.halfOpenRemaining <= 0 {
+			return false
 		}
+		b.halfOpenRemaining--
+		return true
+	default:
+		return false
+	}
+}
 
-	if !subscription.CheckDailyLimit(group, 0) {
-		return ErrDailyLimitExceeded
+func (b *billingCircuitBreaker) OnFailure(err error) {
+	if b == nil {
+		return
 	}
+	b.mu.Lock()
+	defer b.mu.Unlock()
 
-	if !subscription.CheckWeeklyLimit(group, 0) {
-		return ErrWeeklyLimitExceeded
+	switch b.state {
+	case billingCircuitOpen:
+		return
+	case billingCircuitHalfOpen:
+		b.state = billingCircuitOpen
+		b.openedAt = time.Now()
+		b.halfOpenRemaining = 0
+		log.Printf("ALERT: billing circuit breaker opened after half-open failure: %v", err)
+		return
+	default:
+		b.failures++
+		if b.failures >= b.failureThreshold {
+			b.state = billingCircuitOpen
+			b.openedAt = time.Now()
+			b.halfOpenRemaining = 0
+			log.Printf("ALERT: billing circuit breaker opened after %d failures: %v", b.failures, err)
+		}
 	}
+}
 
-	if !subscription.CheckMonthlyLimit(group, 0) {
-		return ErrMonthlyLimitExceeded
+func (b *billingCircuitBreaker) OnSuccess() {
+	if b == nil {
+		return
 	}
+	b.mu.Lock()
+	defer b.mu.Unlock()
 
-	return nil
+	previousState := b.state
+	previousFailures := b.failures
+
+	b.state = billingCircuitClosed
+	b.failures = 0
+	b.halfOpenRemaining = 0
+
+	// 只有状态真正发生变化时才记录日志
+	if previousState != billingCircuitClosed {
+		log.Printf("ALERT: billing circuit breaker closed (was %s)", circuitStateString(previousState))
+	} else if previousFailures > 0 {
+		log.Printf("INFO: billing circuit breaker failures reset from %d", previousFailures)
+	}
+}
+
+func circuitStateString(state billingCircuitBreakerState) string {
+	switch state {
+	case billingCircuitClosed:
+		return "closed"
+	case billingCircuitOpen:
+		return "open"
+	case billingCircuitHalfOpen:
+		return "half-open"
+	default:
+		return "unknown"
+	}
 }

backend/internal/service/crs_sync_service.go

@@ -8,12 +8,13 @@ import (
 	"fmt"
 	"io"
 	"net/http"
-	"net/url"
 	"strconv"
 	"strings"
 	"time"
 
+	"github.com/Wei-Shaw/sub2api/internal/config"
 	"github.com/Wei-Shaw/sub2api/internal/pkg/httpclient"
+	"github.com/Wei-Shaw/sub2api/internal/util/urlvalidator"
 )
 
 type CRSSyncService struct {
@@ -22,6 +23,7 @@ type CRSSyncService struct {
 	oauthService       *OAuthService
 	openaiOAuthService *OpenAIOAuthService
 	geminiOAuthService *GeminiOAuthService
+	cfg                *config.Config
 }
 
 func NewCRSSyncService(
@@ -30,6 +32,7 @@ func NewCRSSyncService(
 	oauthService *OAuthService,
 	openaiOAuthService *OpenAIOAuthService,
 	geminiOAuthService *GeminiOAuthService,
+	cfg *config.Config,
 ) *CRSSyncService {
 	return &CRSSyncService{
 		accountRepo:        accountRepo,
@@ -37,6 +40,7 @@ func NewCRSSyncService(
 		oauthService:       oauthService,
 		openaiOAuthService: openaiOAuthService,
 		geminiOAuthService: geminiOAuthService,
+		cfg:                cfg,
 	}
 }
 
