Merge remote-tracking branch 'upstream/main'

# Conflicts:
#	frontend/src/components/account/CreateAccountModal.vue

backend/internal/handler/request_body_limit_test.go

+package handler
+
+import (
+	"bytes"
+	"io"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/Wei-Shaw/sub2api/internal/server/middleware"
+	"github.com/gin-gonic/gin"
+	"github.com/stretchr/testify/require"
+)
+
+func TestRequestBodyLimitTooLarge(t *testing.T) {
+	gin.SetMode(gin.TestMode)
+
+	limit := int64(16)
+	router := gin.New()
+	router.Use(middleware.RequestBodyLimit(limit))
+	router.POST("/test", func(c *gin.Context) {
+		_, err := io.ReadAll(c.Request.Body)
+		if err != nil {
+			if maxErr, ok := extractMaxBytesError(err); ok {
+				c.JSON(http.StatusRequestEntityTooLarge, gin.H{
+					"error": buildBodyTooLargeMessage(maxErr.Limit),
+				})
+				return
+			}
+			c.JSON(http.StatusBadRequest, gin.H{
+				"error": "read_failed",
+			})
+			return
+		}
+		c.JSON(http.StatusOK, gin.H{"ok": true})
+	})
+
+	payload := bytes.Repeat([]byte("a"), int(limit+1))
+	req := httptest.NewRequest(http.MethodPost, "/test", bytes.NewReader(payload))
+	recorder := httptest.NewRecorder()
+	router.ServeHTTP(recorder, req)
+
+	require.Equal(t, http.StatusRequestEntityTooLarge, recorder.Code)
+	require.Contains(t, recorder.Body.String(), buildBodyTooLargeMessage(limit))
+}

backend/internal/infrastructure/redis.go

-package infrastructure
-
-import (
-	"github.com/Wei-Shaw/sub2api/internal/config"
-
-	"github.com/redis/go-redis/v9"
-)
-
-// InitRedis 初始化 Redis 客户端
-func InitRedis(cfg *config.Config) *redis.Client {
-	return redis.NewClient(&redis.Options{
-		Addr:     cfg.Redis.Address(),
-		Password: cfg.Redis.Password,
-		DB:       cfg.Redis.DB,
-	})
-}

backend/internal/infrastructure/wire.go

-package infrastructure
-
-import (
-	"database/sql"
-	"errors"
-
-	"github.com/Wei-Shaw/sub2api/ent"
-	"github.com/Wei-Shaw/sub2api/internal/config"
-
-	"github.com/google/wire"
-	"github.com/redis/go-redis/v9"
-
-	entsql "entgo.io/ent/dialect/sql"
-)
-
-// ProviderSet 是基础设施层的 Wire 依赖提供者集合。
-//
-// Wire 是 Google 开发的编译时依赖注入工具。ProviderSet 将相关的依赖提供函数
-// 组织在一起，便于在应用程序启动时自动组装依赖关系。
-//
-// 包含的提供者：
-//   - ProvideEnt: 提供 Ent ORM 客户端
-//   - ProvideSQLDB: 提供底层 SQL 数据库连接
-//   - ProvideRedis: 提供 Redis 客户端
-var ProviderSet = wire.NewSet(
-	ProvideEnt,
-	ProvideSQLDB,
-	ProvideRedis,
-)
-
-// ProvideEnt 为依赖注入提供 Ent 客户端。
-//
-// 该函数是 InitEnt 的包装器，符合 Wire 的依赖提供函数签名要求。
-// Wire 会在编译时分析依赖关系，自动生成初始化代码。
-//
-// 依赖：config.Config
-// 提供：*ent.Client
-func ProvideEnt(cfg *config.Config) (*ent.Client, error) {
-	client, _, err := InitEnt(cfg)
-	return client, err
-}
-
-// ProvideSQLDB 从 Ent 客户端提取底层的 *sql.DB 连接。
-//
-// 某些 Repository 需要直接执行原生 SQL（如复杂的批量更新、聚合查询），
-// 此时需要访问底层的 sql.DB 而不是通过 Ent ORM。
-//
-// 设计说明：
-//   - Ent 底层使用 sql.DB，通过 Driver 接口可以访问
-//   - 这种设计允许在同一事务中混用 Ent 和原生 SQL
-//
-// 依赖：*ent.Client
-// 提供：*sql.DB
-func ProvideSQLDB(client *ent.Client) (*sql.DB, error) {
-	if client == nil {
-		return nil, errors.New("nil ent client")
-	}
-	// 从 Ent 客户端获取底层驱动
-	drv, ok := client.Driver().(*entsql.Driver)
-	if !ok {
-		return nil, errors.New("ent driver does not expose *sql.DB")
-	}
-	// 返回驱动持有的 sql.DB 实例
-	return drv.DB(), nil
-}
-
-// ProvideRedis 为依赖注入提供 Redis 客户端。
-//
-// Redis 用于：
-//   - 分布式锁（如并发控制）
-//   - 缓存（如用户会话、API 响应缓存）
-//   - 速率限制
-//   - 实时统计数据
-//
-// 依赖：config.Config
-// 提供：*redis.Client
-func ProvideRedis(cfg *config.Config) *redis.Client {
-	return InitRedis(cfg)
-}

backend/internal/integration/e2e_gateway_test.go

@@ -57,6 +57,7 @@ var geminiModels = []string{
 	"gemini-2.5-flash-lite",
 	"gemini-3-flash",
 	"gemini-3-pro-low",
+	"gemini-3-pro-high",
 }
 
 func TestMain(m *testing.M) {
@@ -641,6 +642,37 @@ func testClaudeThinkingWithToolHistory(t *testing.T, model string) {
 	t.Logf("✅ thinking 模式工具调用测试通过, id=%v", result["id"])
 }
 
+// TestClaudeMessagesWithGeminiModel 测试在 Claude 端点使用 Gemini 模型
+// 验证：通过 /v1/messages 端点传入 gemini 模型名的场景（含前缀映射）
+// 仅在 Antigravity 模式下运行（ENDPOINT_PREFIX="/antigravity"）
+func TestClaudeMessagesWithGeminiModel(t *testing.T) {
+	if endpointPrefix != "/antigravity" {
+		t.Skip("仅在 Antigravity 模式下运行")
+	}
+
+	// 测试通过 Claude 端点调用 Gemini 模型
+	geminiViaClaude := []string{
+		"gemini-3-flash",       // 直接支持
+		"gemini-3-pro-low",     // 直接支持
+		"gemini-3-pro-high",    // 直接支持
+		"gemini-3-pro",         // 前缀映射 -> gemini-3-pro-high
+		"gemini-3-pro-preview", // 前缀映射 -> gemini-3-pro-high
+	}
+
+	for i, model := range geminiViaClaude {
+		if i > 0 {
+			time.Sleep(testInterval)
+		}
+		t.Run(model+"_通过Claude端点", func(t *testing.T) {
+			testClaudeMessage(t, model, false)
+		})
+		time.Sleep(testInterval)
+		t.Run(model+"_通过Claude端点_流式", func(t *testing.T) {
+			testClaudeMessage(t, model, true)
+		})
+	}
+}
+
 // TestClaudeMessagesWithNoSignature 测试历史 thinking block 不带 signature 的场景
 // 验证：Gemini 模型接受没有 signature 的 thinking block
 func TestClaudeMessagesWithNoSignature(t *testing.T) {
@@ -738,3 +770,30 @@ func testClaudeWithNoSignature(t *testing.T, model string) {
 	}
 	t.Logf("✅ 无 signature thinking 处理测试通过, id=%v", result["id"])
 }
+
+// TestGeminiEndpointWithClaudeModel 测试通过 Gemini 端点调用 Claude 模型
+// 仅在 Antigravity 模式下运行（ENDPOINT_PREFIX="/antigravity"）
+func TestGeminiEndpointWithClaudeModel(t *testing.T) {
+	if endpointPrefix != "/antigravity" {
+		t.Skip("仅在 Antigravity 模式下运行")
+	}
+
+	// 测试通过 Gemini 端点调用 Claude 模型
+	claudeViaGemini := []string{
+		"claude-sonnet-4-5",
+		"claude-opus-4-5-thinking",
+	}
+
+	for i, model := range claudeViaGemini {
+		if i > 0 {
+			time.Sleep(testInterval)
+		}
+		t.Run(model+"_通过Gemini端点", func(t *testing.T) {
+			testGeminiGenerate(t, model, false)
+		})
+		time.Sleep(testInterval)
+		t.Run(model+"_通过Gemini端点_流式", func(t *testing.T) {
+			testGeminiGenerate(t, model, true)
+		})
+	}
+}

