fix: create_user_apikey use kwdownapikey for per-user existence check

2026-05-12 20:13:03 +08:00 · 2026-05-12 20:13:03 +08:00 · beaa4371d7
commit beaa4371d7
parent c96acba94f
1 changed files with 29 additions and 18 deletions
--- a/dapi/dapi.py
+++ b/dapi/dapi.py
@ -219,30 +219,41 @@ async def create_user_apikey(sor, dappid, user_id, user_orgid, **kwargs):
 		dict: {'status': 'success'|'error', 'apikey': str, 'message': str}
 	"""
 	try:
-		# 检查apikey是否已存在
+		# 检查apikey是否已存在 — 先查 kwdownapikey 确认用户级别是否存在
-		existing = await sor.R('downapikey', {
+		kw_existing = await sor.R('kwdownapikey', {
 			'dappid': dappid,
 			'duserid': user_id,
 			'dorgid': user_orgid
 		})
-		if existing:
+		if kw_existing:
-			# 验证关联的 users 记录是否仍然存在
+			# 用户已有 apikey，从 downapikey 获取
-			user_records = await sor.R('users', {'id': existing[0].userid})
+			da_existing = await sor.R('downapikey', {
-			if not user_records:
+				'dappid': dappid,
-				# downapikey 有记录但 users 表无对应用户（脏数据），清理后重新创建
+				'duserid': user_id,
-				debug(f'create_user_apikey: downapikey exists but user {existing[0].userid} not found, recreating')
+				'dorgid': user_orgid
-				await sor.D('downapikey', {'id': existing[0].id})
+			})
 			if da_existing:
 				# 验证关联的 users 记录是否仍然存在
 				user_records = await sor.R('users', {'id': da_existing[0].userid})
 				if not user_records:
 					# downapikey 有记录但 users 表无对应用户（脏数据），清理后重新创建
 					debug(f'create_user_apikey: downapikey exists but user {da_existing[0].userid} not found, recreating')
 					await sor.D('downapikey', {'id': da_existing[0].id})
 				else:
 					# 返回现有apikey
 					f = get_serverenv('password_decode')
 					apikey = f(da_existing[0].apikey)
 					return {
 						'status': 'success',
 						'apikey': apikey,
 						'user_id': user_id,
 						'message': '用户apikey已存在'
 					}
 			else:
-				# 返回现有apikey
+				# kwdownapikey 有记录但 downapikey 没有（脏数据），清理 kwdownapikey 后重新创建
-				f = get_serverenv('password_decode')
+				debug(f'create_user_apikey: kwdownapikey exists but downapikey missing, recreating')
-				apikey = f(existing[0].apikey)
+				await sor.D('kwdownapikey', {'id': kw_existing[0].id})
 				return {
 					'status': 'success',
 					'apikey': apikey,
 					'user_id': user_id,
 					'message': '用户apikey已存在'
 				}
 		# 创建新apikey
 		apikey_id = getID()