@@ -187,16 +191,31 @@ type crsGeminiAPIKeyAccount struct {
 }
 
 func (s *CRSSyncService) SyncFromCRS(ctx context.Context, input SyncFromCRSInput) (*SyncFromCRSResult, error) {
-	baseURL, err := normalizeBaseURL(input.BaseURL)
+	if s.cfg == nil {
+		return nil, errors.New("config is not available")
+	}
+	baseURL := strings.TrimSpace(input.BaseURL)
+	if s.cfg.Security.URLAllowlist.Enabled {
+		normalized, err := normalizeBaseURL(baseURL, s.cfg.Security.URLAllowlist.CRSHosts, s.cfg.Security.URLAllowlist.AllowPrivateHosts)
 		if err != nil {
 			return nil, err
 		}
+		baseURL = normalized
+	} else {
+		normalized, err := urlvalidator.ValidateURLFormat(baseURL, s.cfg.Security.URLAllowlist.AllowInsecureHTTP)
+		if err != nil {
+			return nil, fmt.Errorf("invalid base_url: %w", err)
+		}
+		baseURL = normalized
+	}
 	if strings.TrimSpace(input.Username) == "" || strings.TrimSpace(input.Password) == "" {
 		return nil, errors.New("username and password are required")
 	}
 
 	client, err := httpclient.GetClient(httpclient.Options{
 		Timeout:            20 * time.Second,
+		ValidateResolvedIP: s.cfg.Security.URLAllowlist.Enabled,
+		AllowPrivateHosts:  s.cfg.Security.URLAllowlist.AllowPrivateHosts,
 	})
 	if err != nil {
 		client = &http.Client{Timeout: 20 * time.Second}
@@ -1055,17 +1074,18 @@ func mapCRSStatus(isActive bool, status string) string {
 	return "active"
 }
 
-func normalizeBaseURL(raw string) (string, error) {
-	trimmed := strings.TrimSpace(raw)
-	if trimmed == "" {
-		return "", errors.New("base_url is required")
-	}
-	u, err := url.Parse(trimmed)
-	if err != nil || u.Scheme == "" || u.Host == "" {
-		return "", fmt.Errorf("invalid base_url: %s", trimmed)
+func normalizeBaseURL(raw string, allowlist []string, allowPrivate bool) (string, error) {
+	// 当 allowlist 为空时，不强制要求白名单（只进行基本的 URL 和 SSRF 验证）
+	requireAllowlist := len(allowlist) > 0
+	normalized, err := urlvalidator.ValidateHTTPSURL(raw, urlvalidator.ValidationOptions{
+		AllowedHosts:     allowlist,
+		RequireAllowlist: requireAllowlist,
+		AllowPrivate:     allowPrivate,
+	})
+	if err != nil {
+		return "", fmt.Errorf("invalid base_url: %w", err)
 	}
-	u.Path = strings.TrimRight(u.Path, "/")
-	return strings.TrimRight(u.String(), "/"), nil
+	return normalized, nil
 }
 
 // cleanBaseURL removes trailing suffix from base_url in credentials

backend/internal/service/domain_constants.go

@@ -101,6 +101,10 @@ const (
 	SettingKeyFallbackModelOpenAI      = "fallback_model_openai"
 	SettingKeyFallbackModelGemini      = "fallback_model_gemini"
 	SettingKeyFallbackModelAntigravity = "fallback_model_antigravity"
+
+	// Request identity patch (Claude -> Gemini systemInstruction injection)
+	SettingKeyEnableIdentityPatch = "enable_identity_patch"
+	SettingKeyIdentityPatchPrompt = "identity_patch_prompt"
 )
 
 // AdminAPIKeyPrefix is the prefix for admin API keys (distinct from user "sk-" keys).

backend/internal/service/gateway_request.go

@@ -84,25 +84,37 @@ func FilterThinkingBlocks(body []byte) []byte {
 	return filterThinkingBlocksInternal(body, false)
 }
 