backend/internal/pkg/antigravity/claude_types.go

@@ -37,12 +37,26 @@ type ClaudeMetadata struct {
 }
 
 // ClaudeTool Claude 工具定义
+// 支持两种格式：
+// 1. 标准格式: { "name": "...", "description": "...", "input_schema": {...} }
+// 2. Custom 格式 (MCP): { "type": "custom", "name": "...", "custom": { "description": "...", "input_schema": {...} } }
 type ClaudeTool struct {
+	Type        string          `json:"type,omitempty"` // "custom" 或空（标准格式）
 	Name        string          `json:"name"`
+	Description string          `json:"description,omitempty"`  // 标准格式使用
+	InputSchema map[string]any  `json:"input_schema,omitempty"` // 标准格式使用
+	Custom      *CustomToolSpec `json:"custom,omitempty"`       // custom 格式使用
+}
+
+// CustomToolSpec MCP custom 工具规格
+type CustomToolSpec struct {
 	Description string         `json:"description,omitempty"`
 	InputSchema map[string]any `json:"input_schema"`
 }
 
+// ClaudeCustomToolSpec 兼容旧命名（MCP custom 工具规格）
+type ClaudeCustomToolSpec = CustomToolSpec
+
 // SystemBlock system prompt 数组形式的元素
 type SystemBlock struct {
 	Type string `json:"type"`

backend/internal/pkg/antigravity/request_transformer.go

@@ -3,6 +3,7 @@ package antigravity
 import (
 	"encoding/json"
 	"fmt"
+	"log"
 	"strings"
 
 	"github.com/google/uuid"
@@ -13,13 +14,16 @@ func TransformClaudeToGemini(claudeReq *ClaudeRequest, projectID, mappedModel st
 	// 用于存储 tool_use id -> name 映射
 	toolIDToName := make(map[string]string)
 
-	// 检测是否启用 thinking
-	isThinkingEnabled := claudeReq.Thinking != nil && claudeReq.Thinking.Type == "enabled"
-
 	// 只有 Gemini 模型支持 dummy thought workaround
 	// Claude 模型通过 Vertex/Google API 需要有效的 thought signatures
 	allowDummyThought := strings.HasPrefix(mappedModel, "gemini-")
 
+	// 检测是否启用 thinking
+	requestedThinkingEnabled := claudeReq.Thinking != nil && claudeReq.Thinking.Type == "enabled"
+	// 为避免 Claude 模型的 thought signature/消息块约束导致 400（上游要求 thinking 块开头等），
+	// 非 Gemini 模型默认不启用 thinking（除非未来支持完整签名链路）。
+	isThinkingEnabled := requestedThinkingEnabled && allowDummyThought
+
 	// 1. 构建 contents
 	contents, err := buildContents(claudeReq.Messages, toolIDToName, isThinkingEnabled, allowDummyThought)
 	if err != nil {
@@ -30,7 +34,15 @@ func TransformClaudeToGemini(claudeReq *ClaudeRequest, projectID, mappedModel st
 	systemInstruction := buildSystemInstruction(claudeReq.System, claudeReq.Model)
 
 	// 3. 构建 generationConfig
-	generationConfig := buildGenerationConfig(claudeReq)
+	reqForGen := claudeReq
+	if requestedThinkingEnabled && !allowDummyThought {
+		log.Printf("[Warning] Disabling thinking for non-Gemini model in antigravity transform: model=%s", mappedModel)
+		// shallow copy to avoid mutating caller's request
+		clone := *claudeReq
+		clone.Thinking = nil
+		reqForGen = &clone
+	}
+	generationConfig := buildGenerationConfig(reqForGen)
 
 	// 4. 构建 tools
 	tools := buildTools(claudeReq.Tools)
@@ -149,6 +161,7 @@ func buildContents(messages []ClaudeMessage, toolIDToName map[string]string, isT
 				parts = append([]GeminiPart{{
 					Text:             "Thinking...",
 					Thought:          true,
+					ThoughtSignature: dummyThoughtSignature,
 				}}, parts...)
 			}
 		}
@@ -170,6 +183,34 @@ func buildContents(messages []ClaudeMessage, toolIDToName map[string]string, isT
 // 参考: https://ai.google.dev/gemini-api/docs/thought-signatures
 const dummyThoughtSignature = "skip_thought_signature_validator"
 
+// isValidThoughtSignature 验证 thought signature 是否有效
+// Claude API 要求 signature 必须是 base64 编码的字符串，长度至少 32 字节
+func isValidThoughtSignature(signature string) bool {
+	// 空字符串无效
+	if signature == "" {
+		return false
+	}
+
+	// signature 应该是 base64 编码，长度至少 40 个字符（约 30 字节）
+	// 参考 Claude API 文档和实际观察到的有效 signature
+	if len(signature) < 40 {
+		log.Printf("[Debug] Signature too short: len=%d", len(signature))
+		return false
+	}
+
+	// 检查是否是有效的 base64 字符
+	// base64 字符集: A-Z, a-z, 0-9, +, /, =
+	for i, c := range signature {
+		if (c < 'A' || c > 'Z') && (c < 'a' || c > 'z') &&
+			(c < '0' || c > '9') && c != '+' && c != '/' && c != '=' {
+			log.Printf("[Debug] Invalid base64 character at position %d: %c (code=%d)", i, c, c)
+			return false
+		}
+	}
+
+	return true
+}
+
 // buildParts 构建消息的 parts
 // allowDummyThought: 只有 Gemini 模型支持 dummy thought signature
 func buildParts(content json.RawMessage, toolIDToName map[string]string, allowDummyThought bool) ([]GeminiPart, error) {
@@ -198,15 +239,30 @@ func buildParts(content json.RawMessage, toolIDToName map[string]string, allowDu
 			}
 
 		case "thinking":
-			part := GeminiPart{
+			if allowDummyThought {
+				// Gemini 模型可以使用 dummy signature
+				parts = append(parts, GeminiPart{
 					Text:             block.Thinking,
 					Thought:          true,
+					ThoughtSignature: dummyThoughtSignature,
+				})
+				continue
 			}
-			// 保留原有 signature（Claude 模型需要有效的 signature）
-			if block.Signature != "" {
-				part.ThoughtSignature = block.Signature
+
+			// Claude 模型：仅在提供有效 signature 时保留 thinking block；否则跳过以避免上游校验失败。
+			signature := strings.TrimSpace(block.Signature)
+			if signature == "" || signature == dummyThoughtSignature {
+				log.Printf("[Warning] Skipping thinking block for Claude model (missing or dummy signature)")
+				continue
 			}
-			parts = append(parts, part)
+			if !isValidThoughtSignature(signature) {
+				log.Printf("[Debug] Thinking signature may be invalid (passing through anyway): len=%d", len(signature))
+			}
+			parts = append(parts, GeminiPart{
+				Text:             block.Thinking,
+				Thought:          true,
+				ThoughtSignature: signature,
+			})
 
 		case "image":
 			if block.Source != nil && block.Source.Type == "base64" {
@@ -231,10 +287,9 @@ func buildParts(content json.RawMessage, toolIDToName map[string]string, allowDu
 					ID:   block.ID,
 				},
 			}
-			// 保留原有 signature，或对 Gemini 模型使用 dummy signature
-			if block.Signature != "" {
-				part.ThoughtSignature = block.Signature
-			} else if allowDummyThought {
+			// 只有 Gemini 模型使用 dummy signature
+			// Claude 模型不设置 signature（避免验证问题）
+			if allowDummyThought {
 				part.ThoughtSignature = dummyThoughtSignature
 			}
 			parts = append(parts, part)
@@ -378,13 +433,53 @@ func buildTools(tools []ClaudeTool) []GeminiToolDeclaration {
 
 	// 普通工具
 	var funcDecls []GeminiFunctionDecl
-	for _, tool := range tools {
+	for i, tool := range tools {
+		// 跳过无效工具名称
+		if strings.TrimSpace(tool.Name) == "" {
+			log.Printf("Warning: skipping tool with empty name")
+			continue
+		}
+
+		var description string
+		var inputSchema map[string]any
+
+		// 检查是否为 custom 类型工具 (MCP)
+		if tool.Type == "custom" {
+			if tool.Custom == nil || tool.Custom.InputSchema == nil {
+				log.Printf("[Warning] Skipping invalid custom tool '%s': missing custom spec or input_schema", tool.Name)
+				continue
+			}
+			description = tool.Custom.Description
+			inputSchema = tool.Custom.InputSchema
+
+			// 调试日志：记录 custom 工具的 schema
+			if schemaJSON, err := json.Marshal(inputSchema); err == nil {
+				log.Printf("[Debug] Tool[%d] '%s' (custom) original schema: %s", i, tool.Name, string(schemaJSON))
+			}
+		} else {
+			// 标准格式: 从顶层字段获取
+			description = tool.Description
+			inputSchema = tool.InputSchema
+		}
+
 		// 清理 JSON Schema
-		params := cleanJSONSchema(tool.InputSchema)
+		params := cleanJSONSchema(inputSchema)
+		// 为 nil schema 提供默认值
+		if params == nil {
+			params = map[string]any{
+				"type":       "OBJECT",
+				"properties": map[string]any{},
+			}
+		}
+
+		// 调试日志：记录清理后的 schema
+		if paramsJSON, err := json.Marshal(params); err == nil {
+			log.Printf("[Debug] Tool[%d] '%s' cleaned schema: %s", i, tool.Name, string(paramsJSON))
+		}
 
 		funcDecls = append(funcDecls, GeminiFunctionDecl{
 			Name:        tool.Name,
-			Description: tool.Description,
+			Description: description,
 			Parameters:  params,
 		})
 	}
@@ -443,24 +538,54 @@ func cleanJSONSchema(schema map[string]any) map[string]any {
 }
 
 // excludedSchemaKeys 不支持的 schema 字段
+// 基于 Claude API (Vertex AI) 的实际支持情况
+// 支持: type, description, enum, properties, required, additionalProperties, items
+// 不支持: minItems, maxItems, minLength, maxLength, pattern, minimum, maximum 等验证字段
 var excludedSchemaKeys = map[string]bool{
+	// 元 schema 字段
 	"$schema": true,
 	"$id":     true,
 	"$ref":    true,
-	"additionalProperties": true,
+
+	// 字符串验证（Gemini 不支持）
 	"minLength": true,
 	"maxLength": true,
-	"minItems":             true,
-	"maxItems":             true,
-	"uniqueItems":          true,
+	"pattern":   true,
+
+	// 数字验证（Claude API 通过 Vertex AI 不支持这些字段）
 	"minimum":          true,
 	"maximum":          true,
 	"exclusiveMinimum": true,
 	"exclusiveMaximum": true,
-	"pattern":              true,
-	"format":               true,
+	"multipleOf":       true,
+
+	// 数组验证（Claude API 通过 Vertex AI 不支持这些字段）
+	"uniqueItems": true,
+	"minItems":    true,
+	"maxItems":    true,
+
+	// 组合 schema（Gemini 不支持）
+	"oneOf":       true,
+	"anyOf":       true,
+	"allOf":       true,
+	"not":         true,
+	"if":          true,
+	"then":        true,
+	"else":        true,
+	"$defs":       true,
+	"definitions": true,
+
+	// 对象验证（仅保留 properties/required/additionalProperties）
+	"minProperties":     true,
+	"maxProperties":     true,
+	"patternProperties": true,
+	"propertyNames":     true,
+	"dependencies":      true,
+	"dependentSchemas":  true,
+	"dependentRequired": true,
+
+	// 其他不支持的字段
 	"default":          true,
-	"strict":               true,
 	"const":            true,
 	"examples":         true,
 	"deprecated":       true,
@@ -468,6 +593,9 @@ var excludedSchemaKeys = map[string]bool{
 	"writeOnly":        true,
 	"contentMediaType": true,
 	"contentEncoding":  true,
+
+	// Claude 特有字段
+	"strict": true,
 }
 
 // cleanSchemaValue 递归清理 schema 值
@@ -487,6 +615,31 @@ func cleanSchemaValue(value any) any {
 				continue
 			}
 
+			// 特殊处理 format 字段：只保留 Gemini 支持的 format 值
+			if k == "format" {
+				if formatStr, ok := val.(string); ok {
+					// Gemini 只支持 date-time, date, time
+					if formatStr == "date-time" || formatStr == "date" || formatStr == "time" {
+						result[k] = val
+					}
+					// 其他 format 值直接跳过
+				}
+				continue
+			}
+
+			// 特殊处理 additionalProperties：Claude API 只支持布尔值，不支持 schema 对象
+			if k == "additionalProperties" {
+				if boolVal, ok := val.(bool); ok {
+					result[k] = boolVal
+					log.Printf("[Debug] additionalProperties is bool: %v", boolVal)
+				} else {
+					// 如果是 schema 对象，转换为 false（更安全的默认值）
+					result[k] = false
+					log.Printf("[Debug] additionalProperties is not bool (type: %T), converting to false", val)
+				}
+				continue
+			}
+
 			// 递归清理所有值
 			result[k] = cleanSchemaValue(val)
 		}