-// FilterThinkingBlocksForRetry removes thinking blocks from HISTORICAL messages for retry scenarios.
-// This is used when upstream returns signature-related 400 errors.
+// FilterThinkingBlocksForRetry strips thinking-related constructs for retry scenarios.
 //
-// Key insight:
-//   - User's thinking.type = "enabled" should be PRESERVED (user's intent)
-//   - Only HISTORICAL assistant messages have thinking blocks with signatures
-//   - These signatures may be invalid when switching accounts/platforms
-//   - New responses will generate fresh thinking blocks without signature issues
+// Why:
+//   - Upstreams may reject historical `thinking`/`redacted_thinking` blocks due to invalid/missing signatures.
+//   - Anthropic extended thinking has a structural constraint: when top-level `thinking` is enabled and the
+//     final message is an assistant prefill, the assistant content must start with a thinking block.
+//   - If we remove thinking blocks but keep top-level `thinking` enabled, we can trigger:
+//     "Expected `thinking` or `redacted_thinking`, but found `text`"
 //
-// Strategy:
-//   - Keep thinking.type = "enabled" (preserve user intent)
-//   - Remove thinking/redacted_thinking blocks from historical assistant messages
-//   - Ensure no message has empty content after filtering
+// Strategy (B: preserve content as text):
+//   - Disable top-level `thinking` (remove `thinking` field).
+//   - Convert `thinking` blocks to `text` blocks (preserve the thinking content).
+//   - Remove `redacted_thinking` blocks (cannot be converted to text).
+//   - Ensure no message ends up with empty content.
 func FilterThinkingBlocksForRetry(body []byte) []byte {
-	// Fast path: check for presence of thinking-related keys in messages
-	if !bytes.Contains(body, []byte(`"type":"thinking"`)) &&
-		!bytes.Contains(body, []byte(`"type": "thinking"`)) &&
-		!bytes.Contains(body, []byte(`"type":"redacted_thinking"`)) &&
-		!bytes.Contains(body, []byte(`"type": "redacted_thinking"`)) {
+	hasThinkingContent := bytes.Contains(body, []byte(`"type":"thinking"`)) ||
+		bytes.Contains(body, []byte(`"type": "thinking"`)) ||
+		bytes.Contains(body, []byte(`"type":"redacted_thinking"`)) ||
+		bytes.Contains(body, []byte(`"type": "redacted_thinking"`)) ||
+		bytes.Contains(body, []byte(`"thinking":`)) ||
+		bytes.Contains(body, []byte(`"thinking" :`))
+
+	// Also check for empty content arrays that need fixing.
+	// Note: This is a heuristic check; the actual empty content handling is done below.
+	hasEmptyContent := bytes.Contains(body, []byte(`"content":[]`)) ||
+		bytes.Contains(body, []byte(`"content": []`)) ||
+		bytes.Contains(body, []byte(`"content" : []`)) ||
+		bytes.Contains(body, []byte(`"content" :[]`))
+
+	// Fast path: nothing to process
+	if !hasThinkingContent && !hasEmptyContent {
 		return body
 	}
 
@@ -111,15 +123,19 @@ func FilterThinkingBlocksForRetry(body []byte) []byte {
 		return body
 	}
 
-	// DO NOT modify thinking.type - preserve user's intent to use thinking mode
-	// The issue is with historical message signatures, not the thinking mode itself
+	modified := false
 
 	messages, ok := req["messages"].([]any)
 	if !ok {
 		return body
 	}
 
-	modified := false
+	// Disable top-level thinking mode for retry to avoid structural/signature constraints upstream.
+	if _, exists := req["thinking"]; exists {
+		delete(req, "thinking")
+		modified = true
+	}
+
 	newMessages := make([]any, 0, len(messages))
 
 	for _, msg := range messages {
@@ -149,42 +165,237 @@ func FilterThinkingBlocksForRetry(body []byte) []byte {
 
 			blockType, _ := blockMap["type"].(string)
 
-			// Remove thinking/redacted_thinking blocks from historical messages
-			// These have signatures that may be invalid across different accounts
-			if blockType == "thinking" || blockType == "redacted_thinking" {
+			// Convert thinking blocks to text (preserve content) and drop redacted_thinking.
+			switch blockType {
+			case "thinking":
+				modifiedThisMsg = true
+				thinkingText, _ := blockMap["thinking"].(string)
+				if thinkingText == "" {
+					continue
+				}
+				newContent = append(newContent, map[string]any{
+					"type": "text",
+					"text": thinkingText,
+				})
+				continue
+			case "redacted_thinking":
 				modifiedThisMsg = true
 				continue
 			}
 
+			// Handle blocks without type discriminator but with a "thinking" field.
+			if blockType == "" {
+				if rawThinking, hasThinking := blockMap["thinking"]; hasThinking {
+					modifiedThisMsg = true
+					switch v := rawThinking.(type) {
+					case string:
+						if v != "" {
+							newContent = append(newContent, map[string]any{"type": "text", "text": v})
+						}
+					default:
+						if b, err := json.Marshal(v); err == nil && len(b) > 0 {
+							newContent = append(newContent, map[string]any{"type": "text", "text": string(b)})
+						}
+					}
+					continue
+				}
+			}
+
 			newContent = append(newContent, block)
 		}
 