backend/internal/pkg/antigravity/request_transformer_test.go

+package antigravity
+
+import (
+	"encoding/json"
+	"testing"
+)
+
+// TestBuildParts_ThinkingBlockWithoutSignature 测试thinking block无signature时的处理
+func TestBuildParts_ThinkingBlockWithoutSignature(t *testing.T) {
+	tests := []struct {
+		name              string
+		content           string
+		allowDummyThought bool
+		expectedParts     int
+		description       string
+	}{
+		{
+			name: "Claude model - skip thinking block without signature",
+			content: `[
+				{"type": "text", "text": "Hello"},
+				{"type": "thinking", "thinking": "Let me think...", "signature": ""},
+				{"type": "text", "text": "World"}
+			]`,
+			allowDummyThought: false,
+			expectedParts:     2, // 只有两个text block
+			description:       "Claude模型应该跳过无signature的thinking block",
+		},
+		{
+			name: "Claude model - keep thinking block with signature",
+			content: `[
+				{"type": "text", "text": "Hello"},
+				{"type": "thinking", "thinking": "Let me think...", "signature": "valid_sig"},
+				{"type": "text", "text": "World"}
+			]`,
+			allowDummyThought: false,
+			expectedParts:     3, // 三个block都保留
+			description:       "Claude模型应该保留有signature的thinking block",
+		},
+		{
+			name: "Gemini model - use dummy signature",
+			content: `[
+				{"type": "text", "text": "Hello"},
+				{"type": "thinking", "thinking": "Let me think...", "signature": ""},
+				{"type": "text", "text": "World"}
+			]`,
+			allowDummyThought: true,
+			expectedParts:     3, // 三个block都保留，thinking使用dummy signature
+			description:       "Gemini模型应该为无signature的thinking block使用dummy signature",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			toolIDToName := make(map[string]string)
+			parts, err := buildParts(json.RawMessage(tt.content), toolIDToName, tt.allowDummyThought)
+
+			if err != nil {
+				t.Fatalf("buildParts() error = %v", err)
+			}
+
+			if len(parts) != tt.expectedParts {
+				t.Errorf("%s: got %d parts, want %d parts", tt.description, len(parts), tt.expectedParts)
+			}
+		})
+	}
+}
+
+// TestBuildTools_CustomTypeTools 测试custom类型工具转换
+func TestBuildTools_CustomTypeTools(t *testing.T) {
+	tests := []struct {
+		name        string
+		tools       []ClaudeTool
+		expectedLen int
+		description string
+	}{
+		{
+			name: "Standard tool format",
+			tools: []ClaudeTool{
+				{
+					Name:        "get_weather",
+					Description: "Get weather information",
+					InputSchema: map[string]any{
+						"type": "object",
+						"properties": map[string]any{
+							"location": map[string]any{"type": "string"},
+						},
+					},
+				},
+			},
+			expectedLen: 1,
+			description: "标准工具格式应该正常转换",
+		},
+		{
+			name: "Custom type tool (MCP format)",
+			tools: []ClaudeTool{
+				{
+					Type: "custom",
+					Name: "mcp_tool",
+					Custom: &CustomToolSpec{
+						Description: "MCP tool description",
+						InputSchema: map[string]any{
+							"type": "object",
+							"properties": map[string]any{
+								"param": map[string]any{"type": "string"},
+							},
+						},
+					},
+				},
+			},
+			expectedLen: 1,
+			description: "Custom类型工具应该从Custom字段读取description和input_schema",
+		},
+		{
+			name: "Mixed standard and custom tools",
+			tools: []ClaudeTool{
+				{
+					Name:        "standard_tool",
+					Description: "Standard tool",
+					InputSchema: map[string]any{"type": "object"},
+				},
+				{
+					Type: "custom",
+					Name: "custom_tool",
+					Custom: &CustomToolSpec{
+						Description: "Custom tool",
+						InputSchema: map[string]any{"type": "object"},
+					},
+				},
+			},
+			expectedLen: 1, // 返回一个GeminiToolDeclaration，包含2个function declarations
+			description: "混合标准和custom工具应该都能正确转换",
+		},
+		{
+			name: "Invalid custom tool - nil Custom field",
+			tools: []ClaudeTool{
+				{
+					Type: "custom",
+					Name: "invalid_custom",
+					// Custom 为 nil
+				},
+			},
+			expectedLen: 0, // 应该被跳过
+			description: "Custom字段为nil的custom工具应该被跳过",
+		},
+		{
+			name: "Invalid custom tool - nil InputSchema",
+			tools: []ClaudeTool{
+				{
+					Type: "custom",
+					Name: "invalid_custom",
+					Custom: &CustomToolSpec{
+						Description: "Invalid",
+						// InputSchema 为 nil
+					},
+				},
+			},
+			expectedLen: 0, // 应该被跳过
+			description: "InputSchema为nil的custom工具应该被跳过",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := buildTools(tt.tools)
+
+			if len(result) != tt.expectedLen {
+				t.Errorf("%s: got %d tool declarations, want %d", tt.description, len(result), tt.expectedLen)
+			}
+
+			// 验证function declarations存在
+			if len(result) > 0 && result[0].FunctionDeclarations != nil {
+				if len(result[0].FunctionDeclarations) != len(tt.tools) {
+					t.Errorf("%s: got %d function declarations, want %d",
+						tt.description, len(result[0].FunctionDeclarations), len(tt.tools))
+				}
+			}
+		})
+	}
+}

backend/internal/pkg/claude/constants.go

@@ -16,6 +16,12 @@ const DefaultBetaHeader = BetaClaudeCode + "," + BetaOAuth + "," + BetaInterleav
 // HaikuBetaHeader Haiku 模型使用的 anthropic-beta header（不需要 claude-code beta）
 const HaikuBetaHeader = BetaOAuth + "," + BetaInterleavedThinking
 
+// ApiKeyBetaHeader API-key 账号建议使用的 anthropic-beta header（不包含 oauth）
+const ApiKeyBetaHeader = BetaClaudeCode + "," + BetaInterleavedThinking + "," + BetaFineGrainedToolStreaming
+
+// ApiKeyHaikuBetaHeader Haiku 模型在 API-key 账号下使用的 anthropic-beta header（不包含 oauth / claude-code）
+const ApiKeyHaikuBetaHeader = BetaInterleavedThinking
+
 // Claude Code 客户端默认请求头
 var DefaultHeaders = map[string]string{
 	"User-Agent":                                "claude-cli/2.0.62 (external, cli)",

backend/internal/pkg/httpclient/pool.go

+// Package httpclient 提供共享 HTTP 客户端池
+//
+// 性能优化说明：
+// 原实现在多个服务中重复创建 http.Client：
+// 1. proxy_probe_service.go: 每次探测创建新客户端
+// 2. pricing_service.go: 每次请求创建新客户端
+// 3. turnstile_service.go: 每次验证创建新客户端
+// 4. github_release_service.go: 每次请求创建新客户端
+// 5. claude_usage_service.go: 每次请求创建新客户端
+//
+// 新实现使用统一的客户端池：
+// 1. 相同配置复用同一 http.Client 实例
+// 2. 复用 Transport 连接池，减少 TCP/TLS 握手开销
+// 3. 支持 HTTP/HTTPS/SOCKS5 代理
+// 4. 支持严格代理模式（代理失败则返回错误）
+package httpclient
+
+import (
+	"context"
+	"crypto/tls"
+	"fmt"
+	"net"
+	"net/http"
+	"net/url"
+	"strings"
+	"sync"
+	"time"
+
+	"golang.org/x/net/proxy"
+)
+
+// Transport 连接池默认配置
+const (
+	defaultMaxIdleConns        = 100              // 最大空闲连接数
+	defaultMaxIdleConnsPerHost = 10               // 每个主机最大空闲连接数
+	defaultIdleConnTimeout     = 90 * time.Second // 空闲连接超时时间
+)
+
+// Options 定义共享 HTTP 客户端的构建参数
+type Options struct {
+	ProxyURL              string        // 代理 URL（支持 http/https/socks5）
+	Timeout               time.Duration // 请求总超时时间
+	ResponseHeaderTimeout time.Duration // 等待响应头超时时间
+	InsecureSkipVerify    bool          // 是否跳过 TLS 证书验证
+	ProxyStrict           bool          // 严格代理模式：代理失败时返回错误而非回退
+
+	// 可选的连接池参数（不设置则使用默认值）
+	MaxIdleConns        int // 最大空闲连接总数（默认 100）
+	MaxIdleConnsPerHost int // 每主机最大空闲连接（默认 10）
+	MaxConnsPerHost     int // 每主机最大连接数（默认 0 无限制）
+}
+
+// sharedClients 存储按配置参数缓存的 http.Client 实例
+var sharedClients sync.Map
+
+// GetClient 返回共享的 HTTP 客户端实例
+// 性能优化：相同配置复用同一客户端，避免重复创建 Transport
+func GetClient(opts Options) (*http.Client, error) {
+	key := buildClientKey(opts)
+	if cached, ok := sharedClients.Load(key); ok {
+		if client, ok := cached.(*http.Client); ok {
+			return client, nil
+		}
+	}
+
+	client, err := buildClient(opts)
+	if err != nil {
+		if opts.ProxyStrict {
+			return nil, err
+		}
+		fallback := opts
+		fallback.ProxyURL = ""
+		client, _ = buildClient(fallback)
+	}
+
+	actual, _ := sharedClients.LoadOrStore(key, client)
+	if c, ok := actual.(*http.Client); ok {
+		return c, nil
+	}
+	return client, nil
+}
+
+func buildClient(opts Options) (*http.Client, error) {
+	transport, err := buildTransport(opts)
+	if err != nil {
+		return nil, err
+	}
+
+	return &http.Client{
+		Transport: transport,
+		Timeout:   opts.Timeout,
+	}, nil
+}
+
+func buildTransport(opts Options) (*http.Transport, error) {
+	// 使用自定义值或默认值
+	maxIdleConns := opts.MaxIdleConns
+	if maxIdleConns <= 0 {
+		maxIdleConns = defaultMaxIdleConns
+	}
+	maxIdleConnsPerHost := opts.MaxIdleConnsPerHost
+	if maxIdleConnsPerHost <= 0 {
+		maxIdleConnsPerHost = defaultMaxIdleConnsPerHost
+	}
+
+	transport := &http.Transport{
+		MaxIdleConns:          maxIdleConns,
+		MaxIdleConnsPerHost:   maxIdleConnsPerHost,
+		MaxConnsPerHost:       opts.MaxConnsPerHost, // 0 表示无限制
+		IdleConnTimeout:       defaultIdleConnTimeout,
+		ResponseHeaderTimeout: opts.ResponseHeaderTimeout,
+	}
+
+	if opts.InsecureSkipVerify {
+		transport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
+	}
+
+	proxyURL := strings.TrimSpace(opts.ProxyURL)
+	if proxyURL == "" {
+		return transport, nil
+	}
+
+	parsed, err := url.Parse(proxyURL)
+	if err != nil {
+		return nil, err
+	}
+
+	switch strings.ToLower(parsed.Scheme) {
+	case "http", "https":
+		transport.Proxy = http.ProxyURL(parsed)
+	case "socks5", "socks5h":
+		dialer, err := proxy.FromURL(parsed, proxy.Direct)
+		if err != nil {
+			return nil, err
+		}
+		transport.DialContext = func(ctx context.Context, network, addr string) (net.Conn, error) {
+			return dialer.Dial(network, addr)
+		}
+	default:
+		return nil, fmt.Errorf("unsupported proxy protocol: %s", parsed.Scheme)
+	}
+
+	return transport, nil
+}
+
+func buildClientKey(opts Options) string {
+	return fmt.Sprintf("%s|%s|%s|%t|%t|%d|%d|%d",
+		strings.TrimSpace(opts.ProxyURL),
+		opts.Timeout.String(),
+		opts.ResponseHeaderTimeout.String(),
+		opts.InsecureSkipVerify,
+		opts.ProxyStrict,
+		opts.MaxIdleConns,
+		opts.MaxIdleConnsPerHost,
+		opts.MaxConnsPerHost,
+	)
+}