-		if modifiedThisMsg {
-			modified = true
-			// Handle empty content after filtering
+		// Handle empty content: either from filtering or originally empty
 		if len(newContent) == 0 {
-				// For assistant messages, skip entirely (remove from conversation)
-				// For user messages, add placeholder to avoid empty content error
-				if role == "user" {
+			modified = true
+			placeholder := "(content removed)"
+			if role == "assistant" {
+				placeholder = "(assistant content removed)"
+			}
 			newContent = append(newContent, map[string]any{
 				"type": "text",
-						"text": "(content removed)",
+				"text": placeholder,
 			})
 			msgMap["content"] = newContent
+		} else if modifiedThisMsg {
+			modified = true
+			msgMap["content"] = newContent
+		}
 		newMessages = append(newMessages, msgMap)
 	}
-				// Skip assistant messages with empty content (don't append)
+
+	if modified {
+		req["messages"] = newMessages
+	} else {
+		// Avoid rewriting JSON when no changes are needed.
+		return body
+	}
+
+	newBody, err := json.Marshal(req)
+	if err != nil {
+		return body
+	}
+	return newBody
+}
+
+// FilterSignatureSensitiveBlocksForRetry is a stronger retry filter for cases where upstream errors indicate
+// signature/thought_signature validation issues involving tool blocks.
+//
+// This performs everything in FilterThinkingBlocksForRetry, plus:
+//   - Convert `tool_use` blocks to text (name/id/input) so we stop sending structured tool calls.
+//   - Convert `tool_result` blocks to text so we keep tool results visible without tool semantics.
+//
+// Use this only when needed: converting tool blocks to text changes model behaviour and can increase the
+// risk of prompt injection (tool output becomes plain conversation text).
+func FilterSignatureSensitiveBlocksForRetry(body []byte) []byte {
+	// Fast path: only run when we see likely relevant constructs.
+	if !bytes.Contains(body, []byte(`"type":"thinking"`)) &&
+		!bytes.Contains(body, []byte(`"type": "thinking"`)) &&
+		!bytes.Contains(body, []byte(`"type":"redacted_thinking"`)) &&
+		!bytes.Contains(body, []byte(`"type": "redacted_thinking"`)) &&
+		!bytes.Contains(body, []byte(`"type":"tool_use"`)) &&
+		!bytes.Contains(body, []byte(`"type": "tool_use"`)) &&
+		!bytes.Contains(body, []byte(`"type":"tool_result"`)) &&
+		!bytes.Contains(body, []byte(`"type": "tool_result"`)) &&
+		!bytes.Contains(body, []byte(`"thinking":`)) &&
+		!bytes.Contains(body, []byte(`"thinking" :`)) {
+		return body
+	}
+
+	var req map[string]any
+	if err := json.Unmarshal(body, &req); err != nil {
+		return body
+	}
+
+	modified := false
+
+	// Disable top-level thinking for retry to avoid structural/signature constraints upstream.
+	if _, exists := req["thinking"]; exists {
+		delete(req, "thinking")
+		modified = true
+	}
+
+	messages, ok := req["messages"].([]any)
+	if !ok {
+		return body
+	}
+
+	newMessages := make([]any, 0, len(messages))
+
+	for _, msg := range messages {
+		msgMap, ok := msg.(map[string]any)
+		if !ok {
+			newMessages = append(newMessages, msg)
+			continue
+		}
+
+		role, _ := msgMap["role"].(string)
+		content, ok := msgMap["content"].([]any)
+		if !ok {
+			newMessages = append(newMessages, msg)
+			continue
+		}
+
+		newContent := make([]any, 0, len(content))
+		modifiedThisMsg := false
+
+		for _, block := range content {
+			blockMap, ok := block.(map[string]any)
+			if !ok {
+				newContent = append(newContent, block)
+				continue
+			}
+
+			blockType, _ := blockMap["type"].(string)
+			switch blockType {
+			case "thinking":
+				modifiedThisMsg = true
+				thinkingText, _ := blockMap["thinking"].(string)
+				if thinkingText == "" {
+					continue
+				}
+				newContent = append(newContent, map[string]any{"type": "text", "text": thinkingText})
+				continue
+			case "redacted_thinking":
+				modifiedThisMsg = true
+				continue
+			case "tool_use":
+				modifiedThisMsg = true
+				name, _ := blockMap["name"].(string)
+				id, _ := blockMap["id"].(string)
+				input := blockMap["input"]
+				inputJSON, _ := json.Marshal(input)
+				text := "(tool_use)"
+				if name != "" {
+					text += " name=" + name
+				}
+				if id != "" {
+					text += " id=" + id
+				}
+				if len(inputJSON) > 0 && string(inputJSON) != "null" {
+					text += " input=" + string(inputJSON)
+				}
+				newContent = append(newContent, map[string]any{"type": "text", "text": text})
+				continue
+			case "tool_result":
+				modifiedThisMsg = true
+				toolUseID, _ := blockMap["tool_use_id"].(string)
+				isError, _ := blockMap["is_error"].(bool)
+				content := blockMap["content"]
+				contentJSON, _ := json.Marshal(content)
+				text := "(tool_result)"
+				if toolUseID != "" {
+					text += " tool_use_id=" + toolUseID
+				}
+				if isError {
+					text += " is_error=true"
+				}
+				if len(contentJSON) > 0 && string(contentJSON) != "null" {
+					text += "\n" + string(contentJSON)
+				}
+				newContent = append(newContent, map[string]any{"type": "text", "text": text})
+				continue
+			}
+
+			if blockType == "" {
+				if rawThinking, hasThinking := blockMap["thinking"]; hasThinking {
+					modifiedThisMsg = true
+					switch v := rawThinking.(type) {
+					case string:
+						if v != "" {
+							newContent = append(newContent, map[string]any{"type": "text", "text": v})
+						}
+					default:
+						if b, err := json.Marshal(v); err == nil && len(b) > 0 {
+							newContent = append(newContent, map[string]any{"type": "text", "text": string(b)})
+						}
+					}
 					continue
 				}
+			}
+
+			newContent = append(newContent, block)
+		}
+
+		if modifiedThisMsg {
+			modified = true
+			if len(newContent) == 0 {
+				placeholder := "(content removed)"
+				if role == "assistant" {
+					placeholder = "(assistant content removed)"
+				}
+				newContent = append(newContent, map[string]any{"type": "text", "text": placeholder})
+			}
 			msgMap["content"] = newContent
 		}
+
 		newMessages = append(newMessages, msgMap)
 	}
 