backend/internal/pkg/response/response.go

@@ -4,7 +4,7 @@ import (
 	"math"
 	"net/http"
 
-	infraerrors "github.com/Wei-Shaw/sub2api/internal/infrastructure/errors"
+	infraerrors "github.com/Wei-Shaw/sub2api/internal/pkg/errors"
 	"github.com/gin-gonic/gin"
 )
 

backend/internal/pkg/response/response_test.go

@@ -9,7 +9,7 @@ import (
 	"net/http/httptest"
 	"testing"
 
-	infraerrors "github.com/Wei-Shaw/sub2api/internal/infrastructure/errors"
+	errors2 "github.com/Wei-Shaw/sub2api/internal/pkg/errors"
 	"github.com/gin-gonic/gin"
 	"github.com/stretchr/testify/require"
 )
@@ -82,7 +82,7 @@ func TestErrorFrom(t *testing.T) {
 		},
 		{
 			name:         "application_error",
-			err:          infraerrors.Forbidden("FORBIDDEN", "no access").WithMetadata(map[string]string{"scope": "admin"}),
+			err:          errors2.Forbidden("FORBIDDEN", "no access").WithMetadata(map[string]string{"scope": "admin"}),
 			wantWritten:  true,
 			wantHTTPCode: http.StatusForbidden,
 			wantBody: Response{
@@ -94,7 +94,7 @@ func TestErrorFrom(t *testing.T) {
 		},
 		{
 			name:         "bad_request_error",
-			err:          infraerrors.BadRequest("INVALID_REQUEST", "invalid request"),
+			err:          errors2.BadRequest("INVALID_REQUEST", "invalid request"),
 			wantWritten:  true,
 			wantHTTPCode: http.StatusBadRequest,
 			wantBody: Response{
@@ -105,7 +105,7 @@ func TestErrorFrom(t *testing.T) {
 		},
 		{
 			name:         "unauthorized_error",
-			err:          infraerrors.Unauthorized("UNAUTHORIZED", "unauthorized"),
+			err:          errors2.Unauthorized("UNAUTHORIZED", "unauthorized"),
 			wantWritten:  true,
 			wantHTTPCode: http.StatusUnauthorized,
 			wantBody: Response{
@@ -116,7 +116,7 @@ func TestErrorFrom(t *testing.T) {
 		},
 		{
 			name:         "not_found_error",
-			err:          infraerrors.NotFound("NOT_FOUND", "not found"),
+			err:          errors2.NotFound("NOT_FOUND", "not found"),
 			wantWritten:  true,
 			wantHTTPCode: http.StatusNotFound,
 			wantBody: Response{
@@ -127,7 +127,7 @@ func TestErrorFrom(t *testing.T) {
 		},
 		{
 			name:         "conflict_error",
-			err:          infraerrors.Conflict("CONFLICT", "conflict"),
+			err:          errors2.Conflict("CONFLICT", "conflict"),
 			wantWritten:  true,
 			wantHTTPCode: http.StatusConflict,
 			wantBody: Response{
@@ -143,7 +143,7 @@ func TestErrorFrom(t *testing.T) {
 			wantHTTPCode: http.StatusInternalServerError,
 			wantBody: Response{
 				Code:    http.StatusInternalServerError,
-				Message: infraerrors.UnknownMessage,
+				Message: errors2.UnknownMessage,
 			},
 		},
 	}

backend/internal/repository/account_repo.go

@@ -14,6 +14,7 @@ import (
 	"context"
 	"database/sql"
 	"encoding/json"
+	"errors"
 	"strconv"
 	"time"
 
@@ -56,7 +57,7 @@ func newAccountRepositoryWithSQL(client *dbent.Client, sqlq sqlExecutor) *accoun
 
 func (r *accountRepository) Create(ctx context.Context, account *service.Account) error {
 	if account == nil {
-		return nil
+		return service.ErrAccountNilInput
 	}
 
 	builder := r.client.Account.Create().
@@ -98,7 +99,7 @@ func (r *accountRepository) Create(ctx context.Context, account *service.Account
 
 	created, err := builder.Save(ctx)
 	if err != nil {
-		return err
+		return translatePersistenceError(err, service.ErrAccountNotFound, nil)
 	}
 
 	account.ID = created.ID
@@ -231,11 +232,32 @@ func (r *accountRepository) Update(ctx context.Context, account *service.Account
 }
 
 func (r *accountRepository) Delete(ctx context.Context, id int64) error {
-	if _, err := r.client.AccountGroup.Delete().Where(dbaccountgroup.AccountIDEQ(id)).Exec(ctx); err != nil {
+	// 使用事务保证账号与关联分组的删除原子性
+	tx, err := r.client.Tx(ctx)
+	if err != nil && !errors.Is(err, dbent.ErrTxStarted) {
+		return err
+	}
+
+	var txClient *dbent.Client
+	if err == nil {
+		defer func() { _ = tx.Rollback() }()
+		txClient = tx.Client()
+	} else {
+		// 已处于外部事务中（ErrTxStarted），复用当前 client
+		txClient = r.client
+	}
+
+	if _, err := txClient.AccountGroup.Delete().Where(dbaccountgroup.AccountIDEQ(id)).Exec(ctx); err != nil {
 		return err
 	}
-	_, err := r.client.Account.Delete().Where(dbaccount.IDEQ(id)).Exec(ctx)
+	if _, err := txClient.Account.Delete().Where(dbaccount.IDEQ(id)).Exec(ctx); err != nil {
 		return err
+	}
+
+	if tx != nil {
+		return tx.Commit()
+	}
+	return nil
 }
 
 func (r *accountRepository) List(ctx context.Context, params pagination.PaginationParams) ([]service.Account, *pagination.PaginationResult, error) {
@@ -393,25 +415,49 @@ func (r *accountRepository) GetGroups(ctx context.Context, accountID int64) ([]s
 }
 
 func (r *accountRepository) BindGroups(ctx context.Context, accountID int64, groupIDs []int64) error {
-	if _, err := r.client.AccountGroup.Delete().Where(dbaccountgroup.AccountIDEQ(accountID)).Exec(ctx); err != nil {
+	// 使用事务保证删除旧绑定与创建新绑定的原子性
+	tx, err := r.client.Tx(ctx)
+	if err != nil && !errors.Is(err, dbent.ErrTxStarted) {
+		return err
+	}
+
+	var txClient *dbent.Client
+	if err == nil {
+		defer func() { _ = tx.Rollback() }()
+		txClient = tx.Client()
+	} else {
+		// 已处于外部事务中（ErrTxStarted），复用当前 client
+		txClient = r.client
+	}
+
+	if _, err := txClient.AccountGroup.Delete().Where(dbaccountgroup.AccountIDEQ(accountID)).Exec(ctx); err != nil {
 		return err
 	}
 
 	if len(groupIDs) == 0 {
+		if tx != nil {
+			return tx.Commit()
+		}
 		return nil
 	}
 
 	builders := make([]*dbent.AccountGroupCreate, 0, len(groupIDs))
 	for i, groupID := range groupIDs {
-		builders = append(builders, r.client.AccountGroup.Create().
+		builders = append(builders, txClient.AccountGroup.Create().
 			SetAccountID(accountID).
 			SetGroupID(groupID).
 			SetPriority(i+1),
 		)
 	}
 