-	if modified {
-		req["messages"] = newMessages
+	if !modified {
+		return body
 	}
 
+	req["messages"] = newMessages
 	newBody, err := json.Marshal(req)
 	if err != nil {
 		return body

backend/internal/service/gemini_oauth_service.go

@@ -1002,6 +1002,7 @@ func fetchProjectIDFromResourceManager(ctx context.Context, accessToken, proxyUR
 	client, err := httpclient.GetClient(httpclient.Options{
 		ProxyURL:           strings.TrimSpace(proxyURL),
 		Timeout:            30 * time.Second,
+		ValidateResolvedIP: true,
 	})
 	if err != nil {
 		client = &http.Client{Timeout: 30 * time.Second}

backend/internal/service/settings_view.go

@@ -8,6 +8,7 @@ type SystemSettings struct {
 	SMTPPort               int
 	SMTPUsername           string
 	SMTPPassword           string
+	SMTPPasswordConfigured bool
 	SMTPFrom               string
 	SMTPFromName           string
 	SMTPUseTLS             bool
@@ -15,6 +16,7 @@ type SystemSettings struct {
 	TurnstileEnabled             bool
 	TurnstileSiteKey             string
 	TurnstileSecretKey           string
+	TurnstileSecretKeyConfigured bool
 
 	SiteName     string
 	SiteLogo     string
@@ -32,6 +34,10 @@ type SystemSettings struct {
 	FallbackModelOpenAI      string `json:"fallback_model_openai"`
 	FallbackModelGemini      string `json:"fallback_model_gemini"`
 	FallbackModelAntigravity string `json:"fallback_model_antigravity"`
+
+	// Identity patch configuration (Claude -> Gemini)
+	EnableIdentityPatch bool   `json:"enable_identity_patch"`
+	IdentityPatchPrompt string `json:"identity_patch_prompt"`
 }
 
 type PublicSettings struct {