-	_, err := r.client.AccountGroup.CreateBulk(builders...).Save(ctx)
+	if _, err := txClient.AccountGroup.CreateBulk(builders...).Save(ctx); err != nil {
 		return err
+	}
+
+	if tx != nil {
+		return tx.Commit()
+	}
+	return nil
 }
 
 func (r *accountRepository) ListSchedulable(ctx context.Context) ([]service.Account, error) {
@@ -555,24 +601,30 @@ func (r *accountRepository) UpdateExtra(ctx context.Context, id int64, updates m
 		return nil
 	}
 
-	accountExtra, err := r.client.Account.Query().
-		Where(dbaccount.IDEQ(id)).
-		Select(dbaccount.FieldExtra).
-		Only(ctx)
+	// 使用 JSONB 合并操作实现原子更新，避免读-改-写的并发丢失更新问题
+	payload, err := json.Marshal(updates)
 	if err != nil {
-		return translatePersistenceError(err, service.ErrAccountNotFound, nil)
+		return err
 	}
 
-	extra := normalizeJSONMap(accountExtra.Extra)
-	for k, v := range updates {
-		extra[k] = v
+	client := clientFromContext(ctx, r.client)
+	result, err := client.ExecContext(
+		ctx,
+		"UPDATE accounts SET extra = COALESCE(extra, '{}'::jsonb) || $1::jsonb, updated_at = NOW() WHERE id = $2 AND deleted_at IS NULL",
+		payload, id,
+	)
+	if err != nil {
+		return err
 	}
 
-	_, err = r.client.Account.Update().
-		Where(dbaccount.IDEQ(id)).
-		SetExtra(extra).
-		Save(ctx)
+	affected, err := result.RowsAffected()
+	if err != nil {
 		return err
+	}
+	if affected == 0 {
+		return service.ErrAccountNotFound
+	}
+	return nil
 }
 
 func (r *accountRepository) BulkUpdate(ctx context.Context, ids []int64, updates service.AccountBulkUpdate) (int64, error) {

backend/internal/repository/api_key_repo.go

@@ -322,6 +322,7 @@ func groupEntityToService(g *dbent.Group) *service.Group {
 		DailyLimitUSD:       g.DailyLimitUsd,
 		WeeklyLimitUSD:      g.WeeklyLimitUsd,
 		MonthlyLimitUSD:     g.MonthlyLimitUsd,
+		DefaultValidityDays: g.DefaultValidityDays,
 		CreatedAt:           g.CreatedAt,
 		UpdatedAt:           g.UpdatedAt,
 	}

backend/internal/repository/claude_oauth_service.go

@@ -233,15 +233,11 @@ func (s *claudeOAuthService) RefreshToken(ctx context.Context, refreshToken, pro
 }
 
 func createReqClient(proxyURL string) *req.Client {
-	client := req.C().
-		ImpersonateChrome().
-		SetTimeout(60 * time.Second)
-
-	if proxyURL != "" {
-		client.SetProxyURL(proxyURL)
-	}
-
-	return client
+	return getSharedReqClient(reqClientOptions{
+		ProxyURL:    proxyURL,
+		Timeout:     60 * time.Second,
+		Impersonate: true,
+	})
 }
 
 func prefix(s string, n int) string {

backend/internal/repository/claude_usage_service.go

@@ -6,9 +6,9 @@ import (
 	"fmt"
 	"io"
 	"net/http"
-	"net/url"
 	"time"
 
+	"github.com/Wei-Shaw/sub2api/internal/pkg/httpclient"
 	"github.com/Wei-Shaw/sub2api/internal/service"
 )
 
@@ -23,20 +23,12 @@ func NewClaudeUsageFetcher() service.ClaudeUsageFetcher {
 }
 
 func (s *claudeUsageService) FetchUsage(ctx context.Context, accessToken, proxyURL string) (*service.ClaudeUsageResponse, error) {
-	transport, ok := http.DefaultTransport.(*http.Transport)
-	if !ok {
-		return nil, fmt.Errorf("failed to get default transport")
-	}
-	transport = transport.Clone()
-	if proxyURL != "" {
-		if parsedURL, err := url.Parse(proxyURL); err == nil {
-			transport.Proxy = http.ProxyURL(parsedURL)
-		}
-	}
-
-	client := &http.Client{
-		Transport: transport,
+	client, err := httpclient.GetClient(httpclient.Options{
+		ProxyURL: proxyURL,
 		Timeout:  30 * time.Second,
+	})
+	if err != nil {
+		client = &http.Client{Timeout: 30 * time.Second}
 	}
 
 	req, err := http.NewRequestWithContext(ctx, "GET", s.usageURL, nil)

backend/internal/repository/concurrency_cache.go

@@ -2,68 +2,95 @@ package repository
 
 import (
 	"context"
+	"errors"
 	"fmt"
-	"time"
+	"strconv"
 
 	"github.com/Wei-Shaw/sub2api/internal/service"
 	"github.com/redis/go-redis/v9"
 )
 
+// 并发控制缓存常量定义
+//
+// 性能优化说明：
+// 原实现使用 SCAN 命令遍历独立的槽位键（concurrency:account:{id}:{requestID}），
+// 在高并发场景下 SCAN 需要多次往返，且遍历大量键时性能下降明显。
+//
+// 新实现改用 Redis 有序集合（Sorted Set）：
+// 1. 每个账号/用户只有一个键，成员为 requestID，分数为时间戳
+// 2. 使用 ZCARD 原子获取并发数，时间复杂度 O(1)
+// 3. 使用 ZREMRANGEBYSCORE 清理过期槽位，避免手动管理 TTL
+// 4. 单次 Redis 调用完成计数，减少网络往返
 const (
-	// Key prefixes for independent slot keys
-	// Format: concurrency:account:{accountID}:{requestID}
+	// 并发槽位键前缀（有序集合）
+	// 格式: concurrency:account:{accountID}
 	accountSlotKeyPrefix = "concurrency:account:"
-	// Format: concurrency:user:{userID}:{requestID}
+	// 格式: concurrency:user:{userID}
 	userSlotKeyPrefix = "concurrency:user:"
-	// Wait queue keeps counter format: concurrency:wait:{userID}
+	// 等待队列计数器格式: concurrency:wait:{userID}
 	waitQueueKeyPrefix = "concurrency:wait:"
+	// 账号级等待队列计数器格式: wait:account:{accountID}
+	accountWaitKeyPrefix = "wait:account:"
 
-	// Slot TTL - each slot expires independently
-	slotTTL = 5 * time.Minute
+	// 默认槽位过期时间（分钟），可通过配置覆盖
+	defaultSlotTTLMinutes = 15
 )
 
 var (
-	// acquireScript uses SCAN to count existing slots and creates new slot if under limit
-	// KEYS[1] = pattern for SCAN (e.g., "concurrency:account:2:*")
-	// KEYS[2] = full slot key (e.g., "concurrency:account:2:req_xxx")
+	// acquireScript 使用有序集合计数并在未达上限时添加槽位
+	// 使用 Redis TIME 命令获取服务器时间，避免多实例时钟不同步问题
+	// KEYS[1] = 有序集合键 (concurrency:account:{id} / concurrency:user:{id})
 	// ARGV[1] = maxConcurrency
-	// ARGV[2] = TTL in seconds
+	// ARGV[2] = TTL（秒）
+	// ARGV[3] = requestID
 	acquireScript = redis.NewScript(`
-		local pattern = KEYS[1]
-		local slotKey = KEYS[2]
+		local key = KEYS[1]
 		local maxConcurrency = tonumber(ARGV[1])
 		local ttl = tonumber(ARGV[2])
+		local requestID = ARGV[3]
+
+		-- 使用 Redis 服务器时间，确保多实例时钟一致
+		local timeResult = redis.call('TIME')
+		local now = tonumber(timeResult[1])
+		local expireBefore = now - ttl
+
+		-- 清理过期槽位
+		redis.call('ZREMRANGEBYSCORE', key, '-inf', expireBefore)
 
-		-- Count existing slots using SCAN
-		local cursor = "0"
-		local count = 0
-		repeat
-			local result = redis.call('SCAN', cursor, 'MATCH', pattern, 'COUNT', 100)
-			cursor = result[1]
-			count = count + #result[2]
-		until cursor == "0"
+		-- 检查是否已存在（支持重试场景刷新时间戳）
+		local exists = redis.call('ZSCORE', key, requestID)
+		if exists ~= false then
+			redis.call('ZADD', key, now, requestID)
+			redis.call('EXPIRE', key, ttl)
+			return 1
+		end
 
-		-- Check if we can acquire a slot
+		-- 检查是否达到并发上限
+		local count = redis.call('ZCARD', key)
 		if count < maxConcurrency then
-			redis.call('SET', slotKey, '1', 'EX', ttl)
+			redis.call('ZADD', key, now, requestID)
+			redis.call('EXPIRE', key, ttl)
 			return 1
 		end
 
 		return 0
 	`)
 
-	// getCountScript counts slots using SCAN
-	// KEYS[1] = pattern for SCAN
+	// getCountScript 统计有序集合中的槽位数量并清理过期条目
+	// 使用 Redis TIME 命令获取服务器时间
+	// KEYS[1] = 有序集合键
+	// ARGV[1] = TTL（秒）
 	getCountScript = redis.NewScript(`
-		local pattern = KEYS[1]
-		local cursor = "0"
-		local count = 0
-		repeat
-			local result = redis.call('SCAN', cursor, 'MATCH', pattern, 'COUNT', 100)
-			cursor = result[1]
-			count = count + #result[2]
-		until cursor == "0"
-		return count
+		local key = KEYS[1]
+		local ttl = tonumber(ARGV[1])
+
+		-- 使用 Redis 服务器时间
+		local timeResult = redis.call('TIME')
+		local now = tonumber(timeResult[1])
+		local expireBefore = now - ttl
+
+		redis.call('ZREMRANGEBYSCORE', key, '-inf', expireBefore)
+		return redis.call('ZCARD', key)
 	`)
 
 	// incrementWaitScript - only sets TTL on first creation to avoid refreshing
@@ -92,6 +119,29 @@ var (
 			return 1
 		`)
 
+	// incrementAccountWaitScript - account-level wait queue count
+	incrementAccountWaitScript = redis.NewScript(`
+			local current = redis.call('GET', KEYS[1])
+			if current == false then
+				current = 0
+			else
+				current = tonumber(current)
+			end
+
+			if current >= tonumber(ARGV[1]) then
+				return 0
+			end
+
+			local newVal = redis.call('INCR', KEYS[1])
+
+			-- Only set TTL on first creation to avoid refreshing zombie data
+			if newVal == 1 then
+				redis.call('EXPIRE', KEYS[1], ARGV[2])
+			end
+
+			return 1
+		`)
+
 	// decrementWaitScript - same as before
 	decrementWaitScript = redis.NewScript(`
 			local current = redis.call('GET', KEYS[1])
@@ -100,44 +150,104 @@ var (
 			end
 			return 1
 		`)
+
+	// getAccountsLoadBatchScript - batch load query (read-only)
+	// ARGV[1] = slot TTL (seconds, retained for compatibility)
+	// ARGV[2..n] = accountID1, maxConcurrency1, accountID2, maxConcurrency2, ...
+	getAccountsLoadBatchScript = redis.NewScript(`
+			local result = {}
+
+			local i = 2
+			while i <= #ARGV do
+				local accountID = ARGV[i]
+				local maxConcurrency = tonumber(ARGV[i + 1])
+
+				local slotKey = 'concurrency:account:' .. accountID
+				local currentConcurrency = redis.call('ZCARD', slotKey)
+
+				local waitKey = 'wait:account:' .. accountID
+				local waitingCount = redis.call('GET', waitKey)
+				if waitingCount == false then
+					waitingCount = 0
+				else
+					waitingCount = tonumber(waitingCount)
+				end
+
+				local loadRate = 0
+				if maxConcurrency > 0 then
+					loadRate = math.floor((currentConcurrency + waitingCount) * 100 / maxConcurrency)
+				end
+
+				table.insert(result, accountID)
+				table.insert(result, currentConcurrency)
+				table.insert(result, waitingCount)
+				table.insert(result, loadRate)
+
+				i = i + 2
+			end
+
+			return result
+		`)
+
+	// cleanupExpiredSlotsScript - remove expired slots
+	// KEYS[1] = concurrency:account:{accountID}
+	// ARGV[1] = TTL (seconds)
+	cleanupExpiredSlotsScript = redis.NewScript(`
+			local key = KEYS[1]
+			local ttl = tonumber(ARGV[1])
+			local timeResult = redis.call('TIME')
+			local now = tonumber(timeResult[1])
+			local expireBefore = now - ttl
+			return redis.call('ZREMRANGEBYSCORE', key, '-inf', expireBefore)
+		`)
 )
 
 type concurrencyCache struct {
 	rdb                 *redis.Client
+	slotTTLSeconds      int // 槽位过期时间（秒）
+	waitQueueTTLSeconds int // 等待队列过期时间（秒）
 }
 
-func NewConcurrencyCache(rdb *redis.Client) service.ConcurrencyCache {
-	return &concurrencyCache{rdb: rdb}
+// NewConcurrencyCache 创建并发控制缓存
+// slotTTLMinutes: 槽位过期时间（分钟），0 或负数使用默认值 15 分钟
+// waitQueueTTLSeconds: 等待队列过期时间（秒），0 或负数使用 slot TTL
+func NewConcurrencyCache(rdb *redis.Client, slotTTLMinutes int, waitQueueTTLSeconds int) service.ConcurrencyCache {
+	if slotTTLMinutes <= 0 {
+		slotTTLMinutes = defaultSlotTTLMinutes
+	}
+	if waitQueueTTLSeconds <= 0 {
+		waitQueueTTLSeconds = slotTTLMinutes * 60
+	}
+	return &concurrencyCache{
+		rdb:                 rdb,
+		slotTTLSeconds:      slotTTLMinutes * 60,
+		waitQueueTTLSeconds: waitQueueTTLSeconds,
+	}
 }
 
 // Helper functions for key generation
-func accountSlotKey(accountID int64, requestID string) string {
-	return fmt.Sprintf("%s%d:%s", accountSlotKeyPrefix, accountID, requestID)
-}
-
-func accountSlotPattern(accountID int64) string {
-	return fmt.Sprintf("%s%d:*", accountSlotKeyPrefix, accountID)
-}
-
-func userSlotKey(userID int64, requestID string) string {
-	return fmt.Sprintf("%s%d:%s", userSlotKeyPrefix, userID, requestID)
+func accountSlotKey(accountID int64) string {
+	return fmt.Sprintf("%s%d", accountSlotKeyPrefix, accountID)
 }
 
-func userSlotPattern(userID int64) string {
-	return fmt.Sprintf("%s%d:*", userSlotKeyPrefix, userID)
+func userSlotKey(userID int64) string {
+	return fmt.Sprintf("%s%d", userSlotKeyPrefix, userID)
 }
 
 func waitQueueKey(userID int64) string {
 	return fmt.Sprintf("%s%d", waitQueueKeyPrefix, userID)
 }
 
+func accountWaitKey(accountID int64) string {
+	return fmt.Sprintf("%s%d", accountWaitKeyPrefix, accountID)
+}
+
 // Account slot operations
 
 func (c *concurrencyCache) AcquireAccountSlot(ctx context.Context, accountID int64, maxConcurrency int, requestID string) (bool, error) {
-	pattern := accountSlotPattern(accountID)
-	slotKey := accountSlotKey(accountID, requestID)
-
-	result, err := acquireScript.Run(ctx, c.rdb, []string{pattern, slotKey}, maxConcurrency, int(slotTTL.Seconds())).Int()
+	key := accountSlotKey(accountID)
+	// 时间戳在 Lua 脚本内使用 Redis TIME 命令获取，确保多实例时钟一致
+	result, err := acquireScript.Run(ctx, c.rdb, []string{key}, maxConcurrency, c.slotTTLSeconds, requestID).Int()
 	if err != nil {
 		return false, err
 	}
@@ -145,13 +255,14 @@ func (c *concurrencyCache) AcquireAccountSlot(ctx context.Context, accountID int
 }
 
 func (c *concurrencyCache) ReleaseAccountSlot(ctx context.Context, accountID int64, requestID string) error {
-	slotKey := accountSlotKey(accountID, requestID)
-	return c.rdb.Del(ctx, slotKey).Err()
+	key := accountSlotKey(accountID)
+	return c.rdb.ZRem(ctx, key, requestID).Err()
 }
 
 func (c *concurrencyCache) GetAccountConcurrency(ctx context.Context, accountID int64) (int, error) {
-	pattern := accountSlotPattern(accountID)
-	result, err := getCountScript.Run(ctx, c.rdb, []string{pattern}).Int()
+	key := accountSlotKey(accountID)
+	// 时间戳在 Lua 脚本内使用 Redis TIME 命令获取
+	result, err := getCountScript.Run(ctx, c.rdb, []string{key}, c.slotTTLSeconds).Int()
 	if err != nil {
 		return 0, err
 	}
@@ -161,10 +272,9 @@ func (c *concurrencyCache) GetAccountConcurrency(ctx context.Context, accountID
 // User slot operations
 
 func (c *concurrencyCache) AcquireUserSlot(ctx context.Context, userID int64, maxConcurrency int, requestID string) (bool, error) {
-	pattern := userSlotPattern(userID)
-	slotKey := userSlotKey(userID, requestID)
-
-	result, err := acquireScript.Run(ctx, c.rdb, []string{pattern, slotKey}, maxConcurrency, int(slotTTL.Seconds())).Int()
+	key := userSlotKey(userID)
+	// 时间戳在 Lua 脚本内使用 Redis TIME 命令获取，确保多实例时钟一致
+	result, err := acquireScript.Run(ctx, c.rdb, []string{key}, maxConcurrency, c.slotTTLSeconds, requestID).Int()
 	if err != nil {
 		return false, err
 	}
@@ -172,13 +282,14 @@ func (c *concurrencyCache) AcquireUserSlot(ctx context.Context, userID int64, ma
 }
 
 func (c *concurrencyCache) ReleaseUserSlot(ctx context.Context, userID int64, requestID string) error {
-	slotKey := userSlotKey(userID, requestID)
-	return c.rdb.Del(ctx, slotKey).Err()
+	key := userSlotKey(userID)
+	return c.rdb.ZRem(ctx, key, requestID).Err()
 }
 
 func (c *concurrencyCache) GetUserConcurrency(ctx context.Context, userID int64) (int, error) {
-	pattern := userSlotPattern(userID)
-	result, err := getCountScript.Run(ctx, c.rdb, []string{pattern}).Int()
+	key := userSlotKey(userID)
+	// 时间戳在 Lua 脚本内使用 Redis TIME 命令获取
+	result, err := getCountScript.Run(ctx, c.rdb, []string{key}, c.slotTTLSeconds).Int()
 	if err != nil {
 		return 0, err
 	}
@@ -189,7 +300,7 @@ func (c *concurrencyCache) GetUserConcurrency(ctx context.Context, userID int64)
 
 func (c *concurrencyCache) IncrementWaitCount(ctx context.Context, userID int64, maxWait int) (bool, error) {
 	key := waitQueueKey(userID)
-	result, err := incrementWaitScript.Run(ctx, c.rdb, []string{key}, maxWait, int(slotTTL.Seconds())).Int()
+	result, err := incrementWaitScript.Run(ctx, c.rdb, []string{key}, maxWait, c.slotTTLSeconds).Int()
 	if err != nil {
 		return false, err
 	}
@@ -201,3 +312,75 @@ func (c *concurrencyCache) DecrementWaitCount(ctx context.Context, userID int64)
 	_, err := decrementWaitScript.Run(ctx, c.rdb, []string{key}).Result()
 	return err
 }
+
+// Account wait queue operations
+
+func (c *concurrencyCache) IncrementAccountWaitCount(ctx context.Context, accountID int64, maxWait int) (bool, error) {
+	key := accountWaitKey(accountID)
+	result, err := incrementAccountWaitScript.Run(ctx, c.rdb, []string{key}, maxWait, c.waitQueueTTLSeconds).Int()
+	if err != nil {
+		return false, err
+	}
+	return result == 1, nil
+}
+
+func (c *concurrencyCache) DecrementAccountWaitCount(ctx context.Context, accountID int64) error {
+	key := accountWaitKey(accountID)
+	_, err := decrementWaitScript.Run(ctx, c.rdb, []string{key}).Result()
+	return err
+}
+
+func (c *concurrencyCache) GetAccountWaitingCount(ctx context.Context, accountID int64) (int, error) {
+	key := accountWaitKey(accountID)
+	val, err := c.rdb.Get(ctx, key).Int()
+	if err != nil && !errors.Is(err, redis.Nil) {
+		return 0, err
+	}
+	if errors.Is(err, redis.Nil) {
+		return 0, nil
+	}
+	return val, nil
+}
+
+func (c *concurrencyCache) GetAccountsLoadBatch(ctx context.Context, accounts []service.AccountWithConcurrency) (map[int64]*service.AccountLoadInfo, error) {
+	if len(accounts) == 0 {
+		return map[int64]*service.AccountLoadInfo{}, nil
+	}
+
+	args := []any{c.slotTTLSeconds}
+	for _, acc := range accounts {
+		args = append(args, acc.ID, acc.MaxConcurrency)
+	}
+
+	result, err := getAccountsLoadBatchScript.Run(ctx, c.rdb, []string{}, args...).Slice()
+	if err != nil {
+		return nil, err
+	}
+
+	loadMap := make(map[int64]*service.AccountLoadInfo)
+	for i := 0; i < len(result); i += 4 {
+		if i+3 >= len(result) {
+			break
+		}
+
+		accountID, _ := strconv.ParseInt(fmt.Sprintf("%v", result[i]), 10, 64)
+		currentConcurrency, _ := strconv.Atoi(fmt.Sprintf("%v", result[i+1]))
+		waitingCount, _ := strconv.Atoi(fmt.Sprintf("%v", result[i+2]))
+		loadRate, _ := strconv.Atoi(fmt.Sprintf("%v", result[i+3]))
+
+		loadMap[accountID] = &service.AccountLoadInfo{
+			AccountID:          accountID,
+			CurrentConcurrency: currentConcurrency,
+			WaitingCount:       waitingCount,
+			LoadRate:           loadRate,
+		}
+	}
+
+	return loadMap, nil
+}
+
+func (c *concurrencyCache) CleanupExpiredAccountSlots(ctx context.Context, accountID int64) error {
+	key := accountSlotKey(accountID)
+	_, err := cleanupExpiredSlotsScript.Run(ctx, c.rdb, []string{key}, c.slotTTLSeconds).Result()
+	return err
+}